In my previous post on AIX Live Updates I discussed how to use the geninstall command to perform a non-disruptive (ifix) update on an AIX system. In this post I wanted to show you how to perform the same task using NIM.
NIM can be used to start an AIX Live Update operation on a target machine (NIM client) either from a NIM master or from the NIM client itself (with nimclient).
Note: The AIX Live Update operation started by NIM calls the hmcauth command during the cust operation to authenticate to the NIM client with the HMC by using the HMC passwd file. The NIM master is responsible for obtaining password information from the HMC (using ssh). Without it, NIM clients will not have the password information necessary when running hmcauth as part of the NIM client operation. So, we must first define an hmc object in NIM and create the password file (used when accessing the console.) Once this required step has been completed, all clients using NIM live_update have the ability to pass the proper hmc login credentials when configuring 'hmcauth'.
First, I need to install the dsm.core fileset and configure SSH keys between the NIM master and the HMC.
# lslpp -l dsm.core
Fileset Level State Description
----------------------------------------------------------------------------
Path: /usr/lib/objrepos
dsm.core 7.2.0.0 COMMITTED Distributed Systems Management
Core
# dpasswd -f /etc/ibm/sysmgt/dsm/config/my_password_file -U hscroot
# dkeyexch -f /etc/ibm/sysmgt/dsm/config/my_password_file -I hmc -H hsc02
Then define a HMC and Managed System NIM object on the NIM master.
# nim -o define -t hmc -a if1="find_net hsc02 0" -a passwd_file=/etc/ibm/sysmgt/dsm/config/my_password_file hsc02
# nim -o define -t cec -a hw_type=8286 -a hw_model=42A -a hw_serial=214F58V -a mgmt_source=hsc02 S824
The NIM client must either be defined with or updated to include the Managed System name (Management Source) and LPAR id number.
# smit nim_chmac
Change/Show Characteristics of a Machine
Type or select values in entry fields.
Press Enter AFTER making all desired changes.
[Entry Fields]
Machine Name [AIXmig]
* Hardware Platform Type [chrp] +
* Kernel to use for Network Boot [64] +
Machine Type standalone
Network Install Machine State currently running
Network Install Control State ready for a NIM operation
Primary Network Install Interface
Network Name net1
Host Name [AIXmig]
Network Adapter Hardware Address [0]
Network Adapter Logical Device Name [ent]
Cable Type N/A +
Network Speed Setting [] +
Network Duplex Setting [] +
IPL ROM Emulation Device [] +/
VLAN Tag Priority (0 to 7) [] #
VLAN Tag Identifier (0 to 4094) [] #
CPU Id [00F94F584C00]
Communication Protocol used by client [nimsh] +
NFS Client Reserved Ports [] +
Comments []
Managing System Information
LPAR Options
Identity [88]
Management Source [S824]
# lsnim -l AIXmig
AIXmig:
class = machines
type = standalone
connect = nimsh
platform = chrp
netboot_kernel = 64
if1 = net1 AIXmig 0
cable_type1 = N/A
mgmt_profile1 = hsc02 88 S824 <<< LPARD id 88, Mgmt Src S824
Cstate = ready for a NIM operation
prev_state = ready for a NIM operation
Mstate = currently running
cpuid = 00F94F584C00
Cstate_result = success
I also need to configure an lpp_source for the ifix location (on the NIM master) and the Live Update data file (on the NIM master). This file can reside on the NIM client if you wish but I’ve chosen to manage all the resources on the NIM master.
# lsnim -t lpp_source
lpp_sourceaix72 resources lpp_source
liveupdatefix resources lpp_source
# lsnim -l liveupdatefix
liveupdatefix:
class = resources
type = lpp_source
arch = power
Rstate = ready for use
prev_state = unavailable for use
location = /nim/lvup/ifix
alloc_count = 0
server = master
# ls -ltr /nim/lvup/ifix
total 72
-rw-r----- 1 root system 35625 Oct 15 14:50 dummy.150813.epkg.Z
# lsnim -t live_update_data
liveupdate_AIXmig resources live_update_data
# lsnim -l liveupdate_AIXmig
liveupdate_AIXmig:
class = resources
type = live_update_data
Rstate = ready for use
prev_state = unavailable for use
location = /nim/lvup/lvupdate.data
alloc_count = 0
server = master
# ls -ltr /nim/lvup/
total 16
drwxr-xr-x 2 root system 256 Oct 15 14:54 ifix
-r--r----- 1 root system 4289 Oct 15 15:04 lvupdate.data
# tail -20 /nim/lvup/lvupdate.data
# Users need not provide redundant options such as "-a -U -C and -o"
# in the trc_option field for trace stanza.
# Do not add a trace stanza to the lvupdate.data file unless you
# want the live update commands to be traced.
#
general:
mode = automated
kext_check = no
disks:
nhdisk = hdisk0
mhdisk = hdisk1
tohdisk =
tshdisk =
hmc:
lpar_id = 88
management_console = 10.1.50.30
user = hscroot
Now I can perform a preview of the live update operation, from the NIM master. The preview operation will be run on the NIM client called AIXmig.
# nim -o cust -a live_update=yes -a live_update_data=liveupdate_AIXmig -a installp_flags="-p" -a lpp_source=liveupdatefix -a filesets=dummy.150813.epkg.Z AIXmig
Computing the estimated time for the live update operation:
-------------------------------------------------------
LPAR: AIXmig
Mode: F
Blackout_time(s): 72
Global_time(s): 595
Checking mirror vg device size:
------------------------------------------
Required device size: 7504 MB
Given device size: 10239 MB
PASSED: device size is sufficient.
Checking new root vg device size:
------------------------------------------
Required device size: 7504 MB
Given device size: 10239 MB
PASSED: device size is sufficient.
Checking temporary paging space device size:
------------------------------------------
Required device size: 512 MB
Checking temporary dump device size:
------------------------------------------
Required device size: 100 MB
Validating the adapters and their paths:
------------------------------------------
PASSED: adapters can be divided into two sets so that each has paths to all disks.
Checking other requirements:
------------------------------------------
PASSED: sufficient space available in /var.
PASSED: sufficient space available in /.
PASSED: no existing altinst_rootvg.
PASSED: rootvg is not part of a snapshot.
PASSED: pkcs11 is not installed.
PASSED: rootvg is not part of a snapshot.
PASSED: The trustchk Trusted Execution Policy is not on.
PASSED: The trustchk Trusted Library Policy is not on.
PASSED: The trustchk TSD_FILES_LOCK policy is not on.
PASSED: the boot disk is set to the current rootvg.
PASSED: the mirrorvg name is available.
PASSED: the rootvg is uniformly mirrored.
PASSED: the rootvg does not have the maximum number of mirror copies.
PASSED: the rootvg does not have stale logical volumes.
PASSED: all of the mounted file systems are of a supported type.
PASSED: this AIX instance is not diskless.
PASSED: no Kerberos configured for NFS mounts.
PASSED: multibos environment not present.
PASSED: Trusted Computing Base not defined.
PASSED: no local tape devices found.
PASSED: live update not executed from console.
PASSED: the execution environment is valid.
PASSED: enough available space for /var to dump Component Trace buffers.
PASSED: enough available space for /var to dump Light weight memory Trace buffers.
PASSED: all devices are virtual devices.
PASSED: No active workload partition found.
PASSED: nfs configuration supported.
PASSED: HMC token is present.
PASSED: HMC token is valid.
PASSED: HMC requests successful.
PASSED: Provided LPAR ID is available.
PASSED: A virtual slot is available.
PASSED: RSCT daemons are active.
PASSED: no Kerberos configuration.
PASSED: lpar is not remote restart capable.
PASSED: no virtual log device configured.
PASSED: lpar is using dedicated memory.
PASSED: the disk configuration is supported.
PASSED: no Generic Routing Encapsulation (GRE) tunnel configured.
PASSED: Firmware level is supported.
PASSED: vNIC resources available.
PASSED: Consolidated system trace buffers size is within the limit of 64 MB.
INFO: Any system dumps present in the current dump logical volumes will not be available after live update is complete.
Validating live update input data.
With the preview looking good, I can perform the actual update, again starting it from the NIM master.
# nim -o cust -a live_update=yes -a live_update_data=liveupdate_AIXmig -a lpp_source=liveupdatefix -a filesets=dummy.150813.epkg.Z AIXmig
Computing the estimated time for the live update operation:
-------------------------------------------------------
LPAR: AIXmig
Mode: F
Blackout_time(s): 72
Global_time(s): 644
Checking mirror vg device size:
------------------------------------------
Required device size: 7504 MB
Given device size: 10239 MB
PASSED: device size is sufficient.
Checking new root vg device size:
------------------------------------------
Required device size: 7504 MB
Given device size: 10239 MB
PASSED: device size is sufficient.
Checking temporary paging space device size:
------------------------------------------
Required device size: 512 MB
Checking temporary dump device size:
------------------------------------------
Required device size: 100 MB
Validating the adapters and their paths:
------------------------------------------
PASSED: adapters can be divided into two sets so that each has paths to all disks.
Checking other requirements:
------------------------------------------
PASSED: sufficient space available in /var.
PASSED: sufficient space available in /.
PASSED: no existing altinst_rootvg.
PASSED: rootvg is not part of a snapshot.
PASSED: pkcs11 is not installed.
PASSED: rootvg is not part of a snapshot.
PASSED: The trustchk Trusted Execution Policy is not on.
PASSED: The trustchk Trusted Library Policy is not on.
PASSED: The trustchk TSD_FILES_LOCK policy is not on.
PASSED: the boot disk is set to the current rootvg.
PASSED: the mirrorvg name is available.
PASSED: the rootvg is uniformly mirrored.
PASSED: the rootvg does not have the maximum number of mirror copies.
PASSED: the rootvg does not have stale logical volumes.
PASSED: all of the mounted file systems are of a supported type.
PASSED: this AIX instance is not diskless.
PASSED: no Kerberos configured for NFS mounts.
PASSED: multibos environment not present.
PASSED: Trusted Computing Base not defined.
PASSED: no local tape devices found.
PASSED: live update not executed from console.
PASSED: the execution environment is valid.
PASSED: enough available space for /var to dump Component Trace buffers.
PASSED: enough available space for /var to dump Light weight memory Trace buffer
PASSED: all devices are virtual devices.
PASSED: No active workload partition found.
PASSED: nfs configuration supported.
PASSED: HMC token is present.
PASSED: HMC token is valid.
PASSED: HMC requests successful.
PASSED: Provided LPAR ID is available.
PASSED: A virtual slot is available.
PASSED: RSCT daemons are active.
PASSED: no Kerberos configuration.
PASSED: lpar is not remote restart capable.
PASSED: no virtual log device configured.
PASSED: lpar is using dedicated memory.
PASSED: the disk configuration is supported.
PASSED: no Generic Routing Encapsulation (GRE) tunnel configured.
PASSED: Firmware level is supported.
PASSED: vNIC resources available.
PASSED: Consolidated system trace buffers size is within the limit of 64 MB.
INFO: Any system dumps present in the current dump logical volumes will not be a
Validating live update input data.
Non-interruptable live update operation begins in 10 seconds.
....................................
Initializing live update on original LPAR.
Validating original LPAR environment.
Beginning live update operation on original LPAR.
Requesting resources required for live update.
............
Notifying applications of impending live update.
Creating rootvg for boot of surrogate.
................................................................
Starting the surrogate LPAR.
........................................
Creating mirror of original LPAR's rootvg.
................................................
Moving workload to surrogate LPAR.
....
Blackout Time started.
................................................................................................................................
Blackout Time end.
Workload is running on surrogate LPAR.
....................................
Shutting down the Original LPAR.
................
The live update operation succeeded.
If you want, you could initiate the live update from the NIM client using the nimclient command. All the resources reside on the NIM master, but the NIM client starts the operation, not the NIM master.
# nimclient -o cust -a live_update=yes -a lpp_source=liveupdatefix -a live_update_data=liveupdate_AIXmig -a installp_flags="-p" -a filesets=dummy.150813.epkg.Z