Difference between revisions of "Patching with Live Upgrade"
From Peter Pap's Technowiki
(Created page with "So you have a critical system that needs patching, but you can't risk killing the box. Solaris uses "Live Upgrade" as a tool for altering a system, while maintaining the ability...") |
|||
| Line 1: | Line 1: | ||
So you have a critical system that needs patching, but you can't risk killing the box. Solaris uses "Live Upgrade" as a tool for altering a system, while maintaining the ability to rollback the change. This is ideal for patching a system, especially kernel patches and the like, as it means that you can apply you patches, try them out and rollback if it's failed. The method I describe here, assumes that the boot disks are mirrored. You can still use Live Upgrade in a non-mirrored environment, but I'm not going in to that here. | So you have a critical system that needs patching, but you can't risk killing the box. Solaris uses "Live Upgrade" as a tool for altering a system, while maintaining the ability to rollback the change. This is ideal for patching a system, especially kernel patches and the like, as it means that you can apply you patches, try them out and rollback if it's failed. The method I describe here, assumes that the boot disks are mirrored. You can still use Live Upgrade in a non-mirrored environment, but I'm not going in to that here. | ||
| + | |||
| + | SO in this example, the OS is partitioned as follows: | ||
| + | |||
| + | [root@testboxen]$ df -h | ||
| + | Filesystem size used avail capacity Mounted on | ||
| + | /dev/md/dsk/d0 3.9G 395M 3.5G 10% / | ||
| + | /dev/md/dsk/d40 3.9G 1.4G 2.5G 36% /usr | ||
| + | /dev/md/dsk/d20 7.9G 51M 7.8G 1% /var | ||
| + | /dev/md/dsk/d30 3.9G 351M 3.6G 9% /opt | ||
| + | |||
| + | Obviously d0, d20, d30 and d40 are all mirrored meta devices. d10, is also a meta device, for swap. It is not relevant here. These meta devices are set up as follows with the sub-mirrors: | ||
| + | |||
| + | d0 : d1 and d2 | ||
| + | d20 : d21 and d22 | ||
| + | d30 : d31 and d32 | ||
| + | d40 : d41 and d42 | ||
| + | |||
| + | |||
| + | |||
| + | == Preparation == | ||
| + | |||
| + | So to use live upgrade, you first need to make sure that the necessary packages are installed and up to date. | ||
| + | |||
| + | 1. Download and install the latest version of patch utilities patch 119254 (64 or higher) from sunsolve.sun.com | ||
| + | |||
| + | unzip 119254-66.zip | ||
| + | patchadd -M . 119254-66 | ||
| + | |||
| + | 2. Download and install the latest version of pax patch 128330 from sunsolve.sun.com | ||
| + | |||
| + | unzip 128330-02.zip | ||
| + | patchadd -M . 128330-02 | ||
| + | |||
| + | 3. Install the Live Upgrade packages if they don't already exist, from the Solaris install cd | ||
| + | |||
| + | cd PATH_TO_CDROM/Solaris_10/Tools/Installers/ | ||
| + | ./liveupgrade20 -noconsole - nodisplay | ||
| + | |||
| + | 4. Check the installation worked | ||
| + | |||
| + | pkgchk -v SUNWlucfg SUNWlur SUNWluu | ||
| + | |||
| + | Once, you've got the necessary packages installed, you can proceed with the Live Upgrade. | ||
| + | |||
| + | |||
| + | == Live Upgrade == | ||
| + | |||
| + | 1. Create the base and the new boot environments. This will break the mirror!!!! | ||
| + | |||
| + | lucreate -c base -m /:/dev/md/dsk/d2:ufs,detach \ | ||
| + | -m /var:/dev/md/dsk/d22:ufs,detach \ | ||
| + | -m /opt:/dev/md/dsk/d32:ufs,detach \ | ||
| + | -m /usr:/dev/md/dsk/d42:ufs,detach \ | ||
| + | -n after_patch | ||
| + | |||
| + | The output will look like this: | ||
| + | |||
| + | Discovering physical storage devices | ||
| + | Discovering logical storage devices | ||
| + | Cross referencing storage devices with boot environment configurations | ||
| + | Determining types of file systems supported | ||
| + | Validating file system requests | ||
| + | Preparing logical storage devices | ||
| + | Preparing physical storage devices | ||
| + | Configuring physical storage devices | ||
| + | Configuring logical storage devices | ||
| + | Analyzing system configuration. | ||
| + | No name for current boot environment. | ||
| + | Current boot environment is named <base>. | ||
| + | Creating initial configuration for primary boot environment <base>. | ||
| + | WARNING: The device </dev/md/dsk/d0> for the root file system mount point </> is not a physical device. | ||
| + | WARNING: The system boot prom identifies the physical device </dev/dsk/c0t0d0s0> as the system boot device. | ||
| + | Is the physical device </dev/dsk/c0t0d0s0> the boot device for the logical device </dev/md/dsk/d0>? (yes or no) '''yes''' | ||
| + | INFORMATION: Assuming the boot device </dev/dsk/c0t0d0s0> obtained from the system boot prom is the physical boot device for logical device </dev/md/dsk/d0>. | ||
| + | The device </dev/dsk/c0t0d0s0> is not a root device for any boot environment; cannot get BE ID. | ||
| + | PBE configuration successful: PBE name <base> PBE Boot Device </dev/dsk/c0t0d0s0>. | ||
| + | Comparing source boot environment <base> file systems with the file | ||
| + | system(s) you specified for the new boot environment. Determining which | ||
| + | file systems should be in the new boot environment. | ||
| + | Updating boot environment description database on all BEs. | ||
| + | Searching /dev for possible boot environment filesystem devices | ||
| + | |||
| + | Updating system configuration files. | ||
| + | The device </dev/dsk/c0t1d0s0> is not a root device for any boot environment; cannot get BE ID. | ||
| + | Creating configuration for boot environment <after_patch>. | ||
| + | Source boot environment is <base>. | ||
| + | Creating boot environment <after_patch>. | ||
| + | Creating file systems on boot environment <after_patch>. | ||
| + | Creating <ufs> file system for </> in zone <global> on </dev/md/dsk/d2>. | ||
| + | Creating <ufs> file system for </opt> in zone <global> on </dev/md/dsk/d32>. | ||
| + | Creating <ufs> file system for </usr> in zone <global> on </dev/md/dsk/d42>. | ||
| + | Creating <ufs> file system for </var> in zone <global> on </dev/md/dsk/d22>. | ||
| + | Mounting file systems for boot environment <after_patch>. | ||
| + | Calculating required sizes of file systems for boot environment <after_patch>. | ||
| + | Populating file systems on boot environment <after_patch>. | ||
| + | Checking selection integrity. | ||
| + | Integrity check OK. | ||
| + | Populating contents of mount point </>. | ||
| + | Populating contents of mount point </opt>. | ||
| + | Populating contents of mount point </usr>. | ||
| + | Populating contents of mount point </var>. | ||
| + | Copying. | ||
| + | |||
| + | |||
| + | |||
| + | Check that it worked with the lustatus command: | ||
| + | |||
| + | |||
| + | 2. luactivate after_patch | ||
| + | |||
| + | 4. shutdown -g 0 -i 6 -y | ||
| + | |||
| + | 5. Patch the box with the latest patch cluster and reboot. If all is OK, repeat steps 3 and 4 and then go to step 6. | ||
| + | |||
| + | 6. If you're happy that the machine is happy, then delete the old boot environment | ||
| + | |||
| + | ludelete before_patch | ||
Revision as of 03:56, 26 November 2010
So you have a critical system that needs patching, but you can't risk killing the box. Solaris uses "Live Upgrade" as a tool for altering a system, while maintaining the ability to rollback the change. This is ideal for patching a system, especially kernel patches and the like, as it means that you can apply you patches, try them out and rollback if it's failed. The method I describe here, assumes that the boot disks are mirrored. You can still use Live Upgrade in a non-mirrored environment, but I'm not going in to that here.
SO in this example, the OS is partitioned as follows:
[root@testboxen]$ df -h Filesystem size used avail capacity Mounted on /dev/md/dsk/d0 3.9G 395M 3.5G 10% / /dev/md/dsk/d40 3.9G 1.4G 2.5G 36% /usr /dev/md/dsk/d20 7.9G 51M 7.8G 1% /var /dev/md/dsk/d30 3.9G 351M 3.6G 9% /opt
Obviously d0, d20, d30 and d40 are all mirrored meta devices. d10, is also a meta device, for swap. It is not relevant here. These meta devices are set up as follows with the sub-mirrors:
d0 : d1 and d2 d20 : d21 and d22 d30 : d31 and d32 d40 : d41 and d42
Preparation
So to use live upgrade, you first need to make sure that the necessary packages are installed and up to date.
1. Download and install the latest version of patch utilities patch 119254 (64 or higher) from sunsolve.sun.com
unzip 119254-66.zip patchadd -M . 119254-66
2. Download and install the latest version of pax patch 128330 from sunsolve.sun.com
unzip 128330-02.zip patchadd -M . 128330-02
3. Install the Live Upgrade packages if they don't already exist, from the Solaris install cd
cd PATH_TO_CDROM/Solaris_10/Tools/Installers/ ./liveupgrade20 -noconsole - nodisplay
4. Check the installation worked
pkgchk -v SUNWlucfg SUNWlur SUNWluu
Once, you've got the necessary packages installed, you can proceed with the Live Upgrade.
Live Upgrade
1. Create the base and the new boot environments. This will break the mirror!!!!
lucreate -c base -m /:/dev/md/dsk/d2:ufs,detach \
-m /var:/dev/md/dsk/d22:ufs,detach \
-m /opt:/dev/md/dsk/d32:ufs,detach \
-m /usr:/dev/md/dsk/d42:ufs,detach \
-n after_patch
The output will look like this:
Discovering physical storage devices Discovering logical storage devices Cross referencing storage devices with boot environment configurations Determining types of file systems supported Validating file system requests Preparing logical storage devices Preparing physical storage devices Configuring physical storage devices Configuring logical storage devices Analyzing system configuration. No name for current boot environment. Current boot environment is named <base>. Creating initial configuration for primary boot environment <base>. WARNING: The device </dev/md/dsk/d0> for the root file system mount point </> is not a physical device. WARNING: The system boot prom identifies the physical device </dev/dsk/c0t0d0s0> as the system boot device. Is the physical device </dev/dsk/c0t0d0s0> the boot device for the logical device </dev/md/dsk/d0>? (yes or no) yes INFORMATION: Assuming the boot device </dev/dsk/c0t0d0s0> obtained from the system boot prom is the physical boot device for logical device </dev/md/dsk/d0>. The device </dev/dsk/c0t0d0s0> is not a root device for any boot environment; cannot get BE ID. PBE configuration successful: PBE name <base> PBE Boot Device </dev/dsk/c0t0d0s0>. Comparing source boot environment <base> file systems with the file system(s) you specified for the new boot environment. Determining which file systems should be in the new boot environment. Updating boot environment description database on all BEs. Searching /dev for possible boot environment filesystem devices Updating system configuration files. The device </dev/dsk/c0t1d0s0> is not a root device for any boot environment; cannot get BE ID. Creating configuration for boot environment <after_patch>. Source boot environment is <base>. Creating boot environment <after_patch>. Creating file systems on boot environment <after_patch>. Creating <ufs> file system for </> in zone <global> on </dev/md/dsk/d2>. Creating <ufs> file system for </opt> in zone <global> on </dev/md/dsk/d32>. Creating <ufs> file system for </usr> in zone <global> on </dev/md/dsk/d42>. Creating <ufs> file system for </var> in zone <global> on </dev/md/dsk/d22>. Mounting file systems for boot environment <after_patch>. Calculating required sizes of file systems for boot environment <after_patch>. Populating file systems on boot environment <after_patch>. Checking selection integrity. Integrity check OK. Populating contents of mount point </>. Populating contents of mount point </opt>. Populating contents of mount point </usr>. Populating contents of mount point </var>. Copying.
Check that it worked with the lustatus command:
2. luactivate after_patch
4. shutdown -g 0 -i 6 -y
5. Patch the box with the latest patch cluster and reboot. If all is OK, repeat steps 3 and 4 and then go to step 6.
6. If you're happy that the machine is happy, then delete the old boot environment
ludelete before_patch
