Patching with Live Upgrade

From Peter Pap's Technowiki
Revision as of 03:56, 26 November 2010 by Ppapa (talk | contribs)

Jump to: navigation, search

So you have a critical system that needs patching, but you can't risk killing the box. Solaris uses "Live Upgrade" as a tool for altering a system, while maintaining the ability to rollback the change. This is ideal for patching a system, especially kernel patches and the like, as it means that you can apply you patches, try them out and rollback if it's failed. The method I describe here, assumes that the boot disks are mirrored. You can still use Live Upgrade in a non-mirrored environment, but I'm not going in to that here.

SO in this example, the OS is partitioned as follows:

  [root@testboxen]$ df -h
  Filesystem             size   used  avail capacity  Mounted on
  /dev/md/dsk/d0         3.9G   395M   3.5G    10%    /
  /dev/md/dsk/d40        3.9G   1.4G   2.5G    36%    /usr
  /dev/md/dsk/d20        7.9G    51M   7.8G     1%    /var
  /dev/md/dsk/d30        3.9G   351M   3.6G     9%    /opt

Obviously d0, d20, d30 and d40 are all mirrored meta devices. d10, is also a meta device, for swap. It is not relevant here. These meta devices are set up as follows with the sub-mirrors:

  d0  : d1  and d2
  d20 : d21 and d22
  d30 : d31 and d32
  d40 : d41 and d42


Preparation

So to use live upgrade, you first need to make sure that the necessary packages are installed and up to date.

1. Download and install the latest version of patch utilities patch 119254 (64 or higher) from sunsolve.sun.com

  unzip 119254-66.zip
  patchadd -M . 119254-66

2. Download and install the latest version of pax patch 128330 from sunsolve.sun.com

  unzip 128330-02.zip
  patchadd -M . 128330-02

3. Install the Live Upgrade packages if they don't already exist, from the Solaris install cd

  cd PATH_TO_CDROM/Solaris_10/Tools/Installers/
  ./liveupgrade20 -noconsole - nodisplay

4. Check the installation worked

  pkgchk -v SUNWlucfg SUNWlur SUNWluu

Once, you've got the necessary packages installed, you can proceed with the Live Upgrade.


Live Upgrade

1. Create the base and the new boot environments. This will break the mirror!!!!

       lucreate -c base -m /:/dev/md/dsk/d2:ufs,detach \
       -m /var:/dev/md/dsk/d22:ufs,detach \
       -m /opt:/dev/md/dsk/d32:ufs,detach \
       -m /usr:/dev/md/dsk/d42:ufs,detach \
       -n after_patch

The output will look like this:

  Discovering physical storage devices
  Discovering logical storage devices
  Cross referencing storage devices with boot environment configurations
  Determining types of file systems supported
  Validating file system requests
  Preparing logical storage devices
  Preparing physical storage devices
  Configuring physical storage devices
  Configuring logical storage devices
  Analyzing system configuration.
  No name for current boot environment.
  Current boot environment is named <base>.
  Creating initial configuration for primary boot environment <base>.
  WARNING: The device </dev/md/dsk/d0> for the root file system mount point </> is not a physical device.
  WARNING: The system boot prom identifies the physical device </dev/dsk/c0t0d0s0> as the system boot device.
  Is the physical device </dev/dsk/c0t0d0s0> the boot device for the logical device </dev/md/dsk/d0>? (yes or no) yes
  INFORMATION: Assuming the boot device </dev/dsk/c0t0d0s0> obtained from the system boot prom is the physical boot device for logical device </dev/md/dsk/d0>.
  The device </dev/dsk/c0t0d0s0> is not a root device for any boot environment; cannot get BE ID.
  PBE configuration successful: PBE name <base> PBE Boot Device </dev/dsk/c0t0d0s0>.
  Comparing source boot environment <base> file systems with the file 
  system(s) you specified for the new boot environment. Determining which 
  file systems should be in the new boot environment.
  Updating boot environment description database on all BEs.
  Searching /dev for possible boot environment filesystem devices
  
  Updating system configuration files.
  The device </dev/dsk/c0t1d0s0> is not a root device for any boot environment; cannot get BE ID.
  Creating configuration for boot environment <after_patch>.
  Source boot environment is <base>.
  Creating boot environment <after_patch>.
  Creating file systems on boot environment <after_patch>.
  Creating <ufs> file system for </> in zone <global> on </dev/md/dsk/d2>.
  Creating <ufs> file system for </opt> in zone <global> on </dev/md/dsk/d32>.
  Creating <ufs> file system for </usr> in zone <global> on </dev/md/dsk/d42>.
  Creating <ufs> file system for </var> in zone <global> on </dev/md/dsk/d22>.
  Mounting file systems for boot environment <after_patch>.
  Calculating required sizes of file systems              for boot environment <after_patch>.
  Populating file systems on boot environment <after_patch>.
  Checking selection integrity.
  Integrity check OK.
  Populating contents of mount point </>.
  Populating contents of mount point </opt>.
  Populating contents of mount point </usr>.
  Populating contents of mount point </var>.
  Copying.


Check that it worked with the lustatus command:


2. luactivate after_patch

4. shutdown -g 0 -i 6 -y

5. Patch the box with the latest patch cluster and reboot. If all is OK, repeat steps 3 and 4 and then go to step 6.

6. If you're happy that the machine is happy, then delete the old boot environment

  ludelete before_patch