wiki

User Tools

Site Tools

Trace: aix_smt aix_soft_download tsm_opcenter aix_live_update
aix:aix_live_update

This is an old revision of the document!

AIX upgrade without reboot, zero downtime (AIX Live update)

https://www.ibm.com/developerworks/community/blogs/cgaix/entry/How_to_live_update_your_AIX_system_without_rebooting_the_server?lang=en_us

ftp://public.dhe.ibm.com/systems/power/community/aix/PowerVM_webinars/94_Best_Practices_AIX_Live_Update.pdf

https://developer.ibm.com/articles/au-aix-db2-blu/

AIX live update

The Live Update feature is intended for applying interim fixes that contain kernel changes or kernel extension changes that require a reboot. The interim fix might contain other files (for example, commands and libraries), and the Live Update feature does not change anything about the way these files are applied. For example, a shared library will be modified on the file system, but any running processes continues to use the old version of the library. Therefore, applications that require a library fix must be stopped and restarted to load the new version of the library after the fix is applied. In AIX® Version 7.2 with the 7200-01 Technology Level, or later, you can use the genld -u command to list the processes that are using the old version of any shared libraries or other objects that are updated. You can use the list that is displayed from the genld -u command to identify the processes that must be stopped and restarted to load the updated objects.

Requirements:

  • minimum AIX level is 7.2 Service Pack 1
  • LPAR can be managed by either Hardware Management Console (HMC using hmcauth command) or IBM Power Virtualization Center (PowerVC using pvcauth)
  • package : bos.liveupdate, dsm.core and dsm.dsh filesets must be installed to use the Live Update feature with NIM
  • packages not supported: cas.agent (must be removed)
  • LPAR's memory have to be greater than 2 GB

Security restrictions:

  • The Live Update operation is not supported when a process is using Kerberos authentication.
  • The Live Update feature does not support PowerSC™ Trusted Logging.
  • The Live Update feature is not supported if any of the following security profiles are active: high-level security (HLS), medium-level security (MLS), Sarbanes-Oxley (SOX) - Control Objectives for Information and Related Technology (COBIT), payment card industry (PCI) (any version), database, or Department of Defense (DoD) (any version).
  • The Live Update feature is not supported when audit is enabled for a stopped workload partition (WPAR).
  • The Live Update feature does not support Public-Key Cryptography Standards # 11 (PKCS11). The security.pkcs11 fileset cannot be installed.
  • The Live Update feature is not supported when the Trusted Execution option is turned on (TE=ON) and if any update must be applied. If only interim fixes are applied and the Trusted Execution option is turned on, the following Trusted Execution options in the trustchk command are not supported:
  TEP=ON
  TLP=ON
  CHKSHLIB=ON and STOP_UNTRUSTD=ON
  TSD_FILES_LOCK=ON
  • Active WPARs must be stopped before the Live Update operation.
  • A process that has a file from the /proc file system open can cause the Live Update operation to fail.
AIX check old program in use

Which kernel nodule or old library still in use ? (only AIX 7.2 and higher) 

[root@nim]/root# oslevel -s
7200-02-02-1810
[root@nim]/root# genld -u
Proc_pid: 15466758  Proc_name: sshd

Proc_pid: 16253288  Proc_name: dsmc

Proc_pid: 16646408  Proc_name: sshd

[root@nim]/root# stopsrc -s sshd
0513-044 The sshd Subsystem was requested to stop.
[root@nim]/root# startsrc -s sshd
0513-059 The sshd Subsystem has been started. Subsystem PID is 8782122.
[root@nim]/root# genld -u
Proc_pid: 15466758  Proc_name: sshd

Proc_pid: 16253288  Proc_name: dsmc

Proc_pid: 16646408  Proc_name: sshd

[root@nim]/root# ps -ef | grep dsm
    root  6488440 15401388   1 11:51:14  pts/6  0:00 grep dsm
    root 15532328        1   0   Nov 13      - 115:39 /usr/tivoli/tsm/client/ba/bin/dsmc sched
    root 16253288 13173056   0   Oct 13  pts/0 18:11 dsmc i
[root@nim]/usr/bdl# kill 15532328
[root@nim]/usr/bdl# genld -u
Proc_pid: 15466758  Proc_name: sshd

Proc_pid: 16253288  Proc_name: dsmc

Proc_pid: 16646408  Proc_name: sshd

[root@nim]/root# ps -ef | grep 15466758
    root 13173056 15466758   0   Oct 13  pts/0  0:01 -ksh93
    root 15466758        1   0   Oct 13      -  0:00 sshd: root@pts/0
    root 17564108 15401388   1 11:52:31  pts/6  0:00 grep 15466758
[root@nim]/root# kill 15466758
[root@nim]/root# ps -ef | grep 16646408
    root 13173058 15401388   1 11:52:58  pts/6  0:00 grep 16646408
    root 16515370 16646408   0   Oct 16  pts/2  0:01 -ksh93
    root 16646408        1   0   Oct 16      -  0:00 sshd: root@pts/2
[root@nim]/root# kill 16646408
[root@nim]/root# genld -u
[root@nim]/root#
aix/aix_live_update.1647473748.txt.gz · Last modified: 2022/03/17 00:35 by manu

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: GNU Free Documentation License 1.3
GNU Free Documentation License 1.3 Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki