test

Sun Update Connection - Automated Baseline Management Service 1.0 User's Guide

Creating and Installing the TLP Patch Sets

This section describes how to use the TLP tool. The main purpose of the TLP tool is to create patch sets for client systems. TLP creates one individual patch set, per client system. These patch sets are stored in directories, along with install and backout scripts, and other helpful files. Patch set installation is a separate task that is performed after the patch sets are created.

ProcedureHow to Create Individual TLP Patch Sets

This procedure describes how to use tlp commands to create individual patch sets.

Note –

This procedure describes how to create patch sets on demand. You might choose to set up a cron job to run this task at regularly scheduled intervals. For the best performance, value, and ease of use, TLP is configured to run weekly. Scheduling frequent TLP runs enables the tool to capture system changes and adjust patch set creation accordingly. For more information on setting up and running cron jobs, see Chapter 15, Scheduling System Tasks (Tasks), in System Administration Guide: Advanced Administration. Ensure that the TLP client also provides system information according to this schedule. See The TLP Client Run Process.

Before You Begin

Before beginning this procedure, you must have previously done the following:

Steps

  1. Log in to the system as the tlp-user.

  2. Create a patch set for all client systems.


    $ tlp main

    The tlp main command creates patch sets for all the client systems where the Explorer dumps exist.

  3. Locate the patch sets that were created for the phase, GREEN, in the directory, data/target/GREEN.

    You will now find the patch sets that were created for the phase, GREEN, in the data/target/GREEN directory. In this directory, a separate subdirectory for each client system was also created. You can adjust the allowed age of the TLP client data by modifying the explorer module in the tlp.cfg file, as shown in the following example:


    # ===================================================================
# System Info Collector which is responsible for collecting a nodes 
# sytem information
 
 <module explorer>
		# Fetches Explorer information from a directory
   Class Tlp::Collector::explorer            
 
 	# This directory contains explorer info
  	Directory $DataDirectory/explorer      
 
   # Optional: List with node names to examine. Each line
   # must be a name of a system. If this list is not provided
   # all Explorer dumps in the provided directory are examined
   # NodeList $DataDirectory/explorer/nodes.lst
 
   # Time after which an Explorer dump is regarded as obsolete.  
   # Unit can be "days", "weeks" or "months"
   # Default value are "4 Weeks"
   # MaxAge 4 weeks
 
</module>

    The TLP tool then runs an external analyzer to determine which patches are missing on a given system.

    For TLP 2.3, PatchPro is the analyzer that is used. You can choose to use another analyzer by modifying the analyzer section in the tlp.cfg file.

    Usually, all of the required patches have been installed on the TLP system with the snapshots. However, if the patches are not available, TLP attempts to download them.

  4. (Optional) To enable TLP to download patches from an external location, configure the Loader module in the tlp.cfg file.

    There are three Loader modules that you can use:

    • sunsolve

      Configure the sunsolve module to download patches directly from the SunSolve web site. Note that the user and proxy data must be entered correctly in the SunSolve module for TLP to work correctly.

    • swanloader

      Configure the swanloader module to download patches directly through a proxy server. Note that you must have an Internet connection to use this configuration value.

    • dirloader

      If you do not have access to the Internet, use the DirLoader module to load patches from a separate directory. Store missing patches in a directory that is accessible to TLP. Configure the DirLoader to find that directory.

    To use a particular Loader module, uncomment the line for that module in the tlp.cfg file, as shown in the following example:


    # Please be sure, that the sunsolve login and proxy parameters are set
# properly.if you want to enable loading of missing patches from
# SunSolve. Uncomment the Loader, you want to use.
# Loader sunsolve
# Loader swanloader
# Loader dirloader
.
.
.

    TLP then uses the DirProducer module to store the created patch sets, along with any helper files. Adjust the values in the tlp.cfg file, as appropriate.

  5. Check the results

    You will now find the created patch sets for the phase, GREEN, in the data/target/GREEN directory, where for each client system a separate subdirectory has been created. For information on how to install the patch sets on client systems, see How to Install a TLP Patch Set.

  6. To view the results and plan system updates across the data center, read the HTML reports that were automatically created below the data/target/reports/ directory.

    For information on how to interpret the HTML reports, see TLP Reporting.

    Note –

    In some cases, the TLP tool creates results that might not suit your needs. These results occur when the client systems run applications that require certain patch levels, or if third-party hardware is installed on the system. TLP cannot analyze this type of information. In these instances, you can direct the tool to add or remove patches from the patch sets. To do so, modify the results by using the whitelist and blacklist files. For more information on how to modify TLP results by using whitelists and blacklists, see How to Customize Whitelists and Blacklists.

Example 2–6 Creating a Patch Set

This example shows the output for a single system. The TLP tool completes this process on all client systems for which it finds up-to-date system information.


$ ./tlp main

  TLP - Creating Patch Set
  ------------------------
  
  --- GREEN:2003-05-27:edkclu0  ------------------------------
     * Tlp::Analyzer::PatchPro
       >........>.>>>.>.....>..>.>>...>>>>.>.>...>.>>
     * Tlp::Resolver::PatchDiag
     + Parsing cross-reference
  100% [===========================================]
     * Tlp::Producer::DirProducer (data/target/2003-05-27/edkclu0)
     + Checking patches
       .-.............-......-...
     + 108528-20 ... loading
     + Checking SunSolve CHECKSUM
     + Reloading CHECKSUMS: old size = 802973
     + Loading CHECKSUMS (803750 bytes)
  100% [===========================================]
     * Tlp::Loader::SunSolve
     + Loading 108528-23.zip (27076411 bytes)
  100% [===========================================]
     + Extracting ...
     + 108727-24 ... loading
     * Tlp::Loader::SunSolve
     + Loading 108727-25.zip (375168 bytes)
  100% [===========================================]
     + Extracting ...
     + 108974-28 ... loading
     * Tlp::Loader::SunSolve
     + Loading 108974-33.zip (615134 bytes)
  100% [===========================================]
     + Extracting ...
     + Copying patches
  100% [===========================================]
     + Creating support files

ProcedureHow to Install a TLP Patch Set

TLP creates patch sets for each client system. The tool provides a variety of helper files for easy installation of the patch sets. This task describes how to install the patch sets that were created by the TLP tool. Repeat this procedure for each client system within your data center. If you choose to, you can first install the patch set on a test system to ensure that no problems are encountered.

Note –

The TLP tool does not install or distribute patch sets. The TLP tool performs the task of patch set creation. Patch set installation occurs after the patch sets have been created.

Before You Begin

Before you begin the installation:

Steps

  1. Log in to the system as superuser and reboot the system to single-user mode


    # boot -s

  2. Change to the directory where the patch sets are stored. See How to Create Individual TLP Patch Sets.


    # cd patch-set-directory

  3. Carefully check the Special_Install_Instructions.txt file.

    # more Special_Install_Instructions.txt

  4. Install the patches.


    # ./install_all_patches [-R /RootDir]

    You can use the -R option if you want to use an alternate boot environment, for example, Solaris Live Upgrade.

    Note –

    Use the following command if you want to remove the patches that you installed and return the system to its previous state.


    # ./backout_all_patches [-R /RootDir]

  5. Install firmware and OpenBoot PROM patches.

    Firmware and OpenBoot PROM patches require manual installation. If TLP detects any missing firmware or OpenBoot PROM patches, it stores the patches in the firmware+flashprom subdirectory. (If this directory does not exist, it is an indication that no firmware or OpenBoot PROM patches were missing from the patch set.) To install these patches, carefully follow the instructions that are located in the README files.

  6. Reboot the system.

Example 2–7 Installing a Patch Set

This example shows a patch set installation. For the sake of brevity, this example has been truncated.


root@system1# pwd
.../Patchcluster/Server/system1
root@system1# ls
112807-13                         README                            install_all_patches
113244-06                         Special_Install_Instructions.txt  pack_patches
113318-14                         Synopsis.txt                      patch_order
113798-02                         SystemCheck.txt
117171-17                         backout_all_patches
root@system1# ./install_all_patches -R /ABE
Patch cluster install script for PMGT: TLP-Set for
node system11, phase GREEN, snapshot 2005-01-25

!!! Please read first this Special Install Instructions !!!

[Please hit return to continue]
#################################################################
SECTION: PATCHSET INFOS
#################################################################

Host       : system11
OS-Version : SunOS 5.9
tlp			:	tlp.809be70b.system1-2005.03.05.01.03

#################################################################
SECTION: SPECIAL INSTALL INSTRUCTIONS:
#################################################################


112807-13: CDE 1.5: dtlogin patch
=========
NOTE 1:
If the system that this patch is being applied to is a SunRay server, then
a reboot is required after the patch has been installed.
 
NOTE 2:
To get the fix for any bug which affects /usr/dt/bin/dtlogin, all dtlogin
processes including the parent dtlogin process must be stopped and restarted.
On a SunRay server, the recommended procedure is to reboot the server.
For all other workstations or servers, execute the following command as root:
 
/usr/dt/config/dtlogin.rc stop
sleep 60
/usr/dt/config/dtlogin.rc start
.
.
.
Are you ready to continue with install? [y/n]: y
Determining if sufficient save space exists...
Sufficient save space exists, continuing...
Installing patches located in /tlp/system1/Patchcluster/Server/system1
Using patch_order file for patch installation sequence
Installing 112807-13...
Installing 113244-06...
Installing 113318-14...
Installing 113798-02...
Installing 117171-17...

For more installation messages refer to the installation logfile:
  /ABE/var/sadm/install_data/PMGT:_TLP-Set_for_node_system1,_phase_GREEN,
_snapshot_2005-01-25_log

Use '/usr/bin/showrev -p' or '/usr/sbin/patchadd -p' to verify
installed patch-ids.
Refer to individual patch README files for more patch detail.
Rebooting the system is usually necessary after installation.

!!! Please read the logfile for any required action before rebooting !!!

[Please hit return to continue]


*** Install PMGT: TLP-Set for node system1, 
phase GREEN, snapshot 2005-01-25 begins Mar  7 2005 22:10:46 ***
*** PATCHDIR = /tlp/system1/Patchcluster/Server/system1 ***
*** SNAPSHOT = EIS-CD  ***

Installing 112807-13...

Checking installed patches...
Verifying sufficient filesystem capacity (dry run method)...
Installing patch packages...

Patch number 112807-13 has been successfully installed.
See /ABE/var/sadm/patch/112807-13/log for details

Patch packages installed:
  SUNWdtdte
.
.
.
Patch packages installed:
  FJSVhea
  SUNWcar
  SUNWcarx
  SUNWcpc
  SUNWcpcx
  SUNWcsr
  SUNWcsu
  SUNWcsxu
  SUNWhea



*** Install PMGT: TLP-Set for node system1, phase GREEN,
snapshot 2005-01-25 finished at Mar  7 2005 22:20:22 ***


Run CST app_event

DONE
root@system1#