HP UX Patch Management manual Using Dynamic Root Disk for patch management

Page 86

9 Using Dynamic Root Disk for patch management

This chapter introduces the HP-UX Dynamic Root Disk (DRD) tool for patching HP-UX systems and reducing system downtime.

DRD provides you with the ability to clone an HP-UX system image to an inactive disk, and then:

perform system maintenance on the clone while your HP-UX 11i system is online.

automatically synchronize the active image and the clone, eliminating the need to manually update files on the clone.

quickly reboot during off-hours – after the desired changes have been made – significantly reducing system downtime.

utilize the clone for system recovery, if needed.

rehost the clone on another system for testing or provisioning – only on VMs or blades running HP-UX 11i v3 LVM, and VMs running HP-UX 11i v2 LVM.

perform an OE Update on the clone from an older version of HP-UX 11i v3 to HP-UX 11i v3 Update 4 or later.

Currently DRD is supported in the following environments:

HP-UX 11i v3 (B.11.31) September 2007 Release or later

HP-UX 11i v2 (B.11.23) September 2004 Release or later

Logical Volume Manager (LVM) 1.0

VxVM 4.1

VxVM 5.0

An extra disk beyond the requirements to run the operating system. The disk should be local or a SAN and large enough to contain the root volume group.

DRD is a set of commands with which you can clone the active system root volume group, install and manage patches (11i v2 and v3) and products (11i v3 only) on the clone, then boot the clone as the new active system.

You can use DRD to manage patches and products when the following criteria apply to your environment:

1.There is a desire to limit downtime.

2.The patches and products being installed would require a reboot anyway.

3.The system being managed is running HP-UX 11i v2 (B.11.23) September 2004 Release or later, or the HP-UX 11i v3 (B.11.31) September 2007 release or later.

4.A local or SAN disk large enough to contain the root volume group is available.

5.The root volume group can be, but does not need to be mirrored.

DRD is not useful when the following criteria apply to your environment:

1.The downtime for software maintenance is not an issue.

2.The patches and products being managed do not require a reboot, and apply to programs that can be stopped during the installation/removal of the patch.

3.The system being managed is not running HP-UX 11i v2 (B.11.23) September 2004 Release or later, or the HP-UX 11i v3 (B.11.31) September 2007 release or later.

4.An extra disk that is large enough to hold the root volume group is not available.

86 Using Dynamic Root Disk for patch management

Page 85 Page 87
Image 86
Page 85 Page 87
Contents Patch Management User Guide for HP-UX 11.x Systems Revision history Table of Contents What are standard HP-UX patch bundles? Using Dynamic Root Disk for patch management 104 107HP-UX patches and patch management Patch management strategiesHow to get patches Where to startBefore you begin Quick start guide for patching HP-UX systemsOverview Should you use standard HP-UX patch bundles?Acquiring the bundles Acquiring and installing standard HP-UX patch bundlesStandard HP-UX patch bundles Installing the bundles As root, run the createdepothp-ux11scriptAdvanced topic using Dynamic Root Disk DRD SwlistAcquiring and installing individual patches Acquiring the patchesQuick start guide for patching HP-UX systems Installing the patches Swverify -d \* @ /tmp/somepatchdirectory/depotAdvanced topic using Dynamic Root Disk DRD Patch identification HP-UX patch overviewPatch-related concepts HP-UX software structurePatch bundles Software depots and patch depotsPatch status Patch stateSwlist -l fileset -a state grep patchid StateCategory tags Which patches are on a system? Swlist -l product -a categorytag patchidExamples of the swlist command For example$ swlist -l product *,c=patch $ swlist -l product *,c=manualdependencies $ swlist -l bundle @ somesystem$ swlist -l fileset -a ancestor PHSS29183 Ancestors and supersessionAncestors $ swlist -a appliedpatches Xserver.AGRM SupersessionSwlist -a appliedpatches filesetname Swlist -l patch -x showsupersededpatches=true Showpatches -s$ swlist -l fileset -a supersedes PHSS28681 Swlist -a patchstate -x showsupersededpatches=true patchidPatch-related attributes HP-UX Patch Supersession ChainSee Category tags Corequisites and prerequisites Patch dependenciesTypes of dependencies Swlist -vl fileset -a dependencytype fileset Enforced and unenforced manual dependenciesImpact of dependencies on acquiring patches Patch commitment Patch rollback and commitmentPatch rollback HP-UX patch ratings Advanced topic patch cleanup utilityCleanup -p -c number HP patch rating Rating detailsPatch documentation Critical and noncritical patchesFinding information for a specific patch $ swlist -l product -a categorytag PHSS30011Subset of fields in patch text file and patch details Advanced topic the readme attribute Obtaining information using the ItrcPatch warnings Swlist -l product -a readme patchid moreCritical and noncritical warnings Advanced topic finding patches with warnings How to handle patch warningsQuestions to ask Backup and recovery ConsiderationsPatch management overview Patch management life cyclePatch management life cycle Patch management overview Establishing a software change management strategy Restrictive Conservative InnovativeRecommendations for software change management Operational factor and patch management strategy matrixConsideration of HP patch rating Patch management and software depotsProactive patching strategy Acquiring patches for proactive patchingReactive patching strategy Advanced topic HP-UX Software AssistantAdvanced topic security patching strategy Acquiring patches for reactive patchingTesting the patches to be installed Advanced topic scanning for security patchesStandard HP-UX patch bundles Key featuresWhat are standard HP-UX patch bundles? Obtaining standard HP-UX patch bundles Standard HP-UX patch bundle use and release datesQuick start guide for patching HP-UX systems Useful pages on the Itrc Using the IT Resource CenterObtaining an Itrc user account Find individual patchesKey features Accessing the patch database and finding an individual patchClick the add to selected patch list button Using the IT Resource Center Advanced topic checking for all patch dependencies Check for patches with dependenciesUsing the IT Resource Center Click the add to selected patch list button Support information digests Standard patch bundlesCustom patch bundles run a patch assessment Ask your peers in the forumsSearch knowledge base Using software depots for patch management Common software distributor commands for patchingDepot types Directory depotsUsing depots Tape depotsSwlist -l depot Viewing depotsChoosing depot type and depot location $ swlist -l depot @ swdepot.xyz.com $ swlist -l depotSwlist -l depot @ remotesystem Creating and adding to a directory depot Copying patches to depots Depot/patches/11.11Copying products with patch dependencies to depots Registering and unregistering directory depotsAdvanced topic HP-UX Software Assistant $ swreg -l depot /depot/patches/2003-07periodicdepot Advanced topic access control listsExamples of registering and unregistering depots $ swreg -u -l depot /depot/patches/2003-07periodicdepot$ swverify -d \* @ /mydepots/newdirectorydepot Verifying directory depotsExamples of verifying directory depots Verification succeeded Verification had errorsRemoving software from a directory depot $ swverify -d \* @ /mydepots/PHSS30278depotExecution succeeded $ swlist -l product -d @ /mydepots/patchdepot $ /usr/sbin/cleanup -d /mydepots/patchdepotAdvanced topic removing superseded patches from a depot $ swlist -l product @ /mydepots/patchdepot Installing patches from a depotRemoving a directory depot $ swreg -u -l depot /mydepots/PHCO27780depotReboots the system when required Examples of installing patches from a depot Analysis succeededAnalysis and Execution succeeded Installing products with patch dependencies from a depotCustom patch bundles Rev Bundle Description Examples of listing patches and bundlesRev Patch description Creating a custom bundle $ swlist -d @ /mydepots/temporarydepot Analysis succeeded Finally, remove the temporary depot Using HP-UX Software Assistant for patch management For more informationUsing Dynamic Root Disk for patch management Drd1m Benefits of the Patch Assessment Tool Using the Patch Assessment ToolPatch Assessment Tool Example of running the Patch Assessment Tool Select upload new system information Related information Support and other resourcesContacting HP Non-HP websites Typographic conventionsHP websites Times Patch usage models Patch usage model 1 hardware/application software change Components in test Image Then productionDRD Begi n Product needs to be certified on HP-UX 11i v2/v3 Patch usage model 3 operating environment cold install Patch usage model 3 operating environment cold install Patch usage model 4 operating environment update Patch usage model 4 operating environment update Patch usage model 5 proactive patch Create clonePatch usage model 6 reactive patch Passed? SystemGlossary AncestorIPD SWA Index Index See also HWE Index
Top Page Image Contents