Automate patch download & deployment


 
Thread Tools Search this Thread
Operating Systems AIX Automate patch download & deployment
# 1  
Old 06-17-2015
Automate patch download & deployment

Hi all,

I am exploring how I can automate the download and patching of my AIX servers via a central management mechanism.

I will need to patch all my servers annually to a certain pre-determined Service Pack (SP) level.

So far I performed some online search and found 2 products that might be able to do this. IBM Endpoint Manager and BMC Server Automation.

Does anyone have experience with either of the products? What are the pros & cons? Also, are there any other products out there that can do the same?
# 2  
Old 06-17-2015
Thanks for the question.

I regret I have a few in response first.
  • What sort of environment do you have in play? Is it just 2-3 servers or many?
  • Do you have a NIM server (or more)
# 3  
Old 06-17-2015
Check out the AIX command suma....

suma
This User Gave Thanks to dukessd For This Post:
# 4  
Old 06-18-2015
Quote:
Originally Posted by rbatte1
Thanks for the question.

I regret I have a few in response first.
  • What sort of environment do you have in play? Is it just 2-3 servers or many?
  • Do you have a NIM server (or more)
Hi,

We have 30 - 50 LPARs.
All Service Packs are copied & patched manually.

At the moment no NIM & SUMA server yet.
Question is, is IBM endpoint manager utilizing the underlying SUMA and NIM functions to download and install patches?
# 5  
Old 06-18-2015
IBM endpoint manager uses NIM so you'll need a NIM server as well.
The IBM endpoint manager documentation includes building the NIM server.
You'll want a NIM server anyway for an estate like that, you might even want two depending on how many physical systems you have.
They can be built on a small LPAR or often people use an old, small, dedicated system.
# 6  
Old 06-18-2015
Quote:
Originally Posted by dukessd
IBM endpoint manager uses NIM so you'll need a NIM server as well.
The IBM endpoint manager documentation includes building the NIM server.
You'll want a NIM server anyway for an estate like that, you might even want two depending on how many physical systems you have.
They can be built on a small LPAR or often people use an old, small, dedicated system.
Hi Dukessd,

Thank you for the reply.

For this case can I assume the NIM+Endpoint acts like a satellite server?

Seems like product from lumension (Patch and Remediation) can do similar stuff.

Are there any other products out there? I am tasked to do an evaluation on the various products.
# 7  
Old 06-19-2015
Quote:
Originally Posted by pawpaw
For this case can I assume the NIM+Endpoint acts like a satellite server?
If you define "acts like" losely enough: yes.

Quote:
Originally Posted by pawpaw
Seems like product from lumension (Patch and Remediation) can do similar stuff.

Are there any other products out there? I am tasked to do an evaluation on the various products.
With 30-50 LPARs, like you said above, you should definitely have a NIM-Server anyways. NIM-Servers are not only helpful in software deployment but also for configuration management, installation of new systems, systems backup, system recovery and the like.

The big exception being a heavily firewalled environment: this is where NIM servers really suck, because they need an awful lot of ports and most firewall people are reluctant to tear so many big holes into their firewall. I remember working once in a shop where you couldn't even "ping" the default gateway. One needed to get special permission to even use ping to test the failover node on a cluster. NIM was not used there.

If you do not have such a paranoid environment (and, frankly, i do not wish anybody to undergo such a torture) i strongly suggest to set up a NIM server and make all your LPARs NIM clients. It is quite easy to do, a matter of maybe 3-4 hours, all in all, to set up the basic structures and the resources needed most.

I hope this helps.

bakunin

Last edited by bakunin; 06-19-2015 at 08:20 AM..
Login or Register to Ask a Question

Previous Thread | Next Thread

8 More Discussions You Might Find Interesting

1. Solaris

Solaris 10 download & md5sum

Hi, I download Full DVD Image (zip): Oracle Solaris 10 (SPARC) (2,079,737,380 bytes) (md5sum: 3a24f5746ebab5f254c359f979e644f7) I have also downloaded md5sum.exe from the following site bt.etree.org | Community Tracker when i run the md5sum it show, D:\Solaris... (6 Replies)
Discussion started by: beginningDBA
6 Replies

2. Shell Programming and Scripting

Application Deployment Script

Hi, I need to develop a script which will deploy my web application binary(.war) file in the jboss application server. I also need to take the back up of the existing binary file and rename the same with current date and then deploy the new binary from my specified location. The same... (1 Reply)
Discussion started by: Siddheshk
1 Replies

3. Shell Programming and Scripting

Download AT&T ksh88 ?

Hello, I need ksh88 for my linux system - and I don't want pdksh. Possible to get original ksh 88 binaries or source ? (I don't need ksh93 which is available) thanks Vilius (1 Reply)
Discussion started by: vilius
1 Replies

4. UNIX for Dummies Questions & Answers

Download & install JDK 1.6

Hi.. I want to download & install JDK 1.6 for linux so please help me where i can downlod it free Regards Rinku Garg (1 Reply)
Discussion started by: rinkugarg
1 Replies

5. Solaris

problem installing "download only" patch

Hi guys, can you help me solve this trouble? TNX! root@TRaNCe(/var/sadm/spool) # patchadd /var/sadm/spool/121431-36.jar Validating patches... Loading patches installed on the system... Done! Loading patches requested to install. Done! Checking patches that you specified for... (2 Replies)
Discussion started by: static
2 Replies

6. UNIX for Dummies Questions & Answers

What UNIX is best for an all-in-one-server deployment

Heya, my university department wants to deploy a UNIX based system instead of various unnetokred windows PCs. We are trying to build a terminal server solution on either FreeBSD,Solaris or Debian Linux. The system would mostly run office applications on X11 and file sharing (with Samba). In... (4 Replies)
Discussion started by: masterfreek64
4 Replies

7. Solaris

Download patch cluster

Does anyone have an alternate site to download J2SE Solaris Recommended Patch Cluster for Solaris 8. Sun does not let me download the patches unless I have a support contract. I do not. Our software is legal, but our support contract wore out. I need this patchset to avoid downloading 30... (6 Replies)
Discussion started by: hshapiro
6 Replies

8. IP Networking

Patch-o-matic (patch for iptable) for linux2.4.08 & iptable1.2.7a

Hello friends I'm running Redhat 9.0 with linux kernel 2.4.20-8 & have iptables version 1.2.7a & encountering a problem that I narrate down. I need to apply patch to my iptable and netfilter for connection tracking and load balancing that are available in patch-o-matic distribution by netfilter.... (0 Replies)
Discussion started by: Rakesh Ranjan
0 Replies
Login or Register to Ask a Question