Академический Документы
Профессиональный Документы
Культура Документы
Master
The machine where you set up and maintain your NIM environment. It's also possible to
initiate installations from this machine (push mode).
Client
A target for NIM master-initiated operations such as installation, updates etc. It's also
possible to initi its own installation or update (pull mode).
Resource server
Any machine (master and or client) configured to hold a particular software resource. In
most environments, the master is also the (only) resource server.
Push mode
Initiated from the master. To be successful, the client must have AIX and tcp/ip
configured.
Pull mode
Initiated from the client. To use, you need access to the clients' SMS menu.
SPOT (Shared Product Object Tree)
A directory of code (installed filesets) that is used during client booting procedure. It's
equivalent in content to the code that resides in the /usr file system on a system running
AIX. It also contains the code needed to generate the boot images (kernels, which will be
stored in the /tftboot directory) that the client uses until it can mount the SPOT over NFS.
lpp_source
A directory similar to AIX installation CDs. It contains the Licensed Program Products
(LPPs) in Backup File Format (BFF) and RPM filesets that can be installed.
mksysb
A file containing the image of the root volume group of a machine. It's used to restore a
machine, or to install it from scratch (cloning).
bosinst_data
A flat ASCII file similar to the bosinst.data file used for restoring backup images. It
automates the installation process by providing the answers to the interactive installation
questions.
script
A file which runs after the installation on your client to perform customization such as
file system resizing, additional user creation etc.
Name conventions
lpp_source objects
lpp_5300_05_01
AIX 5.3 met Technology Level (TL) 5 Service Pack (SP) 1
spot objects
spot_5300_05_01
AIX 5.3 met Technology Level (TL) 5 Service Pack (SP) 1
mksysb generic objects
mksysb_5300_05_01 AIX 5.3 met Technology Level (TL) 5 Service Pack (SP) 1
mksysb particular objects
mksysb_lpar1_20090527 backup of lpar1 on 27 may 2009
network objects
net_10_1_0_0
net_10_246_60_00
NIM Setup
Directory structure
According to the redbook on NIM there are several options to maintain the storage
needed by NIM. Because we have a SAN which is able to increase allocated volumes and
LUNs I create a single volume and two LUNs, one for booting and one for the NIM data.
Because I have a separate LUN for NIM, it's possible to increase the filesystem when
necessary. That way, I'll always keep one filesystem and volumegroup for booting, and
one of each for the NIM data. In case you need to increase the storage space needed for
NIM data perform.
Create a special volume group to host all NIM related data and create one large
filesystem in this volume group. After creation of the filesystem create directories to store
all NIM data:
bash-3.2# lsvg -l sanvg
sanvg:
LV NAME
TYPE
LPs PPs PVs LV STATE
MOUNT POINT
loglv00
jfs2log 1
1
1 open/syncd N/A
fslv00
jfs2
796 796 1 open/syncd /nim
bash-3.2# ls -l /nim
total 0
drwxr-xr-x 2 root system
256 Jun 09 06:52 images
drwxr-xr-x 2 root system
256 Jun 09 06:49 lost+found
drwxr-xr-x 2 root system
256 Jun 09 06:52 lpp_source
drwxr-xr-x 2 root system
256 Jun 09 06:52 spot
drwxr-xr-x 2 root system
256 Jun 09 07:06 tftpboot
Note that the tftpboot directory will hold the boot images when needed for clients.
Because the number of boot images may increase with the number of operating system
levels I created a special directory on the dedicated volume group and let the directory in
root link to this directory:
ln -s /nim/tftpboot/ /tftpboot
ls -l
lrwxrwxrwx 1 root system
14 Jun 09 07:06 tftpboot -> /nim/tftpboot/
Master installation
The NIM master software was installed through smitty:
Installation Summary
-------------------Name
Level
Part
Event
Result
------------------------------------------------------------------------------bos.sysmgt.nim.master
6.1.3.0
USR
APPLY
SUCCESS
bos.sysmgt.nim.master
6.1.3.0
USR
COMMIT SUCCESS
---- end ---Now the software is installed but not yet configured/initialized. The command lsnim will
tell you by showing you no objects at all:
bash-3.2# lsnim
active
active
active
active
active
active
Daemon
Daemon
Information bootpd[430226]: RFC1048 vendor data
( bp_vend[64] )
18:34:14 Jul 01 2009
Daemon
Daemon
Information bootpd[430226]: vendor magic field is
99.130.83.99 18:34:14 Jul 01 2009
Daemon
Daemon
Information bootpd[430226]: bootfile = /tftpboot/mslpar01.company.local 18:34:14 Jul 01 2009
Daemon
Daemon
Information bootpd[430226]: found 10.10.3.9 mslpar01.company.local 18:34:14 Jul 01 2009
Daemon
Daemon
Information bootpd[430226]: request from IP addr
10.10.3.9
18:34:14 Jul 01 2009
Daemon
Daemon
Information bootpd[430226]: Received boot request.
18:34:14 Jul 01 2009
Daemon
Daemon
Information bootpd[430226]: bootptab mtime is Wed Jul
1 18:20:07 2009
18:34:14 Jul 01 2009
Daemon
Daemon
Information bootpd[430226]: Finished processing boot
request.
18:34:14 Jul 01 2009
Daemon
Daemon
Information bootpd[430226]: Gateway IP address (bp>bp_giaddr) = 10.10.3.7
18:34:14 Jul 01 2009
Daemon
Daemon
Information bootpd[430226]: Server IP address (bp>bp_siaddr) = 10.10.3.7
18:34:14 Jul 01 2009
Daemon
Daemon
Information bootpd[430226]: Client IP address (bp>bp_ciaddr) = 10.10.3.9
18:34:14 Jul 01 2009
Daemon
Daemon
Information bootpd[430226]: The following addresses
are included in the bootp reply
18:34:14 Jul 01 2009
Daemon
Daemon
Information bootpd[430226]: sending RFC1048-style
reply 18:34:14 Jul 01 2009
Daemon
Daemon
Information bootpd[430226]: RFC1048 vendor data
( bp_vend[64] )
18:34:14 Jul 01 2009
Daemon
Daemon
Information bootpd[430226]: vendor magic field is
99.130.83.99 18:34:14 Jul 01 2009
Daemon
Daemon
Information bootpd[430226]: bootfile = /tftpboot/mslpar01.company.local 18:34:14 Jul 01 2009
Daemon
Daemon
Information bootpd[430226]: found 10.10.3.9 mslpar01.company.local 18:34:14 Jul 01 2009
Daemon
Daemon
Information bootpd[430226]: request from IP addr
10.10.3.9
18:34:14 Jul 01 2009
Daemon
Daemon
Information bootpd[430226]: Received boot request.
18:34:14 Jul 01 2009
Daemon
Daemon
Information bootpd[430226]: bootptab mtime is Wed Jul
1 18:20:07 2009
TFTP Security
Because tftp uses no authentication it is important to limit the directories the service can
access, and because I have created a link from /tftpboot to /nim/tftpboot I have to add
extra directories. To do so, create the file /etc/tftpaccess.ctl and define the correct
directories:
bash-3.2# vi /etc/tftpaccess.ctl
bash-3.2# cat /etc/tftpaccess.ctl
# NIM access for network boot
allow:/tftpboot
allow:/nim/tftpboot
Test TFTP
bash-3.2# cat /tftpboot/test
bash-3.2# touch /tftpboot/test2
bash-3.2# tftp -r - 0 /tftpboot
...testtest2Received 64 bytes in 0.0 seconds
bash-3.2#
bash-3.2# tftp -o - 0 /tftpboot/ms-lpar01.company.local.info
#------------------ Network Install Manager --------------# warning - this file contains NIM configuration information
#
and should only be updated by NIM
export NIM_NAME=ms-lpar01
export NIM_HOSTNAME=ms-lpar01.company.local
export NIM_CONFIGURATION=standalone
export NIM_MASTER_HOSTNAME=ms-nim01.company.local
export NIM_MASTER_PORT=1058
export NIM_REGISTRATION_PORT=1059
export NIM_SHELL="nimsh"
export NIM_MASTERID=000153BAD400
export NIM_LICENSE_ACCEPT=yes
export RC_CONFIG=rc.bos_inst
export
NIM_BOSINST_ENV="/../SPOT/usr/lpp/bos.sysmgt/nim/methods/c_bosinst_env"
export
NIM_BOSINST_RECOVER="/../SPOT/usr/lpp/bos.sysmgt/nim/methods/c_bosinst_env
-a hostname=ms-lpar01.company.local"
export SPOT=ms-nim01.company.local:/nim/spot/spot_5300_05/usr
export NIM_CUSTOM="/../SPOT/usr/lpp/bos.sysmgt/nim/methods/c_script -a
location=ms-nim01.company.local:/export/nim/scripts/ms-lpar01.script"
export NIM_BOS_IMAGE=/SPOT
export NIM_BOS_FORMAT=spot
export NIM_HOSTS=" 127.0.0.1:loopback:localhost 10.10.3.9:ms-lpar01.company.local
10.10.3.7:ms-nim01.company.local "
export NIM_MOUNTS=" msnim01.company.local:/nim/lpp_source/lpp_5300_05:/SPOT/usr/sys/inst.images:dir "
export ROUTES=" default:0:10.10.1.2 "
Received 1283 bytes in 0.0 seconds
bash-3.2# tftp -r - 0 /etc
Error code 2: Access violation
Looks like everything works fine.
Checking an updated LPP source consists of 3 steps, first check the lpp source, then
remove duplicate packages, and then recheck the lpp source. I don't know for sure if the
checking is necessary, but it only takes a few seconds, so better safe then sorry.
bash-3.2# nim -o check lpp_5300_06_07
bash-3.2# nim -o lppmgr -a lppmgr_flags=-rbux lpp_5300_06_07
lppmgr: Source table of contents location is
/nim/lpp_source/lpp_5300_06_07/installp/ppc/.toc
lppmgr: Building table of contents in /nim/lpp_source/lpp_5300_06_07/installp/ppc ..
lppmgr: Building table of contents completed.
lppmgr: Generating list of superseded filesets..
lppmgr: Generating duplicate list..
lppmgr: Generating base level duplicate list..
Results:
======================= start list =============================
Java14.license.1.4.2.0.U
...<cut>....
sysmgtlib.framework.core.5.3.0.50.U
======================== end list ==============================
lppmgr: Building table of contents in /nim/lpp_source/lpp_5300_06_07/installp/ppc ..
lppmgr: Building table of contents completed.
rm: removing /nim/lpp_source/lpp_5300_06_07/installp/ppc/Java14.license.1.4.2.0.U
...<cut>...
rm: removing
/nim/lpp_source/lpp_5300_06_07/installp/ppc/sysmgtlib.framework.core.5.3.0.50.U
bash-3.2# nim -o check lpp_5300_06_07
bash-3.2# lsnim -l lpp_5300_06_07
lpp_5300_06_07:
class
= resources
type
= lpp_source
arch
= power
Rstate
= ready for use
prev_state = verification is being performed
location = /nim/lpp_source/lpp_5300_06_07
simages = yes
alloc_count = 0
server
= master
This is the explanation of the lppmgr_flags option:
Remove duplicate updates (-u flag).
Remove duplicate base levels (-b flag).
Eliminate update imagess which are the same level as base images of the same fileset.
Such update images can create conflicts that lead to installation failure (-u flag).
Remove message and locale filesets other than the language you specify (-k flag).
Remove superseded filesets (-x flag).
Remove non-system images from a NIM lpp_source resource (-X flag).
+-----------------------------------------------------------------------------+
BUILDDATE Verification ...
+-----------------------------------------------------------------------------+
Verifying build dates...done
FILESET STATISTICS
-----------------349 Selected to be installed, of which:
349 Passed pre-installation verification
23 Additional requisites to be automatically installed
---372 Total to be installed
...<cut>...
installp: * * * A T T E N T I O N ! ! !
Software changes processed during this session require
any diskless/dataless clients to which this SPOT is
currently allocated to be rebooted.
Checking filesets and network boot images for SPOT "spot_5300_05".
This may take several minutes ...
Check SPOT sources
bash-3.2# nim -o check spot_5300_05
Check SPOT level
As far as I know there is no strict way of determining the oslevel including the fixpack
from the SPOT resource. However, you can determine the technology level of the spot,
which you can use to search for installed filesets. This will give you an almost certainty
of which level your SPOT is made.
First check the technology level:
bash-3.2# lsnim -l spot_5300_06_07
spot_5300_06_07:
class
= resources
type
= spot
plat_defined = chrp
arch
= power
bos_license = yes
Rstate
= ready for use
prev_state = verification is being performed
location
= /nim/spot/spot_5300_06_07/usr
version
=5
release
=3
mod
=0
oslevel_r = 5300-06
alloc_count = 0
server
= master
if_supported = chrp.64 ent
if_supported = chrp.mp ent
Rstate_result = success
The oslevel_r is set to 5.3 TL 6.
Now see what packages are installed for AIX 5.3 TL6:
bash-3.2# nim -o fix_query -a fix_query_flags=-c spot_5300_06_07 | grep :=: | grep
"AIX 5300-06"
5300-06_AIX_ML:bos.rte.ILS:5.3.0.50:5.3.0.50:=:AIX 5300-06 Update
...<cut>...
5300-06_AIX_ML:devices.pci.1410e601.rte:5.3.0.50:5.3.0.50:=:AIX 5300-06 Update
...<cut>...
53-06-040748_SP:bos.rte.devices_msg:5.3.0.61:5.3.0.61:=:AIX 5300-06-04 Service Pack
...<cut>...
53-06-050806_SP:devices.pciex.14103f03.rte:5.3.0.1:5.3.0.1:=:AIX 5300-06-05 Service
Pack
...<cut>...
53-06-060811_SP:perl.rte:5.8.2.62:5.8.2.62:=:AIX 5300-06-06 Service Pack
...<cut>...
53-06-070818_SP:perl.rte:5.8.2.62:5.8.2.62:=:AIX 5300-06-07 Service Pack
As you can see, the output displays all filesets that are installed for AIX 5.3 TL 6, and
ends with the software packages from the latest fixpack.
Debug SPOT sources
In case the bootp and tftp stages work fine, but there still goes something wrong with the
installation you have two options to debug the NIM operations.
NIM 3-digit LED codes
During the NIM process it produces codes which are displayed in the LED. These codes
are (The values are presented in the order in which they are displayed in the three-digit
LED):
299 Boot image successfully received at the NIM client.
600 Starting network boot (portion of /sbin/rc.boot).
602 Configuring network parent devices.
603 Script defsys, cfgsys, or cfgbus located in /usr/lib/methods/ failed.
604 Configuring physical network boot device.
605 Configuration physical network boot device failed.
606 Running /usr/sbin/ifconfig on logical network boot devices.
607 /usr/sbin/ifconfig failed.
608 Attempting to retrieve the client.info file with tftp from the SPOT server.
609 The client.info file does not exist or could not be accessed, or it is zero length.
610 Attempting to mount a remote file system using NFS.
611 The client is unable to mount a remote file system (NIM resource) using NFS.
612 Accessing remote files. Unconfiguring network boot devices.
613 The route command failed.
614 Configuration of logical paging devices.
Update a client
To update a client from the client you have to do the following steps:
list the resources available for the client
bash-3.2# nimclient -l -L lpar01
AIX_5300_LPP
lpp_source
ITO_AIX_5300_LPP
lpp_source
__smit_bundle_368870
installp_bundle
ITO_AIX_5300_SPOT
spot
ITO_AIX_53-05-CSP_SPOT
spot
ITO_AIX_53-06-07-0818_LPP
lpp_source
ITO_AIX_53-06-07-0818_SPOT
spot
ITO_AIX_53-06-07-0818_LPP_FULL
lpp_source
ITO_AIX_53-06-07-0818_LPP_SPOT_FULL spot
AIX_5300-09_LPP_FULL
lpp_source
allocate the needed resource for the client
bash-3.2# nimclient -o allocate -a lpp_source=ITO_AIX_53-06-07-0818_LPP_FULL
check to see if the resource is indeed allocated
bash-3.2# nimclient -l -c resources lpar01
ITO_AIX_53-06-07-0818_LPP_FULL lpp_source
start the update
bash-3.2# nimclient -o cust -a lpp_source=ITO_AIX_53-06-07-0818_LPP_FULL -a
fixes=update_all
Finished processing all filesets. (Total time: 12 secs).
Installation Summary
-------------------Name
Level
Part
Event
Result
------------------------------------------------------------------------------bos.adt.libm
5.3.0.40
USR
APPLY
SUCCESS
bos.adt.libm
5.3.0.61
USR
APPLY
SUCCESS
bash-3.2# oslevel -s
5300-06-07-0818
bash-3.2#
Note: The other time I got an error regarding I had to accept a new license. Adding the
parameter -a accept_licenses=yes did the trick.
Install additional software from lpp_source
We need software that is currently not installed:
bash-3.2# lslpp -l bos.adt.base bos.adt.lib bos.adt.libm bos.perf.libperfstat
bos.perf.perfstat bos.perf.proctools xlC.aix50.rte xlC.rte
Fileset
Level State
Description
---------------------------------------------------------------------------Path: /usr/lib/objrepos
bos.adt.base
5.3.0.62 COMMITTED Base Application Development
Toolkit
bos.adt.lib
When nim is ready with creating the mksysb resource it will tell you so:
The machine will reboot now, so you have to go to the console of the lpar, because you'll
have to set the console, accept English as the installation language, and accept the default
settings:
After that the installation starts. You can monitor the installation through the console and
through the nim commandline:
bash-3.2# lsnim -l ms-lpar01
ms-lpar01:
class
= machines
type
= standalone
connect
= nimsh
platform
= chrp
netboot_kernel = mp
if1
= net_10_1_0_0 ms-lpar01 0
net_settings1 = auto auto
cable_type1 = tp
Cstate
= Base Operating System installation is being performed
prev_state = BOS installation has been enabled
Mstate
= in the process of booting
info
= BOS install 38% complete : 42% of mksysb data restored.
boot
= boot
mksysb
= soe_20090713
nim_script = nim_script
spot
= spot_5300_06_07
cpuid
= XXXXXXXXXXXX
control
= master
Cstate_result = success
This is the lpar after the installation first reboot. Network and everything is being
configured:
SUMA
SUMA Commands
I didn't test these commands myself yet. They have been used in a production
environment however, so I think you could trust them.
update suma on server to use proxy
suma -c -a HTTP_PROXY=http://proxy:3128/
suma -c -a HTTPS_PROXY=http://proxy:3128/
suma -c -a FTP_PROXY=http://proxy:3128/
download updates to lpp_source
suma -x -a Action=Clean -a RqType=TL -a RqName=5300-09 -a
DLTarget=/export/eznim/lpp_source/AIX_5300-09_LPP_FULL/
other updates MP/SP
suma -x -a Action=Preview -a RqType=SP -a RqName=5300-06-07 -a
FilterDir=/export/eznim/lpp_source/ITO_AIX_53-06-07-0818_LPP_FULL/
suma -x -a Action=Download -a RqType=ML -a RqName=5300-09 -a
DLTarget=/export/eznim/lpp_source/ITO_AIX_53-09
NIM Troubleshooting
NIM Error
0042-291 NIMkid: The NIM master is not currently allowing
registration of NIM clients. Please seek assistance from your
network install administrator.
Solution: Set the parameter in the NIM Server so clients can register themselves:
smitty nim
Perform NIM Administration Tasks
Configure NIM Environment Options
Manage Client Registration
Allow Machines to Register Themselves as Clients