NIM terminology

Master
The machine where you set up and maintain your NIM environment. It's also possible to
initiate installations from this machine (push mode).
Client
A target for NIM master-initiated operations such as installation, updates etc. It's also
possible to initi its own installation or update (pull mode).
Resource server
Any machine (master and or client) configured to hold a particular software resource. In
most environments, the master is also the (only) resource server.
Push mode
Initiated from the master. To be successful, the client must have AIX and tcp/ip
configured.
Pull mode
Initiated from the client. To use, you need access to the clients' SMS menu.
SPOT (Shared Product Object Tree)
A directory of code (installed filesets) that is used during client booting procedure. It's
equivalent in content to the code that resides in the /usr file system on a system running
AIX. It also contains the code needed to generate the boot images (kernels, which will be
stored in the /tftboot directory) that the client uses until it can mount the SPOT over NFS.
lpp_source
A directory similar to AIX installation CDs. It contains the Licensed Program Products
(LPPs) in Backup File Format (BFF) and RPM filesets that can be installed.
mksysb
A file containing the image of the root volume group of a machine. It's used to restore a
machine, or to install it from scratch (cloning).
bosinst_data
A flat ASCII file similar to the bosinst.data file used for restoring backup images. It
automates the installation process by providing the answers to the interactive installation
questions.
script
A file which runs after the installation on your client to perform customization such as
file system resizing, additional user creation etc.
Name conventions
lpp_source objects
lpp_5300_05_01
AIX 5.3 met Technology Level (TL) 5 Service Pack (SP) 1
spot objects
spot_5300_05_01
AIX 5.3 met Technology Level (TL) 5 Service Pack (SP) 1
mksysb generic objects
mksysb_5300_05_01 AIX 5.3 met Technology Level (TL) 5 Service Pack (SP) 1
mksysb particular objects
mksysb_lpar1_20090527 backup of lpar1 on 27 may 2009
network objects
net_10_1_0_0
net_10_246_60_00

NIM Setup
Directory structure
According to the redbook on NIM there are several options to maintain the storage
needed by NIM. Because we have a SAN which is able to increase allocated volumes and
LUNs I create a single volume and two LUNs, one for booting and one for the NIM data.
Because I have a separate LUN for NIM, it's possible to increase the filesystem when
necessary. That way, I'll always keep one filesystem and volumegroup for booting, and
one of each for the NIM data. In case you need to increase the storage space needed for
NIM data perform.
Create a special volume group to host all NIM related data and create one large
filesystem in this volume group. After creation of the filesystem create directories to store
all NIM data:
bash-3.2# lsvg -l sanvg
sanvg:
LV NAME
TYPE
LPs PPs PVs LV STATE
MOUNT POINT
loglv00
jfs2log 1
1
1 open/syncd N/A
fslv00
jfs2
796 796 1 open/syncd /nim
bash-3.2# ls -l /nim
total 0
drwxr-xr-x 2 root system
256 Jun 09 06:52 images
drwxr-xr-x 2 root system
256 Jun 09 06:49 lost+found
drwxr-xr-x 2 root system
256 Jun 09 06:52 lpp_source
drwxr-xr-x 2 root system
256 Jun 09 06:52 spot
drwxr-xr-x 2 root system
256 Jun 09 07:06 tftpboot
Note that the tftpboot directory will hold the boot images when needed for clients.
Because the number of boot images may increase with the number of operating system
levels I created a special directory on the dedicated volume group and let the directory in
root link to this directory:
ln -s /nim/tftpboot/ /tftpboot
ls -l
lrwxrwxrwx 1 root system
14 Jun 09 07:06 tftpboot -> /nim/tftpboot/
Master installation
The NIM master software was installed through smitty:
Installation Summary
-------------------Name
Level
Part
Event
Result
------------------------------------------------------------------------------bos.sysmgt.nim.master
6.1.3.0
USR
APPLY
SUCCESS
bos.sysmgt.nim.master
6.1.3.0
USR
COMMIT SUCCESS
---- end ---Now the software is installed but not yet configured/initialized. The command lsnim will
tell you by showing you no objects at all:
bash-3.2# lsnim

0042-011 lsnim: unable to access the /etc/niminfo file

NIM Master Initialization
Note: Before starting the initialization, make sure the NIM master can be resolved with
the nameserver, for the A-record, as well as for the reverse record.
NIM initialization is done through the nimconfig command:
bash-3.2# nimconfig -a netname=net_10_1_0_0 -a pif_name=en0 -a netboot_kernel=mp
-a cable_type=tp -a client_reg=no
0513-071 The nimesis Subsystem has been added.
0513-071 The nimd Subsystem has been added.
0513-059 The nimesis Subsystem has been started. Subsystem PID is 274446.
bash-3.2# lsnim
master
machines
master
boot
resources
boot
nim_script
resources
nim_script
net_10_1_0_0 networks
ent
bash-3.2# lsnim -l master
master:
class
= machines
type
= master
max_nimesis_threads = 20
comments
= machine which controls the NIM environment
client_reg
= no
platform
= chrp
netboot_kernel
= mp
if1
= net_10_1_0_0 ms-nim01.company.local 001A6444B9C8
cable_type1
= tp
Cstate
= ready for a NIM operation
prev_state
=
Mstate
= currently running
serves
= boot
serves
= nim_script
master_port
= 1058
registration_port = 1059
reserved
= yes
bash-3.2# lsnim -l boot
boot:
class
= resources
type
= boot
comments = represents the network boot resource
Rstate
= ready for use
location = /tftpboot
alloc_count = 0
server
= master
reserved = yes

bash-3.2# lsnim -l nim_script

nim_script:
class
= resources
type
= nim_script
comments = directory containing customization scripts created by NIM
Rstate
= ready for use
location = /export/nim/scripts
alloc_count = 0
server
= master
reserved = yes
bash-3.2# lsnim -l net_10_10_0_0
net_10_1_0_0:
class
= networks
type
= ent
Nstate = ready for use
prev_state = information is missing from this object's definition
net_addr = 10.10.0.0
snm
= 255.255.0.0
routing1 = default 10.10.1.2
And by checking the /etc/niminfo file:
bash-3.2# cat /etc/niminfo
# nimconfig
export NIM_NAME=master
export NIM_CONFIGURATION=master
export NIM_MASTER_PORT=1058
export NIM_REGISTRATION_PORT=1059
export NIM_MASTER_HOSTNAME=ms-nim01.company.local
Verify other services
The NIM master uses the bootpd and tftpd services. Check if they're already running:
bash-3.2# lssrc -ls inetd
Subsystem
Group
PID
Status
inetd
tcpip
135338
active
exec
/usr/sbin/rexecd
rexecd
active
login
/usr/sbin/rlogind
rlogind
active
shell
/usr/sbin/rshd
rshd
active
telnet
/usr/sbin/telnetd
telnetd -a
active
ftp
/usr/sbin/ftpd
ftpd
active
In case they're not (as shown in the example) edit the /etc/inetd.conf file to uncomment
the corresponding lines:
bootps dgram udp wait root /usr/sbin/bootpd
bootpd /etc/bootptab
tftp dgram udp6 SRC nobody /usr/sbin/tftpd
tftpd -n
And refresh the inetd daemon:
bash-3.2# refresh -s inetd
0513-095 The request for subsystem refresh was completed successfully.

And check to see if the services are running now:

bash-3.2# lssrc -ls inetd
Subsystem
Group
PID
Status
inetd
tcpip
135338
active
tftp
/usr/sbin/tftpd
tftpd -n
active
bootps
/usr/sbin/bootpd
bootpd /etc/bootptab
exec
/usr/sbin/rexecd
rexecd
login
/usr/sbin/rlogind
rlogind
shell
/usr/sbin/rshd
rshd
telnet
/usr/sbin/telnetd
telnetd -a
ftp
/usr/sbin/ftpd
ftpd
As you can see, they are running now.

active

active
active
active
active
active

TFTP and BOOTP debugging

To enable debugging for tftp and bootp edit the inetd.conf again and change the bootp
and tftp lines according to these:
bootps dgram udp wait root /usr/sbin/bootpd
bootpd -d -d -d /etc/bootptab
tftp dgram udp6 SRC nobody /usr/sbin/tftpd
tftpd -nvi
and restart the inetd daemon:
bash-3.2# refresh -s inetd
0513-095 The request for subsystem refresh was completed successfully.
In case you have enabled syslogging you'll now see the messages in your syslog:
Daemon
Daemon
Information bootpd[430226]: exiting after 15 minutes of
inactivity
18:49:14 Jul 01 2009
Daemon
Daemon
Information tftpd[286866]: [0000010b] EZZ7046I :
Status Transaction completed successfully 18:35:04 Jul 01 2009
Daemon
Daemon
Information tftpd[286866]: [0000010b] EZZ7029I :
Status Read request for 10.10.3.9: /tftpboot/ms-lpar01.company.local
18:34:14 Jul
01 2009
Daemon
Daemon
Information tftpd[286866]: [0000010b] EZZ7044I :
10.10.3.9 RRQ <file=Received , mode=/tftpboot/ms-lpar01.company.local, recognized
options: octet>
18:34:14 Jul 01 2009
Daemon
Daemon
Information bootpd[430226]: Finished processing boot
request.
18:34:14 Jul 01 2009
Daemon
Daemon
Information bootpd[430226]: Gateway IP address (bp>bp_giaddr) = 10.10.3.7
18:34:14 Jul 01 2009
Daemon
Daemon
Information bootpd[430226]: Server IP address (bp>bp_siaddr) = 10.10.3.7
18:34:14 Jul 01 2009
Daemon
Daemon
Information bootpd[430226]: Client IP address (bp>bp_ciaddr) = 10.10.3.9
18:34:14 Jul 01 2009
Daemon
Daemon
Information bootpd[430226]: The following addresses
are included in the bootp reply
18:34:14 Jul 01 2009
Daemon
Daemon
Information bootpd[430226]: sending RFC1048-style
reply 18:34:14 Jul 01 2009

Daemon
Daemon
Information bootpd[430226]: RFC1048 vendor data
( bp_vend[64] )
18:34:14 Jul 01 2009
Daemon
Daemon
Information bootpd[430226]: vendor magic field is
99.130.83.99 18:34:14 Jul 01 2009
Daemon
Daemon
Information bootpd[430226]: bootfile = /tftpboot/mslpar01.company.local 18:34:14 Jul 01 2009
Daemon
Daemon
Information bootpd[430226]: found 10.10.3.9 mslpar01.company.local 18:34:14 Jul 01 2009
Daemon
Daemon
Information bootpd[430226]: request from IP addr
10.10.3.9
18:34:14 Jul 01 2009
Daemon
Daemon
Information bootpd[430226]: Received boot request.
18:34:14 Jul 01 2009
Daemon
Daemon
Information bootpd[430226]: bootptab mtime is Wed Jul
1 18:20:07 2009
18:34:14 Jul 01 2009
Daemon
Daemon
Information bootpd[430226]: Finished processing boot
request.
18:34:14 Jul 01 2009
Daemon
Daemon
Information bootpd[430226]: Gateway IP address (bp>bp_giaddr) = 10.10.3.7
18:34:14 Jul 01 2009
Daemon
Daemon
Information bootpd[430226]: Server IP address (bp>bp_siaddr) = 10.10.3.7
18:34:14 Jul 01 2009
Daemon
Daemon
Information bootpd[430226]: Client IP address (bp>bp_ciaddr) = 10.10.3.9
18:34:14 Jul 01 2009
Daemon
Daemon
Information bootpd[430226]: The following addresses
are included in the bootp reply
18:34:14 Jul 01 2009
Daemon
Daemon
Information bootpd[430226]: sending RFC1048-style
reply 18:34:14 Jul 01 2009
Daemon
Daemon
Information bootpd[430226]: RFC1048 vendor data
( bp_vend[64] )
18:34:14 Jul 01 2009
Daemon
Daemon
Information bootpd[430226]: vendor magic field is
99.130.83.99 18:34:14 Jul 01 2009
Daemon
Daemon
Information bootpd[430226]: bootfile = /tftpboot/mslpar01.company.local 18:34:14 Jul 01 2009
Daemon
Daemon
Information bootpd[430226]: found 10.10.3.9 mslpar01.company.local 18:34:14 Jul 01 2009
Daemon
Daemon
Information bootpd[430226]: request from IP addr
10.10.3.9
18:34:14 Jul 01 2009
Daemon
Daemon
Information bootpd[430226]: Received boot request.
18:34:14 Jul 01 2009
Daemon
Daemon
Information bootpd[430226]: bootptab mtime is Wed Jul
1 18:20:07 2009
TFTP Security
Because tftp uses no authentication it is important to limit the directories the service can
access, and because I have created a link from /tftpboot to /nim/tftpboot I have to add
extra directories. To do so, create the file /etc/tftpaccess.ctl and define the correct
directories:

bash-3.2# vi /etc/tftpaccess.ctl
bash-3.2# cat /etc/tftpaccess.ctl
# NIM access for network boot
allow:/tftpboot
allow:/nim/tftpboot
Test TFTP
bash-3.2# cat /tftpboot/test
bash-3.2# touch /tftpboot/test2
bash-3.2# tftp -r - 0 /tftpboot
...testtest2Received 64 bytes in 0.0 seconds
bash-3.2#
bash-3.2# tftp -o - 0 /tftpboot/ms-lpar01.company.local.info
#------------------ Network Install Manager --------------# warning - this file contains NIM configuration information
#
and should only be updated by NIM
export NIM_NAME=ms-lpar01
export NIM_HOSTNAME=ms-lpar01.company.local
export NIM_CONFIGURATION=standalone
export NIM_MASTER_HOSTNAME=ms-nim01.company.local
export NIM_MASTER_PORT=1058
export NIM_REGISTRATION_PORT=1059
export NIM_SHELL="nimsh"
export NIM_MASTERID=000153BAD400
export NIM_LICENSE_ACCEPT=yes
export RC_CONFIG=rc.bos_inst
export
NIM_BOSINST_ENV="/../SPOT/usr/lpp/bos.sysmgt/nim/methods/c_bosinst_env"
export
NIM_BOSINST_RECOVER="/../SPOT/usr/lpp/bos.sysmgt/nim/methods/c_bosinst_env
-a hostname=ms-lpar01.company.local"
export SPOT=ms-nim01.company.local:/nim/spot/spot_5300_05/usr
export NIM_CUSTOM="/../SPOT/usr/lpp/bos.sysmgt/nim/methods/c_script -a
location=ms-nim01.company.local:/export/nim/scripts/ms-lpar01.script"
export NIM_BOS_IMAGE=/SPOT
export NIM_BOS_FORMAT=spot
export NIM_HOSTS=" 127.0.0.1:loopback:localhost 10.10.3.9:ms-lpar01.company.local
10.10.3.7:ms-nim01.company.local "
export NIM_MOUNTS=" msnim01.company.local:/nim/lpp_source/lpp_5300_05:/SPOT/usr/sys/inst.images:dir "
export ROUTES=" default:0:10.10.1.2 "
Received 1283 bytes in 0.0 seconds
bash-3.2# tftp -r - 0 /etc
Error code 2: Access violation
Looks like everything works fine.

Define lpp and spot resources

Define lpp source AIX 6.1 SP 1
Define lpp source for AIX 6.1 SP 01, with the CD-rom as source:
bash-3.2# nim -o define -t lpp_source -a server=master -a
location=/nim/lpp_source/lpp_6100_00_01 -a source=/dev/cd0 lpp_6100_00_01
Preparing to copy install images (this will take several minutes)...
/nim/lpp_source/lpp_6100_00_01/RPMS/ppc/cdrecord-1.9-7.aix5.2.ppc.rpm
...<cut>...
/nim/lpp_source/lpp_6100_00_01/installp/ppc/X11.loc.BE_BY.6.1.0.0.I
Now checking for missing install images...
All required install images have been found. This lpp_source is now ready.
warning: 0042-265 c_mk_lpp_source: The image source "/dev/cd0" that was used to
define the lpp_source is missing one or more of the following from the list of default
packages:
wio.common
wio.fcp
As you can see, there are two 'default' packages missing:
wio.common
wio.fcp
Both are used for workload partition, which I'm not running so I don't need them, which
means I can ignore this.
Complete software from all CDs
When you create a LPP source you create one by default with only the most used filesets.
If you want all software to be in the LPP_source you can add all sources like this:
Keep cd1 in the drive and:
smitty nim
And select the input device (/dev/cd0)
Select the software packages to add and press ENTER (ALL)
It will first ask for the first CD to copy the missing filesets, and after that it will ask for
all cds:
bffcreate: Please insert volume 2 into device /dev/cd0 and press Enter
to continue or enter "q" to quit.
Define lpp_source AIX 5L 5.3 TL 5
Define lpp source for AIX 5.3 TL 05, with a directory as source:
bash-3.2# nim -o define -t lpp_source -a server=master -a
location=/nim/lpp_source/lpp5300_05 -a source=/tmp/5300-05/cd1/ lpp_5300_05
Preparing to copy install images (this will take several minutes)...
/nim/lpp_source/lpp5300_05/RPMS/ppc/cdrecord-1.9-7.aix5.2.ppc.rpm
...<cut>...
/nim/lpp_source/lpp5300_05/installp/ppc/bos.adt.5.3.0.0.I

Now checking for missing install images...

All required install images have been found. This lpp_source is now ready.
warning: 0042-265 c_mk_lpp_source: The image source "/tmp/5300-05/cd1/" that was
used to define the lpp_source is missing one or more of the following from the list of
default packages:
bos.swma
csm.msg.en_US
ifor_ls.html.en_US
rsct.msg.en_US
bash-3.2# lsnim
master
machines
master
boot
resources
boot
nim_script
resources
nim_script
net_10_1_0_0 networks
ent
lpp_5300
resources
lpp_source
lpp_5300_05
resources
lpp_source
Again, there are packages missing which I don't need.
Update LPP Source
First copy an existing LPP source
bash-3.2# cd /nim/lpp_source/
bash-3.2# ls
lpp_5300_05 lpp_6100_00_01
bash-3.2# cp -r lpp_5300_05/ lpp_5300_06_07
bash-3.2# ls
lpp_5300-06-07 lpp_5300_05 lpp_6100_00_01
Define the LPP source
bash-3.2# nim -o define -t lpp_source -a server=master -a
location=/nim/lpp_source/lpp_5300_06_07 lpp_5300_06_07
Preparing to copy install images (this will take several minutes)...
Now checking for missing install images...
All required install images have been found. This lpp_source is now ready.
Update the LPP source with a downloaded TL/SP
bash-3.2# nim -o update -a packages=all -a source=/nim/installsources/5300-06-07/
lpp_5300_06_07
/nim/lpp_source/lpp_5300_06_07/installp/ppc/bos.rte.install.5.3.0.67.U
...<cut>...
/nim/lpp_source/lpp_5300_06_07/installp/ppc/bos.loc.pc.Lv_LV.5.3.0.10.U
bash-3.2#
Check the updated LPP source

Checking an updated LPP source consists of 3 steps, first check the lpp source, then
remove duplicate packages, and then recheck the lpp source. I don't know for sure if the
checking is necessary, but it only takes a few seconds, so better safe then sorry.
bash-3.2# nim -o check lpp_5300_06_07
bash-3.2# nim -o lppmgr -a lppmgr_flags=-rbux lpp_5300_06_07
lppmgr: Source table of contents location is
/nim/lpp_source/lpp_5300_06_07/installp/ppc/.toc
lppmgr: Building table of contents in /nim/lpp_source/lpp_5300_06_07/installp/ppc ..
lppmgr: Building table of contents completed.
lppmgr: Generating list of superseded filesets..
lppmgr: Generating duplicate list..
lppmgr: Generating base level duplicate list..
Results:
======================= start list =============================
Java14.license.1.4.2.0.U
...<cut>....
sysmgtlib.framework.core.5.3.0.50.U
======================== end list ==============================
lppmgr: Building table of contents in /nim/lpp_source/lpp_5300_06_07/installp/ppc ..
lppmgr: Building table of contents completed.
rm: removing /nim/lpp_source/lpp_5300_06_07/installp/ppc/Java14.license.1.4.2.0.U
...<cut>...
rm: removing
/nim/lpp_source/lpp_5300_06_07/installp/ppc/sysmgtlib.framework.core.5.3.0.50.U
bash-3.2# nim -o check lpp_5300_06_07
bash-3.2# lsnim -l lpp_5300_06_07
lpp_5300_06_07:
class
= resources
type
= lpp_source
arch
= power
Rstate
= ready for use
prev_state = verification is being performed
location = /nim/lpp_source/lpp_5300_06_07
simages = yes
alloc_count = 0
server
= master
This is the explanation of the lppmgr_flags option:
Remove duplicate updates (-u flag).
Remove duplicate base levels (-b flag).
Eliminate update imagess which are the same level as base images of the same fileset.
Such update images can create conflicts that lead to installation failure (-u flag).
Remove message and locale filesets other than the language you specify (-k flag).
Remove superseded filesets (-x flag).
Remove non-system images from a NIM lpp_source resource (-X flag).

Check content LPP_Source

Check to see what packages on what level are installed in a particular lpp_source:
bash-3.2# nim -o showres lpp_5300_06_07 | grep xlC
xlC.aix50.rte
6.0.0.13
I N usr
xlC.cpp
6.0.0.0
I N usr
xlC.msg.en_US.cpp
6.0.0.0
I N usr
xlC.rte
6.0.0.0
I N usr
Define SPOT sources
If you want to work with different kind of versions you have to create a non-/usr SPOT. It
is recommended to use a NIM lpp_source to create it from. Note that you don't need to
provide the name of the directory for the location, it will automatically create a directory
by the name of the SPOT object.
bash-3.2# nim -o define -t spot -a server=master -a location=/nim/spot/ -a
source=lpp_6100_00_01 -a installp_flags=-aQg spot_6100_00_01
Creating SPOT in "/nim/spot/" on machine "master" from "lpp_6100_00_01" ...
Restoring files from BOS image. This may take several minutes ...
Installing filesets ...
...<cut>...
Be sure to check the output from the SPOT installation to verify that all the expected
software was successfully installed. You can use the NIM "showlog" operation to
view the installation log file for the SPOT.
+-----------------------------------------------------------------------------+
Pre-installation Verification...
+-----------------------------------------------------------------------------+
Verifying selections...done
Verifying requisites...done
Results...
SUCCESSES
--------Filesets listed in this section passed pre-installation verification
and will be installed.
Selected Filesets
----------------bos.64bit 6.1.0.1
bos.diag.com 6.1.0.0
bos.diag.rte 6.1.0.0
...<cut>...

# Base Operating System 64 bit...

# Common Hardware Diagnostics
# Hardware Diagnostics

+-----------------------------------------------------------------------------+
BUILDDATE Verification ...
+-----------------------------------------------------------------------------+
Verifying build dates...done
FILESET STATISTICS
-----------------349 Selected to be installed, of which:
349 Passed pre-installation verification
23 Additional requisites to be automatically installed
---372 Total to be installed
...<cut>...
installp: * * * A T T E N T I O N ! ! !
Software changes processed during this session require
any diskless/dataless clients to which this SPOT is
currently allocated to be rebooted.
Checking filesets and network boot images for SPOT "spot_5300_05".
This may take several minutes ...
Check SPOT sources
bash-3.2# nim -o check spot_5300_05
Check SPOT level
As far as I know there is no strict way of determining the oslevel including the fixpack
from the SPOT resource. However, you can determine the technology level of the spot,
which you can use to search for installed filesets. This will give you an almost certainty
of which level your SPOT is made.
First check the technology level:
bash-3.2# lsnim -l spot_5300_06_07
spot_5300_06_07:
class
= resources
type
= spot
plat_defined = chrp
arch
= power
bos_license = yes
Rstate
= ready for use
prev_state = verification is being performed
location
= /nim/spot/spot_5300_06_07/usr
version
=5
release
=3
mod
=0
oslevel_r = 5300-06
alloc_count = 0

server
= master
if_supported = chrp.64 ent
if_supported = chrp.mp ent
Rstate_result = success
The oslevel_r is set to 5.3 TL 6.
Now see what packages are installed for AIX 5.3 TL6:
bash-3.2# nim -o fix_query -a fix_query_flags=-c spot_5300_06_07 | grep :=: | grep
"AIX 5300-06"
5300-06_AIX_ML:bos.rte.ILS:5.3.0.50:5.3.0.50:=:AIX 5300-06 Update
...<cut>...
5300-06_AIX_ML:devices.pci.1410e601.rte:5.3.0.50:5.3.0.50:=:AIX 5300-06 Update
...<cut>...
53-06-040748_SP:bos.rte.devices_msg:5.3.0.61:5.3.0.61:=:AIX 5300-06-04 Service Pack
...<cut>...
53-06-050806_SP:devices.pciex.14103f03.rte:5.3.0.1:5.3.0.1:=:AIX 5300-06-05 Service
Pack
...<cut>...
53-06-060811_SP:perl.rte:5.8.2.62:5.8.2.62:=:AIX 5300-06-06 Service Pack
...<cut>...
53-06-070818_SP:perl.rte:5.8.2.62:5.8.2.62:=:AIX 5300-06-07 Service Pack
As you can see, the output displays all filesets that are installed for AIX 5.3 TL 6, and
ends with the software packages from the latest fixpack.
Debug SPOT sources
In case the bootp and tftp stages work fine, but there still goes something wrong with the
installation you have two options to debug the NIM operations.
NIM 3-digit LED codes
During the NIM process it produces codes which are displayed in the LED. These codes
are (The values are presented in the order in which they are displayed in the three-digit
LED):
299 Boot image successfully received at the NIM client.
600 Starting network boot (portion of /sbin/rc.boot).
602 Configuring network parent devices.
603 Script defsys, cfgsys, or cfgbus located in /usr/lib/methods/ failed.
604 Configuring physical network boot device.
605 Configuration physical network boot device failed.
606 Running /usr/sbin/ifconfig on logical network boot devices.
607 /usr/sbin/ifconfig failed.
608 Attempting to retrieve the client.info file with tftp from the SPOT server.
609 The client.info file does not exist or could not be accessed, or it is zero length.
610 Attempting to mount a remote file system using NFS.
611 The client is unable to mount a remote file system (NIM resource) using NFS.
612 Accessing remote files. Unconfiguring network boot devices.
613 The route command failed.
614 Configuration of logical paging devices.

615 Configuration of logical paging device failed.

616 Converting from diskless to dataless configuration.
617 Diskless to dataless configuration failed.
618 Configuring remote (NFS) paging device.
619 Configuration of remote (NFS) paging space failed.
620 Updating special device files and ODM in permanent file system.
622 Control returned to the /sbin/rc.boot program.
623 The BOS installation program has encountered a fatal error.
624 Control passed to the BOS installation Program.
c40 Extracting data files from media.
c42 Extracting data files from diskette.
c44 Initializing install data base with target disk information.
c46 Normal install processing.
c48 Prompting user for input.
622 Control returned to the /sbin/rc.boot program.
623 The BOS installation program has encountered a fatal error.
624 Control passed to the BOS installation Program.
c40 Extracting data files from media.
c42 Extracting data files from diskette.
c44 Initializing install data base with target disk information.
c46 Normal install processing.
c48 Prompting user for input.
These errors are most common:
608 - tftp retrieve of client info file failure If a 608 hang is encountered, we verify that
the ClientName.info file exists in the /tftpboot directory. If it does not exist, we retry the
NIM operation to create it. If it does exist, we verify that tftp access to the /tftpboot
directory is not restricted in
the /etc/tftpaccess.ctl file. It is also possible that the network adapter was not configured
properly in the boot environment. In this case, we use debug-enabled network boot
images to look for errors in the boot environment.
611 - Remote mount of NFS file system failure LED 611 hangs occur when the client
machine is unable to mount a resource from the NIM master/resource server. First ensure
that NFS is running on the master/resource server. We verify that the resources specified
for the operation are exported properly by checking the /etc/exports and /etc/xtab files on
the server. Also, we confirm that the resources have permissions set correctly for reading.
Debug-enabled network boot images can also be used to determine exactly which mount
command is failing on the client. We can also check the value of the nfso server
portcheck option and usage of NFS reserved ports.For further information about the use
of NFS reserved ports and the nfso server portcheck option, refer to 5.3.9, NFS reserved
ports on page 441.
This message can also occur when the nim server can't reverse lookup the client. So
always create the client in your DNS with an A and a PTR record.
613 - Failure setting up route tables 613 hangs usually occur because a route is
incorrectly defined for a network in the NIM database. We verify that the correct
gateways are specified between networks, and all gateways are functional. We use debugenabled network boot images to determine which routes could not be defined.

Enable SPOT debug

The other option is to enable debugging on the SPOT source.
Run the following command:
nim -Fo check -a debug=yes SPOTName
where SPOTName is the name of your SPOT.
Obtain the address for entering the debugger by running the following command to get
the address:
lsnim -a enter_dbg SPOTName
where SPOTName is the name of your SPOT. The displayed output will be similar to the
following:
spot1:
enter_dbg = "chrp.mp 0x001840d4"
enter_dbg = "chrp.up 0x00160b7c"
enter_dbg = "rs6k.mp 0x001840d4"
enter_dbg = "rs6k.up 0x00160b7c"
enter_dbg = "rspc.mp 0x001840d4"
enter_dbg = "rspc.up 0x00160b7c"
Write down the enter_dbg address for the client you are going to boot. For example, if
your client is an chrp-uniprocessor machine, you would write down the address 160b7c.
Attach a tty device to your client system (port 1).
Set up and perform the NIM operation that will require the client to boot over the
network. Boot the client over the network.
After the client gets the boot image from the SPOT server, the debug screen will appear
on the tty. At the > prompt, enter:
st Enter_dbg_Value 2
where Enter_dbg_Value is the number you wrote down in step 2 as your machine types
enter_dbg value. Specifying a 2 at the address of the enter_dbg value prints the output to
your tty.
Type g (for go) and press Enter to start the boot process.
Use Ctrl-s to temporarily stop the process as you watch the output on the tty. Use Ctrl-q
to resume the process.
To rebuild your boot images in non-debug mode, use the following command:
nim -Fo check SPOTName
where SPOTName is the name of your SPOT.
If the boot image is left in debug mode, every time a client is booted from these boot
images, the machine will stop and wait for a command at the debugger > prompt. If you
attempt to use these debug-enabled boot images and there is not a tty attached to the
client, the machine will appear to be hanging for no reason.
Client operations
Add / reset / remove clients
To see how to add, reset or remove a NIM standalone client please check AIX NIM
Client.
Install a client
To see how to install a client with NIM see AIX NIM Client Installation.

Update a client
To update a client from the client you have to do the following steps:
list the resources available for the client
bash-3.2# nimclient -l -L lpar01
AIX_5300_LPP
lpp_source
ITO_AIX_5300_LPP
lpp_source
__smit_bundle_368870
installp_bundle
ITO_AIX_5300_SPOT
spot
ITO_AIX_53-05-CSP_SPOT
spot
ITO_AIX_53-06-07-0818_LPP
lpp_source
ITO_AIX_53-06-07-0818_SPOT
spot
ITO_AIX_53-06-07-0818_LPP_FULL
lpp_source
ITO_AIX_53-06-07-0818_LPP_SPOT_FULL spot
AIX_5300-09_LPP_FULL
lpp_source
allocate the needed resource for the client
bash-3.2# nimclient -o allocate -a lpp_source=ITO_AIX_53-06-07-0818_LPP_FULL
check to see if the resource is indeed allocated
bash-3.2# nimclient -l -c resources lpar01
ITO_AIX_53-06-07-0818_LPP_FULL lpp_source
start the update
bash-3.2# nimclient -o cust -a lpp_source=ITO_AIX_53-06-07-0818_LPP_FULL -a
fixes=update_all
Finished processing all filesets. (Total time: 12 secs).
Installation Summary
-------------------Name
Level
Part
Event
Result
------------------------------------------------------------------------------bos.adt.libm
5.3.0.40
USR
APPLY
SUCCESS
bos.adt.libm
5.3.0.61
USR
APPLY
SUCCESS
bash-3.2# oslevel -s
5300-06-07-0818
bash-3.2#
Note: The other time I got an error regarding I had to accept a new license. Adding the
parameter -a accept_licenses=yes did the trick.
Install additional software from lpp_source
We need software that is currently not installed:
bash-3.2# lslpp -l bos.adt.base bos.adt.lib bos.adt.libm bos.perf.libperfstat
bos.perf.perfstat bos.perf.proctools xlC.aix50.rte xlC.rte
Fileset
Level State
Description
---------------------------------------------------------------------------Path: /usr/lib/objrepos
bos.adt.base
5.3.0.62 COMMITTED Base Application Development
Toolkit

bos.adt.lib

5.3.0.61 COMMITTED Base Application Development

Libraries
bos.perf.libperfstat
5.3.0.61 COMMITTED Performance Statistics Library
Interface
bos.perf.perfstat
5.3.0.62 COMMITTED Performance Statistics
Interface
bos.perf.proctools
5.3.0.63 COMMITTED Proc Filesystem Tools
xlC.aix50.rte
8.0.0.0 COMMITTED C Set ++ Runtime for AIX 5.0
xlC.rte
8.0.0.0 COMMITTED C Set ++ Runtime
Path: /etc/objrepos
bos.perf.libperfstat

5.3.0.50 COMMITTED Performance Statistics Library

Interface
bos.perf.perfstat
5.3.0.62 COMMITTED Performance Statistics
Interface
lslpp: Fileset bos.adt.libm not installed.
list the resources available for the client
bash-3.2# nimclient -l -L ms-lpar02
lpp_5300_05
lpp_source
spot_5300_05
spot
lpp_6100_00_01
lpp_source
spot_6100_00_01 spot
lpp_5300_06_07
lpp_source
spot_5300_06_07 spot
allocate the needed resource for the client
bash-3.2# nimclient -o allocate -a lpp_source=lpp_5300_06_07
check to see if the resource is indeed allocated
bash-3.2# nimclient -l -c resources ms-lpar02
lpp_5300_06_07 lpp_source
Start the installation
bash-3.2# nimclient -o cust -a lpp_source=lpp_5300_06_07 -a filesets=bos.adt.libm
Finished processing all filesets. (Total time: 13 secs).
Installation Summary
-------------------Name
Level
Part
Event
Result
------------------------------------------------------------------------------bos.adt.libm
5.3.0.40
USR
APPLY
SUCCESS
bos.adt.libm
5.3.0.61
USR
APPLY
SUCCESS
Note: You can install multiple packages at once like this:
nimclient -o cust -a lpp_source=lpp_5300_06_07 -a filesets="bos.adt.libm bos.adt.base"
* Now the software is installed:

bash-3.2# lslpp -l bos.adt.base bos.adt.lib bos.adt.libm bos.perf.libperfstat

bos.perf.perfstat bos.perf.proctools xlC.aix50.rte xlC.rte
Fileset
Level State
Description
---------------------------------------------------------------------------Path: /usr/lib/objrepos
bos.adt.base
5.3.0.62 COMMITTED Base Application Development Toolkit
bos.adt.lib
5.3.0.61 COMMITTED Base Application Development Libraries
bos.adt.libm
5.3.0.61 APPLIED Base Application Development Math Library
bos.perf.libperfstat 5.3.0.61 COMMITTED Performance Statistics Library Interface
bos.perf.perfstat
5.3.0.62 COMMITTED Performance Statistics Interface
bos.perf.proctools
5.3.0.63 COMMITTED Proc Filesystem Tools
xlC.aix50.rte
8.0.0.0 COMMITTED C Set ++ Runtime for AIX 5.0
xlC.rte
8.0.0.0 COMMITTED C Set ++ Runtime
Path: /etc/objrepos
bos.perf.libperfstat
5.3.0.50 COMMITTED Performance Statistics Library Interface
bos.perf.perfstat
5.3.0.62 COMMITTED Performance Statistics Interface
bash-3.2# oslevel -s
5300-06-07-0818
As you can see, the software is applied now, to commit it, run this command:
installp -c bos.adt.libm
Create a SOE
AIX SOE is the term IBM uses for imaging of AIX machines. The purpose is to create an
overall document which describes into detail how AIX machines are installed and
managed. Because that document should be creates by every company on their own I will
focus on only creating the so-called golden image or as you could say One image to
rule them all.
This image is created using the configuration outlined in AIX Post Install. Follow the
guidelines under cloning AIX to see how an image can be created and restored.
Clone AIX
AIX cloning or imaging is an easy way to set up a standard environment for your AIX
installations. Create one installation which counts for all and restore that image everytime
you need a new installation. That way you can never forget a setting etc.
Create a mksysb image
We do this through the smity fastpath smitty nim_mkres
Select mksysb
Setup these values according to your environment:

And see the progress of the backup:

When nim is ready with creating the mksysb resource it will tell you so:

Now you have a new resource:

bash-3.2# lsnim
master
machines
master
...<cut>...
soe_20090713
resources
mksysb

Restore a mksysb image

We do this through the smity fastpath smitty nim_bosinst
Select a target, this is the machine you're gonna restore the image to
Select mksysb as thge installation type
Select the mksysb resource you just created
Select the spot related to the mksysb resource (should be of the same os level)
Adjust the parameters according to your environment, but at least set these settings to
yes:
ACCEPT new license agreements?
This one is set twice under:
Customization FB Script to run at first reboot
installp Flags
If the lpar you selected is still running you'll see this message:

The machine will reboot now, so you have to go to the console of the lpar, because you'll
have to set the console, accept English as the installation language, and accept the default
settings:

After that the installation starts. You can monitor the installation through the console and
through the nim commandline:
bash-3.2# lsnim -l ms-lpar01
ms-lpar01:
class
= machines
type
= standalone
connect
= nimsh
platform
= chrp
netboot_kernel = mp
if1
= net_10_1_0_0 ms-lpar01 0
net_settings1 = auto auto
cable_type1 = tp
Cstate
= Base Operating System installation is being performed
prev_state = BOS installation has been enabled
Mstate
= in the process of booting
info
= BOS install 38% complete : 42% of mksysb data restored.
boot
= boot
mksysb
= soe_20090713
nim_script = nim_script
spot
= spot_5300_06_07
cpuid
= XXXXXXXXXXXX
control
= master
Cstate_result = success

This is the lpar after the installation first reboot. Network and everything is being
configured:

SUMA
SUMA Commands
I didn't test these commands myself yet. They have been used in a production
environment however, so I think you could trust them.
update suma on server to use proxy
suma -c -a HTTP_PROXY=http://proxy:3128/
suma -c -a HTTPS_PROXY=http://proxy:3128/
suma -c -a FTP_PROXY=http://proxy:3128/
download updates to lpp_source
suma -x -a Action=Clean -a RqType=TL -a RqName=5300-09 -a
DLTarget=/export/eznim/lpp_source/AIX_5300-09_LPP_FULL/
other updates MP/SP
suma -x -a Action=Preview -a RqType=SP -a RqName=5300-06-07 -a
FilterDir=/export/eznim/lpp_source/ITO_AIX_53-06-07-0818_LPP_FULL/
suma -x -a Action=Download -a RqType=ML -a RqName=5300-09 -a
DLTarget=/export/eznim/lpp_source/ITO_AIX_53-09
NIM Troubleshooting
NIM Error
0042-291 NIMkid: The NIM master is not currently allowing
registration of NIM clients. Please seek assistance from your
network install administrator.

Solution: Set the parameter in the NIM Server so clients can register themselves:
smitty nim
Perform NIM Administration Tasks
Configure NIM Environment Options
Manage Client Registration
Allow Machines to Register Themselves as Clients