Patching Process
1. Check if the machine is a physical or VM. and check for System Information.
# dmidecode -t system
#dmidecode -s system-product-name
#lspci | grep -i vmware
#dmidecode | less
#cat /etc/info.server
Example :
For Physical :
System Information
Manufacturer: HP
Product Name: ProLiant DL385 G5
For Virtual :
System Information
Manufacturer: VMware, Inc.
Product Name: VMware Virtual Platform
2. Take System Backup:
For Virtual machines,We can take a snapshot & revert to it in case required.
For Physical machines, check for the ILO address & Take backup using tools if configured.for e.g. TSM backup client,etc.In some environment you may have script to do backup of the whole rootvg via LVM snapshot.
3. On day of activity use your monitoring tool to acknowledge alerts.
4. Bring App and DB down on server.
5. Go for a simple reboot to ensure server doesn’t have any prior file system issues.
6. Update the kernel on the machine. It is preferable to go for --install instead of --update option.
7. Do a yum update for security and rest patches to complete the update.
8. Reboot the machine.
9. Once up, confirm the server is updated by uname -a and yum check-update.
10. Put server out of Maintenance mode once confirmed Application/DB is up and running.
11. In case of issue, kindly rollback using yum history (RHEL 6) for RHEL5.
Useful Commands during server patching
Pre-Patching
Below Commands can be run at once to take prior configuration backup of important files:
mkdir -p /tmp/patching`date +%y%m%d`
cd /tmp/patching`date +%y%m%d`
df -Ph >df.bkp
uptime | tee uptime_before
cat /etc/fstab >fstab.bkp
pvs >pvs.bkp
vgs >vgs.bkp
lvs >lvs.bkp
uname -r | tee kernel.bkp
cat /etc/grub.conf >grub.bkp
cat /proc/cpuinfo >cpu.bkp
cat /proc/meminfo >mem.bkp
ifconfig -a >ifconfig.bkp
cat /proc/mdstat >mdstat.bkp
netstat -nr >routingtable_before
ls -lhR /boot >bootdir.bkp
fdisk -l >fdisk.bkp
ps -ef >ps_bkp
chkconfig --list >chkconfig.bkp
service --status-all >services_bkp
top -b1 -n1 >top_bkp
dmidecode -t system | more
multipath -ll >multipath.bkp
powermt display dev=all >powermt.bkp
cat /etc/grub.conf >grub.pre
ls -lhtr
echo "configuration backup done"
cat /etc/info.server
Patching
yum list (see available package)
yum update (ask for Y or N to update packages)
yum update -y (will directly patch the available packages)
yum update -x kernel (exclude kernel update)
Post-Patching
cat /etc/fstab >fstab.bkp.post
top -b1 -n1 >top_bkp.post
uname -a
yum check-update
mount -a
/etc/init.d/PowerPath status
Rollback
RollBack Configuration for RHEL 5
edit /etc/rpm/macros
vi /etc/rpm/macros
and add the following line
%_repackage_all_erasures 1
edit /etc/yum.conf
vi /etc/yum.conf
and add the following line
tsflags=repackage
Enable monthly cleanup of old packages, otherwise use too much space
vi /etc/cron.daily/tmpwatch
and add the following line
/usr/sbin/tmpwatch "$flags" 720 /var/spool/repackage
Perform RollBack for RHEL 5
ROLL back RPM:
If OS updated with in one hour period.
rpm -Uvh --rollback '1 hour ago'
if yesterday
rpm -Uvh --rollback '1 day ago'
if OS updated on a week ago,
rpm -Uvh --rollback '1 week ago'
if OS updated on a month ago,
rpm -Uvh --rollback '1 month ago'
if OS update on Mar 20th,
rpm -Uvh --rollback 'March 20'
Perform RollBack for RHEL 6
Check update history
#yum history
Output
Loaded plugins: fastestmirror, refresh-packagekit
ID | Login user | Date and time | Action(s) | Altered
-------------------------------------------------------------------------------
47 | root <root> | 2012-05-27 09:03 | Install | 4
46 | root <root> | 2012-05-27 09:02 | Install | 2
…
Check info of a particular update
yum history info 46
To rollback to before update ID 47
yum history rollback 46
Undo an update
yum history undo 46
To repeat an update
yum history repeat 46
Thanks
No comments:
Post a Comment