Skip to main content

skip to main content

developerWorks  >  AIX and UNIX  >

Update your AIX system with SUMA

developerWorks
Document options

Document options requiring JavaScript are not displayed


Rate this page

Help us improve this content


Level: Intermediate

Shiv Dutta, Technical Consultant, IBM
Steven Molis, Software Engineer, IBM

10 Feb 2005
Updated 17 Nov 2006

Learn how the Service Update Management Assistant (SUMA), a feature first introduced in AIX 5L™ Version 5.3, automates the update process for AIX® systems. We'll also examine issues surrounding AIX updates and how to implement specific steps to overcome them.

Introduction

In the article, "AIX updates Version 3: How to work the puzzle", you learned how to address uncertainties relating to the AIX® update process. Most of the tasks involved manual retrieval of maintenance updates from the IBM® support Web site because, until recently, that was the only way to keep the systems updated. With the release of AIX 5L™ Version 5.3, the Service Update Management Assistant (SUMA), a new feature, now allows you to automate the update process.

In this article, we look at some of the questions raised in "AIX updates Version 3: How to work the puzzle" and discuss how you can benefit from SUMA. We also present some new situations and illustrate how you can use SUMA to handle them.

Starting in 2006, as part of the IBM new AIX 5L Service Strategy, a Maintenance Level (ML) is referred to as a Technology Level (TL). Prior to the 5300-05 Technology Level released in August, 2006 SUMA used the previous terminology of ML instead of TL. However, with the SUMA enhancements introduced in the 5300-05 Technology Level (described in the latter part of this update) both terminologies are now supported.

This Service Strategy also introduced the concepts of Service Pack (SP) and Concluding Service Pack (CSP). For detailed descriptions of these terminologies, refer to the AIX 5L Service Strategy and Best Practices document.

Where do I find the latest AIX fixes?
You can get the latest AIX fixes through SUMA. However, we do not recommend that you install the latest fixes. Instead, we recommend that you install the latest TL or SP, since these are tested as a unit and they go through a longer test cycle.
Can I get a list of fixes released after the latest maintenance package?
Yes. The suma command can generate a list or download the filesets automatically. For example, you wish to generate a list of filesets that have been released since ML 5200-08. In addition, you want to run the suma command on your AIX 5L Version 5.3 system. To make it work, you might run the following suma command, making sure to set the option FilterSysFile=/dev/null, so that it won't filter against the software inventory of the system that you are running on. In this example, if the suma command were run with the FilterSysFile field having its default value of localhost, no Version 5.2 fixes would be reported, because the suma command would see that the system was already at the Version 5.3 level. 
 suma -x -a Action=Preview  -a RqType=Latest  -a FilterML=5200-08 \
            -a FilterSysFile=/dev/null

How do I create and schedule a task that downloads the latest security fixes monthly (for example, on the 15th of every month at 2:30 AM)?
You might type the following command: 
suma -s "30 2 15 * *"  -a RqType=Security \
            -a DisplayName="Security fixes - 15th Monthly"

The scheduling information is in crontab format. For more information on the crontab command, please refer to the crontab command reference. The system returns a task ID for this newly created task. This example utilizes the SUMA task defaults, as displayed by suma -D. For example, the installp images download into the /usr/sys/inst.images/installp/ppc directory when the task default is DLTarget=/usr/sys/inst.images.
How do I create and schedule a task that checks for a specific authorized program analysis report (APAR) once a week (for example, every Thursday at 3:00 AM), download it when it becomes available, and send e-mail notifications to users on a remote system?
You might type the following command: 
 suma -s "0 3 * * 4" -a RqType=APAR -a RqName=IY12345 \
             -a  NotifyEmail="bob.smith@host2,ann@host2" -a Repeats=y

You need to set the Repeats field to y in order for the system to make weekly checks for an APAR. After the system finds the APAR, the system deletes the task. If Repeats=n, only a single check would occur before deleting the task.
How do I create and schedule a task that would check monthly for a TL release (for example, on the 15th of every month at 2:30 AM)?
You might type the following command: 
suma –s "30 2 15 * *" –a Action=Preview –a RqType=ML –a RqName=5300-04 \
	  –a FilterML=5300-03 –a NotifyEmail="bob.smith@host3"

An email notification will be sent with the results of the check.

This command performs a Preview (no download will occur) to check if TL 5300-04 has been released. The FilterML setting specifies that the client already has filesets in the 5300-03 level.

If 5300-04 has been released, the notification email will contain the list of filesets in TL 5300-04 that would be available for preview. If 5300-04 is not yet available, the email notification will contain a message similar to "Invalid requested ML level:V530004".

You might elect to automatically download the filesets in this TL by setting Action equal to "Download" instead of "Preview". In this case, the filesets will only be downloaded, and no installation will occur.

How do I create and schedule a task that would check weekly for a new SP release (for example, every Thursday at 3:00 AM)?
You might type the following command: 
suma –s "0 3 * * 4" –a Action=Download –a RqType=SP –a RqName=5300-04-01 \  
            –a FilterML=5300-04 –a NotifyEmail="bob.smith@host3"

An email notification indicating whether a new SP has been released will be sent.

This command will automatically download Technology Level 5300-04, Service Pack 1, when it becomes available. The FilterML setting specifies that the client already has filesets in the 5300-04 level.

How do I create and schedule a task that would check monthly for a CSP release (for example, on the 15th of every month at 2:30 AM)?

You might type the following command:

suma –s "30 2 15 * *" –a Action=Preview –a RqType=SP –a RqName=5300-04-CSP \
             –a FilterML=5300-04 –a NotifyEmail="bob.smith@host3" –a \
             DLTarget=/tmp/530004

An email notification will be sent with the results of the check.

You might elect to automatically download the filesets in this CSP by setting Action equal to "Download'" instead of "Preview". In this case, the filesets will only be downloaded, and no installation will occur.

The above suma command will return a SUMA task ID that might later be used to perform an immediate download of a schedule task. For example, the following command could be used to immediately download the 5300-04-CSP that had the Preview action scheduled above to check for its release. (Assumes task ID of 4 was returned.)

suma –x –a Action=Download 4

The following SUMA features have been implemented in the 5300-05 Technology Level, released in August, 2006:
  • Command Line support for TL (Technology Level) types:

    To download a specific TL immediately: 

    	suma -x -a RqType=TL -a RqName=5300-04

    Command Line support for SP and CSP were introduced in 5300-04 Technology Level.

  • SMIT Support for TL and SP types. From SMIT, select:
    • Software Installation and Maintenance
    • Software Maintenance and Utilities
    • Service Update Management Assistant (SUMA)
    • Download Updates Now (Easy)

    Or:

    	fastpath smit suma_easy

  • New RqLevel Support

    When RqType equals APAR, Security, Critical, or Latest, an optional RqLevel might be specified (for example, 5300-04) to request fixes on the specified TL without requiring a move to the next TL (for example, 5300-05).

    To download an APAR without requiring a move to the 5300-05 TL (APAR will be released at both TL4 and TL5 levels): 

    suma -x -a RqType=APAR -a RqName=IY12345 -a RqLevel=5300-04

    Note: APAR might first be released with 5300-05 at the 5.3.0.50 level. Later it might be released with 5300-04-CSP at the 5.3.0.48 level.

    Some features of SUMA and NIM have been integrated. These features provide the following:

    • SUMA can filter against an lpp_source
    • /usr/sbin/compare_report can accept an lpp_source
    • /usr/sbin/geninv: new command to gather inventory
    • /usr/sbin/niminv: new command to gather, compare and conglomerate inventory and download fixes based on NIM objects

SUMA and compare_report with NIM lpp_source 
suma -a FilterDir=<value>
suma -a DLTarget=<value>

When running on a NIM master, <value> can be an lpp_source name. SUMA will filter and download only fixes that are not existent in the lpp_source. The functionality is the same as before. It is now integrated to the NIM lpp_source lexicon. 

compare_report -i <FixDir>

When running on a NIM master, <FixDir> can be an lpp_source name. compare_report will consider the installation images in the lpp_source when doing comparisons.

What does /usr/sbin/geninv do?
The geninv ("generic inventory") command gathers software and hardware installation version inventory from systems.

Software invetory coverage:

  1. Installp
  2. RPM (RedHat Package Manager)
  3. ISMP (Install Shield Multi-Platform)
  4. Emergency and interim fixes

Hardware inventory coverage:

  1. System Firmware
  2. Adapter/Component Microcode that can be upgraded

What does /usr/sbin/niminv do?
The niminv command gathers, compares and conglomerates software and, if applicable, hardware installation version inventory from NIM objects. It also downloads fixes based on the conglomerated Inventory.

NIM Object coverage:

  1. master and standalone (hardware and software)
  2. mksysb (software only)
  3. SPOT (software only)
  4. lpp_source (software only)

This command is accessible through the SMIT NIM subpanel "Installation Inventory" (fastpath: smit nim_inventory).

How do I find out more about the suma command?
SUMA moves you away from the manual task of retrieving maintenance updates from the Web. It's included in the AIX 5L Version 5.3 operating system. It's also available for AIX 5L Version 5.1 as APAR IY61456 and AIX 5L Version 5.2 as APAR IY64254. SUMA provides you with flexible, policy-based options, allowing you to perform unattended downloads of all AIX 5L updates from the Quick links for AIX fixes Web site. It also automates common tasks, such as downloading a specific APAR when it becomes available, downloading the latest security updates, or downloading an entire maintenance level. You can utilize a scheduling module that runs policies at various intervals in order to conform to your particular maintenance window. You can run SUMA policies without extensive configuration. Filtering options allow comparisons against current software inventory, a fix repository, or a maintenance level to ensure you only download desired fixes. SUMA provides the option to send an e-mail notification containing a list of what's available for download, as well as detailed summary statistics of a download. It supports HTTP, HTTPS, and FTP transfer protocols and proxy servers.

The technology offered by SUMA assists in moving clients toward an autonomic maintenance strategy by automating the download of software maintenance updates, which allows clients to take advantage of the increased security and reliability benefits of having current fixes, and the cost benefits which result from spending less time on system administration.

For more information about the suma command, please refer to the Resources section.



Resources

Learn

Get products and technologies
  • IBM trial software: Build your next development project with software for download directly from developerWorks.


Discuss


About the authors

Shiv Dutta works as a Technical Consultant in the IBM Systems and Technology Group, where he assists independent software vendors with the enablement of their applications on pSeries servers. Shiv has considerable experience as a software developer, system administrator, and an instructor. He provides AIX support in the areas of system administration, problem determination, performance tuning, and sizing guides. Shiv has worked with AIX from its inception. You can reach him at sdutta@us.ibm.com.


Steven Molis works as a Software Engineer in the IBM Systems and Technology Group, where he focuses on pSeries software development, including installation applications that run on AIX. Steven has been involved with the AIX Service Update Management Assistant (SUMA) product since its inception and is actively involved in many initiatives related to autonomic fix delivery. You can reach him at smolis@us.ibm.com.




Rate this page


Please take a moment to complete this form to help us better serve you.



 


 


Not
useful		Extremely
useful
 


Share this....

digg Digg this story del.icio.us del.icio.us Slashdot Slashdot it!



Back to top


IBM, AIX, AIX 5L, eServer, and pSeries are registered trademarks of International Business Machines Corporation in the United States, other countries, or both. UNIX is a registered trademark of The Open Group in the United States and other countries. Other company, product, or service names may be trademarks or service marks of others.