Service Update Management Assistant (SUMA)
SUMA sets up an automated interface to download fixes from a fix distribution website to your systems. SUMA can be configured to periodically check the availability of specific new fixes and technology levels. Therefore, system administrators do not have to manually retrieve maintenance updates from the web.
When you configure SUMA in an AIX logical partition (LPAR) or as the NIM master, SUMA establishes a connection to the fix distribution website and downloads the available service update. The fix distribution website is an IBM server with the domain name of esupport.ibm.com. If your configuration contains a firewall that blocks the connection to the fix distribution website, you must customize the firewall rules to allow SUMA to connect to the following IP addresses:
- Specifies a request to download a program temporary fix (PTF), such as U813941. Only certain PTFs can be downloaded as an individual fileset. This limitation applies to PTFs that contain either the bos.rte.install or bos.alt_disk_install.rte filesets as well as those that are released in between Service Packs (SP). Otherwise, you must download the technology level (TL) or service pack (SP).
- Specifies a request to download a specific TL (such as 7200-02).
- Specifies a request to download a specific SP (such as 7200-02-00).
- Specifies a request to download the latest fixes. This value returns the latest service pack or the TL as specified in the FilterML attribute.
To start using SUMA, perform the following operations:
- Configuring SUMA to use the proxy settings
- Creating and managing a SUMA task by using the SMIT interface
- SUMA tasks and the command line
- Troubleshooting SUMA error messages
Configuring SUMA to use the proxy settings
suma -x -a Action=Preview -a RqType=Latest
0500-013 Failed to retrieve list from fix server.
In this instance, you must contact your administrator or determine the steps necessary to allow your system to access the internet.
- Ensure that the bos.ecc_client.rte fileset is installed on the AIX LPAR by running the following command,
lslpp -h bos.ecc_client.rte.
- Ensure that the config_conn_path command is available in the bos.ecc_client.rte fileset by running the following command,
lslpp -w /usr/ecc/bin/config_conn_path.
- Configure your proxy settings by completing the following steps:
- Run the smit srv_conn command.
- Select Create/Change Service Configuration and press Enter.
- Select Create/Change Primary Service Configuration and press Enter.
- Set the following fields in the SMIT interface:
Where, xx.xx.xx.xx is the IP address of the proxy and 5026 is the port number that is used to connect to the proxy settings. When you press Enter, a test connection determines whether the AIX LPAR is authenticated to access the internet by using the proxy settings. The common values for proxy port number are 3138 or 8080.
- Run the smit suma_config_base command to access the SUMA base configuration SMIT interface. Verify the fields that are shown in the Base Configuration screen capture.
Creating and managing a SUMA task by using the SMIT interface
- Run the smit suma command.
- Select Custom/Automated Downloads (Advanced) and press Enter.
- Select Create a New SUMA Task and press Enter.
- Select an option to determine whether you want to save, execute, or run both simultaneously and press Enter.
- Set the following fields in the SMIT interface and press Enter.
SUMA tasks and the command line
suma -w -a DisplayName=‘ AIX72TL2SP2‘ -a FilterML=‘7200-00‘
Task ID 10 created.
suma -s "30 2 15 * *" -a RqType=Latest \ -a DisplayName="Latest fixes - 15th Monthly"
In this example, the user scheduled the task to run on the 15th day of every month at 2:30 a.m. using cron format.
suma -s "0 23 * * 1" -a Action=Clean -a RqType=ML \ -a RqName=6100-03 -a DLTarget=/lppsrc/6103 \ -a FilterSysFile=/dev/null
Troubleshooting SUMA error messages
You must ensure that you are entitled to download SUMA maintenance updates. If you are not entitled to download SUMA maintenance updates, check with your administrator and licensing team for assistance. Without entitlement, you encounter the following error message:
Error: Entitlement is required to download. The system's serial number is not entitled.
For other SUMA error messages, check your system log files for the time stamp of the operation, the IP address and the port numbers of the fix distribution server. If your system is misconfigured, you might encounter a SUMA error message similar to the following:
# /usr/sbin/suma -x -a Action=Metadata -a RqType=Latest -a FilterML=7100-02 -a DLTarget=/export/eznim/SUMA 0500-013 Failed to retrieve list from fix server.
- Ensure that the client's firewall connection is authenticated by establishing the
telnet connection to the fix distribution
telnet www.ibm.com 443 telnet www.ibm.com 80
- Verify the connection by running the following command:
# /usr/esa/bin/verifyConnectivity -t
- Verify that Electronic Customer Care (ECC) services are installed by running the following command:
# /usr/ecc/bin/config_conn_path -c 'PRIMARY' -t 'YES'
- Check the SUMA log files at the following locations:
- Edit the SUMA configuration to generate verbose log files by running the following command:
suma -c -a SCREEN_VERBOSE=LVL_DEBUG \ -a LOGFILE_VERBOSE=LVL_DEBUG \ -a NOTIFY_VERBOSE=LVL_DEBUG
- Edit the configuration and rerun the SUMA task by performing the following steps:
- Go to the /var/suma/data/eccBase.properties properties file and set TRACE_LEVEL=info.
- Delete the log files in the /var/suma/log location.
- Enter the following command to rerun the SUMA task:
/usr/sbin/suma -x -a Action=Metadata -a RqType=Latest -a FilterML=7100-02 \ -a DLTarget=/export/eznim/SUMA/7100-02/metadata
- Verify that the information in the log file is correct.