PACKAGE: Update Release 3.1.3.40
IOSLEVEL: 3.1.3.40
|
VIOS level is |
The AIX level of the NIM Master
level must be equal to or higher than |
|
Update Release 3.1.3.40 |
AIX
7200-05-06 |
Please refer to the VIOS Maintenance Strategy here
for more details regarding the change to the VIOS release numbering scheme.
Be sure to heed all minimum space requirements before
installing.
Review the list of fixes included in Update Release 3.1.3.40
To take full advantage of all the functions available
in the VIOS, it may be necessary to be at the latest system firmware level. If
a system firmware update is necessary, it is recommended that the firmware be
updated before you update the VIOS to Update Release 3.1.3.40.
Microcode or system firmware
downloads for Power Systems
If the VIOS being updated has filesets installed from
the VIOS Expansion Pack, be sure to update those filesets with the latest VIOS
Expansion Pack if updates are available.
Update Release 3.1.3.40
updates your VIOS partition to ioslevel 3.1.3.40.
To determine if Update Release 3.1.3.40
is already installed, run the following command from the VIOS command line.
$ ioslevel
If Update Release 3.1.3.40
is installed, the command output is 3.1.3.40.
For Customers Using Third Party
Java-based Software
This only applies to customers who both use third
party Java based software and have run updateios -remove_outdated_filesets to
remove Java 7 from their system.
To prevent errant behavior when editing customer’s /etc/environment file,
updateios does not make changes to that file when run. If a customer is using
software that depends on using Java and having the path to it in your PATH
environment variable, the following edit should be made to allow programs that
use the PATH environment variable to locate Java 8.
In
the /etc/environment file, customers should see:
PATH=[various
directories]:/usr/java7_64/jre/bin:/usr/java7_64/bin
To
address a potential issue with Java-dependent third-party software, this should
be converted to:
PATH=[various
directories]:/usr/java8_64/jre/bin:/usr/java8_64/bin
VIOS 3.1.3.40 includes the
following features, added in VIOS 3.1.3.10:
LU Rename Support Added for
Shared Storage Pool (SSP)
Support has been added to allow users to rename their
LUs. This operation can be performed via the new flag, [-modify], added
to the lu command in ioscli.
The ability to convert LUs from the thin provisioned
to thick provisioned dynamically has been added. Performed via the new [-modify]
flag added to the lu command in ioscli, this feature allows users to
preallocate storage for existing LUs, rather than being forced to continue to
rely on the just-in-time provisioning after the LU has been created.
Note: This feature currently only
allows for unmapped LUs to have their provisioning changed to thick. An
enhancement for this feature is in development that will allow users to thicken
mapped LUs and will be added in a future release.
VIOSBR Multiple Network
Interface Support for SSP
In earlier VIOS releases where multiple network
interfaces were supported, VIOS Backup and Restore did not fully support the
feature. This meant that when an SSP Cluster was restored from a backup, any
network interfaces that were being used other than the primary had to be added
back manually. In this release, the restore operation will now restore all
network interfaces.
Other Noteworthy Changes
· SSP
IO performance improvements are available for fast SSD and NVMe storage.
· The
SSP and Change Management databases have been upgraded from Postgres 10 to
Postgres 13, a change that brings with it all the improvements to Postgres that
have been added in versions 11, 12, and 13.
Note: In order to move an
existing SSP Cluster to Postgres 13, a rolling upgrade must complete first. A
prerequisite for the rolling upgrade to occur is that all nodes in the cluster
be at version 3.1.3.40 or later.
VIOS 3.1.3.40 can run on any of the following Power
Systems:
POWER 8 or later.
The following requirements and limitations apply to Shared Storage Pool
(SSP) features and any associated virtual storage enhancements.
Software Installation
SSP Configuration
|
Feature |
Min |
Max |
|
Number of
VIOS Nodes in Cluster |
1 |
16* |
|
Number of
Physical Disks in Pool |
1 |
1024 |
|
Number of
Virtual Disks (LUs) Mappings in Pool |
1 |
8192 |
|
Number of
Client LPARs per VIOS node |
1 |
250* |
|
Capacity
of Physical Disks in Pool |
10GB |
16TB |
|
Storage
Capacity of Storage Pool |
10GB |
512TB |
|
Capacity of
a Virtual Disk (LU) in Pool |
1GB |
4TB |
|
Number of
Repository Disks |
1 |
1 |
|
Capacity
of Repository Disk |
512MB |
1016GB |
|
Number of
Client LPARs per Cluster |
1 |
2000 |
Prerequisites for expanded support:
Here are the new maximum values for each of these
configuration options, if the associated hardware specification has been met:
|
Feature |
Default
Max |
High
Spec Max |
|
Number of
VIOS Nodes in Cluster |
16 |
24 |
|
Number of
Client LPARs per VIOS node |
250 |
400 |
Network Configuration
Storage Configuration
Shared Storage Pool capabilities and limitations
Please ensure that your rootvg contains at
least 30 GB and that there is at least 4GB free space before you attempt to update to
Update Release 3.1.3.40. Run the lsvg
rootvg command, and then ensure
there is enough free space.
Example:
$ lsvg rootvg |
|
|
|
VOLUME GROUP: |
rootvg |
VG IDENTIFIER: |
00f6004600004c000000014306a3db3d |
VG STATE: |
active |
PP SIZE: |
64 megabyte(s) |
VG PERMISSION: |
read/write |
TOTAL PPs: |
511 (32704 megabytes) |
MAX LVs: |
256 |
FREE PPs: |
64 (4096 megabytes) |
LVs: |
14 |
USED PPs: |
447 (28608 megabytes) |
OPEN LVs: |
12 |
QUORUM: |
2 (Enabled) |
TOTAL PVs: |
1 |
VG DESCRIPTORS: |
2 |
STALE PVs: |
0 |
STALE PPs: |
0 |
ACTIVE PVs: |
1 |
AUTO ON: |
yes |
MAX PPs per VG: |
32512 |
|
|
MAX PPs per PV: |
1016 |
MAX PVs: |
32 |
LTG size (Dynamic): |
256 kilobyte(s) |
AUTO SYNC: |
no |
HOT SPARE: |
no |
BB POLICY: |
relocatable |
PV RESTRICTION: |
none |
INFINITE RETRY: |
no |
A single, merged
lpp_source is not supported for VIOS that uses SDDPCM. However, if you use
SDDPCM, you can still enable a single boot update by using the alternate method
described at the following location:
SDD and SDDPCM migration
procedures when migrating VIOS from version 1.x to version 2.x
Virtual I/O Server support for Power Systems
VIOS Update
Release 3.1.3.40 may be applied directly to any VIOS at level 3.1.0.00.
The VIOS must
first be upgraded to 3.1.0.00 before the 3.1.3.40 update can be applied. To learn more about how to do that, please
read the information provided here.
Warning: The
update may fail if there is a loaded media repository.
To check for a
loaded media repository, and then unload it, follow these steps.
1. To check for loaded images, run the following command:
$ lsvopt
The Media column lists any loaded media.
2. To unload media images, run the following commands on all Virtual Target
Devices that have loaded images.
$ unloadopt
-vtd <file-backed_virtual_optical_device >
3. To verify that all media are unloaded, run the following command again.
$ lsvopt
The command output should show No
Media for all VTDs.
The Virtual I/O
Server (VIOS) Version 2.2.2.1 or later, supports rolling updates for SSP
clusters. The VIOS can be updated to Update Release 3.1.3.40 using rolling
updates.
Non-disruptive
rolling updated to VIOS 3.1 requires all SSP nodes to be at VIOS 2.2.6.31 or
later. See detailed instructions in the VIOS 3.1 documentation
The rolling updates
enhancement allows the user to apply Update Release 3.1.3.40 to the VIOS
logical partitions in the cluster individually without causing an outage in the
entire cluster. The updated VIOS logical partitions cannot use the new SSP
capabilities until all VIOS logical partitions in the cluster are updated.
To upgrade the
VIOS logical partitions to use the new SSP capabilities, ensure that the
following conditions are met:
·
All VIOS logical partitions must have
VIOS Update Release version 2.2.6.31 or later installed.
·
All VIOS logical partitions must be
running. If any VIOS logical partition in the cluster is not running, the
cluster cannot be upgraded to use the new SSP capabilities.
Instructions: Verify
the cluster is running at the same level as your node.
1. Run the following command:
$ cluster -status -verbose
2. Check the Node Upgrade Status field, and you should see one of the
following terms:
UP_LEVEL: This means that the software level of the logical partition is higher
than the software level the cluster is running at.
ON_LEVEL: This means the software level of the logical partition and the
cluster are the same.
There is now a
method to verify the VIOS update files before installation. This process
requires access to openssl by the 'padmin' User, which can be accomplished by
creating a link.
Instructions: Verifying VIOS update files.
To verify the VIOS
update files, follow these steps:
1. $ oem_setup_env
2. Create a link to openssl
# ln
-s /usr/bin/openssl /usr/ios/utils/openssl
3.
Verify the link to openssl was created
# ls
-alL /usr/bin/openssl /usr/ios/utils/openssl
4.
Verify that both files display similar
owner and size
5. # exit
Use one of the
following methods to install the latest VIOS Service Release. As with all
maintenance, you should create a VIOS backup before making changes.
If you are running
a Shared Storage Pool configuration, you must follow the steps in Migrate Shared Storage Pool Configuration.
Note:
While running 'updateios' in the following steps, you may see accessauth messages, but these messages can safely be
ignored.
Version Specific Warning: Version 3.1.1.30 or earlier, Version 3.1.2.10 or earlier
When updating to VIOS 3.1.3.40 from some earlier versions of VIOS 3.1.X.X, it
is possible to encounter the following error:
installp: The installp command has been updated.
Reinvoking installp
to process the
remaining items.
Unable to set up
Trusted Execution environment for Installation to proceed.
0503-430
installp: Either there is an installp
process currently running or there is a previously failed installation.
Wait for the
process to complete or run installp -C to cleanup a failed installation.
To
remedy this issue, once updateios stops running, run updateios -commit and then
rerun the update.
Warning: If VIOS rules
have been deployed.
During update, there have been occasional issues with VIOS Rules files getting
overwritten and/or system settings getting reset to their default values.
To ensure that this doesn’t affect you, we
recommend making a backup of the current rules file. This file is located here:
/home/padmin/rules/vios_current_rules.xml
First, to capture your current system settings, run this command:
$ rules
-o capture
Then, either copy the file to a backup
location, or save off a list of your current rules:
$ rules -o list > rules_list.txt
After this is complete, proceed to update
as normal. When your update is complete,
check your current rules and ensure that they still match what is desired. If not, either overwrite the original rules
file with your backup, or proceed to use the ‘rules -o modify’ and/or ‘rules -o
add’ commands to change the rules to match what is in your backup file.
Finally, if you’ve failed to back up your
rules, and are not sure what the rules should be, you can deploy the
recommended VIOS rules by using the following command:
$ rules -o deploy -d
Then, if you wish to copy these new VIOS
recommended rules to your current rules file, just run:
$ rules -o capture
Note: This will
overwrite any customized rules in the current rules file.
Applying Updates
Warning:
If the target node
to be updated is part of a redundant VIOS pair, the VIOS partner node must be
fully operational before beginning to update the target node.
Note:
For VIOS nodes
that are part of an SSP cluster, the partner node must be shown in 'cluster
-status ' output as having a
cluster status of OK and a pool status of OK. If the target node is updated
before its VIOS partner is fully operational, client LPARs may crash.
Instructions: Applying updates to a VIOS.
2. Using ftp, transfer the update file(s) to the directory you created.
To apply updates from a remotely mounted file system, and the remote file
system is to be mounted read-only, follow the steps:
The update release
can be burned onto a CD by using the ISO image file(s). To apply updates from
the CD/DVD drive, follow the steps:
$ shutdown
-restart
Note: If shutdown –restart command failed, run swrole –PAdmin for padmin to set authorization and
establish access to the shutdown command properly.
$ clstartstop
-start -n <cluster_name >
-m <hostname >
$ ioslevel
Instructions: Checking for an incomplete installation caused by a loaded media
repository.
After installing
an Update Release, you can use this method to determine if you have encountered
the problem of a loaded media library.
Check the Media
Repository by running this command:
$ lsrep
If the command
reports: "Unable to retrieve repository data due to incomplete repository
structure," then you have likely encountered this problem during the
installation. The media images have not been lost and are still present in the
file system of the virtual media library.
Running the lsvopt command should show the media images.
Instructions: Recovering from an incomplete installation
caused by a loaded media repository.
To recover from this
type of installation failure, unload any media repository images, and then
reinstall the ios.cli.rte package. Follow these steps:
1. Unload any media images
$ unloadopt
-vtd <file-backed_virtual_optical_device>
2. Reinstall the ios.cli.rte fileset by running the following
commands.
To escape the
restricted shell:
$ oem_setup_env
To install the failed fileset:
# installp
–Or –agX ios.cli.rte –d <device/directory >
To return to the restricted
shell:
# exit
3. Restart the VIOS.
$ shutdown
–restart
4. Verify that the Media Repository is operational by running this command:
$ lsrep
This release also contains all the fixes
for every previous version of 3.1.3.X. To see the previous release’s fixes,
please go here.
The
list of new fixes included in 3.1.3.40.
|
APAR |
Description |
|
IJ40896 |
ON VIOS
3.1.3.X VIOSBR FAILS WITH SPECIAL CHARACTERS IN MOTD |
|
IJ42014 |
ABEND
FROM XFIDTONAME DUE TO NULL VNODE |
|
IJ42727 |
Adapter
driver fatal event could cause hang during unmap of vfc |
|
IJ43443 |
NEW
VIOS USER MAY NOT HAVE PERMISSION ON ".SSH" |
|
IJ43923 |
SYSTEM
HANG IF ERROR OCCURS DURING SCSI CHECK CONDITION RECOVERY |
|
IJ44047 |
crash
in gids_ok(), ip_output_post_fw(), ip_output() and tcp_out |
|
IJ44275 |
VMRM HA
Discovery failed with error |
|
IJ44276 |
ksys_hsmon
daemon dumps core @hmDBfail |
|
IJ44288 |
VNIC
BACKING DEVICE GOES INTO DEAD STATE AFTER FIRMWARE UPDATE |
|
IJ44424 |
FIX
CVE_2022_2795 SECURITY VULNERABILITIES |
|
IJ44534 |
memory
leak is seen due to cached_route no option |
|
IJ44606 |
VIOS
SNAP TOO LARGE NOT HANDLED BY STAT() WELL |
|
IJ44744 |
AUTOMOUNT
CAN HANG INDEFINITELY WITH AN INVALID IPV6 ADDRESS |
|
IJ45010 |
errlog
from pfcdd on failure to invalidate the data. |
|
IJ45108 |
CAA:
MEMORY LEAK WHEN CAA CLUSTER CONFIGURED WITH VLAN |
|
IJ45223 |
A
potential security issue exists |
|
IJ45332 |
crash
in tcp_output+001F74 |
|
IJ45541 |
A
potential security issue exists |
|
IJ45717 |
lpar
crashed @.disable_lock+0000C4 |
|
IJ46015 |
MIG_VNIC:
GET_VF_DRC_NAME() DO NOT REPORT ACCURATE RETURN CODE |
|
IJ46017 |
Disk
path failures during runtime config on VIOS |
|
IJ46018 |
many
defunct processes under vio_daemon |
|
IJ46020 |
Timeout
policy fail_ctlr leads to I/O errors on storage update |
|
IJ46021 |
System
Name output does not print for lsmpio command |
|
IJ46023 |
Missing
storage key restore in scsidisk_close error path |
|
IJ46024 |
Disk
driver delays too long after write error |
|
IJ46027 |
Observing
VIOS crash in VFC host |
|
IJ46029 |
crash @
npiv_stats_callback_write+000078 |
|
IJ46036 |
SERVER
CRASHES WITH PKCS11 KERNEL EXTENSION |
|
IJ46038 |
CRL
PARSING IN EMGR_CHECK_IFIXES FAILS WITH OPENSSL 3.0.5 |
|
IJ46039 |
ksh
core dump after allocation failure |
|
IJ46040 |
Logical
Volume device driver (LVDD) performance improvements |
|
IJ46047 |
A
POTENTIAL SECURITY ISSUE EXISTS |
|
IJ46048 |
TCP
AUDIT EVENTS HAVE ROLES NOT INITIATED CAN LEAD TO COREDUMP |
|
IJ46049 |
Add
gzip option for kernel compression |
|
IJ46050 |
Update
kernel copyright notice for 2023 |
|
IJ46051 |
A
potential security issue exists |
|
IJ46052 |
Increasing
the network ras buffer size high threshold values |
|
IJ46053 |
ARTEX
XML FILE FOR HDISKPOWER SHOULD CALL CHDEV -P |
|
IJ46054 |
VIOS
SNAP ADD WRONG LINK (/HOME/PADMIN) THEN FAILS ON NXT RUN |
|
IJ46055 |
IOSCLI
MKSVM CAUSES CRASH WITH 00CB LED ON VIOS 3.1 |
|
IJ46056 |
INCONSISTENT
LSREP IF LOST+FOUND DOESN'T EXIST IN VMLIBRARY FS |
|
IJ46057 |
nmon
not closing the FIFO files opened for SEA adapters |
|
IJ46058 |
CAA:
UNABLE TO CUSTOMIZE THE CAA.DEBUG LINE IN SYSLOG.CONF |
|
IJ46059 |
MKLDAP
REPORT INVALID : COMMAND REQUIRES OPTION "-PASSWD BINDPWD |
|
IJ46060 |
/USR/DT/BIN/DTMAIL
FAILS WITH SYMBOL __DL__FPV (NUMBER 221) |
|
IJ46062 |
A
potential security issue exists |
|
IJ46063 |
Back
port the 0EU changes to 72V and 72X. |
|
IJ46068 |
A
potential security issue exists |
|
IJ46069 |
Network
memory leak when cached route is enabled |
|
IJ46070 |
While
processing bad route skip the one which are not in UP state |
|
IJ46166 |
lpar
crashed @rtfree_nolock+000054 |
|
IJ46404 |
Update
Diagnostics VRMF for Spring 2023 |
|
IJ46466 |
Advanced
Diagnostics Internal serial wrap test failure on EN2N |