Recovery, patching and upgrades

Latest response

I work for a company in the midrange group.  We run mostly IBM AIX systems with a few RedHat systems.  The challenges I have with Linux is mostly around recovery (including bare metal), patching, and upgrading.  There are many features that we have in AIX that are taken for granted.

 

mksysb – creates images backups of the OS while it's running.  This is used for recovery and cloning.

 

multibos - makes a copy of the OS partitions (hd5,/,/usr/var and /opt) on disk, allows us to patch the copy.  This allows us to fail back to the previous state by rebooting back to the old OS copy.  This is included in AIX, Solaris (Live upgrades)... this feature is missing in Linux and Windows.

 

Patch sets (example service packets or bundles) - A couple reasons this is important to us.

  1. In AIX it's very important to keep patch sets. This is important for the NIM server.  In AIX we us NIM to do package base installs, image recovery and boot into maintenance mode over the network.

 

2.  This would allow application to be test against different levels of patches.  What happens now is we patch test with one set of patches as of Date X.  We go to patch production a week later and newer patches come out.  I know there is Redhat Satellite but that is an add-on product.

 

These recommendations would help Linux mature to the next level. 

Responses

Part of this has already been mentioned in another thread, see: https://access.redhat.com/discussion/server-recovery-method

 

With respect to your second request, for multibos, have you looked into LVM snapshots?

Just curious, do you have RHN Satellite?

Are snapshots an alternative way to implement these capabilities? Snapshots provide the ability to rollback/rollforward the system state.

I was just going to write to say this.

We use LVM snapshots for this if we are concerned about maintaining system state before/after a patch operation or OS upgrade. This is one of the goals of the snapshot functionality, and it has worked well for us in a multi-thousand node Linux environment.

Be nice to get both features implemented on RHEL

As I understand the requirement this is not only easy to do with satellite but also with pure RHEL tools.

 

a) create a copy of a RHEL dvd which supports your hardware on your webserver, i.e. RHEL5u6. Offer the directory via http, setup pxe, do basic deployments.

b) create an empty directory on the webserver. The directory should also be available via http. Store updated packages there, or a whole new minor release like RHEL5u7

c) if you just stored single rpm packages there run 'createrepo'

d) on clients setup the http reachable directory as repository (i.e. new file in directory /etc/yum.repos.d)

e) run 'yum update' in the clients

 

Also multiple directories can be used, also multiple of these can be configured on the clients. The client will (when running i.e. 'yum update') attempt to update to the latest available version of packages. These are your "patch sets".

Deploying a release which is younger than the patches you can then update to the desired patch sets.