cancel
Showing results for 
Search instead for 
Did you mean: 

best way to patch cluster servers

Aerosmith1
Level 4
Hi

when it is patching of Sun stand alone servers I can patch them and I know after reboot everything will be fine.

I wanted to how to patch Veritas-ha clustered Sun OS 5.9 Machines. Right now the cluster service and application services are running on Server 2. I am not sure after patching if something messes the cluster or applications running. Please let me know best practices to update patches on Cluster servers so that machines will have least down time. We are running Veritas-ha with blackboard application services which includes apache + oracle applications too.

Please let me know if any more details are required to help..

Thanks in advance
9 REPLIES 9

RiaanBadenhorst
Moderator
Moderator
Partner    VIP    Accredited Certified
What do you want to patch? The application, the cluster (or all the Veritas packages), or the O/S?

Aerosmith1
Level 4
Solaris 9 Patches ONLY on both nodes on sparc 480 R

Also I don't think updatemanager is installed on system can I use updatemanager for the procedure you may suggest,,,


Message Edited by Aerosmith1 on 12-07-2007 08:41 AM

Message Edited by Aerosmith1 on 12-07-2007 08:51 AM

Message Edited by Aerosmith1 on 12-07-2007 08:51 AM

RiaanBadenhorst
Moderator
Moderator
Partner    VIP    Accredited Certified
Make sure you have backups

Patch the server that the application is NOT on
Switch the application to the patched server and test that it works fine.
I'd then leave the application there for a week or so and make sure everything runs fine.
If all is fine then patch the other server. If not, then switch back to the other server, and roll back the patches on the patched server.

Aerosmith1
Level 4
Hi

Being new to this environment and new to Veritas clustering also, I am little cautious,

Can I install updatemamanger (software for patching solaris) on Cluster nodes and download and install patches.. I don't know if there is any other way, the patches are installed other than patch-add in shell. Patch-add will be hectic as I think there will b large number of patches as systems were not patched for long long time..:(

What would be best way..updatemanager or patchadd or any otherway...

RiaanBadenhorst
Moderator
Moderator
Partner    VIP    Accredited Certified
If this patch manager will regularly download and install patches i would not like it. If you can control it, i'd say its ok.

Otherwise you could just download the latest solaris patch cluster (all the latest patches), they normally called it the 9_recommended, or 10_recommended, depending on your version. This has all the patches for 9 or 10, if you run it, it will install all the patches for all the packages that are installed on your servers.

Aerosmith1
Level 4
yes , updatemanager has 2 options which allows us to manually install or push patches automatically if we choose to have auto patching option enabled.

but I will see to below also, as it could be better also..


Otherwise you could just download the latest solaris patch cluster (all the latest patches), they normally called it the 9_recommended, or 10_recommended, depending on your version. This has all the patches for 9 or 10, if you run it, it will install all the patches for all the packages that are installed on your servers.

Thanks

Aerosmith1
Level 4
I am confused now after going through the support document from tech-support. I know I can reopen the closed case but I want to discuss here before that..

Following is procedure suggested to me by support,

** 1. “Node A”.
Download patches.
 
** 2. “Node B”
Failover all services to “Node B”.
Make sure all service groups are frozen and non-critical.
# hastop –all -force
# hasys -freeze <SystemName>
 
** 3. ”Node A”
VCS should already be down on "A"
Copy /etc/llttab /etc/llthosts /etc/gabtab files to .SAV files and make a backup.
Unencaplulate root drives.  ( You may be able to skip this step )
Load patches and reboot.
# hastatus sum
     
** 4. “Node B”
# hastatus sum
Unfreeze services on "B"
# hasys -unfreeze <SystemName>
 
** 5.  “Node B”
Failover the services one at a time (review dependencies) to “Node A”
Verify all services are down on “Node B” and running on “Node A”
 Make sure all service groups are frozen and non-critical.
# hastop –all -force
# hasys -freeze <SystemName>
 
** 6. ”Node B”
Repeat the upgrade process on “Node B”.
Unencaplulate root drives. ( You may be able to skip this step )
Load patches and reboot.
Reboot

# hastatus -sum


I am confused now, what I want to do is keep application(bb) running on nodeB-so that client side does not have problems and at that time patch Node1. I do not want the services go down for client. I think in step #2 if I freeze NodeB all service groups will be offline and then applications will go offline and clients can not access bb service group which is running blackboard.

1.Can someone modify the above to what I need to do to patch the nodes while appplications keep running on one node atleast.
2.Do I need to give commands below also which tech support has not given ...
hagrp -switch bb -to bbserver2 or bbserver1
3. what would be <system name> for step # 2, #4, #5


this is VCS summary at my end,
hastatus -sum

-- SYSTEM STATE
-- System               State                Frozen             

A  bbserver1            RUNNING              0                   
A  bbserver2            RUNNING              0                   

-- GROUP STATE
-- Group           System               Probed     AutoDisabled    State         

B  ClusterService  bbserver1            Y          N               OFFLINE       
B  ClusterService  bbserver2            Y          N               ONLINE        
B  bb              bbserver1            Y          N               OFFLINE       
B  bb              bbserver2            Y          N               ONLINE


Also after patching node1 or nodeA I want to transfer all application service(bb) and cluster service to node A and try running it there. if users are satisfied then I want to patch nodeB or node2.

if you need more information I can give..

but please send me step by step way for patching..

RiaanBadenhorst
Moderator
Moderator
Partner    VIP    Accredited Certified
HI,

This makes sense. I forgot about the freeze. It will just make sure that if there is a failure on node2 while you're busy on 1 it wont be able to failove to 1. the sysname in step 2 would be node2

in step 4 it would also be node2 because you will now unfreeze it.

and in step it would be node1 (you would freeze node1 after switching all the applications to it with hagrp -switch)

Hope that helps.

Aerosmith1
Level 4

Thank you so much for your replies Riaan !! you have a good day and god bless you