mirror of
https://github.com/xcat2/xcat-core.git
synced 2025-10-24 16:05:41 +00:00
576 lines
18 KiB
Plaintext
576 lines
18 KiB
Plaintext
=head1 NAME
|
|
|
|
B<updatenode> - Update nodes in an xCAT cluster environment.
|
|
|
|
=head1 SYNOPSIS
|
|
|
|
B<updatenode> B<noderange> [B<-V>|B<--verbose>] [B<-F>|B<--sync>] [B<-f>|B<--snsync>] [B<-S>|B<--sw>] [B<-l> I<userID>] [B<-P>|B<--scripts> [B<script1,script2...>]] [B<-s>|B<--sn>] [B<-A>|B<--updateallsw>] [B<-c>|B<--cmdlineonly>] [B<-d alt_source_dir>] [B<--fanout>] [B<-t timeout>} [B<attr=val> [B<attr=val...>]]
|
|
|
|
B<updatenode> B<noderange> [B<-k>|B<--security>] [B<-t timeout>]
|
|
|
|
B<updatenode> B<noderange> [B<-g>|B<--genmypost>]
|
|
|
|
B<updatenode> B<noderange> [B<-V>|B<--verbose>] [B<-t timeout>] [B<script1,script2...>]
|
|
|
|
B<updatenode> B<noderange> [B<-V>|B<--verbose>] [B<-f>|B<--snsync>]
|
|
|
|
B<updatenode> [B<-h>|B<--help>] [B<-v>|B<--version>]
|
|
|
|
=head1 DESCRIPTION
|
|
|
|
The updatenode command is run on the xCAT management node and can be used
|
|
to perform the following node updates:
|
|
|
|
=over 3
|
|
|
|
=item 1
|
|
|
|
Distribute and synchronize files.
|
|
|
|
=item 2
|
|
|
|
Install or update software on diskfull nodes.
|
|
|
|
=item 3
|
|
|
|
Run postscripts.
|
|
|
|
=item 4
|
|
|
|
Update the ssh keys and host keys for the service nodes and compute nodes;
|
|
Update the ca and credentials for the service nodes.
|
|
|
|
=back
|
|
|
|
The default behavior when no options are input to updatenode will be to run
|
|
the following options "-S", "-P" and "-F" options in this order.
|
|
If you wish to limit updatenode to specific
|
|
actions you can use combinations of the "-S", "-P", and "-F" flags.
|
|
|
|
For example, If you just want to synchronize configuration file you could
|
|
specify the "-F" flag. If you want to synchronize files and update
|
|
software you would specify the "-F" and "-S" flags. See the descriptions
|
|
of these flags and examples below.
|
|
|
|
The flag "-k" (--security) can NOT be used together with "-S", "-P", and "-F"
|
|
flags.
|
|
|
|
The flag "-f" (--snsync) can NOT be used together with "-S", "-P", and "-F"
|
|
flags.
|
|
|
|
|
|
Note: In a large cluster environment the updating of nodes in an ad hoc
|
|
manner can quickly get out of hand, leaving the system administrator with
|
|
a very confusing environment to deal with. The updatenode command is
|
|
designed to encourage users to handle cluster updates in a manner that
|
|
is recorded and easily repeatable.
|
|
|
|
=head2 To distribute and synchronize files
|
|
|
|
The basic process for distributing and synchronizing nodes is:
|
|
|
|
=over 3
|
|
|
|
=item *
|
|
|
|
Create a synclist file.
|
|
|
|
=item *
|
|
|
|
Indicate the location of the synclist file.
|
|
|
|
=item *
|
|
|
|
Run the updatenode command to update the nodes.
|
|
|
|
=back
|
|
|
|
Files may be distributed and synchronized for both diskless and
|
|
diskfull nodes. Syncing files to NFS-based statelite nodes is not supported.
|
|
|
|
More information on using the synchronization file function is in
|
|
https://sourceforge.net/apps/mediawiki/xcat/index.php?title=Using_Updatenode.
|
|
|
|
=head3 Create the synclist file
|
|
|
|
The synclist file contains the configuration entries that specify
|
|
where the files should be synced to. In the synclist file, each
|
|
line is an entry which describes the location of the source files
|
|
and the destination location for the files on the target node.
|
|
|
|
For more information on creating your synclist files and where to put them, read:
|
|
|
|
http://sourceforge.net/apps/mediawiki/xcat/index.php?title=Sync-ing_Config_Files_to_Nodes
|
|
|
|
|
|
=head3 Run updatenode to synchronize the files
|
|
|
|
updatenode <noderange> -F
|
|
|
|
|
|
=head2 To install or update software
|
|
|
|
updatenode can be use to install or update software on the nodes. See the following documentation for setting up otherpkgs:
|
|
https://sourceforge.net/apps/mediawiki/xcat/index.php?title=Install_Additional_Packages
|
|
|
|
To install/update the packages, run:
|
|
|
|
updatenode <noderange> -S
|
|
|
|
B<For Linux systems:>
|
|
|
|
It this is equivalent to running the
|
|
following command:
|
|
|
|
updatenode noderange -P ospkgs,otherpkgs
|
|
|
|
It will update all the rpms specified in the .pkglist file and .otherpkgs.pkglist
|
|
file. ospkgs postscript will normally remove all the existing rpm
|
|
repositories before adding server:/install/<os>/<arch/ as the new repository.
|
|
To preserve the existing repositories, you can run the following command instead:
|
|
|
|
updatenode noderange -P "ospkgs --keeprepo,otherpkgs"
|
|
|
|
B<For AIX systems:>
|
|
|
|
Note: The updatenode command is used to update AIX diskfull nodes only. For updating diskless AIX nodes refer to the xCAT for AIX update documentation and use the xCAT mknimimage command.
|
|
For information on updating software on AIX cluster:
|
|
For diskful installs, read:
|
|
https://sourceforge.net/apps/mediawiki/xcat/index.php?title=XCAT_AIX_RTE_Diskfull_Nodes
|
|
For diskless installs, read:
|
|
https://sourceforge.net/apps/mediawiki/xcat/index.php?title=XCAT_AIX_Diskless_Nodes
|
|
|
|
|
|
=head2 To run postscripts
|
|
|
|
The scripts must be copied to the /install/postscripts
|
|
directory on the xCAT management node. (Make sure they are
|
|
executable and world readable.)
|
|
|
|
To run scripts on a node you must either specify them on the
|
|
command line or you must add them to the "postscripts" attribute
|
|
for the node.
|
|
|
|
To set the postscripts attribute of the node (or group)
|
|
definition you can use the xCAT chdef command. Set the value to
|
|
be a comma separated list of the scripts that you want to be
|
|
executed on the nodes. The order of the scripts in the list
|
|
determines the order in which they will be run. You can use the
|
|
lsdef command to check the postscript order.
|
|
|
|
Scripts can be run on both diskless and diskfull nodes.
|
|
|
|
To run all the customization scripts that have been designated
|
|
for the nodes, (in the "postscripts and postbootscripts" attributes), type:
|
|
|
|
updatenode <noderange> -P
|
|
|
|
To run the "syslog" script for the nodes, type:
|
|
|
|
updatenode <noderange> -P syslog
|
|
|
|
To run a list of scripts, type:
|
|
|
|
updatenode <noderange> -P "script1 p1 p2,script2"
|
|
|
|
where p1 p2 are the parameters for script1.
|
|
|
|
The flag '-P' can be omitted when only scripts names are
|
|
specified.
|
|
|
|
Note: script1,script2 may or may not be designated as scripts to
|
|
automatically run on the node. However, if you want script1 and
|
|
script2 to get invoked next time the nodes are deployed then make sure
|
|
to add them to the "postscripts/postbootscripts" attribute in the database for the nodes.
|
|
|
|
=head2 Update security
|
|
|
|
The basic functions of update security for nodes:
|
|
|
|
=over 3
|
|
|
|
=item *
|
|
|
|
Setup the ssh keys for the target nodes. It enables the management
|
|
node and service nodes to ssh to the target nodes without password.
|
|
|
|
=item *
|
|
|
|
Redeliver the host keys to the target nodes.
|
|
|
|
=item *
|
|
|
|
Redeliver the ca and certificates files to the service node.
|
|
These files are used to authenticate the ssl connection between
|
|
xcatd's of management node and service node.
|
|
|
|
=item *
|
|
|
|
Remove the entries of target nodes from known_hosts file.
|
|
|
|
=back
|
|
|
|
I<Set up the SSH keys>
|
|
|
|
A password for the user who is running this command is needed to setup
|
|
the ssh keys. This user must have the same uid and gid as
|
|
the userid on the target node where the keys will be setup.
|
|
|
|
If the current user is root, roots public ssh keys will be put in the
|
|
authorized_keys* files under roots .ssh directory on the node(s).
|
|
If the current user is non-root, the user must be in the policy table
|
|
and have credential to run the xdsh command.
|
|
The non-root users public ssh keys and root's public ssh keys will be put in
|
|
the authorized_keys* files under the non-root users .ssh directory on the node(s
|
|
).
|
|
|
|
I<Handle the hierarchical scenario>
|
|
|
|
When update security files for the node which is served by a service node,
|
|
the service node will be updated automatically first, and then the target
|
|
node.
|
|
|
|
The certificates files are needed for a service node to authenticate
|
|
the ssl connections between the xCAT client and xcatd on the service node,
|
|
and the xcatd's between service node and management node. The files in the
|
|
directories /etc/xcat/cert/ and ~/.xcat/ will be updated.
|
|
|
|
Since the certificates have the validity time, the ntp service is recommended
|
|
to be set up between management node and service node.
|
|
|
|
Simply running following command to update the security keys:
|
|
B<updatenode> I<noderange> -k
|
|
|
|
|
|
=head1 PARAMETERS
|
|
|
|
=over 10
|
|
|
|
=item B<noderange>
|
|
|
|
A set of comma delimited xCAT node names
|
|
and/or group names. See the xCAT "noderange"
|
|
man page for details on additional supported
|
|
formats.
|
|
|
|
=item B<script1,script2...>
|
|
|
|
A comma-separated list of script names.
|
|
The scripts must be executable and copied
|
|
to the /install/postscripts directory.
|
|
Each script can take zero or more parameters.
|
|
If parameters are spcified, the whole list needs to be quoted by double quotes.
|
|
For example:
|
|
|
|
B<"script1 p1 p2,script2">
|
|
|
|
=item [B<attr=val> [B<attr=val...>]]
|
|
|
|
Specifies one or more "attribute equals value" pairs, separated by spaces.
|
|
Attr=val pairs must be specified last on the command line. The currently
|
|
supported attributes are: "installp_bundle", "otherpkgs", "installp_flags",
|
|
"emgr_flags" and "rpm_flags". These attribute are only valid for AIX software
|
|
maintenance support.
|
|
|
|
=back
|
|
|
|
=head1 OPTIONS
|
|
|
|
=over 10
|
|
|
|
=item B<--fanout>=I<fanout_value>
|
|
|
|
Specifies a fanout value for the maximum number of concur-
|
|
rently executing remote shell processes. Serial execution
|
|
can be specified by indicating a fanout value of B<1>. If B<--fanout>
|
|
is not specified, a default fanout value of B<64> is used.
|
|
|
|
=item B<-A|--updateallsw>
|
|
|
|
Install or update all software contained in the source directory. (AIX only)
|
|
|
|
=item B<-c|cmdlineonly>
|
|
|
|
Specifies that the updatenode command should only use software maintenance
|
|
information provided on the command line. This flag is only valid when
|
|
using AIX software maintenance support.
|
|
|
|
=item B<-d alt_source_dir>
|
|
|
|
Used to specify a source directory other than the standard lpp_source directory specified in the xCAT osimage definition. (AIX only)
|
|
|
|
=item B<-F|--sync>
|
|
|
|
Specifies that file synchronization should be
|
|
performed on the nodes. rsync and ssh must
|
|
be installed and configured on the nodes.
|
|
The function is not supported for NFS-based statelite installations.
|
|
For NFS-based statelite installations to sync files, you should use the
|
|
read-only option for files/directories listed in
|
|
litefile table with source location specified in the litetree table.
|
|
|
|
|
|
=item B<-f|--snsync>
|
|
|
|
Specifies that file synchronization should be
|
|
performed to the service nodes that service the
|
|
nodes in the noderange. This updates the service
|
|
nodes with the data to sync to the nodes. rsync and ssh must
|
|
be installed and configured on the service nodes.
|
|
For hierarchy, this optionally can be done before syncing the files
|
|
to the nodes with the -F flag. If the -f flag is not used, then
|
|
the -F flag will sync the servicenodes before the nodes automatically.
|
|
When installing nodes in a hierarchical cluster, this flag should be
|
|
used to sync the service nodes before the install, since the files will
|
|
be sync'd from the service node by the syncfiles postscript during the
|
|
install.
|
|
The function is not supported for NFS-based statelite installations.
|
|
For statelite installations to sync files, you should use the
|
|
read-only option for files/directories listed in
|
|
litefile table with source location specified in the litetree table.
|
|
|
|
=item B<-g|--genmypost>
|
|
|
|
Will generate a new mypostscript file for the
|
|
nodes in the noderange, if site precreatemypostscripts is 1 or YES.
|
|
|
|
|
|
=item B<-h|--help>
|
|
|
|
Display usage message.
|
|
|
|
=item B<-k|--security>
|
|
|
|
Update the ssh keys and host keys for the service nodes and compute nodes;
|
|
Update the ca and credentials to the service nodes. Never run this command to the Management Node, it will take down xcatd.
|
|
|
|
=item B<-l>|B<--user> I<user_ID>
|
|
|
|
Specifies a non-root user name to use for remote command execution. This option is only available when running postscripts (-P) for
|
|
AIX and Linux and updating software (-S) for Linux only.
|
|
The non-root userid must be previously defined as an xCAT user.
|
|
The userid sudo setup will have to be done by the admin on the node.
|
|
This is not supported in a hiearchical cluster, that is the node is serviced by a service node.
|
|
See the document Granting_Users_xCAT_privileges for required xcat/sudo setup.
|
|
|
|
|
|
=item B<-P|--scripts>
|
|
|
|
Specifies that postscripts and postbootscripts should be run on the nodes.
|
|
updatenode -P syncfiles is not supported. The syncfiles postscript can only
|
|
be run during install. You should use updatenode <noderange> -F instead.
|
|
|
|
=item B<-S|--sw>
|
|
|
|
Specifies that node software should be updated.
|
|
|
|
=item B<-s|--sn>
|
|
|
|
Set the server information stored on the nodes in /opt/xcat/xcatinfo on Linux.
|
|
|
|
=item B<-t timeout>
|
|
|
|
Specifies a timeout in seconds the command will wait for the remote targets to complete. If timeout is not specified
|
|
it will wait indefinitely. updatenode -k is the exception that has a timeout of 10 seconds, unless overridden by this flag.
|
|
|
|
=item B<-v|--version>
|
|
|
|
Command Version.
|
|
|
|
=item B<-V|--verbose>
|
|
|
|
Verbose mode.
|
|
|
|
=back
|
|
|
|
=head1 RETURN VALUE
|
|
|
|
0 The command completed successfully.
|
|
|
|
1 An error has occurred.
|
|
|
|
|
|
=head1 EXAMPLES
|
|
|
|
=over 3
|
|
|
|
=item 1
|
|
|
|
To perform all updatenode features for the Linux nodes in the group
|
|
"compute":
|
|
|
|
B<updatenode compute>
|
|
|
|
The command will: run any scripts listed in the nodes "postscripts and postbootscripts"
|
|
attribute, install or update any software indicated in the
|
|
/install/custom/install/<ostype>/profile.otherpkgs.pkglist (refer to the
|
|
B<To install or update software part>), synchronize any files indicated by
|
|
the synclist files specified in the osimage "synclists" attribute.
|
|
|
|
=item 2
|
|
|
|
To run postscripts,postbootscripts and file synchronization only on the node
|
|
"clstrn01":
|
|
|
|
B<updatenode clstrn01 -F -P>
|
|
|
|
=item 3
|
|
|
|
Running updatenode -P with the syncfiles postscript is not supported. You should use updatenode -F instead.
|
|
|
|
Do not run:
|
|
|
|
B<updatenode clstrno1 -P syncfiles>
|
|
|
|
Run:
|
|
|
|
B<updatenode clstrn01 -F>
|
|
|
|
=item 4
|
|
|
|
To run the postscripts and postbootscripts indicated in the postscripts and postbootscripts attributes on
|
|
the node "clstrn01":
|
|
|
|
B<updatenode clstrn01 -P>
|
|
|
|
=item 5
|
|
|
|
To run the postscripts script1 and script2 on the node "clstrn01":
|
|
|
|
B<cp script1,script2 /install/postscripts>
|
|
|
|
B<updatenode clstrn01 -P "script1 p1 p2,script2">
|
|
|
|
Since flag '-P' can be omitted when only script names are specified,
|
|
the following command is equivalent:
|
|
|
|
B<updatenode clstrn01 "script1 p1 p2,script2">
|
|
|
|
p1 p2 are parameters for script1.
|
|
|
|
|
|
=item 6
|
|
|
|
To synchronize the files on the node "clstrn01": Prepare the synclist file.
|
|
For AIX, set the full path of synclist in the osimage table synclists
|
|
attribute. For Linux, put the synclist file into the location:
|
|
/install/custom/<inst_type>/<distro>/<profile>.<os>.<arch>.synclist
|
|
Then:
|
|
|
|
B<updatenode clstrn01 -F>
|
|
|
|
=item 7
|
|
|
|
To perform the software update on the Linux node "clstrn01": Copy the extra
|
|
rpm into the /install/post/otherpkgs/<os>/<arch>/* and add the rpm names into
|
|
the /install/custom/install/<ostype>/profile.otherpkgs.pkglist . Then:
|
|
|
|
B<updatenode clstrn01 -S>
|
|
|
|
=item 8
|
|
|
|
To update the AIX node named "xcatn11" using the "installp_bundle" and/or
|
|
"otherpkgs" attribute values stored in the xCAT database. Use the default installp, rpm and emgr flags.
|
|
|
|
B<updatenode xcatn11 -V -S>
|
|
|
|
Note: The xCAT "xcatn11" node definition points to an xCAT osimage definition
|
|
which contains the "installp_bundle" and "otherpkgs" attributes as well as
|
|
the name of the NIM lpp_source resource.
|
|
|
|
=item 9
|
|
|
|
To update the AIX node "xcatn11" by installing the "bos.cpr" fileset using
|
|
the "-agQXY" installp flags. Also display the output of the installp command.
|
|
|
|
B<updatenode xcatn11 -V -S otherpkgs="I:bos.cpr" installp_flags="-agQXY">
|
|
|
|
Note: The 'I:' prefix is optional but recommended for installp packages.
|
|
|
|
=item 10
|
|
|
|
To uninstall the "bos.cpr" fileset that was installed in the previous example.
|
|
|
|
B<updatenode xcatn11 -V -S otherpkgs="I:bos.cpr" installp_flags="-u">
|
|
|
|
=item 11
|
|
|
|
To update the AIX nodes "xcatn11" and "xcatn12" with the "gpfs.base" fileset
|
|
and the "rsync" rpm using the installp flags "-agQXY" and the rpm flags "-i --nodeps".
|
|
|
|
B<updatenode xcatn11,xcatn12 -V -S otherpkgs="I:gpfs.base,R:rsync-2.6.2-1.aix5.1.ppc.rpm" installp_flags="-agQXY" rpm_flags="-i --nodeps">
|
|
|
|
Note: Using the "-V" flag with multiple nodes may result in a large amount of output.
|
|
|
|
=item 12
|
|
|
|
To uninstall the rsync rpm that was installed in the previous example.
|
|
|
|
B<updatenode xcatn11 -V -S otherpkgs="R:rsync-2.6.2-1" rpm_flags="-e">
|
|
|
|
=item 13
|
|
|
|
Update the AIX node "node01" using the software specified in the NIM "sslbnd" and "sshbnd" installp_bundle resources and the "-agQXY" installp flags.
|
|
|
|
B<updatenode node01 -V -S installp_bundle="sslbnd,sshbnd" installp_flags="-agQXY">
|
|
|
|
=item 14
|
|
|
|
To get a preview of what would happen if you tried to install the "rsct.base" fileset on AIX node "node42". (You must use the "-V" option to get the full output from the installp command.)
|
|
|
|
B<updatenode node42 -V -S otherpkgs="I:rsct.base" installp_flags="-apXY">
|
|
|
|
=item 15
|
|
|
|
To check what rpm packages are installed on the AIX node "node09". (You must use the "-c" flag so updatenode does not get a list of packages from the database.)
|
|
|
|
B<updatenode node09 -V -c -S rpm_flags="-qa">
|
|
|
|
=item 16
|
|
|
|
To install all software updates contained in the /images directory.
|
|
|
|
B<updatenode node27 -V -S -A -d /images>
|
|
|
|
Note: Make sure the directory is exportable and that the permissions are set
|
|
correctly for all the files. (Including the .toc file in the case of
|
|
installp filesets.)
|
|
|
|
=item 17
|
|
|
|
Install the interim fix package located in the /efixes directory.
|
|
|
|
B<updatenode node29 -V -S -d /efixes otherpkgs=E:IZ38930TL0.120304.epkg.Z>
|
|
|
|
=item 18
|
|
|
|
To uninstall the interim fix that was installed in the previous example.
|
|
|
|
B<updatenode xcatsn11 -V -S -c emgr_flags="-r -L IZ38930TL0">
|
|
|
|
=item 19
|
|
|
|
To update the security keys for the node "node01"
|
|
|
|
B<updatenode node01 -k>
|
|
|
|
=item 20
|
|
|
|
To update the service nodes with the files to be synchronized to node group compute:
|
|
|
|
B<updatenode compute -f>
|
|
|
|
=item 21
|
|
|
|
To run updatenode with the non-root userid "user1" that has been setup as an xCAT userid with sudo on node1 to run as root, do the following:
|
|
See Granting_Users_xCAT_privileges for required sudo setup.
|
|
|
|
B<updatenode node1 -l user1 -P syslog>
|
|
|
|
|
|
=back
|
|
|
|
=head1 FILES
|
|
|
|
/opt/xcat/bin/updatenode
|