Centralize AIX LPAR and Server Management With NIM
How to set up a NIM server and install or recover a client from a mksysb of another system.
By Jaqui Lynch06/01/2009
In a previous article, “Simplifying With NIM,” I introduced the concepts of network install manager (NIM) and mentioned some ways it can cut costs while addressing OS image backups and installations. In this article, I’ll outline how to set up a NIM server and install or recover a client from a mksysb of another system.
NIM provides a central management point for installing and maintaining AIX* images for both LPARs and individual servers. It allows for the creation of a master image (also called a golden image), which is used to install cloned LPARs that have the same OS kernel and characteristics. Additionally, NIM can be used to install from installation software, from a golden image or from a previous mksysb image of the OS instance, and it can apply maintenance or bundles of products. It’s possible to quickly NIM install a single or multiple LPARs or servers at the same time. If you were using DVDs it could take up to eight hours to completely install an OS image and all of the add-on products. When installing multiple systems or LPARs, this is a time-consuming process, but once NIM is set up it takes 20 to 30 minutes to install an LPAR from a NIM image.
Setting up NIM
The NIM server can be an LPAR or a dedicated server. It can be in the shared-processor pool or have dedicated processors. I recommend the NIM server isn’t under the control of the virtual I/O server (VIOS). Since the mksysb images are being backed up to the NIM server and the NIM server is being used to install and restore images, it doesn’t make sense to have the VIOS provide resources for the NIM server, especially if the plan is to recover the VIOS using NIM. The following process should be used to set up NIM:
Ensure sufficient resources are provided to the NIM server. Additionally, the NIM server requires some memory and CPU, as well as a good network and some disk space. Normally 2 GB to 4 GB memory and half of a core with two virtual processors (VPs) is more than enough. The NIM server must always be at the highest AIX level (including technology levels and service packs) that you plan to support. An AIX V6.1 technology level (TL) 02, service pack (SP) 1 NIM server can support LPARs at that level or earlier versions, but it has to be at the highest level. So, an important part of any maintenance plan is to ensure the NIM server is always updated first. In terms of disk space, I normally set up the server with some disk in its own volume group called nimvg. In that volume group I create a journal file system (JFS2) called /nim and that’s where I create all of the NIM resources.
A NIM environment consists of a master (which is the NIM server itself) and many client instances (our LPARs or servers). The NIM master owns and provides the resources necessary for the clients to be serviced. These resources can consist of mksysbs, shared product object trees (SPOTs), licensed program product (lpp) sources, bundles of software or fixes and so on. See “NIM Resources” for a description of these resources. All NIM operations on clients will require one or more of these resources. The master stores information about NIM and its setup in its own NIM database–which needs to be backed up regularly–and it stores the resources in ordinary AIX file systems. These file systems are made available to NFS clients.
For NIM to properly function, the network must support NFS, bootp (or dhcp) and tftp. These services must be enabled such that the NIM master can communicate with all of the clients, even if there are routers or switches between them. If TCP wrappers are in use, then bootp and tftp must be unwrapped. At AIX V5.3, NIM no longer requires the use of rsh and other r commands; it’s now possible to switch to nimsh, which is more secure. nimsh is installed as part of the NIM client fileset.
- Set up the disk space. Let’s assume you have a 300 GB disk drive (hdisk3) for the NIM data. Create a volume group called nimvg that consists of that disk drive. Then create two file systems on it. The first file system, /nim, will contain all of the NIM data. Also set up a second file system called /backups, which you’ll use to have the clients back up to over NFS. Keep it outside of /nim, as you only move a mksysb into the NIM environment when you want to restore from it or to use it for an installation.
- Back up the server and install the master SPOT filesets. You’ll need to install from the base DVD or CD. The specific filesets are called:
Make sure to then install any updates to these filesets, so they’re at the same level as the OS. An lslpp should then show something similar to Code Sample 1:
- Set up the NIM master. There’s a simple script to run for setup. You’ll need to have the AIX install media handy when you run it, so it can use the media to create the lpp source. Below is how I normally run the script:
- nim_master_setup -B -a device=/dev/cd0 -a file_system=/nim -a volume_group=nimvg
The –B flag tells NIM not to create a mksysb image of the master, and the other flags tell NIM to create the /tftpboot file system where information about the clients will be put when they have actions taken on them. The script also creates the lpp source and SPOT, plus many other directories. These are all created in the /nim file system. The man command can be used to get more information about all of the functions this command performs, but the script is a quick and easy way to get the NIM master correctly configured.
- Ensure the NIM lpp source and SPOT are updated. Patches go onto the SPOT and new software can be added to the lpp source. To do this, put in the update CD or load the fixes into a directory on the server. To apply patches, the procedure is as follows:
- A. smitty nim.
B. Perform nim administration tasks.
C. Manage resources.
D. Perform operations on resources.
E. Select the resource (SPOT in this case) from the list provided.
F. Select “Update All.” Point the install source to the update CD or the directory where the updates are stored, and check all the other options to make sure they are correct.
G. Hit “Enter” to put the patches on the SPOT.
NIM can be used in many ways, from creating a server/LPAR from scratch or from another system’s mksysb, to restoring a server/LPAR from a mksysb. The following is an example of setting up a client system to restore it from a golden image mksysb.
Creating a Client Using NIM
In this case, you’ll create an LPAR called gandalf from a mksysb of another system. The mksysb, called aix61tl2sp2-golden.mksysb, resides in /nim/images. These steps are all taken on the NIM master.
- Define gandalf as a client machine:
A. smitty nim.
B. Perform administrative tasks.
C. Manage machines by defining gandalf as a machine and selecting 64 as kernel, nimsh as shell and N/A as network i/face.
- Set up the mksysb as a mksysb resource so it can be used for restores. It’s helpful if the mksysb image being used as a golden image doesn’t have NIM installed on it, and more importantly, that it wasn’t mirrored at the time the mksysb was taken.
A. smitty nim.
B. Perform nim administrative tasks.
C. Manage resources.
D. Define a resource.
E. Select mksysb resource and then fill in the following fields: name = aix61tl2sp2_mksysb
server = master
location = /nim/images/aix61tl2sp2-golden.mksysb
Configure the client. Make sure the client is configured with the appropriate mksysb, lpp and SPOT. Also set “Initiate now” to no, so you’ll perform the installation at the request of the client (called a pull), rather than pushing it out from the server.
A. smitty nim_bosinst.
B. Select Gandalf.
C. Install source = aixtl2sp2_mksysb.
D. Select mksysb and SPOT as resources. Also select the llp.
E. Select “Yes” to accept licenses.
F. Select “No” to initiate now.
At this point it’s important to check the setup is correct (see Code Sample 2). Based on Code Sample 2, you can see the NIM master is exporting many file systems to gandalf (the client) and the resources seem to be set up. It’s now time to go to the client and boot from the NIM master to restore from the mksysb.
Booting The Client From NIM
Boot the client server or LPAR into SMS mode and then perform the following steps. Assume the client IP is 10.01.1.5, the NIM master is 10.0.1.9 and the gateway is 10.0.1.1. Be aware some of the options may differ, so use this as a guideline:
Follow each of the steps below by selecting the response given.
A. Select 2 for setup remote IPL.
B. Select 1 for first ethernet.
C. Select 1 for IPV4.
D. Select 1 for bootp.
E. Select 1 for IP parameters. For each of the following four options, select them by number and then enter the correct IP address and subnets for your network.
1 - client: 10.0.1.5
2 - server: 10.0.1.9
3 - Gateway: 10.0.1.1
4 - Subnet: 255.255.255.0
F. Hit ESC.
G. Select 2 for adapter config.
Press 2 and ensure the spanning tree is disabled; this can speed things up.
Select 3 protocol and set it to standard.
Select ESC twice.
Select 3 to ping test, then select 1 to execute ping test.
If the ping test is successful, then return to main menu. Select 5, which will give you the boot options. Now you should:
A. Select 1 for boot device.
B. Select 6 for network.
C. Select 1 for bootp.
D. Select 1 for first ethernet.
E. Select 2 for normal mode boot.
F. Select 1 for yes I want to exit tftp should now start up.
G. After around 30,000 packets the console prompt should appear as follows:
Press F1 and enter for console.
Select 1 for English during install.
An error message may appear stating “all LVs are being created exactly as they were but the disks are not the same.” Unless there’s a reason not to, go ahead and:
A. Choose 1 to continue with install.
B. Select 2 to check install settings.
Make sure only one disk is selected. Also ensure it’s the correct one for rootvg:
A. Choose hdisk0.
B. Use maps for installations—I tend to choose no.
C. Check that importvgs defaults to n.
D. Press 0 to continue with choices.
The install should complete and the system will reboot as AIX V6.1 TL02 SP2, and will be configured the same way the golden image was configured. Additional functions such as importing volume groups, remirroring rootvg and so on can now be performed to further tailor the image.
NIM is a great way to ensure the capability is there to rapidly install and restore the OS for any LPAR or server. A NIM restore or install from a mksysb can take as little as 20 minutes, which is superior to a full install from DVD, which can take more than six hours. Setting up a NIM server is a time- and cost-effective way to provide a recovery strategy for the OS instances. There’s the additional benefit of having a method to push out maintenance and new releases in a consistent manner.
I take mksysbs on all my servers using NFS to automatically provision the mksysb images to the NIM master in /backups, and then I back up the NIM master to tape, DVD or whatever media I need to use to have those backups go to an off-site location for disaster recovery. This ensures you have the capability to recover your OS, something that may be forgotten. NIM is a fast, efficient and cost-effective way to ensure your OSs are protected.
Jaqui Lynch has over 38 years of experience working with a projects and OSes across vendor platforms, including IBM Z, UNIX systems and more.