AIX > Trends > AIX

Installing and Upgrading to AIX 6.1

This article provides an update that covers what’s different about installing AIX 6.1 from scratch and what’s involved in upgrading from AIX v5.3 to AIX v6.1

In my article “Systems Management From Scratch,” in the December 2007 issue of this magazine, I went through the steps to install an AIX* 5.3 LPAR from scratch. This article provides an update that covers what’s different about installing AIX 6.1 from scratch and also covers what’s involved in upgrading from AIX v5.3 to AIX v6.1. This is a fairly basic primer and should be tweaked to accommodate your company’s standards.

 

This article assumes that the Hardware Management Console (HMC) is already set up if an HMC is in use, or that the hardware is set up with a dedicated monitor if this is a standalone system. It also assumes that we’re installing AIX 6.1, since the command syntax listed is for 6.1.

Installing AIX 6.1 From Scratch

Follow the steps from the aforementioned article on installing AIX 5.3 until you have created the syslog.conf file and have set up logging. You’ll probably need to make /usr and /opt a little bigger for 6.1 than it is for 5.3. This is where the install starts to be a little different.

The steps left to follow now include setting tunables, cleaning out files and general cleanup activities as well as installing any additional software.

The first step is to create the tunables file. This differs in AIX 6.1 because some of the tunables are now restricted tunables and can only be set using the –F flag. Additionally, they require a console response before they’re accepted:

vi /etc/tunables/rc.tune

Contents are:

/usr/sbin/no -p -o rfc1323=1
/usr/sbin/no -p -o sb_max=1310720
/usr/sbin/no -p -o tcp_sendspace=262144
/usr/sbin/no -p -o tcp_recvspace=262144
/usr/sbin/no -p -o udp_sendspace=65536
/usr/sbin/no -p -o udp_recvspace=655360
/usr/sbin/nfso -p -o nfs_rfc1323=1

Note we no longer set minperm and so forth as they’re now restricted and are set to the following defaults:

minperm = 3%
maxperm and maxclient = 90%
lru_file_repage = 0

chmod u+x /etc/tunables/rc.tune

Run it:

- /etc/tunables/rc.tune

You’ll need to manually set the following as they’re now restricted:

ioo -p -F -o j2_nBufferPerPagerDevice=1024
ioo -p -F -o numfsbufs=2048
ioo -p -F -o pv_min_pbuf=1024

Check /etc/tunables/nextboot to ensure they were added.

You can now follow the instructions to cleanup files (inetd.conf, etc), change the motd and banners, etc. This includes setting up Network Time Protocol (NTP) and adding rc.local.

Add third-party software such as gcc, nmon, sudo, lsof, TCP wrappers, OpenSSL and OpenSSH. These all go into /usr/local. In 6.1 some of these don’t compile so you’ll need to use the Linux* toolkit CD that came with your install set. The first thing to install is nmon; I use nmon12 on my regular LPARs and nmon11e on my virtual I/O servers. This is an easy install as you basically download the code and unzip it into /usr/local/bin. Make sure /usr/local/bin is in the default path and everyone who needs it will have access.

I installed the following from the Linux toolkit: Bison-1.875; bzip2-1.0.2; Flex 2.5.4a; Freetype-1.3.1; gcc-4.0.0 and gcc-4.0.0C++; gettext-0.10.40; Less-382; libgcc-4.0.0; libpcap 0.8.3; libstdC++; libstdC++-devel; sudo 1.6.7p5; and zlib 1.2.3.

If you’re not using the IBM* C compiler (cc), then once Gnu Compiler Collection (gcc) is installed you can set up a soft link to gcc so that the cc command will work:

cd /usr/local/bin
ln  s gcc cc

This yields a fully functioning gcc compiler and the libraries necessary to perform compiles. It also provides the sudo utility so that you can force users to log in as themselves and get enhanced access. The less command is similar to the more command except it lets you page forward and backward.

To take advantage of the new security features and Java* 6, many filesets need to be installed from the expansion pack. I normally install the following: Java 6; bos.crypto.*; clic.* (which is required for new Encrypting File System, or EFS); des; lsof 4.7; modcrypt; OpenSSH; OpenSSL; rsct.crypt*; and sysmgt.websm.security-us.

If you want TCP wrappers you can install the netsec.options—I prefer to install TCP wrappers manually so I have all of the flags I want. At this point you should apply any service packs so that the install is current.

You can now install TCP wrappers by downloading the file from ftp://ftp.porcupine.org/pub/security/tcp_wrappers_7.6-ipv6.4.tar.gz. After unzipping it you vi the Makefile and set the following:

 

AIX 6.1 contains many improvements and seems to be a very clean and tidy install.

Tweet