Use > Server patching > Patch management for HP-UX > Patch Installation

Patch installation

Patch Management provides the following two phases in the patch installation process:

  • Phase 1—Download/Staging: This is when the patch is downloaded from HPE Server Automation to the managed server. This phase is commonly referred to as staging.
  • Phase 2—Installation/Deployment: This is when the patch is installed on a managed server. This phase is commonly referred to as deployment.

You can specify whether you want the installation to occur immediately after the patch is downloaded (staged) or you can schedule the installation to occur at a later date and time.

Installing an HP-UX patch

Before a patch can be installed on a managed server, it must be imported into SA and its status must be Available. Only system administrators who have the required permissions can install patches that are marked Limited.

You can perform the installation by explicitly selecting patches and servers.

To install a patch on a managed server:

  1. In the navigation pane, select Devices > Servers > All Managed Servers
  2. In the content pane, select an HP-UX server.
  3. From the Actions menu, select Install Patch. The first step of the Install Patch window, Servers and Server Groups, opens.
  4. Click Next to advance to the next step in the Install Patch wizard.
  5. From the list of patches, select the patch you want to install.
  6. After you complete a step, click Next to advance to the next step. Before you click Start Job, you can return to a completed step to make changes by clicking on it in the list of steps.

  7. When you are ready to launch the installation job, click Start Job.

    After you launch the job, you cannot change its parameters, even if the job is scheduled to run at a later time.

Setting HP-UX install options

You can specify the following types of patch installation options:

  • Perform the patch installation immediately after the patch is downloaded or at a later date and time.
  • Do not interrupt the patch installation process, even when an error occurs with one of the patches.
  • Use different command-line options to perform the installation.

To set these install options:

  1. In the Install Patch window, click Next to advance to the Options step.

  2. Select one of the following Staged Install Options:

    • Continuous: Enables you to run all phases as an uninterrupted operation.
    • Staged: Enables you to schedule the download and installation to run separately.

  3. Select the Error Options check box if you want the patch installation process to continue even when an error occurs with one of the patches. By default, this check box is not selected.

  4. In the Install Command text box, enter command-line arguments for the command that is displayed.

  5. Click Next to go to the next step or click Cancel to close the Install Patch window.

Setting reboot options

To minimize the downtime that server reboots can cause, you can control when servers will and will not be rebooted. You can adopt the vendor's reboot assignments, reboot a server each time a patch is installed on it, completely suppress all server reboots, or postpone reboots until all patches are installed.

When you are selecting reboot options in the Install Patch window, HPE recommends that you use the HP-UX reboot recommendations, which is the “Reboot servers as specified by patch properties” option. If you cannot use the HP-UX reboot setting, select the single reboot option, which is the “Do not reboot servers until all patches are installed” option.

The following options determine whether the servers are rebooted after the patch is installed. These options apply only to the job launched by the Install Patch window. They do not change the Reboot Required option, which is on the Install Parameters tab of the patch properties window. Except for the first option, the following options override the Reboot Required option.

  • Reboot servers as specified by patch properties

    By default, the decision to reboot depends on the Reboot Required option of the patch properties. The server is rebooted only once at the end. This is done to satisfy the patch dependency. In effect, the option works as the third option which is to not reboot servers until all patches are installed

  • Reboot servers after each patch install

    Even if the Reboot Required option of the patch properties is not set, reboot the server. If multiple patches are installed, the server will be rebooted only once after all patches are installed.

  • Do not reboot servers until all patches are installed

    If the Reboot Required option is set for some selected patches but not for others, the server is rebooted one time after all patches are installed. If the Reboot Required option is not set for any of the selected patches, the server is not rebooted.

  • Suppress all server reboots

    Even if the Reboot Required option of the patch properties is set, do not reboot the server. (Because of vendor settings, some patches ignore the suppress option and force a reboot.)

To set reboot options:

  1. In the Install Patch window, click Next to advance to the Pre & Post Actions step.
  2. Select one of the Rebooting Options.
  3. Click Next to go to the next step or click Cancel to close the Install Patch window.

Specifying Install Scripts for a HP-UX patch installation

For each patch, you can specify a command or script to run before installation or after installation. A pre-install script, for example, could check a certain condition on the managed server. If the condition is not met or if the pre-install script fails, the patch would not be installed. A pre-install script could also be used to shut down a service or application before it is patched. A post-install script could be used to perform a certain cleanup process on the managed server.

You can also specify the following types of scripts to run on the managed server before or after an installation phase:

  • Pre-Install: A script that runs before patches are installed on the managed server.
  • Post-Install: A script that runs after patches are installed on the managed server.

To specify a pre-install or post-install script:

  1. From the Install Patch window, click Next to advance to the Pre & Post Actions step.
  2. Select the Pre-Install tab. You may specify different scripts and options on each of the tabs.
  3. Select Enable Script. This option enables the remainder of the fields on the tab. If Enable Script is not selected, the script will not run.
  4. Select either Saved Script or Ad-Hoc Script. To specify the script, click Select. An Ad-Hoc script runs only for this operation and is not saved in Server Automation.
  5. If the script requires command-line flags, enter the flags in the Command text box.
  6. Specify the information in the User section. If you choose a system other than Local System, enter the user Name and Password. The script will be run by this user on the managed server.
  7. To stop the installation if the script returns an error, select the Error check box.
  8. Click Next to go to the next step or click Cancel to close the Install Patch window.

Scheduling a Patch Installation for Remediation

You can schedule when you want patches installed and when you want patches downloaded.

To schedule a patch installation:

  1. In the Remediate window, select the Scheduling step.

    By default, the Scheduling step displays only the scheduling options for the installation phase. If you selected Staged in the Remediate Options step, the scheduling options for the download phase will also be displayed.
  2. Select one of the following Scheduling options:
    • Schedule Analysis: This enables you to specify a date and time that you want the analysis to run.
    • Schedule Download: This enables you to specify a date and time that you want the download or installation performed.
    • Schedule Remediate: This enables you to specify a data and time that you want the remediate process to run.
  3. Click Next to go to the next step or click Cancel to close the Remediate window.

Setting up email notifications

You can set up email notifications to alert users when the download and installation operations complete successfully or with errors.

To set up email notifications:

  1. In the Install Patch window, click Next to advance to the Notifications step.
  2. To set the notification status on the success of a Job, select the icon. To set the notification status on the failure of a Job, select the icon. By default, the Notification step displays only the notification status for the installation phase.
  3. Enter a Ticket ID to be associated with a Job in the Ticket ID field.
  4. Click Next to go to the next step or click Cancel to close the Install Patch window.

If you previously selected Staged in the Install Options step, the Notifications pane displays notification options for both the download and installation phase.

Previewing a patch installation

The installation preview process provides an up-to-date report about the patch state of servers. The installation preview is an optional step that lets you see what patches will be installed on managed servers and what type of server reboots are required. This preview process verifies whether the servers you selected for the patch installation already have that patch installed. In some cases, a server could already have the patch installed if a system administrator had manually installed it, which means that SA does not know about it.

The preview process also reports on dependency information, such as patches that require certain Unix products, and patches that obsolete other patches or are obsoleted by other patches. If a dependency is not met, SA will display an error message indicating this condition.

The installation preview does not report on the behavior of the server as though the patches have been applied.

To preview a patch installation:

  1. From the Install Patch window, click Next to advance to the Summary Review step.
  2. Verify the information displayed for the Servers, Server Groups, and Patches at the top of the window.
  3. (Optional) Click Preview to see the separate actions that will be performed when the patch is installed. To view the details of a previewed action, select a row in the table.
  4. Click Start Jobto launch the installation job or click Cancel to close the Install Patch window without launching the installation.

If you selected Run Task Immediately in the Scheduling step, the job begins now. If you selected Run Task At, the job will be launched at the specified time and date.

Viewing job progress

You can review progress information about a patch installation (job), such as whether actions completed or failed.

To display job progress information:

  1. From the Install Patch window, click Next to advance to the Job Progress step. This starts the installation job.

    The Progress bar and text indicate how many of the actions listed in the table were completed. For each server, the following actions can be performed:

    • Analyze: SA examines the patches needed for the installation, checks the managed servers for the most recent patches installed, and determines other actions it must perform.
    • Download: The patch is downloaded from SA to the managed server.
    • Install: After being downloaded, the patch is installed.
    • FinalReboot: If this action is specified in the Pre & Post Actions step, the server is rebooted.
    • Pre/Post Install/Download Script: If this action is specified in the Pre & Post Actions step, a script is run before or after the uninstallation.
    • Install & Reboot: When a patch will be installed is also when the server will be rebooted.
    • Verify: Installed patches will be included in the software registration.
  1. To view additional details about a specific action, select the row in the table to display the start and completion times of the job. In the navigation pane, select Jobs and Sessions to review detailed information about the job.
  2. Click End Job to prevent the job from running or click Close to close the Install Patch window.

Send Help Center feedback