When managing the HMC console, the activity that needs to be done from time to time is to update it. In the life cycle of the console, ifixes and servie packs are released for it. Updating is a simple, repeatable activity, performed according to the same pattern. So from the administrator’s point of view it is boring 😉 and so it is ideal for automation.
The HMC console update process can be divided into several steps:
- checking what patches are available,
- checking if the patch is applicable,
- performing a backup,
- execution of the update.
Automation of console updates can be done using Ansible, for which a collection of HMC has been prepared: https://ibm.github.io/ansible-power-hmc/
The provided modules allow you to perform all the steps needed for update. The collection includes the hmc_update_upgrade module that allows you to update. The update can be done with HMC local resources, nfs/sftp server or directly from IBM web resources.
Example task installing the ifix MF71714 for HMC v10r3m1061 from IBM website:
- name: ifix MF71714 for HMC V10R3M1061 from IBM website
hmc_update_upgrade:
hmc_host: '{{ inventory_hostname }}'
hmc_auth:
username: '{{ ansible_user }}'
password: '{{ hmc_password }}'
build_config:
location_type: ibmwebsite
ptf: MF71714
state: updatedWhen preparing the above task, you should specify ifix or service pack to be installed. This must be done regardless of whether you use local resources or an IBM server.
For this purpose, the available ifixes / Service Pack can be checked using fix central or use the ansible module:
- name: List all the available ifix / servicepack
hmc_host: '{{ inventory_hostname }}'
hmc_auth:
username: '{{ ansible_user }}'
password: '{{ hmc_password }}'
action: listptf
register: fix_infoThe task above gives information of type:
=> {
"msg": [
{
"key": "changed",
"value": false
},
{
"key": "build_info",
"value": [
{
"DESCRIPTION": "iFix for HMC V10R3M1061 for 7063 Machine Type",
"PREREQ": "none",
"PTF": "MF71714",
"RELEASE_DATE": "2025/2/14",
"TYPE": "ifix"
},
{
"DESCRIPTION": "Updates your HMC from V10R3.1050 to V10R3.1061",
"PREREQ": "none",
"PTF": "MF71710",
"RELEASE_DATE": "2024/12/12",
"TYPE": "sp"
},
{
"DESCRIPTION": "iFix for HMC V10R3M1060 for 7063 Machine Type",
"PREREQ": "none",
"PTF": "MF71704",
"RELEASE_DATE": "2024/9/6",
"TYPE": "ifix"
},
{
"DESCRIPTION": "iFix for HMC V10R3M1060 for 7063 Machine Type",
"PREREQ": "none",
"PTF": "MF71700",
"RELEASE_DATE": "2024/8/28",
"TYPE": "ifix"
},
{
"DESCRIPTION": "iFix for HMC V10R3M1060 for 7063 Machine Type",
"PREREQ": "none",
"PTF": "MF71698",
"RELEASE_DATE": "2024/7/19",
"TYPE": "ifix"
},
{
"DESCRIPTION": "Updates your HMC from V10R3.1050 to V10R3.1060",
"PREREQ": "none",
"PTF": "MF71690",
"RELEASE_DATE": "2024/6/14",
"TYPE": "sp"
},
{
"DESCRIPTION": "iFix for HMC V10R3M1051 for 7063 Machine Type",
"PREREQ": "none",
"PTF": "MF71688",
"RELEASE_DATE": "2024/5/24",
"TYPE": "ifix"
}
]
},
{
"key": "ansible_facts",
"value": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
}
},
{
"key": "failed",
"value": false
}
]
}The above results are for console v10r3m1051. As you can see, there is information about newer service packs that can be installed, as well as a list of available ifixes. However, for the ifixes, it reports all available ifixes, even for newer versions (m1061). This data should be properly filtered, for example, by selecting only the SPs or ifixes available for the version of the console that is installed.
Information about version of software installed on the HMC will be useful for filtering. To collect such information you can use the module hmc_update_upgrade for collecting facts about the console:
- name: List the HMC current build level
hmc_update_upgrade:
hmc_host: '{{ inventory_hostname }}'
hmc_auth: "{{ curr_hmc_auth }}"
state: factsexample result of an action:
=> {
"msg": {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"build_info": {
"BASEVERSION": "V10R3",
"FIXPACKS": [
"MF71553 - HMC V10R3 M1051",
],
"HMCBUILDLEVEL": "2401282247",
"RELEASE": "3",
"SERVICEPACK": "1051",
"VERSION": "10"
},
"changed": false,
"failed": false
}
}Knowing which SP (Service Pack) is installed, you can filter the available packages:
TASK [Available SP] ****************************************************************************************
=> {
"msg": [
{
"DESCRIPTION": "Updates your HMC from V10R3.1050 to V10R3.1061",
"PREREQ": "none",
"PTF": "MF71710",
"RELEASE_DATE": "2024/12/12",
"TYPE": "sp"
},
{
"DESCRIPTION": "Updates your HMC from V10R3.1050 to V10R3.1060",
"PREREQ": "none",
"PTF": "MF71690",
"RELEASE_DATE": "2024/6/14",
"TYPE": "sp"
},
]
}
TASK [Available IFIX] ***************************************************************************************
=> {
"msg": [
{
"DESCRIPTION": "iFix for HMC V10R3M1051 for 7063 Machine Type",
"PREREQ": "none",
"PTF": "MF71688",
"RELEASE_DATE": "2024/5/24",
"TYPE": "ifix"
}
]
}Information about the ifixes is returned, but without information about what they relate to, then you still have to check on fix central. And since installing ifixes without reading their description seems to be a bad idea, for the moment the task can be useful to automatically check and reporting whether something new has appeared for HMC. I can’t imagine installing a patch without checking what’s included and if there are any known issues or limitations that could affect on eviroiment.
From the above tasks, you can assemble a simple playbook that will do the HMC update to the selected SP / IFIX.
What else is worth doing before patching:
- As with any patching you should to take care of backups. Starting with HMC version v10r3m1061 HMC allows you to set up a backup calendar, something I’ve always missed. In the collection for HMC there is not yet a module that allows you to perform backups, but you can always use hmc_command:
- name: Execute a command on HMC
hmc_command:
hmc_host: "{{ inventory_hostname }}"
hmc_auth:
username: '{{ ansible_user }}'
password: '{{ hmc_password }}'
cmd: <cmd>- Another thing to check is whether the ifix is compatible with the HMC version. Once we know which fix to install, we can add an Ansible code to verify if the fix is already installed or ensure we’re not trying to install a fix for a newer SP.
- When automating an update, it is important to choose the right version of patches (for phisical or virtual appliance). Information about the hardware version is not in the facts, so you need to check it using system commands and the hmc_command module.