When dealing with a bunch of servers one of the many things you are expected to do frequently is to update your systems firmware. In this blog post I’ll describe how I implemented this process for HP ProLiant DL servers.
Since this basically is a systems provisioning issue I prefer that this process to be integrated with my current PXE based deployment infrastructure which is based on Cobbler. Luckily HP does provide a Service Pack for Proliant (SPP) as a bootable ISO which does an unattended firmware update for all supported components (iLO, BIOS, disks, NIC’s, HBA’s, etc), it actually works pretty well.
Getting the required files
You need to download the latest SPP version available, for now that’s 864794_001_spp-2016.04.0-SPP2016040.2016_0317.20.iso
.
[root@mainframe iso]# mount -o loop ./864794_001_spp-2016.04.0-SPP2016040.2016_0317.20.iso /mnt
mount: /dev/loop0 is write-protected, mounting read-only
After examining the contents of the ISO the required files are found in:
[root@mainframe /]# cd /mnt/pxe
[root@mainframe pxe]# cd spp2016040/
[root@mainframe spp2016040]# ll
total 20561
-rw-rw-rw-. 1 root root 16151162 Mar 17 20:16 initrd.img
-rw-rw-rw-. 1 root root 1783 Mar 17 20:16 spp2016040.menu
-rw-r--r--. 1 root root 4900496 Mar 17 20:16 vmlinuz
[root@mainframe spp2016040]#
So we found a PXE bootable kernel and initrd, now we can add a distro to Cobbler! Before we start copying files we need to create a directory for this new distro first.
[root@mainframe spp2016040]# mkdir /var/www/cobbler/ks_mirror/spp2016040
[root@mainframe spp2016040]# cp * /var/www/cobbler/ks_mirror/spp2016040/
Besides a kernel and initrd the firmware update procedure requires access to the files included in the ISO, but how should these files be accessible? After examining /mnt/pxe/README.txt
and /mnt/pxe/spp2016040/spp2016040.menu
you’re probably depresessed that it seems that only NFS and CIFS are supported, I certainly was. Before going back on Prozac I wanted to make sure there wasn’t another, perhaps undocumented, way of doing this. Let’s examine the initrd to see what’s going on in there..
[root@mainframe spp2016040]# mkdir ~/t
[root@mainframe spp2016040]# cp -f * ~/t
[root@mainframe spp2016040]# cd ~/t
[root@mainframe t]# file initrd.img
initrd.img: LZMA compressed data, streamed
[root@mainframe t]# cat initrd.img | xz -d | cpio -id
134408 blocks
[root@mainframe t]# ll
total 20592
drwxrwxrwx. 2 root root 4096 Jun 6 07:55 bin
drwxrwxrwx. 4 root root 4096 Jun 6 07:55 etc
-rwxr-xr-x. 1 root root 8808 Jun 6 07:55 init
-rw-r--r--. 1 root root 16151162 Jun 6 07:15 initrd.img
drwxrwxrwx. 4 root root 35 Jun 6 07:55 lib
drwxrwxrwx. 2 root root 4096 Jun 6 07:55 lib64
drwxrwxrwx. 3 root root 18 Jun 6 07:55 mnt
drwxrwxrwx. 2 root root 6 Jun 6 07:55 proc
drwxrwxrwx. 2 root root 6 Jun 6 07:55 root
drwxrwxrwx. 2 root root 100 Jun 6 07:55 sbin
-rw-r--r--. 1 root root 1783 Jun 6 07:15 spp2016040.menu
drwxrwxrwx. 2 root root 6 Jun 6 07:55 tmp
drwxrwxrwx. 7 root root 61 Jun 6 07:55 usr
drwxrwxrwx. 6 root root 47 Jun 6 07:55 var
-rw-r--r--. 1 root root 4900496 Jun 6 07:15 vmlinuz
An obvious target to look at is ofcourse the init
script, it seems that this script is calling a function called mount_media()
which calls a mount_url.sh
shell script. Lets examine that script to see what kind of URI’s are supported.
[root@mainframe t]# find . -name mount_url.sh
./sbin/mount_url.sh
<snip>
Usage: $0 [OPTIONS] url
Description: mounts a smbfs/cifs or nfs volume when given the path in
url format
Where:
url - a url of the device to mount
examples:
smb://server/share/path/to/file
cifs://server/share/path/to/file
cifs:user:password@server/share/path/to/file
cifs://\\\\server\\share\\path\\to\\file
\\\\server\\share\\path\\to\\file
nfs://server/path/to/file
http[s]://server/path/to/file
<snip>
So it seems HTTP and HTTPS are also supported which is nice since Cobbler already relies on a working Apache service, now we only have to make the ISO accessible. I recommend putting the ISO right next to the kernel and initrd so that the ISO is accessable through HTTP.
[root@mainframe iso]# cp 864794_001_spp-2016.04.0-SPP2016040.2016_0317.20.iso /var/www/cobbler/ks_mirror/spp2016040/
Adding a distro
Now that all required files are in place you can add the distro to Cobbler. Please note that I already changed the ksmeta
variable to match the HTTP transport.
[root@mainframe iso]# cobbler distro add --name=spp2016040 --kernel=/var/www/cobbler/ks_mirror/spp2016040/vmlinuz --initrd=/var/www/cobbler/ks_mirror/spp2016040/initrd.img --ksmeta="media=net root=/dev/ram0 splash quiet hp_fibre showopts TYPE=AUTOMATIC AUTOPOWEROFFONSUCCESS=no AUTOREBOOTONSUCCESS=yes iso1=http://@@http_server@@/cobbler/ks_mirror/spp2016040/864794_001_spp-2016.04.0-SPP2016040.2016_0317.20.iso iso1mnt=/mnt/bootdevice"
Verify your distro configuration:
[root@mainframe iso]# cobbler distro report --name=spp2016040
Name : spp2016040
Architecture : x86_64
TFTP Boot Files : {}
Breed : redhat
Comment :
Fetchable Files : {}
Initrd : /var/www/cobbler/ks_mirror/spp2016040/initrd.img
Kernel : /var/www/cobbler/ks_mirror/spp2016040/vmlinuz
Kernel Options : {'hp_fibre': '~', 'iso1mnt': '/mnt/bootdevice', 'media': 'net', 'AUTOPOWEROFFONSUCCESS': 'no', 'quiet': '~', 'root': '/dev/ram0', 'showopts': '~', 'iso1': 'http://@@http_server@@/cobbler/ks_mirror/spp2016040/864794_001_spp-2016.04.0-SPP2016040.2016_0317.20.iso', 'splash': '~', 'AUTOREBOOTONSUCCESS': 'yes', 'TYPE': 'AUTOMATIC'}
Kernel Options (Post Install) : {}
Kickstart Metadata : {}
Management Classes : []
OS Version : generic26
Owners : ['admin']
Red Hat Management Key : <<inherit>>
Red Hat Management Server : <<inherit>>
Template Files : {}
Adding a profile
Before you can use the SPP via PXE you first need to associate a profile with the distro, mind the empty kickstart
variable.
[root@mainframe iso]# cobbler profile add --name=spp2016040 --distro=spp2016040 --kickstart=""
Verify your profile configuration:
[root@mainframe iso]# cobbler profile report --name=spp2016040
Name : spp2016040
TFTP Boot Files : {}
Comment :
DHCP Tag : default
Distribution : spp2016040
Enable gPXE? : 0
Enable PXE Menu? : 1
Fetchable Files : {}
Kernel Options : {}
Kernel Options (Post Install) : {}
Kickstart :
Kickstart Metadata : {}
Management Classes : []
Management Parameters : <<inherit>>
Name Servers : []
Name Servers Search Path : []
Owners : ['admin']
Parent Profile :
Internal proxy :
Red Hat Management Key : <<inherit>>
Red Hat Management Server : <<inherit>>
Repos : []
Server Override : <<inherit>>
Template Files : {}
Virt Auto Boot : 1
Virt Bridge : xenbr0
Virt CPUs : 1
Virt Disk Driver Type : raw
Virt File Size(GB) : 5
Virt Path :
Virt RAM (MB) : 512
Virt Type : xenpv
Verify PXE configuration
So after adding the required files, a distro object and a profile object let’s see if the PXE configuration is properly generated.
[root@mainframe iso]# cobbler sync
In the case of EFI booting check /var/lib/tftpboot/grub/efidefault
if it contains something like this:
title spp2016040
root (nd)
kernel /images/spp2016040/vmlinuz hp_fibre iso1mnt=/mnt/bootdevice TYPE=AUTOMATIC media=net AUTOPOWEROFFONSUCCESS=no quiet showopts iso1=http://10.10.10.10/cobbler/ks_mirror/spp2016040/864794_001_spp-2016.04.0-SPP2016040.2016_0317.20.iso splash AUTOREBOOTONSUCCESS=yes root=/dev/ram0
initrd /images/spp2016040/initrd.img
In the case of syslinux PXE booting check the file /var/lib/tftpboot/pxelinux.cfg/default
:
LABEL spp2016040
kernel /images/spp2016040/vmlinuz
MENU LABEL spp2016040
append initrd=/images/spp2016040/initrd.img hp_fibre iso1mnt=/mnt/bootdevice TYPE=AUTOMATIC media=net AUTOPOWEROFFONSUCCESS=no quiet showopts iso1=http://10.10.10.10/cobbler/ks_mirror/spp2016040/864794_001_spp-2016.04.0-SPP2016040.2016_0317.20.iso splash AUTOREBOOTONSUCCESS=yes root=/dev/ram0
ipappend 2
That’s it!