Smoothwall Firewall project

Monday, 13 July 2009

Upgrade the Xen kernel on a Redhat Server

Now, if you server has a direct connection to the Internet , then this is very straight forward task, and just a matter of you leveraging the very good Redhat network bug fixing and patching tool. However, if you server has no access to the Internet, or a Satellite server, then how can I patch the kernel and tools? Well, it isn't that difficult, apart from one odd requirement.

Basically you need to log onto the RHN (Redhat network) and download the latest rpms for your version of installed RH. In my case I had version RHEL 5.2, and below is a list of the rpm's I used:

ecryptfs-utils-56-8.el5.x86_64.rpm
kernel-headers-2.6.18-128.1.16.el5.x86_64.rpm
kernel-xen-2.6.18-128.1.16.el5.x86_64.rpm
kernel-xen-devel-2.6.18-128.1.16.el5.x86_64.rpm
libvirt-0.3.3-14.el5_3.1.x86_64.rpm
libvirt-python-0.3.3-14.el5_3.1.x86_64.rpm
python-virtinst-0.300.2-12.el5.noarch.rpm
virt-manager-0.5.3-10.el5.x86_64.rpm
xen-3.0.3-88.el5.x86_64.rpm
xen-libs-3.0.3-88.el5.x86_64.rpm

The one odd rpm that I was not expecting to have to upgrade was the ecryptfs-utils, but the kernel wouldn't update unless it was updated first. It doesn't have any dependencies, so it was not a major problem.

Once you have installed these , with the rpm -Uvh command, you will need to reboot into the new kernel, as this level of Redhat doesn't offer the auto kernel updates yet.

This all went well, and allowed me to patch the secure virtual servers, that were having a problem with a memory leak in the previous kernel, and all has been well since.

It is work noting that when Redhat Enterprise Linux 5.4 gets launched in September, then there will be a major upgrade in the whole virtualization infrastructure , which will include using the KVM kernel modules. This will make this an even more compelling virtualization deployment platform.

I hope this saves you some time.

No comments: