Power Business Continuity and Automation

Power Business Continuity and Automation

Connect, learn, and share your experiences using the business continuity and automation technologies and practices designed to ensure uninterrupted operations and rapid recovery for workloads running on IBM Power systems. 


#Power
#TechXchangeConferenceLab

 View Only

Performing AIX Live Kernel Update on Power VC managed nodes using Ansible

By Shreyansh Chamola posted Mon February 09, 2026 05:35 AM

  

Patching Without Reboots: Live Kernel Update

Minimizing downtime is Business-Vital for IBM AIX environments running mission-critical workloads. Live Kernel Update (LKU) enables administrators to apply kernel patches without rebooting, though traditional processes may still result in brief service interruptions. This feature has been a keystone for achieving near zero-downtime maintenance.

Business and Operational Benefits:

  • Near-zero downtime: Applications continue running, though brief performance impact may occur during workload migration.
  • Eliminates Maintenance Windows: Since no reboot is required, admins can patch systems during production hours rather than waiting for scheduled downtime.
  • Safety Net: LKU creates a clone of the OS. If the update fails during the process, the original environment remains untouched and active.


LKU with Ansible

While LKU is powerful, it is a multi-step process involving storage validation, configuration files, and hardware orchestration. Ansible makes this enterprise-ready by:

  • Improving Scalability: Performing LKU on a single LPAR is simple; performing it on 50 LPARs simultaneously requires the automation that Ansible provides.
  • Improving Consistency: Ansible ensures the configuration is identical across all nodes and that pre-flight checks (like checking for free disk space) are never skipped.
  • Improving Integration: It allows you to wrap the LKU process into a larger CI/CD pipeline or patching workflow, logging the output to a central location for auditing.

Step-by-Step: Executing LKU Using Unusable

  • Prerequisites for Performing AIX Live Kernel Update:
    • AIX OS Version: Must be AIX 7.2 or higher.
    • Storage: An unused physical volume (hdisk) with sufficient capacity must be available for the alternate boot environment.
    • Management Connectivity: The LPAR must have a configured connection to Power VC to allow for the creation of the surrogate LPAR.
    • Fileset: The bos.live_update fileset must be installed on the target system.
    • Ansible Collection: The ibm.power_aix collection (version > 1.9.0) should be present on your Ansible control node to utilise the LKU module.
  • I used the following playbook for performing LKU, you can make the changes as per your requirements:

1.  ---

2.  - name: Perform live kernel update operation on AIX

3.    hosts: "{{host_name}}"

4.    gather_facts: false

5.    vars:

6.      host_name: all

7.      pvc_name: <pvc_name>

8.      pvc_password: <password>

9.      pvc_user: root

10.     directory: /ifix_dir

11.

12.   tasks:

13.

14.     - name: To install all the updates and interim fixes that are available in the provided directory

15.       ibm.power_aix.lku:

16.         PVC_name: "{{ pvc_name }}"

17.         PVC_password: "{{ pvc_password }}"

18.         PVC_user: "{{ pvc_user }}"

19.         directory: "{{ directory }}"

20.         filesets_fixes: all

           Note: The ifix was copied to the /ifix_dir directory on the AIX target system before running the playbook. PVC_password can also be safely stored using Ansible vault, rather than hardcoded in the playbook.

  • The LKU module uses geninstall -k internally for performing live kernel update. It handles all the steps required for live update operation to run successfully including the required checks, Power VC server authentication, etc.

  • Run the following ansible command, providing the playbook containing tasks for performing live update: ansible-playbook -i <inventory> <location_to_playbook>

  • When the ansible command is triggered, live update process will start. If you check the target system at this point of time, It will show “Live AIX update in progress”

  • Ansible command will run for some time and if everything was correctly done, It will end up with success.
    Recap will look something like this: 

  • If you visit the target system now, you’ll see “AIX live update completed”.

  • You can also verify this by running emgr -l command on the target system, It should display the ifix that you wanted to install.

A black and white screen with white text Description automatically generated

That’s how you can install a kernel iFix without a system reboot using AIX Live Kernel Update, automated through Ansible.

Conclusion

Performing a Live Kernel Update on AIX using Ansible represents the peak of modern administration. By combining the "non-disruptive" power of LKU with the "hands-off" efficiency of Ansible, organizations can maintain highly secure, up-to-date systems without sacrificing uptime. 

This approach effectively turns a high-risk maintenance event into a routine, automated task.

Hope you liked this blog. Happy automation!

1 comment
21 views

Permalink

https://community.ibm.com/community/user/blogs/shreyansh-chamola/2026/02/09/performing-aix-live-kernel-update-on-power-vc-mana

Comments

Chris Gibson
Sun February 15, 2026 07:16 PM

Here's another example: https://community.ibm.com/community/user/blogs/chris-gibson1/2024/08/09/performing-aix-live-update-with-ansible