EAP Patching

From NovaOrdis Knowledge Base
Jump to navigation Jump to search

External

Internal

Relevance

  • EAP 6.4

Overview

Patches are distributed as zip files or RPMs (for a subset of products).

Patching with zip files and patching with RPMs is incompatible, the same method should be used for subsequent patches.

After a patch is applied, the patched JARs are picked up at runtime from:

$JBOSS_HOME/modules/system/layers/base/.overlays/$PATCH_ID/$MODULE

while the original files are left in

$JBOSS_HOME/modules/system/layers/base/$MODULE

The patching mechanism renders the original JAR files unusable, for security reasons. If the patch is rolled back, the original files will be reverted to an usable state.

Patching in Domain Mode

The patch management system cannot be used to automatically patch server instances across a managed domain: individual server instances in the managed domain must be patched independently.

Procedure

From CLI:

patch apply /path/to/patch.zip
shutdown --restart=true

Applying Bundled Patches (Updates)

CSP publishes periodically "updates" (example: "Red Hat JBoss Enterprise Application Platform 6.4 Update 06"), which are collections of cumulative patches ZIPs. For example, "Red Hat JBoss Enterprise Application Platform 6.4 Update 06" contains the following:

NOMBP2:archive ovidiu$ unzip -l jboss-eap-6.4.6-patch.zip
Archive:  jboss-eap-6.4.6-patch.zip
  Length     Date   Time    Name
 --------    ----   ----    ----
 81612821  01-12-16 15:59   jboss-eap-6.4.5.CP.zip
 89218386  01-12-16 15:59   jboss-eap-6.4.2.CP.zip
 53889569  01-12-16 15:59   jboss-eap-6.4.6.CP.zip
 35954575  01-12-16 15:59   jboss-eap-6.4.1.CP.zip
      470  01-12-16 15:59   patches.xml
 79994187  01-12-16 15:59   jboss-eap-6.4.4.CP.zip
 79766732  01-12-16 15:59   jboss-eap-6.4.3.CP.zip
 --------                   -------
420436740                   7 files

Those updates can be applied using the "patch" CLI command, as well:

[standalone@localhost:9999 /] patch apply /Users/ovidiu/archive/jboss-eap-6.4.6-patch.zip
{
    "outcome" : "success",
    "response-headers" : {
        "operation-requires-restart" : true,
        "process-state" : "restart-required"
    }
}
[standalone@localhost:9999 /] reload

What if a Previous Update Has Been Applied?

TODO Procedure if an older update has been applied (06) and I want to patch to 08?

Verifying that Patches Have Been Applied

Check $JBOSS_HOME/modules/system/layers/base/.overlays. All cumulative patches should be listed there:

NOMBP2:.overlays ovidiu$ pwd
/Users/ovidiu/runtime/jboss-eap-6.4/modules/system/layers/base/.overlays
NOMBP2:.overlays ovidiu$ ls -l
total 0
drwxr-xr-x  3 ovidiu  staff  102 Jun  1 09:10 layer-base-jboss-eap-6.4.1.CP
drwxr-xr-x  4 ovidiu  staff  136 Jun  1 09:10 layer-base-jboss-eap-6.4.2.CP
drwxr-xr-x  4 ovidiu  staff  136 Jun  1 09:10 layer-base-jboss-eap-6.4.3.CP
drwxr-xr-x  5 ovidiu  staff  170 Jun  1 09:10 layer-base-jboss-eap-6.4.4.CP
drwxr-xr-x  5 ovidiu  staff  170 Jun  1 09:10 layer-base-jboss-eap-6.4.5.CP
drwxr-xr-x  5 ovidiu  staff  170 Jun  1 09:10 layer-base-jboss-eap-6.4.6.CP

Also, the patching mechanism seems to be reliably updating $JBOSS_HOME/version.txt file, so the file can be used for a quick test.

Clearing Patch History

From CLI:

/core-service=patching:ageout-history

Interacting with a Module that Has Been Patched