Pages

Saturday 19 August 2023

Understanding Zero Trust Network Architecture (ZTNA)

 Understanding Zero Trust Network Architecture (ZTNA)

Introduction As the digital landscape expands and cyber threats become more sophisticated, traditional security models struggle to keep up. To address these evolving challenges, the concept of Zero Trust Network Architecture (ZTNA) has emerged as a compelling approach to safeguarding critical resources and data. This article delves into the principles underpinning the Zero Trust model, examines its pros and cons, and provides insights for organizations looking to embrace this paradigm shift in cybersecurity.

Zero Trust Unveiled Introduced by Jon Kindervag of Forrester in 2010, "Zero Trust" is a cybersecurity model built on the principle of "never trust, always verify." [1] Under the Zero Trust approach, all users and devices are required to authenticate and obtain authorization before accessing services or data. Imagine a network akin to a series of security checkpoints where every user and device must present identification and seek permission at each juncture.

Demystifying Zero Trust Network Architecture (ZTNA) Zero Trust Network Architecture (ZTNA) is an IT network framework rooted in zero trust security principles. ZTNA places a strong emphasis on robust access controls and stringent verification for any device or user seeking entry to a network or system. Regardless of whether users are inside or outside the network, stringent authentication and authorization protocols must be met to access network resources.

In the realm of conventional network security approaches, perimeter-based strategies have been common. For instance, organizations often trust their internal networks, allowing employees and internal systems open access to data and system devices. However, over the past decade, hackers have exposed the limitations of these perimeter-centric defenses. [2]

Zero Trust Networking takes a more meticulous and cautious approach to security. The zero-trust framework can be distilled into seven core pillars: [3]


  1. Identity and Access Management (IAM):

  2. IAM serves as the bedrock of zero trust, crucial in implementing the architecture. It entails verifying the identity of users and devices attempting to access network resources. This verification involves methods like multi-factor authentication (MFA), biometrics, single sign-on (SSO), and client certificates. By permitting only authorized entities access, IAM reduces the risk of breaches and unauthorized access.


  3. Device Security:

  4. This pillar focuses on ensuring that devices entering the network adhere to stringent security criteria and organizational policies. These prerequisites might involve using the latest security software/patches, malware-free status, and the absence of jailbreaking.


  5. Network Segmentation:

  6. Zero Trust advocates for dividing the network into isolated segments, thwarting lateral movement by attackers. This strategy ensures that even if one part is compromised, the rest remain secure. Access between segments adheres to the principle of least privilege.


  7. Application Security:

  8. Ensuring applications are securely designed, granting access only to the necessary functions for each user or device, is critical under ZTNA.


  9. Data Security:

  10. Protecting data is paramount; data must be appropriately encrypted during storage and sharing. Access to data is strictly controlled and monitored, limiting entry to authorized users.


  11. Visibility and Analytics: Zero Trust emphasizes continuous monitoring, providing real-time insights into user behavior, device health, and access patterns. This enables swift threat detection and risk mitigation.


  12. Automation and Orchestration: Automation streamlines security tasks, bolstering incident response and reducing human error.

Advantages of Zero Trust Architecture As cyber threats escalate and traditional security measures prove inadequate, Zero Trust networks emerge as robust shields for sensitive data and vital assets. These networks mandate perpetual authentication, monitoring, and authorization for every user, device, and application, transcending the confines of perimeter-based security. Key benefits include:

  1. Enhanced Security via Micro-Segmentation: Zero Trust diminishes inherent trust, bolstering security by segmenting networks into isolated units. Each user is authenticated before accessing a segment, curbing the attack surface and minimizing breach impact.


  2. Guarding Against Insider Threats: Zero Trust reduces the risk of insider threats by rigorously confirming user identities and enforcing least privileged access. Security is applied uniformly to all users, as the model assumes no entity, even insiders, can be fully trusted.


  3. Granular Access Controls: Zero Trust enforces precise access limits based on factors like user identification, device health, and behavior. This minimizes unauthorized access and lowers the attack surface.


  4. Adaptive Authentication and Strong Policies: Adaptive authentication methods, like multi-factor authentication (MFA), strengthen security while offering a favorable user experience. Strong policies further ensure minimal compromise.


  5. Improved Visibility and Monitoring: Zero Trust networks facilitate real-time monitoring, rapidly identifying security issues and anomalies.

Disadvantages of Zero Trust Network Architecture Although Zero Trust networks revolutionize cybersecurity by rejecting implicit trust and enforcing continuous verification, they come with certain drawbacks. Here are some key challenges and strategies to mitigate them:

  1. Complexity and Implementation Challenges: Transitioning to ZTNA can be complex, especially for organizations with extensive IT infrastructures. Meticulous planning and gradual deployment can mitigate these challenges.


  2. Increased Management Overhead: Frequent authentication and access checks can burden IT teams. Automation and advanced tools can alleviate this overhead.

  3. Increased Security Investment: Implementing ZTNA requires investments in security technologies. Thorough evaluation and cost-benefit analysis can optimize these investments.

  4. User and Device Onboarding Complexity: Proper onboarding processes and automation can streamline the onboarding of users and devices.


  5. Potential False Positives: Fine-tuning monitoring systems and leveraging machine learning can reduce false positives.

  6. Resistance to Change and Training Needs: Proper training and communication are essential to overcome resistance to the new model.

In conclusion, Zero Trust Network Architecture offers robust cybersecurity by abandoning implicit trust in favor of continual verification. Organizations can mitigate its challenges through meticulous planning, efficient tools, and strategic communication. By embracing the security benefits of ZTNA, organizations can protect their critical data and assets amidst evolving threats.

Summary: The article discusses Zero Trust Network Architecture (ZTNA), an approach to cybersecurity that focuses on continuous authentication, authorization, and access controls. ZTNA challenges traditional security models by eliminating implicit trust and verifying all users, devices, and applications seeking access to resources. The article outlines the seven core pillars of ZTNA: Identity and Access Management, Device Security, Network Segmentation, Application Security, Data Security, Visibility and Analytics, and Automation and Orchestration. The advantages include enhanced security, protection against insider threats, granular access controls, adaptive authentication, improved visibility, and monitoring. However, there are also disadvantages such as complexity, increased management overhead, higher security investments, and potential false positives. The article suggests strategies to mitigate these challenges, including meticulous planning, automation, and training.



Wednesday 13 March 2013


http://hmc_ip/main.faces - To know the system configuration status
http://hmc_ip/login.faces - To connect to IVM using padmin user

http://www.ibm.com/developerworks/wikis/display/virtualization/Home - VIO Home page
http://www14.software.ibm.com/webapp/set2/sas/f/vios/download/home.html - VIO Fixes Downloads

System p LPAR and Virtualization  I: Planning and Configuration (AU730) or (Q1373)
System p LPAR and Virtualization II: Implementing Advance Configurations - AU780

How to check APV Codes - http://www-912.ibm.com/pod/pod and provide type and serial number.

Fix Level Recommendation (FLR) Tool - http://www14.software.ibm.com/webapp/set2/flrt/home

Resource Requirements
- P5 server with the Advanced Virtualization Feature
- VIOS must have FixPack 6.2 applied (ioslevel 1.1.2.62 ). Please check the Hitachi HiCommand Dynamic Link
Manager release notes for VIO Server levels supported.
- VIOC LPARs must be AIX 5.3 ML 1, with APARs IY70148, IY70336, and IY70082, and higher
- HBA 6239, 5716, 5758/5759
- Hitachi HiCommand Dynamic Link Manager software version 5.4.2 or above (Hitachi HiCommand Dynamic Link
Manager software version 5.6.1 with unique_id is recommended)
- Subsystem requirements:
    - Port option "0F" (AIX) is required
    - Hitachi HiCommand Dynamic Link Manager software or MPIO can be used for Hitachi Lightning 9900 and
      9900 V Series systems, and TagmaStore Universal Storage Platforms and Network Storage Controllers
    - Hitachi HiCommand Dynamic Link Manager software only can be used for Hitachi Thunder 9500 V Series
      systems, and TagmaStore Adaptable Modular Storage and Workgroup Modular Storage
    - Microcode: Contact your Hitachi Data Systems representative for microcode requirements
- All critical fixes, and interim fix IY72974, found at

http://www14.software.ibm.com/webapp/set2/sas/f/aix.efixmgmt/fixes.html, must be applied
- Virtual devices must have a PVID prior to being exported to a VIO client when using Hitachi HiCommand
  Dynamic Link Manager without unique_id. It is recommended that all exported devices have a PVID.
- Devices with existing data (volume groups) cannot be used as virtual devices
- Storage must be configured for AIX. Select "AIX" as platform in the host groups
- An Hitachi ODM update (disk pre-defines) is required for disk definition
For Hitachi HiCommand Dynamic Link Manager software, the ODM updates are:
    - 5.0.0.1 Base level
    - 5.0.0.4 Update for device support
    - 5.0.52.1 Update for AIX 5.2
    - 5.0.52.2 Update for HP/HDS compatibility
For MPIO, the ODM updates are:
    - 5.4.0.0 Base level
    - 5.4.0.1 Update for MPIO health check

http://publib.boulder.ibm.com/infocenter/eserver/v1r2s/en_US/index.htm

VIO Sizing:
http://publib.boulder.ibm.com/infocenter/eserver/v1r3s/index.jsp?topic=/iphb1/iphb1_vios_planning_vscsi_sizing.htm

IBM Virtualization Redbooks:
http://www.redbooks.ibm.com/redbooks/pdfs/sg247940.pdf
http://www.redbooks.ibm.com/redbooks/pdfs/sg245768.pdf

VIO FAQs:
http://techsupport.services.ibm.com/server/vios/documentation/faq.html

VIO Support Page:
http://techsupport.services.ibm.com/server/vios

VIO Securing
http://publib.boulder.ibm.com/infocenter/pseries/v5r3/topic/com.ibm.aix.security/doc/security/aix_sec_expert.htm

Securing VIO Server
======================================================
To use ssh, comes pre-installed with vio 1.3 onwards,
$ oem_setup_env
# ln -s /usr/bin/ssh /usr/ios/oem/ssh
# ln -s /usr/bin/scp /usr/ios/oem/scp
# exit
$

Stopping Telnet & Ftp
$ stopnetsvc telnet
$ stopnetsvc ftp

Blocking any unused network sockets
The VIOS comes with a predefined set of rules, defined in /home/ios/security/viosecure.ctl.
The IP filters are activated by issuing a
$ viosecure -firewall on -reload

and they can be listed with the command
$ viosecure -firewall view

-------------------------------------------------------
Original Settings
-------------------------------------------------------
$ viosecure -firewall view
  Firewall      OFF

                            ALLOWED   PORTS
             Local   Remote
  Interface  Port    Port    Service      IPAddress       Expiration Time(seconds)
  ---------  ----    ----    -------      ---------       ---------------
  $
-------------------------------------------------------
Settings after running - viosecure -firewall on -reload
-------------------------------------------------------
$ viosecure -firewall view
Firewall      ON

                          ALLOWED   PORTS
           Local   Remote
Interface  Port    Port    Service      IPAddress       Expiration Time(seconds)
---------  ----    ----    -------      ---------       ---------------
all        5989    any     wbem-https   0.0.0.0         0
all        5988    any     wbem-http    0.0.0.0         0
all        5987    any     wbem-rmi     0.0.0.0         0
all        any     657     rmc          0.0.0.0         0
all        657     any     rmc          0.0.0.0         0
all        443     any     https        0.0.0.0         0
all        any     427     svrloc       0.0.0.0         0
all        427     any     svrloc       0.0.0.0         0
all        80      any     http         0.0.0.0         0
all        any     53      domain       0.0.0.0         0
all        22      any     ssh          0.0.0.0         0
all        21      any     ftp          0.0.0.0         0
all        20      any     ftp-data     0.0.0.0         0
$
=======================================================================================
If /home/ios/security/viosecure.ctl is missing (due to whatever reason),
you can still activate IP filters by issuing
$ viosecure -firewall on -force -reload

To block any traffic to port 80, 20 and 21, apply the following commands as padmin:
$ viosecure -firewall deny -port 80
$ viosecure -firewall deny -port 20
$ viosecure -firewall deny -port 21

and check your results with another "view" command.
$ viosecure -firewall allow -port 20 -remote
$ viosecure -firewall allow -port 21 -remote

========================================================================================
$ help
Install Commands                        Security Commands
 ioslevel                                lsfailedlogin
 license                                 lsgcl
 lssw                                    viosecure
 oem_platform_level                      mkldap
 oem_setup_env                           ldapadd
 remote_management                       ldapsearch
 updateios                               snmpv3_ssw
                                         mkkrb5clnt
LAN Commands
 cfglnagg                               UserID Commands
 cfgnamesrv                              chuser
 entstat                                 lsuser
 fcstat                                  mkuser
 hostmap                                 passwd
 hostname                                rmuser
 lsnetsvc
 lstcpip                                Maintenance Commands
 mktcpip                                 alt_root_vg
 chtcpip                                 backup
 netstat                                 backupios
 optimizenet                             bootlist
 ping                                    cattracerpt
 rmtcpip                                 chdate
 seastat                                 chlang
 startnetsvc                             cfgassist
 stopnetsvc                              cl_snmp
 traceroute                              cpvdi
 vasistat                                dsmc
                                         diagmenu
Device Commands                          errlog
 chdev                                   fsck
 chpath                                  invscout
 cfgdev                                  ldfware
 lsdev                                   loginmsg
 lsmap                                   lsfware
 lspath                                  lslparinfo
 mkpath                                  motd
 mkvdev                                  mount
 mkvt                                    pdump
 rmdev                                   replphyvol
 rmpath                                  restore
 rmvdev                                  restorevgstruct
 rmvt                                    save_base
                                         savevgstruct
Physical Volume Commands                 showmount
 lspv                                    shutdown
 migratepv                               snap
                                         snmp_info
Logical Volume Commands                  snmp_trap
 chlv                                    startsysdump
 cplv                                    starttrace
 extendlv                                stoptrace
 lslv                                    svmon
 mklv                                    sysstat
 mklvcopy                                topas
 rmlv                                    uname
 rmlvcopy                                unmount
                                         viostat
Volume Group Commands                    vmstat
 activatevg                              wkldmgr
 chvg                                    wkldagent
 deactivatevg                            wkldout
 exportvg
 extendvg                               Monitoring Commands
 importvg                                cfgsvc
 lsvg                                    lssvc
 mirrorios                               startsvc
 mkvg                                    stopsvc
 redefvg
 reducevg                               Shell Commands
 syncvg                                  awk
 unmirrorios                             cat
                                         chmod
Storage Pool Commands                    clear
 chbdsp                                  cp
 chsp                                    crontab
 lssp                                    date
 mkbdsp                                  ftp
 mksp                                    grep
 rmbdsp                                  head
 rmsp                                    ls
                                         man
Virtual Media Commands                   mkdir
 chrep                                   more
 chvopt                                  mv
 loadopt                                 rm
 lsrep                                   sed
 lsvopt                                  stty
 mkrep                                   tail
 mkvopt                                  tee
 rmrep                                   vi
 rmvopt                                  wall
 unloadopt                               wc
                                         who
==============================================================================================================
Profile Update
$ lssyscfg -r prof --filter "lpar_names=LPAR2" -F lpar_name
  LPAR2
$ chsyscfg -r prof -i "lpar_name=LPAR2,new_name=LPAR2_new_name"
$ lssyscfg -r prof --filter "lpar_names=LPAR2_new_name" -F lpar_name
  LPAR2_new_name

Power on a partition
$ chsysstate -o on -r lpar -n LPAR2
$ lsrefcode -r lpar --filter "lpar_names=LPAR2" -F refcode
  CA00E1F1
$ lsrefcode -r lpar --filter "lpar_names=LPAR2" -F refcode
  CA00E14D

Use the following tasks at the VIOS command line to configure the VIOS firewall settings:
1. Enable the VIOS firewall by issuing the following command:
   $ viosecure -firewall on
2. Specify the ports to allow or deny, by using the following command:
   $ viosecure -firewall allow | deny -port number
3. View the current firewall settings by issuing the following command:
   $ viosecure -firewall view
4. If you want to disable the firewall configuration, issue the following command:
   $ viosecure -firewall off

To set a VIOS security level of High, Medium, or Low, use the viosecure -level command, as in the following example:
   $ viosecure -level low -apply

To display the current VIOS security level setting use the viosecure command with the -view flag:
   $ viosecure -view

Removing security level settings : To unset any previously set system security levels and return the system to the
standard system settings, issue the following command:
   $ viosecure -level default

Listing fixes
$ oem_setup_env /* from the VIOS command line
$ emgr -P       /* gives a list of the installed efix's (by label)
$ emgr -r -L    /* for each additional efix listed, run this command to remove
$ exit

1. Log in to the Virtual I/O Server as the user padmin.
2. Create a directory on the Virtual I/O Server.
   $ mkdir directory_name
3. Using the ftp command, transfer the update file (or files) to the directory you created.
4. Apply the update by running the updateios command:
   $ updateios -dev directory_name -install -accept
   Accept to continue the installation after the preview update is run.
5. Reboot.
Verify a successful

Applying updates from the ROM drive
1. Log in to the Virtual I/O Server as user padmin.
2. Place the update CD into the drive.
3. Apply the update by running the updateios command:
   $ updateios -dev /dev/cdX -install -accept
   (where X is a device number between 0 and N)
4. Verify a successful update by checking the results of the updateios command and running the ioslevel command.
   The result of ioslevel command should equal the level of the downloaded package:

VIOS version
The ioslevel command displays the VIOS version; you will see output similar to this:
$ ioslevel
  1.3.0.0

$ ioslevel
1.5.2.0

System firmware level
You can display the system firmware level using lsfware command. You will see output similar to this:
$ lsfware
system:SF240_358 (t) SF240_320 (p) SF240_358 (t)

Remove the virtual device
$ rmdev -dev vhost0 -recursive
  vtopt0 deleted
  dbrootvg deleted
  vtscsi0 deleted
  vhost0 deleted
$ rmdev -dev ent4
  ent4 deleted
$ rmdev -dev en4
  en4 deleted
$ rmdev -dev et4
  et4 deleted

Save Upgrade Data
The Save Upgrade Data task is used to save the current HMC configuration in the special disk partition on the HMC.
This task is used before you migrate the current HMC software level to the new version

Note: The special disk partition can hold only one generation of backup data. Every time you perform this task,
previous backup will be overwritten by the latest backup.

# lsdev -Cc disk -F 'name location physloc'
hdisk0 08-08-00-5,0 U787B.001.DNW4D3A-P1-T14-L5-L0
hdisk1 08-08-00-8,0 U787B.001.DNW4D3A-P1-T14-L8-L0
hdisk2 07-08-02     U787B.001.DNW4D3A-P1-C4-T1-W500601623060265E-L0
hdisk3 07-08-02     U787B.001.DNW4D3A-P1-C4-T1-W500601623060265E-L1000000000000
hdisk4 07-08-02     U787B.001.DNW4D3A-P1-C4-T1-W500601623060265E-L2000000000000
hdisk5 07-08-02     U787B.001.DNW4D3A-P1-C4-T1-W500601623060265E-L3000000000000
hdisk6 06-08-02     U787B.001.DNW4D3A-P1-C3-T1-W500601633060265E-L4000000000000
hdisk7 06-08-02     U787B.001.DNW4D3A-P1-C3-T1-W500601633060265E-L5000000000000
#

http://publib.boulder.ibm.com/infocenter/eserver/v1r2s/en_US/index.htm?info/iphau/loccodes.htm - Understanding Location Codes

Q:Having a few problems understanding the mapping between physical location codes, HMC location codes, and AIX (virtual?)
  location codes. Mainly this is a problem with I/O devices (no micropartitioning). Does anyone know a good doc/redbook
  that goes through this?

A:the p520/5520 hardware guides cover this, as does the infocenter on the HMC Anyone have a link to the hardware guide?
  I keep getting stuck in the 'Hardware Information Center' and can't find AIX location codes in there. For instance the
  AIX install tells me hdisk0 is at 08-08-00-3,0. How do I map that location to the HMC Uxxxx.ccc.sssssss,Bus 2,Slot C4
  (or wherever) location code?
=========================================================================================================

padmin - abc123
root   - passw0rd
license -accept
oem_setup_env

=========================================================================================================
$ lsdev -type adapter | grep ent
  ent0             Available   10/100/1000 Base-TX PCI-X Adapter (14106902)
  ent1             Available   10/100/1000 Base-TX PCI-X Adapter (14106902)
  ent2             Available   Virtual I/O Ethernet Adapter (l-lan)
  ent3             Available   EtherChannel / IEEE 802.3ad Link Aggregation
  ent4             Available   Shared Ethernet Adapter
$

$ lsdev -dev ent1 -slot
# Slot                    Description                         Device(s)
U7311.D20.657D52A-P1-C01  PCI-X capable, 64 bit, 133MHz slot  ent1

Execute the following command:
mkvdev -lnagg <Ist Ethernet adapter> -attr backup_adapter=<IInd Ethernet adapter>

For example:
$ mkvdev -lnagg ent0 -attr backup_adapter=ent1
  ent3 available

Create a SEA adapter
mkvdev -sea <etherchannel adapter name> -vadapter <Virtual adapter name> -default <Virtual adapter name>  -defaultid 1

For example: (using the information from the previous section)
$ mkvdev -sea ent3 -vadapter ent2 -default ent2 -defaultid 1
  ent4

The "ent4" adapter is now ready for use, and can be configured with an IP address:

Configure TCPIP on the SEA adapter
----------------------------------
mktcpip -hostname HostName -inetaddr Address -interface Interface  -netmask SubnetMask -gateway Gateway
-nsrvaddr NameServerAddress -nsrvdomain Domain

Then execute the command with the options specified above, for example:
$ mktcpip -hostname vioserver -inetaddr 192.168.117.152 -interface en4 -netmask 255.255.254.192 -gateway 192.168.117.129
  -nsrvaddr 192.168.116.195 -nsrvdomain ndpl.com -start

lsmap -all | grep device
lsmap -all | grep C12
lsmap -vadapter vhost0

mkvg -f -vg bwqasvg hdisk1
extendvg -f datavg hdisk2

mklv -lv bwqas_rootvg bwqasvg 30G
mklv -lv bwqas_datavg bwqasvg 150G

mkvdev -vdev bwqas_rootvg -vadapter vhost0 [-dev bwqasrootvg]  //bwqasrootvg is VTD. If not specified, it will vtscsiX
mkvdev -vdev bwqas_datavg -vadapter vhost0 [-dev bwqasdatavg]
mkvdev -vdev hdisk3 -vadapter vhost0 [-dev bwqasdatavg1]

mkvdev -vdev hdisk8 -vadapter vhost1 -dev bwdevdatavg1 //Created on 17 Dec 08 on 117.155 Server

lsdev -type adapter | grep ent
lsdev -type disk
lsdev -type adapter

lsvg -lv rootvg

lspv

chdev -dev hdisk2 -attr pv=yes

rmdev -dev bwqasdatavg - To remove a VTD

Remove a Virtual SCSI Host Adapter
rmdev -dev vhostX [ -recursive ]
The option »-recursive« can be used to remove all still attached child devices.
============================================================================================================
How to identify disks on client lpars and vio server

Check Client Partition IDs and V3/V4 on clients

$ lsmap -all
SVSA            Physloc                                      Client Partition ID
--------------- -------------------------------------------- ------------------
vhost1          U9113.550.65BD55F-V1-C13                     0x00000003

VTD                   client1_rvg
Status                Available
LUN                   0x8100000000000000
Backing device        client1_lv
Physloc

VTD                   vtscsi0
Status                Available
LUN                   0x8200000000000000
Backing device        client1_lv1
Physloc

SVSA            Physloc                                      Client Partition ID
--------------- -------------------------------------------- ------------------
vhost2          U9113.550.65BD55F-V1-C14                     0x00000004

VTD                   client2_rvg
Status                Available
LUN                   0x8100000000000000
Backing device        client2_lv
Physloc

$

Client1
# lspv
hdisk0          00cbd55f90e183ab                    rootvg          active
hdisk1          none                                None
# lscfg -vl hdisk0
  hdisk0           U9113.550.65BD55F-V3-C2-T1-L810000000000  Virtual SCSI Disk Drive
# lscfg -vl hdisk1
  hdisk1           U9113.550.65BD55F-V3-C2-T1-L820000000000  Virtual SCSI Disk Drive
#

Client2
# lscfg -vl hdisk0
  hdisk0           U9113.550.65BD55F-V4-C2-T1-L810000000000  Virtual SCSI Disk Drive
#

============================================================================================================
VIO Server Howto

Contents
 Run IOS commands as root
 IOS - Information and Maintenance
 List all ioscli commands
 IOS Version
 Apply IOS Fixes
 Reboot the VIO Server
 Virtual Devices: Storage
 List unmapped disks
 List all Disk Mappings
 Create a Virtual SCSI Host Adapter
 Remove a Virtual SCSI Host Adapter
 Assign a Disk/LV to a Virtual SCSI Host Adapter
 Unassign a Disk/LV from a Virtual SCSI Host Adapter
 Virtual Devices: Network
 List Shared Ethernet Adapters
 Create a Shared Ethernet Adapter
 List Links on Physical Ethernet Adapters
 Set an local IP Address
 Remove an local IP Address


1. Run IOS commands as root
According to IBM you should never work as root on VIO servers. However, if you login as user padmin and type

 oem_setup_env

you get the root credentials (without even been asked for a password).

By default the ioscli commands are not available for the root user. All ioscli commands are in fact calls of /usr/ios/cli/ioscli with the command as argument. You see this if you list the aliases of the padmin user.

Knowing this you can use all ioscli commands as user root by appending /usr/ios/cli/ioscli. Instead of »lsmap -all« you would type

 root@vios# /usr/ios/cli/ioscli lsmap -all

If you set an alias

 alias i=/usr/ios/cli/ioscli

you could even type

 root@vios# i lsmap -all

IOS - Information and Maintenance1. List all ioscli commands

 $ help

You can type

 $ help <command>

to display a command's syntax, e.g

 $ help lsmap
 Usage: lsmap {-vadapter ServerVirtualAdapter | -plc PhysicalLocationCode |
              -all} [-type BackingDeviceType ... | -net]
              [-field FieldName ...] [-fmt delimiter]
        Displays the mapping between physical and virtual devices.

        -all         Displays mapping for all the server virtual adapter
                     devices.

        -vadapter    Specifies the server virtual adapter device
                     by device name.

        -plc         Specifies the server virtual adapter device
                     by physical location code.

        -type        Specifies to display virtual devices whose backing
                     device matches the type given.

        -net         Specifies supplied device is a virtual server
                     Ethernet adapter.

        -field       Specifies a list of fields to be displayed.

        -fmt         Divides output by a user-specified delimiter.

2. IOS Version

 $ ioslevel
 1.5.2.1-FP-11.1

 $ ioslevel
 1.5.2.0
 $

3. Apply IOS Fixes
Put the IOS fixes somewhere in a local directory or on an NFS server (e.g. /mnt/iosfixes). Then run

 $ updateios -dev /mnt/iosfixes -install -accept

4. Reboot the VIO Server

 $ shutdown -restart

Virtual Devices: Storage1. List unmapped disks

 $ lspv -free
 NAME            PVID                                SIZE(megabytes)
 hdisk24         none                                8631
 hdisk25         none                                8631
 hdisk26         none                                8631
 hdisk27         none                                8631

 Warning: If you use vendor specific device drivers (such as the SDD or EMC drivers) you see all hdisks as free. You have to limit the list to your logical devices, e.g.


 $ lspv -free | grep vpath

2. List all Disk Mappings

 $ lsmap -all
 SVSA            Physloc                                      Client Partition ID
 --------------- -------------------------------------------- ------------------
 vhost0          U9113.550.65BD55F-V1-C12                     0x00000002

 VTD                   bwqas_datavg1
 Status                Available
 LUN                   0x8300000000000000
 Backing device        hdisk6
 Physloc               U787B.001.DNW4D3A-P1-C3-T1-W500601633060265E-L4000000000000

 VTD                   bwqasdatavg
 Status                Available
 LUN                   0x8200000000000000
 Backing device        bwqas_datavg
 Physloc

 VTD                   bwqasrootvg
 Status                Available
 LUN                   0x8100000000000000
 Backing device        bwqas_rootvg
 Physloc

 SVSA            Physloc                                      Client Partition ID
 --------------- -------------------------------------------- ------------------
 vhost1          U9113.550.65BD55F-V1-C13                     0x00000003

 VTD                   bwdevdatavg
 Status                Available
 LUN                   0x8200000000000000
 Backing device        bwdev_datavg
 Physloc

 VTD                   bwdevrootvg
 Status                Available
 LUN                   0x8100000000000000
 Backing device        bwdev_rootvg
 Physloc

 SVSA            Physloc                                      Client Partition ID
 --------------- -------------------------------------------- ------------------
 vhost2          U9113.550.65BD55F-V1-C14                     0x00000004

 VTD                   erpdatavg
 Status                Available
 LUN                   0x8200000000000000
 Backing device        erpqas_datavg
 Physloc

 VTD                   erpdatavg1
 Status                Available
 LUN                   0x8300000000000000
 Backing device        hdisk7
 Physloc               U787B.001.DNW4D3A-P1-C3-T1-W500601633060265E-L5000000000000

 VTD                   erprootvg
 Status                Available
 LUN                   0x8100000000000000
 Backing device        erpqas_rootvg
 Physloc

 SVSA            Physloc                                      Client Partition ID
 --------------- -------------------------------------------- ------------------
 vhost3          U9113.550.65BD55F-V1-C15                     0x00000005

 VTD                   erpdevdatavg
 Status                Available
 LUN                   0x8200000000000000
 Backing device        erpdev_datavg
 Physloc

 VTD                   erpdevrootvg
 Status                Available
 LUN                   0x8100000000000000
 Backing device        erpdev_rootvg
 Physloc

 $

3. Create a Virtual SCSI Host Adapter
This has to done on the HMC for the profile of the VIO server: You create a new Virtual SCSI Host-Adapter and assign it
only to your client LPAR.

The same slot ID should then be assigned to a new client adapter in the client LPAR's profile.

You can do these steps dynamically to avoid a restart of the VIO server. Use the Dynamic Logical Partitioning option
for that. If you go for the dynamic option don't forget to do the same assignments in the profiles aswell, otherwise
your LPAR loses all storage after a new start of the VIOS!

After dynamically adding the server hostadapters you have to rerun the configuration mamager before you can see the
new vhost device:

 $ cfgdev

4. Remove a Virtual SCSI Host Adapter

 $ rmdev -dev vhostX [ -recursive ]

The option »-recursive« can be used to remove all still attached child devices.

Then remove the adapters dynamically from the VIO server aswell as from the VIOS' profile.

5. Assign a Disk/LV to a Virtual SCSI Host Adapter
To map hdisk22 to vhost1 just type

 $ mkvdev -vdev hdisk22 -vadapter vhost1
  vtscsi19 available

The VIO server assigns the next free number (19 here) and creates the mapping device vtscsi19. But you can specify your own name for the mapping device by making use of the »-dev« option:

 $ mkvdev -vdev hdisk22 -dev vthdisk22_barney -vadapter vhost1
  vthdisk22_barney available

If you use LVs rather than whole disks or LUNs the same rules apply:

 # default mapping device
 $ mkvdev -vdev lpar21_lv03 -vadapter vhost1
  vtscsi19 available

 # custom mapping device
 $ mkvdev -vdev lpar21_lv03 -dev vtdisk21_lv03 -vadapter vhost1
  vtdisk21_lv03 available

6. Unassign a Disk/LV from a Virtual SCSI Host Adapter

 $ rmvdev -vtd vtscsiXX

Virtual Devices: Network1. List Shared Ethernet Adapters

 $ lsmap -all -net
 SVEA Physloc
 ------ --------------------------------------------
 ent12 U9117.570.65E12FB-V2-C20-T1

 SEA                   ent13
 Backing device        ent3
 Physloc               U7311.D20.651372C-P1-C01-T2

2. Create a Shared Ethernet Adapter
To create a Shared Ethernet Adapter (SEA) you need:

a physical adapter as backend: <PHYS>
a virtual adapter as defined in the VIOS' profile: <VIRT>
an internal VLAN ID: <VLAN>
If you use the Shared Ethernet Adapter Failover capability of recent IOS releases you also need
a second virtual adapter as defined in the VIOS' profile: <CONT>
for the control channel:
 # simple:
 $ mkvdev -sea <PHYS> -vadapter <VIRT> -default <VIRT> -defaultid <VLAN>

 # Shared Ethernet Adapter Failover:
 $ mkvdev -sea <PHYS> -vadapter <VIRT> -default <VIRT> -defaultid <VLAN> -attr ha_mode=auto ctl_chan=<CONT>

Example: To create a Shared Ethernet Adapter on top of an virtual adapter ent11 using VLAN 20, the physical adapter ent2 as backend, and the virtual adapter ent13 for the control channel type:

 $ mkvdev -sea ent2 -vadapter ent11 -default ent11 -defaultid 20 -attr ha_mode=auto ctl_chan=ent13

3. List Links on Physical Ethernet Adapters

 $ netstat -cdlistats | grep -Ei "\(ent|media|link status"
 ETHERNET STATISTICS (ent3) :
 Link Status : Up
 Media Speed Selected: 100 Mbps Full Duplex
 Media Speed Running: 100 Mbps Full Duplex

4. Set an local IP Address
To configure an local IP 192.168.1.2 address to en0 use

 $ mktcpip  -hostname <HOSTNAME> \
            -inetaddr 192.168.1.2 \
            -interface en0 -start \
            -netmask 255.255.255.0 \
            -gateway <GATEWAY>

5. Remove an local IP Address
If you want to remove the IP configuration from en0, type

 $ rmtcpip -interface en0


===========================================================================
hscroot@localhost:~> lssyscfg -r sys -F name
Server-9113-550-SN65BD55F

hscroot@localhost:~> lssyscfg -m Server-9113-550-SN65BD55F -r lpar -F name,lpar_id,state,default_profile
bwqas,2,Running,NORMAL
viosrv,1,Running,NORMAL
erpqas,4,Running,NORMAL
bwdev,3,Not Activated,NORMAL
erpdev,5,Not Activated,NORMAL
BWQAS_OLD,6,Not Activated,bwqas_old

Activating a partition using command line (Checked practically)
---------------------------------------------------------------
hscroot@localhost:~> chsysstate -m Server-9113-550-SN65BD55F -r lpar -o on --id 6 -f bwqas_old -b norm

hscroot@localhost:~> lslic -m Server-9113-550-SN65BD55F -t sys
lic_type=Managed System,management_status=Enabled,disabled_reason=,activated_level=358,installed_level=358,accepted_level=320,ecnumber=01SF240,mtms=9113-550*65BD55F,deferred_level=None,platform_ipl_level=358,curr_level_primary=358,curr_ecnumber_primary=01SF240,curr_power_on_side_primary=temp,pend_power_on_side_primary=temp,temp_level_primary=358,temp_ecnumber_primary=01SF240,perm_level_primary=320,perm_ecnumber_primary=01SF240

Old Entry:
lic_type=Managed System,management_status=Enabled,disabled_reason=,activated_level=320,installed_level=320,accepted_level=320,ecnumber=01SF240,mtms=9113-550*65BD55F,deferred_level=None,platform_ipl_level=None,curr_level_primary=320,curr_ecnumber_primary=01SF240,curr_power_on_side_primary=temp,pend_power_on_side_primary=temp,temp_level_primary=320,temp_ecnumber_primary=01SF240,perm_level_primary=320,perm_ecnumber_primary=01SF240

hscroot@localhost:~> lssyscfg -r sys
name=Server-9113-550-SN65BD55F,type_model=9113-550,serial_num=65BD55F,ipaddr=192.168.20.147,state=Power Off,sys_time=10/29/2008 04:32:19,power_off_policy=1,cod_mem_capable=0,cod_proc_capable=1,hca_capable=1,huge_page_mem_capable=0,micro_lpar_capable=1,os400_capable=0,5250_application_capable=0,redundant_err_path_reporting_capable=1,shared_eth_failover_capable=1,sni_msg_passing_capable=0,sp_failover_capable=0,vet_activation_capable=1,virtual_io_server_capable=1,assign_5250_cpw_percent=0,max_lpars=40,max_power_ctrl_lpars=1,service_lpar_id=none,curr_sys_keylock=norm,pend_sys_keylock=norm,curr_power_on_side=temp,pend_power_on_side=temp,curr_power_on_speed=fast,pend_power_on_speed=fast,curr_power_on_speed_override=none,pend_power_on_speed_override=none,power_on_type=power on,power_on_option=standby,pend_power_on_option=standby,power_on_method=02,power_on_attr=0000,sp_boot_attr=0000,sp_boot_major_type=08,sp_boot_minor_type=01,sp_version=00030030,mfg_default_config=0,curr_mfg_default_ipl_source=a,pend_mfg_default_ipl_source=a,curr_mfg_default_boot_mode=norm,pend_mfg_default_boot_mode=norm

hscroot@localhost:~> lssyscfg -m Server-9113-550-SN65BD55F -r lpar
name=bwqas,lpar_id=2,lpar_env=aixlinux,state=Not Available,resource_config=1,os_version=0.0.0.0.0.0,logical_serial_num=65BD55F2,default_profile=NORMAL,curr_profile=NORMAL,work_group_id=none,shared_proc_pool_util_auth=0,power_ctrl_lpar_ids=none,boot_mode=norm,lpar_keylock=norm,auto_start=0,redundant_err_path_reporting=0
name=viosrv,lpar_id=1,lpar_env=vioserver,state=Not Available,resource_config=1,os_version=0.0.0.0.0.0,logical_serial_num=65BD55F1,default_profile=NORMAL,curr_profile=NORMAL,work_group_id=none,shared_proc_pool_util_auth=0,power_ctrl_lpar_ids=none,boot_mode=norm,lpar_keylock=norm,auto_start=0,redundant_err_path_reporting=0
name=erpqas,lpar_id=3,lpar_env=aixlinux,state=Not Available,resource_config=1,os_version=0.0.0.0.0.0,logical_serial_num=65BD55F3,default_profile=erpqas,curr_profile=erpqas,work_group_id=none,shared_proc_pool_util_auth=0,power_ctrl_lpar_ids=none,boot_mode=norm,lpar_keylock=norm,auto_start=0,redundant_err_path_reporting=0

hscroot@localhost:~> lssyscfg -r sys -F name,ipaddr
Server-9113-550-SN65BD55F,192.168.20.147

==============================================================================
1. To backup the partition configuration data to /var/adm/lpm/profile.bak, type:
   bkprofdata -o backup
2. To backup the partition configuration data to lparData.bak, type:
   bkprofdata -o backup -f lparData.bak

1. To send a trace report to the newfile file, enter:
   cattracerpt -outfile newfile
2. To display a list of hook IDs, enter:
   cattracerpt -lshid

1. To configure detected devices attached to the scsi0 adapter, type:
   cfgdev -dev scsi0

cfglnagg Command Purpose Add or remove adapters from a Link Aggregation or change a Link Aggregation attributes.
Syntax cfglnagg { -add [ -backup ] | -rm } LinkAggregation Adapter
cfglnagg [ -f ] -attr Attribute=NewValue LinkAggregation ...

1. To add adapter ent8 to Link Aggregation ent3, type:
   cfglnagg -add ent3 ent8

1. To add a domain entry with a domain name of abc.aus.century.com, type:
   cfgnamesrv -add -dname abc.aus.century.com
2. To add a name server entry with IP address 192.9.201.1, type:
   cfgnamesrv -add -ipaddr 192.9.201.1
3. To show all system configuration database entries related to domain name server information used by
   local resolver routines, type:
   $ cfgnamesrv -ls
     nameserver      192.168.116.195
     domain       ndpl.com

4. To set the search list abc.aus.century.com xyz.aus.century.com, type:
   cfgnamesrv -chslist abc.aus.century.com xyz.aus.century.com

1. To list all the attributes associated with an agent configuration, type the following command:
   cfgsvc -ls ITM_base
2. To configure the ITM_base agent with the Restart_On_Reboot attribute set to TRUE, type the following command:
   cfgsvc ITM_base -attr Restart_On_Reboot=TRUE
3. To display the ITM_base agent ssh public key, type the following command:
   cfgsvc -key ITM_base
 
1. To display the current date and time, type:
   chdate
2. To change the date to Tue Oct 12 16:30:00 CDT 2004 for a system in the US Central time zone, type:
   chdate -day 12 -month 10 -year 2004 -hour 16 -minute 30
   or
   chdate 101216302004

1. To change the retention instructions of the 4mm SCSI tape drive rmt0 so that the drive does not move
   the tape to the beginning, then to the end, and then back to the beginning each time a tape is inserted
   or the drive is powered on, type:
   chdev -dev rmt0 -attr ret=no
2. To change the SCSI ID of the available SCSI adapter scsi0 that cannot be made unavailable or changed
   due to available disk drives connected to it, type:
   chdev -dev scsi0 -attr id=6 -perm

1. To change the language for the entire system to French Canadian, type:
   chlang -lang fr_CA
2. To display available languages:
   chlang -ls

1. To deactivate the virtual system attention LED for the system, type:
   chled -r sa -t virtualsys -o off
2. To activate the virtual partition system attention LED for partition lpar3, type:
   chled -r sa -t virtuallpar -o on -p lpar3
3. To dectivate the virtual partition system attention LED for the partition with ID 3, type:
   chled -r sa -t virtuallpar -o off --id 3

chlparutil Command
Purpose - Change settings for data collection. This command is available only in an Integrated Virtualization Manager
          environment. Syntax chlparutil -r config -s SampleRate [ -m ManagedSystem ]

1. Disable the collection of utilization data:
   chlparutil -r config -s 0

chpath Command
Purpose - Changes the operational status of paths to a MultiPath I/O (MPIO) capable device, or changes an
          attribute associated with a path to an MPIO capable device.
Syntax chpath -dev Name -op OpStatus [ -pdev Parent ] [ -conn Connection ]
       chpath -dev Name -pdev Parent [ -conn Connection ] [ -perm ] -attr Attribute=Value...

1. To disable the paths between scsi0 and the hdisk1 disk device, enter:
   chpath -dev hdisk1 -pdev scsi0 -op disable
   The system displays a message similar to one of the following:
   paths disabled
   or
   some paths disabled

chsp Command
Purpose - Change the characteristics of a storage pool. Virtual I/O Server commands 53
Syntax Add physical volume to a storage pool:
       chsp -add [ -f ] [-sp StoragePool] PhysicalVolume...
       Remove a physical volume from a storage pool :
       chsp -rm [ -f ] [-sp StoragePool] PhysicalVolume...
       Set storage pool as the default :
       chsp -default StoragePool

1. To add physical volume hdisk3 to the default storage pool, type:
   chsp -add hdisk3
2. To remove physical volume hdisk2 from clstorage storage pool, type:
   chsp -rm -sp clstorage hdisk2

chsvcevent Command
Purpose - Changes an existing serviceable event. This command is available only in an Integrated Virtualization
          Manager environment. Syntax To close an existing serviceable event:
          chsvcevent -o close -p ProblemNumber -n Name -c CommentText [ -m ManagedSystem ]

1. To close a serviceable event, type:
   chsvcevent -o close -p 6013EFFF-205F3F22-4CC992E5-F8B6270-7540D8A3 -m 9111-520*XXXXXXX -n My Name -c Closing Comment

1. To change the user defined name for the managed system, type:
   chsyscfg -r sys -i "new_name=sys1"
2. To change partitions using the configuration data in the file /tmp/lparfile, type:
   chsyscfg -r lpar -f /tmp/lparfile
3. To reduce a partition profile’s assigned and minimum memory by 256 MB, type:
   chsyscfg -r prof -i "lpar_name=partition3,min_mem-=256,desired_mem-=256"

1. To power on the partition with an ID of 2 and set the boot mode to System Management Services, type:
   chsysstate -m managed-system -r lpar -o on
                          {-n partition-name | --id partition-ID}
                          [-f partition-profile-name]
                          [-k keylock-position]
                          [-b boot-mode] [-i IPL-source]

2. To shut down the partition with an ID of 3, type:
   chsysstate -r lpar -o shutdown --id 3
3. To immediately restart the partition with an ID of 3 using the client operating system’s shutdown command, type:
   chsysstate -r lpar -o osshutdown --restart --immed --id 3

1. To changes the current network address and mask to the new settings, type:
   chtcpip -interface en0 -inetaddr 9.1.1.1 -netmask 255.255.255.0
2. To changes the default gateway from 9.1.2.3 to 9.2.3.4, type:
   chtcpip -interface en0 -gateway -add 9.2.3.4 -remove 9.1.2.3

1. To change the expiration date for the davis user account to 8 a.m., 1 May, 2010, type:
   chuser -attr expires=0501080010 davis

1. To suspend the volume group vg03, type:
   chvg -suspend vg03
2. To resume the volume group vg03, type:
   chvg -resume vg03

1. To copy a file to a new file and preserve the modification date, time, and access control list associated
   with the source file, enter:
   cp -p smith smith.jr
   This copies the smith file to the smith.jr file. Instead of creating the file with the current date and time stamp,
   the system gives the smith.jr file the same date and time as the smith file. The smith.jr file also inherits the
   smith file’s access control protection.
2. To copy a directory, including all its files and subdirectories, to another directory, enter:
   cp -R /home/nick/clients /home/nick/customers
   Note: A directory cannot be copied into itself. This copies the clients directory, including all its files,
   subdirectories, and the files in those subdirectories, to the customers/clients directory.
3. To copy a file to a new file and preserve the ACL and EA associated with the source file, enter:
   cp -U smith smith.jr

1. To copy the contents of logical volume fslv03 to a new logical volume, type:
   cplv fslv03 The new logical volume is created, placed in the same volume group as fslv03, and named by the system.
2. To copy the contents of logical volume fslv03 to a new logical volume in volume group vg02, type:
   cplv -vg vg02 fslv03 The new logical volume is created, named, and added to volume group vg02.
3. To copy the contents of logical volume lv02 to a smaller, existing logical volume, lvtest, without requiring
   user confirmation, type:
   cplv -f lv02 lvtest

entstat Command
Purpose - Shows Ethernet device driver and device statistics. Syntax
          entstat [ -all ] [ -reset ] Device_Name

errlog Command
Purpose - Displays or clears the error log. Syntax
          errlog [ -ls][ -seq SequenceNumber ]| -rm Days ]

1. To display a complete detailed report, enter:
   errlog -ls
2. To delete error-log entries older than 5 days, enter:
   errlog -rm 5
3. To delete all error-log entries, enter:
   errlog -rm 0

1. To increase the size of the logical volume lv05 by three megabytes, type:
   extendlv lv05 3M
2. To request a logical volume named lv05 with a minimum size of 10MB, type:
   extendlv lv05 10M
   The extendlv command will determine the number of partitions needed to create a logical volume of at least that size.

extendvg Command
Purpose - Adds physical volumes to a volume group. Syntax
          extendvg [ -f ] VolumeGroup PhysicalVolume ...
          Ex: extendvg vg3 hdisk3 hdisk8

hostmap Command
Purpose - Directly manipulates address-mapping entries in the system configuration database.
          Syntax To Add an Address-to-Host Name Mapping
          hostmap -addr IPAddress -host HostName...
          To Delete an Address-to-Host Name Mapping
          hostmap -rm IPAddress
          To Show all Address-to-Host Name Mappings
          hostmap -ls
1. To add an entry in the database associating an address with a series of host names, enter the command in the
   following format:
   hostmap -addr 192.100.201.7 -host alpha bravo charlie
   The IP address 192.100.201.7 is specified as the address of the host that has a primary host name of alpha
   with synonyms of bravo and charlie.Note: If you attempt to use .08, .008, .09, or .009 in an address to add,
   you will get an error message that states ?IP Address already exists,? although the address is not in the database.
2. To list all entries in the database, enter the command in the following format:
   $ hostmap -ls
   127.0.0.1               loopback localhost      # loopback (lo0) name/address
   192.168.117.152 vioserver
   $

installios Command
Purpose - Installs the Virtual I/O Server. This command is run from the HMC.
Syntax  - installios [ -p partition_name -i ipaddr or hostname -S subnet_mask -g gateway -d path -s system_name
          -m mac_address -r profile [-n] [-P speed] [-D duplex] [-l language] ] | -u

invscout Command
Purpose - Surveys the host system for currently installed microcode or Vital Product Data (VPD).
Syntax  - invscout [-vpd | -report] [-model Type-Model] [-serial SerialNumber] [-version]
          invscout -rpm rpmPackage rpmOption ...
          invscout -install Device [-file FileName]

1. To generate report on microcode levels of all the devices, type:
   $ invscout -report

   ******  Command  ----  V2.2.0.12
   ******  Logic Database V2.2.0.2
 
   Initializing ...
   Identifying the system ...
   Working ...
   Getting system microcode level(s) ...
   Scanning for device microcode level(s) ...
 
   93 devices detected; each dot (.)
   represents 10 devices processed:
   .........
 
   Writing Microcode Survey upload file ...
 
   ================================================
   Hostname  . . . . . . : vioserver
   Command Version . . . : 2.2.0.12
   Logic Database Version: 2.2.0.2
   Survey Date and Time  : Fri Oct 31 01:19:57 CDT 2008
   OS Level  . . . . . . : 5.3.0.0
   uname -M  . . . . . . : IBM,9113-550
   uname -m Model ID . . : 4C
 
 
            ------------------
            IDENTIFIED DEVICES
            ------------------
   Device            Installed Microcode
   ----------------  ----------------------------------------
   sys0              Not available
   fcs0              df1000fa.190104
   fcs1              df1000fa.190104
   sisscsia0         44415255.050A008a
   ent0              14106902.GOL021
   ent1              14106902.GOL021
   hdisk0            HUS1514.56503031.53334141
   hdisk1            4335304B
   ================================================
 
 
   Microcode Survey complete
 
   The output files can be found at:
   Upload file: /var/adm/invscout/vioserver.mup
   Report file: /var/adm/invscout/invs.mrp
 
   To transfer the invscout 'Upload file' for microcode
   comparison, see your service provider's web page.
 
   Copying output files to user's home directory:
   Copying: /var/adm/invscout/invs.mrp to /home/padmin/
   Copying: /var/adm/invscout/vioserver.mup to /home/padmin/
   $

2. To get the vpd survey of the partition. type:
   $ invscout -vpd
 
   ******  Command  ----  V2.2.0.12
   ******  Logic Database V2.2.0.2
 
   Initializing ...
   Execute : /opt/IBMinvscout/bin/invscoutClient_VPD_Survey > /var/adm/invscout/invscoutClient_VPD_Survey.stdout
 
 
   VPD Survey complete
 
   The output files can be found at:
   Upload file: /var/adm/invscout/9113-550_65BD55F_1_VPD.xml
 
 
   To transfer the invscout 'Upload file' for Vital Product
   Data submission, see your service provider's web page.
 
   Copying output files to user's home directory:
   Copying: /var/adm/invscout/9113-550_65BD55F_1_VPD.xml to /home/padmin/
   $


ldfware Command
Purpose - Loads the system’s flash EPROM with the specified file, which must contain a valid binary flash EPROM image,
          and then reboots the system.
Syntax  - ldfware [ -device Device ] -file filename
          ldfware -commit

license Command
Purpose - View and accept the license agreement.
Syntax  - license { [ -view ] [ -accept ] } [ -lang Name ]
          license [ -ls ]

1. To view the license in the en_US locale, type:
   license -view
2. To accept the license in the fr_FR locale, type:
   license -accept -lang fr_FR
3. To view if the license has been accepted, type:
   license

loginmsg Command
Purpose - Modifies the Virtual I/O Server partition’s login herald.
Syntax  - loginmsg { -reset | ?Herald string? }
1. To set the login herald to Welcome followed by login: on a separate line, type:
   loginmsg "Welcome\nlogin:"
2. To reset the login herald back to the system default, type:
   loginmsg -reset

lsdev Command
Purpose - Displays Virtual I/O Server devices and their characteristics.
Syntax  - To list devices
          lsdev [ -type DeviceType... ] [ -virtual ] [ -field FieldName... ] [ -fmt Delimiter ] [-state State ]
          To display information about a specific device:
          lsdev { -dev DeviceName | -plc PhysicalLocationCode } [ -child ] [ -field FieldName... ] [ -fmt Delimiter ]
          lsdev { -dev DeviceName | -plc PhysicalLocationCode } [ -attr [ Attribute ] | -range Attribute | -slot | -vpd | -parent]
          lsdev -vpd
          lsdev -slots

1. To list all virtual adapters and display the name and status fields, type:
   lsdev -type adapter -virtual -field name status
   The system displays a message similar to the following:
   $  lsdev -type adapter -virtual -field name status
      name             status
      ent2             Available
      vhost0           Available
      vhost1           Available
      vhost2           Available
      vhost3           Available
      vsa0             Available
      ent3             Available
      ent4             Available
   $
 
2. To list all devices of type disk and display the name and physical location fields, type:
   lsdev -type disk -field name physloc
   The system displays a message similar to the following:
   name    physloc
   $ lsdev -type disk -field name physloc
   name             physloc
   hdisk0           U787B.001.DNW4D3A-P1-T14-L5-L0
   hdisk1           U787B.001.DNW4D3A-P1-T14-L8-L0
   hdisk2           U787B.001.DNW4D3A-P1-C4-T1-W500601623060265E-L0
   hdisk3           U787B.001.DNW4D3A-P1-C4-T1-W500601623060265E-L1000000000000
   hdisk4           U787B.001.DNW4D3A-P1-C4-T1-W500601623060265E-L2000000000000
   hdisk5           U787B.001.DNW4D3A-P1-C4-T1-W500601623060265E-L3000000000000
   hdisk6           U787B.001.DNW4D3A-P1-C3-T1-W500601633060265E-L4000000000000
   hdisk7           U787B.001.DNW4D3A-P1-C3-T1-W500601633060265E-L5000000000000
   bwqas_datavg1    U9113.550.65BD55F-V1-C12-L3
   erpdatavg1       U9113.550.65BD55F-V1-C14-L3
   bwdevdatavg      U9113.550.65BD55F-V1-C13-L2
   bwdevrootvg      U9113.550.65BD55F-V1-C13-L1
   bwqasdatavg      U9113.550.65BD55F-V1-C12-L2
   bwqasrootvg      U9113.550.65BD55F-V1-C12-L1
   erpdatavg        U9113.550.65BD55F-V1-C14-L2
   erpdevdatavg     U9113.550.65BD55F-V1-C15-L2
   erpdevrootvg     U9113.550.65BD55F-V1-C15-L1
   erprootvg        U9113.550.65BD55F-V1-C14-L1
   $

3. To display the parent of a devices, type:
   lsdev -dev hdisk0 -parent
   The system displays a message similar to the following:
   parent
 
   scsi0
4. To display all I/O slots that are not hot-pluggable but can have DLPAR operations performed on them, type:
   $ lsdev -slots
     # Slot                    Description       Device(s)
     U7311.D20.65B041A-P1-C01  Logical I/O Slot  pci10 ent1
     U7311.D20.65B041A-P1-C06  Logical I/O Slot  pci9 ent0
     U787B.001.DNW4D3A-P1-C3   Logical I/O Slot  pci6 fcs0
     U787B.001.DNW4D3A-P1-C4   Logical I/O Slot  pci7 fcs1
     U787B.001.DNW4D3A-P1-T7   Logical I/O Slot  pci4 usbhc0 usbhc1
     U787B.001.DNW4D3A-P1-T14  Logical I/O Slot  pci8 sisscsia0
     U9113.550.65BD55F-V1-C0   Virtual I/O Slot  vsa0
     U9113.550.65BD55F-V1-C2   Virtual I/O Slot  ent2
     U9113.550.65BD55F-V1-C12  Virtual I/O Slot  vhost0
     U9113.550.65BD55F-V1-C13  Virtual I/O Slot  vhost1
     U9113.550.65BD55F-V1-C14  Virtual I/O Slot  vhost2
     U9113.550.65BD55F-V1-C15  Virtual I/O Slot  vhost3
   $

1. To list all failed logins, type:
   lsfailedlogin
   $ lsfailedlogin
   padmin         pts/0    7 405752 0000 0000 1225274090 kpm-it-cmcop.ndpl.com  Wed Oct 29 04:54:50 CDT 2008
   root           ssh      7 356428 0000 0000 1225341177 192.168.129.16         Wed Oct 29 23:32:57 CDT 2008
   root           ssh      7 356428 0000 0000 1225341183 192.168.129.16         Wed Oct 29 23:33:03 CDT 2008
   root           ssh      7 389214 0000 0000 1225341244 192.168.129.16         Wed Oct 29 23:34:04 CDT 2008
   UNKNOWN_       ssh      7 430308 0000 0000 1225341265 192.168.129.16         Wed Oct 29 23:34:25 CDT 2008
   UNKNOWN_       ssh      7 430308 0000 0000 1225341269 192.168.129.16         Wed Oct 29 23:34:29 CDT 2008


lsfware Command
Purpose - Displays microcode and firmware levels of the system and adapters and devices.
Syntax  - lsfware [ -all | -dev Name ]

1. To display the system firmware level and service processor (if present), type:
   lsfware
   The system displays a message similar to the following:
   System Firmware level is TCP99256
   $ lsfware
   system:SF240_358 (t) SF240_320 (p) SF240_358 (t)

   $ lsfware -all
   sys0!system:SF240_358 (t) SF240_320 (p) SF240_358 (t)
   fcs0!df1000fa.190104
   fcs1!df1000fa.190104
   sisscsia0!44415255.050A008a
   ent0!14106902.GOL021
   ent1!14106902.GOL021
   hdisk0!HUS1514.56503031.53334141
   hdisk1!ST37330.53313233.4335304B

2. To display the microcode level for all supported devices, type:
   lsfware -all The system displays a message similar to the following:
   sys0|system:TCP99256
   rmt0|C009
   scraid0|adapter:4.20.18|adapter-boot:4.00.26
   raid-dasd|22:FFC #:DDYS-T0.524D3031.53393446
   raid-dasd|26:FFC #:DDYS-T0.524D3031.53393446
   raid-dasd|2e:FFC #:DDYS-T0.525A3034.53393243

1. List system level memory information and include the minimum memory required to support a maximum of 1024 MB:
   lshwres -r mem --level sys --maxmem 1024
2. List all memory information for partitions lpar1 and lpar2, and only display attribute values,
   following a header of attribute names:
   lshwres -r mem --level lpar --filter "\"lpar_names=lpar1,lpar2\"" -F --header
3. List all I/O units on the system:
   lshwres -r io --rsubtype unit
4. List all virtual Ethernet adapters on the managed system:
   lshwres -r virtualio --rsubtype eth --level lpar
5. List all virtual slots for partition lpar1:
   lshwres -r virtualio --rsubtype slot --level slot --filter "lpar_names=lpar1"
6. List only the installed and configurable processors on the system:
   lshwres -r proc --level sys -F installed_sys_proc_units,configurable_sys_proc_units....

1. Display the physical system attention LED for the system:
   lsled -r sa -t phys
2. Display all of the virtual partition system attention LEDs:
   lsled -r sa -t virtuallpar
3. Display the virtual partition system attention LEDs for partitions lpar1 and lpar2:
   lsled -r sa -t virtuallpar --filter \"lpar_names=lpar1,lpar2\"

1. To display the logical partition number and name, type:
   lslparinfo

1. To list the last five shared processing pool utilization metrics, type:
   lslparutil -r pool -n 5
2. To calculate the shared processing pool utilization in percent over a five-minute time period, type:
   lslparutil -r pool --startyear 2006 --startmonth 10 --startday 4 --starthour 15 --startminute 23 \
   --endyear 2006 --endmonth 10 --endday 4 --endhour 15 --endminute 28 -F time,total_pool_cycles,\
   utilized_pool_cycles
   10/04/2006 15:27:56,449504263518104,372389272879
   10/04/2006 15:27:26,449442382657200,372195239995
   10/04/2006 15:26:56,449382561908822,371998920942
   10/04/2006 15:26:26,449320667371346,371797239591
   10/04/2006 15:25:56,449258781703684,371592366752
   10/04/2006 15:25:26,449196894951060,371394157970
   10/04/2006 15:24:56,449135006535822,371192089089
   10/04/2006 15:24:27,449075176369863,369243635687
   10/04/2006 15:23:56,449013298087726,369040980263
   10/04/2006 15:23:26,448951445376558,368850062933
   Pool utilization = (utilized_pool_cycle / total_pool_cycles) * 100
   Pool utilization = ((372389272879 - 368850062933) / (449504263518104 - 448951445376558)) * 100
   Pool utilization = 0.64%
3. To calculate the shared processing pool size over a five-minute time period, type:
   lslparutil -r pool --startyear 2006 --startmonth 10 --startday 4 --starthour 15 --startminute 23 \
   --endyear 2006 --endmonth 10 --endday 4 --endhour 15 --endminute 28 -F time,time_cycles,\
   total_pool_cycles
   10/04/2006 15:27:56,112376065883848,449504263518104
   10/04/2006 15:27:26,112360595668767,449442382657200
   10/04/2006 15:26:56,112345640481652,449382561908822
   10/04/2006 15:26:26,112330166847247,449320667371346
   10/04/2006 15:25:56,112314695430447,449258781703684
   10/04/2006 15:25:26,112299223741951,449196894951060
   10/04/2006 15:24:56,112283751639775,449135006535822
   10/04/2006 15:24:27,112268794096846,449075176369863
   10/04/2006 15:23:56,112253324526335,449013298087726
   10/04/2006 15:23:26,112237861348574,448951445376558
   Pool size = total_pool_cycles / time_cycles
   Pool size = (449504263518104 - 448951445376558) / (112376065883848 - 112237861348574)
   Pool size = 4
4. To calculate the processing utilization in percent for partition 1 over the last 11 samples, type:
   lslparutil -r lpar -F time,lpar_id,entitled_cycles,capped_cycles,uncapped_cycles --filter lpar_ids=1 -n 11
   06/26/2005 12:13:04,1,13487973395246,353524992184,93964052971
   06/26/2005 12:12:33,1,13486720703117,353490258336,93964052971
   06/26/2005 12:12:03,1,13485467110700,353456792591,93964052971
   06/26/2005 12:11:33,1,13484213859686,353423048854,93964052971
   06/26/2005 12:11:03,1,13482961098044,353386674795,93964052971
   06/26/2005 12:10:32,1,13481706673802,353350985013,93964052971
   06/26/2005 12:10:02,1,13480453156357,353317211748,93964052971
   06/26/2005 12:09:32,1,13479199972343,353283141535,93964052971
   06/26/2005 12:09:02,1,13477946765207,353248812551,93964052971
   06/26/2005 12:08:31,1,13476693184663,353213970760,93964052971
   06/26/2005 12:08:01,1,13475439617080,353179654833,93964052971
   Processor utilization = ((capped_cycles + uncapped_cycles) / entitled_cycles) * 100
   Processor utilization = (((353524992184 - 353179654833) + (93964052971 - 93964052971)) /
   (13487973395246 - 13475439617080)) * 100
   Processor utilization = 2.76%
5. To calculate the most recent number of utilized processor units for partition 1, type:
   lslparutil -r lpar -F time,time_cycles,capped_cycles,uncapped_cycles -n 2 --filter lpar_ids=1
   10/06/2006 09:42:58,190122585897822,836322334068,1209599213218
   10/06/2006 09:42:28,190107628555119,836215824328,1209507899652
   Processor units used = (capped_cycles + uncapped_cycles) / time_cycles
   Processor units used = ((836322334068 - 836215824328) + (1209599213218 - 1209507899652)) /
   (190122585897822 - 190107628555119)
   Processor units used = 0.01
6. To display 5 entries spread over the last day, type:
   lslparutil -r lpar --startyear 2005 --startmonth 6 --startday 25 --starthour 14 --startminute 20 \
   --endyear 2005 --endmonth 6 --endday 26 --endhour 14 --endminute 20 -F time,lpar_id,entitled_cycles,\
   capped_cycles,uncapped_cycles -n 5 --spread
   06/26/2005 14:20:03,1,64074629124428,2634420796918,3335839807455
   06/26/2005 08:20:03,1,63180190141506,2597103712238,3292339240560
   06/26/2005 02:20:02,1,62285686629911,2559847748332,3249081303922
   06/25/2005 20:20:01,1,61391161857754,2522594738730,3205850397796
   06/25/2005 14:20:01,1,60496719757782,2485459490629,3162821474641
 
   Note: This data is particularly useful for graphing utilization data.

lslv Command
Purpose - Displays information about a logical volume.
Syntax  - lslv [ -map | -pv ] LogicalVolume [ -field FieldName ] [ -fmt Delimiter ]
          lslv -free [ -field Fieldname ] [ -fmt Delimiter ]
To display a list of logical volumes that can be used as backing devices, type:
lslv -free
The system displays a message similar to the following:
LV   NAME SIZE(megabytes) VOLUME GROUP
lv00 64                   rootvg
lv01 64                   rootvg

To display only the type and volume group of logical volume hd6 and separate the data by a : (colon) , type:
lslv hd6 -field type vgname -fmt :
The system displays a message similar to the following:
paging:rootvg

lsmap Command
Purpose - Displays the mapping between physical, logical, and virtual devices.
Syntax  - lsmap { -vadapter ServerVirtualAdapter | -plc PhysicalLocationCode | -all }
          lsmap [ -type BackingDeviceType | -net ] lsmap [ -fmt Delimiter ] [ -field FieldNames ]

1. To list all virtual target devices and backing devices mapped to the server virtual SCSI adapter vnode2, type:
   lsmap -vadapter vhost2

2. To list the shared Ethernet adapter and backing device mapped to the virtual server Ethernet adapter ent4, type:
   lsmap -vadapter ent4 -net

3. To list the shared Ethernet adapter and backing device mapped to the virtual server Ethernet adapter ent5 in
   script format separated by a : (colon), type:
   lsmap -vadapter ent5 -fmt ":"
   The system displays a message similar to the following:
   ent5:ent8:ent2
4. To list all virtual target devices and backing devices, where the backing devices are of type disk or lv, type:
   lsmap -all -type disk lv

1. To list the status of the inetd subsystem, type:
   lsnetsvc inetd
   This command will return either active or not active.
2. To list the status of the telnet daemon, type:
   lsnetsvc telnet
   This command will return either active or not active.
3. To list the status of the ftp daemon, enter:
   lsnetsvc ftp
   This command will return either active or not active.

lspath Command
Purpose - Displays information about paths to a MultiPath I/O (MPIO) capable device.
Syntax  - lspath [ -dev DeviceName ] [ -pdev Parent ] [ -status Status ] [ -conn Connection ]
          [ -field FieldName ] [ -fmt Delimiter ]
          lspath -dev DeviceName -pdev Parent [ -conn Connection ] -lsattr [ -attr Attribute... ]
          lspath -dev DeviceName -pdev Parent [ -conn Connection ] -range -attr Attribute

1. To display, without column headers, the set of paths whose operational status is disabled, enter:
   lspath -status disabled
   The system will display a message similar to the following:
   disabled hdisk1 scsi1
   disabled hdisk2 scsi1
   disabled hdisk23 scsi8
   disabled hdisk25 scsi8
2. To display the set of paths whose operational status is failed, enter:
   lspath -status failed
   The system will display a message similar to the following:
   failed hdisk1 scsi1
   failed hdisk2 scsi1
   failed hdisk23 scsi8
   failed hdisk25 scsi8
3. If the target device is a SCSI disk, to display all attributes for the path to parent scsi0 at connection 5,0,
   use the command:
   lspath -dev hdisk10 -pdev scsi0 -conn "5,0" -lsattr
   The system will display a message similar to the following:
   weight 1 Order of path failover selection true

lspv Command
Purpose - Displays information about a physical volume within a volume group.
Syntax  - lspv [ -avail | -free | -size ][ -field Fieldname... ] [ -fmt Delimiter ]
          lspv [ -map | -lv | -pv | -size] PhysicalVolume
          lspv [ -map | -lv | -pv] PhysicalVolume [-field Fieldname ] [ -fmt Delimiter ]

1. To display the status and characteristics of physical volume hdisk3, type:
   lspv hdisk3
2. To display all physical volumes in the system, type:
   lspv
   You should see output similar to the following:
   hdisk0 0000000012345678 rootvg active
   hdisk1 10000BC876543258 vg00   active
   hdisk2 ABCD000054C23486 None
   The previous example shows that physical volume hdisk0 contains the volume group rootvg, and it is activated.
   Physical volume hdisk1 contains the volume group vg00, and it is activated.
   Physical volume hdisk2 does not contain an active volume group.
3. To display all physical volumes that can be virtual SCSI backing devices, type:
   lspv -avail
   Output similar to the following is displayed:
   lspv -avail
   NAME   PVID   SIZE(megabytes)
   hdisk2 00c3e35c99c55ebd 7820
   hdisk3 00c3e35c99c0a332 7820
   hdisk4 00cbe8ddc00fbaad 7820
4. To display all physical volumes that can be virtual SCSI backing devices and are not currently a backing device, type:
   lspv -free
   Output similar to the following is displayed:
   hdisk3 10000BC876543258 None None
   hdisk4 ABCD000054C23486 None None

lsrefcode Command
Purpose - Lists reference codes for partitions or the managed system. This command is valid only in an Integrated
          Virtualization Manager environment.
Syntax  - To list reference codes for the managed system:
          lsrefcode -r sys [ -n Number ] [ --filter ?FilterData? ] [ -F ?AttributeNames? ] [ --header ] [ -m ManagedSystem ]
          To list reference codes for partitions:
          lsrefcode -r lpar [ -n Number ] [ --filter ?FilterData? ] [ -F ?AttributeNames? ] [ --header ] [ -m ManagedSystem ]

1. To list the current reference code for the managed system, type:
   lsrefcode -r sys
2. To list the current reference code for all partitions, type:
   lsrefcode -r lpar
3. To list the last 25 reference codes for partitions p1 and p2, only viewing the lpar_id and refcode attributes, type:
   lsrefcode -r lpar -n 25 --filter \"lpar_names=p1,p2\" -F lpar_id,refcode

lssp Command
Purpose - Lists and displays information about storage pools.
Syntax  - List all available storage pools
          lssp [-field Fieldname ] [ -fmt Delimiter ]
          Display information about a specific storage pool
          lssp -detail | -bd [-sp StoragePool] [-field Fieldname ] [ -fmt Delimiter ]
          Display the default storage pool
          lssp -default

1. To list all storage pools, type:
   lssp The system displays output similar to the following:
   POOL    SIZE(mb) FREE(mb) ALLOC SIZE(mb) BDs
   sp_test 34624    34624    32        1
   rootvg  34688    17024    64        1
2. To display the default storage pool, type:
   lssp -default
3. To display detailed information about the storage pool sp_sp00, type:
   lssp -detail -sp sp_sp00 The system will display output similar to the following:
   NAME    PVID            SIZE(megabytes)
   hdisk3 00cdfd8c85bd4b2e 34624
   hdisk2 00cdfd8c525d94a2 34624
4. To display information about the backing devices in the storage pool rootvg, type:
   lssp -bd -sp rootvg
   The system displays output similar to the following:
   NAME SIZE(megabytes) VTD     SVSA
   lv01 96              vtscsi1 vhost0
   lv02 64              vtscsi2 vhost0

To list available agents, type the following command:
lssvc

lssvcevents Command
Purpose - List attributes of console or serviceable events. This command is valid only in an Integrated
          Virtualization Manager environment. Syntax To list console events:
          lssvcevents -t console [ -d NumberDays | -i NumberMinutes ] [ --filter ?FilterData? ] [ -F ?AttributeNames? ]
          [ --header ] [ -m ManagedSystem ]
          To list serviceable events:
          lssvcevents -t hardware [ -d NumberDays | -i NumberMinutes ] [ --filter ?FilterData? ] [ -F ?AttributeNames? ]
          [ --header ] [ -m ManagedSystem ]
          To list field replaceable units (frus) for a specific serviceable events
          lssvcevents -t fru --filter ?FilterData? [ -F ?AttributeNames? ] [ --header ] [ -m ManagedSystem ]
          To list comments for a specific serviceable event
          lssvcevents -t comment --filter ?FilterData? [ -F ?AttributeNames? ] [ --header ] [ -m ManagedSystem ]
          To list service objects associated with a specific serviceable event
          lssvcevents -t service_object -filter ?FilterData? [ -F ?AttributeNames? ] [ --header ] [ -m ManagedSystem ]
          To list the status of dlpar events:
          lssvcevents -t dlpar [ -d NumberDays | -i NumberMinutes ] [ --filter ?FilterData? ] [ -F ?AttributeNames? ]
          [ --header ] [ -m ManagedSystem ]

1. To list the serviceable events that occurred today, type:
   lssvcevents -t hardware -d 0
2. To list the console events that occurred within the past 3 days, type:
   lssvcevents -t console -d 3
3. To list all of the open serviceable events for the system, type:
   lssvcevents -t hardware --filter "status=open"
4. To list the associated FRUs for a specific serviceable event, type:
   lssvcevents -t fru --filter problem_nums=6013EFFF-205E9F22-4CC931E5-F892358-A0F6C1D6

lssw Command
Purpose - Lists installed software products.
Syntax  - lssw [ -hist ]

lssyscfg Command
Purpose - List attributes of partitions, partition profiles, or the managed system. This command is valid only in
          an Integrated Virtualization Manager environment.
Syntax  - To list partition attributes:
          lssyscfg -r lpar [ --filter ?FilterData? ] [ -F ?AttributeNames? ] [ --header ] [ -m ManagedSystem ]
          To list partition profile attributes:
          lssyscfg -r prof [ --filter ?FilterData? ] [ -F ?AttributeNames? ] [ --header ] [ -m ManagedSystem ]
          To list system attributes: lssyscfg -r sys [ -F ?AttributeNames? ] [ --header ] [ -m ManagedSystem ]

1. To list the attributes for the managed system, type:
   lssyscfg -r sys
2. To list only the user-defined name, machine type and model, and serial number for the managed system, type:
   lssyscfg -r sys -F name,type_model,serial_num
3. To list all partitions and only display attribute values for each partition following a header of attribute names, type:
   lssyscfg -r lpar -F --header
4. To list the partitions named lpar1, lpar2, and lpar3, type:
   lssyscfg -r lpar --filter \"lpar_names=lpar1,lpar2,lpar3\"
5. To list the partition profile for partition lpar2, type:
   lssyscfg -r prof --filter lpar_names=lpar2

lssysconn Command
Purpose - List connection information for systems. This command is valid only in an Integrated Virtualization
          Manager environment. Syntax To list the service processor network connection information:
          lssysconn -r all [ -F ?AttributeNames? ] [ --header ] [ -m ManagedSystem ]

1. To list all system connections, type:
   lssysconn -r all

lstcpip Command
Purpose - Displays the Virtual I/O Server TCP/IP settings and parameters.
Syntax  - lstcpip [-num] [-routtable] [-routinfo] [-state] [-arp] lstcpip -stored
          lstcpip -adapters lstcpip [-sockets] [-family {inet | inet6 | unix}]
          lstcpip -namesrv | [ -interfaces ] [ -fmt delimiter
          lstcpip [ -state [ -field FieldName ...] ] | [ -routetable [ -field FieldName ... ]] [ -fmt delimter ]
          lstcpip -hostname

1. To list the Virtual I/O Server TCP/IP configuration, type:
   lstcpip -stored
2. To list current routing table, type:
   lstcpip -routtable
3. To list open inet sockets, type:
   lstcpip -sockets -family inet

lsvg Command
Purpose - Displays information about volume groups.
Syntax  - lsvg [-map | -lv | -pv ] [ -field FieldName ] [ -fmt Delimiter ] VolumeGroup...

migratepv Command
Purpose - Moves allocated physical partitions from one physical volume to one or more other physical volumes.
Syntax  - migratepv [ -lv LogicalVolume] SourcePhysicalVolume DestinationPhysicalVolume ...

1. To move physical partitions from hdisk1 to hdisk6 and hdisk7, type:
   migratepv hdisk1 hdisk6 hdisk7
   Physical partitions are moved from one physical volume to two others within the same volume group.
2. To move physical partitions in logical volume lv02 from hdisk1 to hdisk6, type:
   migratepv -lv lv02 hdisk1 hdisk6

mirrorios Command
Purpose - Mirrors all the logical volumes on rootvg. This command reboots the partition upon completion.
Syntax  - mirrorios [ -f] [ PhysicalVolume ...]
Example - mirrorios -force hdisk4

mkbdsp Command
Purpose - Assign storage from a storage pool to be a backing device for a virtual SCSI adapter.
Syntax  - Assign an existing logical volume as a backing device:
          mkbdsp -bd BackingDevice -vadapter ServerVirtualSCSIAdapter -tn TargetDeviceName
          Create a new logical volume as a backing device:
          mkbdsp [-sp StoragePool] Size [-bd BackingDevice] -vadapter ServerVirtualSCSIAdapter -tn TargetDeviceName

1. To create a virtual target device that maps a 3 GB backing device from the default storage pool the virtual SCSI server adapter vhost3, type:
   mkbdsp 3g -vadapter vhost3

mkgencfg Command
Purpose - Performs the initial logical partition configuration for the managed system. This command is valid only in
          an Integrated Virtualization Manager environment.
Syntax  - mkgencfg -o init [-i ?ConfigurationData? ] [ -m ManagedSystem ]
1. To initialize the logical partition configuration for the managed system using defaults, type:
   mkgencfg -o init
2. To initialize the logical partition configuration for the managed system with support for 17 partitions and a MAC prefix of 0x06ABC0, type:
   mkgencfg -o init -i "pend_lpm_max_lpars=17,mac_prefix=06ABC0" Virtual

mklv Command
Purpose - Creates a logical volume.
Syntax  - mklv [ -mirror ] [ -lv NewLogicalVolume | -prefix Prefix ] VolumeGroup Size [ PhysicalVolume ... ]

   $ mklv -lv bwdev_rootvg bwdevvg 30G
     bwdev_rootvg
 
1. To make a logical volume in volume group vg02 with a minimum size of 1 Mb , type:
   mklv vg02 1M
2. To make a logical volume in vg03 with 1GB chosen from physical volumes hdisk5, hdisk6, and hdisk9, type:
   mklv vg03 1G hdisk5 hdisk6 hdisk9
3. To request a logical volume with a minimum size of 10MB, type:
   mklv VGNAME 10m
   where VGNAME is the name of your logical volume.

mklvcopy Command
Purpose - Creates a mirror of a logical volume.
Syntax  - mklvcopy LogicalVolume [ PhysicalVolume ... ]
1. To create a copy of the logical volume lv01, so that a total of two copies exist, type:
   mklvcopy lv01

mkpath Command
Purpose - Adds to the system another path to an MPIO capable device.
Syntax  - mkpath { [ -dev Name ] [ -pdev Parent ] [ -conn Connection ] } [ -def ]
1. To define and configure an already defined path between scsi0 and the hdisk1 device at SCSI ID 5 and LUN 0 (connection 5,0), enter:
   mkpath -dev hdisk1 -pdev scsi0 -conn 5,0
   The system displays a message similar to the following: path available
2. To configure an already defined path from fscsi0 to fiber channel disk hdisk1, type:
   mkpath -dev hdisk1 -pdev fscsi0 The system displays a message similar to the following:
   path available
3. To only add to the Customized Paths object class a path definition between scsi0 and the hdisk1 disk device at SCSI ID 5 and LUN 0, enter:
   mkpath -def -dev hdisk1 -pdev scsi0 -conn 5,0
   The system displays a message similar to the following:
   path defined

1. To set the required values for starting TCP/IP type:
   mktcpip -hostname fred.austin.century.com -inetaddr 192.9.200.4 -interface en0 \
   -nsrvaddr 192.9.200.1 -nsrvdomain austin.century.com -start

mkvdev Command
Purpose - Adds a virtual device to the system.
Syntax  - To create a virtual target device:
          mkvdev [ -f ] {-vdev TargetDevice | -dplc TDPhysicalLocatonCode } { -vadapter VirtualServerAdapter | -aplc VSAPhysicalLocationCode} [ -dev DeviceName ]
          To create a shared Ethernet Adapter:
          mkvdev -sea TargetDevice -vadapter VirtualEthernetAdapter...
          -default DefaultVirtualEthernetAdapter -defaultid SEADefaultPVID [ -attr Attribute=Value [ Attribute=Value... ] ]
          To create an Link Aggregation adapter:
          mkvdev -lnagg TargetAdapter... [ -attr Attribute=Value [ Attribute=Value... ] ]
          To create a VLAN Ethernet adapter:
          mkvdev -vlan TargetAdapter -tagid TagID

1. To create a virtual target device that maps the logical volume lv20 as a virtual disk for a client partition
   hosted by the vhost0 virtual server adapter, type:
   mkvdev -vdev lv20 -vadapter vhost0
   The system displays a message similar to the following:
   vtscsi0 available
2. To create a virtual target device that maps the physical volume hdisk6 as a virtual disk for a client partition
   served by the vhost2 virtual server adapter, type:
   mkvdev -vdev hdisk6 -vadapter vhost2
   The system displays a message similar to the following:
   vtscsi1 available
3. To create a Shared Ethernet Adapter that maps the physical Ethernet adapter ent4 as a virtual Ethernet adapter
   for the client partitions served by the virtual Ethernet adapters ent6, ent7, and ent9, using ent6 as the default
   adapter and 8 as the default ID, type:
   mkvdev -sea ent4 -vadapter ent6,ent7,ent9 -default ent6 -defaultid 8
   The system displays a message similar to the following:
   ent10 available
4. To create an automatic Link Aggregation with primary adapters ent4 and ent5 and backup adapter ent6, type:
   mkvdev -lnagg ent4,ent5 -attr backup_adapter=ent6 mode=6023ad
   The system displays a message similar to the following:
   ent10 available

mkvg Command
Purpose - Creates a volume group.
Syntax  - mkvg [ -f ][ -vg VolumeGroup ] PhysicalVolume ...
1. To create a volume group that contains physical disks hdisk3, hdisk5, and hdisk6, type:
   mkvg hdisk3 hdisk5 hdisk6
   The volume group is created with an automatically generated name, which is displayed.
2. To create the volume group newvg with one physical partition, type:
   mkvg -vg newvg hdisk1

mksp Command
Purpose - Create a storage pool.
Syntax  - mksp [ -f ] StoragePool PhysicalVolume ...
1. To create a new storage pool from physical volumes hdisk3 and hdisk4 and with the name client_data, type:
   mksp -f client_data hdisk3 hdisk4
   The new storage pool is created with the name client_data.

mksvcevent Command
Purpose - Creates a new serviceable event. This command is valid only in an Integrated Virtualization Manager environment.
Syntax  - mksvcevent -d Description --reporting_mtms ReportingMTMS
1. To create a serviceable event, type:
   mksvcevent -d This is a test event entry -reporting_mtms 9111-520*XXXXXXX

mksyscfg Command
Purpose - Creates a logical partition on the managed system. This command is usable only in an Integrated Virtualization Manager environment.
Syntax  - mksyscfg -r lpar { -f ConfigurationFile | -i ConfigurationData } [ -m ManagedSystem ]
1. To create a partition named lp3 with 128 MB, type:
   mksyscfg -r lpar -i "name=lp3,lpar_env=aixlinux,min_mem=128,desired_mem=128,max_mem=128"
2. To create a partition with 128 MB and a dedicated processor, type:
   mksyscfg -r lpar -i "name=lp4,lpar_env=aixlinux,min_mem=128,desired_mem=128,max_mem=128, \
   proc_mode=ded, sharing_mode=share_idle_procs,min_procs=1,desired_procs=1,max_procs=2"
3. To create a partition with 128 MB and 0.2 shared processing units, type:
   mksyscfg -r lpar -i "name=lp2,lpar_env=aixlinux,min_mem=128,desired_mem=128,max_mem=128, \
   proc_mode=shared, sharing_mode=uncap,min_procs=1,desired_procs=1,max_procs=2, \
   min_proc_units=0.1,desired_proc_units=0.2, max_proc_units=2"
4. To create a partition with 128 MB and 0.2 shared processing units. and a virtual Ethernet adapter on VLAN 1, type:
   mksyscfg -r lpar -i "name=lp2,lpar_env=aixlinux,min_mem=128,desired_mem=128,max_mem=128, \
   proc_mode=shared, sharing_mode=uncap,min_procs=1,desired_procs=1,max_procs=2, \
   min_proc_units=0.1,desired_proc_units=0.2, max_proc_units=2,virtual_eth_adapters=4/0/1//0/0"

mkvt Command
Purpose - Create a virtual terminal connection to a partition.
Syntax  - mkvt { -id lparID }
Description - The mkvt command opens a virtual terminal connection to the target partition. You can terminate the
              virtual terminal connection in one of the following ways:
              - The virtual terminal contains an escape sequence that allows you to break out of the command.
                The escape sequence is <cr>~., or more explicitly:
                the Enter key, the tilde (~), and the period (.).
              - You can use the rmvt command to force the session to be closed. A partition can only have one open
                virtual terminal session.
            
              This command requires additional HMC configuration if used in an HMC environment.

1. Create a virtual terminal connection to the partition with ID 3:
   mkvt -id 3

netstat Command
Purpose - Shows network status.
Syntax  - To display active sockets for each protocol or routing table information:
          netstat [ -num ] [ -routtable ] [ -routinfo] [ -state ] [ -protocol Protocol ] [ Interval ]
          To display the contents of a network data structure:
          netstat [ -stats | -cdlistats ] [ -protocol protocol ] [ Interval ]
          To display the address resolution protocol:
          netstat -arp To clear all statistics: netstat -clear

1. To display routing table information for an Internet interface, type:
   netstat -routtable
2. To display interface information for an Internet interface, type:
   etstat -state

1. To get the operating system level of the OEM install and setup environment, run the following command:
   oem_platform_level

1. To initiate the OEM setup and install environment, type the following:
   oem_setup_env

optimizenet Command
Purpose - Manages network tuning parameters.
Syntax  - optimizenet [ -reboot | -perm ] { -set Tunable[=NewValue] | -default Tunable } optimizenet -list [ Tunable ] optimizenet -h [ Tunable ]
1. To display the maximum size of the mbuf pool, type:
   optimizenet -set thewall
2. To change the default socket buffer sizes on your system, type:
   optimizenet -reboot -set tcp_sendspace=32768
3. To use a machine as an internet work router over TCP/IP networks, type:
   optimizenet -set ipforwarding=1
4. To list the current and reboot value, range, unit, type and dependencies of the arptab_bsiz parameter, type:
   optimizenet -list arptab_bsiz
5. To display help information on arptab_bsiz, type:
   optimizenet -h arptab_bsiz

pdump Command
Purpose - Perform platform (hardware and firmware) dump-related actions.
Syntax  - pdump -reserve fstype | -enable | -disable | -ls | -size

redefvg Command
Purpose - Redefines the set of physical volumes of the given volume group in the device configuration database.
Syntax  - redefvg { -dev Device | -vgid Vgid } VolumeGroup

1. To synchronize the copies on physical volumes hdisk04, type:
   redefvg -dev hdisk04
2. To synchronize the copies on volume groups vg04 and vg05, type:
   redefvg -vgid vg04 vg05

reducevg Command
Purpose - Removes physical volumes from a volume group. When all physical volumes are removed from the volume group,
          the volume group is deleted.
Syntax  - reducevg [ -f ] [ -rmlv ]VolumeGroup PhysicalVolume ...
1. To remove physical volume hdisk1 from volume group vg01, type:
   reducevg vg01 hdisk1
2. To remove physical volume hdisk1 and all residing logical volumes from volume group vg01 without user confirmation, type:
   Attention: The reducevg command with the -rmlv flag automatically deletes all logical volume data before removing
   the physical volume.
   reducevg -rmlv -f vg01 hdisk1

remote_management Command
Purpose - Enables the Virtual I/O Server to be remotely managed by an AIX NIM master.
Syntax  - To enable the Virtual I/O Server to be remotely managed by an AIX NIM master:
          remote_management [ -interface Interface ] Master
          To disable remote management:
          remote_management -disable

1. To enable remote_management using NIM master nimsys01, type:
   remote_management nimsys01
2. To disable remote_management, type:
   remote_management -disable

restorevgstruct Command
Purpose - Restores the user volume group.
Syntax  - restorevgstruct { -ls | -vg VolumeGroupLabel [ DiskName ... ] }
1. To restore the volume group myvg, onto the hdisk2 and hdisk3 disks, enter:
   restorevgstruct myvg hdisk2 hdisk3
2. To list all previously saved volume groups, enter:
   restorvgstruct -ls
   The message generated would be similar to:
   -rw-r--r-- 1 root system 51200 Jun 18 10:53 myvg.data
   -rw-r--r-- 1 root system 51200 Jun 18 10:53 myvg2.data
 
rmbdsp Command
Purpose - Remove a backing device and return the storage back to the storage pool.
Syntax  - rmbdsp {-bd LogicalVolume | -vtd VirtualTargetDevice} [-savebd]
1. To remove the virtual target device vtscsi4 and not remove the backing device associated with it, type:
   rmbdsp -vtd vtscsi4 -savebd

rmdev Command
Purpose - Removes a device from the system.
Syntax  - rmdev { -dev | -pdev } Name [ -recursive ] [ [ -ucfg ]
1. To unconfigure the cd0 CD-ROM device, type:
   rmdev -dev cd0
2. To unconfigure the SCSI adapter scsi1 and all of its children, type:
   rmdev -recursive -dev scsi1
3. To unconfigure just the children of the SCSI adapter scsi1, but not the adapter itself, type:
   rmdev -pdev scsi1
4. To unconfigure the children of PCI bus pci1 and all other devices under them, type:
   rmdev -pdev pci1

rmlv Command
Purpose - Removes logical volumes from a volume group.
Syntax  - rmlv [ -f ] LogicalVolume ...
1. To remove logical volume lv05 without requiring user confirmation, enter the following command:
   rmlv -f lv05
   The logical volume is removed from the volume group.

rmlvcopy Command
Purpose - Removes a copy of a logical volume.
Syntax  - rmlvcopy LogicalVolume [ PhysicalVolume ... ]
1. To remove mirroring from the logical volume lv0112, type:
   rmlvcopy lv0112

rmpath Command
Purpose - Removes from the system a path to an MPIO-capable device.
Syntax  - rmpath { [ -dev Name ] [ -pdev Parent ] [ -conn Connection ] } [ -rm ]
1. To unconfigure the path from scsi0 to hdisk1 at connection 5,0, type:
   rmpath -dev hdisk1 -pdev scsi0 -conn "5,0"
   The message generated would be similar to:
   path defined
2. To unconfigure all paths from scsi0 to hdisk1, type:
   rmpath -dev hdisk1 -pdev scsi0
   If all paths were successfully unconfigured, the message generated would be similar to: paths defined However,
   if only some of the paths were successfully unconfigured, the message would be similar to: some paths defined
3. To undefine the path definition between scsi0 and hdisk1 at connection 5,0, type:
   rmpath -rm -dev hdisk1 -pdev scsi0 -conn "5,0"
   The message generated would be similar to the following:
   path deleted
4. To unconfigure all paths from scsi0 to hdisk1, type:
   rmpath -rm -dev hdisk1 -pdev scsi0
   The message generated would be similar to:
   paths deleted

rmsyscfg Command
Purpose - Removes a logical partition from the managed system. This command is valid only in an Integrated
          Virtualization Manager environment.
Syntax  - rmsyscfg -r lpar { -n ParitionName | --id PartitionID }
1. To delete a partition with an lpar ID of 3, type:
   rmsyscfg -r lpar --id 3
2. To delete a partition a name of lp3, type:
   rmsyscfg -r lpar -n lp3

rmtcpip Command
Puropse - Removes the Virtual I/O Server TCP/IP configuration.
Syntax  - rmtcpip [-f] [-nextboot] {-all | [-hostname] [-routing] [-interface ifnameList]}
          rmtcpip [-f] {-all | [-namesrv] [-hostname] [-routing] [-interface ifnameList]}

1. To remove all Virtual I/O Server TCP/IP configuration, type:
   rmtcpip -all
   Answer yes when prompted
2. To unconfigure a network interface en0 without confirmation, type:
   rmtcpip -f -interface en0
3. To cleanup the static routing table, type:
   rmtcpip -f -routing
4. To remove IP information from a network interface on the next boot, keeping the current configuration running execute:
   rmtcpip -f -interface en0 -nextboot

rmvdev Command
Purpose - To remove the connection between a physical device and its associated virtual SCSI adapter.
Syntax  - rmvdev [ -f ] { -vdev TargetDevice | -vtd VirtualTargetDevice } [-rmlv]

1. To close a virtual terminal connection to the partition with ID 3, type:
   rmvt -id 3

rstprofdata Command
Purpose - Restores profile data. This command is valid only in an Integrated Virtualization Manager environment.
Syntax  - To restore logical partition configuration data from a file:
          rstprofdata -l RestoreType [-f RestoreFile] [ --ignoremtms ] [ --ignoremac ] [ -m ManagedSystem ]

1. To restore the partition configuration data from /var/adm/lpm/profile.bak, type:
   rstprofdata -l 1
2. To restore the partition configuration data from lparData.bak without validating that the type, model,
   and serial number match, type:
   rstprofdata -l 1 -f lparData.bak --ignoremtms

savevgstruct Command
Purpose - Backs up a volume group.
Syntax  - savevgstruct VolumeGroupLabel
1. To save the structure of the user defined volume group myvg, enter:
   savevgstruct myvg

snap Command
Purpose - Gathers system configuration information.
Syntax  - snap [-general] [-dev DeviceName] snap script1 ?script2 arg1 arg2? ...

1. Enter the following command to gather all system configuration information:
   snap
   The output of this command is written to the users home directory.
2. Enter the following command to gather general system configuration information, including the output of
   the lslpp -hBc command:
   snap -general -dev /dev/rfd0
   Output is written to the /tmp/ibmsupt/general/lslpp.hBc and /tmp/ibmsupt/general/general.snap files.
   This command also writes the system information to a removable diskette.
3. To run the scripts foo1, foo2 and foo3. where foo1 takes no argument, foo2 takes three arguments and
   foo3 takes one argument, type the following?
   snap foo1 "foo2 -x -y 3" "foo3 6" foo4
   Output is written to /tmp/ibmsupt/snapscripts/foo1, /tmp/ibmsupt/snapscripts/foo2 and /tmp/ibmsupt/snapscripts/foo3
   assuming the destination directory is the default, /tmp/ibmsupt.

startnetsvc Command
Purpose - Starts the telnet, ftp, xntpd, ssh, or cimserver daemons.
1. To start the telnet daemon, type the following command:
   startnetsvc telnet
2. To start the ftp daemon, type the following command:
   startnetsvc ftp
3. To start all service daemons, type the following command:
   startnetsvc ALL

startsvc Command
Purpose - Starts the agent that is specified by the agent name.
Syntax  - startsvc AgentName
To start the ITM_base agent, type the following command:
startsvc ITM_base

startsysdump Command
Purpose - Starts a kernel dump to the primary dump device.
Syntax  - startsysdump

starttrace Command
Purpose - Records selected system events.
Syntax  - starttrace [ -event Event[, Event ] ...]
1. To trace hook 234 and the hooks that will allow you to see the process names, enter:
   starttrace -event 234,106,10C,134,139,465

stopnetsvc Command
Purpose - Disables the telnet, ftp, xntpd, ssh, or cimserver daemons.
Syntax  - stopnetsvc [NetworkService]
1. To disable the telnet daemon, type the following command:
   stopnetsvc telnet
2. To disable the ftp daemon, type the following command:
   stopnetsvc ftp
3. To disable all service daemons, type the following command:
   stopnetsvc ALL

stopsvc Command
Purpose - Stops the agent that is specified by the agent name.
Syntax  - stopsvc AgentName
To stop the ITM_base agent, type the following command:
stopsvc ITM_base

stoptrace Command
Purpose - Stops the trace function.
Syntax  - stoptrace

syncvg Command
Purpose - Synchronizes logical volume copies that are not current.
Syntax  - syncvg { -lv | -pv | -vg } Name ...
1. To synchronize the copies on physical volumes hdisk04 and hdisk05, type:
   syncvg -pv hdisk04 hdisk05
2. To synchronize the copies on volume groups vg04 and vg05, type:
   syncvg -vg vg04 vg05

sysstat Command
Purpose - Displays a summary of current system activity.
Syntax  - sysstat [ -long | -short ] [ User]

1. To display up to twenty "hot" disks every five seconds and omit network interface, WLM classes, and
   process information, type:
   topas -interval 5 -nets 0 -procs 0 -wlms 0
2. To display the five most active processes and up to twenty most active WLM classes (which is the
   default when omitting the -w flag) but no network or disk information, type:
   topas -procs 5 -nets 0 -disks 0
3. To run the program with default options, type:
   topas
4. To go directly to the process display, type:
   topas -procdisp
5. To go directly to the WLM classes display, type:
   topas -wlmdisp

traceroute Command
Purpose - Prints the route that IP packets take to a network host.
Syntax  - traceroute [ -hops Hops ] [ -num ] [ -port Port ] [ -src Address ] Host [ PacketSize ]
1. To print the route to host nis.nfs.net, type:
   traceroute nis.nsf.net

unmirrorios Command
Purpose - Removes the mirrors that exist on the rootvg volume group.
Syntax  - unmirrorios [ PhysicalVolume ...]

updateios Command
Purpose - Updates the Virtual I/O Server to latest maintenance level.
Syntax  - updateios -dev Media [-f] [ -install ] [ -accept ]
          updateios -commit | -reject [ -f ]
          updateios -cleanup
          updateios -remove { -file RemoveListFile | RemoveList }
1. To update the Virtual I/O Server to the latest level, where the updates are located on the mounted file system
   /home/padmin/update, type the following command:
   updateios -dev /home/padmin/update
2. To update the Virtual I/O Server to the latest level, when previous levels are not committed, type the following command:
   updateios -f -dev /home/padmin/update
3. To reject installed updates, type the following command:
   updateios -reject
4. To cleanup partially installed updates, type the following command:
   updateios -cleanup
5. To commit the installed updates, type the following command:
   updateios -commit

viosecure Command
Purpose - Activates, deactivates, and displays security hardening rules. Configures, unconfigures or displays
          firewall settings.
Syntax  - viosecure -level LEVEL [-apply] | [-nonint] -view
          viosecure -firewall on [[-force] -reload]
          viosecure -firewall allow | deny -port number [-interface ifname] [-address IPaddress]
                    [-timeout Timeout] [-remote]
          viosecure -firewall view [-fmt delimiter]

1.  To display the high system security settings, and to select which of the high security settings to apply to the system, type:
    viosecure -level high
2.  To apply all of the ’high’ system security settings to the system, type:
    viosecure -level high -apply
3.  To the display the current system security settings, type:
    viosecure -view
4.  To unconfigure the previous system security settings, type:
    viosecure -level default
5.  To allow IP activity on the ftp-data, ftp, ssh, www, https, rmc, and cimon ports, and to deny other IP activity, type:
    viosecure -firewall on
6.  To allow IP activity on all ports, type:
    viosecure -firewall off
7.  To allow users from IP address 10.10.10.10 to rlogin, type:
    viosecure -firewall allow -port login -address 10.10.10.10
8.  To allow users to rlogin for seven days, type:
    viosecure -firewall allow -port login -timeout 7d
9.  To allow rsh client activity through interface en0, type:
    viosecure -firewall allow -port 514 -interface en0 -remote
10. To removes the rule that allows users from IP address 10.10.10.10 to rlogin, type:
    viosecure -firewall deny -port login -address 10.10.10.10
11. To display the list of allowed ports, type:
    viosecure -firewall view

viostat Command
Purpose - Reports Central Processing Unit (CPU) statistics, asynchronous input/output (AIO) and input/output
          statistics for the entire system, adapters, tty devices, disks and CD-ROMs.
Syntax  - viostat viostat [ -sys ] [ -adapter ] [ -tty | -disk ] [ -path ] [ -time ] [ PhysicalVolume ... ]
          [ Interval [ Count ] ]


Disk Input/Output History To improve performance, the collection of disk input/output statistics has been disabled.
To enable the collection of this data, type:
chdev -dev sys0 -attr iostat=true
To display the current settings, type:
lsdev -dev sys0 -attr iostat

1. To display a single history since boot report for all tty, CPU, and Disks, type:
   viostat
2. To display a continuous disk report at two second intervals for the disk with the logical name disk1, type:
   viostat -disk disk1 2
3. To display six reports at two second intervals for the disk with the logical name disk1, type:
   viostat disk1 2 6
4. To display six reports at two second intervals for all disks, type:
   viostat -disk 2 6
5. To display six reports at two second intervals for three disks named disk1, disk2, disk3, type:
   viostat disk1 disk2 disk3 2 6
6. To print the System throughput report, type:
   viostat -sys
7. To print the Adapter throughput report, type:
   viostat -adapter
8. To print the System and Adapter throughput reports, with only the tty and CPU report (no disk reports), type:
   viostat -sys -adapter -tty
9. To print the System and Adapter throughput reports with the Disk Utilization reports of hdisk0 and hdisk7, type
   viostat -sys -adapter -disk hdisk0 hdisk7
10.To display time stamp next to each line of output of viostat, type:
   viostat -time 348

wall Command
Purpose - Writes a message to all users that are logged in.
Syntax  - wall [ -a ] [ -g Group ][ Message ]

wkldagent Command
Purpose - Starts, stops, or queries the state of the Workload Manager Agent.
Syntax  - wkldagent -start | -status | -stop
1. To start the Workload Manager Agent, type:
   wkldmgr -start
2. To check whether the Workload Manager Agent is currently active, type:
   wkldmgr -status
3. To stop the Workload Manager Agent, type:
   wkldmgr -stop

wkldmgr Command
Purpose - Starts or stops Workload Manager.
Syntax  - wkldmgr -start | -status | -stop
1. To start the Workload Manager, type:
   wkldmgr -start
2. To check whether the Workload Manager is currently active, type:
   wkldmgr -status
3. To stop the Workload Manager, type:
   wkldmgr -stop

wkldout Command
Purpose - Provides post-processing of the recordings made by the Workload Manager Agent (wkldagent).
Syntax  - wkldout -filename file
1. To process a data file named xmwlm.060331, type:
   wkldout -filename /home/ios/perf/wlm/xmwlm.0600331



===================
Output taken on 17 Dec 08
=========================
$ lsmap -all
SVSA            Physloc                                      Client Partition ID
--------------- -------------------------------------------- ------------------
vhost0          U9113.550.65BD55F-V1-C12                     0x00000002

VTD                   bwqas_datavg1
Status                Available
LUN                   0x8300000000000000
Backing device        hdisk6
Physloc               U787B.001.DNW4D3A-P1-C3-T1-W500601633060265E-L4000000000000

VTD                   bwqasdatavg
Status                Available
LUN                   0x8200000000000000
Backing device        bwqas_datavg
Physloc

VTD                   bwqasrootvg
Status                Available
LUN                   0x8100000000000000
Backing device        bwqas_rootvg
Physloc

SVSA            Physloc                                      Client Partition ID
--------------- -------------------------------------------- ------------------
vhost1          U9113.550.65BD55F-V1-C13                     0x00000003

VTD                   bwdevdatavg
Status                Available
LUN                   0x8200000000000000
Backing device        bwdev_datavg
Physloc

VTD                   bwdevdatavg1
Status                Available
LUN                   0x8300000000000000
Backing device        hdisk8
Physloc               U787B.001.DNW4D3A-P1-C3-T1-W500601633060265E-L6000000000000

VTD                   bwdevrootvg
Status                Available
LUN                   0x8100000000000000
Backing device        bwdev_rootvg
Physloc

SVSA            Physloc                                      Client Partition ID
--------------- -------------------------------------------- ------------------
vhost2          U9113.550.65BD55F-V1-C14                     0x00000004

VTD                   erpdatavg
Status                Available
LUN                   0x8200000000000000
Backing device        erpqas_datavg
Physloc

VTD                   erpdatavg1
Status                Available
LUN                   0x8300000000000000
Backing device        hdisk7
Physloc               U787B.001.DNW4D3A-P1-C3-T1-W500601633060265E-L5000000000000

VTD                   erprootvg
Status                Available
LUN                   0x8100000000000000
Backing device        erpqas_rootvg
Physloc

SVSA            Physloc                                      Client Partition ID
--------------- -------------------------------------------- ------------------
vhost3          U9113.550.65BD55F-V1-C15                     0x00000005

VTD                   erpdevdatavg
Status                Available
LUN                   0x8200000000000000
Backing device        erpdev_datavg
Physloc

VTD                   erpdevrootvg
Status                Available
LUN                   0x8100000000000000
Backing device        erpdev_rootvg
Physloc

$
======================================================================================


Virtual I/O Server - Some Commands
Below command lists all the commands available in your Virtual I/O Server

$ help

Install Commands PV Commands Security Commands

updateios lspv lsgcl

lssw migratepv cleargcl

ioslevel lsfailedlogin

remote_management LV Command

oem_setup_env lslv UserID Commands

oem_platform_level mklv mkuser

license extendlv rmuser

rmlvcopy lsuser

LAN Commands rmlv passwd

mktcpip mklvcopy chuser

hostname

cfglnagg

netstat Volume Group Commands Maintenance Commands

entstat lsvg chlang

cfgnamesrv mkvg diagmenu

traceroute chvg shutdown

ping extendvg fsck

optimizenet reducevg backupios

lsnetsvc mirrorios savevgstruct

unmirrorios restorevgstruct

Device Commands activatevg starttrace

mkvdev deactivatevg stoptrace

lsdev importvg cattracerpt

lsmap exportvg bootlist

chdev syncvg snap

rmdev startsysdump

cfgdev topas

mkpath mount

chpath unmount

lspath showmount

rmpath startnetsvc

errlog

stopnetsvc

-------------------------------------------------------------------------------------------------------


To receive further help on any command:


$ help errlog

Usage: errlog [-ls | -rm Days]


Displays or clears the error log.

-ls Displays information about errors in the error log file

in a detailed format.

-rm Deletes all entries from the error log older than


Initialize the LPAR Configuration:

mkgencfg -o init


Management OS Level:

ioslevel - Displays VIO Server level

updateios -dev /update - Updates the IOS software

-accept

updateios -dev /cd0 - Installs a new fileset

-install -accept

updateios -commit - Commits all uncommitted updates

updateios -reject - Rejects all uncommitted updates

udpateios -cleanup - Cleans all incomplete pieces of the previous

installation

updateios -remove Fileset - Removes a fileset

backupios -cd /dev/cd1 - Generates backup to the CD ROM

-cdformat

backupios -cd /dev/cd1 - Generates backup to the DVD-RAM

-udf

backupios -tape /dev/rmt0 - Generates backup to a tape device

backupios -tape /dev/rmt0 - Just verifies the backup available in a tape

-verify

backupios -file /opt/file1 - Generates backup to a file. No user VGs are -nosvg back’d up

oem_platform_level - Displays the underlying AIX OS version

oem_setup_env - Opens non-restricted root shell. This shell is

used mainly for the installation of vendor software such as device drivers

remote_management nim1 - To enable remote_management using NIM

master

remote_management -disable Disables remote management


-------------------------------------------------------------------------------------------------------


License Management:

license -view - To view license

license -accept - To accept the license

license - To view if the license has been accepted


-------------------------------------------------------------------------------------------------------


Software Management:

lssw - Lists all installed software

lssw -hist - Lsits all installed software and their history


-------------------------------------------------------------------------------------------------------


Management of Virtual Terminals:

mkvt -id 2 - Opens a virtual terminal for partition with id 2

rmvt -id 2 - Close a virtual terminal for a partition with id 2


-------------------------------------------------------------------------------------------------------


Device Commands:

chdev -dev scsi0 -attr id=6 - Changes the attribute of a device permanently.

-perm Sometimes it reboots the system if perm is used

chpath -dev hdisk1 - Disables the path between hdisk1 and scsi0

-pdev scsi0 -op disable

cfgdev - Configures the devices in the VIO server

cfgdev -dev scsi0 - Configures the devices attached to scsi0 adapter

rmdev -dev cd0 - Unconfigures the cd-rom device

rmdev -recursive -dev scsi1 - Unconfigures scsi adapter and its child devices

rmdev -pdev pci1 - Unconfigures the children of pci1 but not the

PCI bus pci1


-------------------------------------------------------------------------------------------------------


Management of Virtual/Shared Devices:

mkvdev -vdev lv20 - Creates virtual target device that maps lv20 as a

-vadapter vhost0 virtual disk for a client partition hosted by the

Vhost0 virtual server adapter

mkvdev -vdev hdisk6 - Same as above except here hdisk is used instead

-vadapter vhost2 of a logical volume

mkvdev -sea ent4 - Creates a SEA that maps the physical Ethernet

-vadapter ent6,ent7 adapter ent4 as a virtual adapter for the client

-default ent6 -defaultid 8 partitions served by the virtual Ethernet adapters ent6 and ent7, using ent6 as the default

adapter and 8 as the default id

rmvdev -vdev vtscsi9 -rmlv - Removes virtual target device vtscsi9 along with

its backing lv

rmvdev -vdev lv001 - Removes all virtual target device associated with

backing device "lv001"

rmvdev -vtd vtscsi10 - Removes a particular virtual target device


-------------------------------------------------------------------------------------------------------


List Device Mapping:

lsmap -vadapter vhost2 - Lists all virtual target devices and backing

devices mapped to virtual server adapter vhost2

lsmap -vadapter ent4 -net - Lists SEA and physical device mapped to virtual

server Ethernet Adapter ent4

lsmap -all -type lv - Lists all virtual target devices and backing devices where backing devices are of type LV

lsmap -all -net - Lists all network mapping


-------------------------------------------------------------------------------------------------------


List Device:

lsdev - Lists all devices

lsdev -virtual - Lists all virtual devices

lsdev -type adapter -virtual - Lists all virtual adapters

lsdev -slot - Lists all slots

lsdev -type adapter - Lists all adapters

Some types: disk, lv, optical, tape, tty

lsdev -type ent4sea - Lists all physical Ethernet adapters and

Etherchannel available for creating a SEA

lsdev -type ven4sea - Lists all virtual Ethernet adapters available for

creating a SEA

lsdev -type ent4ip - Lists all adapters over which interface can be

configured

lsdev -dev hdisk0 -parent - Lists Parent of a device

lsdev -type disk - Lists disks names and physical location alone

-field name physloc

lstcpip
lsdev -dev fcs0 -vpd
lspv -size hdisk1
-------------------------------------------------------------------------------------------------------


Logical Volume Manager :


Volume Group

mkvg -vg newvg hdisk1 - Created newvg on hdisk1

chvg -suspend vg03 - Drains I/O's for this volume group and suspends future I/O's

chvg -resume vg03 - Resumes normal I/O operations for a VG

chvg -unlock vg03 - Unlocks the VG if its left in a locked state by

abnormal termination of another LVM operation

extendvg vg3 hdisk3 - Adds physical volume to a volume group

reducevg vg01 hdisk1 - Removes a PV from a VG

reducevg -rmlv -f vg01 - Removes a PV and all residing LVs in a VG

hdisk1 without user confirmation

activatevg vg03 - Activates a volume group

deactivatevg vg03 - Deactivates a volume group

mirrorios -force hdisk4 - Mirror the VIO Server’s rootvg to hdisk4 and reboots VIO Server

mirrorios -defer hdisk4 - Mirror the VIO Server’s rootvg to hdisk4 but don’t reboot the server

unmirrorios hdisk4 - Removes rootvg mirror from hdisk4

importvg -vg vg001hdisk07 - Imports a vg from hdisk07

extendvg vg3 hdisk3 - Exports a VG. Volume Group containing a paging space can’t be exported

syncvg -vg vg01 - Sync’s a volume group

syncvg -lv lv001 - Sync’s a logical volume

syncvg -pv hdisk4 hdisk5 - Sync’s a physical volume

redefvg -dev hdisk04 - Redefines VG based on info from hdisk04

redefvg -vgid vg03 - Redefines vg03


-------------------------------------------------------------------------------------------------------


Logical Volume

mklv -lv lv001 vg01 1M - Creates a logical volume of size 1MB in vg01

hdisk1 using space from hdisk1

mklv -mirror vg01 1G - Creates a logical volume with mirror in place in vg01 of size 1GB

extendlv lv01 3M - Increases lv by 3MB

extendlv lv01 1G hdisk5 - Increases lv by 1GB with space taken from hdisk5

rmlv lv05 - Removes a logical volume

lslv lv03 - Lists a logical volume

lslv -pv lv03 - Displays info about LV by Physical volume

lslv -free - Lists LVs that can be used as backing devices

mklvcopy lv01 hdisk03 - Makes a copy for lv01 in hdisk03

rmlvcopy lv01 hdisk03 - Removes lv01’s copy from hdisk03

cplv lv01 lv02 - Copies the contents of lv01 to lv02

cplv -vg vg01 lv01 - Copies the contents of lv01 to a new lv in vg01


chlv -lv newlv oldlv - Changes the name of oldlv to newlv


-------------------------------------------------------------------------------------------------------


Physical Volume

lspv - Lists all physical volumes in the system

lspv hdisk03 - Lists status and characteristics of hdisk03

lspv -avail - Lists PVs that can be virtual SCSI backing devices

lspv -free - Lists PVs that can be virtual SCSI backing

devices and are not currently a backing device

migratepv hdisk1 hdisk2 - Moves physical partitions from hdisk1 to hdisk2

migratepv -lv lv01 hdisk1 - Moves physical partitions in lv01 from hdisk1 to

hdisk2 hdisk2


-------------------------------------------------------------------------------------------------------


Storage Pool Management:

mksp -f client_data - Creates s storage pool "client_data" using

hdisk3 hdisk4 hdisk3 and hdisk4

chsp -default client_data - Sets client_data storage pool as default

chsp -add -sp client_data - Adds hdisk to a storage spool

hdisk5 If SP is not mentioned, disk will be added to the default storage pool

lssp - Lists all storage pools

lssp -default - Lists the default storage pool

lssp -bd -sp rootvg - Lists the backing device in rootvg storage pool

mkbdsp -bd lv001 - Attaches storage from a storage pool to a Virtual

-vadapter vthost2 -tn vtscsi9 SCSI adapter

rmbdsp -bd lv001 - Removes storage from a Virtual SCSI adapter

And removes the backing revice

rmbdsp -bd lv001 -savebd - Removes storage from a Virtual SCSI adapter.

And makes sure backing device is not deleted

rmbdsp -vtd vtscsi9 - Removes storage from a Virtual SCSI adapter

And removes the backing revice

rmbdsp -vtd vtscsi8 -savebd - Removes storage from a Virtual SCSI adapter.

And makes sure backing device is not deleted


LAN Commands:


TCP/IP Confiration:

mktcpip -hostname sys01vio2 -inetaddr 9.47.90.113 -interface en2 -netmask 255.255.255.0 -gateway 9.47.90.1 -nsrvdomain yahoo.com -start

<!--[if !supportLists]-->- <!--[endif]-->Configures tcpip on a particular network interface


lstcpip -stored - Lists stored tcp/ip configuration in the system

lstcpip -adapters - Lists Ethernet adapters on the system

lstcpip -hostname - Shows the system hostname

lstcpip -namesrv - Lists DNS name servers in search order and domain name

lstcpip -routtable - Shows routing table

lsctpip -num -routtable - Shows routing table in numeric output instead of

hostname

lstcpip -sockets -family inet - Lists all open inet sockets


lstcpip -state - Shows status of all configured interfaces

rmtcpip -all - Removes all TCP/IP Settings

rmtcpip -interface en0 - Unconfigures tcpip in en0

rmtcpip -f -routing - Cleans up static routing table

rmtcpip -f -interface en0 - Removes IP information from en0 after reboot

-nextboot

rmcpip -namesrv - Removes DNS information and clears the hosts

file


Managing IP address-to-host name Mapping Entries:

hostmap -addr 192.100.1.7 - Adds IP address-to-host name mapping entry

-host alpha

hostmap -ls - Lists all IP address-to-host name mapping entries

hostmap-rm 192.100.1.7 - Deletes the IP address-to-host name mapping entry


Managing Network Services:

startnetsvc ALL - Enables all network services

startnetsvc telnet - Enables telnet daemon

startnetsvc ftp - Enables ftp daemon

startnetsvc ssh - Enables ssh daemon

startnetsvc ldap - Enables ldap daemon

startnetsvc cimserver - Enables cimserver daemon

startnetsvc xntpd - Enables xntpd daemon

startnetsvc tracelog - Sends CLI tracing info to system log

startnetsvc errorlog - Sends system error log to the system log

stopnetsvc ALL - Disables all network services

stopnetsvc telnet - Disables telnet daemon

stopnetsvc ftp - Disables ftp daemon

stopnetsvc ssh - Disables ssh daemon

stopnetsvc ldap - Disables ldap daemon

stopnetsvc cimserver - Disables cimserver daemon

stopnetsvc xntpd - Disables xntpd daemon

stopnetsvc tracelog - Stops sending CLI tracing info to system log

stopnetsvc errorlog - Stops sending system error log to the system log

lsnetsvc ftp - Lists the status of ftp network service


Managing DNS, Domain and Search Oder Entries:

cfgnamesrv -add - Adds a domain entry

-dname abc.aus.century.com

cfgnamesrv -add - Adds a name server entry

-ipaddr 192.9.201.1

cfgnamesrv -ls - Lists all DNS entries


Network Tuning Parameters:

optimizenet -set thewall - Displays the maximum size of the mbuf pool

optimizenet -set - Sets a machine as internet work router over ipforwarding=1 TCP/IP networks

optimizenet -h - Shows help info on udp_recvspace

udp_recvspace


Network Monitoring:

entstat ent0 - Displays all the statistics, including the device- specific statistics

entstat -reset ent0 - Resets all the statistics back to their initial values

traceroute nis.nsf.net - Prints the route to a particular host


-------------------------------------------------------------------------------------------------------


Commands to Monitor:

sysstat - Displays the summary of current system activity

topas - Displays system statistics


-------------------------------------------------------------------------------------------------------


System Management Commands:

shutdown - Halts the operating system

shutdown -force - Halts the operating system forcibly

shutdown -restart - Reboots the operating system

bootlist -mode service -rm - Invalidates the boot list for service mode

bootlist -mode service -ls - Displays boot list for service mode

bootlist -more normal - Sets the boot list for normal mode

hdisk0 rmt0 fd

errlog -ls - Displays complete detailed error report

errlog -rm 0 - Removes all error log entries

errlog -rm 5 - Removes error log entries older than 5 days

chdate -day 12 -month 10 - Changes the system date and time

-year 2004 -hour 16 -minute 30

chlang -lang fr_CA - Changes the language for the entire system to French Canadian

chlang -ls - Display available languages

diagmenu - Performs hardware problem determination and maintenance

invscout -report - Generate report on microcode levels of all the devices

invscout -vpd - Displays the vpd survey of the partition

motd -append "Message" - Appends MOTD

motd -overwrite - Overwrites MOTD

-file filename

cfgassist - Used to for initial setting of VIO Server

fsck /dev/lv01 - Checks a file system

showmount hostname - Shows exports directories on a remote server

startsysdump - Starts system dump in the primary device

viostat -disk disk1 2 - Displays continuous disk report on disk1 at 2sec interval

viostat -adapter - Displays adapter throughput reports

viostat -sys -adapter - Displays system and adapter throughput reports

snap -general -dev /dev/rfd0 - Gathers system info and stores in the floppy disk

lsfware -all - Displays microcode levels of all devices


-------------------------------------------------------------------------------------------------------


Managing Agents:

startsvc agent_name - Starts an agent

stopsvc agent_name - Stops an agent

lssvc agent_name - Shows agent configuration information

lssvc - Lists all available agents

cfgsvc -ls ITM_base - Displays attributes associated with ITSM_base agent

cfgsvc -key ITM_base - Displays the ITM_base agent ssh public key


-------------------------------------------------------------------------------------------------------


User Management:

mkuser - Creates a user

chuser - Changes a property of a user

lsuser - Displays user properties

rmuser - Removes a user

passwd - Sets/Resets password for a user


-------------------------------------------------------------------------------------------------------


Security Commands:

lsfailedlogin - Shows all failed logins

lsgcl - Lists the contents of global command log

viosecure -level high - Displays high system settings

viosecure -level high -apply - Apply all of the high system settings to the system

viosecure -view - Displays the current system settings

viosecure -firewall on - Allow IP activity on the ftp-data, ftp, ssh, www, https, rmc, and cimon ports, and to deny other IP activity

viosecure -firewall off - Allow IP activity on all ports

viosecure -firewall view - Display the list of allowed ports


-------------------------------------------------------------------------------------------------------
Some New Virtual Disk Techniques
The AIX Virtual User Group (Central Region, U.S.) recently hosted an informative webinar presented by Janel Barfield. Download the presentation or listen to a replay. The topics covered in the presentation and replay go nicely with some AIXchange blog entries (here and here) I previously wrote.

By listening to the webinar, I learned a few other techniques that we can all benefit from. For instance, in my VIO server, I tried creating a file-backed virtual disk (obviously on this test box I was using rootvg; if this were a production machine I'd create another volume group and use that instead):

mksp -fb fbpool -sp rootvg -size 1G

This added a new file system to my rootvg:

lsvg –lv rootvg

fbpool             jfs2       4       4       1    open/syncd
/var/vio/storagepools/fbpool

In my environment I did an lsmap –all | more and found a client to try this with. I ran:

mkbdsp -sp fbpool 500m -bd test_disk -vadapter vhost2

Here's the output I saw:

Creating file "test_disk" in storage pool "fbpool".
Assigning file "test_disk" as a backing device.
vtscsi5 Available
test_disk

I wanted to see what would appear in the file system that I just created, so I ran:

ls -la /var/vio/storagepools/fbpool

total 1024008
drwxr-xr-x   3 root     system          256 Nov 03 15:24 .
drwxr-xr-x   3 root     staff           256 Nov 03 15:18 ..
-rw-r--r--   1 root     staff           206 Nov 03 15:24 .test_disk
drwxr-xr-x   2 root     system          256 Nov 03 15:18 lost+found
-rw-r--r--   1 root     staff     524288000 Nov 03 15:24 test_disk

Interestingly, that .test_disk file contains some XML data describing the disk that I just created:

more /var/vio/storagepools/fbpool/.test_disk
<?xml version="1.0" encoding="UTF-8"?>
<device vios_version="1.0" name="/var/vio/storagepools/fbpool/test_disk" id="000
0bb8a0000d40000000117b276f9d8.1700000004" imagetype="SP_LOCAL" refcount="1">
</device>

When I look at the mapping that exists after creating the disk, I can see:

 lsmap -vadapter vhost2
SVSA            Physloc                                      Client Partition ID
--------------- -------------------------------------------- ------------------
vhost2          U7998.61X.100BB8A-V1-C15                     0x00000007

VTD                   vtscsi2
Status                Available
LUN                   0x8100000000000000
Backing device        hdisk3
Physloc
U78A5.001.WIH0A68-P1-C6-T1-W5005076801303022-LD000000000000

VTD                   vtscsi5
Status                Available
LUN                   0x8200000000000000
Backing device        /var/vio/storagepools/fbpool/test_disk
Physloc
U78A5.001.WIH0A68-P1-C6-T1-W5005076801303022-LD000000000000

This shows me that now I have the new virtual disk with the backing device being handled by the newly created file. When I run cfgmgr in my partition that uses vhost2, I see a new disk. AIX running in my partition doesn't differentiate between the file-backed storage or my normal hdisk-backed storage (hdisk1 is my newly created disk in this instance).

# lspv
hdisk0          00004daa45ffe3fd                    rootvg          active
hdisk1          none                                None

# lsdev -Cc disk
hdisk0 Available  Virtual SCSI Disk Drive
hdisk1 Available  Virtual SCSI Disk Drive

I can now use this disk as I would any other on my machine.

On the topic of virtual optical disks, one point brought up in the webinar was that instead of running multiple unloadopt/loadopt commands when using virtual optical disks, you can just use loadopt –f to force the disk image to load, even if a disk image is already loaded. This makes it simpler when using more than one CD to load the OS for instance, as you don't have to unloadopt before running the loadopt –f command when switching between disk images.

===========================================================
How to Upgrade SP01 on VIO 1.5
===========================================================
Service Pack information PACKAGE: Service Pack 01
IOSLEVEL: 1.5.2.11-FP-11.1

Description
VIOS 1.5.2.11-FP-11.1 SP-01 contains fixes and changes or enhancements to VIOS functions deemed critical to address before the next Fix Pack update.
VIOS 1.5.2.1-FP-11.1 SP-01 should be applied to systems that are currently at IOS level 1.5.2.1-FP-11.1. If your IOS level is lower than 1.5.2.1-FP-11.1, you must install Fix Pack 11.1 before you can install the Service Pack. Do not install this Service Pack on any level other than 1.5.2.1-FP-11.1; installing this Sevice Pack on any other level may result in unexpected operation of the VIOS or the client partitions hosted by the VIOS.
Note: This Service Pack is required for support of the DS5000.

You can download the Service Pack from a command line by using anonymous FTP. For this method, use anonymous as the user name and ftp as the password. Follow these instructions:

$ mkdir <Service_Pack_directory>

$ ftp ftp.software.ibm.com
Name: anonymous
Password: ftp
$ ftp> cd software/server/vios/servicepacks/1521/sp1
$ ftp> lcd /home/padmin/<Service_Pack_directory>
$ ftp> prompt
$ ftp> bin
$ ftp> mget *
$ ftp> bye

Installation instructionsTo install a Service Pack, log in to VIOS as padmin, and then follow these steps, entering the specified commands.

Check the ioslevel
$ ioslevel

To apply this Service Pack, the ioslevel must be:
1.5.2.1-FP-11.1
After the Service Pack has been downloaded, enter the following commands:
$ updateios -commit
$ updateios -install -accept -dev /home/padmin/<Service_Pack_directory>
After the update is complete, verify the correct IOS level by entering the following command:
$ isolevel
1.5.2.5-FP-11.1 SP-01
To load all changes, reboot the VIOS as User padmin
$ shutdown -restart


VIOS Service Pack(s) Package ioslevel Released Description

Service Pack 01  1.5.2.5 December 2008 (VIOS 1.5.2.11-FP-11.1 SP-01) This Service Pack only applies to a system at IOS le
Twitter Bird Gadget