Multiple-Package Baseline Installation

BigFix Patch provides a solution to combine the installation of updates for multiple packages in a baseline into a single task, which can reduce the execution time of the baseline.

Baselines can help you gather multiple Fixlets into groups, which you can apply immediately to any set of target computers. It is a powerful way to deploy a group of actions across an entire network. However, each Fixlet in a baseline creates a separate YUM update transaction when the baseline is run. A single baseline can have numerous YUM calls, which can severely impact performance as it increases the time taken to complete all the transactions.

The multiple-package baseline installation solution helps address the poor performance that is due to the dependency resolution and package installation that is done separately for each Fixlet. This solution requires you to enable the feature at the start of the baseline and append the installation task to install the relevant packages from a single YUM call.

Use the Enable the Multiple-Package Baseline Installation feature task, to set the flag that instructs Fixlets to add packages to a list instead of installing them. The flag is cleared after the baseline is completed. You must add the appropriate task at the start of the baseline to allow the installation of multiple packages from a single command.
Notes: The multiple-package baseline installation feature does not support the pre-cache option Start download before all constraints are met in Take Action.
A multiple-package installation task is made available for each Amazon Linux 2 operating system version and architecture. You must add the appropriate installation task at the end of your baseline to complete the dependency resolution, download the packages, and then install them on the endpoints.
Important: The Enable the Multiple-Package Baseline Installation feature and Multiple-Package Baseline Installation tasks must exist in the same baseline.
Available from the Patches for Amazon Linux 2 site:
  • Multiple-Package Baseline Installation - Amazon Linux 2 - x86_64

These tasks must be run at the end of the baseline to do dependency resolution and package installation for the entire baseline in a single instance.

You can also do a dry run of the installation to preview the changes on the packages to avoid broken dependencies, which might be due to undesired packages updates. The test action outputs to the following files at /var/opt/BESClient/EDRDeployData:
PkgToInstallList.txt file
This file contains packages that are to be installed after a dependency check.
PkgToRemoveList.txt file
This file contains the packages that are to be removed from the target Amazon Linux 2 endpoint.
BigFix Patch also provides the following content to facilitate the installation:
Delete Amazon Linux 2 Package List File for Multiple-Package Baseline Installation
Deletes the package list file on targeted Amazon Linux 2 computers.
Add this task at the beginning of the baseline to avoid issues that might be related with resolving dependencies for the packages.

For detailed information about using the multiple package installation feature, see Installing multiple packages in a baseline.