Message-ID: <9041253.509.1711725779270.JavaMail.serveradmin@t01app> Subject: Exported From Confluence MIME-Version: 1.0 Content-Type: multipart/related; boundary="----=_Part_508_25264781.1711725779268" ------=_Part_508_25264781.1711725779268 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Content-Location: file:///C:/exported.html
I wrote these instructions back in Feb 2008 and just dumped this from my= old Google Sites wiki.
=20This guide describes a stripped down Server Solaris 10 server ideal as a= host for Container technology. You can download Solaris 10 for free online= and you will only need the first, second and fifth disc.
This procedure will outline the steps to be used in the creation of basi= c Sun image. Server images built this way can then be backed up and restore= d to any similar hardware using ufsdump/ufsrestore and the standard Sun sol= aris install boot cd to access a recovery shell running in memory.
CTRL-L {refresh the shell}
Things have slightly changed with the= new Solaris T5120 system. First, ILOM has been replaced with ALOM. Think o= f (Lights Out Manager) LOM as an OS that you use even when the SUN system i= s off. It has many features, but for us all that matters is you can still b= oot the system even after it is down with LOM. You can browser the T5120 p= roduct documentation for more d= etails.
Note* - When connecting to the remote console, certain editors do not di= splay properly (mainly vi) when the TERM environment variable is not set to= vt100. To rectify this problem, set: TERM=3Dvt100; export TERM
Highlighted below are the tougher questions to answer or standards that = 2Keys developed. Straightforward steps will be denoted with the text <= em>... obvious questions.
Hard Disk Partitioning Strategy (find my old article)
Aside instructions and this is not part of t=
he main document flow... move this out into another section called, adding =
a disk drive.
If you get the error message along the lines of,
scsi: WARNING: /pci@0/pci@0/pci@2/scsi@0/sd@2,0 (sd2):
<=
code>Feb 17 12:12:08 istur1 Corrupt label; wrong magic number<=
/p>
This is because you added a brand new disk.
You need to label the disk,
Login as root
type format
select the disk in question
type label {Solaris is going to label it for you, so you don't=
specify anything here}
verify (you should see data instead of an error message)
you are done
Log into your system and create a pla= ce for mounting your cdrom,
cd /mnt mkdir cdrom=20
Once you have logged in, execute the = following command so that backspace will work,
stty er= ase '^H'=20
On a true server class machine, the n=
etwork card will not be fully working yet so read, get your network card working. On a simple demo vm install it should be already working.
At this point you may should wo=
rk remotely using ssh. It's faster than terminal and you will be able to co=
py and paste more easily. To do so you must minimally set up the home direc=
tory and add your user account. See the section below, Setup of Acco=
unt. Just keep in mind that you won'=
t have the bash shell yet so do not specify a default shell.
If the system is on the 4th floor at 888 Birchmount the network interfac= e needs to be forced to 100 full as the autodetect doesn't work.On a Solari= s 10 system with an e1000g interface as shown by netstat -in or ifconfig -a= edit the /kernel/drv/e1000g.conf file and add as per the comments:
ForceSpeedDuplex=3D4,4,4,4,4,4,4,4,4,4,4,4,4,4,4,4;
Reboot for the change to take effect. grep -i link /var/adm/messages* af= ter booting to verify the link speed is correct.
In the event SSHD is installed manual= ly after the base installation, post-installation configuration is required= . SSHD host keys need to be generated to allow ssh connections to the syste= m. To achieve this, run the following:
/lib/sv= c/method/sshd -c svcadm restart ssh=20
Ensure time stays correct on your server,
# Creat= e the ntp.conf file in /etc/inet/ntp.conf # Note - zones use NTP off the global zone. The following configuration is = not necessary for zones. su - root vi /etc/inet/ntp.conf driftfile /etc/ntp.drift server 10.0.44.74 server 10.234.2.6 Stop and start the ntp service to enable. svcadm enable network/ntp Check that ntp is working, ntpq ntpq> peers=20 ntpq> quit # You should see something similiar to below. remote refid st t when poll reach delay offset d= isp =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D +10.0.44.74 .GPS. 1 u 812 1024 377 9.80 1.406 1= .11 *10.234.2.6 .GPS. 1 u 860 1024 377 6.56 -0.546 0= .52=20
There are other packages that we will now install. We choose to install = these package manually rather than during the initial server setup step. We= do this to remove unnecessary dependencies (extra packages being installed= ) and also because the interface during that step is really really slow.(It= appears that the Reduced Networking Core System Support doesn't list SSH)<= /p>
There are other packages that we will= now install. We choose to install these package manually rather than durin= g the initial server setup step. We do this to remove unnecessary dependenc= ies (extra packages being installed) and also because the interface during = that step is really really slow.(It appears that the Reduced Networking Cor= e System Support doesn't list SSH)
Manually install packages as follows and in the outlined order. If you d= o not want to use the order provided, make sure to check package dependenci= es with the command, pkginfo. Package list details can be found at, http://docs.sun.com/app/docs/doc/817-0545/sparcpackagelist= -tbl-1?a=3Dview
Convenience Package
I still have to make this. With Solaris10.ConveniencePackage.BonsaiFrame= work.zip using pkgadd -s /var/spool/pkg -d . [package name] which would contain all the packages you would need to install.= This saves time of putting in CDs and then installing packages one at a ti= me.
=20Mound yo= ur CD and then use the following command to install packages,
cd /mnt= /cdrom/Solaris_10/Product pkgadd -d . [package name] # command to install packages=20
Core of what you need minimally,
Proven to be useful and required for day to day maintenance
Since ~ Jan 2007 - Feb 2008 we've had production proven use of container= technology. Before we used to hack "cloning" but since becoming a feature = in build 33 (date?), I would say we are not cutting edge (rather than = bleeding edge).
Note we've are comfortable with other types of zone, but our enterprise = production proven use case has been sparse zones. As of this article, the t= echnology is brand new so here is a quick excerpt,
The default zone filesystem model is called sparse-root. T= his model emphasizes efficiency at the cost of some configuration flexibili= ty. Sparse-root zones optimize physical memory and disk space usage by shar= ing some directories, like /usr and /lib. Any updates and programs installe= d in the global zone (where all the other zones site) for the most part aff= ect the sparse-root zones. Further, sparse-root zones have their own privat= e file areas for directories like /etc and /var (this is where your service= software like Apache Web Server go).
Whole-root zones increase configuration flexibility but increase resourc= e usage. They do not use shared filesystems for /usr, /lib, and a few other= s. http://opensolaris.org/os/community/zones/faq/#basic_zonety= pes. We do not use Whole-root zones as it increaes maintenance (more sy= stems to update).
This lists the required packages to allow use of Zones. The initial list= is from Tony. I spent some time slimming things down. I believe this list = may be even further stripped down and will try given time.
Why can we ignore the X-Windows dependencies? Turns out this is a known = issue and a bug (as of Tin looking Feb 1, 2008). The = kernel developer Gary Pennington explains why here. Basic= ally SUNWzoneu depends on SUNWpool which depends on Java which asks for X s= tuff. In the fix, they took the parts of SUNWpool that depend on Java and s= plit it into its own package called SUNWpoold.
SUNWxcu4 (XCU4 Utilities) (look like we do not need this)
(Required f=
or native Java runtime and GID)
Make the base zone directory,
su - ro= ot cd /var mkdir zones=20
In order to run IHS (IBM HTTP Server) 6.x on zones you must have GSKit w= hich is packaged with IHS.
Check if GSKit is installed on the global zone.
cd /usr= /bin ls gsk7*=20
If you do not see gsk7 files then you must install it.
GSKit must be installed using root on the global zone,
su - # unpackage mkdir tmp cd tmp tar -xvpf ./ihs.6020.solaris.sparc.tar # run installer ./IHS/gskit.sh # Expect the following ERROR message, SunOS This is an SPARC Series machine. We are moving appropriate library into place. exec failed. errno=3D2. Installation of <gsk7bas> was successful.=20
SUNWsndmr SUNsndmu (sendmail used for alerting verify if this is needed = in the global zone)
Our packages are taken from Sunfreeware. Use the versions of package on this wiki unless:
Any freeware new packages or updated packages must be approved by Di=
ckson or Tony.
Here is the l=
ist of Freeware packages we use,
The top program gives a high level vi= ew of the system.
Download top-3.6.1-sol10-sparc-local.gz= to the global zone.
Wh=
en running the command to install, do NOT put
su - gunzip top-3.6.1-sol10-sparc-local.gz pkgadd -Gd top-3.6.1-sol10-sparc-local # notice no . ./ or directory name= pre>=20
Found this article in 2016 which has similar practice - http://deer-run.com/~hal/SolarisWebcast.pdf and given t= ime compare to see if they covered anything we missed here.