...

...

On a true server class machine, the network card will not be fully working yet so read, get your network card working. On a simple demo vm install it should be already working.

At this point you may should work remotely using ssh. It's faster than terminal and you will be able to copy and paste more easily. To do so you must minimally set up the home directory and add your user account. See the section below, Setup of Account. Just keep in mind that you won't have the bash shell yet so do not specify a default shell.

...

Reboot for the change to take effect. grep -i link /var/adm/messages* after booting to verify the link speed is correct.

Configuring SSHD for Remote Access

In the event SSHD is installed manually after the base installation, post-installation configuration is required. SSHD host keys need to be generated to allow ssh connections to the system. To achieve this, run the following:

/lib/svc/method/sshd -c
svcadm restart ssh

Setup Time Synchronization

Ensure time stays correct on your server,

# Create the ntp.conf file in /etc/inet/ntp.conf
# Note - zones use NTP off the global zone. The following configuration is not necessary for zones.
su - root
vi /etc/inet/ntp.conf
driftfile /etc/ntp.drift
server 10.0.44.74
server 10.234.2.6
Stop and start the ntp service to enable.
svcadm enable network/ntp
Check that ntp is working,
ntpq
ntpq> peers 
ntpq> quit


# You should see something similiar to below.

     remote           refid      st t when poll reach   delay   offset    disp
==============================================================================
+10.0.44.74      .GPS.            1 u  812 1024  377     9.80    1.406    1.11
*10.234.2.6      .GPS.            1 u  860 1024  377     6.56   -0.546    0.52

Install Essential Packages

There are other packages that we will now install. We choose to install these package manually rather than during the initial server setup step. We do this to remove unnecessary dependencies (extra packages being installed) and also because the interface during that step is really really slow.(It appears that the Reduced Networking Core System Support doesn't list SSH)

There are other packages that we will now install. We choose to install these package manually rather than during the initial server setup step. We do this to remove unnecessary dependencies (extra packages being installed) and also because the interface during that step is really really slow.(It appears that the Reduced Networking Core System Support doesn't list SSH)

Manually install packages as follows and in the outlined order. If you do not want to use the order provided, make sure to check package dependencies with the command, pkginfo. Package list details can be found at, http://docs.sun.com/app/docs/doc/817-0545/sparcpackagelist-tbl-1?a=view

Mound your CD and then use the following command to install packages,

cd /mnt/cdrom/Solaris_10/Product
pkgadd -d . [package name] # command to install packages

Initial Base Packages

Core of what you need minimally,

Disc1

1. SUNWlibC (libc is required for a variety of other packages)
2. SUNWmdu (volume manager disk mirroring)
3. SUNWtnetc (Telnet client)

Disc 2

1. SUNWbash (bash command shell) depends on SUNWlibC
2. SUNWdoc (man page utilities)
3. SUNWntpr SUNWntpu (Network Time Protocol)

Proven to be useful and required for day to day maintenance

1. SUNWgzip (gzip utility)
2. SUNWzip (zip utility)
3. SUNWsshr SUNWsshu (ssh client) Already8 installed if you choose packages during initially install as instructed.

Disc 5

1. SUNWtcpd (tcp_wrappers for network services)
2. SUNWman (man pages)

Zone Packages

Since ~ Jan 2007 - Feb 2008 we've had production proven use of container technology. Before we used to hack "cloning" but since becoming a feature in build 33 (date?), I would say we are not cutting edge (rather than bleeding edge).

Note we've are comfortable with other types of zone, but our enterprise production proven use case has been sparse zones. As of this article, the technology is brand new so here is a quick excerpt,

The default zone filesystem model is called sparse-root. This model emphasizes efficiency at the cost of some configuration flexibility. Sparse-root zones optimize physical memory and disk space usage by sharing some directories, like /usr and /lib. Any updates and programs installed in the global zone (where all the other zones site) for the most part affect the sparse-root zones. Further, sparse-root zones have their own private file areas for directories like /etc and /var (this is where your service software like Apache Web Server go).

Whole-root zones increase configuration flexibility but increase resource usage. They do not use shared filesystems for /usr, /lib, and a few others. http://opensolaris.org/os/community/zones/faq/#basic_zonetypes. We do not use Whole-root zones as it increaes maintenance (more systems to update).

This lists the required packages to allow use of Zones. The initial list is from Tony. I spent some time slimming things down. I believe this list may be even further stripped down and will try given time.

Disc 2

1. SUNWadmfr SUNWadmfw (Tin: I do not think these packages are needed.)
2. SUNWlucfg SUNWlur SUNWluu SUNWluzone (installed due to SUNWzoner and SUNWzoneu)
3. SUNWxwplr (already installed if you added X-Windows support)

Disc 1

1. SUNWctpls SUNWdtcor (already installed if you added X-Windows support) SUNWmfrun (required for SUNWj5rt)
2. SUNWj5rt (Note: you can safely ignore the X windows prerequisites if you want only support for zones and not X-Windows. This is fixed in Open Solaris as of Feb 1, 2008 but not in Sun Solaris 10. This looks to be fixed in Solaris 11.)
3. SUNWpoolr SUNWpool
4. SUNWzoner SUNWzoneu (requires SUNWluu, SUNWluzone on Disc 2 so install them first)

Why can we ignore the X-Windows dependencies? Turns out this is a known issue and a bug (as of Tin looking Feb 1, 2008). The kernel developer Gary Pennington explains why here. Basically SUNWzoneu depends on SUNWpool which depends on Java which asks for X stuff. In the fix, they took the parts of SUNWpool that depend on Java and split it into its own package called SUNWpoold.

SUNWxcu4 (XCU4 Utilities) (look like we do not need this)
(Required for native Java runtime and GID)

Make the base zone directory,

su - root
cd /var
mkdir zones

Packages to Allow IHS 6.x Running Inside of Zones

In order to run IHS (IBM HTTP Server) 6.x on zones you must have GSKit which is packaged with IHS.

Check if GSKit is installed on the global zone.

cd /usr/bin
ls gsk7*

If you do not see gsk7 files then you must install it.

GSKit must be installed using root on the global zone,

su -
 
# unpackage
mkdir tmp
cd tmp
tar -xvpf ./ihs.6020.solaris.sparc.tar
 
# run installer
./IHS/gskit.sh
# Expect the following ERROR message,
SunOS
This is an SPARC Series machine.
We are moving appropriate library into place.
exec failed. errno=2.
Installation of <gsk7bas> was successful.

Misc Package

SUNWsndmr SUNsndmu (sendmail used for alerting verify if this is needed in the global zone)

Package Installation - Freeware

Our packages are taken from Sunfreeware. Use the versions of package on this wiki unless:

• There is a security issue resolved in the newer version (but you must still go through testing)
• You really want the new features and you are building a system there will be extensive testing

Any freeware new packages or updated packages must be approved by Dickson or Tony.

Here is the list of Freeware packages we use,

1. Top - top-3.6.1-sol10-sparc-local.gz
2. GNU Grep - to provide install instructions

Example of Freeware Install - Top

The top program gives a high level view of the system.

Download top-3.6.1-sol10-sparc-local.gz to the global zone.

When running the command to install, do NOT put ., ./, or the directory name in front of the file name in pkgadd,

su -
gunzip top-3.6.1-sol10-sparc-local.gz
pkgadd -Gd top-3.6.1-sol10-sparc-local # notice no . ./ or directory name

References

Found this article in 2016 which has similar practice - http://deer-run.com/~hal/SolarisWebcast.pdf and given time compare to see if they covered anything we missed here.