Page tree
Skip to end of metadata
Go to start of metadata

Introduction

I wrote these instructions back in Feb 2008 and just dumped this from my old Google Sites wiki.

This guide describes a stripped down Server Solaris 10 server ideal as a host for Container technology. You can download Solaris 10 for free online and you will only need the first, second and fifth disc.

This procedure will outline the steps to be used in the creation of basic Sun image. Server images built this way can then be backed up and restored to any similar hardware using ufsdump/ufsrestore and the standard Sun solaris install boot cd to access a recovery shell running in memory.

Boot Up

Serial Setup

  1. Connect 9 pin serial.
  2. Load Hyper Terminal using 9600 Baud
  3. Boot the Solaris System with the first Install CD-ROM
  4. If there is already a Solaris operating system then interrupt the boot right after you see Hostname:
    1. Ctrl Break-Key
    2. Then type: boot cdrom

CTRL-L {refresh the shell}

Remote Console Setup

  1. SSH to system which has direct access to the Remote Console device
  2. Telnet to Remote Console device
    1. Use standard password
    2. /C n (where n is your console id)
    3. If there is already a Solaris operating system then interrupt the boot,
      1. CTRL-]
      2. send br (type this)
    4. boot cdrom

Remote Console Setup with the New T300 and Using LOM

Things have slightly changed with the new Solaris T5120 system. First, ILOM has been replaced with ALOM. Think of (Lights Out Manager) LOM as an OS that you use even when the SUN system is off. It has many features, but for us all that matters is you can still boot the system even after it is down with LOM. You can browser the T5120 product documentation for more details.

  1. SSH to a system which has access to the Remote Console device
  2. Telnet to Remote Console device
    1. Use standard password
    2. /C n (where n is your console id)
    3. If you are in the default preinstalled OS then shut it down.
    4. #. (to get to ALOM)
    5. start /SYS (powers on the server and boots the OS system)
    6. start /SP/console
    7. If there is already a Solaris operating system then interrupt the boot right after you see Ethernet address [x:x:xx:x], Host ID: [xxxx].: 
      1. CTRL-]
      2. send br (type this)
    8. You should see, Type 'go' to resume
    9. boot cdrom (type this)
    10. Expect to wait a while

 

Note* - When connecting to the remote console, certain editors do not display properly (mainly vi) when the TERM environment variable is not set to vt100. To rectify this problem, set: TERM=vt100; export TERM

Installation of Sun Solaris 10 8/07

Highlighted below are the tougher questions to answer or standards that 2Keys developed. Straightforward steps will be denoted with the text ... obvious questions.

  1. ... obvious questions
  2. What type of terminal are you using? = DEC VT100
  3. Networked? = Yes
  4. Use DHCP? = No {we are building servers so generally it is a}
  5. Host name? = Up to you {in this example I used solaris}
  6. IP Address = Up to your network {example 192.168.0.10}
  7. System part of a subnet? = Yes
  8. Enable IPv6? = No
  9. Default Route for? = Detect one upon reboot
  10. ... obvious questions
  11. Configure Kerberos Security? = No
  12. Name Service = None
  13. ... obvious questions
  14. NFSv4 Domain Configuration = Use the NFSv4 domain derived by the system
  15. ... obvious questions
  16. Remote services enabled = No
  17. Ways to install your Solaris software = Standard
  18. Eject CD/DVD Automatically? = Given we are using servers choose manually
  19. Reboot After Installation = Auto Reboot
  20. Solaris Interactive Installation = For new systems it will give the option of upgrading, we don't want that. Choose Initial
  21. Select Georgraphic/Localization = DO NOT SELECT ANYTHING {else you will have to deal with unnecessary dependencies around X Windows and Java}
  22. Select System Locale = POSIX C ( C )
  23. Web Start Ready Product scan location: None
  24. File System = UFS (for now)
  25. Extra Value Software = No
  26. Additional Products = None
  27. Select Software = Reduced Networking Core System Support **Select F4 to Customize**
  28. We like to Customize the Reduced Networking Core System Support installation up front with F4_Customize to enable SSH which can be tricky to manually install, and some basic packages.
    1. Basic IP Commands (Root) = SUNWbipr depends on SUNWbipr
    2. Basic IP Commands (Usr) = SUNWbip
    3. GSSAPI CONFIG V2 = SUNWgssc
    4. GSSAPI V2 = SUNWgss depends on SUNWgssc {required for SSH Server} 
    5. Secure Shell
      1. SSH Client and utilities, (Root) = SUNWsshr
      2. SSH Client and utilities, (Usr) = SUNWsshu
      3. SSH Common, (Usr) = SUNWsshcu
      4. SSH Server, (Root) = SUNWsshdr
      5. SSH Server, (Usr) = SUNWsshdu
    6. Choosing F2_OK will take you back to the Select Software Screen
  29. Now that things are customized, on the Select software Screen choose, F2_Continue
  30. Select Disk
  31. Automatically Layout file systems? = Manual
  32. Do you want to mount software from a remote file server? = No, just choose to continue

Hard Disk Partitioning Strategy (find my old article)

Aside instructions and this is not part of the main document flow... move this out into another section called, adding a disk drive.

If you get the error message along the lines of,

scsi: WARNING: /pci@0/pci@0/pci@2/scsi@0/sd@2,0 (sd2):
Feb 17 12:12:08 istur1  Corrupt label; wrong magic number

This is because you added a brand new disk.

You need to label the disk,

  1. Login as root

  2. type format

  3. select the disk in question

  4. type label {Solaris is going to label it for you, so you don't specify anything here}

  5. verify (you should see data instead of an error message)

  6. you are done

Log into your system and create a place for mounting your cdrom,

cd /mnt
mkdir cdrom

To Prevent Cursing, Swearing and Pulling Out of Hair

Once you have logged in, execute the following command so that backspace will work,

stty erase '^H'

Setup NIC (true setup only, not demo)

On a true server class machine, the network card will not be fully working yet so read, get your network card working. On a simple demo vm install it should be already working.

At this point you may should work remotely using ssh. It's faster than terminal and you will be able to copy and paste more easily. To do so you must minimally set up the home directory and add your user account. See the section below, Setup of Account. Just keep in mind that you won't have the bash shell yet so do not specify a default shell.

If the system is on the 4th floor at 888 Birchmount the network interface needs to be forced to 100 full as the autodetect doesn't work.On a Solaris 10 system with an e1000g interface as shown by netstat -in or ifconfig -a edit the /kernel/drv/e1000g.conf file and add as per the comments:

ForceSpeedDuplex=4,4,4,4,4,4,4,4,4,4,4,4,4,4,4,4;

Reboot for the change to take effect. grep -i link /var/adm/messages* after booting to verify the link speed is correct.

Configuring SSHD for Remote Access

In the event SSHD is installed manually after the base installation, post-installation configuration is required. SSHD host keys need to be generated to allow ssh connections to the system. To achieve this, run the following:

/lib/svc/method/sshd -c
svcadm restart ssh

Setup Time Synchronization

Ensure time stays correct on your server,

# Create the ntp.conf file in /etc/inet/ntp.conf
# Note - zones use NTP off the global zone. The following configuration is not necessary for zones.
su - root
vi /etc/inet/ntp.conf
driftfile /etc/ntp.drift
server 10.0.44.74
server 10.234.2.6
Stop and start the ntp service to enable.
svcadm enable network/ntp
Check that ntp is working,
ntpq
ntpq> peers 
ntpq> quit


# You should see something similiar to below.

     remote           refid      st t when poll reach   delay   offset    disp
==============================================================================
+10.0.44.74      .GPS.            1 u  812 1024  377     9.80    1.406    1.11
*10.234.2.6      .GPS.            1 u  860 1024  377     6.56   -0.546    0.52

Install Essential Packages

There are other packages that we will now install. We choose to install these package manually rather than during the initial server setup step. We do this to remove unnecessary dependencies (extra packages being installed) and also because the interface during that step is really really slow.(It appears that the Reduced Networking Core System Support doesn't list SSH)

There are other packages that we will now install. We choose to install these package manually rather than during the initial server setup step. We do this to remove unnecessary dependencies (extra packages being installed) and also because the interface during that step is really really slow.(It appears that the Reduced Networking Core System Support doesn't list SSH)

Manually install packages as follows and in the outlined order. If you do not want to use the order provided, make sure to check package dependencies with the command, pkginfo. Package list details can be found at, http://docs.sun.com/app/docs/doc/817-0545/sparcpackagelist-tbl-1?a=view

 

Convenience Package

I still have to make this. With Solaris10.ConveniencePackage.BonsaiFramework.zip using pkgadd -s /var/spool/pkg -d . [package name] which would contain all the packages you would need to install. This saves time of putting in CDs and then installing packages one at a time.

Mound your CD and then use the following command to install packages,

cd /mnt/cdrom/Solaris_10/Product
pkgadd -d . [package name] # command to install packages

Initial Base Packages

Core of what you need minimally,

Disc1

  1. SUNWlibC (libc is required for a variety of other packages)
  2. SUNWmdu (volume manager disk mirroring)
  3. SUNWtnetc (Telnet client)

Disc 2

  1. SUNWbash (bash command shell) depends on SUNWlibC
  2. SUNWdoc (man page utilities)
  3. SUNWntpr SUNWntpu (Network Time Protocol)

Proven to be useful and required for day to day maintenance

  1. SUNWgzip (gzip utility)
  2. SUNWzip (zip utility)
  3. SUNWsshr SUNWsshu (ssh client) Already8 installed if you choose packages during initially install as instructed.

Disc 5

  1. SUNWtcpd (tcp_wrappers for network services)
  2. SUNWman (man pages)

Zone Packages

Since ~ Jan 2007 - Feb 2008 we've had production proven use of container technology. Before we used to hack "cloning" but since becoming a feature in build 33 (date?), I would say we are not cutting edge (rather than bleeding edge).

Note we've are comfortable with other types of zone, but our enterprise production proven use case has been sparse zones. As of this article, the technology is brand new so here is a quick excerpt,

The default zone filesystem model is called sparse-root. This model emphasizes efficiency at the cost of some configuration flexibility. Sparse-root zones optimize physical memory and disk space usage by sharing some directories, like /usr and /lib. Any updates and programs installed in the global zone (where all the other zones site) for the most part affect the sparse-root zones. Further, sparse-root zones have their own private file areas for directories like /etc and /var (this is where your service software like Apache Web Server go).

Whole-root zones increase configuration flexibility but increase resource usage. They do not use shared filesystems for /usr, /lib, and a few others. http://opensolaris.org/os/community/zones/faq/#basic_zonetypes. We do not use Whole-root zones as it increaes maintenance (more systems to update).

This lists the required packages to allow use of Zones. The initial list is from Tony. I spent some time slimming things down. I believe this list may be even further stripped down and will try given time.

Disc 2

  1. SUNWadmfr SUNWadmfw (Tin: I do not think these packages are needed.)
  2. SUNWlucfg SUNWlur SUNWluu SUNWluzone (installed due to SUNWzoner and SUNWzoneu)
  3. SUNWxwplr (already installed if you added X-Windows support)

Disc 1

  1. SUNWctpls SUNWdtcor (already installed if you added X-Windows support) SUNWmfrun (required for SUNWj5rt)
  2. SUNWj5rt (Note: you can safely ignore the X windows prerequisites if you want only support for zones and not X-Windows. This is fixed in Open Solaris as of Feb 1, 2008 but not in Sun Solaris 10. This looks to be fixed in Solaris 11.)
  3. SUNWpoolr SUNWpool
  4. SUNWzoner SUNWzoneu (requires SUNWluu, SUNWluzone on Disc 2 so install them first)

Why can we ignore the X-Windows dependencies? Turns out this is a known issue and a bug (as of Tin looking Feb 1, 2008). The kernel developer Gary Pennington explains why here. Basically SUNWzoneu depends on SUNWpool which depends on Java which asks for X stuff. In the fix, they took the parts of SUNWpool that depend on Java and split it into its own package called SUNWpoold.

SUNWxcu4 (XCU4 Utilities) (look like we do not need this)
(Required for native Java runtime and GID)

Make the base zone directory,

su - root
cd /var
mkdir zones

Packages to Allow IHS 6.x Running Inside of Zones

In order to run IHS (IBM HTTP Server) 6.x on zones you must have GSKit which is packaged with IHS.

Check if GSKit is installed on the global zone.

 

cd /usr/bin
ls gsk7*

If you do not see gsk7 files then you must install it.

GSKit must be installed using root on the global zone,

su -
 
# unpackage
mkdir tmp
cd tmp
tar -xvpf ./ihs.6020.solaris.sparc.tar
 
# run installer
./IHS/gskit.sh
# Expect the following ERROR message,
SunOS
This is an SPARC Series machine.
We are moving appropriate library into place.
exec failed. errno=2.
Installation of <gsk7bas> was successful.

Misc Package

SUNWsndmr SUNsndmu (sendmail used for alerting verify if this is needed in the global zone)

Package Installation - Freeware

Our packages are taken from Sunfreeware. Use the versions of package on this wiki unless:

  • There is a security issue resolved in the newer version (but you must still go through testing)
  • You really want the new features and you are building a system there will be extensive testing

Any freeware new packages or updated packages must be approved by Dickson or Tony.

Here is the list of Freeware packages we use,

  1. Top - top-3.6.1-sol10-sparc-local.gz
  2. GNU Grep - to provide install instructions

Example of Freeware Install - Top

The top program gives a high level view of the system.

Download top-3.6.1-sol10-sparc-local.gz to the global zone.

When running the command to install, do NOT put ., ./, or the directory name in front of the file name in pkgadd,

 

su -
gunzip top-3.6.1-sol10-sparc-local.gz
pkgadd -Gd top-3.6.1-sol10-sparc-local # notice no . ./ or directory name

References

Found this article in 2016 which has similar practice - http://deer-run.com/~hal/SolarisWebcast.pdf and given time compare to see if they covered anything we missed here.

 

  • No labels