Opensolaris user groups

by Mads
October 29, 2006 at 23:42 | categories: sun, security, solaris

Thursday night I went to the first meeting of the Netherlands Opensolaris User Group.
The program was quite interesting (even if I only understood half of it). Both Bart Muijzer and Casper Dik spoke in dutch but at least their slides were in english so that I think I might have understood the important parts and only missed most of the jokes. The one joke I didn't entirely miss was the one about why they chose NLOSUG rather than NOSUG. The main talk of the night was Darren Moffat talking about opensolaris development and zfs crypto. The zfs crypto project looks very interesting and I was quite pleased to hear that many of the hard bits in the implementation of an encrypted filesystem already has been identified and are being handled in the implementation. I hope Darren will soon manage to get some code online because I think this code has the potential to become one of the most solid implementations of an encrypted filesystem and by using the Solaris crypto providers, support for hardware acceleration and key storage should be simple.
The turnout was quite impressive with something like 60 people there.
The trip there and back again was a bit more interesting than I had planned. First was a 1:30 train ride through Utrect to Amersfoort and then the fun began. I'd looked at the usually quite practical 9292ov site and found that the last bit of way from the station was supposed to take around 30 minutes involving 2 busses and a fair bit of walking as well. Rather than having to deal with that, I opted for the 45 minute walk that viamichelin suggested. Note to self:not all routes suggested by them for walking are good - a sidewalk would have been a nice feature rather than having to walk the grass at the roadside. The walk back to the station was a lot less eventful, although I'd have preferred a map with slightly more detail than the whole city in 2x2 inches. The usual trick of checking that you're headed in the right direction by looking at the maps in bus stops also failed because for some reason they had taken away the detailed maps from every stop I passed leaving only a large map with less detail than my own. Other than that, it was quite uneventful, I got some good exercise and was back at my place by 1:30.


Saturday I met up with a couple of friends and went to Bof day and was quite impressed by the turnout at the opensolaris bof. For some time I've been talking to a friend about starting a DK OSUG, but we were still in the early planning stages because Solaris isn't all that widely used in Denmark and most of the opensource activities in the Copenhagen area seems to be either Linux or BSD. The turnout at the bof and the enthusiasm and curiosity displayed by the people there has made us rethink the whole thing and we've started looking at the possibility of doing an evening with a couple of introductory presentations and a sort of installfest. Watch this space and announcements going to opensource.dk for more details. The bof day also had sessions about virtualisation and tuning of live systems where we got to talk even more about opensolaris.


JET/Jumpstart x86 pxe notes

by Mads
September 20, 2006 at 23:43 | categories: sun, solaris

This is just a quick note, probably most useful for myself that I've gathered while setting up a pile of X4100s.

  • Download and install JumpStart Enterprise Toolkit 4.3.2. You don't need to install all of it, but is is small enough that I did. I'll assume it goes to /opt/SUNWjet
  • # export PATH=$PATH:/opt/SUNWjet/bin
  • I'll assume the following:
    • Solaris 10 update 2
    • You've got the dvd iso sol-10-u2-ga-x86-dvd.iso in /export
    • You're putting your files in /export/install
  • # copy_solaris_media -d /export/install/s10u2 -n s10u2 -i /export sol-10-u2-ga-x86-dvd.iso
  • Created loopback device /dev/lofi/1 for /export/sol-10-u2-ga-x86-dvd.iso
    mounted /export/sol-10-u2-ga-x86-dvd.iso at /export/install/1389/slices/s0 (of type hsfs)
    Copying Solaris image....
    Verifying target directory...
    Calculating the required disk space for the Solaris_10 product
    Calculating space required for the installation boot image
    Copying the CD image to disk...
    Copying Install Boot Image hierarchy...
    Copying /boot x86 netboot hierarchy...
    Install Server setup complete
     
    Added Solaris image s10u2 at the following location:
            Media:          /export/install/s10u2
     
    Unmounting /export/install/1389/slices/s0
    removing device /dev/lofi/1
    removing directory /export/install/1389
    
  • Install a dhcp server:
  • # pkgadd -d /export/install/s10u2/Solaris_10/Product SUNWdhcsr SUNWdhcsu SUNWdhcm SUNWdhcsb
  • # dhcpconfig -D -r SUNWfiles -p /var/dhcp
  • Created DHCP configuration file.
    Created dhcptab.
    Added "Locale" macro to dhcptab.
    Added server macro to dhcptab - n1master.
    DHCP server started.
    
  • Set up dhcp - assuming:
    • NETWORK: 192.168.1.0
    • NETMASK: 255.255.255.0
    • ROUTER: 192.168.1.1
  • # dhcpconfig -N 192.168.1.0 -m 255.255.255.0 -t 192.168.1.1
  • # make_template x4100
  • Adding product configuration information for 
            + base_config
            + custom
            + sds
            + vts
            + explo
            + flash
            + san
            + jass
            + zones
    Updating base_config template specifics
    Client template created in /opt/SUNWjet/Templates
    
  • At this point JET automatically adds nfs shares - I had to tweak mine so that I have:
  • # share -F nfs -o ro,anon=0 -d "JET Framework" /opt/SUNWjet
  • # share -F nfs -o ro,anon=0 /export/install/
  • # cd /opt/SUNWjet/Templates
  • Edit the template to fit your needs - at the bare minimum, you need to set:
    • base_config_ClientArch=
    • base_config_ClientOS=
    • base_config_client_allocation=
    • base_config_ClientEther=
    • base_config_sysidcfg_network_interface=
    • base_config_sysidcfg_netmask=
    • base_config_sysidcfg_default_route
    • base_config_sysidcfg_ip_address
  • This could look something like:
  • base_config_ClientArch=i86pc
    base_config_ClientEther=00:14:4F:2A:XX:XX
    base_config_ClientOS=s10u2
    base_config_client_allocation="grub"
    base_config_sysidcfg_network_interface=e1000g0
    base_config_sysidcfg_ip_address=192.168.1.3
    base_config_sysidcfg_netmask=255.255.255.0
    base_config_sysidcfg_default_route=192.168.1.1
    
  • Other common things to change would be the root passwd (see comment in the profile), disk layout and what cluster to use.An example diff for the interesting bits of the disk layout could look like this:
  •  ########################################
     # X86, X64 specific settings. If this is an x86 client, then you may need
    @@ -242,8 +242,8 @@
     
     base_config_profile_dontuse=""
     
    -base_config_profile_root=free 
    -base_config_profile_swap=256
    +base_config_profile_root=8192
    +base_config_profile_swap=4096
     
     #
     # If you are using VxVM and want your boot disk to look like the mirror, then
    @@ -261,9 +261,9 @@
     base_config_profile_s4_size=""
     
     base_config_profile_s5_mtpt="/var"
    -base_config_profile_s5_size=""
    +base_config_profile_s5_size="8192"
     
    -base_config_profile_s6_mtpt="/usr"
    +base_config_profile_s6_mtpt=""
     base_config_profile_s6_size=""
     
     #
    @@ -273,7 +273,7 @@
     #
     
     base_config_profile_s7_mtpt="/opt"
    -base_config_profile_s7_size=""
    +base_config_profile_s7_size="8192M"
     #
     ############
    
  • I usually choose either the full or the restricted net install:
  • base_config_profile_cluster=SUNWCXall
    base_config_profile_cluster=SUNWCreq
    
  • make_client -f x4100
  • Gathering network information..
            Client: 192.168.1.175 (192.168.1.0/255.255.255.0)
            Server: 192.168.1.170 (192.168.1.0/255.255.255.0, SunOS)
    Solaris: client_prevalidate
    Solaris: client_build
    Creating sysidcfg
    WARNING: no base_config_sysidcfg_timeserver specified using JumpStart server
    Creating profile
    Adding base_config specifics to client configuration
    Solaris: Configuring JumpStart boot for x4100
             Starting SMF services for JumpStart
    Solaris: Configure PXE/grub build
             Adding install client
            Doing a TEXT based install
             Leaving the graphical device as the primary console
             Configuring x4100 macro
             Using local dhcp server
             PXE/grub configuration complete
    Running '/opt/SUNWjet/bin/check_client  x4100'
    
    ...
    --------------------------------------------------------------
    Check of client x4100 
    -> Passed....
    
  • And that's all there is to it - for the X4100, you'll have to press F12 during startup to force a network install. On a local net, the install time for SUNWCreq is about 15 minutes on an X4100

Next installments could be to use flash install, setting up JASS and zones, adding patches and extra packages.


DTrace chosen as the Gold winner in The Wall Street Journal

by Mads
September 19, 2006 at 21:32 | categories: sun, solaris

Very cool and well deserved.

Bryan Cantrill and a team of engineers at Sun Microsystems Inc. have devised 
a way to diagnose misbehaving software quickly and while it's still doing its 
work. While traditional trouble-shooting programs can take several days of 
testing to locate a problem, the new technology, called DTrace, is able to 
track down problems quickly and relatively easily, even if the cause is 
buried deep in a complex computer system.

The DTrace trouble-shooting software from Sun was chosen as the Gold winner 
in The Wall Street Journal's 2006 Technology Innovation Awards contest, the 
second time in three years that a Sun entry has won the top award.

Patching and Fair Share Scheduling

by Mads
April 15, 2006 at 00:22 | categories: sun, solaris, asf

I spent a very long time today getting the ASF zones server patched for the recent sendmail vulnerability. The Sun Alert and the Interim Relief patch were simple enough except for the dependency on 118844-30 which again depends on a grub bootloader update. One thing lead to another (or should I say: one patch led to another) and with me playing it safe (the machine is 9 timezones away) and the mess of having to sort out patches by hand it all ended up taking 4 or 5 hours. I'm used to having support contracts in order and TLP/EIS at hand at work, so this ended up taking a lot more time than I expected.

With the day being more or less gone anyway, I decided that I might as well go ahead and implement Fair Share Scheduling.
So far every zone got its own pool and each zone (except global) got the same number of shares. I doubt anyone will notice this change in their day to day running of things on the server, but in the case where something goes haywire and starts soaking resources, I hope the rest of the zones won't notice. I plan to let it run for a while and then see if there is a need for adjustment.


Sunny Day

by Mads
April 13, 2006 at 20:51 | categories: hardware, sun, solaris

Tuesday last week I went to a Sun thing titled "Powering the Participation Age". Most of the day was spent chatting to Sun reps and listening to a couple of semi technical presentations. One of the presentations covered the T2000 servers and was quoting Colm MacCárthaigh's and his T2000 testing. Of course I couldn't keep quiet and had to mention that the numbers were probably far from what Colm would get in later testing and his latest posts adds about 1/3 by upgrading to Solaris Express, but the really amazing thing is that he gets better performance running Linux on the T2000!

Scott McNealy also made an appearance and did a very good job at explaining what Sun has been doing recently and why. For the first time, I began to understand where they're going and I'm not as worried as I used to be. Only time will tell wether they will succeed. As usual, Scott managed to make fun of the company that I won't be working for much longer, maybe I'm biased by having made the decision, but he wasn't far off the mark - if anything, things are probably worse than he joked about :)


« Previous Page -- Next Page »