Archive for the ‘SysAdminTools’ Category

Quick and Easy Way to Build Solaris 10 / Solaris Express Zones

Tuesday, June 24th, 2008

So, maybe you don’t want to spend any time installing JET (JumpStart Enterprise Toolkit) but you do want to build zones in a jumpstart-ish way, that is - quickly and consistently on say, your laptop for example… oh yeah and you want to do it right now!

Well, there’s probably a boat load of other people who have done something similar to this before, but, whatever. I’ve written a quick script to add and remove zones from a solaris 10 (or in this case, a Solaris Express) machine, with very little thought and virtually no questions asked.

The newZone.ksh script will:

  • Perform basic verification that your input is sane, such as checking the NIC is plumbed, IP is valid-ish, Zone doesn’t exist
  • Default to autoboot the zone
  • Use your existing /etc/sysidcfg, changing only the hostname (easily modifiable for more complex setups)
  • Allow for post-install scripts to be run, but you must add them yourself (or ask and I’ll give you my basic one).

The rmZone.ksh has basically no error checking, and the script will simply:

  • Halt the running zone immediately
  • Uninstall the zone
  • Delete the zone’s config

The scripts should be relatively easy to follow, and modifable as you see fit. Please don’t redistribute a modified version without my permission.

UPDATE 14 July 2008: Zone Creation Scripts updated to:

  • Improve handling of invalid input
  • Resolve bug with sparse zone creation

Additional notes added to this post you must read if you have not installed the zone host from jumpstart (you will need to create a sysidcfg similar to the example)

You can grab the scripts in the tar file at:
http://unixsysadmin.net/files/zone-scripts.tar

Usage:

newZone.ksh <zoneName> <physicalNIC> <zoneIP> [whole | sparse]
rmZone.ksh <zoneName>

Sample run:

bash-3.2# ./newZone.sh ldapm1 rtls0 192.168.0.2 whole
INFO: Zone does not exist, OK to create
INFO: Physical NIC exists, OK to use
INFO: IP Address is probably OK
INFO: ZoneType is OK
INFO: Configuring Zone...
INFO: Creating a whole zone in /export/zones/ldapm1
Preparing to install zone <ldapm1>.
Creating list of files to copy from the global zone.
Copying <206279> files to the zone.
Initializing zone product registry.
Determining zone package initialization order.
Preparing to initialize <1358> packages on the zone.
Initialized <1358> packages on zone.
Zone <ldapm1> is initialized.
.
.
.
[NOTICE: Zone rebooting]

SunOS Release 5.11 Version snv_92 64-bit
Copyright 1983-2008 Sun Microsystems, Inc.  All rights reserved.
Use is subject to license terms.
Hostname: ldapm1
Reading ZFS config: done.
ldapm1 console login:

And we’re good to go!

NOTE for Non-Jumpstarted Machines: The scripts assume the host of your zones was jumpstarted, and as such, has an /etc/sysidcfg file. If it does not, you will want to have one somewhere, by default it looks at /etc/sysidcfg.

For simplicity, you could create one that looks something like this (with the correct paramaters, of course)

  system_locale=en_AU.ISO8859-1
  timezone=Australia/Sydney
  timeserver=localhost
  terminal=vt100
  name_service=DNS {domain_name=<your domain>
                        name_server=<your name server>
                        search=<your search domain>}
  security_policy=NONE
  root_password=<a crypt version of your password>
  network_interface=primary {hostname=<your host name>
                        netmask=<your netmask>
                        protocol_ipv6=no
                        default_route=<your default route>}
  nfs4_domain=<your domain name>

replacing all the bits in the < >, and the <hostname> bit with your systems hostname - this is important as the script uses sed to replace this value with your zone’s hostname, if you do not do this, you will get asked all the questions from the installer, and all of a sudden, the automated build isn’t so automated!

Building a minimal Solaris jumpstart profile

Thursday, November 22nd, 2007

So I’ve spent this week off from work, and I have been spending my time working on building a jumpstart environment to deploy a stack of hosts into VMWare, so as I can build various kinds of Solaris hosts, including LDAP replicas (Directory Server 6.2), Mail stores and gateways using Sun Cluster and Messaging Server 6.3, and Oracle RAC on Sun Cluster.

I thought I’d give you some code I’ve written (its spectacularly awful code, but it works and works quickly) to build a minimal Solaris profile. The whole idea is to use SUNWCreq as your base for your profile, and only add packages you want from there. It makes my build around 730meg with all the stuff I need to run Sun Cluster and a bunch of utilities I find handy, without all the additional stuff that I won’t be using at this point in time.

To use this utility you will need to know the name of the package, and be running this on a Solaris host that actually has the package installed (in this case I’m running it on my jumpstart server, which is built using SUNWCXall - that is, everything). On a host like this you can locate the name of the package you are after by finding a known file from the package in /var/sadm/install/contents. eg.

bash-3.00# grep /usr/bin/bash /var/sadm/install/contents
 /usr/bin/bash f none 0555 root bin 611132 31995 1178118881 SUNWbash

Then you can use:

java SPDB SUNWbash

to get a profile-friendly output of all SUNWbash’s dependecies, excluding those already in SUNWCreq.

To build a reasonably minimised host ready for Sun Cluster 3.1u4, using Solaris 10 u3, with utilities I like to have installed (including the SUNWinst package so I can take a flar at the end and gcc if I’d like to do some compiling):

java SPDB SUNWgcc SUNWgmake SUNWhea SUNWluzone SUNWman SUNWpl5u SUNWpool SUNWsshcu \
SUNWsshdr SUNWsshu SUNWsshdu SUNWvolu SUNWvolr SUNWwgetr SUNWwgetu SUNWzoneu \
SUNWzoner SUNWzfsu SUNWzfsr SUNWbind SUNWdhcsu SUNWdhcsr SUNWinst SUNWbash \
SUNWtcatu SUNWcacaort > /var/tmp/pkgList

Then use that output in a profile you might have something like:

install_type   initial_install
 system_type standalone
 # start with the minimal required number of packages
 cluster        SUNWCreq
#additional packages

<INSERT package list here, in vi use:

:r /var/tmp/pkgList

to read it in>

#patches
patch 118855-36 nfs 10.0.0.1:/jumpstart/patches
# format the entire disk for Solaris
 fdisk   all   solaris all
# define how the disk is partitioned
 boot_device any update
 partitioning      explicit
 filesys rootdisk.s0 4096 /
 filesys rootdisk.s1 2048 swap
 filesys rootdisk.s3 512  /globaldevices
 filesys rootdisk.s4 free /var

for example.

You can get my first cut of the code here: http://unixsysadmin.net/files/SPDB.class

Its so dodgy that I haven’t even packaged it up. I will make it much more useable in future (differing repositories of information, find dependencies based on the binary/file you’re after, so you need not know package names and so on).

Some might say there is a tool that does what I required and perhaps a much better job (http://blogs.sun.com/gbrunett/entry/solaris_package_companion for example). I haven’t used this tool, and to be honest I wanted to learn some more about how the package dependency structure worked in Solaris, so this was for both my own learning, and immediate need of having a minimal install of solaris, with just what I need - to basically reduce jumpstart host deployment time.

NOTES:

-SPDB stands for Solaris Profile Dependency Builder. I think I’ll change that when I come up with a good name. Enjoy!

-Java 1.5 is required for this package to work correctly

Finally - The Gap has been Bridged

Wednesday, September 12th, 2007

You know Chargen? And Discard?

Of course you do, in fact, you’ve probably been wondering, “when will someone finally come up with the goods and bridge the gap between these two fast moving technologies in today’s marketplace?”

Well friends, its early days - but I’ve done it. It’s called “discharge” and it bridges the gap between the two technologies, by taking the packets from chargen and feeding them to discard.

The tool is flexible, as in you can choose to connect to any host running chargen, and any host running discard! It can even be the same host, or the host you run the tool on.

Of course, reliability is always a concern, so I have opted ONLY to use the TCP streams based chargen and discard, as UDP is too unreliable a protocol for these higly important, if not, mission critical tools.

Even better, I’m making this tool “discharge” available for free. It’s written in java and has been tested on Windows and Solaris, compiled for java 1.2, for compatability with older OS’, such as Solaris 8.

Make sure you give it 2 hostnames at the command line:

java discharge <chargenHost> <discardHost>

And you’ll be fine for this release (early adopters only!).

You can get the first (and any later releases) here: http://unixsysadmin.net/files