Nice page describing how to install/setup openSSH on Solaris 8 at :
http://sunfreeware.com/openssh8.html
jeudi 11 septembre 2008
vendredi 5 septembre 2008
Installing a linux zone on a Solaris host
Previous posts describe the creation of Solaris zones, this post describes the creation of a linux zone (RedHat EL 3.x or CentOS 3.x) running on a Solaris 10 host (x86 hardware).
First create a ZFS filesystem for your zone as described in the previous posts on this blog.
Here we will use the zfs file system zones_pool/zone1_root.
Then create the zone :
zonecfg -z linux-zone1
linux-zone1: No such zone configured
Use 'create' to begin configuring a new zone.
zonecfg:linux-zone1> create -t SUNWlx
zonecfg:linux-zone1> set zonepath=/zones_pool/zone1_root
zonecfg:linux-zone1> set autoboot=true
zonecfg:linux-zone1> set bootargs=""
zonecfg:linux-zone1> add net
zonecfg:linux-zone1:net> set address=10.17.7.156/24
zonecfg:linux-zone1:net> set physical=bge0
zonecfg:linux-zone1:net> end
zonecfg:linux-zone1> verify
zonecfg:linux-zone1> commit
zonecfg:linux-zone1> exit
To install linux on the zone, you need one linux distribution (today RedHat 3.x or CentOS 3.x),
http://opensolaris.org/os/community/brandz/downloads/
Here, we will install RedHat from isos images, the zoneadm installation command is given in parameter a directory where to find these iso files :
zoneadm -z linux-zone1 install -d /net/machine/export/LINUX/as3-u8/i386_iso
Installing distribution 'Red Hat Enterprise Linux 3 Update 8'...
Installing cluster 'desktop'
Installing miniroot for zone 'linux-zone1'.
Attempting to locate 30 packages...
Installing 1 miniroot package...
Attempting to locate 29 packages...
Installing 29 miniroot packages...
Setting up the initial lx brand environment.
System configuration modifications complete.
Duplicating miniroot; this may take a few minutes...
Booting zone miniroot...
Miniroot zone setup complete.
Performing full install for zone 'linux-zone1'.
Attempting to locate 663 packages...
Installing zone 'linux-zone1' from ISO
"/net/machine/export/LINUX/as3-u8/i386_iso/RHEL3-U8-re20060712.1-i386-disc2-ftp.iso".
Checking for deferred packages...
Attempting to locate 3 packages...
Installing 470 packages; this may take several minutes...
Attempting to locate 193 packages...
Installing zone 'linux-zone1' from ISO
"/net/machine/export/LINUX/as3-u8/i386_iso/RHEL3-U8-re20060712.1-i386-disc3-ftp.iso".
Checking for deferred packages...
Attempting to locate 3 packages...
Installing 106 packages; this may take several minutes...
Attempting to locate 87 packages...
Installing zone 'linux-zone1' from ISO
"/net/machine/export/LINUX/as3-u8/i386_iso/RHEL3-U8-re20060712.1-i386-disc4-ftp.iso".
Checking for deferred packages...
Attempting to locate 3 packages...
Installing 69 packages; this may take several minutes...
Attempting to locate 18 packages...
Installing zone 'linux-zone1' from ISO
"/net/machine/export/LINUX/as3-u8/i386_iso/RHEL3-U8-re20060712.1-i386-AS-disc1-ftp.iso".
Checking for deferred packages...
Attempting to locate 3 packages...
Installing 18 packages; this may take a few minutes...
Installing 3 deferred packages; this may take a few minutes...
Completing installation; this may take a few minutes.
Setting up the initial lx brand environment.
System configuration modifications complete.
Installation of Red Hat Enterprise Linux 3 Update 8 to zone
'linux-zone1' completed Fri Sep 5 17:33:06 MEST 2008.
Installation of zone 'linux-zone1' completed successfully.
Details saved to log file:
"/zones_pool/zone1_root/root/var/log/linux-zone1.install.20498.log"
By default, networking is disabled in a linux zone.
You can enable it by editing from the Solaris global zone, the file /zones_pool/zone1_root/root/etc/sysconfig/network to have the following content:
NETWORKING="yes"
HOSTNAME=myhost
NISDOMAIN=mydomain
You can now boot the zone, using the command:
zoneadm -z linux-zone1 boot
First create a ZFS filesystem for your zone as described in the previous posts on this blog.
Here we will use the zfs file system zones_pool/zone1_root.
Then create the zone :
zonecfg -z linux-zone1
linux-zone1: No such zone configured
Use 'create' to begin configuring a new zone.
zonecfg:linux-zone1> create -t SUNWlx
zonecfg:linux-zone1> set zonepath=/zones_pool/zone1_root
zonecfg:linux-zone1> set autoboot=true
zonecfg:linux-zone1> set bootargs=""
zonecfg:linux-zone1> add net
zonecfg:linux-zone1:net> set address=10.17.7.156/24
zonecfg:linux-zone1:net> set physical=bge0
zonecfg:linux-zone1:net> end
zonecfg:linux-zone1> verify
zonecfg:linux-zone1> commit
zonecfg:linux-zone1> exit
To install linux on the zone, you need one linux distribution (today RedHat 3.x or CentOS 3.x),
- either as a tar archive,
- or a set of cd-rom/dvd,
- or a set of isos images.
http://opensolaris.org/os/community/brandz/downloads/
Here, we will install RedHat from isos images, the zoneadm installation command is given in parameter a directory where to find these iso files :
zoneadm -z linux-zone1 install -d /net/machine/export/LINUX/as3-u8/i386_iso
Installing distribution 'Red Hat Enterprise Linux 3 Update 8'...
Installing cluster 'desktop'
Installing miniroot for zone 'linux-zone1'.
Attempting to locate 30 packages...
Installing 1 miniroot package...
Attempting to locate 29 packages...
Installing 29 miniroot packages...
Setting up the initial lx brand environment.
System configuration modifications complete.
Duplicating miniroot; this may take a few minutes...
Booting zone miniroot...
Miniroot zone setup complete.
Performing full install for zone 'linux-zone1'.
Attempting to locate 663 packages...
Installing zone 'linux-zone1' from ISO
"/net/machine/export/LINUX/as3-u8/i386_iso/RHEL3-U8-re20060712.1-i386-disc2-ftp.iso".
Checking for deferred packages...
Attempting to locate 3 packages...
Installing 470 packages; this may take several minutes...
Attempting to locate 193 packages...
Installing zone 'linux-zone1' from ISO
"/net/machine/export/LINUX/as3-u8/i386_iso/RHEL3-U8-re20060712.1-i386-disc3-ftp.iso".
Checking for deferred packages...
Attempting to locate 3 packages...
Installing 106 packages; this may take several minutes...
Attempting to locate 87 packages...
Installing zone 'linux-zone1' from ISO
"/net/machine/export/LINUX/as3-u8/i386_iso/RHEL3-U8-re20060712.1-i386-disc4-ftp.iso".
Checking for deferred packages...
Attempting to locate 3 packages...
Installing 69 packages; this may take several minutes...
Attempting to locate 18 packages...
Installing zone 'linux-zone1' from ISO
"/net/machine/export/LINUX/as3-u8/i386_iso/RHEL3-U8-re20060712.1-i386-AS-disc1-ftp.iso".
Checking for deferred packages...
Attempting to locate 3 packages...
Installing 18 packages; this may take a few minutes...
Installing 3 deferred packages; this may take a few minutes...
Completing installation; this may take a few minutes.
Setting up the initial lx brand environment.
System configuration modifications complete.
Installation of Red Hat Enterprise Linux 3 Update 8 to zone
'linux-zone1' completed Fri Sep 5 17:33:06 MEST 2008.
Installation of zone 'linux-zone1' completed successfully.
Details saved to log file:
"/zones_pool/zone1_root/root/var/log/linux-zone1.install.20498.log"
By default, networking is disabled in a linux zone.
You can enable it by editing from the Solaris global zone, the file /zones_pool/zone1_root/root/etc/sysconfig/network to have the following content:
NETWORKING="yes"
HOSTNAME=myhost
NISDOMAIN=mydomain
You can now boot the zone, using the command:
zoneadm -z linux-zone1 boot
vendredi 25 juillet 2008
Installing a Solaris 8 zone on CMT hardware
Solaris 8 is not supported on new systems like the Sun Fire T2000 using the Chip Multithreading Technology (CMT), but it is possible to install a Solaris 8 zone on this system and run a Solaris 8 application.
For this example, we will use a Sun Fire T2000 running Solaris 10 5/08.
(for solaris 10 8/07, the instructions are the same, but you need first to download from sunsolve and install patch 127111-01 or the latest patch that obsoletes 127111)
First download Solaris 8 Containers 1.0 from https://cds.sun.com/is-bin/INTERSHOP.enfinity/WFS/CDS-CDS_SMI-Site/en_US/-/USD/ViewProductDetail-Start?ProductRef=solaris8-cont-1.0-G-F@CDS-CDS_SMI
(packages and the sample Solaris 8 flash archive)
Install two of the packages contained in this download :
pkgadd -d . SUNWs8brandr
pkgadd -d . SUNWs8brandu
Create a ZFS filesystem for your zone as described in the previous post on this blog.
Here we will use the zfs file system zones_pool/zone1_root.
Then create the Solaris 8 zone and specify the machine hardware name being sun4u (while our physical system using UltraSPARC T1 is a sun4v hardware) :
zonecfg -z s8-zone
s8-zone: No such zone configured
Use 'create' to begin configuring a new zone.
zonecfg:s8-zone> create -t SUNWsolaris8
zonecfg:s8-zone> set zonepath=/zones_pool/zone1_root
zonecfg:s8-zone> set autoboot=true
zonecfg:s8-zone> add net
zonecfg:s8-zone:net> set address=10.17.7.249/24
zonecfg:s8-zone:net> set physical=e1000g0
zonecfg:s8-zone:net> end
zonecfg:s8-zone> add attr
zonecfg:s8-zone:attr> set name=machine
zonecfg:s8-zone:attr> set type=string
zonecfg:s8-zone:attr> set value=sun4u
zonecfg:s8-zone:attr> end
zonecfg:s8-zone> exit
Install the zone from the flash archive sample provided by Sun in the Solaris 8 Containers 1.0 download :
zoneadm -z s8-zone install -u -a /download/solaris8-image.flar
Log File: /var/tmp/s8-zone.install.23636.log
Source: /download/solaris8-image.flar
Installing: This may take several minutes...
Postprocessing: This may take several minutes...
Result: Installation completed successfully.
Log File: /zones_pool/zone1_root/root/var/log/s8-zone.install.23636.log
You can now boot the zone, login on this zone, and check the output of uname command :
uname -a
SunOS s8zone 5.8 Generic_Virtual sun4u sparc SUNW,Sun-Fire-T200
For this example, we will use a Sun Fire T2000 running Solaris 10 5/08.
(for solaris 10 8/07, the instructions are the same, but you need first to download from sunsolve and install patch 127111-01 or the latest patch that obsoletes 127111)
First download Solaris 8 Containers 1.0 from https://cds.sun.com/is-bin/INTERSHOP.enfinity/WFS/CDS-CDS_SMI-Site/en_US/-/USD/ViewProductDetail-Start?ProductRef=solaris8-cont-1.0-G-F@CDS-CDS_SMI
(packages and the sample Solaris 8 flash archive)
Install two of the packages contained in this download :
pkgadd -d . SUNWs8brandr
pkgadd -d . SUNWs8brandu
Create a ZFS filesystem for your zone as described in the previous post on this blog.
Here we will use the zfs file system zones_pool/zone1_root.
Then create the Solaris 8 zone and specify the machine hardware name being sun4u (while our physical system using UltraSPARC T1 is a sun4v hardware) :
zonecfg -z s8-zone
s8-zone: No such zone configured
Use 'create' to begin configuring a new zone.
zonecfg:s8-zone> create -t SUNWsolaris8
zonecfg:s8-zone> set zonepath=/zones_pool/zone1_root
zonecfg:s8-zone> set autoboot=true
zonecfg:s8-zone> add net
zonecfg:s8-zone:net> set address=10.17.7.249/24
zonecfg:s8-zone:net> set physical=e1000g0
zonecfg:s8-zone:net> end
zonecfg:s8-zone> add attr
zonecfg:s8-zone:attr> set name=machine
zonecfg:s8-zone:attr> set type=string
zonecfg:s8-zone:attr> set value=sun4u
zonecfg:s8-zone:attr> end
zonecfg:s8-zone> exit
Install the zone from the flash archive sample provided by Sun in the Solaris 8 Containers 1.0 download :
zoneadm -z s8-zone install -u -a /download/solaris8-image.flar
Log File: /var/tmp/s8-zone.install.23636.log
Source: /download/solaris8-image.flar
Installing: This may take several minutes...
Postprocessing: This may take several minutes...
Result: Installation completed successfully.
Log File: /zones_pool/zone1_root/root/var/log/s8-zone.install.23636.log
You can now boot the zone, login on this zone, and check the output of uname command :
uname -a
SunOS s8zone 5.8 Generic_Virtual sun4u sparc SUNW,Sun-Fire-T200
jeudi 17 juillet 2008
Creating a zone with a root directory on a ZFS file system
Basic try of commands to create a zone on a Solaris 10 8/07 host.
First create a zfs file system where we will later store our zone root.
Our host has just one disk, so for this test we will create a zfs pool from a 8Go partition of this disk that already contains a UFS filesystem , but it can be overridden using the zpool create -f option:
zpool create -f zones_pool c0t0d0s3
Check it was created:
zpool list
NAME SIZE USED AVAIL CAP HEALTH ALTROOT
zones_pool 7.94G 88K 7.94G 0% ONLINE -
Create a zfs filesystem:
zfs create zones_pool/zone1_root
Check it was created:
zfs list
NAME USED AVAIL REFER MOUNTPOINT
zones_pool 115K 7.81G 25.5K /zones_pool
zones_pool/zone1_root 24.5K 7.81G 24.5K /zones_pool/zone1_root
Set a quota on this filesystem (not mandatory, better for isolation, and it can be changed easily with zfs):
zfs set quota=800m zones_pool/zone1_root
Change the permissions as the zone root must not have read/write/execute permissions for group and other:
chmod go-rwx /zones_pool/zone1_root
Our zone root filesystem is ready, we can now create a zone:
zonecfg -z zone1
zone1: No such zone configured
Use 'create' to begin configuring a new zone.
zonecfg:zone1> create
zonecfg:zone1> set zonepath=/zones_pool/zone1_root
zonecfg:zone1> add net
zonecfg:zone1:net> set physical=bge0
zonecfg:zone1:net> set address=10.19.1.22/24
zonecfg:zone1:net> end
zonecfg:zone1> exit
Install this new zone:
zoneadm -z zone1 install
Preparing to install zone.
Creating list of files to copy from the global zone.
Copying <547> files to the zone.
Initializing zone product registry.
Determining zone package initialization order.
Preparing to initialize <445> packages on the zone.
Initialized <445> packages on zone.
Zone is initialized.
The file contains a log of the zone installation.
Check the size of our zone's root:
zfs list
NAME USED AVAIL REFER MOUNTPOINT
zones_pool 11.8M 7.80G 25.5K /zones_pool
zones_pool/zone1_root 11.7M 788M 11.7M /zones_pool/zone1_root
This doesn't take much place as the zone we created is a sparse root zone: only a subset of the packages installed in the global zone are installed in our new zone, other packages are accessed as read-only loopbak mounted filesystems.
Another option is to create a whole root zone where all the required packages are installed into the zone's root. This is done by removing default inherit-pkg-dir resources.
We can see the default inherit-pkg-dir resources of our zone by running the command:
zonecfg -z zone1 info
zonename: zone1
zonepath: /zones_pool/zone1_root
brand: native
autoboot: false
bootargs:
pool:
limitpriv:
scheduling-class:
ip-type: shared
inherit-pkg-dir:
dir: /lib
inherit-pkg-dir:
dir: /platform
inherit-pkg-dir:
dir: /sbin
inherit-pkg-dir:
dir: /usr
net:
address: 10.19.1.22
physical: bge0
Now we have to configure the zone.
This can be done either in interactive mode or by creating a configuration file.
For the interactive mode, login on the console:
zlogin -C zone1
And from another terminal, boot the zone:
zoneadm -z zone1 boot
A series of questions about language, locale, etc... will appear on the console.
Or we can configure the zone in non-interactive mode by creating a sysidcfg file:
create a file /zones_pool/zone1_root/root/etc/sysidcfg with the following content:
system_locale=C
terminal=dtterm
network_interface=primary {
hostname=hostzone1
}
timeserver=localhost
security_policy=NONE
name_service=NONE
timezone=MET
system_locale=C
root_password=""
nfs4_domain=dynamic
Then boot the zone:
zoneadm -z zone1 boot
Login on the console zone:
zlogin -C zone1
Check the host name:
hostname
hostzone1
Check the network configuration:
ifconfig -a
lo0:1: flags=2001000849 mtu 8232 index 1
inet 127.0.0.1 netmask ff000000
bge0:1: flags=1000843 mtu 1500 index 2
inet 10.19.1.22 netmask ffffff00 broadcast 10.19.1.255
We just see the network configuration of zone1 and not the network configuration of the global zone
Type ~. to leave zone1 console
First create a zfs file system where we will later store our zone root.
Our host has just one disk, so for this test we will create a zfs pool from a 8Go partition of this disk that already contains a UFS filesystem , but it can be overridden using the zpool create -f option:
zpool create -f zones_pool c0t0d0s3
Check it was created:
zpool list
NAME SIZE USED AVAIL CAP HEALTH ALTROOT
zones_pool 7.94G 88K 7.94G 0% ONLINE -
Create a zfs filesystem:
zfs create zones_pool/zone1_root
Check it was created:
zfs list
NAME USED AVAIL REFER MOUNTPOINT
zones_pool 115K 7.81G 25.5K /zones_pool
zones_pool/zone1_root 24.5K 7.81G 24.5K /zones_pool/zone1_root
Set a quota on this filesystem (not mandatory, better for isolation, and it can be changed easily with zfs):
zfs set quota=800m zones_pool/zone1_root
Change the permissions as the zone root must not have read/write/execute permissions for group and other:
chmod go-rwx /zones_pool/zone1_root
Our zone root filesystem is ready, we can now create a zone:
zonecfg -z zone1
zone1: No such zone configured
Use 'create' to begin configuring a new zone.
zonecfg:zone1> create
zonecfg:zone1> set zonepath=/zones_pool/zone1_root
zonecfg:zone1> add net
zonecfg:zone1:net> set physical=bge0
zonecfg:zone1:net> set address=10.19.1.22/24
zonecfg:zone1:net> end
zonecfg:zone1> exit
Install this new zone:
zoneadm -z zone1 install
Preparing to install zone
Creating list of files to copy from the global zone.
Copying <547> files to the zone.
Initializing zone product registry.
Determining zone package initialization order.
Preparing to initialize <445> packages on the zone.
Initialized <445> packages on zone.
Zone
The file contains a log of the zone installation.
Check the size of our zone's root:
zfs list
NAME USED AVAIL REFER MOUNTPOINT
zones_pool 11.8M 7.80G 25.5K /zones_pool
zones_pool/zone1_root 11.7M 788M 11.7M /zones_pool/zone1_root
This doesn't take much place as the zone we created is a sparse root zone: only a subset of the packages installed in the global zone are installed in our new zone, other packages are accessed as read-only loopbak mounted filesystems.
Another option is to create a whole root zone where all the required packages are installed into the zone's root. This is done by removing default inherit-pkg-dir resources.
We can see the default inherit-pkg-dir resources of our zone by running the command:
zonecfg -z zone1 info
zonename: zone1
zonepath: /zones_pool/zone1_root
brand: native
autoboot: false
bootargs:
pool:
limitpriv:
scheduling-class:
ip-type: shared
inherit-pkg-dir:
dir: /lib
inherit-pkg-dir:
dir: /platform
inherit-pkg-dir:
dir: /sbin
inherit-pkg-dir:
dir: /usr
net:
address: 10.19.1.22
physical: bge0
Now we have to configure the zone.
This can be done either in interactive mode or by creating a configuration file.
For the interactive mode, login on the console:
zlogin -C zone1
And from another terminal, boot the zone:
zoneadm -z zone1 boot
A series of questions about language, locale, etc... will appear on the console.
Or we can configure the zone in non-interactive mode by creating a sysidcfg file:
create a file /zones_pool/zone1_root/root/etc/sysidcfg with the following content:
system_locale=C
terminal=dtterm
network_interface=primary {
hostname=hostzone1
}
timeserver=localhost
security_policy=NONE
name_service=NONE
timezone=MET
system_locale=C
root_password=""
nfs4_domain=dynamic
Then boot the zone:
zoneadm -z zone1 boot
Login on the console zone:
zlogin -C zone1
Check the host name:
hostname
hostzone1
Check the network configuration:
ifconfig -a
lo0:1: flags=2001000849
inet 127.0.0.1 netmask ff000000
bge0:1: flags=1000843
inet 10.19.1.22 netmask ffffff00 broadcast 10.19.1.255
We just see the network configuration of zone1 and not the network configuration of the global zone
Type ~. to leave zone1 console
jeudi 17 avril 2008
Disable ipv6 on RedHat 4
Edit the file /etc/modprobe.conf and add the following line :
alias net-pf-10 off
Then reboot the node.
alias net-pf-10 off
Then reboot the node.
vendredi 28 mars 2008
TIPC on Solaris
TIPC (Transparent Inter-Process Communication) is now available on your preferred OS !
With Renaud Métrich, we ported TIPC on Solaris.
Packages for Solaris 10 and later releases for both SPARC and x86 can be downloaded from sourceforge or from OpenSolaris.
With Renaud Métrich, we ported TIPC on Solaris.
Packages for Solaris 10 and later releases for both SPARC and x86 can be downloaded from sourceforge or from OpenSolaris.
rcp/rsh fails on error rcmd: socket: Cannot assign requested address
On one of our Solaris 10 systems, it happened from time to time that a rsh or rcp command was failing during the NHAS installation, with the following error:
6533773 tcp checksum 0xFFFF (-0) used instead of 0x0000 (+0) since Solaris 10
A Patch is available on sunsolve to fix this issue : patch 127111
rcmd: socket: Cannot assign requested addressThis is a solaris 10 problem that has been addressed by the following bug :
6533773 tcp checksum 0xFFFF (-0) used instead of 0x0000 (+0) since Solaris 10
A Patch is available on sunsolve to fix this issue : patch 127111
lundi 9 juillet 2007
Running OpenClovis on top of NHAS
The Netra HA Suite (NHAS) provides High Availability foundation services like:
The details of code modifications to get a prototype of OpenClovis running on top of NHAS, or on top of any third party software providing an implementation of the SA Forum Cluster Membership API, are described in the document: Using OpenClovis on top of NHAS.
- a Reliable IP Transport, CGTP (Carrier Grade Transport Protocol). It ensures that a single network failure does not result in data loss and provides zero time fail-over IP.
- an implementation of the Service Availability Forum (SA Forum ) Cluster Membership Service (CLM) API triggering fast fail-over, isolation of faulty node and performing cluster membership.
- a Reliable NFS Service, providing a reliable file system accessible through NFS, enabling fail-over of NFS data and services to backup in case of failure.
- a Reliable Boot and DHCP Service for diskless nodes, enabling node reboot regardless of potential hardware or software failures in the cluster.
- etc,...
- an implementation of the SA Forum Availability Management Framework (AMF) allowing to configure and manage redundancy models for HA components (2N, N+1, ...).
- a checkpointing service,
- an implementation of the SA Forum Event Service,
- a Group Membership Service (GMS) detecting when new nodes join or existing nodes leave the system, and providing a cluster view and cluster membership notification service to components subscribing for the service.
- etc, ...
- TOTEM, a reliable multicast protocol,
- the CLM, cluster Membership API, modified for GMS needs.
The details of code modifications to get a prototype of OpenClovis running on top of NHAS, or on top of any third party software providing an implementation of the SA Forum Cluster Membership API, are described in the document: Using OpenClovis on top of NHAS.
Inscription à :
Messages (Atom)
