Archive for the ‘Solaris’ Category

Setting up a solaris PXE boot server

March 23, 2011

Perhaps the fastest and most convenient way to install the Solaris OS has been over the network from a NFS server. Many administrators who use the Solaris Enterprise System may already know about this way of installation. The basic process follows these simple steps:

1. The netinstall client is configured to boot over the network.
2. Just after powering up, the client uses BOOTP to broadcast for network information.
3. The BOOTP server replies with network, bootstrap, and installation information.
4. The client configures its network and retrieves bootstrap and installation files.

This how-to document therefore provides a concise set of directions to insert new device driver binaries into the installation media. It covers two primary installation methods:
Creating your own bootable ISO install CDs and DVDs
Network installation using PXE boot/DHCP

Creating installation image using CD DVD/ISO image :

If you do not have media, but have downloaded an ISO file, you do not need to burn the media first and then mount it. The Solaris OS offers a loopback file system mounting command,lofiadm(1M), that allows users to mount ISO images. Simply use the following command:

# /usr/sbin/lofiadm -a <isoimagepath>

Note that<isoimagepath> is the full path to the downloaded installation ISO image. Often,thel ofi a d m(1M) command will return the block device location as/ dev/lofi/1 or/dev/lofi/2or /dev/lofi/ depending on the number of loopback file systems already mounted. To mount this as a readable file system, use themount(1M) command:
# mount -­F hsfs /dev/lofi/1 /mnt
When complete with the loopback file system mount, simply run theumount(1M) and lofiadm(1M) commands to umount:
# umount /mnt; lofiadm ­d /dev/lofi/1
Replace the/mnt and /dev/lofi/1 with your mount points in the previous command.

Setting Up a PXE Boot Server

The Solaris install media usually includes a utility to install the basic JumpStart server. Inserting optical media into a running Solaris system will usually prompt the volume manager to mount the media at/cdrom. When you change the directory to the following you should see the JumpStart installation scriptsetup_install_ser ver(1m).

# cd /cdrom/sol_10_106_x86/Solaris_10/Tools
Usage is straightforward. Just specify the command and a target installation directory:
# ./setup_install_server /export/install

The user can change the target directory,/export/install, to another location as needed. Running this command requires about 3 or more Gbytes of disk space on the slice that holds the target directory.

The run the following command to create platform specific boot image – like for Solaris x86 architecture run –

./add_install_client -d SUNWi86pc i86pc

And collect all the info you got after the successful execution of the command. You will need them later while configuring DHCP macros.

It automatically place entry for your nfs mount point on dfstab file. You can examine this by taking a look at the/etc/dfs/dfstab file and you will find a line that looks like the following:

share ­F nfs ­o ro,anon=0 ­d “jumpstart dir” /export/install
or simply run – showmount -e

You can edit/export/install to wherever you unpacked the install server. After saving and exiting the editor, you should then enable or restart the NFS server by running the following:

# svcadm enable svc:/network/nfs/server ; shareall
For completeness, you can create a directory:
# mkdir /export/install/jumpstart
Then copy the samplejum pstar t_sam ple files to that directory:
# cp ­r /export/install/Solaris_10/Misc/jumpstart_sample/*   /export/install/jumpstart
Setting Up a DHCP Server for PXE Boot

I have another post on this

https://tarique21.wordpress.com/2009/12/29/solaris-as-tftp-linux-boot-server

For Solaris 9,
System default tftp won’t work with DHCP.
In that case you just need to collect the tftp-hpa from sunfreeware and install the pkg and run the tftp daemon as follows –
/usr/local/sbin/in.tftpd -l -s /local03/tftpboot/

Rebuilding solaris corrupted boot archive

September 27, 2010

The problem was due to the corrupted boot-archive as a result of hard reboot or power failure. which I rebuilt through failsafe mode. Here is what I did

1. Boot into failsafe through console.
2. Let system to probe / and mount it to /a
3. cd  /a/platform/i86pc
4. mv  boot_archive boot_archive.crash
5. cd
6. bootadm update-archive -f -R  /a               ; this takes few minutes and recreates the boot_archive

7. reboot

These are the actual steps that helped to bring back the box.

Adding new HDD on Solaris

July 4, 2010

Solaris 10 x86 Disk Controller Table

IDE

/dev/rdsk/c0d0s0~7Primary IDE Master
/dev/rdsk/c0d1s0~7Primary IDE Slave
/dev/rdsk/c1d0s0~7Secondary IDE Master
/dev/rdsk/c1d1s0~7Secondary IDE Slave

SCSI

/dev/rdsk/c0t0d0s0~7First SCSI ?No 0 ? Disk Drive
/dev/rdsk/c0t1d0s0~7First SCSI ?No 1 ? Disk Drive
/dev/rdsk/c0t2d0s0~7First SCSI ?No 2 ? Disk Drive
/dev/rdsk/c0t3d0s0~7First SCSI ?No 3 ? Disk Drive
/dev/rdsk/c0t4d0s0~7First SCSI ?No 4 ? Disk Drive
/dev/rdsk/c0t5d0s0~7First SCSI ?No 5 ? Disk Drive
/dev/rdsk/c0t6d0s0~7First SCSI ?No 6 ? Disk Drive
/dev/rdsk/c0t7d0s0~7First SCSI ?No 7 ? Disk Drive

After Putting In New HDD Login as root.

# drvconfig ( configure the /devices directory )
# disks ( creates /dev entries for hard disks attached to the system )
# format
Searching for disks…done

AVAILABLE DISK SELECTIONS:
0. c0d0
/pci@0,0/pci-ide@7,1/ide@0/cmdk@0,0
1. c1t6d0
/pci@0,0/pci9004,8178@f/sd@6,0
Specify disk (enter its number): ** Select Your New Drive (0/1/n) **

AVAILABLE DRIVE TYPES:
0. other
1. default
Specify disk type (enter its number): **Select One **

format>fdisk
No fdisk table exists. The default partition for the disk is:

a 100% “SOLARIS System” partition

Type “y” to accept the default partition, otherwise type “n” to edit the
partition table.
y

WARNING: Solaris fdisk partition changed – Please relabel the disk
format>fdisk

Select the partition type to create:
1=SOLARIS2=UNIX3=PCIXOS4=Other
5=DOS126=DOS167=DOSEXT8=DOSBIG
9=DOS16LBAA=x86 BootB=DiagnosticC=FAT32
D=FAT32LBAE=DOSEXTLBA0=Exit? 1

Specify the percentage of disk to use for this partition
(or type “c” to specify the size in cylinders). 100

Should this become the active partition? If yes, it will be activated
each time the computer is reset or turned on.
Please type “y” or “n”. n

WARNING: Solaris fdisk partition changed – Please relabel the disk

format> partition

PARTITION MENU:
0 – change `0′ partition
1 – change `1′ partition
2 – change `2′ partition
3 – change `3′ partition
4 – change `4′ partition
5 – change `5′ partition
6 – change `6′ partition
7 – change `7′ partition
select – select a predefined table
modify – modify a predefined partition table
name – name the current table
print – display the current table
label – write partition map and label to the disk
! – execute , then return
quit
partition> print
Current partition table (cyl):
Total disk cylinders available: 25229 + 2 (reserved cylinders)
partition> **Edit Part 0**

partition> print

partition> label
Ready to label disk, continue? y

partition> quit
format> label

Ready to label disk, continue? y
format> quit

# newfs /dev/rdsk/c0t1d0s2
# mkdir /new-disk1

Now manually mount it also add the entry on vfstab file.

# echo “/dev/dsk/c0t1d0s2 /dev/rdsk/c0t1d0s2 /new-disk1 ufs 1 yes -” >> vfstab
# touch /reconfigure

Solaris as tftp (linux) boot server

December 29, 2009

Packages

You should have the 3 basic DHCP packages installed;

pkginfo | grep DHCP

system SUNWdhcsb Binary File Format Data Module for BOOTP/DHCP Services
system SUNWdhcsr BOOTP/DHCP Server Services, (Root)
system SUNWdhcsu BOOTP/DHCP Server Services, (Usr)

Procedure

Create basic DHCP configuration and dhcptab files
Create a macro for the local network
Create the local network table
Add some entries to the network table
Start the DHCP server

Basic DHCP Configuration

Use dhcpconfig to setup dhcpsvc.conf and dhcptab, here we simply define the type of datastore (SUNWfiles = text files) and the location of datafiles;

# dhcpconfig -D -r SUNWfiles -p /var/dhcp [config will saved as a plain text file]

# dhcpconfig -D -r SUNWbinfiles -p /var/dhcp [config will saved as a binary file]

Create a macro for the local network and boot image

Here we create a macro for our local network ( the one we will serve IP addresses for) in dhcptab

# dhtadm -A -m 192.168.106.0 -d ‘:Broadcst=192.168.106.255:Subnet=255.255.255.0:MTU=1500:’

# dhtadm -A -m PXEClient:Arch:00000:UNDI:002001 -d ‘:BootFile=”pxelinux.0″:BootSrvA=192.168.106.63:’

Create the local network table

# pntadm -C 192.168.106.0

Add some entries to the network table

Here we define three local IP address that will be leased out by the dhcp server…

# pntadm -A 192.168.106.200 192.168.106.0
# pntadm -A 192.168.106.201 192.168.106.0
# pntadm -A 192.168.106.202 192.168.106.0

Start the DHCP server

Use the standard init.d boot script and watch /var/adm/messages for problems;

# svcadm refresh dhcp-server

If you have problems stop the daemon and run it manually with the debug & verbose options;

# /usr/lib/inet/in.dhcpd -dv

3fe143d6: Daemon Version: 3.5 3fe143d6: Maximum relay hops: 4 3fe143d6: Run mode is: DHCP Server Mode. 3fe143d6: Datastore resource: SUNWfiles

Binding NRPE with inetd/xinetd On Solaris 10

August 23, 2009

Modify the nrpe.cfg file with your settings:

vi /usr/local/nagios/etc/nrpe.cfg

With Solaris 10, we don’t use either inetd or xinetd, but SMF. Thankfully, we can convert inetd entires into the SMF repository with the inetconv command. So first, add the following entry to /etc/services:

nrpe 5666/tcp # NRPE

Then add the following line to the end of /etc/inet/inetd.conf:

nrpe stream tcp nowait nagios /usr/sfw/sbin/tcpd /usr/local/nagios/bin/nrpe -c /usr/local/nagios/etc/nrpe.cfg -i

Next, we need to convert it to SMF:

# inetconv
nrpe -> /var/svc/manifest/network/nrpe-tcp.xml
Importing nrpe-tcp.xml …Done
# inetconv -e
svc:/network/nrpe/tcp:default enabled

Check to make sure it went online:

# svcs svc:/network/nrpe/tcp:default
STATE STIME FMRI
online 15:53:39 svc:/network/nrpe/tcp:default
# netstat -a | grep nrpe
*.nrpe *.* 0 0 49152 0 LISTEN

Check the default installed parameters:

# inetadm -l svc:/network/nrpe/tcp:default
SCOPE NAME=VALUE
name=”nrpe”
endpoint_type=”stream”
proto=”tcp”
isrpc=FALSE
wait=FALSE
exec=”/usr/sfw/sbin/tcpd -c /usr/local/nagios/etc/nrpe.cfg -i”
arg0=”/usr/local/nagios/bin/nrpe”
user=”nagios”
default bind_addr=””
default bind_fail_max=-1
default bind_fail_interval=-1
default max_con_rate=-1
default max_copies=-1
default con_rate_offline=-1
default failrate_cnt=40
default failrate_interval=60
default inherit_env=TRUE
default tcp_trace=FALSE
default tcp_wrappers=FALSE
default connection_backlog=10

Change it so that it uses tcp_wrappers:

# inetadm -m svc:/network/nrpe/tcp:default tcp_wrappers=TRUE

And check to make sure it took effect:

# inetadm -l svc:/network/nrpe/tcp:default
SCOPE NAME=VALUE
name=”nrpe”
endpoint_type=”stream”
proto=”tcp”
isrpc=FALSE
wait=FALSE
exec=”/usr/sfw/sbin/tcpd -c /usr/local/nagios/etc/nrpe.cfg -i”
arg0=”/usr/local/nagios/bin/nrpe”
user=”nagios”
default bind_addr=””
default bind_fail_max=-1
default bind_fail_interval=-1
default max_con_rate=-1
default max_copies=-1
default con_rate_offline=-1
default failrate_cnt=40
default failrate_interval=60
default inherit_env=TRUE
default tcp_trace=FALSE
tcp_wrappers=TRUE
default connection_backlog=10

[Optional but security concern]Modify your hosts.allow and hosts.deny to only allow your nagios server access to the NRPE port. Note that tcpd always looks at hosts.allow first, so even though we specify that everyone is rejected in the hosts.deny file, the ip addresses specified in hots.allow are allowed.
/etc/hosts.allow:

nrpe: LOCAL, 10.0.0.45

/etc/hosts.deny:

nrpe: ALL

Finally, check to make sure you have everything installed correctly (should return version information):

/usr/local/nagios/libexec/check_nrpe -H localhost
NRPE v2.12
You may get CHECK_NRPE: Error – Could not complete SSL handshake. A quick solution to this either Download and install the SUNWcry and SUNWcryr packages, but they are export controled. (You are looking for the /usr/sfw/lib/libssl_extras.so.X.Y.Z library) or change line 222 of src/nrpe.c like this: – SSL_CTX_set_cipher_list(ctx,”ADH”); + SSL_CTX_set_cipher_list(ctx,”ADH:-ADH-AES256-SHA”); and recompile.

Optionally, modify any firewalls between your nagios server and the remote host to allow port 5666.
Don’t forget to configure your nagios server to check your new service.