Network Management

Abstract:
Solaris had long been the operating system for performing managed services in the telecommunication arena. During a time when Oracle priced Solaris out of the market by charging a higher fee for similarly performing hardware than other competitors, Sun Microsystems started bundling Postgres and later purchased MySQL for bundling. Postgres is a simple, easy to enable, royalty free database available for Solaris. This article will discuss setting up the Solaris 10 bundled Postgres database.

History:
From the first pages of the PostgreSQL documentation:

The object-relational database management system now known as PostgreSQL is derived from the POSTGRES package written at the University of California at Berkeley. With over a decade of development behind it, PostgreSQL is now the most advanced open-source database available anywhere. The POSTGRES project, led by Professor Michael Stonebraker, was sponsored by the Defense Advanced Research Projects Agency (DARPA), the Army Research Office (ARO), the National Science Foundation (NSF), and ESL, Inc. The implementation of POSTGRES began in 1986.

Postgres has existed a long time, from the same roots as Berkeley UNIX, the original base operating system for Sun Microsystem's Solaris.

Versions:
Under Solaris 10, Sun Microsystems bundled Postgres. Basic directory structures are as follows:

V240/root$ ls -la /*r/postgres
/usr/postgres:
total 12
drwxr-xr-x 6 root bin 512 Jan 2 2010 .
drwxr-xr-x 44 root sys 1024 Mar 6 2010 ..
drwxr-xr-x 10 root bin 512 Jan 2 2010 8.2
drwxr-xr-x 9 root bin 512 Jan 2 2010 8.3
drwxr-xr-x 2 root bin 512 Jan 2 2010 jdbc
drwxr-xr-x 6 root bin 512 Jan 2 2010 upgrade

/var/postgres:
total 8
drwxr-xr-x 4 postgres postgres 512 Jan 2 2010 .
drwxr-xr-x 51 root sys 1024 Nov 10 2010 ..
drwxr-xr-x 4 postgres postgres 512 Jan 2 2010 8.2
drwxr-xr-x 5 postgres postgres 512 Jan 2 2010 8.3

Under Solaris 10, Postgres 8.2 and 8.3 are shipped. With 8.3, both 32 and 64 bit versions.

(It should be noted that with Postgres 8.3, community support is projected to end in 2012.)

File System Locations:
Before using Postgres, it may be advisable to mount additional disks in a ZFS pool and mount them. This is not strictly the "correct" way to set up a set of database directories, but for a small system where root disks are mirrored and a second set of mirrored disks are used for applications, it will be adequate.

V240/root$ zfs create zpool1/pg_8_3_backups
V240/root$ zfs create zpool1/pg_8_3_data
V240/root$ zfs create zpool1/pg_8_3_data_64

V240/root$ zfs set mountpoint=/var/postgres/8.3/backups zpool1/pg_8_3_backups
V240/root$ zfs set mountpoint=/var/postgres/8.3/data zpool1/pg_8_3_data
V240/root$ zfs set mountpoint=/var/postgres/8.3/data_64 zpool1/pg_8_3_data_64

V240/root$ zfs list
NAME USED AVAIL REFER MOUNTPOINT
zpool1 1.92G 65.0G 1.92G /u001
zpool1/pg_8_3_backups 21K 65.0G 21K /var/postgres/8.3/backups
zpool1/pg_8_3_data 21K 65.0G 21K /var/postgres/8.3/data
zpool1/pg_8_3_data_64 21K 65.0G 21K /var/postgres/8.3/data_64

V240/root$ cd /var/postgres/8.3
V240/root$ chown -R postgres:postgres *

The final 2 steps are critical, if ZFS file systems will be mounted and used, the default ownership is "root" and the starting process will fail if those ZFS directories are not owned by the dba "postgres".

When starting 8.3 version of Postgres, the data should now be stored on zpool1 application pool.

Services:
Postgres is a first-class citizen under Solaris 10. There are no start/sop scripts needed to be written - they are pre-bundled as a variety of services within Solaris Service Management Facility (SMF).

V240/root$ svcs "*postgres*"
STATE STIME FMRI
disabled 12:49:12 svc:/application/database/postgresql:version_82
disabled 12:49:12 svc:/application/database/postgresql:version_82_64bit
disabled 12:49:12 svc:/application/database/postgresql_83:default_32bit
disabled 12:49:12 svc:/application/database/postgresql:version_81
disabled 12:49:13 svc:/application/database/postgresql_83:default_64bit

The database version of choice can be enabled through SMF.

Review Database Owner:
Solaris comes with role based access to Postgres pre-installed. They should look similar to the following:

V240/root$ grep postgres /etc/passwd /etc/user_attr /etc/security/exec_attr

/etc/passwd:postgres:x:90:90:PostgreSQL Reserved UID:/:/usr/bin/pfksh

/etc/user_attr:postgres::::type=role;profiles=Postgres Administration,All

/etc/security/exec_attr:Postgres Administration:solaris:cmd:::/usr/postgres/8.2/bin/initdb:uid=postgres
/etc/security/exec_attr:Postgres Administration:solaris:cmd:::/usr/postgres/8.2/bin/ipcclean:uid=postgres
/etc/security/exec_attr:Postgres Administration:solaris:cmd:::/usr/postgres/8.2/bin/pg_controldata:uid=postgres
/etc/security/exec_attr:Postgres Administration:solaris:cmd:::/usr/postgres/8.2/bin/pg_ctl:uid=postgres
/etc/security/exec_attr:Postgres Administration:solaris:cmd:::/usr/postgres/8.2/bin/pg_resetxlog:uid=postgres
/etc/security/exec_attr:Postgres Administration:solaris:cmd:::/usr/postgres/8.2/bin/postgres:uid=postgres
/etc/security/exec_attr:Postgres Administration:solaris:cmd:::/usr/postgres/8.2/bin/postmaster:uid=postgres

With the permissions and dba account set up correctly, it should be ready to start.

Starting Postgres:
The Postgres database can be started from the dba user.

V240/user$ su - root
Password:
V240/root$ su - postgres
V240/postgres$ svcadm enable svc:/application/database/postgresql_83:default_64bit

V240/postgres$ svcs "*postgres_83:default_64bit"
STATE STIME FMRI
offline* 0:43:27 svc:/application/database/postgresql_83:default_64bitsvcs: Pattern

V240/postgres$ svcs "*postgresql_83:default_64bit"
STATE STIME FMRI
online 0:43:37 svc:/application/database/postgresql_83:default_64bit

It may take a couple of minutes to start up for the first time, since many files from a sample database will need to be copied into the new directory structure, and onto the ZFS file systems.

Setting Up Sample Role/User, Database, and Client Access:
By default, all authenticated users are allowed to leverage the Postgres database under Solaris, but only on the same host. The default version of Postgres may be older than the version you wish to use.

V240/ivadmin$ type createdb psql
createdb is /usr/bin/createdb
psql is /usr/bin/psql

V240/ivadmin$ psql --version
psql (PostgreSQL) 8.1.18
contains support for command-line editing

V240/ivadmin$ createdb --version
createdb (PostgreSQL) 8.1.18

Since Solaris supports multiple versions of Postgres, it is important to set paths before using commands. A command should be used in the top of any script which runs Postgres or any command prompt where the user is intending on performing a lot of Postgres work.

V240/user$ PATH=/usr/postgres/8.3/bin:$PATH
V240/user$ export PATH

A privileged "role" (or "user") can set up a database and client access from another "user" or "role". The "createuser" binary is a wrapper around the "CREATE ROLE" command in Postgres.
In the case below, a new non-superuser (-S) will be created, which can create databases ("-d"), be restricted from creating new "roles" or "users" (-R), and log into the database ("-l"). Also, the binary command will echo the postgres command used ("-e"), for clarity sake.

V240/user$ su - root
Password:
V240/root$ su - postgres
V240/postgres$ PATH=/usr/postgres/8.3/bin:$PATH
V240/postgres$ export PATH
V240/postgres$ createuser -S -d -R -l -e user
CREATE ROLE user NOSUPERUSER CREATEDB NOCREATEROLE INHERIT LOGIN;

(The addition of the proper path was used, in case it is not set up globally on the platform.)

The creation of the database can now be done by the Solaris user "user", which is also Postgres "role". By default, the name of the database is the same name as the "user".

V240/user$ PATH=/usr/postgres/8.3/bin:$PATH
V240/user$ export PATH

V240/ivadmin$ createdb -e
CREATE DATABASE user;

After the database is created, the

V240/ivadmin$ psql
Welcome to psql 8.3.8, the PostgreSQL interactive terminal.
Type: \copyright for distribution terms
\h for help with SQL commands
\? for help with psql commands
\g or terminate with semicolon to execute query
\q to quit
user=>

The process of creating objects in the database can now take place.

Client Access Error:
If the user has never created a database, the first attempt access attempt will present an error such as:

V240/user$ psql
psql: FATAL: database "user" does not exist

This indicates that a database must be created for that user.

Creating Database Error:
The "createdb" executable is a binary wrapper around the "create database" Postgres command. Databases are created by "cloning" a standard database template. If a database is created before the role is created, an error such as the following is presented:

V240/user$ createdb
createdb: could not connect to database postgres: FATAL: role "user" does not exist

Before a database can be created, a user must be able to do this.

Creating Role Error:
A "role" is sometimes referred to as a "user". The Solaris user name is often tied directly as the "role". If the user is not privileged, the following error is presented:

V240/ivadmin$ createuser
Enter name of role to add: user
Shall the new role be a superuser? (y/n) n
Shall the new role be allowed to create databases? (y/n) n
Shall the new role be allowed to create more new roles? (y/n) n
createuser: could not connect to database postgres: FATAL: role "user" does not exist

A privileged user must create new "roles". Under Solaris, this is the "postgres" user.

Resources:
Other Postgres resources are noted below:
[html] PostgreSQL 8.3.21 Documentation
[html] Dynamic Tracing of PostgreSQL via DTrace (in 8.3)
[pdf] Availability of PostgreSQL in the Data Center
[html] 2010-05 Setting up PostgreSQL under Solaris 10
[pdf] 2008-?? - Best Practices with PostgreSQL on Solaris
[html] 2005-11 - Tuning PostgreSQL under Solaris x64
[html] 2005-05 - Tuning Write Performance of PostgreSQL on Solaris
[html] 2005-04 - Tuning Solaris for PostgreSQL Read and Write Performance (8.0.2)

SSH Key Debugging: Public and Private Keys

Abstract:

There have been several articles published on forwarding ports with SSH over an encrypted tunnel and setting up automatic SSH Auto-Login using an encrypted ssh tunnel. This is the third in the series, discussing a particular problem when differing clients experience differing login symptoms while trying to log into a common server.

Solaris 10 Client Symptom:

If a Solaris 10 Client can not get a password prompt on a server, you might get the following error:

solaris10/user$ ssh badserver
no common kex alg: client
'diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1', server
'gss-group1-sha1-toWM5Slw5Ew8Mqkay+al2g=='

Solaris 9 Client Symptom:

If a Solaris 9 Client can not get a password prompt on a server, you might get the following error:

solaris9/user$ ssh badserver
no kex alg

Solaris Server Root Cause:

If the Solaris 9 and Solaris 10 clients are trying to attach to the same server, check to see if your private and public ssh host keys are missing in your /etc/ssh directory:

badserver/root# ls -al /etc/ssh
-rwxr-xr-x 1 root sys 88301 Jan 21 2005 moduli
-rwxr-xr-x 1 root sys 861 Jan 21 2005 ssh_config
-rwxr-xr-x 1 root sys 5025 Aug 6 2010 sshd_config

The /etc/ssh directory should look more like the following:

goodserver/root# ls -al /etc/ssh
-rw-r--r-- 1 root sys 88301 Jan 21 2005 moduli
-rw-r--r-- 1 root sys 861 Jan 21 2005 ssh_config
-rw------- 1 root root 668 Apr 10 2009 ssh_host_dsa_key
-rw-r--r-- 1 root root 602 Apr 10 2009 ssh_host_dsa_key.pub
-rw------- 1 root root 887 Apr 10 2009 ssh_host_rsa_key
-rw-r--r-- 1 root root 222 Apr 10 2009 ssh_host_rsa_key.pub
-rw-r--r-- 1 root sys 5372 Feb 12 21:49 sshd_config
-rw-r--r-- 1 root sys 5106 Dec 15 12:30 sshd_config.orig

Creating Server Keys:

Log into the server, refusing connections with errors and missing the ssh host keys, and create the keys.

badserver/root# cd /etc/ssh
badserver/root# /lib/svc/method/sshd -c
Creating new rsa public/private host key pair
Creating new dsa public/private host key pair

badserver/root# ls -al ssh_host*key*
-rw------- 1 root root 668 Mar 28 22:26 ssh_host_dsa_key
-rw-r--r-- 1 root root 602 Mar 28 22:26 ssh_host_dsa_key.pub
-rw------- 1 root root 887 Mar 28 22:26 ssh_host_rsa_key
-rw-r--r-- 1 root root 222 Mar 28 22:26 ssh_host_rsa_key.pub

Restarting SSH Service:

Once the SSH server public and private keys have been created, the ssh service needs to be restarted, in order to leverage the new private keys.

badserver/root# /usr/bin/svcs ssh
STATE STIME FMRI
online May_21 svc:/network/ssh:default
badserver/root# /usr/sbin/svcadm restart ssh

Validating Repair:

The final step in any repair is validation. In this case, the ssh is attempted.

solaris10/user$ ssh badserver
Last login: Wed Mar 28 22:48:57 2012 from solaris10
Oracle Corporation SunOS
5.10 Generic Patch January 2005
INTR=Ctrl-C ERASE=Ctrl-H KILL=Ctrl-U
badserver/user$

Solaris 10: SSH and Forwarding HTTP

Abstract:
When Sun first produced systems, the common way for users to move around a network and to distribute workload was to leverage the Berkeley "r" tools, such as "rsh", "rlogin", "rexec", etc. under Solaris. As academics became professional, security concerns over passwords being passed in the clear were raised and SSH was born. SSH was built with a compatible superset to "rsh", but this was later removed with the second version of the protocol. This document discusses the implementation of SSH under Solaris.

Global Configurations

SSH uses several global configuration files, one for the client, and another for the server. Each of these config files document the default compiler flags under Solaris. The "ssh" client global configuration file can be tailored on a per-user basis while the "sshd" server global configuration file is managed at the global level.

SSH Server Daemon

Under Solaris 10, related OS's, and above - SSHD is started through the services infrastructure.

sunserver/user$ svcs ssh
STATE STIME FMRI
online Aug_17 svc:/network/ssh:default

There are built-in compiled defaults and global defaults which are reviewed, upon startup, and connection.

Start a Session with X and HTTP Forwarding

For demonstration purposes, there may be the need to temporarily open an X Console (to install an Oracle Database) and forward HTTP ports (to test an application) on a platform in a DMZ. The sample command may look like this:

sunclient/user$ ssh user@sunserver -b 10.1.2.3 \
-L 58080:127.0.0.1:58080 -L 8080:127.0.0.1:8080 -g

Since the ports to be forwarded are over 1024, there is no requirement for special "root" permissions. The proxied HTTPD connections can be observed.

sunclient/user$ netstat -an grep 8080
 *.58080 *.* 0 0 49152 0 LISTEN
 *.8080 *.* 0 0 49152 0 LISTEN

To perform a basic test of the forwarded HTTP port, the classic "telnet" can be used on the command line, but the connection is closed.

sunclient/user$ telnet localhost 58080
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
Connection to localhost closed by foreign host.

Note, the error on the remote side.

channel 5: open failed: administratively prohibited: open failed

This is a configuration issue.

Global SSHD Configuration

Under Solaris 10, forwarding agent is disabled as a compile flag, and is documented in the global configuration file. If one makes a connection via SSH, and proxies a port - an error message will be produced upon the first connection attempt to the proxied port.

To allow for the port forwarding, edit the configuration file "/etc/ssh/sshd_config".

AllowTcpForwarding yes
GatewayPorts yes
X11Forwarding yes

You will need to restart the "sshd" service, the administrative message disappears.

sunserver/root# svcadm restart ssh

Your port HTTP and X Windows Port Forwarding will now work for ad-hoc tasks.

Enabling VNC Under Solaris 11 Express

Abstract:
Open Systems have traditionally been accessed via Command Line. MIT create a fully object oriented, multi-tiered, open source windowing system called X Windows, which was quickly adopted by nearly all computing industry players. While X Windows is well suited for local area network technology, the need for wide area network technology was addressed through several different attempts, such as X11R6 "Broadway" and proxies leveraging compression. A lighter WAN suitable screen display protocol, referred to as Virtual Network Computing (VNC) is also commonly used for X displays.

Procedure:
Solaris 10 was shipped with VNC, instructions for enabling VNC under Solaris are found here.

Solaris 11 Express was shipped with a basic VNC service mostly available. The procedure to fully enable VNC under Solaris 11 is as follows:

• Load Gnome Desktop Manager

# pkg install slim_install

• After the ~400mb package is installed note the following issue:

# svcs consolekit
STATE STIME FMRI maintenance 1999 svc:/system/consolekit:default

The GDM depends on the console-kit-daemon for "defining and tracking users"
(console-kit-daemon man page). A generic error will occur telling you that a consolekit dependency is restarting too quickly.

• Check the consolekit dependencies for restarting:

# svcs -d consolekit
online 1999 svc:/system/dbus:default
online 1999 svc:/system/filesystem/local:default

The -r is to recursively enable the daemon and then dependencies in the correct order.

#svcadm disable dbus
#svcadm clear consolekit
#svcadm enable -r consolekit

• A console will need to be provided to the passive VNC X Server through X Display Management Control Protocol.

# vi /etc/gdm/custom.conf
[xdmcp] Enable=true
wq

• A restart of the Gnome Display Manager and enabling of Xvnc are the last steps.

# svcadm restart gdm
# svccfg -s x11-server setprop options/tcp_listen=true
# svcadm enable xvnc-inetd

Sun V100: Installation of Solaris 11 Express

Abstract:
The SPARC platform had existed for decades in the telecommunications environment. It was built upon open standards for instruction set as well as boot proms and moved to 64 bit arcrhitecture long before most processors on the market. The open nature and advanced 64 bit architecture of the platform makes older units a perfect inexpensive test bed to train with advanced modern day operating systems. The 64 bit SPARC V100 has the ability to install Solaris 11 Express.



LOM: Basics

When a new machine is received, it normally comes with an OS installed. After the power-up, it would normally boot directy into the pre-configured operating system, bypassing the Lights Out Management and OpenBoot prom.

To simplify the installation from a console cable, we will start from the V100 from the ground-up, with the LOM through toggling off (down) the power button in the back of the server.

Mar 8 11:39:59 v100ex11 poweroff: initiated by user777 on /dev/console
bootadm: /boot/solaris/bin/extract_boot_filelist is not owned by 101, skipping
syncing file systems... done
lom>
LOM event: +0h28m56s host power off

Command supported by the OpenBoot prom are:

lom>help
The following commands are supported:
alarmon
alarmoff
check
console
environment
faulton
faultoff
help
poweron
poweroff
reset
shutdown
show
version
set
break
bootmode
loghistory
showlogs
consolehistory
chist
date
showdate
logout
userpassword
useradd
userdel
userperm
usershow
lom>

During the powering up of the server, the IDE drive can be pulled, in order to keep the system from booting onto the pre-installed operating system. Powering on the unit can be done from the LOM.

lom>poweron

lom>
LOM event: +0h33m58s host power on
Sun Fire V100 (UltraSPARC-IIe 548MHz), No Keyboard
OpenBoot 4.0, 2048 MB memory installed, Serial #66241418.
Ethernet address 0:3:ba:f2:c3:8a, Host ID: 83f2c38a.

OpenBoot: Basics

After the OK prompt for the OpenBoot is seen, the IDE disk can be plugged back in. The system will be in a funny state, which will be resolved with a future boot.

There are a variety of basic commands which can be run from the OpenBoot PROM. It is more advanced than BIOS in a PC - it is an entire programming and debugging environment driven by Forth.

ok help

Enter 'help command-name' or 'help category-name' for more help
(Use ONLY the first word of a category description)
Examples: help select -or- help line

 Main categories are:

Breakpoints (debugging)
Repeated loops
Defining new commands
Numeric output
Radix (number base conversions)
Arithmetic
Memory access
Line editor
System and boot configuration parameters
Select I/O devices
Floppy eject
Power on reset
Diag (diagnostic routines)
Resume execution
File download and boot
nvramrc (making new commands permanent)

The OpenBoot includes some parameters in a non-volitile RAM.

ok printenv

output-device ttya ttya
input-device ttya ttya
load-base 16384 16384
auto-boot-retry? false false
boot-command boot boot
auto-boot? true true
watchdog-reboot? false false
diag-file
diag-device disk2 net
boot-file
boot-device /pci@1f,0/ide@d/disk@2,0 disk net
local-mac-address? false false
net-timeout 0 0
ansi-terminal? true true
screen-#columns 80 80
screen-#rows 34 34
silent-mode? false false
use-nvramrc? false false
nvramrc
security-mode none No default
security-password No default
security-#badlogins 0 No default
oem-logo No default
oem-logo? false false
oem-banner No default
oem-banner? false false
hardware-revision No default
last-hardware-update No default
diag-switch? false false

By default, this machine is set to automatically boot, which is the factory default.

The boot occurs from the hard disk on this machine, while the factory default is to have the machine attempt to boot from the network.

To see all of your devices which were recognized by the OpenBoot:

ok devalias

disk /pci@1f,0/ide@d/disk@2,0 
rtc /pci@1f,0/isa@7/rtc@0,70 
usb /pci@1f,0/usb@a 
flash /pci@1f,0/isa@7/flashprom@1f,0 
lom /pci@1f,0/isa@7/SUNW,lomh@0,8010 
i2c-nvram /pci@1f,0/pmu@3/i2c@0,0/i2c-nvram@0,aa 
net1 /pci@1f,0/ethernet@5 
dload1 /pci@1f,0/ethernet@5:, 
dload /pci@1f,0/ethernet@c:, 
net0 /pci@1f,0/ethernet@c 
net /pci@1f,0/ethernet@c 
cdrom /pci@1f,0/ide@d/cdrom@3,0:f 
disk3 /pci@1f,0/ide@d/disk@3,0 
disk2 /pci@1f,0/ide@d/disk@2,0 
disk1 /pci@1f,0/ide@d/disk@1,0 
disk0 /pci@1f,0/ide@d/disk@0,0 
ide /pci@1f,0/ide@d 
floppy /pci@1f,0/isa@7/dma/floppy 
ttyb /pci@1f,0/isa@7/serial@0,2e8 
ttya /pci@1f,0/isa@7/serial@0,3f8 

OpenBoot: Stop Automatic Boot

We will set the machine to not automatically boot on power-up to easiy adjust the environment after power cycles.

ok setenv auto-boot? false
auto-boot? = false

Now, the next step is to power-off the system and then poweron from the LOM, to boot the system fresh to an OK prompt:

ok power-off
lom>
LOM event: +1h10m46s host power off
lom>poweron
lom>
LOM event: +1h11m39s host power on
Sun Fire V100 (UltraSPARC-IIe 548MHz), No Keyboard
OpenBoot 4.0, 2048 MB memory installed, Serial #66241418.
Ethernet address 0:3:ba:f2:c3:8a, Host ID: 83f2c38a.
ok

OpenBoot: Boot Solaris 11 Express

The Installation of Solaris 11 Express can be done via a CD-ROM from the OpenBoot.

ok boot cdrom
Boot device: /pci@1f,0/ide@d/cdrom@3,0:f File and args:

The cursor will swap between characters "", "/", "-", etc., indicating the system is working. The CDROM boot banner will appear, once the OS is boot-strapped.

Solaris 11 Express: Install From CD-ROM

Once the OS is boot-strapped, the install routine prompts for information.

Boot device: /pci@1f,0/ide@d/cdrom@3,0:f File and args:
SunOS Release 5.11 Version snv_151a 64-bit
Copyright (c) 1983, 2010, Oracle and/or its affiliates. All rights reserved.
WARNING: invalid vector intr: number 0x7de, pil 0x0
Hostname: solaris
Remounting root read/write
Probing for device nodes ...
Preparing text install image for use
Done mounting text install image
USB keyboard

1. Albanian 25. Latin-American
2. Arabic 26. Lithuanian
3. Belarusian 27. Latvian
4. Belgian 28. Macedonian
5. Brazilian 29. Malta_UK
6. Bulgarian 30. Malta_US
7. Canadian-Bilingual 31. Norwegian
8. Croatian 32. Polish
9. Czech 33. Portuguese
10. Danish 34. Romanian
11. Dutch 35. Russian
12. Dvorak 36. Serbia-And-Montenegro
13. Estonian 37. Slovak
14. Finnish 38. Slovenian
15. French 39. Spanish
16. French-Canadian 40. Swedish
17. Hungarian 41. Swiss-French
18. German 42. Swiss-German
19. Greek 43. Traditional-Chinese
20. Icelandic 44. TurkishF
21. Italian 45. TurkishQ
22. Japanese-type6 46. UK-English
23. Japanese 47. US-English
24. Korean
To select the keyboard layout,
enter a number [default 47]: 47

1. Arabic 12. Hungarian
2. Catalan 13. Indonesian
3. Chinese - Simplified 14. Italian
4. Chinese - Traditional 15. Japanese
5. Czech 16. Korean
6. Dutch 17. Polish
7. English 18. Portuguese - Brazil
8. French 19. Russian
9. German 20. Slovak
10. Greek 21. Spanish
11. Hebrew 22. Swedish
To select the language you wish to use,

enter a number [default is 7]: 7

User selected: English
Configuring devices.

Using HyperTerminal with "Auto" emulation, does not help the installer, since it will think that "xterm" is the terminal type available.

If performing an installation from a "tip" command in an "xterm", no change is required, and the installation screens look wonderful.

Welcome to the Oracle Solaris snv_151a installation menu
1 Install Oracle Solaris
2 Install Additional Drivers
3 Shell
4 Terminal type (currently xterm)
5 Reboot
Please enter a number [1]: 4

Indicate the type of terminal being used, such as:
dtterm CDE terminal emulator
xterm xterm
vt100 DEC VT100
Enter terminal type [xterm]: vt100

Welcome to the Oracle Solaris snv_151a installation menu
1 Install Oracle Solaris
2 Install Additional Drivers
3 Shell
4 Terminal type (currently vt100)
5 Reboot
Please enter a number [1]: 1

The Welcome Spash Screen provides the basic terminal keystroke instructions.

 Welcome to Oracle Solaris
 Thanks for choosing to install Oracle Solaris! This installer enables you
 to install the Oracle Solaris Operating System (OS) on SPARC or x86
 systems.

 The installation log will be at /tmp/install_log.

 How to navigate through this installer:
 - Use the function keys listed at the bottom of each screen to move from
 screen to screen and to perform other operations.
 - Use the up/down arrow keys to change the selection or to move between
 input fields.
 - If your keyboard does not have function keys, or they do not respond,
 press ESC; the legend at the bottom of the screen will change to show
 the ESC keys for navigation and other functions.

F2_Continue F6_Help F9_Quit

Select the disk at the next screen with F2, to perform the install to the base disk.

Microsoft Windows, unfortunately, does not provide a real terminal emulator that understand the VT100 character set, when you select VT100, so some grahical characters do not emulate correctly.

 Disks
 Where should Oracle Solaris be installed?
 Recommended size: 4.7GB Minimum size: 2.7GB

 Type Size(GB) Boot Device Manufacturer Notes
 qqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqq
 ATA 74.5 + c2t2d0 unknown

 The following slices were found on the disk.

Slice # Size(GB) Slice # Size(GB)
qqqqqqqqqqqqqqqqqqqqqqq qqqqqqqqqqqqqqqqqqqqqqq
rpool 0 74.5 Unused 5 0.0
Unused 1 0.0 Unused 6 0.0
Unused 3 0.0 Unused 7 0.0
Unused 4 0.0 backup 2 74.5

F2_Continue F3_Back F6_Help F9_Quit

Continue with the default slicing through F2.

 Solaris Slices: 74.5GB ATA Boot

Oracle Solaris can be installed on the whole disk or a slice on the disk.
The following slices were found on the disk.

Slice # Size(GB) Slice # Size(GB)
qqqqqqqqqqqqqqqqqqqqqqq qqqqqqqqqqqqqqqqqqqqqqq
rpool 0 74.5 Unused 5 0.0
Unused 1 0.0 Unused 6 0.0
Unused 3 0.0 Unused 7 0.0
Unused 4 0.0 backup 2 74.5

 Use the whole disk
 Use a slice on the disk

F2_Continue F3_Back F6_Help F9_Quit

Move the cursor to "Use the whole disk" and Continue with F2 to the network configuration.

 Network

 Enter a name for this computer that identifies it on the network. It must
 be at least two characters. It can contain letters, numbers, and minus
 signs (-).

 Computer Name: sol11v100

 Select how the wired ethernet network connection is configured.

 Automatically Automatically configure the connection
 None Do not configure the network at this time

F2_Continue F3_Back F6_Help F9_Quit

Type a name for the computer operating system instance name, such as "sol11v100".

Move the cursor to "Automatically" to configure an IP address via DHCP on boot.
Continue with F2.

 Time Zone: Regions

 Select the region that contains your time zone.

 Regions
 qqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqq
 UTC/GMT
 Africa
 Americas
 Antarctica
 Arctic Ocean
 Asia
 Atlantic Ocean
 Australia
 Europe
 Indian Ocean
 Pacific Ocean

F2_Continue F3_Back F6_Help F9_Quit

Timezone should be selected, in this case we move the cursor to Americas and Continue with F2.

 Time Zone: Locations

 Select the location that contains your time zone.
 Locations
 qqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqq
 ^ St Barthelemy
 x St Kitts & Nevis
 x St Lucia
 x St Martin (French part)
 x St Pierre & Miquelon
 x St Vincent
 x Suriname
 x Trinidad & Tobago
 x Turks & Caicos Is
 x United States
 x Uruguay
 x Venezuela
 x Virgin Islands (UK)
 q Virgin Islands (US)

F2_Continue F3_Back F6_Help F9_Quit

Move your cursor to the appropriate Timezone Location, in this case United States was selected by moving the cursor off the bottom of the screen, and Continue via F2 was done.

 Time Zone

 Select your time zone.
 Time Zones
 qqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqq
 q Eastern Time
 x Eastern Time - Michigan - most locations
 x Eastern Time - Kentucky - Louisville area
 x Eastern Time - Kentucky - Wayne County
 x Eastern Time - Indiana - most locations
 x Eastern Time - Indiana - Daviess, Dubois, Knox & Martin Counties
 x Eastern Time - Indiana - Pulaski County
 x Eastern Time - Indiana - Crawford County
 x Eastern Time - Indiana - Pike County
 x Eastern Time - Indiana - Switzerland County
 x Central Time
 x Central Time - Indiana - Perry County
 x Central Time - Indiana - Starke County
 v Central Time - Michigan - Dickinson, Gogebic, Iron & Menominee Counti

F2_Continue F3_Back F6_Help F9_Quit

Move the cursor to the appropriate Time Zone and Continue with F2.

 Date and Time

 Edit the date and time as necessary.
 The time is in 24 hour format.

 Year: 2011 (YYYY)
 Month: 03 (1-12)
 Day: 08 (1-31)
 Hour: 13 (0-23)
 Minute: 57 (0-59)

F2_Continue F3_Back F6_Help F9_Quit

Select your Date and Time, Continue with F2.

 Users

 Define a root password for the system and user account for yourself.

 System Root Password
 Root password: *****
 Confirm password: *****

 Create a user account
 Your real name: Administrator
 Username: admin
 User password: *****
 Confirm password: *****

F2_Continue F3_Back F6_Help F9_Quit

The installation is secure, by default. The Root password is required as well as a user account, so you can assume the privileges associated with "root" at a later point in time.

Complete the prompts and Continue with F2.

There is a brief pause after F2, so do not hit the key a second or third time.

 Installation Summary

 Review the settings below before installing. Go back (F3) to make changes.

 Software: Oracle Solaris 11 Express snv_151a SPARC
 Disk: 74.5GB ATA
 Slice 0: 74.5GB rpool1
 Time Zone: US/Eastern
 Language: *The following can be changed when logging in.
 Default language: English
 Users:
 Username: admin
 Network:
 Computer name: sol11v100
 Network Configuration: Automatic

F2_Install F3_Back F6_Help F9_Quit

The Installation Summary is provided, after a brief pause. Continue with F2 to install.

 Installing Oracle Solaris

 Preparing disk for Oracle Solaris installation
[ (5%) ]

 Building cpio file lists
[ (6%) ]

 Transferring Contents
[ (98%) ]
F9_Quit

The installation begins with various phases, some of which were captured and copied into the installation window above.

Once the installation is complete, the option to reboot is provided.

 Installation Complete

 The installation of Oracle Solaris has completed successfully.
 Reboot to start the newly installed software or Quit if you wish to
 perform additional tasks before rebooting.

 The installation log is available at /tmp/install_log. After reboot it
 can be found at /var/sadm/system/logs/install_log.

F4_View Log F8_Reboot F9_Quit

Reboot the system via F8 would normally be done.

Since Microsoft Windows HyperTerm is broken, the F8 and F9 does not work.

A straight power down via the rocker switch can be done and a "powerup" from LOM to restart the system.

Mar 8 19:26:50 solaris power: WARNING: Power off requested from power button or
SC, powering down the system!
Shutdown started. Tue Mar 8 19:26:53 GMT 2011
Changing to init state 5 - please wait
showmount: solaris: RPC: Program not registered
bootadm: /media/Oracle_Solaris_Text_SPARC/ filesystem is read-only, skipping archives update
svc.startd: The system is coming down. Please wait.
svc.startd: 74 system services are now being stopped.
Mar 8 19:27:12 solaris syslogd: going down on signal 15
svc.startd: Killing user processes.
umount: /.cdrom busy
Mar 8 19:27:29 The system is down. Shutdown took 25 seconds.
syncing file systems... done
lom>
LOM event: +3h17m53s host power off

lom>poweron
lom>
LOM event: +3h19m46s host power on

Solaris 11 Express: Booting From Disk

Since the OpenBoot was set to not automatically boot, the ok prompt is available, to boot from disk or cdrom.

Since the installation was complete, the boot from the default disk can be done.

Sun Fire V100 (UltraSPARC-IIe 548MHz), No Keyboard
OpenBoot 4.0, 2048 MB memory installed, Serial #66241418.
Ethernet address 0:3:ba:f2:c3:8a, Host ID: 83f2c38a.
ok boot disk
Boot device: /pci@1f,0/ide@d/disk@2,0 File and args:
SunOS Release 5.11 Version snv_151a 64-bit
Copyright (c) 1983, 2010, Oracle and/or its affiliates. All rights reserved.
/
Loading smf(5) service descriptions: 5/178
-
Loading smf(5) service descriptions: 178/178
_
WARNING: invalid vector intr: number 0x7de, pil 0x0
/
Hostname: sol11v100
-
Configuring devices.

Loading smf(5) service descriptions: 7/7
-
sol11v100 console login:

After watching the rotating bar, the OS banner page appears, the services are instantiated through SMF, and the console login prompt from the serial cable.

Login on the console cable and find the IP Address.

sol11v100 console login: msadmin
Password:
Oracle Corporation SunOS 5.11 snv_151a November 2010

msadmin@sol11v100:~$ ifconfig -a
lo0: flags=2001000849 mtu 8232 index 1
 inet 127.0.0.1 netmask ff000000
dmfe0: flags=1004843 mtu 1500 index 4
 inet 253.60.174.73 netmask ffffff00 broadcast 253.60.174.255
dmfe1: flags=1004803 mtu 1500 index 3
 inet 0.0.0.0 netmask ff000000
lo0: flags=2002000849 mtu 8252 index 1
 inet6 ::1/128
dmfe0: flags=20002004841 mtu 1500 index 4
 inet6 fe80::203:baff:fef2:c38a/10
dmfe1: flags=20002004801 mtu 1500 index 3
 inet6 fe80::203:baff:fef2:c38b/10
dmfe1:1: flags=20002000800 mtu 1500 index 3
 inet6 ::/0
dmfe1:2: flags=20002000800 mtu 1500 index 3
 inet6 ::/10

Solaris 11 Express: Enabling Telnet

Insecure operating systems like Microsoft Windows XP do not provide a simple SSH client from the Command prompt. Insecure Telnet can be enabled to facilitate access with the root login and verified using Solaris services.

admin@sol11v100:~$ svcs telnet
STATE STIME FMRI
disabled 14:40:05 svc:/network/telnet:default

admin@sol11v100:~$ su root
Password:
Mar 8 14:59:40 sol11v100 su: 'su root' succeeded for msadmin on /dev/console

msadmin@sol11v100:~# svcadm enable telnet

msadmin@sol11v100:~# svcs telnet
STATE STIME FMRI
online 15:02:33 svc:/network/telnet:default

The platform is now ready for basic configuration without a console cable.

Additional configuation steps can be done from the console, to set up tools like GNOME through Headless X configuration, and VNC, to get a graphical windowing environment.

Network Management Connection

In the arena of Network Management, Solaris 11 Express it the premier operating system for security as well as stability. If it has to to run and be available, it runs under Solaris.

Primer: Solaris 10 Update 9

During the installation of Solaris 10 Update 9, there may be several odd symptoms that might catch an installer by surprise.

Sluggish or Long Login Time
Takes 20 seconds run quota during a login

If logging into a server with "rlogin", "telnet" or "ssh" taking a long time, try to perform a "prstat" during the login process. You may get about 20 seconds to figure out what is going wrongly. The "root" user may not experience the delay.

If "quota" is showing up for an extended period of time, it may be due to a search over NFS mounted file systems without NFS being configured correctly. This can be alleviated by unmounting the mounted NFS file system. The "mount | grep nfs" will help to identify the nfs file systems (you can normally ignore "vold".)

sunv890/user$ nawk '/nfs/ && !/vold/' /etc/mnttab
sunt2000:/u000/prodsupt /mnt nfs rw,xattr,dev=5ec0004 1296682012 sunv890/dh127087$ time quota
real 0m20.03s ...
sunv890/root$ umount /mnt
sunv890/user$ nawk '/nfs/ && !/vold/' /etc/mnttab
sunv890/user$ time quota
real 0m0.02s ...

Ensure quota and nfs partitions are properly configured on a newly installed system.

Occasional Network Failures
node name or service name not known

Some common operations may occasionally fail, for no apparent reason, such as: ping, telnet, ftp, etc. This is usually a name resolution issue. DNS is more commonly run by non-robust operating systems, so these types of errors may become more frequent.

If you have a variety of servers in a cluster or network management servers, where the ip addresses do not change - one may wish to basically guarantee the name resolution for those connections attempts by adding those ip & server entries to the "/etc/hosts" file and adjusting your "hosts:" option in the "/etc/nsswitch.conf" to perform a host table lookup before going to DNS via: "hosts: files dns".

v890/user$ grep host /etc/nsswitch.conf
# "hosts:" and "services:" in this file are used only if the
#hosts: dns files
hosts: files dns

Don't let an consumer appliances, immature or consumer grade operating systems place your mission critical operation at risk.

Service Management Facility
How to tell what services are available

Solaris 10 offers a large variety of services to the user and application community. If functionality you are expecting is not working "out of the box", it is a good chance there is a security reason for it. The best place to start is by getting a description of that services are available.

Ultra60/root# svcs -o FMRI,DESC | sort
FMRI DESC
lrc:/etc/rc2_d/S10lu -
lrc:/etc/rc2_d/S20sysetup -
lrc:/etc/rc2_d/S40llc2 -
lrc:/etc/rc2_d/S42ncakmod -
lrc:/etc/rc2_d/S47pppd -
lrc:/etc/rc2_d/S70uucp -
lrc:/etc/rc2_d/S72autoinstall -
lrc:/etc/rc2_d/S73cachefs_daemon -
lrc:/etc/rc2_d/S81dodatadm_udaplt -
lrc:/etc/rc2_d/S89bdconfig -
lrc:/etc/rc2_d/S89PRESERVE -
lrc:/etc/rc2_d/S90loc_ja_cssd -
lrc:/etc/rc2_d/S91ifbinit -
lrc:/etc/rc2_d/S91jfbinit -
lrc:/etc/rc2_d/S94ncalogd -
lrc:/etc/rc2_d/S98deallocate -
lrc:/etc/rc3_d/S16boot_server -
lrc:/etc/rc3_d/S50apache -
lrc:/etc/rc3_d/S52imq -
lrc:/etc/rc3_d/S80mipagent -
lrc:/etc/rc3_d/S84appserv -
lrc:/etc/rc3_d/S84patchserver -
svc:/application/cde-printinfo:default CDE Print Viewer
svc:/application/font/fc-cache:default FontConfig Cache Builder
svc:/application/font/stfsloader:default Standard Type Services Framework (STSF) Font Server loader
svc:/application/graphical-login/cde-login:default CDE login
svc:/application/management/dmi:default Sun Solstice Enterprise DMI
svc:/application/management/seaport:default net-snmp SNMP daemon
svc:/application/management/sma:default net-snmp SNMP daemon
svc:/application/management/snmpdx:default Sun Solstice Enterprise Master Agent
svc:/application/management/wbem:default SMC and WBEM Server
svc:/application/print/ipp-listener:default Internet Print Protocol Listening Service
svc:/application/print/ppd-cache-update:default ppd cache update
svc:/application/print/rfc1179:default BSD print protocol adapter
svc:/application/stosreg:default Service Tag OS Registry Inserter
svc:/application/x11/xfs:default X Window System font server
svc:/application/x11/xvnc-inetd:default X server that displays to VNC viewers
svc:/milestone/devices:default device configuration milestone
svc:/milestone/multi-user:default multi-user milestone
svc:/milestone/multi-user-server:default multi-user plus exports milestone
svc:/milestone/name-services:default name services milestone
svc:/milestone/network:default Network milestone
svc:/milestone/single-user:default single-user milestone
svc:/milestone/sysconfig:default Basic system configuration milestone
svc:/network/cde-spc:default CDE subprocess control
svc:/network/dns/client:default DNS resolver
svc:/network/finger:default finger
svc:/network/ftp:default FTP server
svc:/network/inetd:default inetd
svc:/network/initial:default initial network services
svc:/network/ipsec/ipsecalgs:default IPsec algorithm initialization
svc:/network/ipsec/policy:default IPsec policy initialization
svc:/network/iscsi/initiator:default -
svc:/network/login:rlogin remote login
svc:/network/loopback:default loopback network interface
svc:/network/nfs/cbd:default NFS callback service
svc:/network/nfs/client:default NFS client
svc:/network/nfs/mapid:default NFS ID mapper
svc:/network/nfs/nlockmgr:default NFS lock manager
svc:/network/nfs/rquota:default remote quota server
svc:/network/nfs/server:default NFS server
svc:/network/nfs/status:default NFS status monitor
svc:/network/pfil:default packet filter
svc:/network/physical:default physical network interfaces
svc:/network/routing-setup:default Initial routing-related configuration.
svc:/network/rpc-100235_1/rpc_ticotsord:default 100235
svc:/network/rpc/bind:default RPC bindings
svc:/network/rpc/cde-calendar-manager:default CDE calendar manager server
svc:/network/rpc/cde-ttdbserver:tcp ToolTalk database server
svc:/network/rpc/gss:default Generic Security Service
svc:/network/rpc/mdcomm:default SVM multi-node communications
svc:/network/rpc/meta:default SVM remote metaset services
svc:/network/rpc/metamed:default SVM remote mediator services
svc:/network/rpc/metamh:default SVM remote multihost disk services
svc:/network/rpc/rstat:default kernel statistics server
svc:/network/rpc/rusers:default network user name service
svc:/network/rpc/smserver:default removable media management
svc:/network/security/ktkt_warn:default Kerberos V5 warning messages daemon
svc:/network/service:default layered network services
svc:/network/shares/group:default Share Group
svc:/network/shares/group:zfs Share Group
svc:/network/shell:default rsh
svc:/network/smtp:sendmail sendmail SMTP mail transfer agent
svc:/network/ssh:default SSH server
svc:/network/stdiscover:default Service Tag discovery probe
svc:/network/stlisten:default Service Tag Discovery Listener
svc:/network/talk:default talk
svc:/network/telnet:default Telnet server
svc:/network/tnctl:default trusted networking templates
svc:/system/basicreg:default -
svc:/system/boot-archive:default check boot archive content
svc:/system/boot-archive-update:default update boot archive if necessary
svc:/system/console-login:default Console login
svc:/system/coreadm:default system-wide core file configuration
svc:/system/cron:default clock daemon (cron)
svc:/system/cryptosvc:default cryptographic services
svc:/system/device/fc-fabric:default Solaris FC fabric device configuration.
svc:/system/device/local:default Standard Solaris device configuration.
svc:/system/dumpadm:default system crash dump configuration
svc:/system/filesystem/autofs:default automounter
svc:/system/filesystem/local:default local file system mounts
svc:/system/filesystem/minimal:default minimal file system mounts
svc:/system/filesystem/root:default root file system mount
svc:/system/filesystem/usr:default read/write root file systems mounts
svc:/system/fmd:default Solaris Fault Manager
svc:/system/fpsd:default FP Scrubber - Online Floating Point Unit Test
svc:/system/identity:domain system identity (domainname)
svc:/system/identity:node system identity (nodename)
svc:/system/installupdates:default system update installer
svc:/system/keymap:default keyboard defaults
svc:/system/manifest-import:default service manifest import
svc:/system/name-service-cache:default name service cache
svc:/system/patchchk:default Launcher for Automatic Patching services
svc:/system/picl:default platform information and control
svc:/system/pkgserv:default Flush package command database to disk (see pkgadm(1m)).
svc:/system/postrun:default Postponed package postinstall command execution
svc:/system/power:default power management
svc:/system/resource-mgmt:default Global zone resource management settings
svc:/system/rmtmpfiles:default remove temporary files
svc:/system/sac:default SAF service access controller
svc:/system/scheduler:default default scheduling class configuration
svc:/system/svc/restarter:default master restarter
svc:/system/sysevent:default system event notification
svc:/system/sysidtool:net sysidtool
svc:/system/sysidtool:system sysidtool
svc:/system/system-log:default system log
svc:/system/utmp:default utmpx monitoring
svc:/system/webconsole:console java web console
svc:/system/zones:default Zones autoboot and graceful shutdown

Finding Failed Services
The Service Management Facility in Solaris 10 offers the ability to understand the relationship to other services.

v890/root# svcs -xv
svc:/application/print/server:default (LP print server)
State: disabled since Tue Feb 01 05:06:28 2011
Reason: Disabled by an administrator.
See: http://sun.com/msg/SMF-8000-05
See: man -M /usr/share/man -s 1M lpsched
Impact: 2 dependent services are not running:
svc:/application/print/rfc1179:default
svc:/application/print/ipp-listener:default

Fault Management Running via SMF
The Fault Management system is enabled through the Service Management Facility.

v890/root# svcs svc:/system/fmd:default
STATE STIME FMRI
online Feb_01 svc:/system/fmd:default

Fault Management System
Listing Fault Engines
The Fault Management infrastructure built into Solaris 10 monitors many of the core system features across architectures (both SPARC and Intel.) A listing of the current engines can be displayed via the "fmadm" command.

v890/root# fmadm config | sort
MODULE VERSION STATUS DESCRIPTION
cpumem-diagnosis 1.7 active CPU/Memory Diagnosis
cpumem-retire 1.1 active CPU/Memory Retire Agent
disk-transport 1.0 active Disk Transport Agent
eft 1.16 active eft diagnosis engine
ext-event-transport 0.1 active External FM event transport
fabric-xlate 1.0 active Fabric Ereport Translater
fmd-self-diagnosis 1.0 active Fault Manager Self-Diagnosis
fps-transport 1.0 active Solaris FP-Scrubber
io-retire 1.0 active I/O Retire Agent
snmp-trapgen 1.0 active SNMP Trap Generation Agent
sysevent-transport 1.0 active SysEvent Transport Agent
syslog-msgs 1.0 active Syslog Messaging Agent
zfs-diagnosis 1.0 active ZFS Diagnosis Engine
zfs-retire 1.0 active ZFS Retire Agent

Listing Faults on Platforms
The faults on a system can be listed.

v890/root# fmadm faulty
v890/root#

Solaris Diagostics
prtdiag

Not all diagnostics are managed through the Fault Management system via Service Management facility. There are still some hardware features which can only be seen via the Print Diagnostics command (such as fan speed.) The "prtdiag" command gives visibility to these components.

v890/user$ prtdiag -v
System Configuration: Sun Microsystems sun4u Sun Fire V890
System clock frequency: 150 MHz
Memory size: 32768 Megabytes

========================= CPUs ===============================================

 Run E$ CPU CPU
Brd CPU MHz MB Impl. Mask
--- ----- ---- ---- ------- ----
A 0, 16 1500 32.0 US-IV+ 2.2
B 1, 17 1500 32.0 US-IV+ 2.1
A 2, 18 1500 32.0 US-IV+ 2.2
B 3, 19 1500 32.0 US-IV+ 2.1

========================= Memory Configuration ===============================

 Logical Logical Logical
MC Bank Bank Bank DIMM Interleave Interleaved
Brd ID num size Status Size Factor with
---- --- ---- ------ ----------- ------ ---------- -----------
A 0 0 2048MB no_status 1024MB 8-way 0
A 0 1 2048MB no_status 1024MB 8-way 0
A 0 2 2048MB no_status 1024MB 8-way 0
A 0 3 2048MB no_status 1024MB 8-way 0
B 1 0 2048MB no_status 1024MB 8-way 1
B 1 1 2048MB no_status 1024MB 8-way 1
B 1 2 2048MB no_status 1024MB 8-way 1
B 1 3 2048MB no_status 1024MB 8-way 1
A 2 0 2048MB no_status 1024MB 8-way 0
A 2 1 2048MB no_status 1024MB 8-way 0
A 2 2 2048MB no_status 1024MB 8-way 0
A 2 3 2048MB no_status 1024MB 8-way 0
B 3 0 2048MB no_status 1024MB 8-way 1
B 3 1 2048MB no_status 1024MB 8-way 1
B 3 2 2048MB no_status 1024MB 8-way 1
B 3 3 2048MB no_status 1024MB 8-way 1

========================= IO Cards =========================

 Bus Max
IO Port Bus Freq Bus Dev,
Brd Type ID Side Slot MHz Freq Func State Name Model
---- ---- ---- ---- ---- ---- ---- ---- ----- -------------------------------- ----------------------
I/O PCI 8 B 3 33 33 2,0 ok lpfc-pci10df,f900/sd (block) LP9002L 
I/O PCI 9 B 5 33 33 3,0 ok fibre-channel-pci10df,f900.10df.+ LP9002L 
I/O PCI 9 B 4 33 33 4,0 ok pci-pci8086,b154.0/network (netw+ PCI-BRIDGE 
I/O PCI 9 B 4 33 33 0,0 ok network-pci108e,abba.11 SUNW,pci-ce/pci-bridge

No failures found in System
===========================

========================= Environmental Status =========================

System Temperatures (Celsius):
-------------------------------
Device Temperature Status
---------------------------------------
CPU0 60 OK
CPU1 54 OK
CPU2 55 OK
CPU3 53 OK
MB 24 OK
IOB 21 OK
DBP0 19 OK

=================================

Front Status Panel:
-------------------
Keyswitch position: NORMAL

System LED Status:
 GEN FAULT REMOVE
 [OFF] [OFF]

 DISK FAULT POWER FAULT
 [OFF] [OFF]

 LEFT THERMAL FAULT RIGHT THERMAL FAULT
 [OFF] [OFF]

 LEFT DOOR RIGHT DOOR
 [OFF] [OFF]

=================================

Disk Status:
 Presence Fault LED Remove LED
DISK 0: [PRESENT] [OFF] [OFF]
DISK 1: [PRESENT] [OFF] [OFF]
DISK 2: [PRESENT] [OFF] [OFF]
DISK 3: [PRESENT] [OFF] [OFF]
DISK 4: [PRESENT] [OFF] [OFF]
DISK 5: [PRESENT] [OFF] [OFF]
DISK 6: [ EMPTY]
DISK 7: [ EMPTY]
DISK 8: [ EMPTY]
DISK 9: [ EMPTY]
DISK 10: [ EMPTY]
DISK 11: [ EMPTY]

=================================

Fan Bank :
----------

Bank Speed Status Fan State
 ( RPMS )
---- -------- --------- ---------
CPU0_PRIM_FAN 2000 [ENABLED] OK
CPU1_PRIM_FAN 2127 [ENABLED] OK
CPU0_SEC_FAN 0 [DISABLED] OK
CPU1_SEC_FAN 0 [DISABLED] OK
IO0_PRIM_FAN 3030 [ENABLED] OK
IO1_PRIM_FAN 2912 [ENABLED] OK
IO0_SEC_FAN 0 [DISABLED] OK
IO1_SEC_FAN 0 [DISABLED] OK
IO_BRIDGE_PRIM_FAN 3703 [ENABLED] OK
IO_BRIDGE_SEC_FAN 0 [DISABLED] OK

=================================

Power Supplies:
---------------
 Current Drain:
Supply Status Fan Fail Temp Fail CS Fail 3.3V 5V 12V 48V
------ ------------ -------- --------- ------- ---- -- --- ---
PS0 GOOD 6 3 2 4
PS1 GOOD 6 3 2 4
PS2 GOOD 6 3 2 4

========================= HW Revisions =======================================

System PROM revisions:
----------------------
OBP 4.30.4 2009年08月19日 07:21

IO ASIC revisions:
------------------
 Port
Model ID Status Version
-------- ---- ------ -------
Schizo 8 ok 7
Schizo 9 ok 7

Solaris 10: Configuring ZFS Scrub via SMF

Abstract:
The new packaging routines for OpenSolaris omit the use of pre and post installation routines common to SVR4 packaging, for the purpose of simplification. The new SMF (Service Management Facility) can be leveraged to provide these capabilities. The creation of a regular repetitive operation such as ZFS Scrub can be packaged and run via SMF. This can be wrapped in an OpenSolaris feature called "Visual Panels" to provide a GUI.


Background:
When Solaris had been merged with SVR4, the SVR4 Package standard was implemented for software installation and FMLI (Form and Menu Language Interpreter) would handle textual based GUI's. Some SVR4 variants released XFMLI, in order to wrap "fmli" into a standard X Windows GUI. With the creation of OpenSolaris, the iPkg was created through the inclusion of a Debian Linux developer. With the release of Solaris 10, SMF, a new mechanism to manage hierarhal service under Solaris was created, to merge both start/stop scripts as well as inetd servies. Shortly after Solaris 10's release, ZFS was released, in order to provide for enhanced file system management. OpenSolaris added "Visual Panels", to help provide a facility to replace "fmli".

ZFS:
The ZFS system performs error detection and correction through the use or CRC and parity, depending on the level of redundancy the user requires (and selects.) The "zpool" command handles most of the bottom-end functionality. The occasional "scrub" should be performed on-line via "zpool scrub" command, to ensure the integrity of on-line data, forcing the ZFS system to check all of the CRC's, and apply available parity information against silent data corruption.

The availability of scrub information can be acquired via the "zpool status" command, but it was not persistent across reboots. To simulate this bug without a reboot, the "zpool export" and "zpool import" commands can be used, after which time any scrub information would disappear. Constantin Gonzalez implemented CR6878281 to make this information persistent. A work-around needed to be created in order to make available information persistent.

ZFS has the ability to retain user defined properties at the file system level, but not at the zpool level. A user-defined property to hold the last scrub date at the upper most file system level can be implemented as a work-around for the work-around to provide a persistent location for the zpool last scrub data element. The "zfs" command handles many of the higher-layer features.

In order to set the property, the "zfs set =" can be used. To find the formerly set property, the "zfs get " can be used. To delete the property, the "zfs inherit " can be used, which forces Solaris to delete and not create a new property, since the parent zpool does not have that property in existence!


SMF:
The Service Management Facility can be used to start, stop, and monitor various infrastructures within the operating system. The "svcs" command will show the active services with their states while the "svcadm" command will allow for the adjusting of those states. Start, stopping, and restarting of services can be done with "svcadm start ", "svcadm stop ", and "svcadm restart ".


Visual Panels:
A modern Java based system, "Visual Panels" ascribes to a client-server model, where any platform can run the GUI. (Ben Rockwood at cuddletech.com has a short introduction to it.) The Panels talk to "Management Beans" located in a "JMX Management Agent", which do all the heavy lifting. There already exists an "SMF Bean" which can do the "SMF" configuration changes for custom panels. The "NetBeans" development platform allows for wiring.

Tying Everything Together.
Consantin Gonzalez produced a video series to describe how this can all be tied together in OpenSolaris. This is a great model for developers to use in order to migrate their system to modern Solaris infrastructures. Constantin has moved his main blogging to a new location.

Some of the ZFS Scrub concepts were based upon Tim Fosters (new location) Auto-Snapshot work.