vdi configuration
DESCRIPTION
virtual desktop infrastructure,TRANSCRIPT
VDI components:
Solaris 11 installed on sun server VDI 3.5 installed on same host on solaris operating system Sun ray os is installed before installing vdi on solaris 11
How to Create the Solaris 11 IPS Repository
To begin, I start off with a fresh install of Solaris 11. Now that my system is installed, copy the ISO images into the fallowing location.
# cd /var/tmp/
Now we concatenate the ISO images following the instructions in the README.txt file. This may take some time since each ISO is approximately 1.5g.
# cat sol-11-dev-167-repo-p01.iso-a sol-11-dev-167-repo-p01.iso-b > \
sol-11-dev-167-repo-p01.iso
The first step is to create a ZFS file system to hold the repository packages.
# zfs create -o mountpoint=/IPS rpool/IPS
# zfs create rpool/IPS/s11-167-repo
# zfs list -r rpool/IPS
NAME USED AVAIL REFER MOUNTPOINT
rpool/IPS 63K 8.26G 32K /IPS
rpool/IPS/s11-167-repo 31K 8.26G 31K /IPS/s11-167
#
Now we need to mount the first repository ISO image and copy it’s contents to the ZFS file system we created (/IPS/s11-167).
# lofiadm -a /var/tmp/sol-11-dev-167-repo-p01.iso
# mount -F hsfs /dev/lofi/1 /mnt
# rsync -aP /mnt/repo /IPS/s11-167-repo
# umount /mnt
# lofiadm -d /dev/lofi/1
Note there should not be a trailing slash (“/”) on the directory paths above or the rsync command will not copy the data properly and your repository will not function.
Once the rsync is finished we can then move on to create the IPS repository using SMF. The advantage of using SMF allows one to disable/enable the service as needed as well as providing a quick way to re-point to another ZFS file system containing a possibly newer repository.
# svccfg -s pkg/server setprop pkg/inst_root=/IPS/s11-167-repo/repo
# svccfg -s pkg/server setprop pkg/readonly=true
# svccfg -s pkg/server setprop pkg/port=10000
Verify your changes.
# svccfg -s pkg/server listprop | egrep "inst_root|readonly|port"
pkg/inst_root astring /IPS/s11-167/repo
pkg/readonly boolean true
pkg/port count 10000
#
Now we can enable our new repository.
# svcadm refresh pkg/server
# svcadm enable pkg/server
# svcs pkg/server
STATE STIME FMRI
online 16:55:13 svc:/application/pkg/server:default
#
Now that our repository has been successfully created, we need to validate it is accessible via HTTP. Simply open up a web browser and point to your new Solaris 11 IPS repository. As we configured it in SMF the URI is http://localhost:10000/. The webpage displayed should be similar to http://pkg.oracle.com/solaris/release. In the sample output below, I used the IP Address of my server to connect.
Success! Now let’s do some minor cleanup. By default, the Solaris 11 text installer will add thesolaris publisher your list of publishers which can be verified with pkg publisher. Since the
default publisher points back to Oracle, and we only want to use our local copy of the Solaris 11 repository, we need to change the publisher information. This is done as follows.
# pkg set-publisher -G http://pkg.oracle.com/solaris/release -g \
/IPS/s11-167-repo/repo solaris
All finished! Our local Solaris 11 repository has been created via SMF, made available via HTTP and via local ZFS to our hosting server, and our future searches via pkg search will only look at our
repository instead of trying Oracle’s first.In the next post I will cover how to use this Solaris 11 repository as the basis for creating an AI Server for remote installation (via HTTP) to SPARC based systems.
how to turn on or off FIREWALL in solaris 10?
To enable FW
svcadm enable svc:/network/ipfilter:default
To disable it
svcadm disable svc:/network/ipfilter:default
shows if ipf is running or not.
ipfstat -io
How to Get Started Configuring Your Network in Oracle Solaris 11
New Features of Oracle Solaris 11 Network Configuration
Oracle Solaris 11 introduced two new commands for manually administering networks, dladm and ipadm, and both supersede ifconfig. Unlike ifconfig, changes made by dladm and ipadm are persistent across reboots. They share a common, consistent command format and, unlike ifconfig, they have parseable output that can be used in scripts.
dladm performs data-link (layer 2) administration to configure physical links, aggregations, VLANs, IP tunnels, and InfiniBand partitions. It also manages link-layer properties.
ipadm configures IP interfaces, IP addresses, and TCP/IP protocol properties. It also replaces the use of ndd for network and transport layer tuning.
Data-link names are no longer the same as the physical interface, which might be a virtual device. Instead, they have generic names, such as net0 or net1, or administrators can give them descriptive names. This allows the underlying hardware to be changed without impacting the network configuration.
In addition, Oracle Solaris 11 adds automatic network configuration using network profiles. Profiles are managed with two administrative commands—netadm and netcfg—and describe the configuration of network interfaces, name services, routing, and IP filter and IPsec policies in a single entity.
Manual and Automatic Networking Modes
Oracle Solaris 11 uses profile-based network configuration, which comprises two network configuration modes: manual and automatic.
Depending on which mode you chose during installation, either the DefaultFixed network configuration profile (NCP) or the Automatic NCP is activated on the system.
The Automatic NCP uses DHCP to obtain a basic network configuration (IP address, router, and DNS server) from any of the connected Ethernet interfaces. If this fails, it will try connecting to the best wireless network in the list of known networks.
The DefaultFixed NCP effectively disables automatic network configuration and requires the network interfaces to be manually configured using dladm and ipadm and the name services to be configured using the Oracle Solaris Service Management Facility (SMF).
It is easier to manage Oracle Solaris 11 networking by creating your own NCPs rather than using the DefaultFixed NCP and manually configuring the network.
The DefaultFixed NCP should be used on systems that will be reconfigured using Oracle Solaris Dynamic Reconfiguration or where hot-swappable interfaces are used. It must be used for IP multipathing, which is not supported when using the Automatic NCP.
You can use netadm to find out what network profiles are active on a system:
root@solaris:~# netadm listTYPE PROFILE STATEncp Automatic onlinencu:phys net0 onlinencu:ip net0 onlineloc Automatic onlineloc NoNet offlineloc User online
Without going into too much detail now (we will cover this in a later section), the output above shows that the Automatic NCP is enabled.
To switch to the DefaultFixed NCP and, thus, enable manual networking, run the following command:
root@solaris:~# netadm enable -p ncp DefaultFixedroot@solaris:~# netadm listnetadm: DefaultFixed NCP is enabled; automatic network management is not available.'netadm list' is only supported when automatic network management is active.
And to switch back to the Automatic NCP, use the following command:
root@solaris:~# netadm enable -p ncp Automaticroot@solaris:~# netadm listTYPE PROFILE STATEncp Automatic uninitializedncu:phys net0 uninitializedncu:ip net0 uninitializedloc Automatic uninitialized
As the system starts to configure the data links and receives an IP address from the DHCP server, we soon get back to our original online state:
root@solaris:~# netadm listTYPE PROFILE STATEncp Automatic onlinencu:phys net0 onlinencu:ip net0 onlineloc Automatic onlineloc NoNet offlineloc User online
Manual Network Configuration
In the following example, we will manually configure our server to have a static IPv4 address of 10.163.198.20.
First of all, we will switch to the DefaultFixed NCP, if that hasn't been done already:
root@solaris:~# netadm enable -p ncp DefaultFixed
On a machine with multiple physical networks, you can use dladm to determine how network interface names are mapped to physical interfaces.
root@solaris:~# dladm show-physLINK MEDIA STATE SPEED DUPLEX DEVICEnet0 Ethernet up 1000 full e1000g0net1 Ethernet unknown 0 unknown pcn0
Creating a static IP address is a two-step process, and it involves creating an IP interface and an IP address. There can be multiple IP addresses associated with an IP interface. IP address objects have names in the form interface/description.
In the example shown in Listing 1, we use acme as the description.
root@solaris:~# ipadm create-ip net0root@solaris:~# ipadm show-ifIFNAME CLASS STATE ACTIVE OVERlo0 loopback ok yes ---net0 ip down no ---root@solaris:~# ipadm create-addr -T static -a 10.163.198.20/24 net0/acmeroot@solaris:~# ipadm show-ifIFNAME CLASS STATE ACTIVE OVERlo0 loopback ok yes ---net0 ip ok yes ---
root@solaris:~# ipadm show-addrADDROBJ TYPE STATIC ADDRlo0/v4 static ok 127.0.0.1/8net0/acme static ok 10.163.198.20/24lo0/v6 static ok ::1/128
Listing 1. Configuring a Static IP Address
We can then add a persistent default route:
root@solaris:~# route -p add default 10.163.198.1add net default: gateway 10.163.198.1add persistent net default: gateway 10.163.198.1
Name Service Configuration Using SMF
The name service configuration is now stored and configured via SMF services instead of via configuration files in /etc. This change is part of a wider set of configuration changes in Oracle Solaris 11, which provides a greater degree of administrative auditability and control over system configuration, particularly during system updates.
The SMF service svc:/network/dns/client manages configuration information that used to be in /etc/resolv.conf. The SMF service svc:/system/name-service/switch manages configuration information that used to be in /etc/nsswitch.conf. In both cases, the configuration information is also stored in the legacy files for compatibility with other applications that might read them. You should not directly edit these legacy files. Changes made to properties are not reflected in the legacy files until the service is refreshed, restarted, or enabled.
Note: Specifying lists and strings as SMF properties requires quoting them or escaping parentheses and quotation marks to prevent the shell from interpreting them.
Example: Configuring a DNS Client Using SMF
In the following example, we configure Domain Name Service (DNS) using the svccfg command on the svc:/network/dns/client SMF service. This will give us the ability to look up IP addresses for host names and vice versa:
root@solaris:~# svccfg -s svc:/network/dns/client setprop \config/search='("uk.acme.com" "us.acme.com" "acme.com")'
root@solaris:~# svccfg -s svc:/network/dns/client listprop config/searchconfig/search astring "uk.acme.com" "us.acme.com" "acme.com"
root@solaris:~# svccfg -s svc:/network/dns/client setprop \config/nameserver=net_address: '(10.167.162.20 10.167.162.36)'
root@solaris:~# svccfg -s svc:/network/dns/client listprop config/nameserverconfig/nameserver net_address 10.167.162.20 10.167.162.36
After we have made the configuration changes, we refresh the SMF service:
root@solaris:~# svcadm refresh svc:/network/dns/client
It is not necessary to set the properties for every name service database. You can use the special property config/default to provide a default value. You can individually customize entries that can't use the default value.
Configuring Naming Services When in Manual ModeThe SMF repository is the primary repository for all naming services configuration. The previous behavior of modifying a configuration file to configure naming services no longer works. These services, for example, svc:/system/name-service/switch, svc:/network/dns/client, and svc:/system/name-service/cache must be enabled or refreshed for any changes to take affect.
Note - If no network configuration exists, naming services default to files only behavior, rather than nis files. The svc:/system/name-service/cache SMF service should be enabled at all times.
The following table describes the naming service configuration that has migrated to SMF.
Table 7-1 SMF Service to Legacy File Mapping
SMF Service Files Description
svc:/system/name-service/switch:default
/etc/nsswitch.conf Naming service switch configuration (Used by the nscd command)
svc:/system/name-service/cache:default
/etc/nscd.conf Naming service cache (nscd)
svc:/network/dns/client:default
/etc/resolv.conf DNS naming service
svc:/network/nis/domain:default
/etc/defaultdomain /var/yp/binding/$DOMAIN/*
Shared NIS domain configuration (Used by all NIS services). Also historical shared use by LDAP naming services
Note - Must be enabled when
usingnis/client or ldap/client
svc:/network/nis/client:default
N/A NIS client naming service (ypbind and related files)
svc:/network/ldap/client:default
/var/ldap/* LDAP client naming service (ldap_cachemgr and related files)
svc:/network/nis/server:default
N/A NIS server naming service (ypserv)
svc:/network/nis/passwd:default
N/A NIS server passwd service (rpc.yppasswd)
svc:/network/nis/xfr:default N/A NIS server xfr naming service (ypxfrd)
svc:/network/nis/update:default
N/A NIS server update naming service (rpc.ypupdated)
svc:/system/name-service/upgrade:default
N/A Naming legacy file to SMF upgrade service
Example 7-3 Configuring Naming Services by Using SMF
The following example shows how to configure DNS by using SMF commands.
# svccfgsvc:> select dns/clientsvc:/network/dns/client> setprop config/search = astring: \("us.company.com" "eu.company.com" "companya.com" "companyb.com" "company.com" )svc:/network/dns/client> setprop config/nameserver = net_address: \( 138.2.202.15 138.2.202.25 )svc:/network/dns/client> select dns/client:defaultsvc:/network/dns/client:default> refreshsvc:/network/dns/client:default> validatesvc:/network/dns/client:default> select name-service/switchsvc:/system/name-service/switch> setprop config/host = astring: "files dns"svc:/system/name-service/switch> select system/name-service/switch:defaultsvc:/system/name-service/switch:default> refreshsvc:/system/name-service/switch:default> validatesvc:/system/name-service/switch:default> # svcadm enable dns/client# svcadm refresh name-service/switch# grep host /etc/nsswitch.confhosts: files dns# cat /etc/resolv.conf#
# opyright (c) 2011, Oracle and/or its affiliates. All rights reserved.#
## _AUTOGENERATED_FROM_SMF_V1_## WARNING: THIS FILE GENERATED FROM SMF DATA.# DO NOT EDIT THIS FILE. EDITS WILL BE LOST.# See resolv.conf(4) for details.
search us.company.com eu.company.com companya.com companyb.com company.comnameserver 138.2.202.15nameserver 138.2.202.25...
Example 7-4 Setting Multiple NIS Servers by Using SMF
Example: Configuring /etc/switch.conf Using SMF
In the following example, we use the name service switch mechanism to allow our system to search through the DNS, LDAP, NIS, or local file sources for naming information. We again use the svccfg command on the svc:/system/name-service/switch SMF service:
root@solaris:~# svccfg -s svc:/system/name-service/switch setprop config/default = "files nis" root@solaris:~# svccfg -s svc:/system/name-service/switch setprop config/host = "files dns nis" root@solaris:~# svccfg -s svc:/system/name-service/switch setprop config/password = "files nis" root@solaris:~# svcadm refresh svc:/system/name-service/switch
Note: The config/host property defines both the hosts and ipnodes entries in /etc/nsswitch.conf, while the config/password property defines the passwd entry. The remaining properties have the same name as their /etc/nsswitch.conf entries.
Setting the Host Name
In Oracle Solaris 11, /etc/nodename has been removed and replaced with the config/nodename property of the svc:/system/identity:node service.
To set the host name, we again use svccfg:
root@solaris:~# svccfg -s svc:/system/identity:node setprop config/nodename = astring: hostnameroot@solaris:~# svcadm refresh svc:/system/identity:noderoot@solaris:~# svcadm restart identity:node
Setting the host name this way will work for both automatic and manual network configurations.
Changes to /etc/hosts
In Oracle Solaris 11, the host's own entry in /etc/hosts is now the same as that of localhost. In previous versions of Oracle Solaris, this entry was associated with the first network interface.
root@solaris:~# cat /etc/hosts## Copyright 2009 Sun Microsystems, Inc. All rights reserved.# Use is subject to license terms.## Internet host table#::1 solaris localhost 127.0.0.1 solaris localhost loghost
Note: Some application installers might fail due to changes in the /etc/hosts file. If you experience this, you might have to edit /etc/hosts directly.
How to change your hostname and IP-Address in Solaris 11
How to enable SSH Root Login In Solaris 11
Permit SSH Login for Root in Oracle Solaris 11
Open Terminal window and switch to root user.
1. Change the file /etc/ssh/sshd_config PermitRootLogin yes withPermitRootLogin no and save file.
vi /etc/ssh/sshd_config
PermitRootLogin yes
2. Comment out the “CONSOLE=/dev/console” line in /etc/default/login.
vi /etc/default/login
#CONSOLE=/dev/console
3.Remove “;type=role” from the root entry in /etc/user_attr or use the below command.
rolemod -K type=normal root
4. Restart the Services.
#svcadm restart svc:/network/ssh:default
5.Try SSH connection using root user You should be able to connect.