Wednesday, June 17, 2009

Sun Storage 7110 Create a share for Windows & Solaris use

The main reason I got the Sun Storage is to to combine our existing 2 home drives per user down to One (see last week), so that we have access to CIFS shares and NFS shares via the Storage System (well via OpenSolaris)

Mon June 22nd 2009: I have updated it since the ACL were not 100% correct.

1. Create a new project, so that you don't change the default setting and enable the CIFS protocol, NFS is enabled by default.




2. If you want ACL/permissions to be inherited correctly then you need to alter the "Inherited ACL Behavior", which is the ZFS command "zfs set aclinherit=passthrough rpool/ROOT/b114b" for reference.




3. Create a share with all the relevant information, name, uid, group and permissions.




4. Need to set up mapping between our Solaris LDAP server and Windows AD system.




5. It is a straight mapping of LDAP <=> AD for users and groups.




6. Next edit Access ACL for the new share. I think the "Owner" should have full control.




7. Here is a full description of the letters and what they represent in windows.






8. And the final product after a few global ACL's have been added. Plus the owner of the directory should be added as well. This is because if Windows Admin creates a file then you want the owner still to have access.




9. Now lets test it.....

Tuesday, June 09, 2009

Does the Sun Storage 7110 do the job (Introduction)

I have just had a delivery of a Try and Buy Sun Storage 7110 Unified Storage System system. As you are aware this is Sun's new storage system built on top of the OpenSolaris Operating System. I am not going to look at the fancy features of the system which include one of the best GUI I have see and again the best Analytics which you would ever need (I think you could spot what the user had for breakfast with this system).

What I want to know will it do the job of a file server for my mixed Windows and Solaris environment.

Current System
Windows servers with dedicated disk systems and Solaris servers also with
dedicated disk system. The user ends up with 2 home drives (Windows & Solaris), which I want reduced to 1 home directory!!!

Bad News
We recently bought 2 NAS e-open system which set us back £20k which I have to say is a waste of space and it is not just me who says that (Open-E Review, Not a Storage Server
). The main reason is that Linux/Samba does not do it as a Windows server replacement and there is no mapping system between AD and LDAP, so I would have to reconfigure our Solaris system which is not the perfect solution.

Friday, January 23, 2009

Build a DVD Jumpstart image for SXCE/Nevada (OpenSolaris)

I have had a lot of trouble recently getting Jumpstart to work with no PXE server with SXCE/Nevada. The last time I got it to work was with Solaris Express B90 (when Sun releases it)

I need to update my lab of Desktops to a newer version so I decided to build my own DVD with Jumpstart built in. I think at the moment the OpenSolaris/Indiana release does not make this procedure possible, so sticking with SXCE.

This solution is not perfect but it works!

The procedure is:
  1. Obtain the latest iso version
  2. Copy iso to a disk for editing
  3. Extract the mini boot for editing
  4. Replace original sysidcfg with your version
  5. Rebuild miniboot
  6. Edit grub menu
  7. Add your jumpstart features (Packages, Scripts, etc)
  8. Rebuild iso image
  9. Write iso image to DVD

Step by step guide

1. Obtain the latest Nevada/SXCE iso version (or even Solaris)

2. Copy iso to a disk for editing
  • Need to mount the ISO (i.e. sol-nv-b105-x86-dvd.iso)
  • Then copy contents to some where on your hard disk
# lofiadm -a /export/iso/sol-nv-b105-x86-dvd.iso
dev/lofi/1
# mount -o ro -F hsfs -o ro /dev/lofi/1 /mnt
# mkdir /export/dvd
# cd /mnt
# find . -depth -print | cpio -pdm /export/dvd

3. Extract the mini boot for editing
# gzcat /export/dvd/boot/x86.miniroot > /var/tmp/bootfile
# lofiadm -a /var/tmp/bootfile
/dev/lofi/2
# mkdir /tmp/bootfile
# mount /dev/lofi/2 /tmp/bootfile
# ls /tmp/bootfile
a cdrom etc mnt proc sbin ....

4. Replace original sysidcfg with your version
  • My sysidcfg setups ldap, root password, etc...
# cd /tmp/bootfile/etc
# rm sysidcfg
# cat > sysidcfg
network_interface=e1000g0 {primary dhcp protocol_ipv6=no}
security_policy=none
name_service=LDAP {domain_name=dcs.bbk.ac.uk profile=default profile_server=193.xx.yy.zz proxy_dn="cn=proxyagent,ou=profile,dc=dcs,dc=bbk,dc=ac,dc=uk" proxy_password="PLAIN TEXT PASSWORD"}
nfs4_domain=dynamic
root_password="Encrypted Password"
terminal=dtterm
timezone="GB"
timeserver=193.xx.yy.zz
system_locale=C
keyboard=UK-English
service_profile=limited_net
^D
# cd /var/tmp

5. Rebuild miniboot
# umount /tmp/bootfile
# lofiadm -d /dev/lofi/2
# gzip /var/tmp/bootfile
# mv /var/tmp/bootfile.gz /export/dvd/boot/x86.miniroot

6. Edit grub menu
  • Need to add the install option so that performs a hands-off Jumpstart install
  • I have also added another item so that the default is to boot off the disk. i.e. it will not do a install unless you pick Jumpstart items
  • I have also altered it so that it gets the jumpstart scripts from a tar file on the web server
  • edit /export/dvd/boot/grub/menu.lst so it looks like
default=0
timeout=30
min_mem64 1024
title Boot From Disk
    rootnoverify (hd0)
    chainloader +1
title Custom Jumpstart
    verbose
    kernel /boot/platform/i86pc/kernel/unix - install http://193.61.29.21/solaris/config.tar -B install_media=cdrom
    module /boot/x86.miniroot

7. Add your Jumpstart features (Packages, Scripts, etc)
  • With any luck you have this already otherwise please see the Sun docs
  • Basically I have some extra packages (/opt/sfw and some scripts which alter system files)
  • Tar the whole directory and place it on web server
  • Copy any packages to the DVD if required
# cd /export/jumpstart
# tar cf /opt/htdocs/solaris/config.tar .
# cp -rp /export/ExtraPackages /export/dvd

8. Rebuild ISO image
  • Now we have our new grub menu
  • New miniroot
  • Extra Packages on the DVD
  • Now we need to create the ISO
  • You may get some warnings out filename conversions, which I have not solved yet, but I do not use these packages so it is OK.
/usr/bin/mkisofs -d -D -J -l -r -U -relaxed-filenames -b boot/grub/stage2_eltorito -no-emul-boot -boot-load-size 4 -boot-info-table -c .catalog -V "OpenSolaris" -o /var/tmp/output.iso /export/dvd

Using TopicSelectors$Subscri000.class for /var/tmp/dvd/Solaris_11/Produc/SUNWiqdoc/reloc/usr/demo/imq/jm/TopicSelectors$Subscriber$MultipleListener.class (TopicSelectors$Subscriber.class)

1.85% done, estimate finish Thu Jan 15 16:43:42 2009
...
Size of boot image is 4 sectors -> No emulation
1.43% done, estimate finish Thu Jan 15 11:08:14 2009
99.78% done, estimate finish Thu Jan 15 11:15:08 2009
Total translation table size: 2048
Total rockridge attributes bytes: 4369317
Total directory bytes: 23724032
Path table size(bytes): 185830
Max brk space used 23da000
1753844 extents written (3425 MB)
#

9. Write iso image to DVD
# cdrw -i /var/tmp/output.iso


That is it folks.

References:
http://blogs.sun.com/rv/entry/getting_opensolaris_into_an_usb
Creating OpenSolaris USB Sticks Is Easy
reating a Customized Boot CD/DVD for the Solaris Operating System for x86 Platforms