We decommissioned all our older Solaris servers recently and decided to keep a couple to "play" with. Being older models the Service Processors hadn't been configured for network use plus they were a different bit of kit compared to our new ones which either used ILOM or XSCF operating systems, so.....
These are the commands I used to configure the ALOM which doesn't include NTP (being a test server I didn't go that far).
To set a static IP address:
setsc netsc_dhcp false
setsc netsc_ipaddr <IP address>
setsc netsc_ipnetmask <Subnet mask>
setsc netsc_ipgateway <Gateway address>
To check that the settings have taken:
shownetwork
You may have to reset the ALOM for the settings to take affect:
resetsc -y
The ALOM should be on the network now......
Wednesday 29 February 2012
NTP settings
The file that you need to be edit should be located at:
/etc/inet/ntp.conf
The file should read something like:
First line relates to your time service, the second makes the service use a logfile and the third a drift file - which helps with any time drift.
Run the following command to enable the service:
svcadm enable ntp
Then check to see if the NTP service has kicked in by running the following:
ntpq -p
What you are looking for is a 377 entry under the reach heading - if you don't you're not getting a connection and will have to start troubleshooting
/etc/inet/ntp.conf
The file should read something like:
# multicastclient 224.0.1.1
server <FQDN of your Time server>
logfile /var/ntp/ntp.log
driftfile /var/ntp/ntp.driftFirst line relates to your time service, the second makes the service use a logfile and the third a drift file - which helps with any time drift.
Run the following command to enable the service:
svcadm enable ntp
Then check to see if the NTP service has kicked in by running the following:
ntpq -p
What you are looking for is a 377 entry under the reach heading - if you don't you're not getting a connection and will have to start troubleshooting
vSphere - List of VMs from Virtual Center
We had a need to obtain a list of VMs to Hosts due updating from 4.1 u1 to 4.1 u2 - the VC would be done for a projected couple of hours so just in case we needed to access a VM console we needed this list.
How we got this information was by doing the following:
1. Go to Home > Inventory > VMs and Templates.
2. In the left pane click on the level of reporting you want - in this case it was at the Datacenter level.
3. In the right hand pane choose the Virtual Machines tab.
4. Then click on File > Export > Export List.
5. I choose the xls format and then save it somewhere (in this case a shared location).
You can use other tools for this - one of my favourites is RVTools written by Rob de Veij and can be found at http://www.robware.net/
How we got this information was by doing the following:
1. Go to Home > Inventory > VMs and Templates.
2. In the left pane click on the level of reporting you want - in this case it was at the Datacenter level.
3. In the right hand pane choose the Virtual Machines tab.
4. Then click on File > Export > Export List.
5. I choose the xls format and then save it somewhere (in this case a shared location).
You can use other tools for this - one of my favourites is RVTools written by Rob de Veij and can be found at http://www.robware.net/
Thursday 23 February 2012
Solaris - Automated FTP job
I had a request come in to transfer a file from a Solaris box to a Windows VM. It needed to copy at 6am and only run on Tuesday to Saturday - being new to Solaris I thought I'd log this one for future reference......
Basic steps
1. create a user account on the receiving (Windows) box
2. create a user account on the sending (Solaris) box
3. create a .netrc file
4. create a batch file
5. edit the crontab file (Solaris account)
6. store passwords in a secure location
Step 1
Create the Windows user account and give it permissions to required area - in this case a FTP site was setup on a IIS box with the account having rights to the site.
Step 2
I created a user account, ftpjob, on the Solaris box and made sure the account had rights on the relevant area.
ls -al (will show you permissions)
In this case the account created belonged to the group that had ownership along the full path.
It's home area was /export/home/ftpjob
Step 3
create the .netrc file in the root of the accounts home area (which allows for automating of the job).
touch .netrc
Change the file permissions
chmod 600 .netrc
I added the following text to the file:
machine <name or ip> login <windows user account> password <windows user account> macdef init
bin
lcd /<solaris-local-file-path>
cd /<non-root-path-on-windows-box>
put <file-name>
quit
<press enter twice then save file :wq!>
Step 4
Create a file, I'll call it ftpbatch with the following text in the home area
#!/usr/bin/ksh
# Comments.....
# links to the .netrc file in the ftpuser home area
echo "`date` : Start script"
ftp <IPAddress> <Port number if different from default>
echo "`date` : Finish script"
Make sure you set the correct permissions on the file:
chmod 755 ftpbatch
If you don't want anyone else to read the contents set the permissions as:
chmod 700 ftpbatch
Step 5
To schedule the task crontab needs to used - by default I've found that a text editor is not specified in the user environment. I enabled this by editing the .profile file of ftpuser (in the accounts home directory).
To obtain the vi path type:
which vi
Output was:
/usr/bin/vi
Either make a temporary change so crontab uses vi or permenately add the entry in the .profile export EDITOR=/usr/bin/vi
If you add the entry into the .profile then run: . .profilewhich will reload the environmental settings.
You can now edit the crontab settings by running: crontab -e
The request is for the job to run at 0600hrs every week (Tuesday - Saturday) and the crontab has edited as follows:
# Comments
00 6 * * 2-6 /export/home/ftpuser/ftpbatch >> /tmp/error.log 2>&1
The double >> will append an entry to the log file
Step 6
Store the passwords in a safe location
Basic steps
1. create a user account on the receiving (Windows) box
2. create a user account on the sending (Solaris) box
3. create a .netrc file
4. create a batch file
5. edit the crontab file (Solaris account)
6. store passwords in a secure location
Step 1
Create the Windows user account and give it permissions to required area - in this case a FTP site was setup on a IIS box with the account having rights to the site.
Step 2
I created a user account, ftpjob, on the Solaris box and made sure the account had rights on the relevant area.
ls -al (will show you permissions)
In this case the account created belonged to the group that had ownership along the full path.
It's home area was /export/home/ftpjob
Step 3
create the .netrc file in the root of the accounts home area (which allows for automating of the job).
touch .netrc
Change the file permissions
chmod 600 .netrc
I added the following text to the file:
machine <name or ip> login <windows user account> password <windows user account> macdef init
bin
lcd /<solaris-local-file-path>
cd /<non-root-path-on-windows-box>
put <file-name>
quit
<press enter twice then save file :wq!>
Step 4
Create a file, I'll call it ftpbatch with the following text in the home area
#!/usr/bin/ksh
# Comments.....
# links to the .netrc file in the ftpuser home area
echo "`date` : Start script"
ftp <IPAddress> <Port number if different from default>
echo "`date` : Finish script"
Make sure you set the correct permissions on the file:
chmod 755 ftpbatch
If you don't want anyone else to read the contents set the permissions as:
chmod 700 ftpbatch
Step 5
To schedule the task crontab needs to used - by default I've found that a text editor is not specified in the user environment. I enabled this by editing the .profile file of ftpuser (in the accounts home directory).
To obtain the vi path type:
which vi
Output was:
/usr/bin/vi
Either make a temporary change so crontab uses vi or permenately add the entry in the .profile export EDITOR=/usr/bin/vi
If you add the entry into the .profile then run: . .profilewhich will reload the environmental settings.
You can now edit the crontab settings by running: crontab -e
The request is for the job to run at 0600hrs every week (Tuesday - Saturday) and the crontab has edited as follows:
# Comments
00 6 * * 2-6 /export/home/ftpuser/ftpbatch >> /tmp/error.log 2>&1
The double >> will append an entry to the log file
Step 6
Store the passwords in a safe location
Wednesday 22 February 2012
Setting auto-boot within Solaris 10
As the example states within the eeprom man page:
eeprom "auto-boot?"=true
When the eeprom command is executed in user mode, the parameters with a trailing question mark (?) need to be enclosed in double quotation marks (" ") to prevent the shell from interpreting the question mark. Preceding the question mark with an escape character (\) will also prevent the shell
eeprom "auto-boot?"=true
When the eeprom command is executed in user mode, the parameters with a trailing question mark (?) need to be enclosed in double quotation marks (" ") to prevent the shell from interpreting the question mark. Preceding the question mark with an escape character (\) will also prevent the shell
Solaris - Useful commands
This page will grow as I find commands that are useful........
# groupadd -g 100 appsup
(Creates a group called appsup with a group ID number of 100)
Check user account:
# cat /etc/passwd
Create a new user:
# useradd - u 1000 -g 100 -d /export/home/newuser -s /usr/bin/bash -c "A new user" -m newuser
(Add a new user with the user ID of 1000, belonging to the group 100, with a home area /export/home/newuser, the default shell of bash, a account description of "A new user", with a username of newuser.
Changing a user account password
# passwd newuser
You will then be prompted to enter a new password, twice.
Changing ownership user and group ownership of a folder:
# chgrp dba /<folder>
# chown dbauser /<folder>
# prtconf -v
OR
# prtconf | head -3 |grep Mem
Check number of CPUs
# psrinfo -vp
Directory size query:
# du -hks /directory1/directory2
To check the version of Solaris:
# cat /etc/release
To check the run level:
# who -r
Check groups:
# cat /etc/groups
# mkdir /mp
# mount -F nfs <nfs-server-name>:/vol/mount_point /mp
# mkdir /dvd
# mount -F hsfs -o ro `lofiadm -a /mp/sol-10-u10-ga2-sparc-dvd.iso` /dvd
(All credit for this one goes to http://www.tech-recipes.com/rx/218/mount-an-iso-image-on-a-solaris-filesystem-with-lofiadm/)
Unmounting:
# umount /mnt
# lofiadm -d /<dir>/sol-10-u10-ga2-sparc-dvd.iso
# svcs -a | grep volfs
or
# svcs volfs
If the service is enabled then carry on, if not then enable the service
# svcadm enable volfs
Plug in the device
Check that it is mounted
# mount
/rmdisk/unnamed_rmdisk on /vol/dev/dsk/c9t0d0/unnamed_rmdisk:c read/write/setuid/devices/rstchown/hidden/nofoldcase/noatime/timezone=0/dev=16c1003 on Wed Sep 26 12:55:43 2012
Another check (media)
# volcheck -v
media was found
# mount
On the system I was using it popped up as
# /rmdisk/unnamed_rmdisk on /vol/dev/dsk/c9t0d0/unnamed_rmdisk:c read/write/setuid/devices/rstchown/hidden/nofoldcase/noatime/timezone=0/dev=16c1003 on Wed Sep 26 12:55:43 2012
Unmount the device
# umount /rmdisk/unnamed_rmdisk
Check media
# volcheck -v
no media was found
# cd / (make sure you not in the DVD path)
# umount /cdrom/cdrom0
# eject
Finding files (search for a file at the root level and below):
Finding files (search for a file in the /etc directory):
Creating:
Create a group:# groupadd -g 100 appsup
(Creates a group called appsup with a group ID number of 100)
Check user account:
# cat /etc/passwd
Create a new user:
# useradd - u 1000 -g 100 -d /export/home/newuser -s /usr/bin/bash -c "A new user" -m newuser
(Add a new user with the user ID of 1000, belonging to the group 100, with a home area /export/home/newuser, the default shell of bash, a account description of "A new user", with a username of newuser.
Changing a user account password
# passwd newuser
You will then be prompted to enter a new password, twice.
Changing ownership user and group ownership of a folder:
# chgrp dba /<folder>
# chown dbauser /<folder>
Queries:
To check RAM:# prtconf -v
OR
# prtconf | head -3 |grep Mem
Check number of CPUs
# psrinfo -vp
Directory size query:
# du -hks /directory1/directory2
To check the version of Solaris:
# cat /etc/release
To check the run level:
# who -r
Check groups:
# cat /etc/groups
Mount Points:
Creating a NFS mount point:# mkdir /mp
# mount -F nfs <nfs-server-name>:/vol/mount_point /mp
Mounting and Unmounting an ISO
Mounting:# mkdir /dvd
# mount -F hsfs -o ro `lofiadm -a /mp/sol-10-u10-ga2-sparc-dvd.iso` /dvd
(All credit for this one goes to http://www.tech-recipes.com/rx/218/mount-an-iso-image-on-a-solaris-filesystem-with-lofiadm/)
Unmounting:
# umount /mnt
# lofiadm -d /<dir>/sol-10-u10-ga2-sparc-dvd.iso
Mounting USB drive
Check that the volfs services are running# svcs -a | grep volfs
or
# svcs volfs
If the service is enabled then carry on, if not then enable the service
# svcadm enable volfs
Plug in the device
Check that it is mounted
# mount
/rmdisk/unnamed_rmdisk on /vol/dev/dsk/c9t0d0/unnamed_rmdisk:c read/write/setuid/devices/rstchown/hidden/nofoldcase/noatime/timezone=0/dev=16c1003 on Wed Sep 26 12:55:43 2012
Another check (media)
# volcheck -v
media was found
Dismounting USB drives
Check if anything is mounted# mount
On the system I was using it popped up as
# /rmdisk/unnamed_rmdisk on /vol/dev/dsk/c9t0d0/unnamed_rmdisk:c read/write/setuid/devices/rstchown/hidden/nofoldcase/noatime/timezone=0/dev=16c1003 on Wed Sep 26 12:55:43 2012
Unmount the device
# umount /rmdisk/unnamed_rmdisk
Check media
# volcheck -v
no media was found
Dismounting a local DVD drive
# cd / (make sure you not in the DVD path)
# umount /cdrom/cdrom0
# eject
Finding files
Finding files (search for a file in the current directory and below):
# find . -type f -name 'explorer'
Finding files (search for a file at the root level and below):
# find / -type f -name 'explorer'
Finding files (search for a file in the /etc directory):
# find /etc -type f -name 'explorer'
# <ok> boot net - install
Check version of LDOM
# pkginfo -l SUNWldm
Jumpstart - OS install command
Get to the <ok> prompt and type the following:# <ok> boot net - install
Logical Domains
Check version of LDOM
# pkginfo -l SUNWldm
Solaris - Creating a persistent mount point
On the Host server do the following:
Add the following
Restart the NFS service (if the service is running)
Solaris 9
On the Client do the following:
Add the following
After the Client server is rebooted the mount point will appear.
cd /etc/dfs vi dfstab
Add the following
share -F nfs /<directory>
Restart the NFS service (if the service is running)
Solaris 9
/etc/init.d/nfs.server stop;/etc/init.d/nfs.server startSolaris 10
svcadm restart network/nfs/server
On the Client do the following:
mkdir /<mount point> vi /etc/vfstab
Add the following
<host server>:/<shared directory> - /<mount point> nfs - yes rw,bg
After the Client server is rebooted the mount point will appear.
Solaris Zones - Fibre channel presentation
This process will persistently mount an FC LUN in a Non Global Zone
On the Global Zone present the required FC LUN, format as UFS and manually mount:
On the Global Zone add the newly formatted file system to the required Non Global Zone as type = UFS
On the Global Zone unmount the newly created file system, reboot the Non Global Zone and delete the now defunct mount point:
Login to the Non Global Zone and run the mount command to check the file system is mounted Read\Write
To remove a file system:
On the Global Zone present the required FC LUN, format as UFS and manually mount:
mkdir /<folder name> fcinfo hba-port fcinfo remote-port -slp <wwn> format newfs /dev/dsk/<device id> mount -f ufs /dev/dsk/<device id> /<folder name>
On the Global Zone add the newly formatted file system to the required Non Global Zone as type = UFS
global# zonecfg -z <my-zone> zonecfg:my-zone> add fs zonecfg:my-zone:fs> set dir=/<folder name> zonecfg:my-zone:fs> set special=/dev/dsk/<device id> zonecfg:my-zone:fs> set raw=/dev/rdsk/<device id> zonecfg:my-zone:fs> set type=ufs zonecfg:my-zone:fs> end
On the Global Zone unmount the newly created file system, reboot the Non Global Zone and delete the now defunct mount point:
umount /<folder name> zoneadm –z <my-zone> reboot rm –r /<folder name>
Login to the Non Global Zone and run the mount command to check the file system is mounted Read\Write
To remove a file system:
global# zonecfg -z <my-zone> zonecfg:my-zone> add fs
zonecfg:my-zone> remove fs dir=/<folder name>
zonecfg:my-zone> verify
zonecfg:my-zone> commit
Password reset
The resetting of a users password on Solaris is performed via the passwd command. You must be running as root to reset passwords other than for your own (or have the appropriate roles).
To set the password to a known value use
where username is the appropriate user name. Solaris will prompt you to supply a new password and will then ask for verification.
To clear a users password and allow them to reset it use the following commands
# passwd -f username
The first command deletes the users password (i.e. they will not require a password to log on). The second forces the user to change their password. So a user logging on via an interactive method (ssh, telnet etc) will not require a password but will be required to set one. This does not work for non-interactive logons such as FTP.
This approach should only be used when the user in question is able to set a new password at the time. If the user doesn't log on straight away and set a password then the account can be used by anyone who knows the username. Therefore this method should only be used where the user is being dealt with directly.
To set the password to a known value use
# passwd username
where username is the appropriate user name. Solaris will prompt you to supply a new password and will then ask for verification.
To clear a users password and allow them to reset it use the following commands
# passwd -d username
# passwd -f username
The first command deletes the users password (i.e. they will not require a password to log on). The second forces the user to change their password. So a user logging on via an interactive method (ssh, telnet etc) will not require a password but will be required to set one. This does not work for non-interactive logons such as FTP.
This approach should only be used when the user in question is able to set a new password at the time. If the user doesn't log on straight away and set a password then the account can be used by anyone who knows the username. Therefore this method should only be used where the user is being dealt with directly.
Setting auto-boot in the OpenBoot environment
From my, limited experience, by default the Oracle/Sun servers boot into the NVRAM OpenBoot environment or more commonly known as the <ok> prompt.
If the hardware gets restarted the Solaris OS will not, by default, boot up. The NVRAM OpenBoot environment auto-boot variable is set to false.
To view the OpenBoot environmental variables currently set type:
To specifically search for the auto-boot OpenBoot environmental variable type:
To change the auto-boot OpenBoot environmental variable to true type:
The system will now automatically boot into Solaris.
If the hardware gets restarted the Solaris OS will not, by default, boot up. The NVRAM OpenBoot environment auto-boot variable is set to false.
To view the OpenBoot environmental variables currently set type:
printenv
To specifically search for the auto-boot OpenBoot environmental variable type:
printenv auto-boot?
To change the auto-boot OpenBoot environmental variable to true type:
setenv auto-boot? true
The system will now automatically boot into Solaris.
Reset a frozen M or T series server running Solaris
If you cannot make a Putty connection to a Solaris server then the machine will need to be reset.
You can make a connection to either the XSCF (M Series) or ILOM (T Series) or via the Lantronix devices.
To connect via the XSCF/ILOM using Putty and the default naming convention is <servername>ilo. Login as iloadmin, password stored in the usual location.
XSCF
Check the status by:
If the server is frozen it will still show as running (as shown above).
To reset the server type:
Once the above command has completed you can then start a console session:
Wait for the <ok> prompt to appear and then type boot (To generate a core dump so you can investigate why the server froze then type sync at the <ok> prompt prior to the boot command).
You should be able to make a normal Putty connection shortly afterwards.
ILOM
Type the following commands:
Wait for the <ok> prompt to appear and then type boot (To generate a core dump so you can investigate why the server froze then type sync at the <ok> prompt prior to the boot command).
You should be able to make a normal Putty connection shortly afterwards.
You can make a connection to either the XSCF (M Series) or ILOM (T Series) or via the Lantronix devices.
To connect via the XSCF/ILOM using Putty and the default naming convention is <servername>ilo. Login as iloadmin, password stored in the usual location.
XSCF
Check the status by:
showdomainstatus -a DID Domain Status 00 Running
If the server is frozen it will still show as running (as shown above).
To reset the server type:
reset -d 0 xir-d 0 is the DID number (you don't have to type in both zero's)
Once the above command has completed you can then start a console session:
console -d 0
Wait for the <ok> prompt to appear and then type boot (To generate a core dump so you can investigate why the server froze then type sync at the <ok> prompt prior to the boot command).
You should be able to make a normal Putty connection shortly afterwards.
ILOM
Type the following commands:
cd HOST
set send_break_action=break
start /SP/console
Wait for the <ok> prompt to appear and then type boot (To generate a core dump so you can investigate why the server froze then type sync at the <ok> prompt prior to the boot command).
You should be able to make a normal Putty connection shortly afterwards.
Subscribe to:
Posts (Atom)