Oracle Solaris 11: Manage You Deployments With The Image Packaging System and The Automated Installer

Oracle Solaris 11
Manage You Deployments With The

Image Packaging System And The
Automated Installer
Michael Fitzgerald
Principal Solutions Consultant
1
Copyright 2011, Oracle and/or its affiliates. All rights

reserved.
Agenda
Requirements and Ideas
Updates & Upgrades
Boot Environments
SRUs
Deploying at Scale
IPS Repository Mirrors
Automated Installer
System Configuration
Zones
Additional Transition Tools and Resources

2

reserved.
Requirements and Big Ideas - Packaging
Updates & upgrades must be fast, reliable, reversible

Updates should be package updates, not patches
Packages dependencies should be handled automatically
Packages should be network-based
Plan
Update
Deploy
Image minimization should be easy
Seamless integration with Zones is required
Maintain
Test
Deliver practically identical experience
Use
on SPARC, x86

reserved.
Requirements and Big Ideas - Install

Low initial investment, great scalability for deployment
Ease-of-use is a priority for all features
Deployment must be well-integrated with best practices,

overall user experience
Plan
Limit install-specific features, knowledge
Integrated deployment of Zones is required

Leverage existing Solaris strengths
Update
Deploy
Maintain
Test
Use

reserved.
Value-engineering in Installation, Configuration

No longer a sum of independent parts
Simplified architecture
+ Improved automation
+ Improved safety
+ Improved flexibility
+ Improved integration
= Better user experience
On a Large Scale
5

reserved.
Rosetta Stone for Oracle Solaris 10 Users
Oracle Solaris 10
Oracle Solaris 11
SVR4 Packages
IPS Packages
Install DVD
Install CD + pkg repository
Live Upgrade
Boot Environments
Upgrade from installer
pkg(1), Update Manager
JumpStart
Automated Installer (AI)
JumpStart Profiles
AI manifests
Blueprints for custom DVD's
Distribution Constructor

reserved.
Agenda
Updates & Upgrades
Boot Environments
SRUs
Deploying at Scale
Automated Installer
Zones

7

reserved.
Safe Upgrades in a snap

ZFS Boot Environments Benefits
No initial investment
Updates are applied to a file system clone, no
interruption
Reboot into upgraded environment when youre
ready
Trivial roll-back if failure occurs
Integrated, enforced best practice for safety
Fast reboot reduces maintenance windows

Excellent for recovery purposes
8

reserved.
Active BE
Active BE
New BE
Active BE
Updated BE
Boot Environments
Make updates safe, reliable, recoverable
Different from/simpler than Solaris 10 Live Upgrade
Takes advantage of ZFS
Use liberally as an administrative safety net
Managed by beadm(1M), functionality includes:
List
Activate, Rename
Create, Destroy
Mount, Unmount

reserved.
beadm(1) Utility
10
Create a new boot environment based on the active boot environment

Create a new boot environment based on an inactive boot environment
Create a snapshot of an existing boot environment
Create a new boot environment based on an existing snapshot
Create a new boot environment, and copy it to a different zpool
Create a new boot environment and add a custom title to the
x86 GRUB menu or the SPARC boot menu
Activate an existing, inactive boot environment
Mount a boot environment
Unmount a boot environment
Destroy a boot environment
Destroy a snapshot of a boot environment
Rename an existing, inactive boot environment
Display information about your boot environment snapshots and datasets

reserved.
Listing Boot Environments

{badboy} beadm list
BE Active Mountpoint Space Policy Created
-- ------ ---------- ----- ------ ------b-140 11.51M static 2010-05-26 12:47
b-141 11.98M static 2010-06-10 15:40
b-142 10.14M static 2010-06-24 08:05
b-143 13.85M static 2010-07-12 09:47
b-144 1.48G static 2010-07-22 12:09
b-145 14.64M static 2010-08-03 22:23
b-146 10.43M static 2010-08-20 15:31
b-147 12.29M static 2010-09-06 19:28
b-148 13.11M static 2010-09-23 17:05
b-149 14.49M static 2010-09-30 18:53
b-150 11.83M static 2010-10-15 10:32
b-151 130.94M static 2010-11-15 10:10
b-152 NR /
56.03G static 2010-11-17 16:32
11

reserved.
More Fun with beadm

{badboy} beadm activate b-151
{badboy} beadm mount b-151 /tmp/mnt
{badboy} beadm list
BE Active Mountpoint Space Policy Created
-- ------ ---------- ----- ------ ------b-140 11.51M static 2010-05-26 12:47
b-141 11.98M static 2010-06-10 15:40
b-142 10.14M static 2010-06-24 08:05
b-143 13.85M static 2010-07-12 09:47
b-144 1.48G static 2010-07-22 12:09
b-145 14.64M static 2010-08-03 22:23
b-146 10.43M static 2010-08-20 15:31
b-147 12.29M static 2010-09-06 19:28
b-148 13.11M static 2010-09-23 17:05
b-149 14.49M static 2010-09-30 18:53
b-150 11.83M static 2010-10-15 10:32
b-151 R
/tmp/mnt 53.82G static 2010-11-15 10:10
b-152 N
/
1.71G static 2010-11-17 16:32
12

reserved.
Live Upgrade -> Boot Environments

Oracle Solaris 10
Oracle Solaris 11
Description
lucreate n newBE
beadm create newBE
Create a new BE
lustatus
beadm list
Display BE info
luactivate newBE
beadm activate newBE
Activate a BE
ludelete BE
beadm destroy BE
Destroy an inactive BE
luupgrade or patchadd
pkg update
Upgrade or update a BE
13

reserved.
pkg(1)
To install an individual package:
pkg install communication/im/pidgin
To check for individual updates:
pkg info r communication/im/pidgin
To update an individual package:
pkg update communication/im/pidgin
Test Run an image update:

pkg update nv
Update (all packages, or the complete image):
pkg update
14

reserved.
Oracle Solaris 11 Lifecycle Management

Improved updates with IPS
6:00: pkg update
New Security
Patch
Maintenance
window: 6-7pm
6:00-6:02: Dependency checks,

patch/update planning
6:04-6:06: reboot
up and running again
6:02-6:04: New boot environment created,

updates downloaded and applied
4X Faster upgrades typical

Create ZFS boot environment to safely apply updates
Full dependency check of packages, crypto verified, auditable
Reboot updated ZFS boot environment
15

reserved.
Boot Environments in Non-global Zones

BE's automatically include installed/attached zones
Zone BE is linked to a global zone BE
Multiple zone BE's can be linked to a single
global zone BE
Zone administrator can create, mount, activate BE's
Active BE is within the context of the active global zone BE
16

reserved.
Agenda
Updates & Upgrades
Boot Environments
SRUs
Deploying at Scale
Automated Installer
Zones

17

reserved.
Maintenance Updates for Oracle Solaris 11

Oracle customers with an active Oracle support plan have
access to the support package repository
Register for the support repository at
http://pkg-register.oracle.com
SRU = Support Repository Update

Future Oracle Solaris 11 Releases
will be available in the support repository or a release
repository that provides the currently available OS
18

reserved.
Agenda
Updates & Upgrades
Boot Environments
SRUs
Deploying at Scale
Automated Installer
Zones

19

reserved.
Local IPS Repositories

Reasons for a local package repository
Security and Performance
Consistency and Replication
Custom Packages
Two Types of Repositories:
Origin
20

reserved.
Mirror
Create a Local IPS Repositories

Copy From Internet:
pkgrepo create /export/repoSolaris11
pkgrecv -s http://pkg.oracle.com/solaris11/release/ -d /export/repoSolaris11 '*
Copy From File:

Get file, and unzip and cat (if necessary)
lofiadm -a /export/repo2010_11/ sol-11-repo-full.iso
mount -F hsfs /dev/lofi/1 /mnt

rsync -aP /mnt/repo /export/repoSolaris11 or
cd /mnt/repo; tar cf - . | (cd /export/repoSolaris11; tar xfp -)
umount /mnt
lofiadm -d /dev/lofi/1
21

reserved.
Agenda
Updates & Upgrades
Boot Environments
SRUs
Deploying at Scale
Automated Installer
Zones

22

reserved.
Automated Installation (AI)

Reduce initial and ongoing costs of deploying Solarisbased software stack
Leverages ZFS, SMF, IPS features to provide enhanced
features vs. JumpStart
Reduces need for third-party or customer-developed extensions
Most scripting moved to first-boot SMF services
Integrated, seamless Zones deployment

WAN-capable design provides operational flexibility
Designed to be manageable and observable
installadm(1M) provides one-stop management interface
23

reserved.
AI Terminology
Client physical or virtual machine to be installed
Manifest XML specification of installation (storage layout,
software payload)
Profile SMF profile to pre-configure system services
Service server infrastructure needed to network boot an
installation client
Criteria mapping of clients to services, manifests and profiles
Repository IPS package repository
Bootable AI - service-less AI boot from media
Manifest included on media or downloaded from network location
24

reserved.
Basic Flow of Automated Installation
25

reserved.
Static Manifests
Default manifest provided with service
Installs solaris-large-server package set from Oracle's Solaris
repository to firmware-designated boot disk
Sysconfig invoked automatically at first boot to interactively configure
basic system
Manifest specifies:
Package repositories and lists; major group packages: solaris-smallserver, solaris-large-server, solaris-desktop
Target disk: choose by device path, volume id, type, vendor, size,
container/receptacle/occupant (CRO) label; ZFS configuration
Locales are installed/removed using package facets; all locales are
installed by default
26

reserved.
Derived Manifests
Dynamically generate manifest in a script
Scales AI management by reducing number of manifests
maintained by administrators
Most effective model is to load template manifest, modify
specific elements
Script uses the aimanifest(1M) command as interface
to generate AI manifest
Generated manifest located on the client at:
/system/volatile/manifest.xml
27

reserved.
Agenda
Updates & Upgrades
Boot Environments
SRUs
Deploying at Scale
Automated Installer
Zones

28

reserved.
New System Configuration Framework & UI

Replaces sysidtool/sysidcfg/sys-unconfig
sysconfig(1m) interactive UI
configure, unconfigure, create-profile subcommands
Interactive tool provides basic, required system

configuration. UI similar to Text Installer.
Profiles can configure any SMF service property
sysconfig unconfigure reverts the properties
configured by the interactive UI to shipped defaults
--destructive option requests more complete cleanup, e.g.
deleting initial user account's home directory
29

reserved.
System Configuration Profiles

Common parameters available in Oracle Solaris 11:
30
User account, including RBAC roles, profiles and sudo

Root user: password, role/normal
Timezone, locale
Hostname
Console terminal type, keyboard layout
IPv4 and/or IPv6 interface, default route
DNS, NIS, LDAP clients
Name service switch

reserved.
Creating a Configuration Profile with sysconfig

Easiest starting point
# sysconfig create-profile -o myprofile.xml
Runs the sysconfig UI, places output into specified profile

Edit further to add properties not configured by sysconfig
31

reserved.
Agenda
Updates & Upgrades
Boot Environments
SRUs
Deploying at Scale
Automated Installer
Zones

32

reserved.
Deploying Zones with AI

Zones can be specified in the AI manifest
<configuration type=zone name=zone1
source=http://server/zone1/config/>
<configuration type=zone name=zone2
source=file:///net/server/zone2/config/>
config file is the zone's configuration file as output

from zonecfg export
Automatically installed on first boot of the global zone
svc:/system/zones-install:default
33

reserved.
Deploying Zones with AI (2)

Use zonename criterion to associate manifests and
profiles with a zone
# installadm create-manifest -n S11-x86 -f /tmp/zmanifest.xml
-c zonename=zone1 zone2
# installadm create-profile -n S11-x86 -f /tmp/zprofile1.xml
-c zonename=zone1
# installadm create-profile -n S11-x86 -f /tmp/zprofile2.xml

-c zonename=zone2
34

reserved.
Deploying Zones with AI (3)

AI is also used when installing non-global zones from
existing global zone
Default manifest is
/usr/share/auto_install/manifest/zone_default.xml
Default profile enables interactive system

configuration during first boot
Provide alternate manifest and/or profile with
# zoneadm -z <zone> install -m <manifest> -c <profile>
35

reserved.
Agenda
Updates & Upgrades
Boot Environments
SRUs
Deploying at Scale
Automated Installer
Zones

36

reserved.
JumpStart to AI Mapping
JumpStart
37
Automated Installation
setup_install_server
installadm create-service
add_install_client
installadm create-client
JumpStart profile & rules
AI manifest & criteria
sysidcfg file
SMF configuration profile
Begin script
Derived Manifests, custom

images from Distribution
Constructor
Finish script
pkg actions, First-boot SMF

services

reserved.
Steps to Convert from Solaris 10 JumpStart

Deploy S11 server instance to host AI service
Use as JumpStart server as well
38
Translate rules to criteria

Translate profiles to manifests
Translate sysidcfg to SMF profile
Publish manifests and profiles to AI service
Convert finish scripts to SMF service(s)
Publish SMF service package to IPS repository

reserved.
js2ai JumpStart to AI translation tool

Automatically converts existing JumpStart rules,
profiles, sysidcfg files to AI equivalents
Conversion is best-effort, with instructions on issues
that need manual resolution
Result is a directory hierarchy with AI profiles, system
config manifests, log of the tool's actions
See js2ai(1m)
39

reserved.
Distribution Constructor (DC)

Tool to easily construct installation images and virtual
machine images
Used by Solaris engineering to build the product
Use DC to build AI (or interactive install) images

customized with additional drivers or services
XML manifest (similar to AI) specifies construction
Checkpoint/resume feature nicely leverages ZFS!
Fully extensible plug your own customizations into build
process
See distro_const(1M) for more information
40

reserved.
Building and Using a Custom AI Boot Image

Install Distribution Constructor
pkg install distribution-constructor
Copy base AI image manifest, customize

Basic SPARC manifest at
/usr/share/distro_const/auto_install/ai_sparc_image.xml
Build the image:

distro_const build my_ai_image.xml
Deploy to AI service:
installadm create-service ...
41

reserved.
Technical Article Available

How To Create a Customized Oracle Solaris 11
Image Using the Distribution Constructor
http://www.oracle.com/technetwork/articles/servers-storage-admin/o11087-sol11-dist-const-496819.html
42

reserved.
Documentation Available
Transitioning From Oracle Solaris 10 JumpStart to
Oracle Solaris 11 Automated Installer
http://docs.oracle.com/cd/E23824_01/html/E21799/index.html
43

reserved.
Technical Article Available

How to Perform System Archival and Recovery
Procedures with Oracle Solaris 11
http://www.oracle.com/technetwork/articles/servers-storage-admin/o11091-sol-dis-recovery-489183.html
44

reserved.
Summary
45

reserved.
Simplified Administration, Service Provisioning
46

reserved.
Summary
Oracle Solaris 11 deployment is different from Solaris 10
Little required customization work to start deploying
Powerful, stable, supported capabilities for those who need to
customize
Transition documentation, tools are provided

Feature set will expand & evolve
Boot Environments allow for fast, efficient, and foolproof software upgrades
47

reserved.
For More Information / Try Out Today

Product overview and download
oracle.com/solaris
Oracle Technology Network

oracle.com/technetwork/server-storage/solaris11
System administrators community

oracle.com/technetwork/systems
@ORCL_Solaris
facebook.com/oraclesolaris
Oracle Solaris Insider
48

reserved.
48
49

reserved.
One Installation Engine; Three Installers

Each with its own features and capabilities
Each delivering its own benefits for specific needs
Interactive
Live Media Desktop, GUI tools
Text Installer Headless servers
Automated
Automated Installer Large-scale deployments
Distribution Constructor lets you build your own
installation media, behaving like any of these categories
50

reserved.
Two types of interactive installers

1 - Text-based UI for server systems (SPARC & x86)
2 - GUI for x86 desktop/laptop systems
Principle: Install fixed software payload with basic
configuration, customize after installation
GUI installs desktop/laptop-appropriate software
(solaris-desktop group package), automatic network configuration
Text installer installs server-appropriate software
(solaris-large-server group package), choice of automatic or
manual network & name service configuration
Both provide configuration of initial user account, with

administrative privileges via sudo
51

reserved.
Two types of interactive installers

Live Media GUI Install
Text-based Install
52

reserved.

Oracle Solaris 11: Manage You Deployments With The Image Packaging System and The Automated Installer

Hochgeladen von

Dokumentinformationen

Originaltitel

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

Oracle Solaris 11: Manage You Deployments With The Image Packaging System and The Automated Installer

Hochgeladen von

Copyright:

Verfügbare Formate

Oracle Solaris 11

Manage You Deployments With The

Copyright 2011, Oracle and/or its affiliates. All rights

Additional Transition Tools and Resources

Copyright 2011, Oracle and/or its affiliates. All rights

Requirements and Big Ideas - Packaging

Updates & upgrades must be fast, reliable, reversible

Copyright 2011, Oracle and/or its affiliates. All rights

Requirements and Big Ideas - Install

Deployment must be well-integrated with best practices,

Integrated deployment of Zones is required

Copyright 2011, Oracle and/or its affiliates. All rights

Value-engineering in Installation, Configuration

Copyright 2011, Oracle and/or its affiliates. All rights

Rosetta Stone for Oracle Solaris 10 Users

Install CD + pkg repository

Upgrade from installer

pkg(1), Update Manager

Automated Installer (AI)

Blueprints for custom DVD's

Copyright 2011, Oracle and/or its affiliates. All rights

Additional Transition Tools and Resources

Copyright 2011, Oracle and/or its affiliates. All rights

Safe Upgrades in a snap

Fast reboot reduces maintenance windows

Copyright 2011, Oracle and/or its affiliates. All rights

Managed by beadm(1M), functionality includes:

Copyright 2011, Oracle and/or its affiliates. All rights

Create a new boot environment based on the active boot environment

Copyright 2011, Oracle and/or its affiliates. All rights

Listing Boot Environments

Copyright 2011, Oracle and/or its affiliates. All rights

More Fun with beadm

Copyright 2011, Oracle and/or its affiliates. All rights

Live Upgrade -> Boot Environments

beadm create newBE

beadm activate newBE

Copyright 2011, Oracle and/or its affiliates. All rights

Test Run an image update:

Copyright 2011, Oracle and/or its affiliates. All rights

Oracle Solaris 11 Lifecycle Management

6:00-6:02: Dependency checks,

6:02-6:04: New boot environment created,

4X Faster upgrades typical

Copyright 2011, Oracle and/or its affiliates. All rights

Boot Environments in Non-global Zones

Copyright 2011, Oracle and/or its affiliates. All rights

Additional Transition Tools and Resources

Copyright 2011, Oracle and/or its affiliates. All rights

Maintenance Updates for Oracle Solaris 11

SRU = Support Repository Update

Copyright 2011, Oracle and/or its affiliates. All rights

Additional Transition Tools and Resources

Copyright 2011, Oracle and/or its affiliates. All rights

Local IPS Repositories

Copyright 2011, Oracle and/or its affiliates. All rights

Create a Local IPS Repositories

Copy From File:

mount -F hsfs /dev/lofi/1 /mnt

Copyright 2011, Oracle and/or its affiliates. All rights

Additional Transition Tools and Resources

Copyright 2011, Oracle and/or its affiliates. All rights

Automated Installation (AI)