You are on page 1of 134

Sun Virtualization: Solaris 10 Logical Domains Administration SA-345-S10

Student Workbook

Sun Microsystems, Inc. UBRM05-104 500 Eldorado Blvd. Broomeld, CO 80021 U.S.A. Revision A.1

June 13, 2008 7:31 pm

Copyright 2008 Sun Microsystems, Inc. 4150 Network Circle, Santa Clara, California 95054, U.S.A. All rights reserved. This product or document is protected by copyright and distributed under licenses restricting its use, copying, distribution, and decompilation. No part of this product or document may be reproduced in any form by any means without prior written authorization of Sun and its licensors, if any. Third-party software, including font technology, is copyrighted and licensed from Sun suppliers. Sun, Sun Microsystems, the Sun logo, Java, Solaris, Ultra, SunOS, Sun Enterprise Authentication Agent, Solstice Enterprise Agents, Netra, OpenBoot, Sun Fire, N1, SunScreen EFS, BigAdmin, and JumpStart are trademarks or registered trademarks of Sun Microsystems, Inc. in the U.S. and other countries. All SPARC trademarks are used under license and are trademarks or registered trademarks of SPARC International, Inc. in the U.S. and other countries. Products bearing SPARC trademarks are based upon an architecture developed by Sun Microsystems, Inc. UNIX is a registered trademark in the U.S. and other countries, exclusively licensed through X/Open Company, Ltd. PostScript is a trademark or registered trademark of Adobe Systems, Incorporated, which may be registered in certain jurisdictions. Federal Acquisitions: Commercial Software Government Users Subject to Standard License Terms and Conditions Export Laws. Products, Services, and technical data delivered by Sun may be subject to U.S. export controls or the trade laws of other countries. You will comply with all such laws and obtain all licenses to export, re-export, or import as may be required after delivery to You. You will not export or re-export to entities on the most current U.S. export exclusions lists or to any country subject to U.S. embargo or terrorist controls as specified in the U.S. export laws. You will not use or provide Products, Services, or technical data for nuclear, missile, or chemical biological weaponry end uses. DOCUMENTATION IS PROVIDED AS IS AND ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS, AND WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE DISCLAIMED, EXCEPT TO THE EXTENT THAT SUCH DISCLAIMERS ARE HELD TO BE LEGALLY INVALID. THIS MANUAL IS DESIGNED TO SUPPORT AN INSTRUCTOR-LED TRAINING (ILT) COURSE AND IS INTENDED TO BE USED FOR REFERENCE PURPOSES IN CONJUNCTION WITH THE ILT COURSE. THE MANUAL IS NOT A STANDALONE TRAINING TOOL. USE OF THE MANUAL FOR SELF-STUDY WITHOUT CLASS ATTENDANCE IS NOT RECOMMENDED. Export Commodity Classification Number (ECCN) assigned: July 30, 2007

Please Recycle

Copyright 2008 Sun Microsystems Inc. 4150 Network Circle, Santa Clara, California 95054, Etats-Unis. Tous droits rservs. Ce produit ou document est protg par un copyright et distribu avec des licences qui en restreignent lutilisation, la copie, la distribution, et la dcompilation. Aucune partie de ce produit ou document ne peut tre reproduite sous aucune forme, par quelque moyen que ce soit, sans lautorisation pralable et crite de Sun et de ses bailleurs de licence, sil y en a. Le logiciel dtenu par des tiers, et qui comprend la technologie relative aux polices de caractres, est protg par un copyright et licenci par des fournisseurs de Sun. Sun, Sun Microsystems, the Sun logo, Java, Solaris, Ultra, SunOS, Sun Enterprise Authentication Agent, Solstice Enterprise Agents, Netra, OpenBoot, Sun Fire, N1, SunScreen EFS, BigAdmin, et JumpStart sont des marques de fabrique ou des marques dposes de Sun Microsystems, Inc. aux Etats-Unis et dans dautres pays. Toutes les marques SPARC sont utilises sous licence sont des marques de fabrique ou des marques dposes de SPARC International, Inc. aux Etats-Unis et dans dautres pays. Les produits portant les marques SPARC sont bass sur une architecture dveloppe par Sun Microsystems, Inc. UNIX est une marques dpose aux Etats-Unis et dans dautres pays et licencie exclusivement par X/Open Company, Ltd. PostScript est une marque fabrique dAdobe Systems, Incorporated, laquelle pourrait tre dpose dans certaines juridictions. Lgislation en matire dexportations. Les Produits, Services et donnes techniques livrs par Sun peuvent tre soumis aux contrles amricains sur les exportations, ou la lgislation commerciale dautres pays. Nous nous conformerons lensemble de ces textes et nous obtiendrons toutes licences dexportation, de r-exportation ou dimportation susceptibles dtre requises aprs livraison Vous. Vous nexporterez, ni ne r-exporterez en aucun cas des entits figurant sur les listes amricaines dinterdiction dexportation les plus courantes, ni vers un quelconque pays soumis embargo par les Etats-Unis, ou des contrles anti-terroristes, comme prvu par la lgislation amricaine en matire dexportations. Vous nutiliserez, ni ne fournirez les Produits, Services ou donnes techniques pour aucune utilisation finale lie aux armes nuclaires, chimiques ou biologiques ou aux missiles. LA DOCUMENTATION EST FOURNIE EN LETAT ET TOUTES AUTRES CONDITIONS, DECLARATIONS ET GARANTIES EXPRESSES OU TACITES SONT FORMELLEMENT EXCLUES, DANS LA MESURE AUTORISEE PAR LA LOI APPLICABLE, Y COMPRIS NOTAMMENT TOUTE GARANTIE IMPLICITE RELATIVE A LA QUALITE MARCHANDE, A LAPTITUDE A UNE UTILISATION PARTICULIERE OU A LABSENCE DE CONTREFAON. CE MANUEL DE RFRENCE DOIT TRE UTILIS DANS LE CADRE DUN COURS DE FORMATION DIRIG PAR UN INSTRUCTEUR (ILT). IL NE SAGIT PAS DUN OUTIL DE FORMATION INDPENDANT. NOUS VOUS DCONSEILLONS DE LUTILISER DANS LE CADRE DUNE AUTO-FORMATION.

Please Recycle

Table of Contents
About This Lab ....................................................................Preface-vii Lab Goals............................................................................... Preface-vii Conventions ......................................................................... Preface-viii Icons ............................................................................. Preface-viii Typographical Conventions ........................................ Preface-ix Exercise: Virtualization Trends in the Data Center .......................1-1 Exercise: Logical Domains Fundamentals ....................................2-1 Exercise: Preparing the System to Support LDoms .....................3-1 Objective............................................................................................. 3-1 Preparation................................................................................. 3-2 Task 1 Gather System Hardware and Software Configuration Information ................................................... 3-4 Task 2 Upgrade the System Controller Firmware............. 3-6 Task 3 Install the Logical Domain Management Software...................................................................................... 3-8 Task 4 Configure LDoms User Authorizations ................. 3-9 Exercise Summary............................................................................ 3-12 Exercise Solutions ............................................................................ 3-13 Task 1 Solutions.................................................................... 3-13 Task 2 Solutions................................................................... 3-17 Task 3 Solutions.................................................................... 3-20 Task 4 Solutions................................................................... 3-24 Exercise: Setting Up the Control and Service Logical Domain ...4-1 Objectives ........................................................................................... 4-1 Preparation................................................................................. 4-1 Task 1 Create Default Virtual Services ............................... 4-2 Task 2 Setup the Control Domain........................................ 4-3 Task 3 Configure the Virtual Switch as a Primary Network Interfaces .................................................................. 4-5 Task 4 Enable the Virtual Network Terminal Server........ 4-6 Exercise Summary.............................................................................. 4-7

v
Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Exercise Solutions .............................................................................. 4-8 Task 1 Solutions...................................................................... 4-8 Task 2 Solutions.................................................................... 4-13 Task 3 Solutions.................................................................... 4-18 Task 4 Solutions.................................................................... 4-19 Exercise: Creating a Guest Logical Domain ................................. 5-1 Objectives ........................................................................................... 5-1 Preparation................................................................................. 5-1 Task 1 Create a Guest Domain............................................. 5-2 Task 2 JumpStart the Guest Domain ................................... 5-5 Task 3 Explore the Guest Domain ....................................... 5-6 Exercise Summary.............................................................................. 5-8 Exercise Solutions .............................................................................. 5-9 Task 1 Solutions...................................................................... 5-9 Task 2 Solutions.................................................................... 5-14 Task 3 Solutions.................................................................... 5-18 Exercise: Performing Advanced Logical Domain Tasks.............. 6-1 Objectives ........................................................................................... 6-1 Preparation................................................................................. 6-1 Task 1 Switch Between Control and Guest Domains ....... 6-2 Task 2 Reconfigure Logical Domain Virtual CPUs........... 6-3 Task 3 Reconfigure Logical Domain Memory ................... 6-4 Task 4 Create a Split PCI Configuration............................ 6-6 Task 5 Use a File as a Virtual Disk....................................... 6-8 Task 6 Export a ZFS File System as a Virtual Disk.......... 6-10 Task 7 Remove and Restore a Guest Logical Domain .... 6-13 Task 8 Reset the System to the Factory Default Configuration ....................................................................... 6-13 Exercise Summary............................................................................ 6-15 Exercise Solutions ............................................................................ 6-16 Task 1 Solutions.................................................................... 6-16 Task 2 Solutions.................................................................... 6-16 Task 3 Solutions.................................................................... 6-20 Task 4 Solutions.................................................................... 6-24 Task 5 Solutions.................................................................... 6-33 Task 6 Solutions.................................................................... 6-37 Task 7 Solutions.................................................................... 6-42 Task 8 Solutions.................................................................... 6-44 Exercise: Bonus Lab .......................................................................A-1 Objectives .......................................................................................... A-1 Preparation................................................................................ A-1 Logical Domain Configuration Scenario ....................................... A-2 Configuration Details .............................................................. A-2 Final Assessment...................................................................... A-4

vi

Sun Virtualization: Solaris 10 Logical Domains Administration


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Preface

About This Lab


Lab Goals
Upon completion of these labs, you should be able to:

Gather system hardware and software conguration information Upgrade the system controller rmware Install operating system patches Install the logical domain management software Congure LDoms user authorizations Create default virtual services Setup the control domain Congure the virtual switch as a network Interface Enable the virtual network terminal server Create a guest domain JumpStart the guest domain Explore the guest domain Recongure logical domain virtual CPUs Recongure logical domain memory Create a split PCI conguration Use ZFS le systems as virtual disks Congure virtual networks Remove logical domains

Preface-vii
Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Conventions

Conventions
The following conventions are used in this course to represent various training elements and alternative learning resources.

Icons
Additional resources Indicates other references that provide additional information on the topics described in the module.

!
?

Discussion Indicates a small-group or class discussion on the current topic is recommended at this time.

Preface-viii

Sun Virtualization: Solaris 10 Logical Domains Administration


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Conventions

Typographical Conventions
Courier is used for the names of commands, les, directories, programming code, and on-screen computer output; for example: Use ls -al to list all les. system% You have mail. Courier is also used to indicate programming constructs, such as class names, methods, and keywords; for example: The getServletInfo method gets author information. The java.awt.Dialog class contains Dialog constructor. Courier bold is used for characters and numbers that you type; for example: To list the les in this directory, type: # ls Courier bold is also used for each line of programming code that is referenced in a textual description; for example: 1 import java.io.*; 2 import javax.servlet.*; 3 import javax.servlet.http.*; Notice the javax.servlet interface is imported to allow access to its life cycle methods (Line 2). Courier italics is used for variables and command-line placeholders that are replaced with a real name or value; for example: To delete a le, use the rm filename command. Courier italic bold represents variables whose values are to be entered by the student as part of an activity; for example: Type chmod a+rwx filename to grant read, write, and execute rights for lename to world, group, and users. Palatino italics is used for book titles, new words or terms, or words that you want to emphasize; for example: Read Chapter 6 in the Users Guide. These are called class options.

About This Lab


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Preface-ix

Lab 1

Exercise: Virtualization Trends in the Data Center


No lab exercise is planned for Module 1.

1-1
Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Lab 2

Exercise: Logical Domains Fundamentals


No lab exercise is planned for Module 2.

2-1
Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Lab 3

Exercise: Preparing the System to Support LDoms


Objective
In this exercise, you will perform the following tasks:

Gather system hardware and software conguration information Upgrade the system controller rmware Install operating system patches Install the logical domain management software Congure LDoms user authorizations

3-1
Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Objective

Preparation
During this exercise you work with lab equipment located in Suns Remote Lab Data Center (RLDC). The RLDC is remote from your present location. To successfully complete the following tasks, you should familiarize yourself with the RLDC lab topology. Figure 3-1 shows the major components that make up the lab topology are congured.

Classroom System (WAN)

Switch
Subnet 192.168.100.0
0 1 2 3 0 1 2 3 0 1 2 3 0 1 2 3 0 1 2 3 0 1 2 3
net mgmt serial

Terminal Server

Sun Fire T2000 #1

Port 1

Sun Fire T2000 #2

net mgmt serial Port 2

SC Net Mgmt Ethernet

Sun Fire T2000 #3

net mgmt serial

Serial Consoles

Port 3

Sun Fire T2000 #4

net mgmt serial

Port 4

Sun Fire T2000 #5

net mgmt serial Port 5

Sun Fire T2000 #6

net mgmt serial Port 6

Figure 3-1

Course SA-345-S10 Lab Topology

3-2

Sun Virtualization: Solaris 10 Logical Domains Administration


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Objective Table 3-1 shows the IP addresses assigned to the RLDC lab Sun Fire T2000 system controller (SC) network management (net mgmt) port and the login credentials. Table 3-1 Sun Fire T2000 System Controller IP Address Assignments Sun Fire T2000 Machine1 Machine2 Machine3 Machine4 Machine5 Machine6 SC IP Address 192.168.100.10 192.168.100.20 192.168.100.30 192.168.100.40 192.168.100.50 192.168.100.60 SC Login Credentials admin/cangetin admin/cangetin admin/cangetin admin/cangetin admin/cangetin admin/cangetin Host Name host01 host02 host03 host04 host05 host06 OS Login Credentials root/cangetin root/cangetin root/cangetin root/cangetin root/cangetin root/cangetin

Note Most of the steps in the following tasks should be performed using the Terminal Server. If the terminal server is not available, you can log directly in to the system controller and perform the appropriate steps. Verify the following les are located in the /opt/ses/lab directory:

136927-01.zip Sun Fire T2000 system controller rmware upgrade version 6.6.1.

Verify the following les are located in the /opt/ses/software directory:

LDoms_Manager-1_0_3.zip Logical Domains Manager 1.0.3 software.

Before You Begin


Before you begin Task 1, complete the following lab conguration information. See your instructor if you need help. You are assigned a Sun Fire T2000 server:

Sun Fire T2000 assignment:machine # _____ Solaris login credentialsroot/cangetin System Controller (SC) IP address _______________

Exercise: Preparing the System to Support LDoms


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

3-3

Objective

SC login credentials

admin/cangetin

Terminal Server:

IP address Serial port # to SC

192.168.100.5 _____

Note Examples shown in this exercise are from lab machine 4. The command responses shown in the Exercise Solutions on page Lab 3-13 are examples only. Depending upon your lab conguration, the responses to the commands in the labs might vary slightly.

Task 1 Gather System Hardware and Software Configuration Information


In this task you explore your assigned lab equipment and determine if the hardware and software meet the requirements necessary for creating logical domains. Figure 3-2 shows the major components that make up the Sun Fire T2000 server.

Operating System

System Controller

Hypervisor

Physical Resourses
(CPUs, LANs, Storage)

Figure 3-2

Sun Fire T2000 Major Components

Perform the following steps: 1. Log in to your assigned system in the classroom. From the classroom system, log in to the system controller (SC) of your assign lab machine. Contact your instructor if you need help.

3-4

Sun Virtualization: Solaris 10 Logical Domains Administration


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Objective After you log in to the SC, you should see the sc> prompt. If you do not see the sc> prompt, you might have an open console to the system. In this case, type #. to return to the SC. 2. Run the showhost command and obtain the following information: Server Model: System Firmware: ______________ ______________

Do the server model and rmware release meet the requirements for creating logical domains? _____ 3. 4. 5. 6. Run the poweron command to verify the system power is running. Run the console -f command to open a console to the system. If the system is at the ok prompt, boot the operation system. Log in to the operating system as root. Display the contents of the /etc/release le. Does this OS release meet the requirement for installing the Logical Domains Manager 1.0.3 software? _____ 7. Run the prtdiag command to determine the following conguration information:

Platform group: Memory size: Number of available CPU cores:

______ ______ ______

8.

Run the format command to determine what disks are installed in the system.

Note The device pathing information shown below is from a Sun Fire T2000 Server with 2 CPUs and 4 Gbytes of memory. The device pathing information may differ based on the server systems disks. Note the disk drives: _________ __________ _________ Which of these disk drives resides on PCI bus pci@780? _____ Which of these disk drives resides on PCI bus pci@7c0? _____ Select drive #1 and quit the format utility. 9. Use the dladm show-link command to verify the network devices are compliant with logical domain requirements.

10. Run the grep e1000g /etc/path_to_inst command to determine on which PCI bus the network interfaces reside.

Exercise: Preparing the System to Support LDoms


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

3-5

Objective

Which network interfaces are attached to PCI bus pci@780? __________ _________ Which network interfaces are attached to PCI bus pci@7c0? __________ _________

11. Run the ifconfig -a command to identify which network interfaces are currently plumbed. Name Network interface: ______ IP Address __________

The network interface is connected to which PCI bus? _________ Note At this point, you have gathered the conguration information required to complete the remaining tasks in this course. This information will be required in later exercises.

Task 2 Upgrade the System Controller Firmware


In this task you upgrade the system controller rmware on your assigned lab equipment. Upgrading the system controller rmware can be performed by two methods:

Load the rmware from a local FTP server Load the rmware from the operating system

3-6

Sun Virtualization: Solaris 10 Logical Domains Administration


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Objective In this task you upgrade the system controller rmware from the operating system. See Figure 3-3.

Solaris 10 OS
Firmware File

Classroom

System Controller

Hypervisor

Physical Resourses
(CPUs, LANs, Storage)

Figure 3-3

System Controller Firmware Upgrade

Perform the following steps: 1. Verify that you are logged in to the Sun Fire T2000s operating system of your assigned lab machine as root. If not, log in at this time. Unzip the 136927-01.zip archive located in the /opt/ses/lab directory to the /var/tmp directory. Move to the 136927-01 directory and list the contents. Note that the sysfwdownload.README le details this procedure. Run the sysfwdownload utility to download the Sun_System_Firmware-6_6_1-Sun_Fire_T2000.bin le to the system controller. Shut down the operating system. After the operating system is down, type #. to move back to the system controller. Use the poweroff -fy command to verify that the system power is off. Run the flashupdate -s 127.0.0.1 command to upgrade the system controller rmware. Run the resetsc -y command to reset the system controller. If you are accessing the SC using the terminal server, log in to the system controller when prompted.

2. 3. 4.

5. 6. 7. 8. 9.

Exercise: Preparing the System to Support LDoms


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

3-7

Objective If you were logged in directly to the SC, log back in to the SC using telnet. 10. Run the showhost command to verify the system controller rmware level. 11. Run the poweron command to power the system back on. The system will perform power on self test (POST). POST takes a few minutes to complete. 12. Open a console to the system. If the system stops at the OpenBoot PROM ok prompt, boot the operating system. 13. Log in to the operating system as root.

Task 3 Install the Logical Domain Management Software


In this task you install the Logical Domains Manager 1.0.3 software in the Solaris 10 5/08 operating system. Before you begin this task, you must rst have successfully completed tasks 1 and 2 in this exercise. See Figure 3-4.

Figure 3-4

Logical Domain Management Software

Perform the following steps: 1. 2. Verify that you are logged in to the operating system of your assigned lab machine as root. If not, log in at this time. Unzip the LDoms_Manager-1_0_3.zip archive located in the /opt/ses/software directory to the /var/tmp directory.

3-8

Sun Virtualization: Solaris 10 Logical Domains Administration


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Objective 3. Change to the LDoms_Manager-1_0_3/Product directory and run the /var/tmp/LDoms_Manager-1_0_3/Install/install-ldm installation script to install the Logical Domains Manager 1.0.3 software. During the installation, you will be asked to choose one of the following options: a) Hardened Solaris conguration for LDoms (recommended) b) Standard Solaris conguration c) Your custom-dened Solaris security conguration prole Select option a. 4. 5. Reboot the Sun Fire T2000. Log in to the Sun Fire T2000s operating system as root. Because the operating system has been hardened, you are required to set a new password for root. Make the new root password cangetin@sun.

Note At this point, the system has been transformed from a standard Solaris 10 Operating System to a Solaris 10 Control Domain. 6. 7. 8. Verify that the logical domain daemon (ldmd) has been automatically started. Verify the logical domain management utility is operational by running the /opt/SUNWldm/bin/ldm list command. Add the /opt/SUNWldm/bin path to the root account $PATH variable. Also, add /opt/SUNWldm/man to the root account $MANPATH variable.

Note Using the vi editor over a VNC link is somewhat unwieldy. Refer to Step 8 of the Task 3 Solutions on page 20 for the appropriate vi commands for updating the .profile le. 9. Run the . $HOME/.profile command to force the system to reexamine your environment variables.

Task 4 Configure LDoms User Authorizations


You can congure LDoms user authorization by three methods:

Exercise: Preparing the System to Support LDoms


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

3-9

Objective

You can add LDoms read or read/write privilege to a specic user. You can assign an LDom read or read/write prole for a user. You can create a Solaris Role-Based Access Control (RBAC) role with LDoms read or read/write privilege and assign the role to a user.

In this task you create three new user accounts and authorize each user to manage LDoms using one of the authorization methods. See Figure 3-5 on page Lab 3-10.

Logical Domain Management

Classroom

System Controller

Hypervisor

Physical Resourses
(CPUs, LANs, Storage)

Figure 3-5

User Authorizations

Perform the following steps: 1. 2. 3. Verify that you are logged in to the control domain of your assigned lab machine as root. If not, log in at this time. List the user and system logins currently congured in the operating system. Add three new users to the operating system named ldmadm1, ldmadm2, and ldmadm3. Set the new user passwords to cangetin.

3-10

Sun Virtualization: Solaris 10 Logical Domains Administration


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Objective 4. Verify that the new user ldmadm1 is unable to perform a basic LDom read operation by switching user (su) to ldmadm1 and running the /opt/SUNWldm/bin/ldm list command. Exit from the ldmadm1 user shell. Assign LDoms read and write authorization for user ldmadm1 using the usermod -A command. The LDoms read and write authorization is enabled by the solaris.ldoms.write privilege. After the privilege is assigned, verify user ldmadm1 is authorized run the /opt/SUNWldm/bin/ldm list command. 6. Verify that the new user ldmadm2 is unable to perform a basic LDom read operation by switching user (su) to ldmadm2 and running the /opt/SUNWldm/bin/ldm list command. Exit from the ldmadm2 user shell. Verify that the LDoms Management prole is installed in the /etc/security/prof_attr le. Assign the LDoms Management prole to user ldmadm2. After the prole has been assign, verify that user ldmadm2 is authorized run the /opt/SUNWldm/bin/ldm list command. 9. Verify that the new user ldmadm3 is unable to perform a basic LDom read operation by switching user (su) to ldmadm3 and running the /opt/SUNWldm/bin/ldm list command. Exit from the ldmadm3 user shell.

5.

7. 8.

10. Create a new role for LDoms management named ldomadm. Give this role LDoms read/write authorization. The LDoms read and write authorization is enabled by the solaris.ldoms.write privilege. Set the new role password to cangetin. 11. Assign the ldomadm role to user ldmadm3. After the role is assigned to user ldmadm3, verify user ldmadm3 is authorized run the /opt/SUNWldm/bin/ldm list command using the ldomadm role. Exit from the ldomadm role and the ldmadm3 user shell.

Exercise: Preparing the System to Support LDoms


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

3-11

Exercise Summary

Exercise Summary
Discussion Take a few minutes to discuss the experiences, issues, or discoveries you had during the lab exercise.

!
?

Experiences Interpretations Conclusions Applications

3-12

Sun Virtualization: Solaris 10 Logical Domains Administration


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Exercise Solutions

Exercise Solutions
This section provides the answers to the exercise tasks.

Task 1 Solutions
Perform the following steps: 1. Log in to your assigned system in the classroom. From the classroom system, log in to the system controller (SC) of your assign lab machine. Contact your instructor if you need help. The following is an example of accessing the SC on machine # 4 using the terminal server. # telnet 192.168.100.5 5004 The following is an example of logging directly in to the SC of machine # 4. # telnet 192.168.100.40 Please login: admin Please Enter password: cangetin After you log in to the SC, you should see the sc> prompt. If you do not see the sc> prompt, you might have an open console to the system. In this case, type #. to return to the SC. Note The examples shown in the remaining labs in this course assume you are using the terminal server to access the system in the lab. 2. Run the showhost command and obtain the following information: Server Model: Sun Fire T2000 System Firmware: 6.4.6 sc> showhost Sun-Fire-T2000 System Firmware 6.4.6 2007/06/24 15:53 Host flash versions: Hypervisor 1.4.1 2007/04/02 16:37 OBP 4.26.1 2007/04/02 16:26 POST 4.26.0 2007/03/26 16:45 Do the server model and rmware release meet the requirements for creating logical domains? No. The rmware release required for a T2000 is 6.6.1. You will upgrade the rmware in the next task. 3. Run the poweron command to verify the system power is running.

Exercise: Preparing the System to Support LDoms


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

3-13

Exercise Solutions sc> poweron The Host System Power is already running 4. Run the console -f command to open a console to the system. If the system is at the ok prompt, boot the operation system.

sc> console -f Enter #. to return to ALOM. You might have to press the Enter key to display the prompt. {0} ok boot Boot device: /pci@7c0/pci@0/pci@1/pci@0,2/LSILogic,sas@2/disk@0,0:a File and args: SunOS Release 5.10 Version Generic 64-bit Copyright 1983-2008 Sun Microsystems, Inc. All rights reserved. Use is subject to license terms. ... 5. Log in to the operating system as root. console login: root Password: cangetin 6. Display the contents of the /etc/release le. # cat /etc/release Solaris 10 5/08 s10s_u5wos_10 SPARC Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Use is subject to license terms. Assembled 24 March 2008 Does this OS release meet the requirement for installing the Logical Domains Manager 1.0.3 software? Yes 7. Run the prtdiag command to determine the following conguration information:

Platform group: Memory size: Number of available vCPU cores:

sun4v 8064 MBytes 24 cores

# prtdiag ... The Sun Fire T2000 system contains up to 8 cores with 4 threads each which give you 32 threads or virtual CPUs to work with. If prtdiag shows 24 CPUs (virtual CPUs) that means you have a Sun Fire T2000 with 6 cores (2 cores disabled.) You can also use commands, such as: uname -m, prtconf|grep Mem, and psrinfo to obtain this information.

3-14

Sun Virtualization: Solaris 10 Logical Domains Administration


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Exercise Solutions 8. Run the format command to determine what disks are installed in the system.

Note The command output shown for the following commands are from a Sun Fire T2000 Server with 2 CPUs and 4 Gbytes of memory. The device pathing information may differ based on the server systems disks. # format Searching for disks...done AVAILABLE DISK SELECTIONS: 0. c1t0d0 <SUN72G cyl 14087 alt 2 hd 24 sec 424> /pci@7c0/pci@0/pci@1/pci@0,2/LSILogic,sas@2/sd@0,0 1. c1t1d0 <SUN72G cyl 14087 alt 2 hd 24 sec 424> /pci@7c0/pci@0/pci@1/pci@0,2/LSILogic,sas@2/sd@1,0 2. c1t2d0 <SUN72G cyl 14087 alt 2 hd 24 sec 424> /pci@7c0/pci@0/pci@1/pci@0,2/LSILogic,sas@2/sd@2,0 Note the disk drives: c1t0d0, c1t1d0, c1t2d0 Which of these disk drives resides on PCI bus pci@780? None Which of these disk drives resides on PCI bus pci@7c0? All Select drive #1 and quit the format utility. Specify disk (enter its number): 1 selecting c1t1d0 ... format> quit 9. Use the dladm show-link command to verify the network devices are compliant with logical domain requirements. non-vlan non-vlan non-vlan non-vlan mtu: mtu: mtu: mtu: 1500 1500 1500 1500 device: device: device: device: e1000g0 e1000g1 e1000g2 e1000g3

# dladm show-link e1000g0 type: e1000g1 type: e1000g2 type: e1000g3 type:

If the network interface is non-vlan or vlan, the interface meets logical domain requirements. If the network interface is legacy, the interface is not compliant. 10. Run the grep e1000g /etc/path_to_inst command to determine on which PCI bus the network interfaces reside. # grep e1000g /etc/path_to_inst "/pci@780/pci@0/pci@1/network@0" 0 "e1000g" "/pci@780/pci@0/pci@1/network@0,1" 1 "e1000g"

Exercise: Preparing the System to Support LDoms


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

3-15

Exercise Solutions "/pci@7c0/pci@0/pci@2/network@0" 2 "e1000g" "/pci@7c0/pci@0/pci@2/network@0,1" 3 "e1000g"

Which network interfaces are attached to PCI bus pci@780 (leaf A)? e1000g0 e1000g1 Which network interfaces are attached to PCI bus pci@7c0 (leaf B)? e1000g2 e1000g3

11. Run the ifconfig -a command to identify which network interfaced are currently plumbed. The following example shows network conguration information for machine 4. # ifconfig -a lo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index1 inet 127.0.0.1 netmask ff000000 e1000g0: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 3 inet 192.168.100.104 netmask ffffff00 broadcast 192.168.100.255 ether 0:14:4f:1d:e9:b6 Name Network interface: e1000g0 IP Address 192.168.100.104

The network interface is connected to which PCI bus? PCI bus pci@780 Note At this point, you have gathered the conguration information required to complete the remaining tasks in this course. This information will be required in later exercises.

3-16

Sun Virtualization: Solaris 10 Logical Domains Administration


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Exercise Solutions

Task 2 Solutions
Perform the following steps: 1. Verify that you are logged in to the Sun Fire T2000s operating system of your assigned lab machine as root. If not, log in at this time.

# id uid=0(root) gid=0(root) 2. Unzip the 136927-01.zip archive located in the /opt/ses/lab directory to the /var/tmp directory.

# cd /var/tmp # cp /opt/ses/lab/136927-01.zip . # unzip 136927-01.zip # ls -d 136927* 136927-01 136927-01.zip 3. Move to the 136927-01 directory and list the contents. Note that the sysfwdownload.README le details this procedure.

# cd 136927-01 # ls copyright Install.info LEGAL_LICENSE.TXT README.136927-01 Sun_System_Firmware-6_6-download_SLA_and_Entitlement.txt Sun_System_Firmware-6_6_1-SPARC_Enterprise_T2000.bin Sun_System_Firmware-6_6_1-Sun_Fire_T2000.bin ... 4. Run the sysfwdownload utility to download the Sun_System_Firmware-6_6_1-Sun_Fire_T2000.bin le to the system controller.

# ./sysfwdownload Sun_System_Firmware-6_6_1-Sun_Fire_T2000.bin .......... (10%).......... (20%).......... (30%).......... (40%).......... (51%).......... (61%).......... (71%).......... (81%) .......... (92%)........ (100%) Download completed successfully. 5. Shut down the operating system. 14:48:20 MDT 2008 # shutdown -i5 -g0 -y Shutdown started. Fri May 30

Changing to init state 5 - please wait

Exercise: Preparing the System to Support LDoms


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

3-17

Exercise Solutions Broadcast Message from root (console) on train06 Tue May 22 14:48:20... THE SYSTEM train06 IS BEING SHUT DOWN NOW ! ! ! Log off now or risk your files being damaged ... svc.startd: The system is down. syncing file systems... done SC Alert: Host system has shut down 6. #. sc> 7. Use the poweroff -fy command to verify that the system power is off. After the operating system is down, type #. to move back to the system controller.

sc> poweroff -fy Host system power is already off 8. Run the flashupdate -s 127.0.0.1 command to upgrade the system controller rmware. Note that this takes a couple minutes to complete. sc> flashupdate -s 127.0.0.1 SC Alert: System poweron is disabled. ......................................................................... ......................................................................... .................... Update complete. Reset device to use new software. SC Alert: SC firmware was reloaded 9. Run the resetsc -y command to reset the system controller. If you are accessing the SC using the terminal server, log in to the system controller when prompted. If you were logged in directly to the SC, log back in to the SC using telnet. sc> resetsc -y User Requested SC Shutdown ALOM BOOTMON v1.4.2 ALOM Build Release: 001 Reset register: 00000000 ALOM POST 1.0 ...... Please login: admin

3-18

Sun Virtualization: Solaris 10 Logical Domains Administration


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Exercise Solutions Please Enter password: cangetin 10. Run the showhost command to verify the system controller rmware level. sc> showhost Sun-Fire-T2000 System Firmware 6.6.1 Host flash versions: OBP 4.28.1 2008/02/11 13:06 Hypervisor 1.6.1 2008/02/11 12:15 POST 4.28.1 2008/02/11 13:28 11. Run the poweron command to power the system back on. The system will perform power on self test (POST). POST takes a few minutes to complete. sc> poweron SC Alert: Host System has Reset 12. Open a console to the system. If the system stops at the OpenBoot PROM ok prompt, boot the operating system. sc> console -f Enter #. to return to ALOM. Expect to see system power on self test (POST) message trafc before the ok prompt is displayed. This will a couple minutes to complete. {0} ok boot Boot device: /pci@7c0/pci@0/pci@1/pci@0,2/LSILogic,sas@2/disk@0,0:a File and args: SunOS Release 5.10 Version Generic 64-bit .... 13. Log in to the operating system as root. host04 console login: root Password: cangetin ... 2008/02/11 15:53

Exercise: Preparing the System to Support LDoms


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

3-19

Exercise Solutions

Task 3 Solutions
Perform the following steps: 1. 2. Verify that you are logged in to the operating system of your assigned lab machine as root. If not, log in at this time. Unzip the LDoms_Manager-1_0_3.zip archive located in the /opt/ses/software directory to the /var/tmp directory.

# pwd /var/tmp # cp /opt/ses/software/LDoms_Manager-1_0_3.zip . # unzip LDoms_Manager-1_0_3.zip Archive: LDoms_Manager-1_0_3.zip creating: LDoms_Manager-1_0_3/ creating: LDoms_Manager-1_0_3/Product/ creating: LDoms_Manager-1_0_3/Product/SUNWldm.v/ inflating: LDoms_Manager-1_0_3/Product/SUNWldm.v/pkgmap inflating: LDoms_Manager-1_0_3/Product/SUNWldm.v/pkginfo ... # ls -d LDoms_Manager-1_0_3* LDoms_Manager-1_0_3 LDoms_Manager-1_0_3.zip 3. Change to the LDoms_Manager-1_0_3/Product directory and run the /var/tmp/LDoms_Manager-1_0_3/Install/install-ldm installation script to install the Logical Domains Manager 1.0.3 software. During the installation, you will be asked to choose one of the following options: a) Hardened Solaris conguration for LDoms (recommended) b) Standard Solaris conguration c) Your custom-dened Solaris security conguration prole Select option a. Option a installs the JumpStart Architecture and Security Scripts (JASS) toolkit. It provides a exible and extensible mechanism to harden and audit Solaris Operating System. # cd LDoms_Manager-1_0_3/Product # /var/tmp/LDoms_Manager-1_0_3/Install/install-ldm Welcome to the LDoms installer. You are about to install the domain manager package that will enable you to create, destroy and control other domains on your system. Given the capabilities of the domain manager, you can now change the security

3-20

Sun Virtualization: Solaris 10 Logical Domains Administration


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Exercise Solutions configuration of this Solaris instance using the Solaris Security Toolkit. Select a security profile from this list: a) Hardened Solaris configuration for LDoms (recommended) b) Standard Solaris configuration c) Your custom-defined Solaris security configuration profile Enter a, b, or c [a]: a The changes made by selecting this option can be undone through the Solaris Security Toolkits undo feature. This can be done with the /opt/SUNWjass/bin/jass-execute -u command. Installing LDoms and Solaris Security Toolkit packages. pkgadd -n -d "/var/tmp/LDoms_Manager-1_0_3/Product" -a pkg_admin SUNWldm.v Copyright 2008 Sun Microsystems, Inc. All rights reserved. Use is subject to license terms. Installation of <SUNWldm> was successful. pkgadd -n -d "/var/tmp/LDoms_Manager-1_0_3/Product" -a pkg_admin SUNWjass Copyright 2005 Sun Microsystems, Inc. All rights reserved. Use is subject to license terms. Installation of <SUNWjass> was successful. Verifying that all packages are fully installed. OK. Enabling services: svc:/ldoms/ldmd:default Running Solaris Security Toolkit 4.2.0 driver ldm_control-secure.driver. Please wait. . . /opt/SUNWjass/bin/jass-execute -q -d ldm_control-secure.driver Executing driver, ldm_control-secure.driver Solaris Security Toolkit hardening executed successfully; log file /var/opt/SUNWjass/run/20080521060409/jass-install-log.txt. It will not take effect until the next reboot. Before rebooting, make sure SSH or the serial line is setup for use after the reboot. 4. Reboot the Sun Fire T2000s operating system. # shutdown -i6 -g0 -y ... # svc.startd: The system is coming down. Please wait. svc.startd: 93 system services are now being stopped. May 21 06:08:34 train06 syslogd: going down on signal 15 svc.startd: The system is down. syncing file systems... done rebooting...

Exercise: Preparing the System to Support LDoms


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

3-21

Exercise Solutions Expect to see JASS related message trafc when the operation system reboots. 5. Log in to the Sun Fire T2000s operating system as root. Because the operating system has been hardened, you are required to set a new password for root. Make the new root password cangetin@sun. console login: root Password: cangetin passwd: Changing password for root New Password: cangetin@sun Re-enter new Password: cangetin@sun passwd: password successfully changed for root

Note At this point, the system has been transformed from a standard Solaris 10 operating system to a Solaris 10 Control Domain. 6. Verify that the logical domain daemon (ldmd) has been automatically started.

# svcs -l ldmd fmri svc:/ldoms/ldmd:default name Logical Domain Manager enabled true state online next_state none state_time May 21, 2008 6:12:13 AM MDT logfile /var/svc/log/ldoms-ldmd:default.log restarter svc:/system/svc/restarter:default contract_id 43 dependency require_all/none svc:/system/filesystem/local (online) The state should be online. 7. Verify the logical domain management utility is operational by running the /opt/SUNWldm/bin/ldm list command.

# /opt/SUNWldm/bin/ldm list
------------------------------------------------------------------------Notice: the LDom Manager is running in configuration mode. Configuration and resource information is displayed for the configuration under construction; not the current active configuration. The configuration being constructed will only take effect after it is downloaded to the system controller and the host is reset. --------------------------------------------------------------------------Name State Flags Cons VCPU Memory Util Uptime primary active -t-cv SP 24 8064M 20% 9m

3-22

Sun Virtualization: Solaris 10 Logical Domains Administration


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Exercise Solutions 8. Add the /opt/SUNWldm/bin path to the root account $PATH variable. Also, add /opt/SUNWldm/man to the root account $MANPATH variable.

# TERM=vt100 # export TERM # vi $HOME/.profile :/PATH A PATH=/usr/bin:/usr/sbin:/usr/ccs/bin:$PATH:/opt/SUNWldm/bin <esc> :/MANPATH A MANPATH=/usr/man:$MANPATH:/opt/SUNWldm/man export MANPATH <esc> :wq! 9. Run the . $HOME/.profile command to force the system to reexamine your environment variables.

# . $HOME/.profile

Exercise: Preparing the System to Support LDoms


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

3-23

Exercise Solutions

Task 4 Solutions
Perform the following steps: 1. 2. Verify that you are logged in to the control domain of your assigned lab machine as root. If not, log in at this time. List the user and system logins currently congured in the operating system. root other bin sys adm uucp nuucp smmsp adm gdm lp webservd postgres daemon nobody noaccess nogroup 0 1 2 3 4 5 9 25 4 50 8 80 90 12 60001 60002 65534 Super-User

# logins root 0 daemon 1 bin 2 sys 3 adm 4 uucp 5 nuucp 9 smmsp 25 Submission Program listen 37 gdm 50 lp 71 webservd 80 postgres 90 svctag 95 nobody 60001 noaccess 60002 nobody4 65534 Access User 3.

Admin uucp Admin uucp Admin SendMail Message Network Admin GDM Reserved UID Line Printer Admin WebServer Reserved UID PostgreSQL Reserved UID Service Tag UID NFS Anonymous Access User No Access User SunOS 4.x NFS Anonymous

Add three new users to the operating system named ldmadm1, ldmadm2, and ldmadm3. Set the new user passwords to cangetin. /bin/ksh ldmadm1 /bin/ksh ldmadm2 /bin/ksh ldmadm3

# useradd -d /export/ldmadm1 -m -s 64 blocks # useradd -d /export/ldmadm2 -m -s 64 blocks # useradd -d /export/ldmadm3 -m -s 64 blocks # # passwd ldmadm1 New Password: cangetin Re-enter new Password: cangetin passwd: password successfully changed # passwd ldmadm2 New Password: cangetin Re-enter new Password: cangetin

for ldmadm1

3-24

Sun Virtualization: Solaris 10 Logical Domains Administration


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Exercise Solutions passwd: password successfully changed for ldmadm2 # passwd ldmadm3 New Password: cangetin Re-enter new Password: cangetin passwd: password successfully changed for ldmadm3 # logins root 0 root 0 Super-User daemon 1 other 1 bin 2 bin 2 sys 3 sys 3 adm 4 adm 4 Admin uucp 5 uucp 5 uucp Admin nuucp 9 nuucp 9 uucp Admin smmsp 25 smmsp 25 SendMail Message Submission Program listen 37 adm 4 Network Admin gdm 50 gdm 50 GDM Reserved UID lp 71 lp 8 Line Printer Admin webservd 80 webservd 80 WebServer Reserved UID postgres 90 postgres 90 PostgreSQL Reserved UID svctag 95 daemon 12 Service Tag UID ldmadm1 100 other 1 ldmadm2 101 other 1 ldmadm3 102 other 1 nobody 60001 nobody 60001 NFS Anonymous Access User noaccess 60002 noaccess 60002 No Access User nobody4 65534 nogroup 65534 SunOS 4.x NFS Anonymous Access User 4. Verify that the new user ldmadm1 is unable to perform a basic LDom read operation by switching user (su) to ldmadm1 and running the /opt/SUNWldm/bin/ldm list command.

# su - ldmadm1 $ /opt/SUNWldm/bin/ldm list Authorization failed $ exit 5. Assign LDoms read and write authorization for user ldmadm1 using the usermod -A command. The LDoms read and write authorization is enabled by the solaris.ldoms.write privilege. After the privilege is assigned, verify user ldmadm1 is authorized run the /opt/SUNWldm/bin/ldm list command. # usermod -A solaris.ldoms.write ldmadm1 # su - ldmadm1 $ /opt/SUNWldm/bin/ldm list
-------------------------------------------------------------------------

Exercise: Preparing the System to Support LDoms


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

3-25

Exercise Solutions
Notice: the LDom Manager is running in configuration mode. Configuration and resource information is displayed for the configuration under construction; not the current active configuration. The configuration being constructed will only take effect after it is downloaded to the system controller and the host is reset. --------------------------------------------------------------------------NAME STATE FLAGS CONS VCPU MEMORY UTIL UPTIME primary active -n-cSP 24 8064M 0.0% 19h 49m

$ exit 6. Verify that the new user ldmadm2 is unable to perform a basic LDom read operation by switching user (su) to ldmadm2 and running the /opt/SUNWldm/bin/ldm list command. Exit from the ldmadm1 user shell.

# su - ldmadm2 $ /opt/SUNWldm/bin/ldm list Authorization failed $ exit 7. Verify that the LDoms Management prole is installed in the /etc/security/prof_attr le.

# grep 'LDoms Management' /etc/security/prof_attr LDoms Management:::Manage LDoms domains:auths=solaris.ldoms.* 8. Assign the LDoms Management prole to user ldmadm2. After the prole has been assign, verify that user ldmadm2 is authorized run the /opt/SUNWldm/bin/ldm list command. Exit from the ldmadm2 user shell. # su - ldmadm2 $ /opt/SUNWldm/bin/ldm list
------------------------------------------------------------------------Notice: the LDom Manager is running in configuration mode. Configuration and resource information is displayed for the configuration under construction; not the current active configuration. The configuration being constructed will only take effect after it is downloaded to the system controller and the host is reset. ---------------------------------------------------------------------------

# usermod -P "LDoms Management" ldmadm2

NAME primary $ exit 9.

STATE active

FLAGS -n-c-

CONS SP

VCPU 24

MEMORY 8064M

UTIL 0.2%

UPTIME 19h 56m

Verify that the new user ldmadm3 is unable to perform a basic LDom read operation by switching user (su) to ldmadm3 and running the /opt/SUNWldm/bin/ldm list command. Exit from the ldmadm3 user shell.

# su - ldmadm3 $ /opt/SUNWldm/bin/ldm list

3-26

Sun Virtualization: Solaris 10 Logical Domains Administration


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Exercise Solutions Authorization failed $ exit 10. Create a new role for LDoms management named ldomadm. Give this role LDoms read/write authorization. The LDoms read and write authorization is enabled by the solaris.ldoms.write privilege. Set the new role password to cangetin. # roleadd -A solaris.ldoms.write ldomadm # passwd ldomadm New Password: cangetin Re-enter new Password: cangetin passwd: password successfully changed for ldomadm 11. Assign the ldomadm role to user ldmadm3. # usermod -R ldomadm ldmadm3 After the role is assigned to user ldmadm3, verify user ldmadm3 is authorized run the /opt/SUNWldm/bin/ldm list command using the ldomadm role. # su - ldmadm3 # id uid=102(ldmadm3) gid=1(other) $ su ldomadm Password: cangetin May 22 02:10:56 train06 su: su ldomadm succeeded for root on /dev/console $ id uid=103(ldomadm) gid=1(other) $ /opt/SUNWldm/bin/ldm list
------------------------------------------------------------------------Notice: the LDom Manager is running in configuration mode. Configuration and resource information is displayed for the configuration under construction; not the current active configuration. The configuration being constructed will only take effect after it is downloaded to the system controller and the host is reset. --------------------------------------------------------------------------Name State Flags Cons VCPU Memory Util Uptime primary active -n-cSP 24 8064M 0.1% 20h 3m

Exit from the ldomadm role and the ldmadm3 user shell. $ exit $ exit

Exercise: Preparing the System to Support LDoms


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

3-27

Lab 4

Exercise: Setting Up the Control and Service Logical Domain


Objectives
In this exercise, you will perform the following tasks:

Create default virtual services Setup the control domain Congure the virtual switch as a network Interface Enable the virtual network terminal server

Preparation
To prepare for this lab exercise:

Review the Preparation section in Lab 1. Review the hardware and software conguration information you gathered in Task 1 of Lab 1. When performing this exercise, use the following system login information. See your instructor if you need help. Control domain operating system:

Login name Login password

root cangetin@sun

Note Examples shown in this exercise are from lab machine 4. The command responses shown in the Exercise Solutions on page Lab 4-8 are examples only. Depending upon your lab conguration, the responses to the commands in the labs might vary slightly.

4-1
Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Objectives

Task 1 Create Default Virtual Services


In this task you use the logical domain management utility to create default virtual services initially to be able to use them later in the course. You setup the following (Figure 4-1) default virtual services:

vdiskserver The virtual disk server vswitch The virtual switch service vconscon The virtual console concentrator service

vswitch

vdiskserver

vconscon

Service Domain

Hypervisor Network Interfaces Disk Storage

Hardware Resources

Figure 4-1

Logical Domain Virtual Services

Perform the following steps: 1. 2. Verify you are logged in to the Sun Fire T2000 control domain as root. If not, log in at this time. List the logical domain congurations currently stored on the system controller. If congurations other than factory-default are listed, use the ldm remove-config config_name command to remove them at this time. Do not remove the factory-default conguration. 3. 4. List all the logical domains currently congured on the system. List all server bound and unbound devices. Peruse the list to get an understanding of the devices available to the Logical Domain Manager. List the bindings of all currently congured logical domains. List the virtual services currently congured on the control domain. Add a virtual disk service named primary-vds0 to the primary domain.

5. 6. 7.

4-2

Sun Virtualization: Solaris 10 Logical Domains Administration


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Objectives 8. Add a disk volume named vol0 to the virtual disk service. Bind the the second disk drive on PCI leaf B (c1t1d0s2) to vol0. Refer to the conguration information you gathered in Lab1, Task 1. Add a virtual console service named primary-vcc0 with a port range of 5000 - 5100 to the primary domain.

9.

10. Add a virtual network switch service named primary-vsw0 to the primary domain. Bind this virtual network switch to network interface e1000g0. 11. List the services to ensure they are congured correctly. At this point the domain named primary is congured as a service domain. Before the changes take effect, the new conguration must be saved to the system controller and the operating system must be rebooted. You will do this in the next task.

Task 2 Setup the Control Domain


Now that you have the default virtual services congured, the next task is to perform the initial setup of the control (primary) domain. This involves allocating system resources (Figure 4-2) to be used by the control domain. The remaining unallocated system resources can be used by other logical domains in the system. Finally, after the you congure the control domain, you save the conguration to the system controller. In this task you allocate the following resources to the control domain:

mau The modular arithmetic unit to be used by the control domain. vcpu The virtual CPU presenting the processor cores of the server to be used my the control domain. memory - The amount of memory to be used my the control domain.
Control Domain

Hypervisor

Physical Resourses
(vCPUs, Memory, MAU)

Figure 4-2

Initial Conguration Resource Set


4-3

Exercise: Setting Up the Control and Service Logical Domain


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Objectives Perform the following steps: 1. 2. Verify you are logged in to the Sun Fire T2000 control domain as root. If not, log in at this time. List all the server resources. How many virtual CPUs are currently available for creating guest domains? ________ How much memory is currently available for creating guest domains? ________ 3. 4. 5. 6. 7. 8. 9. Allocate one modular arithmetic unit to the primary domain. Allocate four virtual CPUs to the primary domain. Allocate two gigabytes of memory to the primary domain. Verify the resources allocated to the control domain by running the ldm list-bindings command. Save the new conguration to the system controller. Name the conguration config_initial. List the conguration stored on the system controller. Reboot the control domain.

10. After the control domain has rebooted, log in as root. 11. Generate a long list of the of the primary domain to verify the new conguration was created correctly. You now have sufcient resources and services to create guest domains.

4-4

Sun Virtualization: Solaris 10 Logical Domains Administration


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Objectives

Task 3 Configure the Virtual Switch as a Primary Network Interfaces


A virtual switch can serve a the primary network interface to the control domain. This task demonstrates how the virtual switch can be congured as the primary network interface for the control domain. In this task you congure the virtual switch created in Task 1 Create Default Virtual Services on page Lab 4-2 to access subnet 192.168.100.0. See Figure 4-3.

vsw0 Service Domain e1000g0

Hypervisor

pci@7c0/../network@0

Resources

Subnet 192.168.100.0
Figure 4-3 Virtual Switch Conguration

Perform the following steps: 1. 2. 3. 4. Verify you are logged in to the Sun Fire T2000 control domain as root. If not, log in at this time. Display the IP addressing information for all network interfaces. Unplumb the current primary network interface (e1000g0). Plumb the virtual switches vsw0.

Exercise: Setting Up the Control and Service Logical Domain


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

4-5

Objectives 5. Manually congure the IP addressing information for the vsw0 network interface. Use the IP address information originally assigned to the e1000g0 interface (see the results of Step 2). Be sure to set the up ag. Use the ifconfig -a command to verify the new IP conguration. Use the ping command to verify the vsw0 interface can access the 192.168.100.0 subnet. Rename the /etc/hostname.e1000g0 le to /etc/hostname.vsw0 so that the virtual switch will automatically be congured as the primary interface after the next OS reboot.

6. 7. 8.

Task 4 Enable the Virtual Network Terminal Server


The virtual network terminal server daemon (vntsd) daemon provides access to the virtual console of each logical domain. By default, this daemon is disabled. In this task you enable the vntsd daemon. Perform the following steps: 1. 2. 3. 4. Verify you are logged in to the Sun Fire T2000 control domain as root. If not, log in at this time. Run the svcs vntsd command to determine the current state of the vntsd daemon. Use the svcadm command to enable the virtual network terminal server daemon, vntsd. Use the svcs command to verify that the vntsd daemon is enabled.

4-6

Sun Virtualization: Solaris 10 Logical Domains Administration


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Exercise Summary

Exercise Summary
Discussion Take a few minutes to discuss the experiences, issues, or discoveries you had during the lab exercise.

!
?

Experiences Interpretations Conclusions Applications

Exercise: Setting Up the Control and Service Logical Domain


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

4-7

Exercise Solutions

Exercise Solutions
This section provides the answers to the exercise tasks.

Task 1 Solutions
Perform the following steps: 1. 2. Verify you are logged in to the Sun Fire T2000 control domain as root. If not, log in at this time. List the logical domain congurations currently stored on the system controller.

primary# ldm list-spconfig factory-default [current] ... If congurations other than factory-default are listed, use the ldm remove-config config_name command to remove them at this time. Do not remove the factory-default conguration. primary# ldm remove-spconfig config_name # ldm list-config factory-default [current] 3. List all the logical domains currently congured on the system. primary# ldm list-domain ------------------------------------------------------------------------Notice: the LDom Manager is running in configuration mode. Configuration and resource information is displayed for the configuration under construction; not the current active configuration. The configuration being constructed will only take effect after it is downloaded to the system controller and the host is reset. ------------------------------------------------------------------------Name State Flags Cons VCPU Memory Util Uptime primary active -n-cSP 24 8064M 0.1% 20h 9m By default, the system provides a control domain (named primary) in conguration mode. This gives you a conguration starting point. Conguration mode implies any additional changes you make to this domain must be saved to the SC and the domain must be restart (rebooted) 4. List all server bound and unbound devices. Peruse the list to get an understanding of the devices available to the Logical Domain Manager.

4-8

Sun Virtualization: Solaris 10 Logical Domains Administration


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Exercise Solutions

Note The command output shown for the following commands are from a Sun Fire T2000 Server with 2 CPUs and 4 Gbytes of memory. The device pathing information may differ based on the server systems disks. primary# ldm list-devices -a ------------------------------------------------------------------------Notice: the LDom Manager is running in configuration mode. Configuration and resource information is displayed for the configuration under construction; not the current active configuration. The configuration being constructed will only take effect after it is downloaded to the system controller and the host is reset. ------------------------------------------------------------------------VCPU PID 0 1 2 3 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 MAU ID 0 1 2 CPUSET (0, 1, 2, 3) (8, 9, 10, 11) (12, 13, 14, 15) BOUND primary primary primary

%FREE 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0

Exercise: Setting Up the Control and Service Logical Domain


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

4-9

Exercise Solutions 3 4 5 (16, 17, 18, 19) (20, 21, 22, 23) (24, 25, 26, 27) primary primary primary

MEMORY PA 0x0 0x80000 0x200000 0x4000000 0x8000000 IO DEVICE pci@780 pci@7c0 5.

SIZE 512K 1536K 62M 64M 8064M

BOUND _sys_ _sys_ _sys_ _sys_ primary

PSEUDONYM bus_a bus_b

BOUND yes yes

OPTIONS bypass=on bypass=on

List the bindings of all currently congured logical domains.

primary# ldm list-bindings ------------------------------------------------------------------------Notice: the LDom Manager is running in configuration mode. Configuration and resource information is displayed for the configuration under construction; not the current active configuration. The configuration being constructed will only take effect after it is downloaded to the system controller and the host is reset. ------------------------------------------------------------------------NAME STATE FLAGS CONS VCPU MEMORY UTIL UPTIME primary active -n-cSP 24 8064M 0.1% 20h 22m MAC 00:14:4f:02:57:4c VCPU VID 0 1 2 3 4 5 6 7 8 9 10 11

PID 0 1 2 3 8 9 10 11 12 13 14 15

UTIL STRAND 0.5% 100% 0.1% 100% 0.0% 100% 0.0% 100% 0.1% 100% 0.0% 100% 0.0% 100% 0.0% 100% 0.1% 100% 0.0% 100% 0.0% 100% 0.0% 100%

4-10

Sun Virtualization: Solaris 10 Logical Domains Administration


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Exercise Solutions 12 13 14 15 16 17 18 19 20 21 22 23 MAU ID 0 1 2 3 4 5 CPUSET (0, 1, 2, 3) (8, 9, 10, 11) (12, 13, 14, 15) (16, 17, 18, 19) (20, 21, 22, 23) (24, 25, 26, 27) 16 17 18 19 20 21 22 23 24 25 26 27 0.1% 0.0% 0.0% 0.0% 0.1% 0.0% 0.0% 0.0% 0.1% 0.0% 0.0% 0.0% 100% 100% 100% 100% 100% 100% 100% 100% 100% 100% 100% 100%

MEMORY RA 0x8000000

PA 0x8000000

SIZE 8064M

VARIABLES boot-device=/pci@7c0/pci@0/pci@1/pci@0,2/LSILogic,sas@2/disk@0,0:a disk net keyboard-layout=US-English use-nvramrc?=true IO DEVICE pci@780 pci@7c0 VCONS NAME SP PSEUDONYM bus_a bus_b OPTIONS bypass=on bypass=on

SERVICE

PORT

Note that after the initial logical domain software installation, the primary (control) domain owns all available system resources. 6. List the virtual services currently congured on the control domain. primary# ldm list-services -------------------------------------------------------------------------

Exercise: Setting Up the Control and Service Logical Domain


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

4-11

Exercise Solutions Notice: the LDom Manager is running in configuration mode. Configuration and resource information is displayed for the configuration under construction; not the current active configuration. The configuration being constructed will only take effect after it is downloaded to the system controller and the host is reset. ------------------------------------------------------------------------7. Add a virtual disk service named primary-vds0 to the primary domain.

primary# ldm add-vdiskserver primary-vds0 primary ------------------------------------------------------------------------Notice: the LDom Manager is running in configuration mode. Any configuration changes made will only take effect after the machine configuration is downloaded to the system controller and the host is reset. ------------------------------------------------------------------------vdiskserver is a virtual disk server which allows you to import virtual disks into a logical domain. Note that currently no volumes, partitions, or le have been bound to disk service primary-vds0. 8. Add a disk volume named vol0 to the virtual disk service. Bind the the second disk drive on PCI leaf B (c1t1d0s2) to vol0. Refer to the conguration information you gathered in Lab1, Task 1.

primary# ldm add-vdiskserverdevice /dev/dsk/c1t1d0s2 vol0@primaryvds0 ------------------------------------------------------------------------Notice: the LDom Manager is running in configuration mode. Any configuration changes made will only take effect after the machine configuration is downloaded to the system controller and the host is reset. ------------------------------------------------------------------------9. Add a virtual console service named primary-vcc0 with a port range of 5000 - 5100 to the primary domain.

primary# ldm add-vconscon port-range=5000-5100 primary-vcc0 primary ------------------------------------------------------------------------Notice: the LDom Manager is running in configuration mode. Any configuration changes made will only take effect after the machine configuration is downloaded to the system controller and the host is reset. ------------------------------------------------------------------------vconscon is a virtual console concentrator service with a specic range of TCP ports to assign to each guest domain at the time it is created.

4-12

Sun Virtualization: Solaris 10 Logical Domains Administration


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Exercise Solutions 10. Add a virtual network switch service named primary-vsw0 to the primary domain. Bind this virtual network switch to network interface e1000g0. primary# ldm add-vswitch net-dev=e1000g0 primary-vsw0 primary ------------------------------------------------------------------------Notice: the LDom Manager is running in configuration mode. Any configuration changes made will only take effect after the machine configuration is downloaded to the system controller and the host is reset. ------------------------------------------------------------------------vswitch is a virtual network switch that connects the virtual network devices to the external net-work and also switches packets between them. 11. List the services to ensure they are congured correctly. primary# ldm list-services primary ------------------------------------------------------------------------Notice: the LDom Manager is running in configuration mode. Configuration and resource information is displayed for the configuration under construction; not the current active configuration. The configuration being constructed will only take effect after it is downloaded to the system controller and the host is reset. ------------------------------------------------------------------------VCC NAME PORT-RANGE primary-vcc0 5000-5100 VSW NAME primary-vsw0 VDS NAME primary-vds0 VOLUME vo10 OPTIONS DEVICE /dev/dsk/c1t1d0s2 MAC NET-DEV 00:14:4f:f9:66:6b e1000g0 DEVICE switch@0 MODE

At this point the domain named primary is congured as a service domain. Before the changes take effect, the new conguration must be saved to the system controller and the operating system must be rebooted. You will do this in the next task.

Task 2 Solutions
Perform the following steps:

Exercise: Setting Up the Control and Service Logical Domain


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

4-13

Exercise Solutions 1. 2. Verify you are logged in to the Sun Fire T2000 control domain as root. If not, log in at this time. List all the server resources.

primary# ldm list-devices -a ------------------------------------------------------------------------Notice: the LDom Manager is running in configuration mode. Configuration and resource information is displayed for the configuration under construction; not the current active configuration. The configuration being constructed will only take effect after it is downloaded to the system controller and the host is reset. ------------------------------------------------------------------------VCPU PID 0 1 2 3 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 MAU ID 0 1 2 3 CPUSET (0, 1, 2, 3) (8, 9, 10, 11) (12, 13, 14, 15) (16, 17, 18, 19) BOUND primary primary primary primary

%FREE 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0

4-14

Sun Virtualization: Solaris 10 Logical Domains Administration


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Exercise Solutions 4 5 (20, 21, 22, 23) (24, 25, 26, 27) primary primary

MEMORY PA 0x0 0x80000 0x200000 0x4000000 0x8000000 IO DEVICE pci@780 pci@7c0

SIZE 512K 1536K 62M 64M 8064M

BOUND _sys_ _sys_ _sys_ _sys_ primary

PSEUDONYM bus_a bus_b

BOUND yes yes

OPTIONS bypass=on bypass=on

How many virtual CPUs are currently available for creating guest domains? 0 vCPUs How much memory is currently available for creating guest domains? 0 memory 3. Allocate one modular arithmetic unit to the primary domain. primary# ldm set-mau 1 primary
---------------------------------------------------------------------------Notice: the LDom Manager is running in configuration mode. Any configuration changes made will only take effect after the machine configuration is downloaded to the system controller and the host is reset. ----------------------------------------------------------------------------

4.

Allocate four virtual CPUs to the primary domain.

primary# ldm set-vcpu 4 primary


---------------------------------------------------------------------------Notice: the LDom Manager is running in configuration mode. Any configuration changes made will only take effect after the machine configuration is downloaded to the system controller and the host is reset. ----------------------------------------------------------------------------

5.

Allocate two gigabytes of memory to the primary domain.

primary# ldm set-memory 2G primary


---------------------------------------------------------------------------Notice: the LDom Manager is running in configuration mode. Any configuration changes made will only take effect after the machine configuration is downloaded to the system controller and the host is reset. ----------------------------------------------------------------------------

6.

Verify the resources allocated to the control domain by running the ldm list-bindings command.

primary# ldm list-bindings primary -------------------------------------------------------------------------

Exercise: Setting Up the Control and Service Logical Domain


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

4-15

Exercise Solutions Notice: the LDom Manager is running in configuration mode. Configuration and resource information is displayed for the configuration under construction; not the current active configuration. The configuration being constructed will only take effect after it is downloaded to the system controller and the host is reset. ------------------------------------------------------------------------NAME STATE FLAGS CONS VCPU MEMORY UTIL UPTIME primary active -n-cv SP 4 2G 0.0% 2h 28m MAC 00:14:4f:02:57:4c VCPU VID 0 1 2 3 MAU ID 0 CPUSET (0, 1, 2, 3)

PID 0 1 2 3

UTIL STRAND 0.3% 100% 0.0% 100% 0.0% 100% 0.0% 100%

MEMORY RA 0x8000000

PA 0x8000000

SIZE 2G

VARIABLES boot-device=/pci@7c0/pci@0/pci@1/pci@0,2/LSILogic,sas@2/disk@0,0:a disk net keyboard-layout=US-English use-nvramrc?=true IO DEVICE pci@780 pci@7c0 VCC NAME primary-vcc0 VSW NAME primary-vsw0 MAC NET-DEV 00:14:4f:f9:66:6b e1000g0 DEVICE switch@0 MODE PORT-RANGE 5000-5100 PSEUDONYM bus_a bus_b OPTIONS bypass=on bypass=on

4-16

Sun Virtualization: Solaris 10 Logical Domains Administration


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Exercise Solutions VDS NAME primary-vds0 VCONS NAME SP 7. VOLUME vo10 OPTIONS DEVICE /dev/dsk/c1t1d0s2

SERVICE

PORT

Save the new conguration to the system controller. Name the conguration config_initial. List the conguration stored on the system controller.

primary# ldm add-config config_initial 8. primary# ldm list-config factory-default [current] config_initial [next] 9. Reboot the control domain. # shutdown -i6 -g0 -y ... You will have to wait a few minutes until the login prompt is available. 10. After the control domain has rebooted, log in as root. console login: root Password: cangetin@sun ... 11. Generate a long list of the of the primary domain to verify the new conguration was created correctly. primary# ldm list-domain -l primary NAME STATE FLAGS CONS primary active -n-cv SP SOFTSTATE Solaris running VCPU VID 0 1 2 3 MAU ID 0 CPUSET (0, 1, 2, 3) VCPU 4 MEMORY 2G UTIL 22% UPTIME 4m

PID 0 1 2 3

UTIL STRAND 61% 100% 10% 100% 9.4% 100% 8.0% 100%

Exercise: Setting Up the Control and Service Logical Domain


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

4-17

Exercise Solutions MEMORY RA 0x8000000

PA 0x8000000

SIZE 2G

VARIABLES boot-device=/pci@7c0/pci@0/pci@1/pci@0,2/LSILogic,sas@2/disk@0,0:a disk net keyboard-layout=US-English use-nvramrc?=true IO DEVICE pci@780 pci@7c0 VCC NAME primary-vcc0 VSW NAME primary-vsw0 VDS NAME primary-vds0 VCONS NAME SP VOLUME vo10 OPTIONS DEVICE /dev/dsk/c1t1d0s2 MAC NET-DEV 00:14:4f:f9:66:6b e1000g0 DEVICE switch@0 MODE PORT-RANGE 5000-5100 PSEUDONYM bus_a bus_b OPTIONS

SERVICE

PORT

Additionally, you can run the psrinfo and prtconf|grep Mem command to view the results of your work. You should now have sufcient resources and services to create guest domains.

Task 3 Solutions
Perform the following steps: 1. 2. Verify you are logged in to the Sun Fire T2000 control domain as root. If not, log in at this time. Display the IP addressing information for all network interfaces.

4-18

Sun Virtualization: Solaris 10 Logical Domains Administration


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Exercise Solutions This example uses machine # 4. primary# ifconfig -a lo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1 inet 127.0.0.1 netmask ff000000 e1000g0: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2 inet 192.168.100.104 netmask ffffff00 broadcast 192.168.100.255 ether 0:14:4f:2:57:4c 3. 4. 5. Unplumb the current primary network interface (e1000g0). Plumb the virtual switches vsw0. Manually congure the IP addressing information for the vsw0 network interface. Use the IP address information originally assigned to the e1000g0 interface (see the results from Step 2). Be sure to set the up ag. The following example shows network conguration information for machine 4. primary# ifconfig vsw0 192.168.100.104 netmask 255.255.255.0 broadcast + up 6. Use the ifconfig -a command to verify the new IP conguration. primary# ifconfig -a lo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1 inet 127.0.0.1 netmask ff000000 vsw0: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 3 inet 192.168.100.104 netmask ffffff00 broadcast 192.168.100.255 ether 0:14:4f:f9:da:3b 7. Use the ping command to verify the vsw0 interface can assess the 192.168.100.0 subnet. primary# ifconfig e1000g0 unplumb primary# ifconfig vsw0 plumb

primary# ping -s 192.168.100.255 ... ^C You should see responses from other system on the subnet. 8. Rename the /etc/hostname.e1000g0 le to /etc/hostname.vsw0 so that the virtual switch will automatically be congured as the primary interface after the next OS reboot.

primary# mv /etc/hostname.e1000g0 /etc/hostname.vsw0

Exercise: Setting Up the Control and Service Logical Domain


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

4-19

Exercise Solutions

Task 4 Solutions
Perform the following steps: 1. 2. Verify you are logged in to the Sun Fire T2000 control domain as root. If not, log in at this time. Run the svcs vntsd command to determine the current state of the vntsd daemon.

primary# svcs -l vntsd .. state: disabled ... The state should be disabled. 3. Use the svcadm command to enable the virtual network terminal server daemon, vntsd. Use the svcs command to verify that the vntsd daemon is enabled.

primary# svcadm enable vntsd 4. primary# svcs -l vntsd fmri svc:/ldoms/vntsd:default name virtual network terminal server enabled true state online next_state none state_time May 29, 2008 12:39:56 AM MDT logfile /var/svc/log/ldoms-vntsd:default.log restarter svc:/system/svc/restarter:default contract_id 261 dependency optional_all/error svc:/milestone/network (online) dependency optional_all/none svc:/system/system-log (online) The state should be online.

4-20

Sun Virtualization: Solaris 10 Logical Domains Administration


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Lab 5

Exercise: Creating a Guest Logical Domain


Objectives
In this exercise, you will perform the following tasks:

Create a guest domain JumpStart the guest domain Explore the guest domain

Preparation
To prepare for this lab exercise:

Review the Preparation section in Lab 1. Review the hardware and software conguration information you gathered in Task 1 of Lab 1. Review the LDom services you congured in the previous exercise. When performing this exercise, use the following system login information. See your instructor if you need help. Control domain operating system:

Login name Login password Login name Login password

root cangetin@sun

Guest domain operating system:


root cangetin

5-1
Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Objectives

Note Examples shown in this exercise are from lab machine 4. The command responses shown in the Exercise Solutions on page Lab 5-9 are examples only. Depending upon your lab conguration, the responses to the commands in the labs might vary slightly.

Task 1 Create a Guest Domain


In this task you use the logical domain management utility to create a guest domain. You add the following resources (Figure 5-1) to your new guest domain:

Four virtual CPUs Two gigabytes of memory One virtual network interface One virtual disk drive

Service Domain
vsw0 e1000g0 vnet0 vds0 vol0 vdisk0

Guest Domain

c0d0 vnet0

vCPUs Memory

c1t1d0s2

Hypervisor
/pci@7c0/../network@0 /pci@7c0/../sd@1,0 vCPUs Memory

Resources

192.168.100.0

Internal Disk 1

Figure 5-1

Guest Domain Conguration

5-2

Sun Virtualization: Solaris 10 Logical Domains Administration


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Objectives

Perform the following steps: 1. 2. Verify you are logged in to the Sun Fire T2000 control domain as root. If not, log in at this time. List the control domain services. Are there sufcient services available to create the new guest domain that has a boot disk and network interface? ________ 3. List all the Sun Fire T2000 server devices to identify the resources available for creating a new guest domain. Are there sufcient vCPU and memory resources available to create the new guest domain? ________ 4. 5. 6. 7. Use the ldm add-domain command to create the framework for a new guest domain named ldom1. Add four virtual CPUs to the conguration of guest domain of ldom1. Add two gigabytes of memory to the conguration of guest domain of ldom1. List the bindings for logical domain ldom1. Note that memory and vCPUs are not currently bound to a new guest domain. This is because the guest domain is in the inactive state. Resources are only bound to a guest domain that is in the bound or active state. 8. Add a virtual network interface named vnet0 to the conguration of guest domain of ldom1. Bind vnet0 to the virtual switch primaryvsw0. Use the information in Table 5-1 to assign an Ethernet address that is associated with your lab machine to the vnet0 interface. Table 5-1 Lab Ethernet Address Assignments Assigned Machine machine1 machine2 machine3 machine4 machine5 machine6 Ethernet Address 08:00:20:ab:01:10 08:00:20:ab:01:20 08:00:20:ab:01:30 08:00:20:ab:01:40 08:00:20:ab:01:50 08:00:20:ab:01:60

Exercise: Creating a Guest Logical Domain


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

5-3

Objectives 9. Add a virtual disk named vdisk0 to the conguration of guest domain ldom1. Use the volume currently bound to virtual disk service vds0.

10. Set the boot-device variable for guest domain ldom1 to /virtual-devices@100/channel-devices@200/disk@0. 11. Set the auto-boot variable for guest domain ldom1 to false. 12. Bind all the resources you congured in this task to the guest domain ldom1. 13. List the logical domains. 14. List the constraints for guest domain ldom1 in machine-readable format. 15. Create a backup conguration le named /var/tmp/ldom1.xml containing the constraints for guest domain ldom1 in XML format. 16. Start logical domain ldom1. 17. Generate a long list of all the logical domains in the system to verify your work.

5-4

Sun Virtualization: Solaris 10 Logical Domains Administration


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Objectives

Task 2 JumpStart the Guest Domain


In this task you open a virtual console to the guest domain, congure the virtual devices in the OpenBoot environment, and JumpStart the operating system. See Figure 5-2.

Service Domain
vsw0 e1000g0 vnet0 vds0 vol0 vdisk0

Guest Domain

c0d0

vnet0

c1t1d0s2

Hypervisor
/pci@7c0/../network@0 /pci@7c0/../sd@1,0

Resources

JumpStart Server

Internal Disk 1

Figure 5-2

JumpStart Guest Domain

Perform the following steps: 1. 2. 3. Verify you are logged in to the Sun Fire T2000 control domain as root. If not, log in at this time. Use the telnet command to open a virtual console to guest domain ldom1. Use the banner command to display the guest domain ldom1 OpenBoot banner. Note the Ethernet address. This must match the Ethernet address assigned to your lab machine in Table 5-1 on page -3 to perform the JumpStart later in this task.

Exercise: Creating a Guest Logical Domain


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

5-5

Objectives 4. Use the printenv command to display the OpenBoot environment variables. Are the boot-device and auto-boot variables congured as specied in Task 1? 5. 6. 7. Use the show-devs command to display the guest domain ldom1 devices. Type q to quit the command. Use the show-disks command to display the guest domain ldom1 disks. Type q to quit the command. Use the show-nets command to display the guest domain ldom1 network devices. Select the virtual network by typing the letter associated with it. Create a device alias (nvalias) named vnet0. Use the network device name obtained in the previous step. JumpStart the guest domain ldom1 using the vnet0 device alias.

8. 9.

Note Jumpstarting the Standard End User metacluster normally takes approximately 50 minutes to complete. Contact your instructor when the JumpStart begins to load the software packages. Note After the OS has been installed and the smf service descriptions have been loaded, the JumpStart operation will run a post installation script to set the root password to cangetin. This will cause the OS to reboot. After the OS has rebooted, you can log in as root with the password cangetin.

Task 3 Explore the Guest Domain


In this task you open a virtual console to the guest domain, log in to the guest domain operating system, and explore the guest domain. Perform the following steps: 1. Verify you have an virtual console open to the guest domain ldom1. If not, open a console at this time.

5-6

Sun Virtualization: Solaris 10 Logical Domains Administration


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Objectives 2. After the Solaris 10 5/08 Operating System has been completely installed in the guest domain ldom1, log in to the OS as root. Use the password cangetin. Check the /etc/path_to_inst le to determine if the on-board network interfaces e1000g are present. Are the on-board network interfaces present? _____ Why? 4. 5. 6. 7. 8. 9. Check /etc/path_to_inst to determine if the virtual network interfaces vnet are present. Run the /usr/sbin/dladm show-link command to view network links available on the operating system. Verify the new IP conguration. Verify that guest domain ldom1 can access subnet 192.168.100.0. Use the psrinfo -vp command to determine how many virtual CPUs can be seen by the operating system. Use the prtdiag command to determine how much memory can be seen by the operating system.

3.

10. Run the format command to determine which disks are available on the operating system. Be sure to view the partition table.

Exercise: Creating a Guest Logical Domain


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

5-7

Exercise Summary

Exercise Summary
Discussion Take a few minutes to discuss the experiences, issues, or discoveries you had during the lab exercise.

!
?

Experiences Interpretations Conclusions Applications

5-8

Sun Virtualization: Solaris 10 Logical Domains Administration


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Exercise Solutions

Exercise Solutions
This section provides the answers to the exercise tasks.

Task 1 Solutions
Perform the following steps: 1. 2. Verify you are logged in to the Sun Fire T2000 control domain as root. If not, log in at this time. List the control domain services.

Note The command output shown for the following commands are from a Sun Fire T2000 Server with 2 CPUs and 4 Gbytes of memory. The device pathing information may differ based on the server systems disks. primary# ldm list-services primary VCC NAME PORT-RANGE primary-vcc0 5000-5100 VSW NAME primary-vsw0 VDS NAME primary-vds0 VOLUME vo10 OPTIONS DEVICE /dev/dsk/c1t1d0s2 MAC NET-DEV 00:14:4f:f9:66:6b e1000g0 DEVICE switch@0 MODE

Are there sufcient services available to create the new guest domain that has a boot disk and network interface? Yes 3. List all the Sun Fire T2000 server devices to identify the resources available for creating a new guest domain.

primary# ldm list-devices -a VCPU PID %FREE 0 0 1 0 2 0 3 0 8 100

Exercise: Creating a Guest Logical Domain


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

5-9

Exercise Solutions 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 MAU ID 0 1 2 3 4 5 CPUSET (0, 1, 2, 3) (8, 9, 10, 11) (12, 13, 14, 15) (16, 17, 18, 19) (20, 21, 22, 23) (24, 25, 26, 27) BOUND primary 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100

MEMORY PA 0x0 0x80000 0x200000 0x4000000 0x8000000 0x88000000 IO DEVICE pci@780 pci@7c0

SIZE 512K 1536K 62M 64M 2G 6016M

BOUND _sys_ _sys_ _sys_ _sys_ primary

PSEUDONYM bus_a bus_b

BOUND yes yes

OPTIONS

Are there sufcient vCPU and memory resources available to create the new guest domain? Yes

5-10

Sun Virtualization: Solaris 10 Logical Domains Administration


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Exercise Solutions 4. Use the ldm add-domain command to create the framework for a new guest domain named ldom1. Add four virtual CPUs to the conguration of guest domain of ldom1. Add two gigabytes of memory to the conguration of guest domain of ldom1. List the bindings for logical domain ldom1. VCPU 4 MEMORY 2G UTIL UPTIME

primary# ldm add-domain ldom1 5.

primary# ldm add-vcpu 4 ldom1 6.

primary# ldm add-memory 2G ldom1 7. primary# ldm list-bindings ldom1 NAME STATE FLAGS CONS ldom1 inactive ----8.

Add a virtual network interface named vnet0 to the conguration of guest domain of ldom1. Bind vnet0 to the virtual switch primaryvsw0. Use the information in Table 5-1 to assign an Ethernet address that is associated with your lab machine to the vnet0 interface. Table 5-2 Lab Ethernet Address Assignments Assigned Machine machine1 machine2 machine3 machine4 machine5 machine6 Ethernet Address 08:00:20:ab:01:10 08:00:20:ab:01:20 08:00:20:ab:01:30 08:00:20:ab:01:40 08:00:20:ab:01:50 08:00:20:ab:01:60

primary# ldm add-vnet mac-addr=08:00:20:ab:01:40 vnet0 primary-vsw0 ldom1 Note that you must use the appropriate Ethernet address from Table 5-2 to JumpStart the logical domain later in this exercise. 9. Add a virtual disk named vdisk0 to the conguration of guest domain ldom1. Use the volume currently bound to virtual disk service vds0.

primary# ldm add-vdisk vdisk0 vol0@primary-vds0 ldom1

Exercise: Creating a Guest Logical Domain


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

5-11

Exercise Solutions The virtual disk (vdisk0) exported to guest domain ldom1 will be represented in the guest domains OpenBoot environment as device /virtual-devices@100/channel-devices@200/disk@0. You use the show-disks OpenBoot command to determine this device name. 10. Set the boot-device variable for guest domain ldom1 to /virtual-devices@100/channel-devices@200/disk@0. primary# ldm set-variable boot-device=/virtual-devices@100/channeldevices@200/disk@0 ldom1 11. Set the auto-boot variable for guest domain ldom1 to false. primary# ldm set-variable auto-boot\?=false ldom1 12. Bind all the resources you congured in this task to the guest domain ldom1. primary# ldm bind-domain ldom1 13. List the logical domains. primary# ldm list-domain NAME STATE FLAGS primary active -n-cv ldom1 bound ----CONS SP 5000 VCPU 4 4 MEMORY 2G 2G UTIL 0.2% UPTIME 6d 20h 4m

Note that ldom1 is currently is the bound state. 14. List the constraints for guest domain ldom1 in machine-readable format. primary# ldm list-constraints -p ldom1 VERSION 1.1 DOMAIN|name=ldom1 VCPU|count=4 MEMORY|size=2147483648 VARIABLES |auto-boot?=false |boot-device=/virtual-devices@100/channel-devices@200/disk@0 VNET|name=vnet0|dev=network@0|service=primary-vsw0|macaddr=08:00:20:ab:01:40 VDISK|name=vdisk0|vol=vo10@primary-vds0 VCONS 15. Create a backup conguration le named /var/tmp/ldom1.xml containing the constraints for guest domain ldom1 in XML format. primary# ldm list-constraints -x ldom1 > /var/tmp/ldom1.xml This XML-based le can be used to restore the logical domain (ldom1) conguration. For example, to restore the conguration for logical domain ldom1, you run the ldm bind-domain -i ldom1.xml command.banner

5-12

Sun Virtualization: Solaris 10 Logical Domains Administration


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Exercise Solutions 16. Start logical domain ldom1. primary# ldm start-domain ldom1 LDom ldom1 started 17. Generate a long list of all the logical domains in the system to verify your work. primary# ldm list-domain -l NAME STATE FLAGS primary active -n-cv SOFTSTATE Solaris running VCPU VID 0 1 2 3 MAU ID 0 CPUSET (0, 1, 2, 3) CONS SP VCPU 4 MEMORY 2G UTIL 0.3% UPTIME 6d 20h 57m

PID 0 1 2 3

UTIL STRAND 0.4% 100% 0.3% 100% 0.1% 100% 0.2% 100%

MEMORY RA 0x8000000

PA 0x8000000

SIZE 2G

VARIABLES boot-device=/pci@7c0/pci@0/pci@1/pci@0,2/LSILogic,sas@2/disk@0,0:a disk net keyboard-layout=US-English use-nvramrc?=true IO DEVICE pci@780 pci@7c0 VCC NAME primary-vcc0 VSW NAME primary-vsw0 MAC NET-DEV 00:14:4f:f9:66:6b e1000g0 DEVICE switch@0 MODE PORT-RANGE 5000-5100 PSEUDONYM bus_a bus_b OPTIONS

Exercise: Creating a Guest Logical Domain


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

5-13

Exercise Solutions

VDS NAME primary-vds0 VCONS NAME SP VOLUME vo10 OPTIONS DEVICE /dev/dsk/c1t1d0s2

SERVICE

PORT

----------------------------------------------------------------------------NAME STATE FLAGS CONS VCPU MEMORY UTIL UPTIME ldom1 active -t--5000 4 2G 25% 17s SOFTSTATE Openboot initializing VCPU VID 0 1 2 3

PID 8 9 10 11

UTIL STRAND 4.1% 100% 1.7% 100% 15% 100% 0.0% 100%

MEMORY RA 0x8000000

PA 0x88000000

SIZE 2G

VARIABLES auto-boot?=false boot-device=/virtual-devices@100/channel-devices@200/disk@0 NETWORK NAME vnet0 08:00:20:ab:01:40 DISK NAME vdisk0 VCONS NAME ldom1

SERVICE primary-vsw0@primary

DEVICE network@0

MAC

VOLUME vo10@primary-vds0

TOUT DEVICE disk@0

SERVER primary

SERVICE primary-vcc0@primary

PORT 5000

5-14

Sun Virtualization: Solaris 10 Logical Domains Administration


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Exercise Solutions

Task 2 Solutions
Perform the following steps: 1. 2. Verify you are logged in to the Sun Fire T2000 control domain as root. If not, log in at this time. Use the telnet command to open a virtual console to guest domain ldom1.

primary# telnet localhost 5000 ... {0} ok You can obtain the logical domain console port number from the Cons eld when running the ldm list-domain command. If you dont see the ok prompt, tap the Enter key. 3. Use the banner command to display the guest domain ldom1 OpenBoot banner. Note the Ethernet address. This must match the Ethernet address assigned to your lab machine in Table 5-1 on page Lab 5-3 to perform the JumpStart later in this task. {0} ok banner Sun Fire T200, No Keyboard Copyright 2008 Sun Microsystems, Inc. All rights reserved. OpenBoot 4.28.1, 2048 MB memory available, Serial #66756516. Ethernet address 8:0:20:ab:1:40, Host ID: 83ab0140. 4. {0} ok printenv Variable Name ttya-rts-dtr-off ttya-ignore-cd keyboard-layout reboot-command security-mode security-password security-#badlogins verbosity pci-mem64? diag-switch? local-mac-address? fcode-debug? Use the printenv command to display the OpenBoot environment variables. Value false true Default Value false true

none 0 min false false true false

No default No default No default min false false true false

Exercise: Creating a Guest Logical Domain


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

5-15

Exercise Solutions scsi-initiator-id oem-logo oem-logo? oem-banner oem-banner? ansi-terminal? screen-#columns screen-#rows ttya-mode output-device input-device auto-boot-on-error? load-base auto-boot? network-boot-arguments boot-command boot-file boot-device multipath-boot? boot-device-index use-nvramrc? nvramrc error-reset-recovery 7 false false true 80 34 9600,8,n,1,virtual-console virtual-console false 16384 false boot /virtual-devices@100/cha ... false 0 false boot 7 No default false No default false true 80 34 9600,8,n,1,virtual-console virtual-console false 16384 true boot disk net false 0 false boot

Are the boot-device and auto-boot variables congured as specied in Task 1? Yes. 5. Use the show-devs command to display the guest domain ldom1 devices. Type q to quit the command.

{0} ok show-devs /cpu@3 /cpu@2 /cpu@1 /cpu@0 /virtual-devices@100 /virtual-memory /memory@m0,8000000 /aliases /options /openprom /chosen /packages /virtual-devices@100/channel-devices@200 /virtual-devices@100/console@1 /virtual-devices@100/ncp@4 /virtual-devices@100/flashprom@0 /virtual-devices@100/channel-devices@200/disk@0

5-16

Sun Virtualization: Solaris 10 Logical Domains Administration


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Exercise Solutions /virtual-devices@100/channel-devices@200/network@0 /openprom/client-services /packages/obp-tftp /packages/kbd-translator /packages/SUNW,asr 6. Use the show-disks command to display the guest domain ldom1 disks. Type q to quit the command.

{0} ok show-disks a) /virtual-devices@100/channel-devices@200/disk@0 q) NO SELECTION Enter Selection, q to quit:q 7. Use the show-nets command to display the guest domain ldom1 network devices. Select the virtual network by typing the letter associated with it. Selecting the letter associated with the virtual network interface in the show-nets command stores the device path in memory buffer to be invoked later (next step) on the command-line by typing ^Y. {0} ok show-nets a) /virtual-devices@100/channel-devices@200/network@0 q) NO SELECTION Enter Selection, q to quit: a /virtual-devices@100/channel-devices@200/network@0 has been selected. Type ^Y ( Control-Y ) to insert it in the command line. e.g. ok nvalias mydev ^Y for creating devalias mydev for /virtualdevices@100/channel-devices@200/network@0 8. Create a device alias (nvalias) named vnet0. Use the network device name obtained in the previous step.

{0} ok nvalias vnet0 (press ^Y here) /virtual-devices@100/channeldevices@200/network@0 {0} ok devalias vnet0 /virtual-devices@100/channel-devices@200/network@0 vdisk0 /virtual-devices@100/channel-devices@200/disk@0 net /virtual-devices@100/channel-devices@200/network@0 disk /virtual-devices@100/channel-devices@200/disk@0 virtual-console /virtual-devices/console@1 name aliases 9. JumpStart the guest domain ldom1 using the vnet0 device alias.

Exercise: Creating a Guest Logical Domain


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

5-17

Exercise Solutions

Note Jumpstarting the Standard End User metacluster normally takes approximately 50 minutes to complete.

{0} ok boot vnet0 - install Boot device: /virtual-devices@100/channel-devices@200/network@0 File and args: - install Requesting Internet Address for 8:0:20:ab:1:40 ... whoami: no domain name Configuring devices. Using RPC Bootparams for network configuration information. Attempting to configure interface vnet0... Configured interface vnet0 ... Contact your instructor when the JumpStart begins to load the software packages. Note After the OS has been installed and the smf service descriptions have been loaded, the JumpStart operation will run a post installation script to set the root password to cangetin. This will cause the OS to reboot. After the OS has rebooted, you can log in as root with the password cangetin.

Task 3 Solutions
Perform the following steps: 1. 2. Verify you have an virtual console open to the guest domain ldom1. If not, open a console at this time. After the Solaris 10 5/08 operating system has been completely installed in the guest domain ldom1, log in to the OS as root. Use the password cangetin.

machine4_vnet0 console login: root Password: cangetin Jun 4 04:49:23 machine4_vnet0 login: ROOT LOGIN /dev/console Last login: Tue Jun 3 06:37:31 on console Sun Microsystems Inc. SunOS 5.10 Generic January 2005 Welcome to SA345LDOM_A on machine4_vnet0

5-18

Sun Virtualization: Solaris 10 Logical Domains Administration


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Exercise Solutions 3. Check the /etc/path_to_inst le to determine if the on-board network interfaces e1000g are present. Are the on-board network interfaces present? No. Why? The on-board network interfaces e1000g are not present in guest domain ldom1 because the PCI leaves A or B are not currently bound to ldom1. 4. Check /etc/path_to_inst to determine if the virtual network interfaces vnet are present.

guest# grep e1000g /etc/path_to_inst

guest# grep vnet /etc/path_to_inst "/virtual-devices@100/channel-devices@200/network@0" 0 "vnet" 5. Run the /usr/sbin/dladm show-link command to view network links available on the operating system. device: vnet0

guest# /usr/sbin/dladm show-link vnet0 type: non-vlan mtu: 1500 6. Verify the new IP conguration.

guest# ifconfig -a lo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1 inet 127.0.0.1 netmask ff000000 vnet0: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2 inet 192.168.100.43 netmask ffffff00 broadcast 192.168.100.255 ether 8:0:20:ab:1:40 7. Verify that guest domain ldom1 can access subnet 192.168.100.0. guest# ping -s 192.168.100.255 ... ^C You should see responses from other systems on subnet 192.168.100.0. 8. Use the psrinfo -vp command to determine how many virtual CPUs can be seen by the operating system.

guest# psrinfo -vp The physical processor has 4 virtual processors (0-3) UltraSPARC-T1 (cpuid 0 clock 1000 MHz) 9. Use the prtdiag command to determine how much memory can be seen by the operating system.

guest# prtdiag|grep Mem Memory size: 2048 Megabytes

Exercise: Creating a Guest Logical Domain


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

5-19

Exercise Solutions 10. Run the format command to determine which disks are available on the operating system. Be sure to view the partition table. guest# format Searching for disks...done AVAILABLE DISK SELECTIONS: 0. c0d0 <SUN72G cyl 14087 alt 2 hd 24 sec 424> /virtual-devices@100/channel-devices@200/disk@0 Specify disk (enter its number): 0 selecting c0d0 [disk unformatted] Warning: Current Disk has mounted partitions. /dev/dsk/c0d0s0 is currently mounted on /. Please see umount(1M). /dev/dsk/c0d0s1 is currently used by swap. Please see swap(1M). /dev/dsk/c0d0s7 is currently mounted on /export/home. Please see umount(1M). ... format> partition ... partition> print Current partition table (original): Total disk cylinders available: 14087 + 2 (reserved cylinders) Part Tag Flag 0 root wm 1 swap wu 2 backup wm 3 unassigned wm 4 unassigned wm 5 unassigned wm 6 unassigned wm 7 home wm partition> quit ... format> quit Cylinders 104 963 0 103 0 - 14086 0 0 0 0 964 - 14086 Size 4.17GB 516.75MB 68.35GB 0 0 0 0 63.68GB Blocks (860/0/0) 8751360 (104/0/0) 1058304 (14087/0/0)143349312 (0/0/0) 0 (0/0/0) 0 (0/0/0) 0 (0/0/0) 0 (13123/0/0) 133539648

Note the disk name c0d0. Virtual disk device names in a logical domain differ from physical disk device names in that they do not contain a target ID (tN) in the device name. Instead of the normal cNtNdNsN format, virtual disk device names are of the format cNdNsN, where cN is the virtual controller, dN is the virtual disk number, and sN is the slice.

5-20

Sun Virtualization: Solaris 10 Logical Domains Administration


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Lab 6

Exercise: Performing Advanced Logical Domain Tasks


Objectives
In this exercise, you will perform the following tasks:

Switch between control and guest domains Recongure logical domain virtual CPUs Recongure logical domain memory Create a split PCI conguration Use ZFS le systems as virtual disks Use a le as a virtual disk Remove and restore a guest domain Reset the system to the factory default conguration

Preparation
To prepare for this lab exercise:

Review the Preparation section in Lab 1. Review the hardware and software conguration information you gathered in Task 1 of Lab 1. Review the LDom services you congured in the previous exercise. When performing this exercise, use the following system login information. See your instructor if you need help. Control domain operating system:

Login name

root

6-1
Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Objectives

Login password Login name Login password

cangetin@sun

Guest domain operating system:


root cangetin

Note Examples shown in this exercise are from lab machine 4. The command responses shown in the Exercise Solutions on page Lab 6-16 are examples only. Depending upon your lab conguration, the responses to the commands in the labs might vary slightly.

Task 1 Switch Between Control and Guest Domains


To perform administrative tasks, you can switch from the guest domain to the control domain by using the ~. sequence. 1. 2. 3. Verify you are logged in to the guest domain ldom1 operating system as root using the virtual console. If not, open a console at this time. Use the character sequence to move back to the control domain. Log back to the guest domain.

6-2

Sun Virtualization: Solaris 10 Logical Domains Administration


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Objectives

Task 2 Reconfigure Logical Domain Virtual CPUs


Dynamic reconguration (DR) is the ability to add or remove resources while the operating system is running. In this task you use the logical domain management utility to dynamically add virtual CPUs to a guest domain. You then remove the virtual CPUs. See Figure 6-1.

Control Domain

Guest Domain

Hypervisor

vCPUs Resources
Figure 6-1 Dynamically Reconguring Guest Domain vCPUs

Perform the following steps: 1. 2. 3. 4. Verify you are logged in to the guest domain ldom1 operating system as root using the virtual console. If not, open a console at this time. Verify the Logical Domains dynamic reconguration daemon, drd, is running in the guest domain ldom1. Use the psrinfo -vp command to determine how many CPUs can be seen by the operating system. List all the Sun Fire T2000 server resources. Are there sufcient resources available to allocate a total of eight virtual CPUs to the guest domain ldom1? ____ 5. 6. 7. 8. 9. Allocate a total of eight virtual CPUs to guest domain ldom1. List the bindings of guest domain ldom1. Use the telnet command to open a virtual console to guest domain ldom1. Log in as root. Use the psrinfo -vp command to determine how many virtual CPUs can be seen by the operating system. Move back to the control domain.

Exercise: Performing Advanced Logical Domain Tasks


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

6-3

Objectives 10. Remove four vCPUs from guest domain ldom1. 11. Use the telnet command to open a virtual console to guest domain ldom1. Log in as root. 12. Use the psrinfo -vp command to determine how many CPUs can be seen by the operating system.

Task 3 Reconfigure Logical Domain Memory


The Solaris 10 operating system does not support dynamic reconguration of system memory in logical domains. Instead, changes to logical domain memory is handled as a delayed reconguration operation. Delayed reconguration operations take effect after the next reboot of the operating system or stop and start of the logical domain if no operating system is running. In this task you use the logical domain management utility to add memory to and remove memory from a guest domain as a delayed reconguration operation. See Figure 6-2.

Control Domain

Guest Domain

Hypervisor

memory Resources
Figure 6-2 Guest Domain Delayed Memory Reconguration

Perform the following steps: 1. 2. 3. 4. Verify you are logged in to the guest domain ldom1 operating system as root using the virtual console. If not, log in at this time. Use the prtdiag command to determine how much memory can be seen by the operating system. Move to the control domain. List all the Sun Fire T2000 server resources.

6-4

Sun Virtualization: Solaris 10 Logical Domains Administration


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Objectives Are there sufcient resources available to allocate a total of four gigabytes of memory to the guest domain ldom1? ______ 5. 6. 7. 8. 9. Allocate four gigabytes of memory to guest domain ldom1. List the bindings of guest domain ldom1. Note that the guest domain has the delayed ag set. Use the telnet command to open a virtual console to guest domain ldom1. Log in as root. Use the prtdiag command to determine how much memory can be seen by the operating system. Reboot the guest domain ldom1 operating system and log back in as root.

10. Use the prtdiag command to verify that the new system memory can be seen by the operating system. 11. Return to the control domain. 12. Remove two gigabytes of memory from guest domain ldom1. 13. Use the telnet command to open a virtual console to guest domain ldom1. Log in as root. 14. Reboot the guest domain ldom1 operating system. 15. Move back to the control domain.

Exercise: Performing Advanced Logical Domain Tasks


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

6-5

Objectives

Task 4 Create a Split PCI Configuration


The PCIe bus on a supported server consists of two ports (leaves) with various leaf devices attached to them. These are identied on a server with the names pci@780 (bus_a) and pci@7c0 (bus_b). In a multidomain environment, the PCIe bus can be programmed to assign each leaf to a separate domain using the Logical Domains Manager. Thus, you can enable more than one domain with direct access to physical devices instead of using I/O virtualization. In this task you use the logical domain management utility to split the PCI bus such that the control (primary) maintains access to network and disk devices attached to PCI bus pci@7c0 (bus_b). You then bind PCI bus pci@780 (bus_a) to the guest domain ldom1. Finally, you congure the guest domain physical network interface to provide direct access to the network. See Figure 6-3.

Control/Service Domain

Guest Service/IO Domain

Hypervisor pci@7c0 Resources


Figure 6-3 Split PCI Conguration

pci@780

Perform the following steps: 1. 2. 3. 4. Verify that you are logged in to the control domain as root. If not, log in at this time. List the primary domains current bindings to determine PCI bus ownership. Determine which disk is being used as the boot disk. Determine the physical device to which the boot disk is linked. On which PCI leaf is the control domain boot disk located? ________

6-6

Sun Virtualization: Solaris 10 Logical Domains Administration


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Objectives 5. Determine which network interfaces are currently used (direct I/O and virtual service) by the control domain operating system. Which network interface are currently being used by the control domain? _______ 6. Check /etc/path_to_inst to determine the physical path of the onboard network interfaces currently in use.

Note The device pathing information shown in the examples is from a Sun Fire T2000 Server with 2 CPUs and 4 Gbytes of memory. The device pathing information may differ based on the server systems disks. Based on the information gathered in Step 2 through Step 6, can PCI bus pci@780 (bus_a) be removed from the control domain without reconguring the current disks and network interfaces? 7. To recongure virtual switch vsw0, run the ldm set-vswitch command. Replace network interface e1000g0 with e1000g2 on PCI bus pci@7c0. Reboot the service domain. Log back in as root. If the system enters the OpenBoot environment, run the boot -r command to force the control domain to re-examine its bound devices. 9. Verify that the virtual switch service has been updated. 10. Open a virtual console to guest domain ldom1. Log in as root. 11. Reboot guest domain ldom1. Log back in as root. 12. Use the ping command to verify that you have access to subnet 192.168.100.0. 13. Move back to the control domain. 14. Remove the PCI leaf pci@780 (bus_a) from the control domain. 15. Save the split conguration to the system controller. Name this conguration config_split. 16. List the congurations stored on the system controller. 17. Move to the system controller and reset the control domain so that the next conguration takes effect. 18. Open a console of the control domain. 19. Log in to the primary domain as root.

8.

Exercise: Performing Advanced Logical Domain Tasks


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

6-7

Objectives 20. List the congurations on the system controller to verify that config_split is current. 21. Verify that PCI leaf a (pci@780) is not bound to the control domain. 22. Add the PCI leaf pci@780 to guest domain ldom1. 23. Verify that PCI leaf a (pci@780) is bond to guest domain ldom1. 24. Use the telnet command to open a virtual console to guest domain ldom1. If the guest domain ldom1 is in the OpenBoot environment, run the boot command. After Solaris is completely booted, log in as root. If the guest domain ldom1 has already booted Solaris, log in as root. 25. Run the grep e1000g /etc/path_to_inst command to identify the network devices that currently can be seen the guest domain ldom1 operating system. If network interfaces e1000g0 and e1000g1 are not present, reboot the guest domain ldom1. Log in as root. Run the grep e1000g /etc/path_to_inst command to verify that Solaris can now see the devices on PCI leaf A. 26. Plumb the rst network interface attached to PCI leaf pci@780 (e1000g0). 27. Manually congure the IP addressing information for network interface e1000g0. Use the IP information for your lab machine in the /etc/host le. Look for the entry with the comment # Interfaces e1000g0. 28. Verify the operating system can access the 192.168.100.0 network. 29. Return to the control domain.

Task 5 Use a File as a Virtual Disk


You can export a disk image le directly using the virtual disk service. The le is exported as a raw disk by the virtual disk server and can be used as an installation disk by the Solaris OS installer on the guest domain.

6-8

Sun Virtualization: Solaris 10 Logical Domains Administration


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Objectives In this task, you create a disk image le, export it to the guest domain, and create a le system on it. Then you remove it from the system. See Figure 6-4.

Service Domain
vds0 vol1 vdisk1

Guest Domain

c0d1s0

S10U3-5g.img

c1t0d0s0

Hypervisor Resources

/pci@7c0/../sd@0,0

Internal Disk 0

Figure 6-4

Exporting an Image File to the Guest Domain

Perform the following steps: 1. 2. 3. 4. 5. Verify that you are logged in to the control domain as root. If not, log in at this time. Create a directory named /ldoms/images. This directory will be used to stored the disk image file. Use the following command to create a disk image. Add a virtual disk service device to virtual disk service vds0 using the /ldoms/images/S10U5-5g.img le. Name this device vol1. Export the virtual disk vol1 to guest domain ldom1 using the add-vdisk subcommand. Name the virtual disk vdisk1.

# /usr/sbin/mkfile 5G /ldoms/disk-images/S10U5-5g.img

Exercise: Performing Advanced Logical Domain Tasks


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

6-9

Objectives 6. 7. 8. 9. Use the telnet command to open a virtual console to guest domain ldom1. Log in as root. Reboot the guest domain ldom1. Log back in as root. List the contents of the /dev/rdsk directory to determine the currently congured raw devices. Run the devfsadm -v command to create the new special le for the virtual disk. List the /dev/rdsk directory to determine the name of the raw device associated with the new virtual disk.

10. Run the format command to view the new virtual disk. Display the partition table. 11. Use the newfs command to create a le system on raw device c0d1s0. 12. Mount the new le system as /mnt. 13. Run the df -h /mnt command to verify the new le system conguration. 14. Unmount /mnt. 15. Return to the control domain. 16. Remove virtual disk vdisk1 from guest domain ldom1. 17. Use the telnet command to open a virtual console to guest domain ldom1. Log in as root. 18. Reboot the guest domain operating system. 19. After ldom1 is rebooted, return to the control domain. 20. Remove virtual disk device vol1 from the service domain. 21. Verify the conguration change by listing the guest domain ldom1 bindings and primary domain services.

Task 6 Export a ZFS File System as a Virtual Disk


The Solaris ZFS les system is a revolutionary new le system that fundamentally changes the way le systems are administered, with features and benets not found in any other le system available today. ZFS has been designed to be robust, scalable, and simple to administer.

6-10

Sun Virtualization: Solaris 10 Logical Domains Administration


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Objectives In this task you create a ZFS volume in the control domain and make that volume available to a guest domains as a virtual disk. See Figure 6-5.

Service Domain
vds0 zvol zvdisk

Guest Domain

c0d1s0

tank1/vol1

c1t2d0

Hypervisor Resources

/pci@7c0/../sd@2,0

Internal Disk 2

Figure 6-5

Exporting a ZFS Volume to the Guest Domain

Perform the following steps: 1. 2. Verify that you are logged in to the control domain as root. If not, log in at this time. Run the following command to create a ZFS storage pool using the remaining used disk (c1t2d0) on the control domain. Run the following command to create a 500 megabyte ZFS volume named vol1. Run the following command to verify that the zpool (tank1) and ZFS volume (tank1/vol1) have been created.

# zpool create -f tank1 c1t2d0 3.

# zfs create -V 500m tank1/vol1 4.

Exercise: Performing Advanced Logical Domain Tasks


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

6-11

Objectives # zfs list NAME tank1 tank1/vol1 5. 6. 7. 8. 9.

USED 500M 22.5K

AVAIL 66.4G 66.9G

REFER 24.5K 22.5K

MOUNTPOINT /tank1 -

Add the /dev/zvol/rdsk/tank1/vol1 device to the control domain virtual disk service. Name the virtual disk device zvol. Export the disk zvol to guest domain ldom1 using the add-vdisk subcommand. Name the virtual disk zvdisk. Use the telnet command to open a virtual console to guest domain ldom1. Log in as root. Reboot the guest domain operating system. Login as root. List the contents of the /dev/rdsk directory to determine the currently congured raw devices.

10. Run the devfsadm -v command to create the new special le for the ZFS le system. List the /dev/rdsk directory to determine the name of the raw device associated with the ZFS volume. 11. Use the newfs command to create a le system on the new ZFS virtual disk. 12. Mount the new ZFS le system as /mnt. 13. Run the df -h /mnt command to verify the ZFS le system conguration. 14. Unmount the ZFS le system. 15. Return to the control domain. 16. Remove virtual disk zvdisk from guest domain ldom1. 17. Use the telnet command to open a virtual console to guest domain ldom1. Log in as root. 18. Reboot the guest domain operating system. 19. After ldom1 has rebooted, return to the control domain. 20. Remove virtual disk device zvol from the virtual disk service. 21. Verify the conguration change by listing the guest domain ldom1 bindings and primary domain services. 22. Run the following commands to destroy the ZFS pool tank1. primary# zpool destroy -f tank1 primary# zfs list no datasets available

6-12

Sun Virtualization: Solaris 10 Logical Domains Administration


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Objectives

Task 7 Remove and Restore a Guest Logical Domain


In this task you stop, unbind resources, and remove the guest logical domains. After the logical domain is removed, you restore it from a backup conguration le. Perform the following steps: 1. 2. 3. 4. 5. 6. 7. 8. 9. Verify that you are logged in to the control domain as root. If not, log in at this time. List the logical domains currently congured on the system. Stop the guest domain ldom1. Release (unbind) all the resources attached to the guest domain ldom1. Remove the guest domain ldom1. List the logical domains currently congured on the system. Restore the guest domain ldom1 conguration from the XML le you previously stored in the /var/tmp directory. List the guest domain ldom1 bound resources. Use the telnet command to open a virtual console to guest domain ldom1.

10. Boot guest domain ldom1 so that the change takes effect. Log in to the guest domain ldom1 as root. 11. Verify that the bound resources are available to the guest domain ldom1 operation system. 12. Return to the control domain.

Task 8 Reset the System to the Factory Default Configuration


In this task you remove the guest domain ldom1 and reset the primary domain back to the factory fault conguration. Then you remove the userdened conguration les stored on the system controller. Perform the following steps: 1. Verify that you are logged in to the control domain as root. If not, log in at this time.

Exercise: Performing Advanced Logical Domain Tasks


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

6-13

Objectives 2. 3. 4. 5. 6. 7. 8. 9. Remove guest domain ldom1. List the logical domains currently congured on the system. List the logical domain conguration les stored on the system controller. Set the next logical domain conguration to factory-default. Disable the vntsd service. Shutdown the control domain operating system. Move to the system controller and reset the system. After the system has reset, open a console of the control domain.

10. Log in to the primary domain as root. 11. List the logical domain conguration les stored on the system controller. 12. Remove all the user-dened conguration les stored on the system controller. 13. List the logical domain conguration les stored on the system controller. 14. Generate a long list of the primary domain to verify that it has returned to the factory default state.

6-14

Sun Virtualization: Solaris 10 Logical Domains Administration


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Exercise Summary

Exercise Summary
Discussion Take a few minutes to discuss the experiences, issues, or discoveries you had during the lab exercise.

!
?

Experiences Interpretations Conclusions Applications

Exercise: Performing Advanced Logical Domain Tasks


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

6-15

Exercise Solutions

Exercise Solutions
This section provides the answers to the exercise tasks.

Task 1 Solutions
Perform the following steps. 1. 2. Verify you are logged in to the guest domain ldom1 operating system as root using the virtual console. If not, open a console at this time. Move back to the control domain.

guest# ~. Connection to localhost closed by foreign host. 3. Log back to the guest domain. primary# telnet localhost 5000 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. Connecting to console "ldom1" in group "ldom1" .... Press ~? for control options ..

Task 2 Solutions
Perform the following steps: 1. 2. Verify you are logged in to the guest domain ldom1 operating system as root using the virtual console. If not, open a console at this time. Verify the Logical Domains dynamic reconguration daemon, drd, is running in the guest domain ldom1.

guest# svcs -a |grep drd online 5:53:36 svc:/platform/sun4v/drd:default 3. Use the psrinfo -vp command to determine how many CPUs can be seen by the operating system.

guest# psrinfo -vp The physical processor has 4 virtual processors (0-3) UltraSPARC-T1 (cpuid 0 clock 1000 MHz) 4. guest# ~. Move to the control domain.

6-16

Sun Virtualization: Solaris 10 Logical Domains Administration


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Exercise Solutions Connection to localhost closed by foreign host. 5. List all the Sun Fire T2000 server resources. primary# ldm list-devices -a VCPU PID %FREE 0 0 1 0 2 0 3 0 8 0 9 0 10 0 11 0 12 100 13 100 14 100 15 100 16 100 17 100 18 100 19 100 20 100 21 100 22 100 23 100 24 100 25 100 26 100 27 100 MAU ID 0 1 2 3 4 5 CPUSET (0, 1, 2, 3) (8, 9, 10, 11) (12, 13, 14, 15) (16, 17, 18, 19) (20, 21, 22, 23) (24, 25, 26, 27) BOUND primary

MEMORY PA 0x0 0x80000 0x200000 0x4000000

SIZE 512K 1536K 62M 64M

BOUND _sys_ _sys_ _sys_ _sys_

Exercise: Performing Advanced Logical Domain Tasks


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

6-17

Exercise Solutions 0x8000000 0x88000000 0x108000000 IO DEVICE pci@780 pci@7c0 PSEUDONYM bus_a bus_b BOUND yes yes OPTIONS 2G 2G 3968M primary ldom1

Are there sufcient resources available to allocate a total of eight virtual CPUs to the guest domain ldom1? Yes. 6. Allocate a total of eight virtual CPUs to guest domain ldom1. or primary# ldm add-vcpu 4 ldom1 7. List the bindings of guest domain ldom1. VCPU 8 MEMORY 2G UTIL 51% UPTIME 23h 23m primary# ldm list-bindings ldom1 NAME STATE FLAGS CONS ldom1 active -n--5000 MAC 00:14:4f:f9:b6:8d VCPU VID 0 1 2 3 4 5 6 7 primary# ldm set-vcpu 8 ldom1

PID 8 9 10 11 12 13 14 15

UTIL STRAND 0.4% 100% 0.2% 100% 0.1% 100% 0.1% 100% 2.9% 100% 2.3% 100% 2.9% 100% 3.7% 100%

MEMORY RA 0x8000000

PA 0x88000000

SIZE 2G

VARIABLES auto-boot?=false boot-device=/virtual-devices@100/channel-devices@200/disk@0 keyboard-layout=US-English nvramrc=devalias vnet0 /virtual-devices@100/channeldevices@200/network@0

6-18

Sun Virtualization: Solaris 10 Logical Domains Administration


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Exercise Solutions

use-nvramrc?=true NETWORK NAME SERVICE DEVICE vnet0 primary-vsw0@primary network@0 08:00:20:ab:01:40 PEER MAC primary-vsw0@primary 00:14:4f:fa:9f:a4 DISK NAME vdisk0 VCONS NAME ldom1 8.

MAC

VOLUME vo10@primary-vds0

TOUT DEVICE disk@0

SERVER primary

SERVICE primary-vcc0@primary

PORT 5000

Use the telnet command to open a virtual console to guest domain ldom1. Log in as root.

primary# telnet localhost 5000 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. Connecting to console "ldom1" in group "ldom1" .... Press ~? for control options .. You might have to press the Return key to get the login prompt to be displayed. machine4_vnet0 console login: root Password: cangetin Last login: Wed Jun 4 05:05:46 on console Sun Microsystems Inc. SunOS 5.10 Generic January 2005 Welcome to SA345LDOM_A on machine4_vnet0 9. Use the psrinfo -vp command to determine how many virtual CPUs can be seen by the operating system.

guest# psrinfo -vp The physical processor has 8 virtual processors (0-7) UltraSPARC-T1 (cpuid 0 clock 1000 MHz) 10. Move back to the control domain. guest# ~. Connection to localhost closed by foreign host.

Exercise: Performing Advanced Logical Domain Tasks


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

6-19

Exercise Solutions 11. Remove four vCPUs from guest domain ldom1. primary# ldm remove-vcpu 4 ldom1 or primary# ldm set-vcpu 4 ldom1 12. Use the telnet command to open a virtual console to guest domain ldom1. Log in as root. primary# telnet localhost 5000 ... machine4_vnet0 console login: root Password: cangetin Last login: Wed Jun 4 05:09:11 on console Sun Microsystems Inc. SunOS 5.10 Generic January 2005 Welcome to SA345LDOM_A on machine4_vnet0 13. Use the psrinfo -vp command to determine how many CPUs can be seen by the operating system. guest# psrinfo -vp The physical processor has 4 virtual processors (0-3) UltraSPARC-T1 (cpuid 0 clock 1000 MHz)

Task 3 Solutions
Perform the following steps: 1. 2. Verify you are logged in to the guest domain ldom1 operating system as root using the virtual console. If not, log in at this time. Use the prtdiag command to determine how much memory can be seen by the operating system.

guest# prtdiag|grep Mem Memory size: 2048 Megabytes 3. Move to the control domain. guest# ~. Connection to localhost closed by foreign host. 4. List all the Sun Fire T2000 server resources. primary# ldm list-devices -a VCPU PID %FREE 0 0 1 0 2 0 3 0

6-20

Sun Virtualization: Solaris 10 Logical Domains Administration


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Exercise Solutions 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 MAU ID 0 1 2 3 4 5 CPUSET (0, 1, 2, 3) (8, 9, 10, 11) (12, 13, 14, 15) (16, 17, 18, 19) (20, 21, 22, 23) (24, 25, 26, 27) BOUND primary 0 0 0 0 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100 100

MEMORY PA 0x0 0x80000 0x200000 0x4000000 0x8000000 0x88000000 0x108000000 IO DEVICE pci@780 pci@7c0

SIZE 512K 1536K 62M 64M 2G 2G 3968M

BOUND _sys_ _sys_ _sys_ _sys_ primary ldom1

PSEUDONYM bus_a bus_b

BOUND yes yes

OPTIONS

Exercise: Performing Advanced Logical Domain Tasks


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

6-21

Exercise Solutions Are there sufcient resources available to allocate a total of four gigabytes of memory to the guest domain ldom1? Yes. 5. Allocate four gigabytes of memory to guest domain ldom1. primary# ldm set-memory 4G ldom1 Initiating delayed reconfigure operation on LDom ldom1. All configuration changes for other LDoms are disabled until the LDom reboots, at which time the new configuration for LDom ldom1 will also take effect. or primary# ldm add-memory 2G ldom1 Initiating delayed reconfigure operation on LDom ldom1. All configuration changes for other LDoms are disabled until the LDom reboots, at which time the new configuration for LDom ldom1 will also take effect. 6. List the bindings of guest domain ldom1. Note that the guest domain has the delayed ag set. VCPU 4 MEMORY 4G UTIL 0.2% UPTIME 1h 25m

primary# ldm list-bindings ldom1 NAME STATE FLAGS CONS ldom1 active -nd-5000 MAC 00:14:4f:f9:b6:8d VCPU VID 0 1 2 3

PID 8 9 10 11

UTIL STRAND 0.3% 100% 0.1% 100% 0.0% 100% 0.2% 100%

MEMORY RA 0x8000000

PA 0x88000000

SIZE 4G

VARIABLES auto-boot?=false boot-device=/virtual-devices@100/channel-devices@200/disk@0 keyboard-layout=US-English nvramrc=devalias vnet0 /virtual-devices@100/channeldevices@200/network@0 use-nvramrc?=true NETWORK

6-22

Sun Virtualization: Solaris 10 Logical Domains Administration


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Exercise Solutions NAME SERVICE DEVICE vnet0 primary-vsw0@primary network@0 08:00:20:ab:01:40 PEER MAC primary-vsw0@primary 00:14:4f:fa:9f:a4 DISK NAME vdisk0 VCONS NAME ldom1 7. MAC

VOLUME vo10@primary-vds0

TOUT DEVICE disk@0

SERVER primary

SERVICE primary-vcc0@primary

PORT 5000

Use the telnet command to open a virtual console to guest domain ldom1. Log in as root.

# telnet localhost 5000 ... machine4-vnet0 console login: root Password: cangetin ... 8. Use the prtdiag command to determine how much memory can be seen by the operating system.

guest# prtdiag|grep Mem Memory size: 2048 Megabytes 9. Reboot the guest domain ldom1 operating system and log back in as root.

guest# shutdown -i6 -g0 -y ... machine4_vnet0 console login: root Password: cangetin Jun 5 05:11:59 machine4_vnet0 login: ROOT LOGIN /dev/console Last login: Thu Jun 5 05:09:22 on console Sun Microsystems Inc. SunOS 5.10 Generic January 2005 Welcome to SA345LDOM_A on machine4_vnet0 10. Use the prtdiag command to verify that the new system memory can be seen by the operating system. guest# prtdiag|grep Mem Memory size: 4096 Megabytes 11. Return to the control domain. guest# ~. Connection to localhost closed by foreign host. 12. Remove two gigabytes of memory from guest domain ldom1.

Exercise: Performing Advanced Logical Domain Tasks


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

6-23

Exercise Solutions primary# ldm remove-memory 2G ldom1 Initiating delayed reconfigure operation on LDom ldom1. All configuration changes for other LDoms are disabled until the LDom reboots, at which time the new configuration for LDom ldom1 will also take effect. 13. Use the telnet command to open a virtual console to guest domain ldom1. Log in as root. primary# telnet localhost 5000 ... machine4_vnet0 console login: root Password: cangetin Last login: Wed Jun 4 05:12:22 on console Sun Microsystems Inc. SunOS 5.10 Generic January 2005 Welcome to SA345LDOM_A on machine4_vnet0 14. Reboot the guest domain ldom1 operating system. guest# shutdown -i6 -g0 -y ... 15. After ldom1 has rebooted, return to the control domain. ~. Connection to localhost closed by foreign host.

Task 4 Solutions
Perform the following steps: 1. 2. Verify that you are logged in to the control domain as root. If not, log in at this time. List the primary domains current bindings to determine PCI bus ownership.

primary# ldm list-bindings primary NAME primary MAC 00:14:4f:02:57:4c VCPU VID 0 1 STATE active FLAGS -n-cv CONS SP VCPU 4 MEMORY 2G UTIL 0.2% UPTIME 1h 44m

PID 0 1

UTIL STRAND 0.3% 100% 0.2% 100%

6-24

Sun Virtualization: Solaris 10 Logical Domains Administration


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Exercise Solutions 2 3 MAU ID 0 CPUSET (0, 1, 2, 3) 2 3 0.2% 0.2% 100% 100%

MEMORY RA 0x8000000 IO DEVICE pci@780 pci@7c0 VCC

PA 0x8000000

SIZE 2G

PSEUDONYM bus_a bus_b

OPTIONS

NAME PORT-RANGE primary-vcc0 5000-5100 CLIENT ldom1@primary-vcc0 VSW NAME primary-vsw0 PEER vnet0@ldom1 VDS NAME VOLUME primary-vds0 vo10 CLIENT vdisk0@ldom1 VCONS NAME SP

PORT 5000

MAC NET-DEV DEVICE 00:14:4f:fa:9f:a4 e1000g0 switch@0 MAC 08:00:20:ab:01:40

MODE

OPTIONS VOLUME vo10

DEVICE /dev/dsk/c1t1d0s2

SERVICE

PORT

Note that pci@780 (bus_a) and pci@7c0 (bus_b) are currently bound to the primary domain. 3. primary# df / / 4. Determine which disk is being used as the boot disk. (/dev/dsk/c1t0d0s0 ):131988520 blocks 8267434 files

Determine the physical device to which the boot disk is linked.

primary# ls -l /dev/dsk/c1t0d0s0

Exercise: Performing Advanced Logical Domain Tasks


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

6-25

Exercise Solutions lrwxrwxrwx 1 root root 65 May 5 11:12 /dev/dsk/c1t0d0s0 > ../../devices/pci@7c0/pci@0/pci@1/pci@0,2/LSILogic,sas@2/sd@0,0:a On which PCI leaf is the control domain boot disk located? PCI leaf B. 5. Determine which network interfaces are currently used (direct I/O and virtual service) by the control domain operating system.

primary# ifconfig -a lo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1 inet 127.0.0.1 netmask ff000000 vsw0: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2 inet 192.168.100.104 netmask ffffff00 broadcast 192.168.100.255 ether 0:14:4f:1d:e9:b6 primary# ldm list-services VCC NAME PORT-RANGE primary-vcc0 5000-5100 VSW NAME primary-vsw0 VDS NAME primary-vds0 VOLUME vo10 OPTIONS DEVICE /dev/dsk/c1t1d0s2 MAC NET-DEV 00:14:4f:fa:9f:a4 e1000g0 DEVICE switch@0 MODE

Which network interface is currently being used by the control domain? e1000g0 6. Check /etc/path_to_inst to determine the physical path of the onboard network interfaces currently in use.

primary# grep e1000g /etc/path_to_inst "/pci@780/pci@0/pci@1/network@0" 0 "e1000g" "/pci@780/pci@0/pci@1/network@0,1" 1 "e1000g" "/pci@7c0/pci@0/pci@2/network@0" 2 "e1000g" "/pci@7c0/pci@0/pci@2/network@0,1" 3 "e1000g" Based on the information gathered in Step 2 through Step 6, can PCI bus pci@780 (bus_a) be removed from the control domain without reconguring the current disks and network interfaces? No. Physical network interface e1000g0 (mapped to vsw0) is attached to PCI bus pc1@780. PCI bus pc1@780 is currently bound to the control domain.

6-26

Sun Virtualization: Solaris 10 Logical Domains Administration


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Exercise Solutions 7. To recongure virtual switch vsw0, run the ldm set-vswitch command. Replace network interface e1000g0 with e1000g2 on PCI bus pci@7c0. Reboot the service domain. Log back in as root.

primary# ldm set-vswitch net-dev=e1000g2 primary-vsw0 8. primary# shutdown -i6 -g0 -y ... console login: root Password: cangetin@sun ... If the system enters the OpenBoot environment, run the boot -r command to force the control domain to re-examine its bound devices. 9. Verify that the virtual switch service has been updated. primary# ldm list-services VCC NAME PORT-RANGE primary-vcc0 5000-5100 VSW NAME primary-vsw0 VDS NAME primary-vds0 VOLUME vo10 OPTIONS DEVICE /dev/dsk/c1t1d0s2 MAC NET-DEV 00:14:4f:fa:9f:a4 e1000g2 DEVICE switch@0 MODE

10. Open a virtual console to guest domain ldom1. Log in as root. primary# telnet localhost 5000 .... ... machine4-vnet0 console login: root Password: cangetin Jun 5 05:41:54 machine4_vnet0 login: ROOT LOGIN /dev/console Last login: Thu Jun 5 05:40:01 on console Sun Microsystems Inc. SunOS 5.10 Generic January 2005 Welcome to SA345LDOM_A on machine4_vnet0 11. Reboot guest domain ldom1. Log back in as root. guest# shutdown -i6 -g0 -y ... machine4-vnet0 console login: root Password: cangetin Jun 5 05:41:54 machine4_vnet0 login: ROOT LOGIN /dev/console

Exercise: Performing Advanced Logical Domain Tasks


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

6-27

Exercise Solutions Last login: Thu Jun 5 05:44:01 on console Sun Microsystems Inc. SunOS 5.10 Generic January 2005 Welcome to SA345LDOM_A on machine4_vnet0 12. Use the ping command to verify that you have access to subnet 192.168.100.0. guest# ping -s 192.168.100.255 .... ^C 13. Move back to the control domain. guest# ~. 14. Remove the PCI leaf pci@780 (bus_a) from the control domain. primary# ldm remove-io pci@780 primary Initiating delayed reconfigure operation on LDom primary. All configuration changes for other LDoms are disabled until the LDom reboots, at which time the new configuration for LDom primary will also take effect. 15. Save the split conguration to the system controller. Name this conguration config_split. primary# ldm add-spconfig config_split 16. List the congurations stored on the system controller. primary# ldm list-spconfig factory-default config_initial [current] config_split [next] 17. Move to the system controller and reset the control domain so that the next conguration takes effect. primary# #. sc> reset Are you sure you want to reset the system [y/n]? sc> SC Alert: SC Request to Reset Host. SC Alert: Host System has Reset SC Alert: Host system has shut down. Press the Return key to get the sc> prompt back. 18. Open a console of the control domain. sc> console -f Enter #. to return to ALOM. ...

6-28

Sun Virtualization: Solaris 10 Logical Domains Administration


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Exercise Solutions Press the return key to get the prompt back. You might have to wait a few minutes for the login prompt to appear. If the system has entered the OpenBoot environment, run the boot command to boot the OS. 19. Log in to the primary domain as root. console login: root Password: cangetin@sun ... 20. List the congurations on the system controller to verify that config_split is current. primary# ldm list-config factory-default config_initial config_split [current] 21. Verify that PCI leaf a (pci@780) is not bound to the control domain. primary# ldm list-bindings primary NAME STATE FLAGS CONS primary active -n-cv SP MAC 00:14:4f:02:57:4c VCPU VID 0 1 2 3 MAU ID 0 CPUSET (0, 1, 2, 3) VCPU 4 MEMORY 2G UTIL 12% UPTIME 7m

PID 0 1 2 3

UTIL STRAND 34% 100% 4.8% 100% 4.7% 100% 5.5% 100%

MEMORY RA 0x8000000 IO DEVICE pci@7c0 VCC NAME primary-vcc0 CLIENT

PA 0x8000000

SIZE 2G

PSEUDONYM bus_b

OPTIONS

PORT-RANGE 5000-5100 PORT

Exercise: Performing Advanced Logical Domain Tasks


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

6-29

Exercise Solutions ldom1@primary-vcc0 VSW NAME primary-vsw0 PEER vnet0@ldom1 VDS NAME VOLUME primary-vds0 vo10 CLIENT vdisk0@ldom1 VCONS NAME SP OPTIONS VOLUME vo10 DEVICE /dev/dsk/c1t1d0s2 MAC NET-DEV DEVICE 00:14:4f:fa:9f:a4 e1000g2 switch@0 MAC 08:00:20:ab:01:40 MODE 5000

SERVICE

PORT

22. Add the PCI leaf pci@780 to guest domain ldom1. primary# ldm add-io pci@780 ldom1 Initiating delayed reconfigure operation on LDom ldom1. All configuration changes for other LDoms are disabled until the LDom reboots, at which time the new configuration for LDom ldom1 will also take effect. Note that this operation will turn the ldom1 domain in to a direct I/O domain. 23. Verify that PCI leaf a (pci@780) is bond to guest domain ldom1. primary# ldm list-bindings ldom1 NAME STATE FLAGS CONS ldom1 active -td-5000 MAC 00:14:4f:f9:b6:8d VCPU VID 0 1 2 3 VCPU 4 MEMORY 2G UTIL 25% UPTIME 9m

PID 8 9 10 11

UTIL STRAND 0.3% 100% 0.1% 100% 0.1% 100% 0.1% 100%

MEMORY RA 0x8000000

PA 0x88000000

SIZE 2G

6-30

Sun Virtualization: Solaris 10 Logical Domains Administration


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Exercise Solutions VARIABLES auto-boot?=false boot-device=/virtual-devices@100/channel-devices@200/disk@0 keyboard-layout=US-English nvramrc=devalias vnet0 /virtual-devices@100/channeldevices@200/network@0 use-nvramrc?=true IO DEVICE pci@780 PSEUDONYM bus_a OPTIONS

NETWORK NAME SERVICE DEVICE vnet0 primary-vsw0@primary network@0 08:00:20:ab:01:40 PEER MAC primary-vsw0@primary 00:14:4f:fa:9f:a4 DISK NAME vdisk0 VCONS NAME ldom1

MAC

VOLUME vo10@primary-vds0

TOUT DEVICE disk@0

SERVER primary

SERVICE primary-vcc0@primary

PORT 5000

24. Use the telnet command to open a virtual console to guest domain ldom1. If the guest domain ldom1 is in the OpenBoot environment, run the boot command. After Solaris is completely booted, log in as root. primary# telnet localhost 5000 ... {0} ok reset-all {0} ok boot ... machine4-vnet0 console login: root Password: cangetin ... If the guest domain ldom1 has already booted Solaris, log in as root. machine4-vnet0 console login: root Password: cangetin ...

Exercise: Performing Advanced Logical Domain Tasks


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

6-31

Exercise Solutions 25. Run the grep e1000g /etc/path_to_inst command to identify the network devices that currently can be seen the guest domain ldom1 operating system. If network interfaces e1000g0 and e1000g1 are not present, reboot the guest domain ldom1. Log in as root. Run the grep e1000g /etc/path_to_inst command to verify that Solaris can now see the devices on PCI leaf A. guest# grep e1000g /etc/path_to_inst guest# shutdown -i6 -g0 -y ... machine4-vnet0 console login: root Password: cangetin ... guest# grep e1000g /etc/path_to_inst "/pci@780/pci@0/pci@1/network@0" 0 "e1000g" "/pci@780/pci@0/pci@1/network@0,1" 1 "e1000g" 26. Plumb the rst network interface attached to PCI leaf pci@780 (e1000g0). guest# ifconfig e1000g0 plumb Jun 6 12:28:46 machine4-vnet0 e1000g: NOTICE: pciex8086,105e - e1000g[0] : Adapter 100Mbps full duplex copper link is up. 27. Manually congure the IP addressing information for network interface e1000g0. Use the IP information for your lab machine in the /etc/host le. Look for the entry with the comment # Interfaces e1000g0. The following example is from machine # 4. guest# ifconfig e1000g0 192.168.100.41 netmask 255.255.255.0 broadcast + up 28. Verify the operating system can access the 192.168.100.0 network. guest# ping -s 192.168.100.255 ... ^C ... 29. Return to the control domain. guest# ~. Connection to localhost closed by foreign host.

6-32

Sun Virtualization: Solaris 10 Logical Domains Administration


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Exercise Solutions

Task 5 Solutions
Perform the following steps: 1. 2. Verify that you are logged in to the control domain as root. If not, log in at this time. Create a directory named /ldoms/images. This directory will be used to stored the disk image file. Use the following command to create a disk image. This will take a couple of minutes to complete. 4. Add a virtual disk service device to virtual disk service vds0 using the /ldoms/images/S10U5-5g.img le. Name this device vol1.

primary# mkdir -p /ldoms/images 3. primary# /usr/sbin/mkfile 5G /ldoms/images/S10U5-5g.img

primary# ldm add-vdiskserverdevice /ldoms/images/S10U5-5g.img \ vol1@primary-vds0 5. Export the virtual disk vol1 to guest domain ldom1 using the add-vdisk subcommand. Name the virtual disk vdisk1.

primary# ldm add-vdisk vdisk1 vol1@primary-vds0 ldom1 Initiating delayed reconfigure operation on LDom ldom1. All configuration changes for other LDoms are disabled until the LDom reboots, at which time the new configuration for LDom ldom1 will also take effect. 6. Use the telnet command to open a virtual console to guest domain ldom1. Log in as root.

primary# telnet localhost 5000 ... machine4-vnet0 console login: root Password: cangetin Jun 5 06:45:54 machine4_vnet0 login: ROOT LOGIN /dev/console Last login: Thu Jun 5 06:40:01 on console Sun Microsystems Inc. SunOS 5.10 Generic January 2005 Welcome to SA345LDOM_A on machine4_vnet0 7. Reboot the guest domain ldom1. Log back in as root. guest# shutdown -i6 -g0 -y ... machine4-vnet0 console login: root Password: cangetin JJun 5 05:41:54 machine4_vnet0 login: ROOT LOGIN /dev/console Last login: Thu Jun 5 06:50:54 on console Sun Microsystems Inc. SunOS 5.10 Generic January 2005 Welcome to SA345LDOM_A on machine4_vnet0

Exercise: Performing Advanced Logical Domain Tasks


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

6-33

Exercise Solutions 8. List the contents of the /dev/rdsk directory to determine the currently congured raw devices. c0d0s3 c0d0s4 c0d0s5 c0d0s6 c0d0s7 c0d1s0

guest# ls /dev/rdsk c0d0s0 c0d0s1 c0d0s2 9.

Run the devfsadm -v command to create the new special le for the virtual disk. List the /dev/rdsk directory to determine the name of the raw device associated with the new virtual disk.

guest# devfsadm -v ... guest# ls /dev/rdsk c0d0s0 c0d0s2 c0d0s4 c0d0s1 c0d0s3 c0d0s5

c0d0s6 c0d0s7

c0d1s0 c0d1s1

c0d1s2 c0d1s3

c0d1s4 c0d1s5

c0d1s6 c0d1s7

10. Run the format command to view the new virtual disk. Display the partition table. guest# format Searching for disks...done AVAILABLE DISK SELECTIONS: 0. c0d0 <SUN72G cyl 14087 alt 2 hd 24 sec 424> /virtual-devices@100/channel-devices@200/disk@0 1. c0d1 <SUNVDSK cyl 17474 alt 2 hd 1 sec 600> /virtual-devices@100/channel-devices@200/disk@1 Specify disk (enter its number): 1 selecting c0d1 [disk unformatted] ... format> partition ... partition> print Current partition table (original): Total disk cylinders available: 17474 + 2 (reserved cylinders) Part Tag 0 unassigned 1 unassigned 2 backup 3 unassigned 4 unassigned 5 unassigned 6 unassigned 7 unassigned partition> quit ... format> quit Flag wm wm wm wm wm wm wm wm Cylinders 0 - 17473 0 0 - 17473 0 0 0 0 0 Size 5.00GB 0 5.00GB 0 0 0 0 0 Blocks (17474/0/0) 10484400 (0/0/0) 0 (17474/0/0) 10484400 (0/0/0) 0 (0/0/0) 0 (0/0/0) 0 (0/0/0) 0 (0/0/0) 0

6-34

Sun Virtualization: Solaris 10 Logical Domains Administration


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Exercise Solutions

11. Use the newfs command to create a le system on raw device c0d1s0. guest# newfs /dev/rdsk/c0d1s0 newfs: construct a new file system /dev/rdsk/c0d1s0: (y/n)? y Warning: 2048 sector(s) in last cylinder unallocated /dev/rdsk/c0d1s0: 1024000 sectors in 167 cylinders of 48 tracks, 128 sectors 500.0MB in 12 cyl groups (14 c/g, 42.00MB/g, 20160 i/g) super-block backups (for fsck -F ufs -o b=#) at: 32, 86176, 172320, 258464, 344608, 430752, 516896, 603040, 689184, 775328, 861472, 947616 12. Mount the new le system as /mnt. guest# mount /dev/dsk/c0d1s0 /mnt 13. Run the df -h /mnt command to verify the new le system conguration. guest# df -h /mnt Filesystem /dev/dsk/c0d1s0 guest# umount /mnt 15. Return to the control domain. guest# ~. Connection to localhost closed by foreign host. 16. Remove virtual disk vdisk1 from guest domain ldom1. primary# ldm remove-vdisk vdisk1 ldom1 Initiating delayed reconfigure operation on LDom ldom1. All configuration changes for other LDoms are disabled until the LDom reboots, at which time the new configuration for LDom ldom1 will also take effect. 17. Use the telnet command to open a virtual console to guest domain ldom1. Log in as root. primary# telnet localhost 5000 ... machine4-vnet0 console login: root Password: cangetin Jun 5 07:41:54 machine4_vnet0 login: ROOT LOGIN /dev/console Last login: Thu Jun 5 07:04:34 on console Sun Microsystems Inc. SunOS 5.10 Generic January 2005 Welcome to SA345LDOM_A on machine4_vnet0 size 4.9G used 5.0M avail capacity 4.9G 1% Mounted on /mnt

14. Unmount /mnt.

Exercise: Performing Advanced Logical Domain Tasks


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

6-35

Exercise Solutions 18. Reboot the guest domain operating system. guest# shutdown -i6 -g0 -y ... 19. After ldom1 is rebooted, return to the control domain. guest# ~. Connection to localhost closed by foreign host. 20. Remove virtual disk device vol1 from the service domain. primary# ldm remove-vdiskserverdevice vol1@primary-vds0 21. Verify the conguration change by listing the guest domain ldom1 bindings and primary domain services. primary# ldm list-bindings ldom1 NAME STATE FLAGS CONS ldom1 active -t--5000 MAC 00:14:4f:f9:b6:8d VCPU VID 0 1 2 3 VCPU 4 MEMORY 2G UTIL 25% UPTIME 9m

PID 8 9 10 11

UTIL STRAND 0.3% 100% 0.1% 100% 0.1% 100% 0.1% 100%

MEMORY RA 0x8000000

PA 0x88000000

SIZE 2G

VARIABLES auto-boot?=false boot-device=/virtual-devices@100/channel-devices@200/disk@0 keyboard-layout=US-English nvramrc=devalias vnet0 /virtual-devices@100/channeldevices@200/network@0 use-nvramrc?=true IO DEVICE pci@780 NETWORK NAME PSEUDONYM bus_a OPTIONS

SERVICE

DEVICE

MAC

6-36

Sun Virtualization: Solaris 10 Logical Domains Administration


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Exercise Solutions vnet0 primary-vsw0@primary network@0 08:00:20:ab:01:40 PEER MAC primary-vsw0@primary 00:14:4f:fa:9f:a4 DISK NAME vdisk0

VOLUME vo10@primary-vds0

TOUT DEVICE disk@0

SERVER primary

VCONS NAME SERVICE ldom1 primary-vcc0@primary # ldm list-services VCC NAME PORT-RANGE primary-vcc0 5000-5100 VSW NAME primary-vsw0 VDS NAME primary-vds0 VOLUME vo10 OPTIONS MAC NET-DEV 00:14:4f:fa:9f:a4 e1000g2

PORT 5000

DEVICE switch@0

MODE

DEVICE /dev/dsk/c1t1d0s2

Task 6 Solutions
Perform the following steps: 1. 2. Verify that you are logged in to the control domain as root. If not, log in at this time. Run the following command to create a ZFS storage pool using the remaining used disk (c1t2d0) on the control domain. Run the following command to create a 500 megabyte ZFS volume named vol1. Run the following command to verify that the zpool (tank1) and ZFS volume (tank1/vol1) have been created. USED 500M 22.5K AVAIL 66.4G 66.9G REFER 24.5K 22.5K MOUNTPOINT /tank1 -

primary# zpool create -f tank1 c1t2d0 3.

primary# zfs create -V 500m tank1/vol1 4. primary# zfs list NAME tank1 tank1/vol1

Exercise: Performing Advanced Logical Domain Tasks


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

6-37

Exercise Solutions 5. Add the /dev/zvol/rdsk/tank1/vol1 device to the control domain virtual disk service. Name the virtual disk device zvol.

primary# ldm add-vdiskserverdevice /dev/zvol/rdsk/tank1/vol1 \ zvol@primary-vds0 6. Export the disk zvol to guest domain ldom1 using the add-vdisk subcommand. Name the virtual disk zvdisk.

primary# ldm add-vdisk zvdisk zvol@primary-vds0 ldom1 Initiating delayed reconfigure operation on LDom ldom1. All configuration changes for other LDoms are disabled until the LDom reboots, at which time the new configuration for LDom ldom1 will also take effect. 7. Use the telnet command to open a virtual console to guest domain ldom1. Log in as root.

primary# telnet localhost 5000 ... machine4-vnet0 console login: root Password: cangetin Jul 13 17:15:19 machine4-vnet0 login: ROOT LOGIN /dev/console Last login: Fri Jul 13 17:02:37 on console Sun Microsystems Inc. SunOS 5.10 Generic January 2005 Welcome to SA345LDOM_A on machine4-vnet0 8. Reboot the guest domain operating system. Login as root. guest# shutdown -i6 -g0 -y ... machine4-vnet0 console login: root Password: cangetin Jul 13 17:15:19 machine4-vnet0 login: ROOT LOGIN /dev/console Last login: Fri Jul 13 17:02:37 on console Sun Microsystems Inc. SunOS 5.10 Generic January 2005 Welcome to SA345LDOM_A on machine4-vnet0 9. List the contents of the /dev/rdsk directory to determine the currently congured raw devices. c0d0s3 c0d0s4 c0d0s5 c0d0s6 c0d0s7

guest# ls /dev/rdsk c0d0s0 c0d0s1 c0d0s2

Note that only the boot disk special les are present. 10. Run the devfsadm -v command to create the new special le for the ZFS le system. List the /dev/rdsk directory to determine the name of the raw device associated with the ZFS volume. guest# devfsadm -v ... guest# ls /dev/rdsk

6-38

Sun Virtualization: Solaris 10 Logical Domains Administration


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Exercise Solutions c0d0s0 c0d0s1 c0d0s2 c0d0s3 c0d0s4 c0d0s5 c0d0s6 c0d0s7 c0d1s0

11. Use the newfs command to create a le system on the new ZFS virtual disk. guest# newfs /dev/rdsk/c0d1s0 newfs: construct a new file system /dev/rdsk/c0d1s0: (y/n)? y Warning: 2048 sector(s) in last cylinder unallocated /dev/rdsk/c0d1s0: 1024000 sectors in 167 cylinders of 48 tracks, 128 sectors 500.0MB in 12 cyl groups (14 c/g, 42.00MB/g, 20160 i/g) super-block backups (for fsck -F ufs -o b=#) at: 32, 86176, 172320, 258464, 344608, 430752, 516896, 603040, 689184, 775328, 861472, 947616 12. Mount the new ZFS le system as /mnt. guest# mount /dev/dsk/c0d1s0 /mnt 13. Run the df -h /mnt command to verify the ZFS le system conguration. guest# df -h /mnt Filesystem /dev/dsk/c0d1s0 guest# umount /mnt 15. Return to the control domain. guest# ~. Connection to localhost closed by foreign host. 16. Remove virtual disk zvdisk from guest domain ldom1. primary# ldm remove-vdisk zvdisk ldom1 Initiating delayed reconfigure operation on LDom ldom1. All configuration changes for other LDoms are disabled until the LDom reboots, at which time the new configuration for LDom ldom1 will also take effect. 17. Use the telnet command to open a virtual console to guest domain ldom1. Log in as root. primary# telnet localhost 5000 ... machine4-vnet0 console login: root Password: cangetin Jul 13 17:15:19 machine4-vnet0 login: ROOT LOGIN /dev/console Last login: Fri Jul 13 17:02:37 on console Sun Microsystems Inc. SunOS 5.10 Generic January 2005 Welcome to SA345LDOM_A on machine4-vnet0 size 470M used 1.0M avail capacity 422M 1% Mounted on /mnt

14. Unmount the ZFS le system.

Exercise: Performing Advanced Logical Domain Tasks


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

6-39

Exercise Solutions 18. Reboot the guest domain operating system. guest# shutdown -i6 -g0 -y ... 19. After ldom1 has rebooted, return to the control domain. guest# ~. Connection to localhost closed by foreign host. 20. Remove virtual disk device zvol from the virtual disk service. primary# ldm remove-vdiskserverdevice zvol@primary-vds0 If you see the following message: ------------------------------------------------------------------Notice: LDom ldom1 is in the process of a delayed reconfiguration. Any changes made to this LDom will only take effect after it reboots. ------------------------------------------------------------------the guest domain has not completed rebooting. After the guest domain completes the reboot operation, the virtual disk device will be removed from service. 21. Verify the conguration change by listing the guest domain ldom1 bindings and primary domain services. primary# ldm list-bindings ldom1 NAME STATE FLAGS CONS ldom1 active -t--5000 MAC 00:14:4f:f9:b6:8d VCPU VID 0 1 2 3 VCPU 4 MEMORY 2G UTIL 25% UPTIME 9m

PID 8 9 10 11

UTIL STRAND 0.3% 100% 0.4% 100% 0.5% 100% 0.1% 100%

MEMORY RA 0x8000000

PA 0x88000000

SIZE 2G

VARIABLES auto-boot?=false boot-device=/virtual-devices@100/channel-devices@200/disk@0 keyboard-layout=US-English

6-40

Sun Virtualization: Solaris 10 Logical Domains Administration


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Exercise Solutions nvramrc=devalias vnet0 /virtual-devices@100/channeldevices@200/network@0 use-nvramrc?=true IO DEVICE pci@780 PSEUDONYM bus_a OPTIONS

NETWORK NAME SERVICE DEVICE vnet0 primary-vsw0@primary network@0 08:00:20:ab:01:40 PEER MAC primary-vsw0@primary 00:14:4f:fa:9f:a4 DISK NAME vdisk0 VCONS NAME ldom1

MAC

VOLUME vo10@primary-vds0

TOUT DEVICE disk@0

SERVER primary

SERVICE primary-vcc0@primary

PORT 5000

primary# ldm list-services VCC NAME PORT-RANGE primary-vcc0 5000-5100 VSW NAME primary-vsw0 VDS NAME primary-vds0 VOLUME vo10 OPTIONS DEVICE /dev/dsk/c1t1d0s2 MAC NET-DEV 00:14:4f:fa:9f:a4 e1000g2 DEVICE switch@0 MODE

22. Run the following commands to destroy the ZFS pool tank1. primary# zpool destroy -f tank1 primary# zfs list no datasets available

Exercise: Performing Advanced Logical Domain Tasks


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

6-41

Exercise Solutions

Task 7 Solutions
Perform the following steps: 1. 2. Verify that you are logged in to the control domain as root. If not, log in at this time. List the logical domains currently congured on the system. Cons SP 5000 VCPU Memory 4 2G 4 4G Util Uptime 0.3% 35m 100% 1m

primary# ldm list-domain Name State Flags primary active -t-cv ldom1 active -t--3. primary# ldm stop-domain ldom1 LDom ldom1 stopped

Stop the guest domain ldom1.

The stop-domain subcommand sends a shutdown request to the logical domain if the Solaris OS is booted. If the domain cannot be stopped by any other means, use the -f option of the stop-domain subcommand to force the domain to stop. 4. Release (unbind) all the resources attached to the guest domain ldom1. Remove the guest domain ldom1. List the logical domains currently congured on the system. Cons SP VCPU 4 Memory 2G Util 0.2% Uptime 36m

primary# ldm unbind-domain ldom1 5. 6. primary# ldm remove-domain ldom1 primary# ldm list-domain Name State Flags primary active -t-cv 7.

Restore the guest domain ldom1 conguration from the XML le you previously stored in the /var/tmp directory. List the guest domain ldom1 bound resources. VCPU 4 MEMORY 2G UTIL 25% UPTIME 9m

primary# ldm bind-domain -i /var/tmp/ldom1.xml 8. primary# ldm list-bindings ldom1 NAME STATE FLAGS CONS ldom1 bound ----5000 MAC 00:14:4f:f9:b6:8d VCPU VID

PID

UTIL STRAND

6-42

Sun Virtualization: Solaris 10 Logical Domains Administration


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Exercise Solutions 0 1 2 3 8 9 10 11 100% 100% 100% 100%

MEMORY RA 0x8000000

PA 0x88000000

SIZE 2G

VARIABLES auto-boot?=false boot-device=/virtual-devices@100/channel-devices@200/disk@0 keyboard-layout=US-English nvramrc=devalias vnet0 /virtual-devices@100/channeldevices@200/network@0 use-nvramrc?=true IO DEVICE pci@780 PSEUDONYM bus_a OPTIONS

NETWORK NAME SERVICE DEVICE vnet0 primary-vsw0@primary network@0 08:00:20:ab:01:40 PEER MAC primary-vsw0@primary 00:14:4f:fa:9f:a4 DISK NAME vdisk0 VCONS NAME ldom1 9.

MAC

VOLUME vo10@primary-vds0

TOUT DEVICE disk@0

SERVER primary

SERVICE primary-vcc0@primary Start guest domain ldom1.

PORT 5000

primary# ldm start-domain ldom1 LDom ldom1 started 10. Use the telnet command to open a virtual console to guest domain ldom1. primary# telnet localhost 5000 11. Boot guest domain ldom1 so that the change takes effect. Log in to the guest domain ldom1 as root.

Exercise: Performing Advanced Logical Domain Tasks


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

6-43

Exercise Solutions {0} ok boot ... machine4-vnet0 console login: root Password: cangetin Jul 18 11:26:11 machine4-vnet0 login: ROOT LOGIN /dev/console Last login: Wed Jul 18 11:11:30 on console Sun Microsystems Inc. SunOS 5.10 Generic January 2005 guest# 12. Verify that the bound resources are available to the guest domain ldom1 operation system. guest# psrinfo -vp The physical processor has 4 virtual processors (0-3) UltraSPARC-T1 (cpuid 0 clock 1000 MHz) guest# prtdiag|grep Mem Memory size: 2048 Megabytes guest# ifconfig -a lo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1 inet 127.0.0.1 netmask ff000000 vnet0: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2 inet 192.168.100.43 netmask ffffff00 broadcast 192.168.100.255 ether 8:0:20:ab:1:40 guest# format Searching for disks...done AVAILABLE DISK SELECTIONS: 0. c0d0 <SUN72G cyl 14087 alt 2 hd 24 sec 424> /virtual-devices@100/channel-devices@200/disk@0 ... Specify disk (enter its number): 0 selecting c1t1d0 ... format> quit 13. Return to the control domain. guest# ~. Connection to localhost closed by foreign host.

Task 8 Solutions
Perform the following steps: 1. Verify that you are logged in to the control domain as root. If not, log in at this time.

6-44

Sun Virtualization: Solaris 10 Logical Domains Administration


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Exercise Solutions 2. Remove guest domain ldom1.

primary# ldm stop-domain ldom1 LDom ldom1 stopped primary# ldm unbind-domain ldom1 primary# ldm remove-domain ldom1 3. List the logical domains currently congured on the system. Cons SP VCPU 4 Memory 2G Util 0.2% Uptime 25m primary# ldm list-domain Name State Flags primary active -t-cv 4.

List the logical domain conguration les stored on the system controller.

primary# ldm list-config factory-default config_initial config_split [current] 5. 6. 7. 8. Set the next logical domain conguration to factory-default. Disable the vntsd service. Shutdown the control domain operating system. Move to the system controller and reset the system. primary# ldm set-config factory-default primary# svcadm disable vntsd primary# shutdown -i5 -g0 -y primary# #. sc> reset Are you sure you want to reset the system [y/n]? sc> SC Alert: SC Request to Reset Host. SC Alert: Host System has Reset SC Alert: Host system has shut down. sc> Press the return key to get the sc> prompt back. 9. After the system has reset, open a console of the control domain. sc> console -f Enter #. to return to ALOM. ... Press the return key to get the prompt back.

Exercise: Performing Advanced Logical Domain Tasks


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

6-45

Exercise Solutions Depending on when you open the console to the system , you might see system power on self test messages. 10. Log in to the primary domain as root. console login: root Password: cangetin@sun ... 11. List the logical domain conguration les stored on the system controller. primary# ldm list-config factory-default [current] config_initial config_split Note that the factory-default conguration is the current conguration. 12. Remove all the user-dened conguration les stored on the system controller. primary# ldm remove-config config_initial primary# ldm remove-config config_split 13. List the logical domain conguration les stored on the system controller. primary# ldm list-config factory-default [current] 14. Generate a long list of the primary domain to verify that it has returned to the factory default state. primary# ldm list-domain -l primary ------------------------------------------------------------------------Notice: the LDom Manager is running in configuration mode. Configuration and resource information is displayed for the configuration under construction; not the current active configuration. The configuration being constructed will only take effect after it is downloaded to the system controller and the host is reset. ------------------------------------------------------------------------NAME STATE FLAGS CONS VCPU MEMORY UTIL UPTIME primry active -t-cv SP 24 8G 25% 9m VCPU: 24 vid pid util strand 0 0 19% 100% 1 1 19% 100% 2 2 19% 100% 3 3 19% 100% 4 4 19% 100%

6-46

Sun Virtualization: Solaris 10 Logical Domains Administration


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Exercise Solutions 5 5 19% 100% 6 6 19% 100% 7 7 19% 100% 8 12 19% 100% 9 13 19% 100% 10 14 19% 100% 11 15 19% 100% 12 16 19% 100% 13 17 19% 100% 14 18 19% 100% 15 19 19% 100% 16 20 19% 100% 17 21 19% 100% 18 22 19% 100% 19 23 19% 100% 20 24 19% 100% 21 25 19% 100% 22 26 19% 100% 23 27 19% 100% Mau: 6 mau cpuset (0, 1, 2, 3) mau cpuset (4, 5, 6, 7) mau cpuset (12, 13, 14, 15) mau cpuset (16, 17, 18, 19) mau cpuset (20, 21, 22, 23) mau cpuset (24, 25, 26, 27) Memory: 8064M real-addr phys-addr 0x8000000 0x8000000 IO: pci@780 (bus_a) (in IO MMU bypass mode) pci@7c0 (bus_b) (in IO MMU bypass mode) Vldc: primary-vldc0 [num_clients=3] Vldc: primary-vldc3 [num_clients=7] Vcons: SP

size 8064M

Exercise: Performing Advanced Logical Domain Tasks


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

6-47

Appendix A

Exercise: Bonus Lab


Objectives
In this exercise, you will perform the following tasks:

Congure a logical domain environment based on the scenario provided in this appendix.

Preparation
To prepare for this lab exercise:

You must have successfully completed the standard exercises provided in this student workbook.

A-1
Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Logical Domain Configuration Scenario

Logical Domain Conguration Scenario


You are tasked with conguring a logical domain environment that consists of three domain: the primary domain, the secondary domain, and the guest domain. The conguration goal is to provide future applications running on the guest domain with redundant storage and network connectivity. Figure A-1 shows how this logical domain environment is to be congured.
The secondary Domain
Virtual Switch Virtual Disk Services

The guest Domain Boot Disk

The primary Domain


Virtual Disk Services Virtual Switch

SVM Mirror

IPMP

e1000g0

Boot Disk

vdisk1 vdisk0

vnet1

vnet0

c1t1d0 and c1t2d0

Boot Disk
(c1t0d0)

e1000g2

Hypervisor
Virtual SAN Virtual SAN Virtual SAN Virtual SAN

Virtual LAN

Virtual LAN

I/O Bridge (Leaf A)

I/O Bridge (Leaf B)

NIC

2
Storage

Storage Storage

0
NIC

Figure A-1

Bonus Lab Conguration

Configuration Details
This section provides you with the conguration details for each logical domain shown in Figure A-1. The primary domain conguration:

Domain roles Virtual CPUs

Control, Service, IO 4

A-2

Sun Virtualization: Solaris 10 Logical Domains Administration


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Logical Domain Configuration Scenario


Memory MAU I/O Boot disk Primary network interface Virtual console service Virtual group console Virtual disk service Virtual disk service Virtual disk service Virtual switch service

2 Gigabytes 1 PCI leaf B c1t0d0 e1000g2 Telnet ports 5000 - 5100 Add the secondary and guest domains to this console group. One disk service with device c1t1d0 bound One disk service with device c1t2d0 bound One disk service with one 10 GB le-based device bound One switch service with network interface e1000g2 bound

The secondary domain conguration:


Domain roles Virtual CPUs Memory I/O Boot disk Primary network interface Virtual disk service Virtual switch service

Service, IO 4 2 Gigabytes PCI leaf A c1t1d0 Provided by primary virtual disk service e1000g0 One disk service with one 10 GB le-based device bound One switch service with network interface e1000g0 bound

The guest domain guest:


Domain role Virtual CPUs Memory MAU

Guest 8 2 Gigabytes 1

Exercise: Bonus Lab


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

A-3

Logical Domain Configuration Scenario

Boot disk Virtual network interface Virtual network interface Virtual disk

c1t2d0 Provided by primary virtual disk service vnet0 Provided by primary virtual switch service vnet1 Provided by secondary virtual switch service vdisk0 10 GB le-base virtual device provided by primary virtual disk service vdisk1 10 GB le-base virtual device provided by secondary virtual disk service

Virtual disk

Initial System State


If you have successfully completed the standard exercises provided in this student workbook, the your assigned Sun Fire T2000 should currently be loaded with the Logical Domain Manager software and the system should be in the factory-default conguration. If the factory-default conguration is not current, then make it current before you begin to congure the logical domain.

Final Assessment
After you have completely congured the logical domains according to the stated conguration requirements, have your instructor evaluate your work.

A-4

Sun Virtualization: Solaris 10 Logical Domains Administration


Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1