THE ADMIN's LAB : 2014

Sunday, 28 December 2014

Solaris Practice-2 [ zones ]

PRACTICE WORK-SHEET-2 [zones]

Well, learned Zones?

OK…

Now time to have some Practice to check How Frequently or without looking to our notebook we can solve the things OR how much command we have on the Topics.

1. What is zone?

2. What are the types of zones?

3. List some benefits of zones?

4. What is Global zone & Non Global zone?

5. What are the types of NGZ?

6. What is diff between whole root zone & sparse root zone?

7. What is zonepath?

8. List & define the daemons & their functions for zones?

9. Is it possible to assign different types of file systems to NGZ? If yes then what is the procedure to do so.

10. What are the zone states? Define all

11. How to assign physical disk to NGZ?

12. What are the IP management schemes available in zones? Define with example

13. What is difference between zone login and zone console login?

Solaris Practice-1 [zfs-Answers]

PRACTICE WORK-SHEET-1-ANSWERS [zfs]

ANSWERS are from Q no 11,

1. What is zfs?

2. List some benefits of zfs

3. Compare ufs & zfs

4. Why we should move to zfs?

5. What is the basic requirement for zfs?

6. Limitations of zfs

7. What is “COW” in zfs?

8. What is “dataset” and how many datasets zfs can support?

9. What is zpool and how many datasets zpool can support?

10. What is “vdev” in zfs and also define the types of vdevs?

11. What is clone in zfs?

Solaris Practice-1 [ zfs ]

PRACTICE WORK-SHEET-1 [zfs]

Well, learned Solaris ?

OK…

Now time to have some Practice to check How Frequently or without looking to our notebook we can solve the things OR how much command we have on the Topics.

Let’s start with ZFS…

1. What is zfs?

2. List some benefits of zfs

3. Compare ufs & zfs

4. Why we should move to zfs?

5. What is the basic requirement for zfs?

6. Limitations of zfs

7. What is “COW” in zfs?

8. What is “dataset” and how many datasets zfs can support?

9. What is zpool and how many datasets zpool can support?

10. What is “vdev” in zfs and also define the types of vdevs?

11. What is clone in zfs?

Telnet-TCP Wrappers in Solaris

TELNET / TCP WRAPPERS IN SOLARIS

What we are going to Learn,

· How to enable trace for Telnet

· How to find users detail, logged in via telnet

· How to enable root user trace, logged in via telnet

· What is TCP WRAPPERS

· How to Enable TCP WRAPPERS

· How to Enable TCP WRAPPERS for telnet

· How to control the network access via TCP WRAPPERS

Telnet is a protocol for connecting remote hosts

It works on port 23

SSH in Solaris

SSH IN SOLARIS

What we are going to learn,

· ssh basics

· ssh files

· ssh with / without Password

· ssh config file modification [permit root login, banner]

· ssh security [allow / deny users, hosts, groups]

· ssh log generation

WHAT is SSH?

SSH (secure shell) is a secure communication protocol to access a remote client

WHY it is in use?

Though there are several protocols for remote communications like rlogin, rcp, rsh, telnet… they all offer the same thing “access to remote client” then why we need SSH?

SSH provides a secure connection between two remote hosts, means whatever the communication goes between ssh client & ssh server are in encrypted texts.

ZFS as iscsi

ZFS AS iSCSI TARGET

Well,

This is very interesting that we can use our zfs system as iscsi server

I had just created a 100m zfs FS for iscsi testing

root@sol-test-1:>/# zfs create -V 100M zm1/scsivol2

root@sol-test-1:>/# zfs share zm1/scsivol2

cannot share 'zm1/scsivol2': 'shareiscsi' property not set

set 'shareiscsi' property or use iscsitadm(1M) to share this volume

root@sol-test-1:>/# zfs set shareiscsi=on zm1/scsivol2

Zones-11 [Zone Processes & booting options]

ZONES-11

[PROCESS MONITORING-BOOT OPTIONS]

Zone Daemons,

“zoneadmd” & “zsched”

Zoneadmd

· Runs in GZ and it is primary process for setting up the zones virtual platform,

· It manages the booting / shutting down of zones

· It manages the connection to the zone from zlogin

· It allocates the zone ID & starts the zsched process

· One zoneadmd process for every active (ready, running, shutting down) zone on the system.

Zsched

· It runs within the NGZ

· Kernel threads for the zones are owned by zsched process

Zones-10 [FSS-fair share scheduler]

ZONES-10 [FAIR SHARE SCHEDULER-FSS]

Well…

What is FSS? Any guess?

Something which schedule the shares without partiality!!!

Good… close enough…

Let’s try to understand this in simple way.

Imagine a race of 3-4 year old kids,

Can u control them?

Can u expect that they run in their track?

Can u expect even 1% of discipline from them?

Zones-9 [rctls / resource controls]

ZONES-9 [RESOURCE CONTROLS]

Great,

We had learned to assign mem & cpu to NGZ, but how we will check the utilization by NGZ

Rcapadm is command from which we can find and it relies on rcapd daemon

First we should enable the rcapadm

root@sol-test-1:>/# svcadm enable rcap

Enable the resource capping daemon so that it will be started now and also be started each time the system is booted

Zones-8 [Addition IP / Resource Capping]

Well…

Done with basic create / modify /delete a NGZ?

Let’s play some more

Did u wondered till now we just created the zones,

Never bothered about

· What is the ram size?

· What is swap size?

· What is CPU capability?

· What if NGZ starts eating ram & CPU?

ZONES-7 [RECAP]

ZONES-7 [RECAP]

Well… Let’s see, what we are capable to do with Zones till now

· Define the zones & its features

· Create a NGZ with minimal config

· Create a NGZ with device shared from GZ

· Create a NGZ with FS (lofs) shared from GZ

· Create a NGZ with EXCLUSIVE IP settings

· Rename a NGZ

· Changing HOSTNAME/IP of NGZ

· Create a NGZ with WHOLE ROOT CONFIG

· Create a NGZ with UFS shared from GZ

· Moving a zone within system

· Moving a zone to other system

· Cloning a zone

· Delete a zone

ZONES-6 [MOVE / CLONE NGZ]

ZONES-6 [MOVE / CLONE NGZ]

What we are about to learn,

· Move the NGZ within same system

· Changing hostname of NGZ

· Move the NGZ to other system

· Clone the NGZ

Well, King has accommodated his all 4 rentals. And now it’s time to relax

But suddenly one PG [tzone2] came and told the king that I don’t want to live in

That room and also I want new name for my room, but I want new room within same building

King was surprised with this demand but he agreed on the same and told the PG

OK… just stop all of your work then inform me,

ZONES-5 whole root zone with exclusive Ip & shared ufs

ZONES-5

WHOLE ROOT ZONE WITH EXCLUSIVE IP & SHARED FILE SYSTEM FROM GLOBAL ZONE

Fine…

The king has selected 4 tenants, and out of four, 3 tenants are accommodated, it’s time to accommodate the family.

Tzone1 PG (bachelor) Sparse root

Tzone2 PG (bachelor) Sparse root

Tzone3 PG (bachelor) Sparse root

Tzone4 With family Whole root

The Info provided by tzone4 is,

House No IP 192.168.234.203

Separate gas pipeline YES I want my own (e1000g2)

Fancy item YES CDROM

Guest YES I want shared FS from GZ

Other info YES Yes I want attributes to be added

King was very irritated with this family drama, that they want everything but king was man of words so he agreed for the arrangements,

Let’s see what the family got?

Solaris Zones-4 [Zone with Exclusive IP]

ZONES-4 [CREATION]

EXCLUSIVE IP

Fine… King has accommodated 2 out of 4 tenants

Now it’s time for tzone3

The Info provided by Tzone3 is,

House No IP 192.168.234.202

Separate gas pipeline YES I want my own (e1000g1)

Fancy item YES CDROM

Guest NO I don’t want shared FS from GZ

Other info NO No info plz

SO… let’s prepare the accommodation for tzone3

Zones-3 [Configuring a Non Global Zone - B]

ZONES-3 [CONFIGURE NGZ-B]

Well… we had created a very simple NGZ tzone1

Now in our next NGZ tzone2… we will add some more

The Info provided by Tzone2 is,

House No IP 192.168.234.201

Separate gas pipeline NO will share the interface

Fancy item YES TAPE DRIVE / CDROM

Guest NO Don’t want shared FS from GZ

Other info YES Yes I want attributes to be added

OK… from last config we have 2 more thing now i.e.

Device and attributes

Zones-2 [Configuring a simple Non Global Zone-A]

ZONES-2 [CONFIGURE NGZ-A]

Fine… we had completed our basics in previous post, now need to configure NGZ

So, the king has selected 4 tenants,

Tzone1 PG (bachelor) Sparse root

Tzone2 PG (bachelor) Sparse root

Tzone3 PG (bachelor) Sparse root

wr-zone With family Whole root

The Info provided by Tzone1 is,

House No IP 192.168.234.200

Separate gas pipeline NO will share the interface

Fancy item NO Don’t want extra devices

Guest NO Don’t want shared FS from GZ

Other info NO Don’t want any attributes to be added

Zones-1 [Basics]

ZONES-1 [Basics]

Well… Zones?

Sounds Good Na?

So what is Zone?

The simplest definition of zone I know is

“It’s the Solaris’s answer of virtualization”

Well…First I know nothing about zone, and now it is the answer of virtualization?

Good Joke, but what is virtualization?

OK… Let me explain the virtualization in simplest I know

“Technology which convert Hardware Devices in to Software Resources”

Is called virtualization.

THIS ONE IS SIMPLEST???

Host Name Change in Solaris

HOSTNAME CHANGE

Well, we changed all network details of our system, but still we need to change the HOSTNAME,

For changing hostname we need to alter following files…

/etc/hosts

/etc/nodename

/etc/hostname.<name of primary interface>

Rename crash directory under

/var/crash/<hostname>

#mv <old name> <new name>

IP Change in Solaris

IP CHANGE

Well… Suppose I reached office and just got a call from Boss that we have few servers migrated from other locations and we need to setup them here,

Now what we have to do?

Before using we must have to bring them under our Network and have named them as per our convention.

Great… means in simple we have to change ip and hostname.

Let’s change them, but do remember 2 more parameters… if servers are coming from completely different network.

Gateway

Netmask

Virtual IP Setting in Solaris

VIRTUAL IP

Suppose, we need some more IP’s but we have only one Interface.

IP which sits on the same physical interface virtually and it acts as parasite.

Means it will share the BW of physical interface,

We have only one interface and we want 2 Virtual IP. Technically it is possible but it will on cost of BW sharing which results in highly degraded performance*

Depending on what type of applications are running/using that IP’s.

Setting Additional IP in Solaris

ADD ADDITIONAL IP’s

Well…Suppose a situation that, suddenly one of vendor told that we want to implement an application which needs two physical IP’s and two virtual IP’s.

Range of Subnets would be same.

OK… so let’s begin with adding New IP’s to System.

Generally there are 4 interfaces in Sparc Servers or depending upon HW config.

Solaris System Performance Monitoring -1 [Memory - vmstat]

SYSTEM PERFORMANCE -1

[Memory –vmstat / sar/ prstat]

First I want to thanks all bloggers and oracle documentation for great resources provided by them, I want to say thanks individually but really I forget, that from where I had learned all these. At the time when I was learning and preparing notes I got help from all over the blogs/books/YouTube, and now I really don’t remember that which part i referenced from where. All I have is only my Notes, again thanks to all who helped me in any manner to have some knowledge and confidence i gained because of them and my sincere apologies also.

**Performance monitoring is one of the most crucial things in System Admin’s Life and I am pretty sure that this thing will learned only when we start sweating from each and every side of ours; means facing a Lion in Zoo and facing a Lion in Jungle… imagine the difference

“IT CANNOT BE LEARNED, IT SHOULD BE EARNED”

TSHOOT is ART rather than technology…

THE ADMIN's LAB