Oraclesolaris11ipsai5!12!120523112131 Phpapp01
-
Upload
jose-francisco-hernandez-pinto -
Category
Documents
-
view
3 -
download
1
description
Transcript of Oraclesolaris11ipsai5!12!120523112131 Phpapp01
1 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
Manage You Deployments With The Image Packaging System And The Automated Installer
Michael Fitzgerald
Principal Solutions Consultant
Oracle Solaris 11
2 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
Agenda
• Requirements and Ideas
• Updates & Upgrades
• Boot Environments
• SRUs
• Deploying at Scale
• IPS Repository Mirrors
• Automated Installer
• System Configuration
• Zones
• Additional Transition Tools and Resources
3 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
Requirements and Big Ideas - Packaging
• Updates & upgrades must be fast, reliable, reversible
• Updates should be package updates, not patches
• Packages dependencies should be handled automatically
• Packages should be network-based
• Image minimization should be easy
• Seamless integration with Zones is required
• Deliver practically identical experience
on SPARC, x86
Plan
Deploy
Test
Use
Maintain
Update
4 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
Requirements and Big Ideas - Install
• Low initial investment, great scalability for deployment
– Ease-of-use is a priority for all features
• Deployment must be well-integrated with best practices,
overall user experience
– Limit install-specific features, knowledge
• Integrated deployment of Zones is required
• Leverage existing Solaris strengths
Plan
Deploy
Test
Use
Maintain
Update
5 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
Value-engineering in Installation, Configuration
Simplified architecture
+ Improved automation
+ Improved safety
+ Improved flexibility
+ Improved integration
= Better user experience
No longer a sum of independent parts
On a Large Scale
6 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
Rosetta Stone for Oracle Solaris 10 Users
Oracle Solaris 10 Oracle Solaris 11
SVR4 Packages IPS Packages
Install DVD Install CD + pkg repository
Live Upgrade Boot Environments
Upgrade from installer pkg(1), Update Manager
JumpStart Automated Installer (AI)
JumpStart Profiles AI manifests
Blueprints for custom DVD's Distribution Constructor
7 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
Agenda
• Requirements and Ideas
• Updates & Upgrades
• Boot Environments
• SRUs
• Deploying at Scale
• IPS Repository Mirrors
• Automated Installer
• System Configuration
• Zones
• Additional Transition Tools and Resources
8 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
Safe Upgrades “in a snap”
• ZFS Boot Environments Benefits
– No initial investment
– Updates are applied to a file system clone, no
interruption
– Reboot into upgraded environment when you’re
ready
– Trivial roll-back if failure occurs
– Integrated, enforced best practice for safety
• Fast reboot reduces maintenance windows
• Excellent for recovery purposes
Active BE
Active BE
New BE
Active BE
Updated BE
9 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
Boot Environments
• Make updates safe, reliable, recoverable
• Different from/simpler than Solaris 10 Live Upgrade
– Takes advantage of ZFS
– Use liberally as an administrative safety net
• Managed by beadm(1M), functionality includes:
– List
– Activate, Rename
– Create, Destroy
– Mount, Unmount
10 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
beadm(1) Utility
Create a new boot environment based on the active boot environment
Create a new boot environment based on an inactive boot environment
Create a snapshot of an existing boot environment
Create a new boot environment based on an existing snapshot
Create a new boot environment, and copy it to a different zpool
Create a new boot environment and add a custom title to the
x86 GRUB menu or the SPARC boot menu
Activate an existing, inactive boot environment
Mount a boot environment
Unmount a boot environment
Destroy a boot environment
Destroy a snapshot of a boot environment
Rename an existing, inactive boot environment
Display information about your boot environment snapshots and datasets
11 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
Listing Boot Environments {badboy} beadm list
BE Active Mountpoint Space Policy Created
-- ------ ---------- ----- ------ -------
b-140 - - 11.51M static 2010-05-26 12:47
b-141 - - 11.98M static 2010-06-10 15:40
b-142 - - 10.14M static 2010-06-24 08:05
b-143 - - 13.85M static 2010-07-12 09:47
b-144 - - 1.48G static 2010-07-22 12:09
b-145 - - 14.64M static 2010-08-03 22:23
b-146 - - 10.43M static 2010-08-20 15:31
b-147 - - 12.29M static 2010-09-06 19:28
b-148 - - 13.11M static 2010-09-23 17:05
b-149 - - 14.49M static 2010-09-30 18:53
b-150 - - 11.83M static 2010-10-15 10:32
b-151 - - 130.94M static 2010-11-15 10:10
b-152 NR / 56.03G static 2010-11-17 16:32
12 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
More Fun with beadm {badboy} beadm activate b-151
{badboy} beadm mount b-151 /tmp/mnt
{badboy} beadm list
BE Active Mountpoint Space Policy Created
-- ------ ---------- ----- ------ -------
b-140 - - 11.51M static 2010-05-26 12:47
b-141 - - 11.98M static 2010-06-10 15:40
b-142 - - 10.14M static 2010-06-24 08:05
b-143 - - 13.85M static 2010-07-12 09:47
b-144 - - 1.48G static 2010-07-22 12:09
b-145 - - 14.64M static 2010-08-03 22:23
b-146 - - 10.43M static 2010-08-20 15:31
b-147 - - 12.29M static 2010-09-06 19:28
b-148 - - 13.11M static 2010-09-23 17:05
b-149 - - 14.49M static 2010-09-30 18:53
b-150 - - 11.83M static 2010-10-15 10:32
b-151 R /tmp/mnt 53.82G static 2010-11-15 10:10
b-152 N / 1.71G static 2010-11-17 16:32
13 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
Live Upgrade -> Boot Environments
Oracle Solaris 10 Oracle Solaris 11 Description
lucreate –n newBE beadm create newBE Create a new BE
lustatus beadm list Display BE info
luactivate newBE beadm activate newBE Activate a BE
ludelete BE beadm destroy BE Destroy an inactive BE
luupgrade or patchadd pkg update Upgrade or update a BE
14 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
pkg(1)
• To install an individual package: pkg install communication/im/pidgin
• To check for individual updates: pkg info –r communication/im/pidgin
• To update an individual package: pkg update communication/im/pidgin
• “Test Run” an image update: pkg update –nv
• Update (all packages, or the complete image): pkg update
15 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
Oracle Solaris 11 Lifecycle Management Improved updates with IPS
• 4X Faster upgrades typical
• Create ZFS boot environment to safely apply updates
• Full dependency check of packages, crypto verified, auditable
• Reboot updated ZFS boot environment
New Security
Patch
6:00: pkg update
6:00-6:02: Dependency checks,
patch/update planning
6:02-6:04: New boot environment created,
updates downloaded and applied 6:04-6:06: reboot
up and running again
Maintenance window: 6-7pm
16 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
Boot Environments in Non-global Zones
• BE's automatically include installed/attached zones
• Zone BE is linked to a global zone BE
• Multiple zone BE's can be linked to a single
global zone BE
• Zone administrator can create, mount, activate BE's
– Active BE is within the context of the active global zone BE
17 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
Agenda
• Requirements and Ideas
• Updates & Upgrades
• Boot Environments
• SRUs
• Deploying at Scale
• IPS Repository Mirrors
• Automated Installer
• System Configuration
• Zones
• Additional Transition Tools and Resources
18 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
Maintenance Updates for Oracle Solaris 11
• Oracle customers with an active Oracle support plan have
access to the support package repository
• Register for the support repository at
• http://pkg-register.oracle.com
• SRU = Support Repository Update
• Future Oracle Solaris 11 Releases
• will be available in the support repository or a release
repository that provides the currently available OS
19 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
Agenda
• Requirements and Ideas
• Updates & Upgrades
• Boot Environments
• SRUs
• Deploying at Scale
• IPS Repository Mirrors
• Automated Installer
• System Configuration
• Zones
• Additional Transition Tools and Resources
20 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
Local IPS Repositories
• Reasons for a local package repository
• Security and Performance
• Consistency and Replication
• Custom Packages
• Two Types of Repositories:
Origin Mirror
21 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
Create a Local IPS Repositories
• Copy From Internet: • pkgrepo create /export/repoSolaris11
• pkgrecv -s http://pkg.oracle.com/solaris11/release/ -d /export/repoSolaris11 '*’
• Copy From File: • Get file, and unzip and cat (if necessary)
• lofiadm -a /export/repo2010_11/ sol-11-repo-full.iso
• mount -F hsfs /dev/lofi/1 /mnt
• rsync -aP /mnt/repo /export/repoSolaris11 or
cd /mnt/repo; tar cf - . | (cd /export/repoSolaris11; tar xfp -)
• umount /mnt
• lofiadm -d /dev/lofi/1
22 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
Agenda
• Requirements and Ideas
• Updates & Upgrades
• Boot Environments
• SRUs
• Deploying at Scale
• IPS Repository Mirrors
• Automated Installer
• System Configuration
• Zones
• Additional Transition Tools and Resources
23 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
Automated Installation (AI)
• Reduce initial and ongoing costs of deploying Solaris-
based software stack
• Leverages ZFS, SMF, IPS features to provide enhanced
features vs. JumpStart
– Reduces need for third-party or customer-developed extensions
– Most scripting moved to first-boot SMF services
• Integrated, seamless Zones deployment
• WAN-capable design provides operational flexibility
• Designed to be manageable and observable
– installadm(1M) provides one-stop management interface
24 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
AI Terminology
• Client – physical or virtual machine to be installed
• Manifest – XML specification of installation (storage layout,
software payload)
• Profile – SMF profile to pre-configure system services
• Service – server infrastructure needed to network boot an
installation client
• Criteria – mapping of clients to services, manifests and profiles
• Repository – IPS package repository
• “Bootable AI” - service-less AI boot from media
– Manifest included on media or downloaded from network location
25 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
Basic Flow of Automated Installation
26 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
Static Manifests
• Default manifest provided with service
– Installs solaris-large-server package set from Oracle's Solaris
repository to firmware-designated boot disk
– Sysconfig invoked automatically at first boot to interactively configure
basic system
• Manifest specifies:
– Package repositories and lists; major group packages: solaris-small-
server, solaris-large-server, solaris-desktop
– Target disk: choose by device path, volume id, type, vendor, size,
container/receptacle/occupant (CRO) label; ZFS configuration
– Locales are installed/removed using package facets; all locales are
installed by default
27 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
Derived Manifests
• Dynamically generate manifest in a script
• Scales AI management by reducing number of manifests
maintained by administrators
• Most effective model is to load template manifest, modify
specific elements
• Script uses the aimanifest(1M) command as interface
to generate AI manifest
• Generated manifest located on the client at:
/system/volatile/manifest.xml
28 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
Agenda
• Requirements and Ideas
• Updates & Upgrades
• Boot Environments
• SRUs
• Deploying at Scale
• IPS Repository Mirrors
• Automated Installer
• System Configuration
• Zones
• Additional Transition Tools and Resources
29 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
New System Configuration Framework & UI
• Replaces sysidtool/sysidcfg/sys-unconfig
• sysconfig(1m) interactive UI
– configure, unconfigure, create-profile subcommands
• Interactive tool provides basic, required system
configuration. UI similar to Text Installer.
• Profiles can configure any SMF service property
• sysconfig unconfigure reverts the properties
configured by the interactive UI to shipped defaults
– --destructive option requests more complete cleanup, e.g.
deleting initial user account's home directory
30 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
System Configuration Profiles
• Common parameters available in Oracle Solaris 11:
– User account, including RBAC roles, profiles and sudo
– Root user: password, role/normal
– Timezone, locale
– Hostname
– Console terminal type, keyboard layout
– IPv4 and/or IPv6 interface, default route
– DNS, NIS, LDAP clients
– Name service switch
31 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
Creating a Configuration Profile with sysconfig
• Easiest starting point
# sysconfig create-profile -o myprofile.xml
• Runs the sysconfig UI, places output into specified profile
• Edit further to add properties not configured by sysconfig
32 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
Agenda
• Requirements and Ideas
• Updates & Upgrades
• Boot Environments
• SRUs
• Deploying at Scale
• IPS Repository Mirrors
• Automated Installer
• System Configuration
• Zones
• Additional Transition Tools and Resources
33 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
Deploying Zones with AI
• Zones can be specified in the AI manifest <configuration type=”zone” name=”zone1”
source=”http://server/zone1/config”/>
<configuration type=”zone” name=”zone2”
source=”file:///net/server/zone2/config”/>
• config file is the zone's configuration file as output
from “zonecfg export”
• Automatically installed on first boot of the global zone
svc:/system/zones-install:default
34 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
Deploying Zones with AI (2)
• Use zonename criterion to associate manifests and
profiles with a zone # installadm create-manifest -n S11-x86 -f /tmp/zmanifest.xml
-c zonename=”zone1 zone2”
# installadm create-profile -n S11-x86 -f /tmp/zprofile1.xml
-c zonename=”zone1”
# installadm create-profile -n S11-x86 -f /tmp/zprofile2.xml
-c zonename=”zone2”
35 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
Deploying Zones with AI (3)
• AI is also used when installing non-global zones from
existing global zone
• Default manifest is
/usr/share/auto_install/manifest/zone_default.xml
• Default profile enables interactive system
configuration during first boot
• Provide alternate manifest and/or profile with # zoneadm -z <zone> install -m <manifest> -c <profile>
36 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
Agenda
• Requirements and Ideas
• Updates & Upgrades
• Boot Environments
• SRUs
• Deploying at Scale
• IPS Repository Mirrors
• Automated Installer
• System Configuration
• Zones
• Additional Transition Tools and Resources
37 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
JumpStart to AI Mapping
JumpStart Automated Installation
setup_install_server installadm create-service
add_install_client installadm create-client
JumpStart profile & rules AI manifest & criteria
sysidcfg file SMF configuration profile
Begin script Derived Manifests, custom images from Distribution Constructor
Finish script pkg actions, First-boot SMF services
38 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
Steps to Convert from Solaris 10 JumpStart
• Deploy S11 server instance to host AI service
– Use as JumpStart server as well
• Translate rules to criteria
• Translate profiles to manifests
• Translate sysidcfg to SMF profile
• Publish manifests and profiles to AI service
• Convert finish scripts to SMF service(s)
• Publish SMF service package to IPS repository
39 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
js2ai JumpStart to AI translation tool
• Automatically converts existing JumpStart rules,
profiles, sysidcfg files to AI equivalents
• Conversion is best-effort, with instructions on issues
that need manual resolution
• Result is a directory hierarchy with AI profiles, system
config manifests, log of the tool's actions
• See js2ai(1m)
40 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
Distribution Constructor (DC)
• Tool to easily construct installation images and virtual
machine images
– Used by Solaris engineering to build the product
• Use DC to build AI (or interactive install) images
customized with additional drivers or services
• XML manifest (similar to AI) specifies construction
• Checkpoint/resume feature nicely leverages ZFS!
• Fully extensible – plug your own customizations into build
process
• See distro_const(1M) for more information
41 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
Building and Using a Custom AI Boot Image
• Install Distribution Constructor – pkg install distribution-constructor
• Copy base AI image manifest, customize
– Basic SPARC manifest at /usr/share/distro_const/auto_install/ai_sparc_image.xml
• Build the image: – distro_const build my_ai_image.xml
• Deploy to AI service:
– installadm create-service ...
42 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
Technical Article Available
• “How To Create a Customized Oracle Solaris 11
Image Using the Distribution Constructor”
• http://www.oracle.com/technetwork/articles/servers-storage-admin/o11-
087-sol11-dist-const-496819.html
43 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
• “Transitioning From Oracle Solaris 10 JumpStart to
Oracle Solaris 11 Automated Installer”
• http://docs.oracle.com/cd/E23824_01/html/E21799/index.html
Documentation Available
44 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
Technical Article Available
• “How to Perform System Archival and Recovery
Procedures with Oracle Solaris 11”
• http://www.oracle.com/technetwork/articles/servers-storage-admin/o11-
091-sol-dis-recovery-489183.html
46 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
Simplified Administration, Service Provisioning
47 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
Summary
• Oracle Solaris 11 deployment is different from Solaris 10
– Little required customization work to start deploying
– Powerful, stable, supported capabilities for those who need to
customize
• Transition documentation, tools are provided
• Feature set will expand & evolve
• Boot Environments allow for fast, efficient, and fool-
proof software upgrades
48 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
For More Information / Try Out Today
• Product overview and download
– oracle.com/solaris
• Oracle Technology Network
– oracle.com/technetwork/server-storage/solaris11
• System administrators community
– oracle.com/technetwork/systems
• @ORCL_Solaris
• facebook.com/oraclesolaris
• Oracle Solaris Insider
48
50 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
One Installation Engine; Three Installers
• Each with its own features and capabilities
• Each delivering its own benefits for specific needs
• Interactive
• Live Media – Desktop, GUI tools
• Text Installer – “Headless” servers
• Automated
• Automated Installer – Large-scale deployments
• Distribution Constructor lets you build your own
installation media, behaving like any of these categories
51 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
Two types of interactive installers
• 1 - Text-based UI for server systems (SPARC & x86)
• 2 - GUI for x86 desktop/laptop systems
• Principle: Install fixed software payload with basic
configuration, customize after installation
– GUI installs desktop/laptop-appropriate software (solaris-desktop group package), automatic network configuration
– Text installer installs server-appropriate software (solaris-large-server group package), choice of automatic or
manual network & name service configuration
• Both provide configuration of initial user account, with
administrative privileges via sudo