{"id":46,"date":"2007-10-31T10:20:57","date_gmt":"2007-10-31T15:20:57","guid":{"rendered":"http:\/\/blogs.cae.tntech.edu\/mwr\/2007\/10\/31\/solaris-jumpstart-installations-in-an-all-debian-environment\/"},"modified":"2024-10-27T14:26:19","modified_gmt":"2024-10-27T14:26:19","slug":"solaris-jumpstart-installations-in-an-all-debian-environment","status":"publish","type":"post","link":"https:\/\/sites.tntech.edu\/renfro\/2007\/10\/31\/solaris-jumpstart-installations-in-an-all-debian-environment\/","title":{"rendered":"Solaris Jumpstart Installations In An All-Debian Environment"},"content":{"rendered":"

Time to bring the Solaris workstations into our new infrastructure, to discover all the hidden Debian-specific parts in my Puppet manifests, and then fix them to be platform-neutral. First off, I need to be able to ensure a common base installation on my Solaris systems, and to have that base be as hands-off as possible. Alongside this, I need to leverage our existing Debian infrastructure since the only extra<\/em> Suns I have are very old and slow, and I have nowhere to house them (I will not<\/em> Jumpstart from a Sparc 20 with a 10 megabit interface when I have a new file server with gigabit ethernet).
\n
\nThe folks over at 5dollarwhitebox.org<\/a> have this Jumpstart from Debian page<\/a>, but I had to make a few tweaks to make it coexist with our existing DHCP and PXE setup.<\/p>\n

We have a Debian dhcp3 server handling DHCP for our subnet, including Windows clients, Debian and Ubuntu workstations, and Debian servers. Each of these systems needs to PXE-boot at various times, so I had to change the 5dollarwhitebox instructions to keep the Solaris-specific PXE items from conflicting with the Debian ones. Here’s an excerpt from our current dhcpd.conf:<\/p>\n

\n# Basic settings for all subnets\nddns-update-style none;\noption domain-name \"cae.tntech.edu\";\noption domain-name-servers 149.149.254.4, 149.149.11.6;\ndefault-lease-time 259200;\nmax-lease-time 259200;\nauthoritative;\nlog-facility local7;\n# Variable names and types for all Solaris systems that will use\n# 'boot net:dhcp - install'\noption space SUNW;\noption SUNW.root-mount-options code 1 = text;\noption SUNW.root-server-ip-address code 2 = ip-address;\noption SUNW.root-server-hostname code 3 = text;\noption SUNW.root-path-name code 4 = text;\noption SUNW.swap-server-ip-address code 5 = ip-address;\noption SUNW.swap-file-path code 6 = text;\noption SUNW.boot-file-path code 7 = text;\noption SUNW.posix-timezone-string code 8 = text;\noption SUNW.boot-read-size code 9 = unsigned integer 16;\noption SUNW.install-server-ip-address code 10 = ip-address;\noption SUNW.install-server-hostname code 11 = text;\noption SUNW.install-path code 12 = text;\noption SUNW.sysid-config-file-server code 13 = text;\noption SUNW.JumpStart-server code 14 = text;\noption SUNW.terminal-name code 15 = text;\n# Options specific to this subnet\nsubnet 149.149.254.0 netmask 255.255.255.0 {\n  option broadcast-address 149.149.254.255;\n  option routers 149.149.254.4;\n  option netbios-name-servers 149.149.254.38, 149.149.11.3;\n  option netbios-node-type 4;\n  allow booting;\n}\n# Options specific to Jumpstart Solaris 9 systems\ngroup {\n  vendor-option-space SUNW;\n  option SUNW.install-server-hostname \"jumpstart\";\n  option SUNW.install-server-ip-address 149.149.254.X;\n  option SUNW.install-path \"\/opt\/solaris\/jumpstart\/9\/install\";\n  option SUNW.JumpStart-server \"jumpstart:\/opt\/solaris\/jumpstart\/9\";\n  option SUNW.sysid-config-file-server \"jumpstart:\/opt\/solaris\/jumpstart\/9\/config\";\n  option SUNW.root-server-hostname \"jumpstart\";\n  option SUNW.root-server-ip-address 149.149.254.X;\n  option SUNW.root-path-name \"\/opt\/solaris\/jumpstart\/9\/install\/Solaris_9\/Tools\/Boot\";\n  # Each Jumpstart Solaris system needs to be assigned a hostname and a kernel.\n  # We may also want to assign a fixed address, but this isn't a requirement.\n  host ch208m { hardware ethernet a1:b1:c1:d1:e1:f1; fixed-address 149.149.254.13;\n    filename \"\/tftpboot\/SUNW.Ultra-80\"; option host-name \"ch208m\"; }\n  host ch208n { hardware ethernet a2:b2:c2:d2:e2:f2; fixed-address 149.149.254.14;\n    filename \"\/tftpboot\/SUNW.Sun-Blade-1000\"; option host-name \"ch208n\"; }\n  host ch208o { hardware ethernet a3:b3:c3:d3:e3:f3; fixed-address 149.149.254.15;\n    filename \"\/tftpboot\/SUNW.Sun-Blade-1000\"; option host-name \"ch208o\"; }\n  host ch314b { hardware ethernet a4:b4:c4:d4:e4:f4; fixed-address 149.149.254.220;\n    filename \"\/tftpboot\/SUNW.Sun-Blade-100\"; option host-name \"ch314b\"; }\n}\n# Other Windows or Linux entries\nhost ch208c {hardware ethernet a5:b5:c5:d5:e5:f5; fixed-address 149.149.254.3;}\nhost ch208r {hardware ethernet a6:b6:c6:d6:e6:f6; fixed-address 149.149.254.18;\n  filename \"\/tftpboot\/pxelinux.0\";}\n<\/pre>\n
The PXE and DHCP server is the one we’ve been using for doing Debian net installs and preseed installations. See Section 4.6.2 of the Debian 4.0 installation manual<\/a> for instructions.<\/p>\n
As for populating the jumpstart and DHCP servers, I started by doing a default installation of Solaris 9 onto my office Blade 100. Once that was installed, I could copy the Solaris installation, software, and language CDs onto a local jumpstart tree using the standard Sun scripts, and then copy that tree to the jumpstart server itself.<\/p>\n
\nch314b# mkdir -p \/local_jumpstart\/9\/install\n# Insert Solaris 9 Software CD 1 of 2\nch314b# \/cdrom\/cdrom0\/s0\/Solaris_9\/Tools\/setup_install_server \/local_jumpstart\/9\/install\n# Eject CD, insert Solaris 9 Software CD 2 of 2\nch314b# \/cdrom\/cdrom0\/Solaris_9\/Tools\/add_to_install_server \/local_jumpstart\/9\/install\n# Eject CD, insert Solaris 9 Languages CD\nch314b# \/cdrom\/cdrom0\/Languages\/Tools\/add_to_install_server \/local_jumpstart\/9\/install\n# Mount central Jumpstart directory, then copy local_jumpstart folder there:\nch314b# mkdir \/mnt\/jumpstart\nch314b# mount jumpstart:\/opt\/solaris\/jumpstart \/mnt\/jumpstart\nch314b# cd \/local_jumpstart ; tar -cf - . | ( cd \/mnt\/jumpstart && tar -xvpf - )\n<\/pre>\n
On the jumpstart server, I copied the required Solaris netboot kernels to the DHCP server’s \/tftpboot directory:<\/p>\n
\njumpstart# cd \/opt\/solaris\/jumpstart\/9\/install\/Solaris_9\/Tools\/Boot\/usr\/platform\njumpstart# scp SUNW,Sun-Blade-100\/lib\/fs\/nfs\/inetboot dhcp:\/tftpboot\/SUNW.Sun-Blade-100\njumpstart# scp SUNW,Sun-Blade-1000\/lib\/fs\/nfs\/inetboot dhcp:\/tftpboot\/SUNW.Sun-Blade-1000\njumpstart# scp SUNW,Ultra-80\/lib\/fs\/nfs\/inetboot dhcp:\/tftpboot\/SUNW.Ultra-80\n<\/pre>\n
Finally, I copied some of the sample Jumpstart configurations into the version-specific folders:<\/p>\n
\njumpstart# cd \/opt\/solaris\/jumpstart\/9\njumpstart# cp -a install\/Solaris_9\/Misc\/jumpstart_sample\/* .\n<\/pre>\n
Final configuration files on the jumpstart server:<\/p>\n
\/opt\/solaris\/jumpstart\/9\/config\/sysidcfg defines site policies for timezone, network setup, and other things that aren’t strictly system-specific:<\/p>\n
\nname_service=DNS{domain_name=cae.tntech.edu name_server=149.149.254.4,149.149.11.6}\nnetwork_interface=PRIMARY{dhcp protocol_ipv6=no}\nroot_password=CRYPTEDROOTPASSWORDGOESHERE\nsecurity_policy=NONE\nsystem_locale=en_US\nterminal=vt100\ntimezone=US\/Central\ntimeserver=localhost\n<\/pre>\n
\/opt\/solaris\/jumpstart\/9\/rules maps system types to particular installation scripts and profiles. Ours is very simple, and sets all our systems to the same setup:<\/p>\n
\nany     -       pre-install.sh  any_machine     post-install.sh\n<\/pre>\n
\/opt\/solaris\/jumpstart\/9\/rules.ok is the rules file with a Sun-generated checksum added. There’s a check script in \/opt\/solaris\/jumpstart\/9 that you run to convert the rules file into a rules.ok file — as far as I can tell, this has to be run from a Solaris box:<\/p>\n
\nany     -       pre-install.sh  any_machine     post-install.sh\n# version=2 checksum=4486\n<\/pre>\n
\/opt\/solaris\/jumpstart\/9\/any_machine defines the installation type, disk partitioning, and the basic Sun software load. This one divides a single drive into 32 MB for system upgrades (no mount point defined), 1 GB for swap, and the rest of the disk for the root partition.<\/p>\n
\ninstall_type    initial_install\nsystem_type     standalone\npartitioning    explicit\nfilesys any free \/\nfilesys any 1024 swap\nfilesys any 32\ngeo             N_America\nlocale          C\ncluster         SUNWCall\n<\/pre>\n
\/opt\/solaris\/jumpstart\/9\/pre-install.sh exists, but is entirely empty.<\/p>\n
\njumpstart# ls -l pre-install.sh\n-rwxr-xr-x 1 root bin 0 2007-10-10 13:32 pre-install.sh\n<\/pre>\n
\/opt\/solaris\/jumpstart\/9\/post-install.sh takes care of installing pkg-get<\/a>, facter, puppet, and getting the system ready for Sun’s JASS<\/a> scripts:<\/p>\n
\n#!\/bin\/sh\n\n###\necho \"Preparation\"\n###\nmkdir \/a\/jumpstart\nmount files.cae.tntech.edu:\/opt\/solaris\/jumpstart \/a\/jumpstart\n\n###\necho \"JASS\"\n###\ncd \/a\/jumpstart\nfor addon_pkg in SUNBEfixm.pkg SUNBEmd5.pkg\ndo\n  echo all | pkgadd -n -d ${addon_pkg} -R \/a\ndone\npkgadd -a admin.jumpstart -d . -R \/a SUNWjass\ncp finish.init \/a\/opt\/SUNWjass\/Drivers\ncp hardening.driver \/a\/opt\/SUNWjass\/Drivers\ncp root.profile \/a\/opt\/SUNWjass\/Files\/.profile\nmkdir -p \/a\/opt\/SUNWjass\/Patches\ncp \/a\/jumpstart\/9\/9_Recommended.zip \/a\/opt\/SUNWjass\/Patches\ncd \/a\/opt\/SUNWjass\/Patches\nunzip 9_Recommended.zip\ncp \/a\/jumpstart\/S21jass.sh \/a\/etc\/rc2.d\n\n###\necho \"Blastwave support\"\n###\ncd \/a\/jumpstart\nmkdir -p \/a\/usr\/local\/bin\ncp wget-sparc.bin \/a\/usr\/local\/bin\/wget\nchmod 755 \/a\/usr\/local\/bin\/wget\nmkdir -p \/a\/opt\/csw\necho all | pkgadd -a admin.jumpstart -d pkg_get-3.8.1-all-CSW.pkg -R \/a\ncp \/a\/jumpstart\/pkg-get.conf \/a\/opt\/csw\/etc\ncp \/a\/var\/pkg-get\/admin-fullauto \/a\/var\/pkg-get\/admin\n\n###\necho \"Puppet\"\n###\ncd \/a\/jumpstart\necho all | pkgadd -a admin.jumpstart -d \\\\\n    facter-1.3.8,REV=2007.09.23-SunOS5.8-all-CSW.pkg -R \/a\necho all | pkgadd -a admin.jumpstart -d \\\\\n    puppet-0.23.2,REV=2007.09.23-SunOS5.8-all-CSW.pkg -R \/a\ncp S98puppetd \/a\/etc\/rc2.d\n\n###\necho \"Teardown\"\n###\ncd \/\numount \/a\/jumpstart\nrmdir \/a\/jumpstart\n<\/pre>\n
admin.jumpstart prevents pkgadd from asking most of its regular installation questions:<\/p>\n
\nmail=\ninstance=unique\npartial=nocheck\nrunlevel=nocheck\nidepend=nocheck\nrdepend=nocheck\nspace=nocheck\nsetuid=nocheck\nconflict=nocheck\naction=nocheck\nbasedir=default\n<\/pre>\n
S21jass.sh is a basic one-time JASS installer:<\/p>\n
\n#!\/bin\/sh\necho \"Running Jumpstart Security:\"\nif [ ! -f \/etc\/jass.done ]; then\n    cd \/opt\/SUNWjass\n    JASS_NOVICE_USER=0 .\/bin\/jass-execute -d secure.driver\n    touch \/etc\/jass.done\n    echo \"...done\"\n    sync\n    sync\n    echo \"Rebooting...\"\n    reboot\nelse\n    echo \"...JASS already run.\"\nfi\n<\/pre>\n
The facter and puppet Solaris packages come from Gary Law<\/a>. The S98puppetd file is slightly edited to make it run under Solaris versions earlier than 10:<\/p>\n
\n#!\/bin\/sh\n# This is the \/etc\/init.d file for puppetd\n# Modified for CSW\n#\n# description: puppetd - Puppet Automation Client\n#\n\n#. \/lib\/svc\/share\/smf_include.sh\n\nprefix=\/opt\/csw\nexec_prefix=\/opt\/csw\nsysconfdir=\/opt\/csw\/etc\nsbindir=\/opt\/csw\/bin\n\nPATH=$PATH:\/usr\/local\/bin:\/usr\/local\/sbin:\/opt\/csw\/bin:\/opt\/csw\/sbin\nexport PATH\n\npidfile=\/var\/puppet\/run\/puppetd.pid\n\nif [ ! -f \/opt\/csw\/bin\/ruby ]; then\n    \/opt\/csw\/bin\/pkg-get -f install ruby\nfi\n\ncase \"$1\" in\nstart)\n    cd \/\n    # Start daemons.\n\n    printf \"Starting Puppet client services:\"\n\n    \/opt\/csw\/bin\/puppetd --factsync --server gold.cae.tntech.edu\n\n    printf \" puppetd\"\n    echo \"\"\n    ;;\nstop)\n    printf \"Stopping Puppet client services:\"\n    kill `cat $pidfile`\n\n    printf \" puppetd\"\n    echo \"\"\n    ;;\nrestart)\n    printf \"Restarting Puppet client services:\"\n    kill -HUP `cat $pidfile`\n\n    printf \" puppetd\"\n    echo \"\"\n    ;;\nreload)\n    printf \"Reloading Puppet client services:\"\n\n    kill -HUP `cat $pidfile`\n\n        printf \" puppetd\"\n        echo \"\"\n    ;;\nstatus)\n    if [ -f $pidfile ]; then\n        pid=`cat $pidfile`\n        curpid=`pgrep puppetd`\n        if [ \"$pid\" -eq \"$curpid\" ]; then\n            exit 0\n        else\n            exit 1\n        fi\n    else\n        exit 1\n    fi\nesac\nexit 0\n\n# $Id: svc-puppetd 1796 2006-10-17 06:09:41Z luke $\n<\/pre>\n
UPDATE 2007\/11\/16:<\/strong> Solaris 10 addendum.<\/p>\n
Solaris 10 introduces a few new wrinkles into the setup.<\/p>\n
    \n
  1. On first netbooting Solaris 10, I got an error cannot open kernel\/sparcv9\/unix<\/code>. There are tons of possible causes for this error, and lots of possible solutions<\/a>. The cause in this particular case is that the Solaris NFSv4 implementation isn’t compatible with the Linux one (at least the one in Debian’s nfs-kernel-server package). Dickon Hood<\/a> worked around it by using nfs-user-server, while vnull<\/a> just reconfigured his nfs-kernel-server to only offer NFSv2. Like one of vnull’s commenters, I managed to get things to cooperate by offering NFSv2 and NFSv3. Since I’m working from a central file server with lots of NFSv3 clients, I couldn’t just drop back to exclusively NFSv2.<\/li>\n
  2. After fixing the boot problem, I finally get the installation GUI running, and it immediately starts asking questions. I thought, “Crap, how’d I screw up sysidcfg this time?” As it turns out, the only question it couldn’t answer from sysidcfg was about its NFSv4 domain. No surprise, since this wasn’t an issue in Solaris 8 or 9. Adding nfs4_domain=cae.tntech.edu<\/code> to sysidcfg took care of that question. nfs4_domain=dynamic<\/code> may have worked fine, too.<\/li>\n
  3. Solaris 10 means I can use SMF, so I can uncomment the SMF line in the puppetd init script.<\/li>\n<\/ol>\n","protected":false},"excerpt":{"rendered":"
    Time to bring the Solaris workstations into our new infrastructure, to discover all the hidden Debian-specific parts in my Puppet manifests, and then fix them to be platform-neutral. First off, I need to be able to ensure a common base installation on my Solaris systems, and to have that base be as hands-off as possible. … <\/p>\n
    Continue reading “Solaris Jumpstart Installations In An All-Debian Environment”<\/span><\/a><\/p>\n","protected":false},"author":87,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[7,16,18],"tags":[],"class_list":["post-46","post","type-post","status-publish","format-standard","hentry","category-infrastructures","category-puppet","category-solaris","entry"],"_links":{"self":[{"href":"https:\/\/sites.tntech.edu\/renfro\/wp-json\/wp\/v2\/posts\/46","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sites.tntech.edu\/renfro\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sites.tntech.edu\/renfro\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sites.tntech.edu\/renfro\/wp-json\/wp\/v2\/users\/87"}],"replies":[{"embeddable":true,"href":"https:\/\/sites.tntech.edu\/renfro\/wp-json\/wp\/v2\/comments?post=46"}],"version-history":[{"count":1,"href":"https:\/\/sites.tntech.edu\/renfro\/wp-json\/wp\/v2\/posts\/46\/revisions"}],"predecessor-version":[{"id":482,"href":"https:\/\/sites.tntech.edu\/renfro\/wp-json\/wp\/v2\/posts\/46\/revisions\/482"}],"wp:attachment":[{"href":"https:\/\/sites.tntech.edu\/renfro\/wp-json\/wp\/v2\/media?parent=46"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sites.tntech.edu\/renfro\/wp-json\/wp\/v2\/categories?post=46"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sites.tntech.edu\/renfro\/wp-json\/wp\/v2\/tags?post=46"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}