S11 Implementation Bootcamp Lab Guide

Oracle Solaris 11.
1 Hands On Lab
Oracle Solaris 11
Implementation Specialist
Bootcamp
Student Lab Guide
Version 2 January 2013
Oracle Corporation
For Oracle employees and authorized partners only. Do

not distribute to third parties.
2011 Oracle Corporation
Page 1 of 147
Oracle Solaris 11.1 Hands On Lab
1 Oracle Solaris 11 Implementation

Specialist Bootcamp Lab Guide
1 Introduction
This lab guide contains practice labs that comprise the bulk of the 2 day Oracle
Solaris 11 Implementation Bootcamp which will prepare students to pass the Oracle
Solaris 11 Installation and Configuration Essentials exam (1Z0-580). This training
is part lecture and part lab. The labs are designed to be completed on the students
own laptop computer using the VirtualBox application and Oracle Solaris 11 virtual
instances. The labs will be facilitated during the bootcamp so students can proceed
at their own pace. The labs are also designed to be completed on their own out of
the classroom setting so students can practice and do them as many times as they
want until they feel confident in the concepts presented.
Practicing and understanding the concepts in this lab will prepare the student to
pass the Oracle Solaris 11 Certified Implementation and Installation Specialist exam
which will validate their expertise in Oracle Solaris 11 and hardware installation
and implementation concepts.
2 System Requirements
Hardware requirements:
A current laptop with at least 3 GB memory and 30 GB free disk space

Any OS supported by VirtualBox
o Apple
o Windows
o Solaris
o Linux
Oracle VirtualBox Software (4.2 with Extension Pack installed)
30 GB or more disk space available
No external network connection is required for the labs.

Page 2 of 147
Downloaded software packages:
VirtualBox 4.2
VirtualBox 4.2 Extension Pack
Oracle Solaris 11.1 Text Install ISO
Oracle Solaris 11.1 Virtual Box pre-configured image ISO
Oracle Solaris 11.1 Repository ISO
Note 1: Please download and install VirtualBox and the extensions on your system
prior to attending the lab. We cant guarantee the speed or availability of the internet
connection at the training venue. The Instructor will provide several flash disks with
the necessary files on them prior to class so students can download and install if
necessary. But it will be much easier if you already have the application loaded and
running.
3 Pre-requisites
High familiarity or previous certification on Oracle Solaris.

Current or prior Solaris version hands on experience is highly recommended.
Familiarity with UNIX based command line editing
Some experience with hardware and hardware drivers is/will be required.
Some familiarity with networking concepts around TCP/IP is helpful

Page 3 of 147
1 Contents
Lab 1 Advanced Installation

Lab 2 File Systems and Storage
Lab 3 Software Management
Lab 4 Networking
Lab 5 - Virtualization

Page 4 of 147
Large-Scale Installation and

Deployment of Oracle Solaris 11.1
V2 January 2013
1 Introduction
Participants will gain example-led awareness and understanding of the following
technical facilities:
- Automated Installation
- System Configuration Profiles and Service Management Facility
- Jumpstart to Automated Installation conversion
- Distribution constructor
- Boot environments
- Integration with Solaris Zones
- Image packaging system
We examine each of the enhancements and demonstrate how, jointly, they make it
easier to deploy Oracle Solaris 11 technology in the enterprise. Upon completion of
this lab, participants will have learned how to begin addressing business
requirements with Oracle Solaris 11 provisioning and packaging technology, and get
comfortable with methodologies that are available to aid in the process.
2 Overview
There are three significant steps involved in the installation process:
1) Assignment of a network identity for the system being installed
2) Contacting the automated installation service to download a small boot
image over the network with a description of how to provision a system
3) Actual provisioning of the system over the network, including software and
system configuration
Each of the above can be provided by services residing on the same physical or
virtual system, or they could also be on separate systems. In our lab we will
provision these services on the same system, provided by the following
components:

Page 5 of 147

1) DHCP service,
2) Automated Install service
3) Image Packaging System (IPS) Repository service
In this lab we will set up two Oracle Solaris 11 systems, one to host an Automated
Installer environment for the purposes of installing other systems automatically,
and one serving as our system being installed. Installation of the install server
system will be performed interactively and the installation of the second system will
be automated.
Figure 1: Client system installed by the Automated Install Server
In the diagram above, our first system, depicted on the left, will be our Automated
Install Server and will provide IPS, AI, and DHCP services . The second system,
depicted on the right, is a client that we will provision automatically.
3 Pre-requisites
This lab requires the use of the following elements:
A current laptop with at least 2GB memory and 100GB free disk space
Oracle VirtualBox Software (4.2.x with Extension Pack 4.2 installed)
Oracle Solaris 11.1 Base Text Image (sol-11_1-text-x86.iso)
Oracle Solaris IPS Repository (sol-11_1-repo-full.iso)
The following assumptions have been made regarding the environment where this
lab is being performed:
1. Network connectivity to the Internet is not necessary
2. The server system will be configured with a static IP address that will act as
a DHCP server.
3. The Client will be configured as a DHCP client

Page 6 of 147

4 Implementing the Automated Install Server Environment
Here is a visual for what we will be building in this lab environment. Any of these
services could reside on their own server in a real environment.
Figure 2: Automated Installation services
5 Exercises
5.1 Oracle VirtualBox Hypervisor Software basics

Your system should already have Oracle VirtualBox hypervisor software installed
and ready to use. If not, the latest version can be provided by your instructor or you
can download it from Oracle.com using the link below.
Download Virtual Box
You will also need the ISO images for Solaris Text installation and the Full
Repository ISO, available from your instructor or from Oracle.com.

Page 7 of 147

Download Oracle Solaris 11 x86 Text Install Image
Download Oracle Solaris 11 11/11 Repository Image
VirtualBox Installation Notes:
VirtualBox mouse capture can sometimes be frustrating in the way it handles

mouse interaction between VBox and your OS. Use the right control key on
your keyboard to return mouse control back to your default environment.
You can change this in VirtualBox preferences.
Make sure that you have the Text Installer and S11 Repo ISO files copied to
your laptop hard disk.
In the VirtualBox Manager Screen click New
Click Next on the welcome screen
In the VirtualBox
Manager screen, click
New to start the import
wizard.
Name your VM AIServer

OS Type:
Solaris
Version:
Oracle Solaris 11 (64
bit)
Click Next

Page 8 of 147

Choose an amount of
memory between 1.5GB
and 2GB 1536 is a good
number for this lab.
The text image doesnt
require as much memory
as the GUI based LiveCD
version.
Click Next
Click Next to create a new

hard disk.
Click Next well accept

the VDI hard drive image
default.

Page 9 of 147

Click Next to allow
storage space to be
dynamically allocated.
Change the disk file size

using the slider to 32GB.
This is to accommodate
the size of the repository
we will install later
Your new server has been

created.
Make sure AIServer is
selected and choose
Settings

Page 10 of 147

Click on Storage then
click on the Empty disk
icon under the SATA
Controller, then click on
the CD icon next to the
CD/DVD Drive SATA Port
dropdown under
attributes.
Well be using the Oracle

Solaris Text Based install
image for this lab.
Navigate to the sol-11_1text-x86.iso file on your
hard disk to mount it to
the virtual image.

Page 11 of 147

Navigate to the Network
section.
Choose Attached to: and
select Internal Network.
The name will be intnet
We will use the
VirtualBox private
network to provide
communications for this
lab
Click on System, in the

Boot Order field click on
CD/DVD-ROM and use
the up arrow to make
sure it is on top of the
Hard Disk in Boot Order.
Make sure Enable IO APIC
is selected
Click OK

Page 12 of 147

Click on the green Start
button to begin the
installation
Watch the screen as the
system boots
5.2 Install and Configure your Server

During an initial installation, we will answer basic questions pertaining to language
preference, time zone, disk partition information ( use whole disk in our lab), create
a username and a password, specify a meaningful user name, create a root password
and choose to use automatic network discovery.
You can press the
escape key <ESC> to
stop the timer or let
the image boot into
the Oracle Solaris 11
11/11 standard
GRUB selection.
The system will take
a few minutes to load
for the next screens.

Page 13 of 147

Choose the keyboard
layout and language
you would like to use
during the
installation. For the
first question hit
[Enter] for USEnglish keyboard
layout.
For the second

question, hit [Enter]
for the English
language which is
defaulted to item 3.
Wait for the system
to continue booting.
Enter 1 to install
Oracle Solaris or just
hit [Enter]
You are presented

with the Welcome
Screen which is the
first step in the SCI
configuration tool.
Press the F2 key to
continue.

Page 14 of 147

Choose Local Disks
on the discovery
selection screen
Select the default

sata disk hit F2 to
continue. Usually
leaving the default
will suffice
On the next screen,

select Use whole
disk and hit F2 to
continue.

Page 15 of 147

Enter aiserver as
the computer name
and highlight
Manually to
manually configure
the network, select
F2 to continue.
Enter the network

settings for this lab.
Use the IP address of
192.168.1.222 for
the fixed server
address
255.255.255.0 as
the subnet mask
192.168.1.1 as the
router.
Press F2 to proceed
We will not configure
DNS at this time,
select Do not
configure DNS and
hit F2

Page 16 of 147

We will not set up a
name service at this
time, choose None
and select F2.
Select the time zone

region appropriate
for your location,
select F2.
Select the
appropriate date and
time then select F2.
Complete your
configuration by
entering a root
password, your
name, username and
user password.
For example:
Real name: LabUser
Username: labuser
Password: solaris11

Page 17 of 147

At the two support
screens just hit F2 to
continue without
entering any
information at this
time.
Choose No proxy and

F2 to continue
Verify that the

configuration you
have chosen is
correct and apply the
settings by choosing
F2.

Page 18 of 147

A progress bar will
show you the
installation as it
proceeds
When the installation

is complete, you see
the screen
summarizing the
activity.
Press the F8 key to
reboot the system.
5.3 Using your Server for the first time

When the system reboots, hit ESC as soon as you see a message on the top of the
screen, prompting you to do so. Select the Boot from Hard Disk option, and hit
Enter.
Note 1: If you miss the timer, the server will boot back into the ISO install image. Just
click x in the top corner of the window and choose Power Down. Then restart the

Page 19 of 147

AIServer instance and try again.
Note 2: You can also unmount the ISO and change the boot order to hard disk from
the VirtualBox configuration menu to avoid a recycle reboot.
1) Login with the username credentials you created during the configuration
dialogue.

Page 20 of 147

Note 1: The first time the server boots a number of SMF services will be initiated. This
will only occur the first time and subsequent boots will be much faster.
Note 2: Do not attempt to login as root because, starting with Oracle Solaris 11, the
previously-accessible root user is now treated as a role, which means you log in with a
regular username, and then assume the root role. This is a security and auditing
benefit.
5.4 Configure the IPS Repository for local use by the Server
After youve logged in:
Assume the root role
# su
# password:
Turn off sendmail service to prevent errors from being printed on your screen:
# svcadm disable sendmail
# svcadm disable sendmail-client
If the text install boot image is still mounted, eject it at this time. (Oracle Text install
boot image, sol11_1-text-x86.iso this was the boot image that we used to install our
server)
# eject
For the first lesson in our lab, well need a copy of the Solaris Repository. This file
comes as a two part download from Oracle.com that must be concatenated together
before use. Youll probably have two files, sol-11_1-repo-full.iso-a and sol-11_1repo-full.iso-b. For Windows users youll need to use the DOS copy command to
join the two files together. Heres the syntax and an example:
C:\<file location\copy /b file1 + file2 targetfile
C:\mydocuments\sol-11_1-repo-full.iso-a + sol-11_1-repo-full.iso-b sol-11_1-

Page 21 of 147

repo-full.iso
For Unix the cat command should suffice:

# cat file1 file2 > targetfile
# cat sol-11_1-repo-full.iso-a sol-11_1-repo-full.iso-b >
sol-11_1-repo-full.iso
Mount the latest Repository ISO file on your server system. On the bottom bar of
your VirtualBox window, in the right corner area, position the mouse above the CD
image, click and select to Choose a virtual CD/DVD disk file and select the sol11_1-repo-full.iso file.
Or locate the Oracle VM Virtualbox Manager window,
Choose the AI Server instance
Choose Settings > Storage

Click on the CD/DVD image
Choose sol-11_1-repo-full.iso
Click OK
Your IPS repository disk is now mounted and ready for use.

Page 22 of 147
To verify type ls /media in your terminal window and you should see
SOL_11_1_REPO_FULL
To configure the IPS repository locally we need to change the publisher. Well
remove the default solaris publisher which points to the
http://pkg.oracle.com/solaris/release/ publisher location.
Use the pkg command to see the default publisher for Oracle Solaris 11
# pkg publisher

Page 23 of 147

Set the publisher to the new local instance:
# pkg unset-publisher solaris
# pkg set-publisher g
file:///media/SOL_11_1_REPO_FULL/repo \ solaris
This allows us to run pkg commands to perform updates to our server without
having to connect to the network and allows us a faster way to access the repository
without installing it just yet. This does not yet make the IPS Repository service
available on the network for your clients. We will do this as a separate exercise.
5.5 Perform an Installation of Software that was not in the base image
When we installed Solaris using the Text-based interactive Installer, we ended up
with a collection of software packages known as a solaris-large-server package. You
can verify this by running:
# pkg list |grep group
The large server package contains many programs but there are still a lot of
available software packages that are located in the repository and available for
download whenever we need to obtain them.
For an example, we will add the VIM editor which is not included in the large server
package by default. Type the following command to install the vim package.
# pkg install editor/vim

Page 24 of 147

In a few seconds your new package will install. Verify the files that were modified as
a result of the package install
Note: In the output referencing boot environments above. The VIM package is a
minor program addition so the pkg command does not automatically create a boot
environment, or a backup boot environment.
# pkg contents editor/vim
Lets try another example. Well install the NVDAgraphics driver package.
First lets look at our boot environments. Why will become clear in a moment. But
remember that making backups of the Oracle Solaris 11 Operating System is as easy
as a result of the ZFS snapshot and clone utilities.
# beadm list
Note that theres a single solaris instance. Lets install the NVDA graphics package.
# pkg install NVDAgraphics
This package will have 16 other packages as dependencies, all of which will
automatically be calculated and installed.
Note: The NVDAgraphics will most likely throw an error on installation as
referenced by the below screen shot. This is a normal part of the lab.

Page 25 of 147
The pkg install service has automatically created a backup boot environment named
solaris-backup-1.
Check the state of the boot environments
# beadm list
Verify that the solaris-backup-1 boot environment exists
Reboot the server at this time, type the reboot command:

# init 6
5.6 Boot Environments

After the system reboots and presents a boot menu, youll be able to select which
boot environment to boot into.

Page 26 of 147
Select solaris-backup-1 and hit [Enter]. This is the backup environment that was
created automatically by the pkg command.
Login as labuser and then su to root
In this environment we have a state of the machine before the installation of the
NVDAgraphics package. The boot image called Oracle Solaris 11 11/11 contains the
defective graphics driver. This is just an example of a safe roll-back capability that
Solaris provides out-of-the-box and eases elements of software and system
management.
Since weve now booted into the backup environment the beadm command output
will show that the solaris-backup-1 environment is active Now and the solaris
environment will be active on Reboot
# beadm list

Page 27 of 147
Boot environments are useful and easy to create. Lets create one now.
Run the following command
# beadm create beforeUpdate
# beadm list
You have just created a boot environment called beforeUpdate and verified that it
exists.
Assume that we made a mistake and we dont like the name beforeUpdate, we want
to make it beforeChange instead. Lets rename it and call it beforeChange
# beadm rename beforeUpdate beforeChange
Check your output with the screen below:
You can activate the beforeChange boot environment to be the default boot
environment which will become available the next time the system boots. Verify
your changes and note the R and N in the table below.
# beadm activate beforeChange
# beadm list

Page 28 of 147
Notice how (in the Active column) the R and N values move between different
boot environments. R indicates that the boot environment will be active on
Reboot, and N means the boot environment active Now.
You can also mount boot environments and interrogate them to look for files or
troubleshoot a boot instance.
Heres an example of mounting a boot environment.
Create a mount point:
# beadm mount beforeChange /mnt
# ls /mnt
You can navigate the beforeChange file system to make changes and interrogate the
system.
Unmount the boot environment
# beadm unmount beforeChange
Now lets do a little clean up and return our system to a good stable state. Well
rename beforeChange to something that makes more sense and well get rid of the
defective environment that contains the errored out NVDAgraphics driver
Activate our backup environment because we cant rename an active boot
environment.
# beadm activate solaris-backup-1

Page 29 of 147

Change beforeChange to solaris11
# beadm rename beforeChange solaris11
Activate solaris11
# beadm activate solaris11
Reboot the AIServer instance
# init 6
Upon reboot solaris11 should be the default environment in the Grub menu
boot into the solaris11 environment. Once your system has finished booting, login
and su to root. Confirm solaris11 is the active environment and you still have an
existing backup
# beadm list
5.7 Configure the IPS Repository as a network service

In order to allow other machines to connect and receive software from a local
network resource, the IPS repository has to be configured as a network service on
our server.

Page 30 of 147

Verify that your server has a static IP address:
Run the dladm show-link and ipadm show-addr commands
Note: dladm and ipadm are new commands available to manage network
configuration in Oracle Solaris 11.
In this portion of the lab we will take the IPS repository contents from an ISO file
and make it persistently accessible through a service, this ensures it will be
available even after a reboot of the server.
Note: For a typical customer installation we would copy the contents of the ISO to a
file system for faster access. But since this is a lab running on virtual servers and in the
interest of time well just mount it. Instructions on copying the repo directly to hard
disk are available in the Solaris 11 documentation
Note: In the VirtualBox setup at the beginning of the lab we mounted the sol-11-1111repo-full.iso file to the virtual CD drive. This ISO file should be available to your system
under the /media directory. If its not mounted go back and use the instructions to
mount the ISO to your system in order to complete this lab.
We will instantiate the repo as a properly configured service. We will use SMF
(Service Management Facility) to get this done.
su to the root role and execute the following commands:
# svccfg s application/pkg/server setprop \
pkg/inst_root=/media/SOL_11_1_REPO_FULL/repo
# svccfg s application/pkg/server setprop \
pkg/readonly=true
# svcadm refresh application/pkg/server
# svcadm enable application/pkg/server

Page 31 of 147
The next step is to configure the system to use a locally configured IPS repository.
We do so by changing the default publisher from pkg.oracle.com/solaris/release to
the publisher weve set up on our own system. In a normal environment your
publisher might be on its own server.
Type the following commands:
# pkg unset-publisher solaris
# pkg set-publisher g http://192.168.1.222 solaris
Verify that your publisher has been changed to the new local resource
# pkg publisher
Add another package as a test, to make sure our repository is properly configured
and accessible via the network. Well add the developer package for the vala
language.
# pkg install developer/vala
Verify your package is installed properly:
# pkg info developer/vala

Page 32 of 147
5.8 Using Automated Installer to create the first install service

Now that you have a system that has an IPS package repository, lets create an
instance of the Automated Installation service.
We can create this install service from pkg://install-image/solaris-auto-install
package thats already mounted on our system.
# installadm create-service n s11x86service i 192.168.1.110 c 20
This will create a service named s11x86service and serve up DHCP clients starting
with 192.168.1.110. The c argument specifies that 20 IP addresses should be
allocated.
When prompted about using the default image path, answer y for yes.

Page 33 of 147
In creating the installation service, Solaris generates a number of steps:

1) creation of a local DHCP server instance on the Automated Install server
2) creation of a default installation service (named default-i386)
Note: If you wanted to create a SPARC service, you would add the a sparc
argument to the above command. Additionally, use of the -n switch during service
creation is optional, as the Automated Installer is intelligent enough to figure out the
architecture of the service being created and to give it a name if none is specified.
Note: In our example we are working with the very first instance of a service, so we
have to use the default service name when implementing modifications to that service.
Keep this in mind as there will always be a default installation service that is
architecture-specific. When executing commands on services that were the first to be
created for the hardware platform, the commands have to reflect the name defaulti386 instead of the service name (in our example: s11x86service).
At this point, you can see the install services status by running:
# installadm list

Page 34 of 147
5.9 Installing the client with default values

The next step is to boot the client system off the network and provision it using the
Automated Install service that we have just set up.
We need to set up a client Virtual Box image now. Follow the VirtualBox
instructions from Section 5.1 and create another Oracle Solaris 11.1 image, name it
AIClient. You do not need to mount an ISO file for this exercise since we are booting
from the network.
Important Note: Make sure you have the VirtualBox Extensions installed!
Use the following parameters:
VM Name and OS Type:
Name:
Operating System:
Version:
Base Memory Size:
Storage
Disk File Allocation
AIClient
Solaris
Oracle Solaris 11 (64 bit)
1536 MB
Dynamically allocated storage
16 GB Virtual disk file allocation

Page 35 of 147

In the VirtualBox main
window, select the AIClient
instance and choose
System.
Click in the Boot Order
field and select Network by
checking the box. Then
click the arrows to put the
Network field at the top of
the list.
Verify that Enable IO APIC
is checked.
Select Network and change
Attached To from NAT to
Internal Network. The
name will be intnet.
We will be using the
VirtualBox private network
for this lab.
Click OK
Power on the AIClient virtual machine.

As the VirtualBox machine instance starts up, watch the screen.
If you receive a message asking for a boot drive, disregard this message and click
cancel.
First you will see the network boot attempt, similar to the below screenshot:

Page 36 of 147
Next you will see a GRUB menu with a timer. The default selection highlights the
Text Installer and command line option but we need use the Automated Install
selection. Press the up or down arrow keys to stop the timer and select the
Automated Install and press enter.
What follows is the continuation of a networked boot from the Automated Install
server, where the client downloads a mini-root (a small set of files in which to
successfully run the installer), identifies the location of the Automated Install
manifest on the network, retrieves the said manifest and then processes it to
identify the address of the IPS repository where to obtain images from.

Page 37 of 147
As you watch the screen youll see how pkg.oracle.com is the default address of the
IPS repository. In our case, however, we had previously created a local IPS
repository so we need to make sure that it is our local IPS repository that is being
contacted to install the client system.

Page 38 of 147
Some valuable information on the screen will be the location of log files and the
XML manifest being used for this installation, such as shown on the above image.
The default IPS repository hard-coded in the default Automated Install manifest is
hosted by Oracle and the XML code <origin name=> is pointing at pkg.oracle.com.
If your system were able to reach the Internet, you would see a successful
installation process on your screen.
However, since were only using an internal network we will not be able to reach the
internet and the DNS resolution being done in the mini-root will fail. We will
therefore be unable to contact the default IPS repository located at pkg.oracle.com.
As a result, our installation will fail with the message below.
This isnt a big deal for our lab and most customer enterprise installations will
already have internal IPS repositories (like weve previously created in this lab) as
using an internet based repository takes a lot of bandwidth and isnt the most
efficient way of getting your packages. In the next section, we will alter the default
manifest to point to our own internal IPS repository.

Page 39 of 147

You can close the failed AIClient installation by clicking on the X at the top right of
the screen and choose Power off the machine
5.10 Customizing the default Automated Install (AI) manifest

In order to modify the default manifest used by installation clients, we leverage the
installadm command. Since we already have a service called s11x86service what we
need to do is reflected in the following three steps:
1) examine the manifest that the install service uses,
2) modify the manifest
3) add the newly modified manifest to the install service
This can be accomplished using the following commands on our aiserver instance:
First, list the installation services and manifests associated with them:
installadm list m
Next, well probe the s11x86service and the default manifest associated with it. The
m switch reflects the name of the manifest associated with a service. We want to
alter the manifest and well use the default as a template. Well capture the output
into a file. Below is the command to redirect our manifest output to a file that we
can edit by using the command below:
# installadm export n s11x86service m orig_default >
/var/tmp/orig_default.xml
Create a backup copy of this file under a different name and work on the copy, lets
call it orig-default2.xml
# cp /var/tmp/orig_default.xml /var/tmp/orig_default2.xml

Page 40 of 147
Open this file with an editor.

# vi /var/tmp/orig_default2.xml
In our file, orig_default2.xml locate the line that reads:
<origin name=http://pkg.oracle.com/solaris/release/>
and replace the origin name with the url of our local IPS repository.
<origin name=http://192.168.1.222/solaris/>
Save the file. We now need to put our changes into effect by updating the AI service
by registering the contents of the new file.
Since we are working with the very first instance of an AI service, we must use the
default service name when referencing modifications to the service.
# installadm update-manifest n default-i386 m \
orig_default f /var/tmp/orig_default2.xml
5.11 Booting the Client with the modified Automated Install (AI) manifest
Boot the AI Client virtual machine again, and as you do, youll see a process similar
to what youve previously seen, but now it will not stop with a DNS error. Instead, it
will proceed towards contacting the local IPS repository for packages. The process
begins to look like the image below, notice the address in the origin line on the

Page 41 of 147

bottom:
It can take between 15 and 30 minutes to install the packages from the AI Origin. Be
patient and let the installation complete.
The installation should complete with output similar to the following.

Page 42 of 147
Prior to rebooting the client, you may want to login and explore the system and
examine the log files, such as the Installation log file (/system/volatile/install_log) or
the Automated Install manifest that was used to install the system
(/system/volatile/ai.xml)
To login to the system use the default Automated Install image username root and
the password solaris
There are many additional customizations that can be done to the Automated Install
manifest. The guiding principles in instituting these changes are to follow the
process outlined above and remember to refer to appropriate install service names.
5.12 Providing custom configuration for the Client

When the client system is rebooted, it will look for pre-provisioned configuration
files and if it finds none, it invokes the interactive System Configuration Tool.
In order to fully automate the installation process, we can provision a configuration
file that would be made available as part of the installation service. To do that, we
first need to create a system configuration profile that would contain all the
minimum configuration data, and then add this profile into the installation service

Page 43 of 147

that would be used by clients as part of the deployment process.
Creation of a system configuration profile can be done by using the sysconfig
tool. We will run this on the Server system (aiserver solaris11 boot instance). Run
the following command and follow the prompts using the information in the table
below. Choose the Manual network profile and enter in the static IP address:
root@aiserver:~# sysconfig create-profile o sc.xml
Profile Tool Field
Computer Name:
Installation parameter
solaris
Manual Networking
192.168.1.215
255.255.255.0
192.168.1.1
Do Not Configure
None
Your choice
Your choice
Your choice
Current Date / Time
solaris11
Labuser1
labuser1
solaris11
Press F2 to push through the
support choices and get to
the final review. Press F2 to
apply the changes to the
file. The resulting output
profile can be validated by
running it against the
install service and
specifying the profile
filename.
IP Address
Netmask
Router:
DNS
Alternate Name Service
Time Zone Regions
Locations
Time Zone
Date
Root Password
Your real name:
Username:
User password:
Validate your installation profile.

# installadm validate n default-i386 P sc.xml

Page 44 of 147

Alternatively, we can use a sample profile that is delivered as part of the installation
service. In the /export/auto_install/s11x86service/auto_install/sc_profiles directory
there is a file named: sc_sample.xml. Inspecting this text file, we can see that it
defines a number of parameters such as the username and a password, a password
for root role, keyboard mappings, time zone, DNS configuration and network
configuration. If we want to make changes to this file, we could do so by copying it
to a different location, making our edits, and then associating it with an installation
service.
For this lab we wont make any changes so well accept the default system
configuration parameters.
Next well need to add the system configuration profile to an install service.
Lets copy the sample profile into /var/tmp so we know were working with a copy
of the template.
# cp \
/export/auto_install/s11x86service/auto_install/sc_profiles/sc_sample.xml \
/var/tmp/sc_client.xml
Next, instantiate a profile with the install service.

# installadm create-profile n default-i386 -f /var/tmp/sc_client.xml \
p sc_client
Verify that the install service contains a custom system configuration profile
associated with it.
# installadm list p
When we reboot our client from the network we will witness a complete hands-off
process of installing and configuring the system. We can then login with credentials
configured in the system configuration profile, such as username jack (password:
jack), and we can elevate privileges by assuming the root role (password: solaris)

Page 45 of 147

as necessary.
Note: Because of the amount of time another installation might take. Please consult
your instructor before rebooting your system and re-running the AI Installation. Feel
free to attempt this on your own time out of the class.
Final Note: To continue on in the bootcamp lab series, please leave the AIServer
instance alone for now. If you change IP addresses or otherwise change the
configuration, the following labs might not work out. We will be using this server
instance to complete the hands on zone training module later in the training session.
6 Locations of log files

If time permits, examine the installation logs and get familiar with what has
occurred.
During the installation, log files are located in /system/volatile directory.
Login as root user with solaris password.
Automated Zone installations are logged in /system/volatile/zones
After the installation the log files are located in /var/sadm/system/logs/,
specifically look at the install_log
7 Lab Summary
In this document you learned how to create, install, boot and configure a system
using the Automated Installer. You learned how an Automated Install manifest can
be modified and modifications be put into effect automatically for you. You also
learned how to add a local IPS repository to help avoid unnecessary traffic on your
network as well as to provide security.
One of the benefits of Automated Installer is its level of integration with other
utilities in Oracle Solaris 11, and the ability to automate most of the tough
provisioning tasks so that the installation service is ultimately capable of doing
more to get your systems closer to an application-ready state. Oracle Solaris 11
tools offer a very fast, consistent, and scalable provisioning experience.
8 References
For more information and next steps, please consult additional resources: Click the
hyperlinks to access the resource.
Oracle Solaris 11 Technology Spotlights

Page 46 of 147

Transitioning from Oracle Solaris 10 JumpStart to Oracle Solaris 11 Automated Installer
Oracle Solaris 11 Information Library
Oracle Solaris 11 Product Documentation
Advanced Administration with the Image Packaging System on Oracle Solaris 11
How to Configure Oracle Solaris 11 using sysconfig command
Oracle Solaris Observatory blog
Installing Oracle Solaris 11 Systems: Hands-on Lab from Oracle OpenWorld 2011
Oracle Solaris 11 Installation Cheat Sheet

Page 47 of 147
Oracle Solaris 11 ZFS File System

V2 January 2013
1 Introduction
Oracle Solaris ZFS is a revolutionary file system that changes the way we manage
storage. Participants in this lab will gain awareness through example of devices,
storage pools, and performance and availability. We will learn about the various
types of ZFS datasets and when to use each type. We will examine snapshots,
cloning, allocation limits, and recovering from common errors.
We will cover the following areas around ZFS:
-
Zpools
Vdevs
ZFS datasets
Snapshots / Clones
ZFS properties
ZFS updates
These exercises are meant to provide a primer into the value and flexibility of Oracle
Solaris 11 ZFS for the enterprise. Upon completion of this lab, the learner will
understand the simplicity and power of the ZFS file system and how it can help
address business requirements with Oracle Solaris 11 storage technology and will
be well on their way to mastering this powerful technology.
2 Overview
ZFS is the default file system in Oracle Solaris 11. This lab will follow the basic
system administration duties revolving around storage in a basic system. As in any
installation or implementation well follow a basic path for building our storage
infrastructure
4) Hardware setup and initial storage connection and assignment. (VirtualBox,
virtual disks, and files)
5) Creating pools. Storage devices in ZFS are grouped into pools. A pool
provides all of the storage allocations that are used by the file systems and
volumes that an installation will require.
6) Creating file systems which can be assigned to users and applications and
manipulated to fit the needs of each.

Page 48 of 147

7) Details around each of the above resulting in a complete storage picture for
Oracle Solaris 11 from which the learner can begin to develop more
expertise.
8) We will use the VirtualBox application to create virtual SAS disks that Oracle
Solaris 11 can work with just like real disks.
9) We will create files within the operating system to work with for simplicity.
The files are treated just like disks and working with them would be no
different than working with a large storage array connected to a customer
system.
3 Pre-requisites
A current laptop with at least 3GB memory and 30 GB free disk space
Oracle Solaris 11.1 VM for Oracle VM VirtualBox
5. We will only work with a single Solaris 11 Virtual Instance
4 Lab Setup
4.1 Oracle VirtualBox Hypervisor Software basics
and ready to use. For this lab we will require a GUI interface and will be using the
pre-built Oracle Solaris 11.1 VM image. We only need to acquire it and import it to
get running quickly.
Download Virtual Box
VirtualBox Notes:
VirtualBox mouse capture can sometimes be frustrating in the way it handles

mouse interaction between VBox and your OS. Use the right control key on
your keyboard to return mouse control back to your default environment. You
can change this in VirtualBox preferences.
4.2 Oracle Solaris 11 VM Image installation
Make sure that you have the Oracle Solaris 11.1 VM Image copied to your
laptop hard disk.
Page 49 of 147
Unzip the Solaris 11 image to your hard disk

In the VirtualBox Manager Screen click New
Click Next on the welcome screen
Click on the File Menu and
choose Import Appliance
Welcome to the Appliance

Import Wizard! Click the
Choose button.

Page 50 of 147

Navigate to the folder
where you downloaded or
copied the Oracle Solaris 11
PreBuilt image and click
Open. The file is named
OracleSolaris11_1.ova The
.ova extension indicates
that its a virtual box export.
Choose Next on the

Appliance to import screen

Page 51 of 147

Choose Import from the
Appliance Settings screen
The progress bar will show

the import progress.
Usually looks slow in the
beginning but this shouldnt
take more than a few
minutes.
Your new image has been
imported and is ready for
use. Lets just make some
simple changes, add some
disks, and well be ready for
the labs.

Page 52 of 147

Make sure your new image
is selected and choose
Settings, Storage
On the bottom of the

Storage Tree section click
on the green plus sign to
Add a new controller to
our virtual image. Choose
Add SAS Controller from
the list

Page 53 of 147

Click on the disk icon with
the plus sign on it to the
right of the SAS controller
you just added to add a new
hard disk.
In the resulting dialog box,

choose Create new disk
The virtual disk creation

wizard will start up. Choose
the default selection of VDI
(VirtualBox Disk Image)
and click Next >

Page 54 of 147

Click Next > for Dynamically
Allocated
Name the disk 4GBDisk1

and either choose 4GB with
the slider or type in the
number 4.00 GB into the
text box. Choose Next >

Page 55 of 147

After your disk is created
you should now have a
virtual disk named
4GBDisk1 underneath your
new SAS controller.
Repeat the above steps to

create 3 more 4GB virtual
disks under the same SAS
controller and name them
4GBDisk2, 4GBDisk3, and
4GBDisk4 respectively.
Verify your settings match
the screen to the left and
click OK to confirm and
begin installation.
4.3 Install and Configure Oracle Solaris 11 Virtual Image

In this lab we are utilizing a pre-built Oracle Solaris Image. This image is based on
the desktop version and we will be running in the Gnome environment. Even
though the system has been pre-installed, we still have to answer the basic
installation questions in order to get things running for the ZFS lab. The system will
run through the basic set up dialog as illustrated below.

Page 56 of 147

Upon startup youll be
presented with the GRUB
menu. Select Oracle Solaris
11.1 and press the
return/enter key
After a few minutes you

should see the SCI welcome
screen where youll answer a
few simple questions in
order to bring the system up.
You should recognize this
step from earlier installation
labs. Press the <F2> key.

Page 57 of 147

In the next screen well name
our system and choose how
we want to configure
networking. Name your
system zfslab and choose
Automatically for network
configuration. We will not
use any networking for this
lab so dont worry about this
selection.
The next screens will ask

about your region, time zone,
etc. Choose UTC/GMT to
avoid the time zone screens
or select your local time
zone.
The next screen will ask for

the Root password, and to
create a user account. Use
the below values if you wish
for consistency in the labs.
Root password: solaris11
Your real name: Lab User
Username: labuser
User password: solaris11

Page 58 of 147

You should see a
confirmation screen. Review
and press <F2> to proceed
with configuration.
Press <F2> to proceed past

the support screens for user
name as well as Proxy
information.
Confirm your selections and

press <F2> to apply changes
and start your image.

Page 59 of 147

The System Configuration
Tool will exit and the system
will come up with your new
configuration parameters.
Wait for the GNOME login
screen and login as labuser,
password, solaris11.
Well do our labs from

terminal windows within the
Oracle Solaris 11 GUI.
Congratulations, youre up
and running! Now lets get
started with ZFS.
Tip! If you dont want the
entire desktop taking up your
screen while you perform the
labs, use the <Ctrl> key <L>
combination while your
terminal is selected to switch
to seamless mode.
5 Working with Pools

5.1 Verifying the SAS and flat file disk devices
Its easier to work as root during the labs, remember to su - to root when first
logging in because root is a role and not a user. Lets su to root, confirm our
environment, and create some disk files before we get started with ZFS.
su to root,
to confirm that our 4 SAS disks are available to the system
# format < /dev/null

Page 60 of 147
5.2 Creating and destroying pools

To create your first pool (Note your disk device numbers may differ from the
example)
# zpool create datapool raidz c8t0d0 c8t1d0 c8t2d0 c8t3d0
That's all there is to it. We can use zpool status to see what our first pool looks like.
# zpool status datapool

Page 61 of 147
Note from this output that the pool named datapool has a single ZFS virtual device
(vdev) called raidz1-0. That vdev is comprised of our four disks.
The RAIDZ1-0 type vdev provides single device parity protection, meaning that if
one device develops an error, no data is lost because it can be reconstructed using
the remaining disk devices. This organization is commonly called a 3+1, 3 data disks
plus one parity.
ZFS provides additional types of availability: raidz2 (2 device protection), raidz3 (3
device protection), mirroring and none. We will look at some of these in later
exercises.
Before continuing, let's take a look at the currently mounted file systems.
# zfs list

Page 62 of 147
One thing to notice in the ZFS makes things easier category is that when we created
the ZFS pool with one simple command, ZFS also created the first file system and
also mounted it. The default mountpoint is derived from the name of the pool but
can be changed easily.
Note:
Things we no longer have to do with ZFS are
Create a filesystem
Make a directory to mount the filesystem
Add entries to /etc/vfstab
Weve decided that we need a different type of vdev for our datapool example. Lets
destroy this pool and create another.
# zpool destroy datapool
# zfs list

Page 63 of 147
All file systems in the pool have been unmounted and the pool has been destroyed.
The devices in the vdev have also been marked as free so they can be used again.
Notice how easy it is to destroy and theres no destroy? Are you sure? warning.
Next, lets create a simple pool using a 2 way mirror instead of raidz.
# zpool create datapool mirror c8t0d0 c8t1d0
Now the vdev name has changed to mirror-0 to indicate that data redundancy is
provided by mirroring (redundant copies of the data).
What happens if you try to use a disk device that is already being used by another
pool?
# zpool create datapool2 mirror c8t0d0 c8t1d0
The usage error indicates that /dev/dsk/c8t0d0 has been identified as being part of
an existing pool called datapool. The -f flag to the zpool create command can
override the failsafe in case datapool is no longer being used, but use that option
with caution.

Page 64 of 147

5.3 Adding capacity to a pool
Our application has made it necessary to add more space the the datapool. The
next exercise will show you how simple it is to add capacity to an existing pool.
# zpool list datapool
# zpool add datapool mirror c8t2d0 c8t3d0
# zpool status datapool
Note that a second vdev (mirror-1) has been added to the pool.
To see if your pool has actually grown, do another # zfs list command.
# zfs list datapool
Datapool has grown from 3.97GB to 7.81GB

Notice that you don't have to grow file systems when the pool capacity increases.
File systems can use whatever space is available in the pool, subject to quota

Page 65 of 147

limitations, which we will examine in a later exercise.
Lets destroy datapool again so we can have some fresh disks to work with on the
next set of exercises.
# zpool destroy datapool
5.4 Importing and exporting pools

ZFS zpools can also be exported, allowing all of the data and associated
configuration information to be moved from one system to another. For this
example, use the first two SAS disks (c8t0d0 c8t1d0).
# zpool create pool2 mirror c8t0d0 c8t1d0
# zpool status pool2
As before, we have created a simple mirrored pool of two disks. We've told ZFS to
use the entire disk (no slice number was included) and if the disk was not labeled,
ZFS will write a default label.
ZFS Storage pools can be exported in order to migrate them easily to other systems.
Storage pools should be explicitly exported to indicate that they are ready to be
migrated. This operation flushes any unwritten data to disk, writes data to the disk
indicating that the export was done, and removes all knowledge of the pool from the
system.
Lets export pool2 so that another system can use it somewhere else.
# zpool list

Page 66 of 147
# zpool export pool2

# zpool list
Note that our pool, pool2 is no longer in our list of available pools.
The next step will be to import the pool, again showing how easy ZFS is to use.
# zpool import pool2
# zpool list
Notice that we didn't have to tell ZFS where the disks were located. All we told ZFS
was the name of the pool. ZFS looked through all of the available disk devices and
reassembled the pool, even if the device names had been changed.
If you dont know the name of the pool ZFS will provide the names of available
pools.
# zpool export pool2
# zpool import

Page 67 of 147
Import your pool.

# zpool list
Without an argument, ZFS will look at all of the disks attached to the system and will
provide a list of pool names that it can import. If it finds two pools of the same name,
the unique identifier can be used to select which pool you want imported.
5.5 Pool properties

There are many pool properties that can be customized for your environment. To
see a list of these properties type the following command.
# zpool get all pool2

Page 68 of 147
Pool properties are described in the zpool(1M) man page. Pool properties provide
information about the pool, effect performance, security, and availability. To set a
pool property, use zpool set. Note that not all properties can be changed (ex.
version, free, allocated).
Set the listsnapshot property to on. The listsnapshot (also listsnaps) controls
whether information about snapshots is displayed when the zfs list command is
run without the t option. The default value is off.
# zpool set listsnapshots=on pool2
# zpool get listsnapshots pool2
5.6 Upgrading pools

As with any software package, ZFS goes through upgrades over time. Lets take a
look at how we can find the zpool version number, features provided by that
version, and how we can potentially upgrade, or even downgrade our ZFS Pool
version to accommodate potential compatibility scenarios. To find out what

Page 69 of 147

features have been added over time, use the below command.
# zpool upgrade -v
When you patch or upgrade Oracle Solaris, a new version of zpool may be available.
It is simple to upgrade or downgrade an existing pool. Well create a pool using an
older version number, and then upgrade the pool.
# zpool destroy pool2
# zpool create -o version=17 pool2 mirror c8t0d0 c8t1d0
# zpool get version pool2

Page 70 of 147
Note that your pool is now at version 17.

The next step would be to upgrade the old pool to the latest version. Execute the
following commands.
# zpool upgrade pool2
Its that simple. Now you can use features provided in the newer zpool version, like
log device removal (19), snapshot user holds (18), etc.
This concludes the section on pools. There is a wealth of features that we havent
explored yet. Check out the man page for many other features that you can take
advantage of.
Lets do a little clean up and destroy pool2 to free up our disks for the next lab.
# zpool destroy pool2
5.7 ZFS split command

A mirrored ZFS storage pool can be quickly cloned as a backup pool by using the
zpool split command.
First lets create a mirrored ZFS pool named pool3 with two of our SAS disks.
# zpool create pool3 mirror c8t0d0 c8t1d0
# zpool status pool3

Page 71 of 147
Remember that our pool is automatically mounted so lets go ahead and create some
data and store it in the resulting file system.
# ps fe > /pool3/psfile.txt
# ls l /pool3
First lets check the status of the file system for size and then lets split the pool and
create our instant backup copy. We will provide a name for the resulting second
pool and call it pool4.
#
#
#
#
zfs list pool3

zpool split pool3 pool4
zpool status
zfs list pool3

Page 72 of 147
Note that our pool now only contains a single disk but the size is still the same. And
running the ls command shows that our file is still there and has not come to any
harm.
Our new pool doesnt show up in the list because it still needs to be imported. Lets
do that now.
# zpool status pool3 pool4

Page 73 of 147
That confirms our split pools. Now lets verify that our file has been duplicated in
the filesystem.
# ls l /pool3
# ls l /pool4
Now just for the heck of it, lets put the mirror back together. If this were a
production system you would ensure that complete and proper backups were done
before playing with splits and joins like this in a filesystem no matter how
trustworthy the software may be.
First well need to destroy pool4 because it has the disk we want to put back into the
mirror. Then well use the attach subcommand to bring a new disk into our
nonredundant single disk pool as a mirror. With the attach command you need to
list the existing device first and then the device you wish to join into the mirror.
#
#
#
#
zpool
zpool
zpool
zpool
destroy pool4
status pool3 pool4
attach pool3 c4t2d0 c4t3d0
status pool3

Page 74 of 147
The mirrored pool is now back to normal and the file it contained is still intact.
# ls l /pool3
6 Working with datasets (file systems and volumes)

Now that we understand pools, the next topic is file systems. We will use the term
datasets because a zpool can provide many different types of access, not just
through traditional file systems.
As we saw in the earlier exercise, a default dataset (file system) is automatically
created when creating a zpool. Unlike other file system and volume managers, ZFS
provides hierarchical datasets (peer, parents, children), allowing a single pool to
provide many storage choices.
ZFS datasets are created, destroyed and managed using the zfs(1M) command.

Page 75 of 147

6.1 Dataset lab setup
To begin working with datasets, let's create a simple pool, again called datapool and
4 additional datasets called bob joe fred and pat. Execute the following commands
on your system
#
#
#
#
#
zpool create datapool mirror c4t0d0 c4t1d0

zfs create datapool/bob
zfs create datapool/joe
zfs create datapool/fred
zfs create datapool/pat
Use the zfs list r datapool command to confirm your work.
By using zfs list -r datapool, we are listing all of the datasets in the pool
named datapool. As in the earlier exercise, all of these datasets (file systems) have
been automatically mounted.
If this was a traditional file system, you might think there was 19.55 GB (3.81 GB x
5) available for datapool and its 4 datasets, but the 4GB in the pool is shared across
all of the datasets. To see an example of this behavior, type the following
commands:
# mkfile 1024m /datapool/bob/bigfile
# zfs list -r datapool

Page 76 of 147

Notice that in the USED column, datapool/bob shows 1GB in use. The other datasets
show just the metadata overhead (31k), but their available space has been reduced
to 2.91GB, the amount of free space available to them after the consumption of 1GB
by the datapool/bob dataset.
6.2 Hierarchical datasets

A dataset can have children, just as a directory can have subdirectories. For
datapool/fred, let's create a dataset for documents, and then underneath that,
additional datasets for pictures, video and audio. Execute the following commands:
#
#
#
#
zfs
zfs
zfs
zfs
create
create
create
create
datapool/fred/documents
datapool/fred/documents/pictures
datapool/fred/documents/video
datapool/fred/documents/audio
6.3 ZFS dataset properties

ZFS datasets are flexible and can be manipulated with a myriad of properties. The
next short exercise will examine some ZFS dataset properties, how to manipulate
them and why.
Type the following to obtain all of the properties for datapool.
# zfs get all datapool

Page 77 of 147
As you can see, there are many dataset properties that can be set. For a complete
explanation of each property, consult the zfs(1M) man page. Well outline a few
examples in the following exercise.
6.4 Quotas and reservations

ZFS dataset quotas are used to limit the amount of space consumed by a dataset
and all of its children. Reservations are used to guarantee that a dataset has an
Page 78 of 147

allocated amount of storage that cant be consumed by other datasets in use.
To set quotas and reservations, use the zfs set command.
# zfs set quota=2g datapool/fred
# zfs set reservation=1.5g datapool/fred
The first thing to notice is that the available space for datapool/fred and all of its
children is now 2GB, which was the quota we set with the command above. Also
notice that the quota is inherited by all of the children.
The reservation is a bit harder to see.
Original pool size 3.91GB
In use by datapool/bob 1.0GB
Reservation by datapool/fred 1.5GB
So, datapool/joe should see 3.91GB - 1.0GB - 1.51 GB = 1.41GB available.
6.5 Changing the mountpoint

With a traditional UNIX file systems changing a mountpoint would require a few
steps, including
Unmounting the file system

Making a new directory
Editing /etc/vfstab
Mounting the new file system
With ZFS it can be done with a single command. In the next example, let's move
Page 79 of 147

datapool/fred to a directory just called /fred. First lets look at the current
mountpoint.
Now lets change it.

# zfs set mountpoint=/fred datapool/fred
And look at it again.
Notice that not only did the command change datapool/fred, but also all of its
children, in one single command.
6.6 ZFS Volumes (zvols)

Lets look at another type of dataset, the zvol and what it can do.
Volumes, or zvols, provide a block level (raw and cooked) interface into the zpool.
Instead of creating a file system where you place files and directories, a single object
is created and then accessed as if it were a real disk device. This would be used for
things like raw database files, virtual machine disk images and legacy file systems.
Oracle Solaris also uses this for the swap and dump devices when installed into a

Page 80 of 147

zpool.
# zfs list r rpool
In this example, rpool/dump is the dump device for Solaris and its about 1.5g.
rpool/swap is the swap device and it is 4g. As you can see, you can mix files and
devices within the same pool.
Unlike a file system dataset, you must specifically designate the size of the device
when you create it, but you can change it later if needed. It's just another dataset
property. Create a volume.
# zfs create -V 500m datapool/vol1
This creates two device nodes: /dev/zvol/dsk/datapool/vol1 (cooked) and
/dev/zvol/rdsk/datapool/vol1 (raw). These can be used like any other raw or
cooked device. We can even put a UFS file system on it.
# newfs /dev/zvol/rdsk/datapool/vol1
Expanding a volume is just a matter of setting the dataset property volsize to a new
value. Be careful when lowering the value as this will truncate the volume and you
could lose data. In this next example, let's grow our volume from 500MB to 1GB.
Since there is a UFS file system on it, we'll use growfs to make the file system use the
new space.
# zfs set volsize=1g datapool/vol1
Page 81 of 147

# growfs /dev/zvol/rdsk/datapool/vol1
6.7 Snapshots and clones

ZFS provides the ability to preserve the contents of a dataset through the use of
snapshots. And snapshots are easy to create and take up virtually no space when
theyre first created. Type the below commands to create some snapshots.
# zfs snapshot datapool/bob@now
The value after the @ denotes the name of the snapshot. Any number of snapshots
can be taken.
# zfs snapshot datapool/bob@later
# zfs snapshot datapool/bob@waylater
# zfs list -r -t all datapool/bob
Note that the snapshots take up zero bytes.

Delete these snapshots as they wont be needed for the actual lab.
# zfs destroy datapool/bob@waylater
# zfs destroy datapool/bob@later
# zfs destroy datapool/bob@now
And verify that theyre gone
# zfs list r t all datapool/bob

Page 82 of 147
We can use our point in time snapshots to create new datasets called clones Clones
are datasets, just like any other, but start off with the contents from the snapshot.
Clones and snapshots make efficient use of storage. Clones only require space for
the data that's different than the snapshot. That means that if 5 clones are created
from a single snapshot, only 1 copy of the common data is required.
Remember that datapool/bob has a 1GB file in it? Let's take a snapshot of the
datapool and then create some clones.
#
#
#
#
#
zfs
zfs
zfs
zfs
zfs
snapshot datapool/bob@original
clone datapool/bob@original datapool/newbob
clone datapool/bob@original datapool/newfred
clone datapool/bob@original datapool/newpat
clone datapool/bob@original datapool/newjoe
Use zfs list r o space datapool to illustrate whats going on.
We can see that there's a 1GB file in datapool/bob. Right now, that's the dataset
being charged with the copy, although all of the clones can use it.
Now let's delete it in the original file system, and all of the clones, and see what
Page 83 of 147

happens.
# rm /datapool/*/bigfile
# zfs list r o space datapool
Notice that the 1GB has not been freed (avail space is still 382M), but the USEDSNAP
value for datapool/bob has gone from 0 to 1GB, indicating that the snapshot is now
holding that 1GB of data. To free that space you will have to delete the snapshot. In
this case you would also have to delete any clones that are derived from it.
# zfs destroy datapool/bob@original
# zfs destroy R datapool/bob@original
# zfs list r o space datapool

Page 84 of 147
The 1GB file that we deleted has been freed because the last snapshot holding it has
been deleted.
You can also take a snapshot of a dataset and all of its children. A recursive
snapshot is atomic, meaning that it is a consistent point in time picture of the
contents of all of the datasets. Use -r for a recursive snapshot.
# zfs snapshot -r datapool/fred@now
# zfs list -r -t all datapool/fred
Snapshosts can also be destroyed recursively using -r.

# zfs destroy r datapool/fred@now
The last item well cover is a new command in Oracle Solaris 11, the ZFS diff
command. The diff command enables a system administrator to determine the
differences between different ZFS snapshots.
Lets start by creating some snapshots and adding files to a users home directory.
Assuming you have the labuser in your Solaris instance lets use that home

Page 85 of 147

directory for our example.
# zfs list r t all rpool/export
Create a text file in the users home directory and take a snapshot call the snapshot
snap1
# ps fe >> /export/home/labuser/psfile.txt
# zfs snapshot rpool/export/home/labuser@snap1
Verify your snapshot
Now lets create another file

# svcs -a >> /export/home/labuser/svcsfile.txt
Take another snapshot, call it snap2, and confirm your snapshots again.
# zfs snapshot rpool/export/home/labuser@snap2

Page 86 of 147

Now lets run the diff command and see what happens.
# zfs diff rpool/export/home/labuser@snap1 \
rpool/export/home/labuser@snap2
The output on the diff command indicates that the file or directory has been
modified with the M at the left side. The - indicates that the file or directory is
present in the older snapshot but not in the newer one. The + sign indicates that
the file or directory is present in the more recent snapshot but not in the older
snapshot. You might also see an R indicating that a file has been renamed in
between snapshots.
6.8 Compression
Compression is a useful feature integrated with the ZFS file system. ZFS allows both
compressed and noncompressed data to coexist. By turning on the compression
property, all new blocks written will be compressed while the existing blocks will
remain in their original state.
Lets create a 500MB file we can do some compression on. Type the following
commands:
# zfs list datapool/bob
# mkfile 500m /datapool/bob/bigfile
Now let's turn on compression for datapool/bob and copy the original 500MB file.
Verify that you now have 2 separate 500MB files when this is done.
Type the following commands:

Page 87 of 147

# zfs set compression=on datapool/bob
# cp /datapool/bob/bigfile /datapool/bob/bigcompressedfile
# ls -la /datapool/bob
There are now 2 different 500MB files in /datapool/bob, but the ls command only
says 500MB is used. It turns out that mkfile creates a file filled with zeroes. Those
compress extremely well - too well, as they take up no space at all.
That concludes this lab on the ZFS File system, run this command to clean up the
work we did during the course of the lab.
# zpool destroy f datapool
7 Summary
In this lab you learned about the power of the ZFS File System in Oracle Solaris 11.
We discussed and performed exercises to familiarize you with zpools and virtual
devices (vdevs). We learned about ZFS datasets like snapshots and clones. You
were also exposed to the myriad of ZFS properties and ways that ZFS can easily be
updated.
The exercises were meant to provide initial exposure to these features and
hopefully a basis for continued learning and eventual expertise in this powerful
storage technology thats an integral part of Oracle Solaris 11.

Page 88 of 147

8 Resources
Oracle Solaris 11 ZFS Technology Page
Oracle Solaris Admin: ZFS File Systems
ZFS Best Practices Guide
ZFS Evil Tuning Guide
Oracle Solaris 11 ZFS Administration

Page 89 of 147
IPS Basics
V2 January 2013
1 Introduction
Oracle Solaris 11 takes a new approach to lifecycle and package management to
greatly simplify the process of managing system software helping to reduce the
inherent risks of operating system maintenance, including reducing unplanned and
planned downtime. With the Image Packaging System (IPS), administrators can
install and update software from local or remote software package repositories
using a more efficient and modernized process.
Participants in this lab will gain example-led awareness and understanding of the
following technical facilities:
Image Packaging System Basics

IPS command line overview
Configuring repositories
Installing and uninstalling packages
Obtaining information about packages
Searching for packages
Package manifest basics
We will go on a brief tour of the new IPS feature and help the learner gain
confidence in this new technology to be able to take their expertise to the next step.
2 Overview
IPS automates the management of system software on Oracle Solaris 11 by replacing
patching with package updates. IPS is an efficient and network-centric approach
that includes automatic software dependency checking and validation. IPS builds on
the foundation of ZFS and utilizes its powerful snapshot and clone features which
help reduce risk by creating instant backups and near instant roll-backs in case
issues arise. Using IPS, administrators can easily and reliably install or replicate an
exact set of software package versions across many different client machines.
Working with IPS involves these simple steps
10)Configuration of the repository, either local or remote, or both
Page 90 of 147

11)Package installation, removal, and updating commands
12)Obtaining information about packages
13)Automating package installation
This lab builds on the foundation already laid in the Module 4 Lab Advanced
Installation. We have already covered some of the basics of AI, the repository, and
package management so some of this will be a refresher. We will utilize the Virtual
Box Oracle Solaris 11 Text based image that we installed for Mod 4 Advanced
Installation. And we will use the pre-installed repository that we added for that
module as well.
For instructions on downloading and installing the Oracle Solaris 11 Text based
image and the Oracle Solaris 11/11 Repository image, please see the Mod 4
Advanced Installation lab.
3 Pre-requisites
Oracle Solaris IPS Repository (sol-11_1-repo-full.iso)
Successful completion of lab #4 Advanced Installation where you installed
the repository and made it available via the internal VirtualBox network.
7. The server system will be configured with a static IP address that will act as
a DHCP server.
8. The VM Instance name is AIserver
9. The repository has already been configured with the parameters laid out in
Mod 4 Advanced Installation

Page 91 of 147

4 Exercises
4.1 Oracle VirtualBox Hypervisor Software overview
Your system should already
have Oracle VirtualBox
hypervisor software
installed and ready to use
with the AIServer instance
available.
Boot the AIServer instance.

When your AIServer
instance is comingyoure
your GRUB boot menu may
or may not look like this.
Choose the existing
solaris11 instance to begin
working with the lab.
After logging in a labuser

and suing to root. Verify
that the publisher is still set
to the internal repository of
http://192.168.1.222. This
was configured in the first
lab.

Page 92 of 147
4.2 Repository basics
Software developers, or publishers, make their software available in

software package repositories from which administrators can install to their
systems.
Oracle Solaris 11 installations are configured to have a default publisher,
Solaris, which supplies software packages from the "release" repository:
http://pkg.oracle.com/solaris/release.
Administrators can install new software packages, search for package
content, or mirror the contents of this repository locally.
While many IPS commands that query the system (list, info, contents, search,
history) can be performed by any user, commands that make changes to the
system image must be performed by adopting an appropriate administrative
role.
Administrators can quickly see what configuration a system has by using the pkg
publisher command:
# pkg publisher
We can quickly query some basic information about this repository using the
pkgrepo info command, or they can load the repository URL into their Web browser:
# pkgrepo info s http://192.168.1.222
You can see that our repository currently has 4401 packages, is online, and was last
updated on September, 27th of 2012.
4.3 Installing and uninstalling packages

Page 93 of 147

Now that weve confirmed the repository lets review installation of packages.
First well investigate installing the GNU GCC compiler by doing a dry-run
installation using the nv switch.
# pkg install nv gcc-3
For a dry run (no changes have been made to the system), we used the nv switch.
We learn from this output that this package
Will install one package

Will take up about 234 megabytes of space
Doesnt create a new boot environment
Doesnt create a backup boot environment
Changes a single service
Will restart the svc:/application/texinfo-update:default
service
Note: A boot environment is one that is created and set Active on next reboot in order
to make it the default environment. A Backup boot environment is one that is created
and not set to active so that you may boot into it if necessary.
Lets go ahead and install this package.
# pkg install gcc-3

Page 94 of 147
Our package has been installed.

Verify that the gcc-3 package has been installed.
# pkg info gcc-3
Note the other information available such as the description, state, publisher,
version, build release, etc.
Even if a package doesnt require a new boot environment or at least a backup, you
can create one yourself on installation of any package using the below command.
Lets uninstall gcc-3 and try again in a new boot environment.
# pkg uninstall gcc-3

Page 95 of 147
# pkg install -be-name gcc-be gcc-3
Note: In the above output, the Create boot environment: field now says Yes. Also the
screen informs us that the clone has been updated, activated, and will be the default
boot environment on next boot.
Confirm this with the beadm command:
# beadm list
Set the active boot environment back to our default solaris11 instance.
Note: Your instance could have another name. Just use the default solaris instance

Page 96 of 147

that you left intact from the last lab.
# beadm activate solaris11
# beadm list
This lab has attempted to illustrate how easy it is to create backup boot
environments and how few resources they need. Its recommended that systems
administrators use them as their day to day best practices when administering and
maintaining systems.
4.4 Getting information about a package

IPS makes it easy to get information about installed packages, whether updates are
available, and many other details about installed and not installed packages. The
first command well review is the pkg list command.
The pkg list command will return every package on the system. You can limit the
output by typing the name of an existing package.
# pkg list
# pkg list text/groff
The output above shows us the tail end of the pkg list command with no
arguments. It basically lists out every package on the system. The second package
list command we give with a specific package to show the information that can be
obtained from the command. The columns will list the name, version and an IFO
column.
There is also an IFO column which tell us
An i in the I column indicates the package is installed

Page 97 of 147
An f in the F column indicates that the package is frozen

An o in the O column indicates that this package is obsolete
An r in the O column indicates the package is available under a new name
For example:
# pkg list af *toolkit@latest
The -af option lists all matching packages, including those that cant be installed in
this image. @latest lists only the newest packages. This output indicates that
The developer/dtrace/toolkit package cannot be installed in this image.

The r in the O column indicates that this package has been renamed. The
developer/dtrace/toolkit package has been renamed to
system/dtrace/dtrace-toolkit,
system/dtrace/dtrace-toolkit is already installed.
And nothing in the columns for nvidia/cg-toolkit indicates its not installed
on our system
Lets get some more information about a package.

# pkg info system/dtrace/dtrace-toolkit
If we try to find information on packages that arent installed on our system we

Page 98 of 147

wont get any results. Try getting info on the nvidia/cg-toolkit package.
# pkg info nvidia/cg-toolkit
Use the -r option to query the Repository to get information on uninstalled
packages.
# pkg info r nvidia/cg-toolkit
To list the contents of a package and the paths and files that are installed use the
contents subcommand.
# pkg contents gzip

Page 99 of 147
Another powerful feature of IPS is the ability to search for specific things about the
packages, like the name of a package that a file might belong to. Use the command
below to search the repository for a file called stdio.h and the output will tell you
which applications the file belongs to.
# pkg search stdio.h
4.5 Updating the system

Oracle Solaris 11 IPS technology includes the ability to update your system to the

Page 100 of
147

latest packages with a single command.
To get the latest updates for the entire system at one time you can issue the pkg
update command. Use the - nv option for a dry run to get an idea how much work
needs to be done.
# pkg update nv
You can also update specific packages by specifying them on the command line.
# pkg update vim@latest
Our lab environments are very up to date so we wont encounter any updates during
the lab.
If you need to back an update out youd use the revert command.
# pkg revert vim
4.6 Package dependencies

In the SVR4 package environment package dependencies usually had to be managed
manually through readme files and in some cases this made package management
very challenging.
In Oracle Solaris 11, IPS manages dependencies automatically. Below is a table
showing the relationships that IPS manages.

Page 101 of
147

Dependency
Description
require
This dependency is required. A package cannot be installed if any of its required dependencies
cannot be satisfied.
optional
If this dependency is present on the system already then it must be at a specified version level
or greater.
exclude
This dependency enforces a restriction such that a package cannot be installed if the specified
package is present at the specified version level or greater.
incorporate This dependency is optional, but the version range has both a lower and an upper bound,
allowing only further dot-separated integers to be added to the existing sequences.
conditional This dependency is required only if another predicate package is installed on the system. This is
often used to allow packages to provide support for features (such as X11 or language bindings)
only if the features are already present on the system.
group
This dependency is required unless the package is on the avoid list, in which case, the system
will try to avoid installing this package. However, if another package requires this dependency,
it will be installed regardless of whether it is on the avoid list.
parent
This dependency is used to ensure that global zones and non-global zones are kept in sync for
all kernel components and any software that spans the zone boundary.
We can see how these relationships are managed by taking a look at the manifest of
a particular package through the pkg command. A package manifest describes how
a package is assembled and provides basic information about the package (such as
the name, version, description, categorization, and so on), what files the package
includes, and what other packages or services the package relies on to meet its
dependencies. While many package commands filter this information into a
presentable form, it is sometimes useful to look at the package manifest directly
using the pkg contents m command.
Each line within the manifest is called an action. Actions describe a small part of the
overall package. The first part of each line describes the action type: set, license,
depend, dir, file, and so on. Lets take a look at an example of the package manifest
using the grep command on the gzip package.
Take a look at variables that are set on installation of the gzip package.
# pkg contents m gzip | grep set

Page 102 of
147
Here well take a look at the dependencies of the gzip package. You can see that it
depends on library and bash.
# pkg contents m gzip | grep depend
Well take a closer look at manifests in another lab
5 Lab Summary
In this document you practiced some package management commands and learned
how to administer packages in Oracle Solaris 11. We did some basic repository
configuration as a follow up to one of the earlier labs. We also installed and
uninstalled packages and practiced obtaining detailed information about packages.
The Oracle Solaris 11 Image Packaging System is a major advancement in software
management providing an integrated user experience and improved safety for
system updates. IPS takes much of the complexity out of managing Oracle Solaris by
providing improved automation and auditing, allowing administrators to flexibly
manage multiple application environments across virtualized and non-virtualized
instances of the operating system.
6 For more information

Transitioning from Oracle Solaris 10 JumpStart to Oracle Solaris 11 Automated Installer

Page 103 of
147

Advanced Administration with the Image Packaging System on Oracle Solaris 11
Image Packaging System on Oracle Solaris 11
Oracle Solaris 11 IPS Cheat Sheet

Page 104 of
147
Network Configuration
V2 January 2013
1 Introduction
Participants will gain example-led awareness and understanding of how network
configuration is accomplished in Oracle Solaris 11.
With a few basic exercises we will introduce the learner to some new ways to
administer network properties in Oracle Solaris 11. Upon completion of this lab,
participants will have learned how to do some basic configuration and setup and be
prepared to explore more detailed and expand their knowledge into the powerful
Solaris network abilities.
2 Overview
In this lab well be practicing with some of the new Oracle Solaris 11 network
commands. Well briefly review basic network planning and then execute setup of
our network links and ip addressing. Well also review the updated method for
configuring name service mapping in the Solaris 11 operating system.
Some of the commands and concepts well review are listed below.
NCPs, Automatic and FixedDefault networking modes

Manual networking configuration
SMF services configuration
netadm
dladm
ipadm
svccfg
This practice can be accomplished with a single VirtualBox Oracle Solaris 11

instance with some added virtual network interfaces.

Page 105 of
147

3 Pre-requisites
Oracle Solaris 11.1 VirtualBox prebuilt image.
o Provided by instructor or downloaded on your own
o Oracle Solaris VM for Oracle VM VirtualBox
11. 4 virtual network interfaces will be created in the VirtualBox environment
(instructions below)
12. Your Oracle Solaris 11 VirtualBox instance has been installed and youve
assigned a normal user/password and a root password.
a. The recommended user name is labuser
b. The recommended password is solaris11
c. The recommended root password is solaris11
4 VirtualBox lab setup and pre-network configuration

In the ZFS Lab # 3 we imported the Oracle Solaris 11.1 pre-built VirtualBox image.
Skip to Step # 8 below on Network Settings below if youve already imported the
Solaris 11 image and used it for the ZFS lab. Your Oracle Solaris 11 image must be
down in order to configure the network interfaces in VirtualBox.
1 - In the VirtualBox
main window choose
File > Import Appliance

Page 106 of
147

2 - From the Appliance
Import Wizard click the
Choose button and
navigate to the
OracleSolaris11_1.ova
file which is the prebuilt Oracle Solaris VM
image you downloaded
or obtained from the
instructor
3 - Navigate to the folder

where you downloaded
or copied the Oracle
Solaris 11 PreBuilt
image and click Open.
The file is named
OracleSolaris11_1111.ovf. The .ovf
extension indicates that
its a virtual box export.
4 - Choose Next on the

Appliance to import
screen

Page 107 of
147

5 - Confirm the default
settings and choose
Import to begin
importing the virtual
image.
6 - The progress bar will

show the import
progress. Usually looks
slow in the beginning
but this shouldnt take
more than a few
minutes.
7 - Your new image has
been imported and is
ready for use. Lets add
some network adapters,
and well be ready for
the labs.

Page 108 of
147

8 - After your image has
finished importing select
it in the VB application
and choose Settings
and navigate to
Network settings. You
should see tabs for up to
4 virtual network
adapters and the first
one should be
configured for you
already.
9 - Select Adapter 2,
click on the check box to
Enable Network
Adapter and make sure
the drop down is
selected as NAT
Network Address
Translation
Do the same thing for
Adapter 3 and Adapter 4
so all 4 virtual network
adapters are enabled.
Click OK
10 - If you scroll down in
the Details section of the
VB interface, your
Network properties
should show all 4
adapters enabled and set
for NAT

Page 109 of
147

11 - Click on the Start
button to start your new
VB Oracle Solaris 11
instance. If youre using
the previously built ZFS
lab image, skip the next
steps, boot the
environment, and login
youre ready to begin the
lab.
12 - The System
Configuration Tool
should start. Configure
your system according
to the below
instructions. If you need
further assistance please
see lab # 2 Advanced
Installation for help
with the system
configuration utility
13 - Recommended
settings for lab use are
listed below:
System Name:
bootcamp1
Full Name: Lab User
Username: labuser
User password:
solaris11
Root password:
solaris11
Local Time: Your choice
Network
Configuration:
Automatic

Page 110 of
147

14 - Once your virtual
image has booted, open
a Terminal and type in
the command dladm
show-phys to verify
that the network
interfaces are
operational and being
seen by Solaris 11.
5 Lab Exercises
5.1 Planning the network deployment
This section is a very brief review of what you may encounter when configuring a
system for a customers network. Review the checklist and proceed on to the
exercises, keep in mind that were working with a very simple network model in our
lab exercise but that in a customer environment things could get more complicated.
Task
Description
Plan hardware requirements and

network topology
Determine the equipment youll be using

and the layout of the equipment at your
site.
Obtain registered IP address(s) for your

network if this is a new network
If communicating over the internet you

must have a unique assigned IP address
Obtain or devise an IP addressing

scheme based on IPv4 or IPv6
Determine how addresses are deployed

at the customer site.
Obtain or create a list of IP addresses

and host names that will be used on the
network. Alternatively decide if
customer will use DHCP for addressing.
Use the list to build network databases.
Determine the name service in use at the

customer site.
DNS, NIS, LDAP, etc.
Establish administrative subdivisions if

necessary.
Consult the site network admins or

obtain this information from the
customer.

Page 111 of
147

Determine whether routers are in use or
necessary within the configuration,
routing protocols, etc.
If the network is large enough, routing

will be a consideration.
If required, design a strategy for

subnetting.
Subnets allow network control and help

administration as well as allow more IP
addresses to be made available to end
users.
For more information on network planning see the Oracle Solaris 11 System
Administration Guide: IP Services
5.2 Network command basics

and ready to use with the Oracle Solaris 11 instance configured and up and running
with 4 virtual network adapters added. We will be using a terminal application
within the GUI for the following lab exercises.
Note: In this lab, were only using the terminal window. You can eliminate the GUI
interface on a Windows system by pressing the Host Key (right control usually) and the
L key to enter seamless mode and use just the terminal window on your desktop.

Page 112 of
147

5.3 Network Configuration Profiles (NCP)
Oracle Solaris 11 uses profile-based network configuration, which is comprised of
two network configuration modes: manual and automatic.
The Automatic NCP uses DHCP to obtain basic network configuration (IP address,
router, and DNS server) from any of the connected Ethernet interfaces. The
DefaultFixed NCP disables automatic network configuration and requires the
network interfaces to be manually configured using the dladm and ipadm
commands. The name-services can be configured using SMF, the Oracle Solaris
Service Management Facility.
You can create your own NCPs and this makes Oracle Solaris 11 network
management easier than always using the DefaultFixed NCP and manually
configuring the network. The DefaultFixed NCP should be used on systems that
will be reconfigured using Oracle Solaris Dynamic Reconfiguration or where hotswappable interfaces are used. It must be used for IP multipathing, which is not
supported when using the Automatic NCP.
Become the root user:
# su
You can use netadm to find out what network profiles are active on a system:
# netadm list
As you can see from the output the Automatic NCP is enabled and active. We will
need to switch to the DefaultFixed NCP in order to complete the rest of the lab.
Lets familiarize ourselves with the new network commands and see what our

Page 113 of
147

network looks like. Type to following commands to investigate your network based
on its automatically obtained information.
#dladm show-phys (shows us the physical interfaces)
#dladm show-link (shows us the link state for the physical addresses)
Now lets look at the ip layer and see whats going on.
# ipadm show-if (this will show us the existing interfaces on the system)
# ipadm show-addr
Now lets switch to manual mode in order to see whats involved in manual network
configuration.
# netadm enable p ncp DefaultFixed
# netadm list

Page 114 of
147
We can easily switch back to the Automatic NCP using the following command:
# netadm enable -p ncp Automatic
# netadm list
It might take a few minutes for your instance to regain its network information but
soon you will be back to your original state.
Return to the DefaultFixed ncp by typing in the following command:

# netadm enable p ncp DefaultFixed
Now that weve gone back to the manual network profile, lets look at our interfaces
again and see whats happened.

Page 115 of
147

# dladm show-phys
# dladm show-link
# ipadm show-if
# ipadm show-addr
None of the interfaces should be configured. Now we have some work to do.
5.4 Manual network configuration

In the last lab we switched the NCP into DefaultFixed. Now we can start doing
some manual network configuration.
On a machine with multiple physical networks, you can use dladm to determine
how network interface names are mapped to physical interfaces. Oracle Solaris uses
the concept of vanity names to apply to the underlying links to avoid random
changes resulting from physical interface additions and subtractions.
# dladm show-phys

Page 116 of
147
The ipadm command is used to manually configure IP interfaces and addresses.

For example, a static IPv4 interface is created as follows. Then use the ipadm
show-if command to verify creation of the interface.
# ipadm create-ip net0
# ipadm show-if
Now lets assign an IP address to our interface with the following command:
# ipadm create-addr T static a local=10.9.8.7/24 \
net0/v4static
# ipadm show-addr
The -T option can be used to specify three address types: static, dhcp, and
addrconf (for auto-configured IPv6 addresses). In this example, the system is
configured with a static IPv4 address. Use the same syntax to specify a static IPv6
address with our second virtual interface.
#
#
#
#
ipadm
ipadm
ipadm
ipadm
create-ip net1
create-addr T addrconf net1/v6auto
show-if
show-addr
Page 117 of
147
Now lets create an ipv4 dhcp interface using the same commands and use our 3rd
interface.
#
#
#
#
ipadm
ipadm
ipadm
ipadm
create-ip net2
create-addr T dhcp net2/v4auto
show-if
show-addr
If an interface has already been configured and you want to change the address or
type, you will need to remove it and then re-add it. Execute the following
commands to change the address on net0 from 10.9.8.7 to 10.9.8.4. Then type the
ipadm show-addr command to verify your changes.
# ipadm delete-ip net0
# ipadm create-ip net0
# ipadm create-addr T static a local=10.9.8.4/24 \
net0/v4static
# ipadm show-addr

Page 118 of
147
5.5 Displaying and configuring link interfaces when in manual mode

When you perform a fresh installation, all datalinks are automatically assigned
generic names by using a net0, net1, and netNnaming convention, depending on the
total number of network devices on a system. After installing, you can use different
datalink names.
Display information about the datalinks on a system as follows:
# dladm show-phys
Display a datalink name, its device name, and its location in this manner:
# dladm show-phys L net0
To rename a datalink type the following commands. If an IP interface is configured

over the datalink, first remove the interface.
# ipadm show-if

Page 119 of
147
Since we dont have net3 configured at this time lets rename the link using the
following commands:
# dladm rename-link net3 onboard3
# dladm show-phys
Youve just renamed your datalink.
5.6 Name Services in Oracle Solaris 11

The SMF repository has replaced manually edited files as the primary method for
configuring network naming services. Changes to network services information can
now be made by interacting directly with the SMF services. Services, for
example, svc:/system/name-service/switch, svc:/network/dns/client,
and svc:/system/name-service/cache must be enabled or refreshed for any changes
to take effect.
The following table describes the naming service configuration information that has
migrated to SMF.

Page 120 of
147

SMF Service
Files
Description
svc:/system/name-service/switch:default
/etc/nsswitch.conf
Naming service switch

configuration (Used by
thenscd command)
svc:/system/nameservice/cache:default
/etc/nscd.conf
Naming service cache (nscd)
svc:/network/dns/client:default /etc/resolv.conf
DNS naming service
svc:/network/nis/domain:default /etc/defaultdomain
/var/yp/binding/$DOMAIN/*
Shared NIS domain configuration

(Used by all NIS services). Also
historical shared use by LDAP
naming services
svc:/network/nis/client:default N/A
NIS client naming service

(ypbind and related files)
svc:/network/ldap/client:default /var/ldap/*
LDAP client naming service

(ldap_cachemgr and related
files)
svc:/network/nis/server:default N/A
NIS server naming service

(ypserv)
svc:/network/nis/passwd:default N/A
NIS server passwd service

(rpc.yppasswd)
svc:/network/nis/xfr:default
N/A
NIS server xfr naming service

(ypxfrd)
NIS server update naming
service (rpc.ypupdated)
svc:/network/nis/update:default N/A
svc:/system/nameservice/upgrade:default
Naming legacy file to SMF

upgrade service
N/A
5.7 Name Services configuration using SMF

In this short lab we will use the svccfg command to set our DNS search string to
company.com, adding a us, eu, companya, and company sub string. Well add two
name server IP addresses (138.2.202.15 and 138.2.202.25) and set our database
search files to look in files, and then DNS for its host information. Hopefully this
information looks familiar if youve ever had to manually edit these files. When
using services in this fashion if you do attempt to edit the files manually, they will be
overwritten. All name services configuration should be done using SMF in Oracle
Solaris 11.
Name Server:
138.2.202.15
Name Server:
138.2.202.25

Page 121 of
147

Files:
files dns
DNS Search
us.company.com, eu.company.com.,
companya.com, company.com,
company.com
Execute the following command sequence to configure the name services on our lab
instance.
# svccfg
svc:> select dns/client
svc:/network/dns/client> setprop config/search = astring: \
("us.company.com" "eu.company.com" "companya.com"
"companyb.com" "company.com)
svc:/network/dns/client> setprop config/nameserver =
net_address: \
( 138.2.202.15 138.2.202.25 )
svc:/network/dns/client> select dns/client:default
svc:/network/dns/client:default> refresh
svc:/network/dns/client:default> validate
svc:/network/dns/client:default> select name-service/switch
svc:/system/name-service/switch> setprop config/host =
astring: "files dns"
svc:/system/name-service/switch> select system/nameservice/switch:default
svc:/system/name-service/switch:default> refresh
svc:/system/name-service/switch:default> validate
svc:/system/name-service/switch:default> end
Now well need to enable the service, refresh the database and then well confirm
our work and make sure the files have been changed for us.
# svcadm enable dns/client

Page 122 of
147

# svcadm refresh name-service/switch
# grep host /etc/nsswitch.conf
# cat /etc/resolv.conf
6 Lab Summary
In this lab you learned about the new networking commands, dladm and ipadm.
You practiced using network configuration profiles and we created ip interfaces and
assigned them to different IP protocols. We renamed links and took our first look at
configuring name services through the SMF facility. Theres a ton more to
networking in Oracle Solaris 11. Its a very powerful feature that allows complete
networks to be set up in the box including switches, routers, and bridges. See the
references section below on how to go deeper in your knowledge and discover all
the powerful network features of Oracle Solaris 11.
7 References
Oracle Solaris 11 General Cheatsheet (includes networking commands)
Networking Command Quick Reference
Documentation: Configuring an IP Interface
Documentation: How to rename a Datalink

Page 123 of
147
Oracle Solaris 11 Virtualization

V2 January 2013
1 Introduction
This lab will introduce us to the basics of Oracle Solaris 11 virtualization, also
known as Zones. You will become familiar with the basic operations of Oracle
Solaris Zone configuration and management in Oracle Solaris 11.
In Oracle Solaris 10, zones technology gave us the ability to create different isolated
environments to suit the needs of particular applications, all running on the same
instance of Oracle Solaris. Instead of running and managing multiple operating
systems to host multiple applications on multiple systems, you could run and
manage only one OS and place each application inside a zone, so instead of having to
spend time and resources managing multiple OSs on different machines, all you
needed to do was manage multiple zones on one system which resulted in a much
simpler management experience.
Oracle Solaris 11 places Zones technology at its core, integrating Oracle Solaris
Zones with key Solaris 11 features like tight integration with the new software
management architecture which makes deployment of Oracle Solaris 11 and Oracle
Solaris Zones easy.
Oracle Solaris Zones let you separate one application from others on the same OS
allowing you to create isolated environments where users can log in and do what
they want without affecting anything outside that zone. In addition, Oracle Solaris
Zones also are secure from external attacks and internal malicious programs. Each
Oracle Solaris Zone contains a complete resource-controlled environment that
allows you to allocate resources such as CPU, memory, networking, and storage.
Administrators can choose to closely manage all the Oracle Solaris Zones or they can
assign rights to other administrators for specific Oracle Solaris Zones. This
flexibility lets us tailor an entire computing environment to the needs of a particular
application, all within the same OS.
2 Overview
In this how-to guide, we will set up three Oracle Solaris Zones in a simulated real
world environment. This lab is meant to loosely represent a fictitious customer
that runs a production web sales application and has an in-house development team
working on that sales application. The first zone represents the developers
Page 124 of
147

environment. The second zone represents the production web point of sales
environment, and the second zone represents a quickly deployed second instance of
the production environment in a reaction to high customer demand on the first web
instance.
As we create each zone, we will highlight a specific feature of Oracle Solaris Zones
technology. Our zones will be named testzone, webzone-1, and webzone-2
respectively. testzone will illustrate how to create a zone using the command line.
webzone-1 will demonstrate how to add a simple application to a zone. And
webzone-2 will show us how to clone a zone for quick deployment in the
enterprise.
After following the procedures in this article, you will have three zone environments
configured as shown in the figure below.
Each zone will have its file system placed on the /zones ZFS data set and an
exclusive network connection through the physical data link (net0/e1000g0). The
Web zones will also have the Apache Web server application installed.
Note: "Global zone" refers to the default zone for the system, which is also used for
system-wide administrative control.
3 Pre-requisites
A current laptop with at least 3 GB memory and 30 GB free disk space

Oracle Solaris IPS Repository (sol-11-1111-repo-full.iso)

Page 125 of
147
Oracle Solaris AI Server VirtualBox instance that has been set up earlier in
Lab #4 Advanced Installation with accessible repository.
14. The AIServer instance will be configured with a static IP as will the zone
systems we will set up.
4 Exercises
4.1 Create testzone
Before we begin with the first zone configuration lets make sure that zones havent
been configured on our system yet and that no virtual network devices exist.
Remember that were using the aiserver Oracle Solaris 11 VirtualBox instance that
we created for lab #4.
Login to the AIserver VirtualBox instance as root to begin. Then type the following
commands.
# zfs list | grep zones
# dladm show-link
At this point there shouldnt be any ZFS data sets associated with zones and no
virtual NICs.
Follow the configuration flow below using the zonecfg command line tool to create
the testzone.
# zonecfg z testzone
An interactive configuration screen will prompt you through a few configuration
questions. We will set the default zonepath, autoboot to true and enable verbose
booting where we can watch all the messaging. Enter the below options and follow
along with the screen shot below.
# zonecfg:testzone> create

Page 126 of
147

#
#
#
#
#
#
zonecfg:testzone>
zonecfg:testzone>
zonecfg:testzone>
zonecfg:testzone>
zonecfg:testzone>
zonecfg:testzone>
set zonepath=/zones/testzone
set autoboot=true
set bootargs=-m verbose
verify
commit
exit
Type the following command to verify the zone weve created and check its status.
# zoneadm list cv
Now its time to install the zone. Be sure to keep in mind that Zones in Oracle Solaris
11 are enabled by using IPS. When running the installation it will utilize IPS to
download the install image. In this case we have configured (in an earlier lab) the
IPS Repository locally on the aiserver itself and changed the publisher to reflect this.
Verify that the publisher is still set to the local repo by typing in the following
command and noting the output.
# pkg publisher
Our publisher should still be set to http://192.168.1.222/

Install the zone by typing the following command:
# zoneadm z testzone install

Page 127 of
147
Installation should take approximately 8-10 minutes or less depending on your

system. This is rather fast compared to installing from media or other methods.
Once your system is installed you should see a Done: Installation Completed
message. Lets check the status of the zone we just installed.
# zoneadm list iv

Page 128 of
147
Note: There are two switches you can use with the zoneadm list command, -i
lists all installed zones, and -c lists all configured zones. See the man page for more
information.
The zonepath must be on a ZFS data set. Its created automatically as part of the
zoneadm install command. We can check if our file system has been created with
the zfs list command.
# zfs list | grep zone
Note that the /zones and /zones/testzone data sets have been created
automatically. ZFS functionality is critical in providing snapshots and clones for
Oracle Solaris Zones which well see later on in the lab.
Also take note that our zone is only 335MB as indicated in the output above. Zones
are very lightweight and have a minimal footprint on system resources like storage.
And the final step in getting our testzone instance up and running is to boot and
complete the system configuration. Run the following command to boot the zone
and access the system console. z specifies the zone name and C allows us to login
to the console once its booted.
# export TERM=vt100
(this command isnt in the screenshot but dont forget it or
your terminal will get messed up.)
# zoneadm z testzone boot; zlogin C testzone

Page 129 of
147
Youll see the verbose option that we set when we created the zone and in a
moment youll see the SCI Tool (System Configuration) start so we can begin
configuring our zone.
Carefully follow the prompts and enter the basic system information listed in the
table below.
Parameter
Computer Name:
Wired Network Configuration:
IP Address:
Netmask:
Information
testzone
Manually
192.168.1.118
255.255.255.0

Page 130 of
147

Router:
Name Service Configuration:
Other Name Service Configuration:
Region:
Root password:
Real Name
Username:
User password:
192.168.1.1
Do Not Configure DNS
None
UTC/GMT
solaris11
Zone User
zoneuser
solaris11
You should see some more verbose messaging and then in a matter of moments be
presented with a login to our newly created testzone.
We dont need to login to the zone just yet so lets exit the testzone console. You
can exit a console by pressing the ~ and . in sequence <shift>~. This will close the
connection for us.

Page 131 of
147
Once back at the global zone lets check the status of testzone. Use the zoneadm list
command.
# zoneadm list -v
Run the dladm command to see whats happened to our network interfaces.
# dladm show-link
There in the listing is the VNIC that was created for us when we created the testzone
zone.
Lets login to our zone and check things out.
Run these commands and compare them to the output of the below screen shot.
#
#
#
#
zlogin testzone
uname a
ipadm show-addr
dladm show-link
We can see that testzone is a fully functional Oracle Solaris 11 machine with a
configured IPv4 NIC called net0/v4, and we have a network link called net0. Lets

Page 132 of
147

check out our file system.
# zfs list
The zfs list command shows the ZFS dataset that the zone is running on. Note that
we cant see the global zfs file system.
At this point the testzone instance is up and running. We could configure users,
delegate administration, and anything that we would normally do to set up servers
to start doing useful work.
Exit testzone (~.)
New in Oracle Solaris 11 zones is that theyre automatically created with exclusive
IP resources by default. This means that a Solaris Zone has access to a complete
network stack which allows flexibility and performance in zone networking that
didnt exist before. Lets take a look at the zone networking properties with the
info switch to our zonecfg command.
From the global zone run this command.
# zonecfg z testzone info

Page 133 of
147
The anet device is configured automatically. This resource is created and destroyed
automatically when the zone is brought up and shut down respectively. Lets take
a closer look.
Important information in this output is
mac address is set to = random
linkname is = net0
link-protection is set to mac-nospoof
ip-type = exclusive
autoboot = true
# ipadm show-addr
# dladm show-link

Page 134 of
147

The VNIC testzone/net0 has automatically been created for testzone. Login to
testzone and see what it looks like from there.
# zlogin testzone
# dladm show-link
# ipadm show-addr
Ping the global zone to see if things are working correctly.

# ping 192.168.1.222
Exit testzone (~.)
4.2 Create webzone-1 and add an application

In the second step of our lab well add another zone to our system and add a specific
application to it.
Well start our zone setup a little differently by creating the zone on a single
command line with the minimum amount of information required. Enter the
following command to begin installing our new zone.
# zonecfg z webzone-1 create ; set zonepath=/zones/webzone-1
# zonecfg -z webzone-1 info

Page 135 of
147
This example shows how quick and easy it is to setup zones in Solaris 11. The next
step will be to install the zone. Our packages are coming from our internal
repository so give this lab a few minutes to complete.
# zoneadm -z webzone-1 install

Page 136 of
147
For the next step well boot and do our initial configuration.
# export TERM=vt100
# zoneadm z webzone-1 boot; zlogin C webzone-1
Once webzone-1 finishes booting and brings up the system configuration tool. Enter
the following information:
Parameter
Computer Name:
IP Address:
Netmask:
Router:
Region:
Root password:
Real Name
Username:
Information
webzone-1
Manually
192.168.1.119
255.255.255.0
192.168.1.1
None
UTC/GMT
solaris11
Zone User
zoneuser

Page 137 of
147

User password:
solaris11
Confirm your settings and apply.

Next well need to login to webzone-1 and add the apache web server package.
# zlogin webzone-1
# pkg info /web/server/apache-22
The pkg info command finds that apache-22 isnt installed. Now lets ask it to look
into our remote repository. (Its actually on this machine but its still remote to our
zone) to see if its there.
# pkg info r /web/server/apache-22

Page 138 of
147
We supply the -r switch to look into the remote repository for information. And
there it is so lets go ahead and install it
# pkg install /web/server/apache-22
We see that IPS downloads all the related files we need and there is no need for us
to figure out the dependencies. In this case, three packages were installed. We can
check the status of the Apache Web server by using the pkg info command again, as
shown below.

Page 139 of
147

Look at the State: field and youll see that our package is installed. We now have a
useful zone that can be configured and run as a real webserver.
4.3 Use the clone feature to create webzone-2

We could easily repeat the process we just used to create more zones but in this
case we want a duplicate environment and theres an easier way to do it. Its quick
and easy to just make a clone of webzone-1. Webzone-1 will serve as our global
master for this creation.
To start this process well create a configuration ID template for webzone-2 that can
be easily edited and replicated to make installation even easier. Well be using the
sysconfig command to create our configuration template for this lab. Use webzone1 if youre still logged in or log in to webzone-1 in order to start.
# zlogin webzone-1
Now lets create our profile and store it as a template that we can use later. Use the
same information from the other zones with the exception of the name and a new IP
address. Start by suing to the root role.
# su # sysconfig create-profile o /root/webzone-2-template.xml
Parameter
Computer Name:
IP Address:
Netmask:
Router:
Region:
Root password:
Real Name
Username:
User password:
Information
webzone-2
Manually
192.168.1.120
255.255.255.0
192.168.1.1
None
UTC/GMT
solaris11
Zone User2
zoneusr2
solaris11
Confirm the SCI Tool information with the screen below:

Page 140 of
147
Type ls to verify your template file has been created and log out of the zone:
# ls
# exit
Note: When using the sysconfig tool on the webzone-1 instance, were not allowed to
use existing user names in the user account section. In this case, we could not use the
user name zoneuser so we chose zoneusr2 instead.
Now well create the zone profile. From the global zone we need to halt webzone-1.
Its not recommended to clone a running zone. Then use zoneadm list to verify that
the zone is shut down.

Page 141 of
147

# zoneadm z webzone-1 shutdown
# zoneadm list -iv
Next well need to capture the zone configuration and use it as a profile template for
any other zones we want to create. In this case well use it to create webzone-2.
# zonecfg z webzone-1 export f /zones/webzone-2-profile
In the next step well edit the webzone-2-profile in order to add our specific zone
information. Use vi or your favorite editor to edit webzone-2-profile and make
these changes.
Change set zonepath=/zones/webzone-1 to set zonepath=/zones/webzone-2
Change set autoboot=false to set autoboot=true
Now we want to place the system configuration template (webzone-2-template.xml)

that we created earlier in a more convenient location. We can access the file
location from the global zone even though webzone-1 is shut down. Type the
following commands to copy the template into a new location:
# cp /zones/webzone-1/root/root/webzone-2-template.xml /zones
# ls /zones

Page 142 of
147
Create webzone-2 by cloning webzone-1. We will use zonecfg to create webzone-2

with our modified configuration file. Then well perform the clone by using the
zoneadm command. Remember to use the full path to the configuration template.
Note the quick completion of the clone and how quickly our new environment is
created. Weve prepended the time switch onto our zoneadm command in order to
gauge the time it takes to create the clone.
# zonecfg z webzone-2 f /zones/webzone-2-profile
# time zoneadm z webzone-2 clone c /zones/webzone-2-template.xml \
webzone-1
Our clone only took about 4 seconds to create. The clone command takes
advantage of the ZFS snapshot capability to produce near instant zone
environments. Another benefit of clone technology is that it doesnt use up our
storage resources. Do a quick diskspace check with the zfs list command:
#
zfs list | grep webzone

Page 143 of
147
Even after we added the Apache Web server, webzone-1 is only 390 MB. Even
better, webzone-2, an exact copy of webzone-1, is only 342 K, providing a huge
savings on disk space.
Finally, boot webzone-2 and watch the console. Occasionally, you will see the
system configuration being applied. You can see below that the host name has been
set for us from the template.
# zoneadm z webzone-2 boot; zlogin C webzone-2
Note that our hostname has been set via the template that we edited. Keep in mind
that we could easily edit and create more templates to quickly deploy lots of zones
quickly and easily.
Exit the console. (~.)
Lets verify that our clone is intact and different than a normal installation.
# zlogin webzone-2

Page 144 of
147

The Apache web server package is included in this clone as you can see. Cloning is
frequently used when a master zone is created with all the additional necessary
packages and configurations in place. The master is simply cloned as new
environments are required.
As a final check, lets make sure our IP addressing was applied properly.
# ipadm show-addr
Note: For future reference and even faster and more efficient installations, Oracle
Solaris Automated Installer also provides a method for creating zones as part of the
system install service.
4.4 Uninstall your zones (informational only)

The lab is complete but just in case you made mistakes or want to start over on a
zone here is the procedure for removing a zone. Use this procedure with caution as
the action of removing a zone and all the files in it is irreversible.
Become superuser or assume the primary administrator role. List the zones on the
system:

Page 145 of
147

# su
# zoneadm list iv
Use the zoneadm command with the z uninstall option to remove the zone
webzone-1. Well also use the F to force the removal in case there are issues.
Note: Remember this action cant be undone.
# zoneadm z webzone-1 uninstall F
For further cleanup we need to also remove the zone configuration. Type the
following command:
# zonecfg z webzone-1 delete F
# zoneadm list -iv
Run a zfs list and grep for webzone-1 to verify the filesystem has been removed.
# zfs list |grep webzone-1

Page 146 of
147
5 Lab Summary
This lab has given you the opportunity to configure Oracle Solaris Zones technology
utilizing several methods to see how easy and efficient installing and running zones
can be. You observed the tight integration with the operating system. We installed
3 zones, one from the command line, one with an application, and the final zone by
taking advantage of the clone feature of the ZFS file system.
Oracle Solaris Zones is a powerful application that allows us to separate one
application from others on the same system creating a powerful, secure, and flexible
computing environment.
6 References
Oracle Solaris 11 Documentation: Zones Administration
How to Set Up Load Balanced Application across Oracle Solaris Zones
How to Restrict Traffic Using Virtualization and Resource Management

Page 147 of
147

S11 Implementation Bootcamp Lab Guide

Diunggah oleh

Informasi Dokumen

Hak Cipta

Format Tersedia

Bagikan dokumen Ini

Bagikan atau Tanam Dokumen

Opsi Berbagi

Apakah menurut Anda dokumen ini bermanfaat?

Apakah konten ini tidak pantas?

Hak Cipta:

Format Tersedia

S11 Implementation Bootcamp Lab Guide

Diunggah oleh

Hak Cipta:

Format Tersedia

Oracle Solaris 11.

For Oracle employees and authorized partners only. Do

Oracle Solaris 11.1 Hands On Lab

1 Oracle Solaris 11 Implementation

A current laptop with at least 3 GB memory and 30 GB free disk space

For Oracle employees and authorized partners only. Do

Oracle Solaris 11.1 Hands On Lab

Downloaded software packages:

High familiarity or previous certification on Oracle Solaris.

For Oracle employees and authorized partners only. Do

Oracle Solaris 11.1 Hands On Lab

Lab 1 Advanced Installation

For Oracle employees and authorized partners only. Do

Oracle Solaris 11.1 Hands On Lab

Large-Scale Installation and

For Oracle employees and authorized partners only. Do

Oracle Solaris 11.1 Hands On Lab

Figure 1: Client system installed by the Automated Install Server

For Oracle employees and authorized partners only. Do

Oracle Solaris 11.1 Hands On Lab

Figure 2: Automated Installation services

5.1 Oracle VirtualBox Hypervisor Software basics

For Oracle employees and authorized partners only. Do

Oracle Solaris 11.1 Hands On Lab

VirtualBox mouse capture can sometimes be frustrating in the way it handles

Name your VM AIServer

For Oracle employees and authorized partners only. Do

Oracle Solaris 11.1 Hands On Lab

Click Next to create a new

Click Next well accept

For Oracle employees and authorized partners only. Do

Oracle Solaris 11.1 Hands On Lab

Change the disk file size

Your new server has been

For Oracle employees and authorized partners only. Do

Oracle Solaris 11.1 Hands On Lab

Well be using the Oracle

For Oracle employees and authorized partners only. Do

Oracle Solaris 11.1 Hands On Lab

Click on System, in the

For Oracle employees and authorized partners only. Do

Oracle Solaris 11.1 Hands On Lab

5.2 Install and Configure your Server

For Oracle employees and authorized partners only. Do

Oracle Solaris 11.1 Hands On Lab

For the second

You are presented

For Oracle employees and authorized partners only. Do

Oracle Solaris 11.1 Hands On Lab

Select the default

On the next screen,

For Oracle employees and authorized partners only. Do

Oracle Solaris 11.1 Hands On Lab

Enter the network

For Oracle employees and authorized partners only. Do

Oracle Solaris 11.1 Hands On Lab

Select the time zone

For Oracle employees and authorized partners only. Do

Oracle Solaris 11.1 Hands On Lab

Choose No proxy and

Verify that the

For Oracle employees and authorized partners only. Do

Oracle Solaris 11.1 Hands On Lab

When the installation