D72965GC10 Edition 1.0 November 2011 74955 ORACLE Oracle Solaris 11 Advanced System Administration Activity Guide Oracle Internal & Oracle Academy Use OnlyCopyright © 2011, Oracle andlor its affiliates. All rights reserved. Disclaimer This document contains proprotary information and is protected by copyright and athe intelectual property laws. You may copy and prin this document solly for your own usa in an Oracle training course. The document may nel be media or atered in any way. Except whore your use corstiutes Yar use" under copyright aw, you may not use, share, downoad upload, copy, print, splay, perform, reproduce, publish, license, post, ranmi, of slnbule this document in whole arn part whut the express authorization oF Oracle, ‘The informaton contained inthis document is subject to change without notice. f yu find any problems in the document, plaase epot them in witing to: Oracle University, 800 Oracle Parkway, Redwood Shores, Calfernia 94065 USA. This document snot ‘warranted lo bs errr, Restricted Rights Notice "this documentation fs dolvered fo the United States Government or anyone using the documentation on behalf of the United States Government, the falowing notice is applicable: US. GOVERNMENT RIGHTS The US. Governments rights to use, moat, reproduce, release, perform, daplay, or disclose these training materials are rested by he terms ofthe applicable Oracle license agrooment andlor te applicable U.S. Government contract Trademark Notice Oracle and Java ace registered ademarks of Oracle andor its afiates. Other names may be trademarks of thelr respective Authors Anies Rahman, Tammy Shannon Technical Contributors and Reviewers Albert White, Alta Elstad, Brock Pytlk, Darren Kenny, Dave Giroux, Dave Maxwell, Dermot McCluskey, Enzo Silva, Eric Siglin, Giynn Foster, Karen Tung, Kristi Herd, Kristi McNeil, Mark Nelson, Mary Ding, Mike Carew, Mike Gerdts, Ronan O'Connor, Rosemary Martinak, Sean Wilcox, Sreedhar Chalamalasetti, Susan Chang, Oracle Solaris Documentation Team This book was published using: Oracletutor Oracle Internal & Oracle Academy Use OnlyTable of Contents Practices for Lesson 1: Course Introduction. 14 Practices for Lesson 1 12 Practices for Lesson 2: Managing the Image Packaging System (PS) and Packages... 24 Practices for Lesson 2. 22 Practice 2-1: Configuring a Local IPS Package Repository 23 Practice 2-2: Configuring a Network Gilent to Access the Local IPS Server. 27 Practice 2-3: Managing Multiple Boot Environments. 240 Practices for Lesson 3: Installing Oracle Solaris 11 on Multiple Hosts. 34 Practices for Lesson 3. 32 Practice 3-1: Verifying the System Al Requirements (Optional. 33 Practice 3-2: Configuring the Al Server 37 Practice 3-3: Deploying the OS on the Network Client a1 Practices for Lesson 4: Managing Business Application Ds Practices for Lesson 4 Practice 4-1: Managing Data Redundancy with a ZFS Mirrored Pool 43 Practice 4-2: Using ZFS Snapshots for Backup and Recovery. 4-10 Practice 4-3: Using a ZFS Clone. 418 Practice 4-4: Configuring ZFS Properties 424 Practice 4-5: Troubleshooting ZFS Failures 431 Practices for Lesson 5: Configuring Network and Traffic Failover. se 5A Practices for Lesson 5. 52 Practice 5-1: Managing NWAM, 53 Practice 5-2: Configuring the Network File Systam 511 Practice 5-3: Configuring a Link Aggregation, 514 Practice 5-4: Configuring IPMP. 516 Practices for Lesson 6: Configuring Zones and the Virtual Network... see BA Practices for Lesson 6, 62 Practice 6-1: Creating an Oracle Solaris 11 Virtual Network. 65 Practice 6-2: Creating Two Zones By Using VNICs. 66 Practice 6-3: Allocating Resources to Zones ota Practice 6-4: Managing the Virtual Network Data Flow 6.28 Practice 6-5: Removing the Partial Virtual Network. 6-28 Practices for Lesson 7: Managing Services and Service Properties. see TA Practices for Lesson 7. 72 Practice 7-1: Configuring SMF Services 73 Practice 7-2: Working with Service Profiles 742 Practice 7-3: Restoring and Recovering a Service. 744 Practices for Lesson 8: Configuring Privileges and Role Based Access Control at Practices for Lesson 8. 82 Practice 8-1: Delegating Privileges to Users and Processes 83 Practice 8-2: Configuring Role-Based Access Control B14 Practices for Lesson 9: Securing System Resources using Solaris Auditing. on Practices for Lesson 9. sintnnnninnnnnnninnnnnnnnen son 92 Practice 9-1: Configuring and Administering Oracle Solaris Aualting 93 Practice 9-2: Managing Audit Records on Local Systems ot9 CaRTIGRTS BOTT OS SAIGT SNS A TE ERT Oracle Solaris 11 Advanced System Administration Table of ContentsPractices for Lesson 10: Managing Processes and Priorites. Practices for Lesson 10. 102 Practice 10-1: Modifying Process Scheduling Priory. 103 Practice 10-2: Configuring the FSS in an Oracle Solaris Zone 10.15 Practices for Lesson 11: Evaluating System Resources .. Practices for Lesson 11 142 Practice 11-1: Managing Resource Controls in Global and Non-Global Zones. 113 Practice 11-2: Evaluating System Performance Levels. 1145 Practices for Lesson 12: Monitoring and Troubleshooting Software Failures. Practices for Lesson 12. 122 Practice 12-1: Setting Up System Messaging ..nn « sone 123 Practice 12-2: Configuring System and Application Crash Facites 1244 CoRR BOTT OBS ST BINGE A TE RTS, Oracle Solaris 11 Advanced System Administration Table of Contents ii Oracle Internal & Oracle Academy Use OnlyPreface Profile Before You Begin This Course + Before you begin this course, you should be able to perform basic Oracle Solaris 11 system administration tasks. How This Course Is Organized Oracle Solaris 11 Advanced System Administration is an instructor-led course featuring lectures and hands-on exercises, Online demonstrations and written practice sessions reinforce the concepts and skills that are introduced. CaRTIGRTS BOTT OS SAIGT SNS A TE ERT Oracle Solaris 11 Advanced System Administration Table of Contents Oracle Internal & Oracle Academy Use OnlyRelated Publications Additional Publications System release bulletins Installation and user's guides Read-me files International Oracle User's Group (IOUG) articles Oracle Magazine CaRTIGRTS BOTT OS SAIGT SNS A TE ERT Oracle Solaris 11 Advanced System Administration Table of Contents Oracle Internal & Oracle Academy Use OnlyTypographic Conventions Typographic Conventions in Text Convention | Element Example Bold talic | Glossary term GP © algorithm inserts the new Key there is a glossary) Caps and | Buttons, Click the Executable button lowercase _| check boxes, Select the Can't Delete Card check box. triggers, ‘Assign a When- Validate-Item trigger to the ORD block. windows Open the Master Schedule window. Courier new, | Code output, Code output: debug.set (*I", 200); case sensitive | directory names, | Directory: bin (DOS), $FM:IOME (UNIX) (default is | filenames, Filename: Locate the init . ora file. lowercase) | passwords, Password: User tiger as your password. pathnames, Pathname: Open ¢: \my_docs\projects URLs, URL: Goto http: //www.oracle.com user input User input: Enter 200 usernames Username: Log on as scott Tnitial cap | Graphics labels | Customer address (but Oracle Payables) (unless the term is a proper noun) Tralic Emphasized words | Do nof save changes to the database, and phrases, For further information, see Oracle? Server SOL Language titles of books and | Reference Manual. courses, Enter user_id@us.oracle.com, where user id is the variables name of the user. Quotation | Interface clements | Select “Include a reusable module component” and click Finish, marks with long names that have only ‘This subject is covered in Unit II, Lesson 3, “Working with initial caps; Objects.” lesson and chapter titles in eross- references Uppercase | SQL column Use the SELECT command to view information stored in the names, commands, | LAST NAME functions, schemas, | column of the EMP table. table names ‘Arrow ‘Menu paths Sele File > Save, Brackets__| Key names ress [Enter] ‘Commas | Key sequences Press and release Keys one ata time: [Alternate], [F], [D1 Plus 3 Key combinations | Press and hold these keys simultaneously: [Cul}#[Al)+[Del] CaRTIGRTS BOTT OS SAIGT SNS A TE ERT Oracle Solaris 11 Advanced System Administration Table of ContentsTypographic Conventions in Code ‘Convention | Element Example Capsand | Oracle Forms When-Validate-iten lowercase | triggers Lowercase | Column names, | SELECT Tast_name table names FROM s_emp; Passwords DROP USER Scott IDENTIFIED BY tiger; PLISQL objects | 0G_ACTIVATE_LAVER Towerease | Syntax variables | CREATE ROLE role italic Uppercase | SQL commands and | SELECT userid functions FROM em (0G_GET_LAYER (‘prod pie layer’)) Typographic Conventions in Oracle Application Navigation Paths This course uses simplified navigation paths, such as the following example, to direct you through Oracle Applications. (N) Invoice > Entry > Invoice Batches Summary (M) Query > Find (B) Approve This simplified path translates to the following 1. (N) From the Navigator window, select Invoice then Entry then Invoice Batches Summary. 2. (M) From the menu, select Query then Find, 3. (B) Click the Approve button. Notations: (N) = Navigator (M) = Menu (1)=Tab (8) = Button ())= Icon (H) = Hypertink (ST) = Sub Tab CaRTIGRTS BOTT OS SAIGT SNS A TE ERT Oracle Solaris 11 Advanced System Administraion Table of ContentsTypographical Conventions in Oracle Application Help System Paths This course uses a “navigation path" convention to represent actions you perform to find pertinent information in the Oracle Applications Help System. The following help navigation path, for example— (Help) General Ledger > Journals > Enter Journals —tepresents the following sequence of actions: In the navigation frame of the help system window, expand the General Ledger entry. Under the General Ledger entry, expand Journals. Under Journals, select Enter Journals. Review the Enter Joumals topic that appears in the document frame of the help system window. CaRTIGRTS BOTT OS SAIGT SNS A TE ERT Oracle Solaris 11 Advanced System Administraion Table of Contents Oracle Internal & Oracle Academy Use OnlyAjuQ asp Awapeoy 99210 g ;eUa}U] BOBOPractices for Lesson 1: Course Introduction Chapter 1 CaRATGRTS BOT, OFS HoT BINGE A TE ETS, Practices for Lesson 1: Course Introduction ‘Chapter 1 - Page 1 Oracle Internal & Oracle Academy Use OnlyPractices for Lesson 1 Practices Over This practice introduces you to the project assignment that you will be using throughout this course and to your virtual lab environment. The project assignment is divided into multiple phases, which are presented in the checklist in Figure 1. The checklist items are synchronized with the lesson topics. Project Assignment Your organization, Delicious Treats Company, is in the business of selling chocolate products online locally and globally. In the United States, the company's order, product, and customer information is stored on 350 servers that are strategically located in various states. Out of these 350 servers, 250 servers are Oracle Solaris x86/64 machines, for instance, Ultra 20s. Currently, the Oracle Solaris servers are running Oracle Solaris 10 or Solaris 9. According to the service- level agreements (SLAs), the business applications on these servers must be up 98% of the time. The company has leamed that Oracle has launched Oracle Solaris 11, which contains many resource-saving features. The company is convinced that it can use Oracle Solaris 11 to its benefit. Therefore, it has issued the directive to upgrade all Oracle Solaris machines to Oracle Solaris 11 As part of the Server Implementation team, you wil install and configure Solaris 11 on 10 machines on a test basis. This will help you to explore Oracle Solaris 11 and prepare you to administer business applications and the operating system. Your senior system administrator has developed a predeployment test plan that consists of a checklist of tasks to be performed (see Figure 1). As you progress through each lesson in the course, you will implement the assigned tasks and report the results to your senior system administrator. CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 1: Course Introduction Chapter 1 - Page 2v Oracle Solaris 11 Predeployment Checklist Managing the Image Packaging System (IPS) and Packages Installing Oracle Solaris 11 on Multiple Hosts Managing the Business Application Data Configuring Network and Traffic Failover Configuring Zones and the Virtual Network Managing Services and Service Properties Configuring Privileges and Role-Based Access Control Securing System Resources Using Oracle Solaris Auditing Managing Processes and Priorities Evaluating the System Resources Monitoring and Troubleshooting System Failures Figure 1: Oracle Solaris 11 Predeployment Checklist CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 1: Course Introduction Chapter 1 - Page 3Practices Infrastructure This section presents an architectural view of the equipment and the platforms for the practices. Multiple virtual machines (VMs) are configured on a private internal network (192.268 .0). Each VM can communicate with other VMs only on the same private network (see Figure 2). ‘The VMs are configured to communicate with the host machine only through the share directory. Intemet access is not configured from these VMs. | Student Host Figure 2: Virtual Pod Network Schematic Your lab environment is based on the Oracle VM VirtualBox virtualization software. The VirtualBox is a cross-platform virtualization application. Figure 3 shows the configured virtual machines. The Oracle Solaris 11 OS is installed in the virtual machines with the exception of Sol11-Client1, which is an empty VM. CRAIGS BOT, ae rs ASE, A PG ATT, Practices for Lesson 1: Course Introduction ‘Chapter 1 - Page 4 Oracle Internal & Oracle Academy Use OnlyeV VialBox Manager 22.2 ———— Soit-superserer Bh mine sent-sanvert Browerea se Mee 2055 ME Boot Ower Her Dle amtce pocorn’ Urenweu BRE Nese Pageg sont-ctentt Srowereaon vinnie ‘eo Memory te M0 stony: ATA Pat oltt-Superdonerdivks smc (onal, £2.94 28) SATA For 1 \eODYE) Ey (onal, 108 GE) Figure 3: Oracle VirtualBox Virtual Machines. All the VMs are configured with 2 GB of memory, with the exception of Sol11-Client1, which is configured with 1 GB of memory. Most of the host machines have a total of 8 GB to work with To avoid system overload, you should not have more than three VMs running at any given time during the practices. All the student files are located in /opt /ora/course files. This directory contains mostly scripts that you may be directed to use to establish the start or end state of a particular practice. The following list briefly describes the virtual machines: + Sol11-Super-Server: This VM provides network services, such as DNS, DHCP, and IPS that are used by other VMs in this virtual network. This VM should always be up and running. Because this VM is preconfigured, you will not need to log in to this VM unless directed by the instructor. + Solt1-Servert: This is a general purpose server. You use the command-line tools here. + Sol1-Desktop: This is a general purpose user machine with the GUI and other features normally available on a network client machine. Most of the facilities available in Solt1-Servert are available in this VM. ‘+ Solf4-Client1: This is the VM for Oracle Solaris 11 installation that uses Automated Install mode. After performing the practice, switch off this VM. It will not be needed for any other practice. CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 1: Course Introduction Chapter 1 - Page 5 Oracle Internal & Oracle Academy Use OnlyUser account and password: © User account: ora + Password: oracle1 + Administrator privileges: As the oracle user, use su - to switch to the primary administrator (root) role. The password is oracle1. The oracle user switches to root because root is configured as a role by default. The first userame created on the system (during the OS installation) is the initial privileged user who can assume the administrator role. This can be verified in the /etc/user_attr file Note: The Sol11-SuperServer VM must be started before any additional virtual machines are started. The Sol 1-SuperServer must always be running to perform the practices in this guide. The login and password for the Sol11-SuperServer VM are oracle and 2secure Task 1: Becoming Familiar with Your Practice Environment Perform the follo\ 1g steps when you first access your practice host environment: 1. On your host system, start the Oracle VM VirtualBox Manager by double-clicking its icon on your desktop, Oracle Internal & Oracle Academy Use Only CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 1: Course Introduction Chapter 1 - Page 82. In the Oracle VM VirtualBox Manager window, double-click the Sol11-SuperServer virtual machine to start it. Alternatively, you can select the Soli 1-SuperServer VM and click the Start button. Note: The Sol11-SuperServer VM needs to be running during all practices. Do not start any ‘VMs before starting the S11-SuperServer VM. Geen Bh erertnt & cere! Beco solttgarvmt Siar ss acccentst stabs EE as senate 9 Solent Si peoe Bene pare “al 8 Fast RiaPeomr dt nde (ioral 352.90, 3. After the Sol11-SuperServer VM is powered on, at the command prompt, log in as the user oracle with the password 2secure. ll-ss console login: oracle Oracle Internal Password: 2secure $ oracle@sii-ss: oraclea: -ss:-$ su - Password: 2secure root@s1i-ss:~# CaRyiGRTS BOT, ae ar Aas, A RG aT, Practices for Lesson 1: Course Introduction Chapter 1 - Page 74. Start the Sol11-Servert VM. At the console login prompt, log in to the virtual machine as the user oracle with the password oracle? Sli-servi console login: oracle Password: oraclel oracle: -servi:-$ Note: All VMs, except the Sol 1-SuperServer VM, will use this login combination. 5. In the terminal window, run the su - command to assume administrator privileges. The password is oracle1 oraclea: Tgervi:-$ eu — Password: oraclel root@sll-servi:-# 6. Attimes, you may need to power off a VM and close its window. For instance, you may need to shut down a VM to comply with the maximum recommended number of VMs that are running simultaneously, which is currently limited to three VMs. Let's try this with the Sol11-Server VM. Click “close” (x) on the top-right comer of the VM window. 7. When the Close Virtual Machine dialog box appears, select “Power off the machine” and click OK. 8. Shut down the Solt1-SuperServer VM by using the same method 9. Verify that no VMs are running at this time. CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 1: Course Introduction Chapter 1 - Page 8Practices for Lesson 2: Managing the Image Packaging System (IPS) and Packages Chapter 2 CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 2: Managing the Image Packaging System (IPS) and Packages Chapter 2 - Page 1 Oracle Internal & Oracle Academy Use OnlyPractices for Lesson 2 Practices Overview After installing a new OS, it is common practice to ensure that you have the IPS Package Repository set up on a local server. In these practices, you will set up a local repository on $11- Server and configure a network client to access the repository. When you install critical software updates, for example, packages updating Solaris kernel facilities, creating another boot environment (BE) is very useful. In case the new package corrupts your system, you can revert to the previous boot environment. So, you can consider the original BE to be more like a backup environment. In the following practices, you will create a backup BE, install the diffstat package, and work with multiple BEs. The key areas covered in this practice are: * Configuring a local IPS package repository ‘+ Configuring network clients to access IPS. ‘+ Managing boot environments The following check sheet shows your progress. Currently, you are about to look into IPS functionality. v Oracle Solaris 11 Predeployment Checklist Managing the Image Packaging System (IPS) and Packages Installing Oracle Solaris 11 on Multiple Hosts Managing Business Application Data Configuring Network and Traffic Failover Configuring Zones and the Virtual Network Managing Services and Service Properties Configuring Privileges and Role-Based Access Control Securing System Resources Using Solaris Auditing Managing Processes and Priorities Evaluating System Resources Monitoring and Troubleshooting System Failures CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 2: Managing the Image Packaging System (IPS) and Packages Chapter 2 - Page 2Practice 2-1: Con uring a Local IPS Package Repository Overview You will recall from the lecture that when you install or upgrade to the Oracle Solaris 11 release, the system initially has one publisher configured: the solaris publisher. In your lab environment, your virtual machine client cannot access the default publisher URL to download the IPS package repository. So your first task will be to create your local package repository and make it the default so that the network client can be serviced by IPS Tasks 1. Verify that the Sol11-SuperServer and Sol11-Servert virtual machines are running. 2. Log in to Sol11-Server1 virtual machine as the oracle user. Use the password oraclet. 3. Run the su command to assume administrator privileges. oracleasii-servi:-$ eu — Password: oraclel root@s1i-servi:-# 4. Determine the host name and domain of this server. root@sil-servi:-# hostname rootesil-servl # domainname mydomain.com Note: Normally, the domain name - mydomain.com - should be displayed since the domain name is functional. As an extra confirmation step, you can set the domain name by using the following command: it_ domainname mydomain.com 5. Verify that this server can access DNS services. root@sil-servi:-# nslookup sli-servi Server 192.168.0,100 Address: 192.168.0.100#53 Name: s1l-servi.mydomain.com Address: _192.168.0,112 6. Verify that the /export /Ps file system has been configured on the system root@sil-servi:-~# zpool list NAME SIZE ALLOC FREE CAP ‘DEDUP HEALTH ALTROOT rpool 15.96 7.56G 8.316 47% 1.00x ONLINE - root@sll-servi:~# zfs list NAME USED AVAIL REFER MOUNTPOINT rpool 7.596 8.036 39.5K /rpool xpool/ROOT 1.896 8.036 31K legacy CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 2: Managing the Image Packaging System (IPS) and Packages Chapter 2 - Page 3Fpool/ROOT/solaris 1.896 8.036 1.736 7 rpool/dump 528M 8.056 - rpool/export 4.676 8.036 33K /export rpool/export/1PS 4.676 8.036 4.676 /export/IPS rpool/export /nome 66K 8.036 32K /export/home rpool/export/home/oracle 34K 8.036 34K /export /nome/oracle rpool/swap 528M @.05G 512M - Note: Your display may be different for space allocation/usage. Normally, a local IPS repository must be manually created on the local server. This involves creating a ZFS file system on the local server for the IPS repository and copying the repository files from the repository ISO image to the local repository. The following example shows the steps used to copy the IPS repository from the ISO image to a local ZFS file system. Do not run these commands in this practice. The repository has already been installed on the local server for you. # zfs create -o compression=on rpool/export /IPS # lofiadm -a sol # mount -F hsfs /dev/lofi/1 /mnt # rsyne -aP /mnt/repo /export/IPS Xxx-xXX-Fepo-full. iso The package repository is very large (approximately 4.4 gigabytes). Depending on the speed of your host machine, the rsync command can take a couple of hours to complete. 7. Assess the current IPS configuration on the Sol11-Servert system: Footasli-servi:-# aves application/pkg/server STATE STIVE FMRT disabled 17:00:56 sve: /application/pkg/server :default root@sli-servi:-# sveprop -p pkg/inst_root application/pkg/server /var/pkgrepo This system is not currently configured as an IPS server (the service is disabled). Note the default location of the IPS repository as determined by the pka/inst_root property. The /var/pkgrepo directory is not the correct location of your local repository. 8. Determine whether the IPS service is currently available: rootasli-servi:-F pkg search entire pkg: Unable to contact valid package repository Encountered the following error(s) This is likely a network configuration problem Framework error: code: § reason: Couldn't resolve host “pkg-oracle.com’ URL: ‘http: //pkg.oracle.com/solaris/release’. (happened 4 times) CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 2: Managing the Image Packaging System (IPS) and Packages Chapter 2 - Page 4Note: This step is only for your information. It will be especially useful on the job because you can see the displayed URL. In the training environment, your publisher URL should originally point to $11-SuperServer. In the current environment, since the publisher is pointing to the superserver, you will receive the package information. Searching for a package is a quick way of determining whether the IPS service is available, Based on the results shown here, this system has no access to the IPS service. 9. Set the application/pkg/server service pkg/inst_root property to the repository location (/export /1PS/repo). ootasil-servi:-# svecfg -s application/pkg/server setprop \ pkg/inst_roots/export/1PS/repo rootes1l-servl:~# 10. Set the application/pkg/server service pkq/readonly property to true root@sil-servi:-# svecfg -s application/pkg/server setprop \ pkg/readonly=true 11. Verify the application/pkg/server service inst_root property. Foot@sil_servi:-# eveprop -p pkg/inat_root \ application/pkg/server /export/IPS/repo 12. Refresh the app tion/pkg/server service. root@sil-servi:-# sveadm refresh application/pkg/server 13, Enable the application/pkg/server service. rootesil-servi:-# sveadm enable application/pkg/server 14. Verify that the appl icat ion/pkg/server service is enabled. rootesil-servi:-# sves application/pkg/server STATE STINE FMRI online 17:00:56 _ sve: /application/pkg/server:default 15. Use the pkgrepo refresh command to refresh the package repository. Footasll-servi:-# pkgrepo refresh —s /export/IPS/repo ‘When you create a new package repository, you must refresh the repository catalog so that the package search operations will work correctly. This may take several minutes to complete. 16. List the current package publishers. root@sil-servi:~# pkg publisher solaris origin online http://st1-es.aydomain.com/ This is what you should expect to see in the training environment. CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 2: Managing the Image Packaging System (IPS) and Packages Chapter 2 - Page 5wolarie origin chline Rttp://pkg.oracle .con/solaris/release This is what you would see on the job. ‘The command output shows the current publisher. A publisher is a forward domain name that identifies a person, group of persons, or an organization that publishes one or more packages. The repository type origin is the location of the package repository that contains both package metadata (package manifests and catalogs) and package content (package files). The default publisher URI is http://pkg.oracle.com/solaris/releasel. 17. Remove the current publisher URI (http://s11-ss.mydomain.com/) and add a new URI (http://s11-serv1_mydomain.com) to the publisher name solaris. Show the results. root@sll-servl:~# pkg set-publisher -G \ http://s11-ss.mydomain.com/ \ -g http: //sl1-servi.mydomain.com/ solaris root@sil-servi:~# pkg publisher PUBLISH TYPE STATUS URT solaris origin online http: //e11-servi mydonain.com 18, Test IPS on the local server by searching for the entire package, root@sil-servi:-# pkg search entire INDEX ACTION VALUE PACKAGE Pkg.fmri set solaris/entire pkg: /entireo.5.11-0.173 CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 2: Managing the Image Packaging System (IPS) and Packages Chapter 2 - Page 6Practice 2-2: Con Server uring a Network Client to Access the Local IPS Overview Now that you have a local package repository set up, you must configure the network clients to access the new repository. By default, clients are configured to use the publisher http://pkg.oracle.com/solaris/releasel. In this task, you reconfigure the client to access the http://s1 1-serv1 mydomain.com/ package publisher. Task: Configure a Network Client to Access the IPS Server Perform the following steps on the Sol11-Desktop machine to configure a network client to access the IPS server: 1, Double-click the Sol11-Desktop icon to launch the Sol11-Desktop virtual machine. 2. Log in to the Sol11-Desktop virtual machine as the oracle user. Use the password oraclet, 3. Right-click the desktop background and open a terminal window. 4. In the terminal window, run the su command to assume primary administrator privileges. oraclewsil-desktop:-$ su — Password: oraclel root@s11-desktop:~# 5. Verify that this client can access DNS services by resolving the IPS server host name. root@sil-desktop:-# nslookup sli-servi Server: 192.168.0.100 Address: 192.168.0,100#53 Name: sll-servl.mydomain.com Address: _192.168.0.112 6. Verify that this client can ping the IPS server. rootesil-desktop:-# ping sll-servi. gli-servi is alive 7. List the current package publishers. root@sll-desktop:-# pkg publisher TYPE STATUS URI solaria origin online http: //pkg.oracle,com/solaris/release This is what you can expect to see on the job, PUBLISHER TYPE STATUS URI solaria origin online http://s 284 mydomain..com/ This is what you can expect to see in the training environment. CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 2: Managing the Image Packaging System (IPS) and Packages Chapter 2 - Page 78 Remove the current publisher URI (http://s11-ss.mydomain.com/) and add a new URI (http://s1 1-serv1.mydomain.com) to the publisher name solaris. root@sii-desktop:-# pkg set-publisher -¢ \ http: //s11-ss.mydomain.com/ -g http: //s11-servi.mydomain.com/ solaris 9. Verify that the preferred publisher is http: //s11-servi .mydomain.com/. root@sil-desktop:-# pkg publisher PUBLISHER TPE STATUS URI solarie origin online hetp://sti-servi mydonain.com/ 10. Test client access to the IPS server by opening the http://s11-serv1.mydomain.com URL in the Firefox browser. WB package repostony = Meas Fron, ese en sey Beason ghey Yarecce wenn 6 7 D> Een apiece ORE conan a Mg ee package repository Search Packages Browse Packages 4m: ETE rors aR OT, OC WT AI PG TT Practices for Lesson 2: Managing the Image Packaging System (IPS) and Packagos Chapter 2- Page 8 Oracle Internal & Oracle Academy Use Only11. Using the package repository browser, search for the ent ire package: Palages | Seach | stab: Package Search 12, Close the Firefox browser. aR OT, OC WT AI PG TT Practices for Lesson 2: Managing the Image Packaging System (IPS) and Packages Chapter 2-Page 9 Oracle Internal & Oracle Academy Use OnlyPractice 2-3: Managing Multiple Boot Environments Overview In this practice, you create a new full BE based on the current BE. The current BE does not have the dif fstat package installed. You make the new BE the active boot environment and you update it with the dif fstat package. You reboot to the original boot environment to prove that the two BEs are now logically separate. This action is also useful in case the diffstat package is corrupted and you want to revert to the original environment. As part of this practice, you also mount and update an inactive BE. In addition, you create another BE (a copy of the current BE) and a backup copy. This will demonstrate to you how to manage multiple BEs on the system, To run this lab, you must be logged in to the Sol11-Server1 virtual machine as the oracle user and have obtained primary administrator privileges. See Practice 2-2 if you need help, Task: Note: Your display outputs may differ slightly. 1. Ina terminal window on the Sol11-Servert virtual machine, list the current BEs. root@sil-servi:~# beadm list BE Active Mountpoint Space Policy Created solaris NR / 2.0156 static 2011-08-05 14:13 The Active field indicates whether the boot environment is active now (X) and active on reboot (R). 2. Clone the current active BE. Name the clone solaris-1. root@sll-servi:~# beadm create solaris-1 3. List the current BEs. root@sil-servi:-# beadm list BE Active Mountpoint Space Policy Created solaris NR / 4.02G static 2011-08-05 14:13 solaris-1 79.0 static 2011-08-08 22:14 4. Activate the solaris-1 BE. Display the list of BEs. Note that solaris-1 is pending activation on reboot. root@sil-servi:-# beadm activate solaris-1 root@s11-servi:~# beadm list BE Active Mountpoint Space Policy Created solaris / 48.5M static 2011-08-05 14:13 solaris-1 R - 2.15 static 2011-08-08 14:13 ‘The activation process will take a short amount of time to store the data in the partition. CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 2: Managing the Image Packaging System (IPS) and Packages Chapter 2 - Page 105. Reboot the Sol11-Servert virtual machine. root@sil-servi:-# init 6 Notice that solaris~1 is now the default boot entry in the GRUB menu. Fatal ieag oman ecine View avess Hp GMI CRB version 0.97 (699K Louse + 2096064K upper rem) Use the 1 and 4 toys to gelect wich ontey Le Mightightod. Press enter to boot the selected 0S, "ec" to edit the Cormands before bootinj. or “e* Tore tommni-Tine, BO7F50 OBwma 6. After Solt1-Servert has rebooted, log in as the oracle user and su to root 7. Ina terminal window, list the current BEs. root@sil-servi:-# beadm list BE ve Mountpoint Space Policy Created solaris - - 6.20M static 2011-05-01 22:14 solaris-1 NR / 2.286 static 2011-08-08 14:13 Note that the solaris-1 image is now active. 8. Verify that the dif fstat package is not currently installed on the new active BE. root@sil-servi:-# pkg list diffstat pkg list: no packages matching “diffstat’ installed CaRyiGRTS BOT, ae ar Aas, A RG aT, Practices for Lesson 2: Managing the Image Packaging System IPS) and Packages Chapter 2- Page 11 Oracle Internal & Oracle Academy Use Only9. Install the dif f£stat. package on the new active BE, root@sil-servi:-# pkg install diffstat creating plan Packages to install 1 Create boot environment No DOWNLOAD PKGS FILES Completed a «6/6 0.0/0.0 PHASE ACTIONS: Install Phase 23/23 PHASE ITEMS Package State Update Phase wt Image State Update Phase 2/2 10. Activate the solaris BE. Display the list of BEs. Note that solaris is pending activation on reboot, root@sil-servi:~# beadm activate solaris root@s1l-servi:~# beadm list BE Active Mountpoint Space Policy Created solaris R - 2.16 static 2011-08-05 14:13 solaris-1 i 94.44M static 2011-08-08 14:13 11, Reboot the Sol11-Servert virtual machine. After Sol1 1-Servert has rebooted, log in as the oracle user and su to root. rootesil-servi:-# init 6 12. Verify that the solaris image is now active and that the 4: ‘stat package is not installed, rootesil-servi:-# beadm list BE Active Mountpoint Space Policy Created solaris NR / 2.19G static 2011-08-05 solaris-1 158.6M static 2011-08-08 7 root@s1l-servi:~# pkg list diffatat pkg list: no packages matching “diffstat’ installed 13, Mount the inactive BE, yootasll-servi:-¥ mkdir -p /solari-1 root@sil-servi:-# beadm mount solaris-1 /solaris-1 rootesil-servi:-# beadm list BE Active Mountpoint Space Policy Created solaris 2.19G static 2011-08-05 14:13 solaris-1 - {solaris-1 158.6M static 2011-08-08 14:13 CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 2: Managing the Image Packaging System (IPS) and Packages Chapter 2 - Page 1214, Verify that the dif £stat package is installed in the inactive BE: root@sll-servi:~# pkg -R /solaris-1 verify -v diffstat Verifying: PACKAGE STATUS pkg: //solaris/text/diffstat ox 15, Remove the dif fstat package from the mounted inactive BE. root@sll-servi:-# pkg -R /solaris-1 uninstall diffstat creating Plan. Packages to remove: 1 Create boot environment: No PHASE ACTIONS Removal Phase 18/18 PHASE ITEMS Package State Update Phase wi Package Cache Update Phase ah Image State Update Phase 2/2 root@sll-servi:~# pkg -R /solaris-1 list diffstat pkg list: no packages matching “diffetat’ installed 16. Unmount the inactive BE. root@sil-servi:-# beadm unmount solaris-1 17. Create a snapshot of the solaris BE. Name the snapshot backup gll-servi:— beadm create solaris@backup 18. Display the list of snapshots associated with the solaris BE root@sil-servi:~# beadm list -a solaris a2/Dataset /Snapshot Active Mountpoint space Policy Created ‘pool /ROOT/aolaris mf 5.493 © 2011-08-05 22:14 =pool/ROOT/solarise2011 22.21 fe 2011-08-08 14:13 rpool/ROOT/solarissbackup - - 28.0K © 2011-08-08 14:19 zpool/ROoT/solarissinstall a.sac © 2011-98-05 22:33 19, Create a new boot environment from the solaris@backup snapshot. Name this BE solaris-2 Sli-servi:-¥ beadm create -e solaris@backup solaris-2 beadm list s11-servi Active Mountpoint Space Policy Created solaris static 2011-08-05 22:14 solaris-1 static 2011-08-08 14:13 solaris-2 static 2011-08-08 14:59 CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 2: Managing the Image Packaging System (IPS) and Packages Chapter 2 - Page 1320. Delete the solaris-2 BE and show the results. root@sll-servi:-~# beadm destroy solaris-2 Are you sure you want to destroy solaris-2? This action cannot be undone(y/ (nl): rootesil-servi:~# beadm list BE Active Mountpoint Space Policy Created solaris NR / 57.51M static 2011-08-05 22:14 solaris-1 - - 158.71M static 2011-08-08 14:13 21. Rename the original solaris-1 BE to solaris-alt. gil -servi:— bead rename solaris-1 solaris-alt 22. List the boot environments. root@sil-servi:-# beadm list BE Active Mountpoint Space Policy Solaris NR / 2.226 static solaris-alt - : 64.02M static created 2011-08-08 14:58 2011-08-05 22:14 CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 2: Managing the Image Packaging System (IPS) and Packages Chapter 2 - Page 14Practices for Lesson Installing Oracle Solaris 11 on Multiple Hosts Chapter 3 CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 3: Installing Oracle Solaris 11 on Multiple Hosts Chapter 3 - Page 1 Oracle Internal & Oracle Academy Use OnlyPractices for Lesson 3 Practices Over According to the predeployment plan and checklist, you will now start configuring the Automated Installer (Al). The Al configuration practices will help you to understand how you can save time and resources while installing Oracle Solaris 11 on multiple client hosts individually. v Oracle Solaris 11 Predeployment Checklist Managing the Image Packaging System (IPS) and Packages Installing Oracle Solaris 11 on Multiple Hosts Managing the Business Application Data Configuring Network and Traffic Failover Configuring Zones and the Virtual Network Managing Services and Service Properties Configuring Privileges and Role-Based Access Control Securing System Resources Using Solaris Auditing Managing Processes and Priorities Evaluating System Resources Monitoring and Troubleshooting System Failures In the following practices, you install Oracle Solaris 11 OS on an x86/64 machine in an automated, unattended manner. Your first task is to verify that the system meets the Al requirements. In the second task, you configure the Alon a server. Then as a final step, you deploy the OS on a network client. Before you install the Oracle Solaris 11 OS by using Al, you must first download the Oracle Solaris 11 Al install image from the following site: http://www. oracle. com/technetwork/server-storage/solaris11/downloads/index htm The Al installation download is in an ISO image format that can be burned to a CD or DVD, or used directly within Oracle VM Server or other virtualization software. Note: For training purposes, the Al ISO has already been downloaded for you. The ISO image file can be found in the /opt /ora/course_files directory of the Sol11-Serv1 virtual machine CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 3: Installing Oracle Solaris 11 on Multiple Hosts Chapter 3 - Page 2Practice 3-1: Verifying the System Al Requirements (Optional) Overview This practice takes you through the steps for checking the existing version of Oracle Solaris 11 to verify the system requirements for the Al installation. For the purposes of Al configuration, you will need to configure the IPS repository on the local VM (S11-Servert) so that you can minimize the package deployment. Note: If you have completed Practice 2 during Lesson 2, skip this practice. It is included here as a checkpoint prerequisite because you need to ensure that the IPS repository is properly configured before you configure Al Tasks 1. Verify that the Sol11-SuperServer and Sol11-Servert virtual machines are running, If the virtual machines are not running, start them at this time. 2. Log in to virtual machine Sol11-Server1 as the oracle user. Use the password oracle 3. Run the su command to assume primary administrator privileges. oracle@sii-servi:-$ su — Password: oraclel rootesii-servi:~# 4. Verify that the operating system is Oracle Solaris 11 Build 173 release. root@sil-servi:-# cat /etc/release oracle Solaris 11 snv 2 xB6 Copyright (c) 1983, 2011, Oracle and/or its affiliates. All rights reserved Assembled 26 August 2011 5. Verify that the operating system is configured with a static IP address. Footesll-servii-# aves network/physical:default STATE STIME FMRI online 15:02:57 sve: /network/physical:default root@s11-servi:~# ipadm show-addr ADDROBJ TYPE STATE ADDR neto/va static ok 192.168.0.112/24 6. Verify that DNS is operational. root@sll-servi:~# nslookup s1i-servi.mydomain.com server 192.168.0.100 Address 192.168.0.100#53 Name: $11-servi.mydomain.com Address: 192.168.0.112 CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 3: Installing Oracle Solaris 11 on Multiple Hosts Chapter 3 - Page 37. Verify that the /export/1Ps file system has been configured in the rpoo! on the system. root@sil-servi:~# zpool list NAME SIZE ALLOC FREE CAP DEDUP HEALTH ALTROOT rpool 32G 9.986 22.06 31% 1.00x ONDINE - rootasii-servi:-# 2fs list NAME USED AVAIL REFER MOUNTPOINT rpool 10.06 21.56 38K /rpool rpool/ROOT 2.646 21.56 31K legacy rpool/ROOT/solaris 2.646 21.56 2.446 / rpool/dump 1.036 21.56 1.006 - rpool/export 5.356 21.56 33K export rpool/export/IPS 5.35G 21.56 5.35G /export/1PS rpool/export /home 74K 21.56 40K /export/home rpool/export/home/oracle 34K 21.56 34K export /home/oracle rpool/swap 1.036 21.56 1.006 - Note: Your display may be slightly different based on the type of disks and platform. Normally, a local IPS repository must be manually created on the local server. This involves creating a ZFS file system on the local server for the IPS repository and copying the repository files from the repository ISO image to the local repository. The following example shows you the steps to copy the IPS repository from the ISO image to a local ZFS file system. Do not run these commands in this practice. The repository has already been installed on the local server for you. # 2£s create -o compression=on rpool/export/IPS # lofiadm -a sol-11-xxx-xxx-repo-full.iso # mount -F hsfs /dev/lofi/1 /mnt # rsync -aP /mnt/repo /export/IPs The package repository is very large (approximately 5.34 GB). Depending on the speed of your host machine, the rsync command can take a couple of hours to complete. 8. Assess the current IPS configuration on the Sol11-Servert system: Footasli-servi:-# eves application/pkg/server STATE, STINE FMRI disabled 17:00:56 vc: /application/pkg/server:default root@s11-servi:-# sveprop -p pkg/inst_root application/pkg/server /var/pkgrepo This system is not currently configured as an IPS server (the service is disabled). Note the default location of the IPS repository as determined by the pkg/inst_root property. The /vax /pkgxepe directory is not the correct location of your local repository. Note: When you configure IPS for the first time, you will see this default value. It is shown here for that purpose. You will change it to the local ZFS file system, CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 3: Installing Oracle Solaris 11 on Multiple Hosts Chapter 3 - Page 410, "1 12, 13, 14, 15, 16. Set the pkg/inst_root property of the applicat ion/r repository location /export /IPS/repo. .g/ server service to the local root@sil-servl:-# svecfg -s application/pkg/server setprop \ pkg/inst_root=/export/IPS/repo root@s11-servi:~# Set the pkg/readon1y property of the applicat ion/pkg/server service to true. root@sil-servi:-# svecfg -s application/pkg/server setprop \ pkg/readonly-true Verify the inst_root property of the application/pkg/server service Footasll-servi:-# sveprop -p pkg/inst_root \ application/pkg/server Jexport/1PS/repo Refresh the applicat ion/pka/server service rootasil-servi:-# sveadm refresh application/pkg/server Enable the app1ication/pkg/server service, root@sll-servi:-# svcadm enable application/pkg/server Verify that the applicat ion/pkg/server service is enabled. root@sil-servi:-# eves application/pkg/server STATE STIME FMRI online 17:00:56 sve: /application/pkg/server:default Use the pkgrepo refresh command to refresh the package repository. root@sll-servi:-# pkgrepo refresh -s /export/IPS/repo When you create a new package repository, you must refresh the repository catalog so that the package search operations will work correctly. This may take several minutes to complete. List the current package publishers. pkg publisher TYPE ‘ATUS URI origin online http: //sti-se.nydomain.con/ The command output shows the current publisher. A publisher is a forward domain name that identifies a person, group of persons, or an organization that publishes one or more packages. The repository type origin is the location of a package repository that contains both package metadata (package manifests and catalogs) and package content package files). The default publisher URI is http://pkg.oracle.com/solaris/releasel. CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 3: Installing Oracle Solaris 11 on Multiple Hosts Chapter 3 - Page 517. Remove the current publisher URI (http: //s11-ss-mydomain.com/) and add anew URI (nttp://s11-servi.mydomain. com) to the publisher name solaris. Show the results, rootasll-servi:-# pkg set-publisher -G \ > http: //s11-ss.mydomain.com/ -g http: //s11-servi.mydomain.com/ \ solaris pkg publisher TYPE STATUS URI polaris origin online http://e11-servi .mydomain.com Note: The value specified after the -c option is also mentioned here as the original default that you will see while installing the repository for first time. In the lab environment, use the value displayed in the previous step. CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 3: Installing Oracle Solaris 11 on Multiple Hosts Chapter 3 - Page 8 Oracle Internal & Oracle Academy Use OnlyPractice 3-2: Con uring the Al Server Overview After you have verified that the server meets the Al requirements, you are ready to configure the Al server. After the configuration is complete, you will be able to install the Oracle Solaris 11 OS on one or more client hosts. This practice will set up a DHCP server as part of the configuration. This DHCP server allocates an IP address to the client host. Tasks Note: Because you are not using the default IPS service, you will need to adjust the default, Al service accordingly. 1. On the Sol11-Servert virtual machine, check whether the sve: /network/dns/multicast service is online. If the service is not online, enable it. root@sll-servi:~# sves network/dns/multicast STATE STIME FMRT disabled 1:08:14 sve: /network/dns/multicast :default root@sil-servi:-H sveadm enable network/dns/multicast root@s1l-servi:~# sves network/dns/multicast STATE STIME FMRT online 1:32:27 sve: /network/dns/multicast :default 2. Verify that the netmasks file is configured appropriately for the DHCP service. rootesil-servi:-# getent netmasks 192.168.0.0 Note that DHCP requires that the network mask for the local subnet should be configured in the /etc/netmasks file. If an entry does not exist, update the net masks file now. # vi /etc/netmasks 192.168.0.0 255.255.255.0 root@sil-servi:-# getent netmasks 192.168.0.0 192.168.0.0 255.255.255.0 3. Use the installadm create-service command to create an Al service based on the following information: - Service name: basic_ai - DHCP base IP address: 192.168.0.130 DHCP IP address range: 5 - ALISO image location: /opt /ora, Target directory: /export /ai/pasic_a urse_files/sol-11-dev-173-ai-x86.iso rootasii-servi:-# installadm create-service -n basic_ai \ -s /opt/ora/course files/sol-11-dev-173-ai-x86.iso \ CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 3: Installing Oracle Solaris 11 on Multiple Hosts Chapter 3 - Page 74 ~i 192.168.0.130 -c 5 -a /export/ai/basic_ai Creating service from: /opt/ora/course_files/sol-1 x86. iso Setting up the image -dev-173-ai- Creating service: basic_al Image path: /export/ai/basic_ai Starting DHCP server Adding IP range to local DHCP configur Unable to determine a route for network 192.168.0.0. Setting the route temporarily to 0.0.0.0; this should be changed to an appropriate value in the DHCP coi guration file. Please see dhepd(8) for further information Refreshing install services Creating default-i386 alias Setting the default PXE bootfile in the local DHCP configuration to ‘default -i386/boot /grub/pxegrub! Refreshing install services Note: If a warning message “Unable to determine a route...” appears, ignore it because itis caused by the virtual machine network configuration. The same is true for any other wamings. However, these messages have no impact on this practice. Note: If you need to, you can remove an Al service and its associated clients by using the command installadm delete-service -r svename. Use the installadm list command to verify that your Al service is installed. root@sil-servi:-# installadm list Service Name Alias Of Status Arch Image Path on x86 /export/ai/basic ai on x86 /export/ai/basic_ai CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 3: Installing Oracle Solaris 11 on Multiple Hosts Chapter 3 - Page 8 Oracle Internal & Oracle Academy Use Only5. Use the installadm create-client command to add the client MAC address for the Sol11-Client1 virtual machines to the basic_ai service. root@sil-servi:~# installadm create-client -e \ 08:0 5:C7:D6 -n basic ai Adding host entry for 08:00:27:85:C7:D6 to local DHCP configuration Note that, on the job, you will not encounter duplicate MAC addresses on your network. You should verify carefully what your actual network client systems’ MAC addresses are in order to properly install Oracle Solaris 11 on them 6. Use the installadm list ~c command to verify that the client was added to the Al server basic_ai rootasil-servi:-# installadm list -< Service Name Client Address Arch Image Path basic_ai 08:00:27:85:C7:Ds i386 /export/ai/basic_ai 7. Create the directory /var/tmp/mani fests to store the Al manifest files. rootasil-servi:-# mkdir -p /var/tmp/manifests 8. Copy the default manifest file to the /var/tmp/manifests/basic_ai.xm1 file so that you can modify it for your configuration. Foot@sil-servi:-# ep \ /export/ai/basic ai/auto_install/manifest/default.xml \ /var/tmp/manifests/basic_ai.xnl 9. Using the vi editor, modify the auto_insta11 section of the /var/tmp/manifests/basic_ai.xm1 file and use the following data. auto_instal1 manifest - Alinstance name (ai_instance name): basic ai = Auto-teboot (auto_reboot): ~ IPS origin URI: http: //s1i-servi.mydomain.com - IPS package: ent ire (confirm it uses the ent ire package) IPS package: solaris-large-server (confirm it uses the solaris-large server package) 10. Use the ai f£ command to view the differences between the basic_ai.xml file and the default xm! file rootasil-servi:-# aiff /var/tmp/manifeste/basic_ai.xml \ /export/ai/basic ai/auto install/manifest/default.xnl 27027 < > CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 3: Installing Oracle Solaris 11 on Multiple Hosts Chapter 3 - Page 9< > corigin name="http://pkg.oracle.com/solaris/release"/> This output shows you the modifications that you made to the basic_ai. xm! file. 11. Create a MAC address-based criteria file named criteria _ai.xml inthe Jvax /tmp/manifests directory. Use the MAC address of the network client Sol11- Client1 Foota@sll-servi:-# vi /var/tmp/manifests/oriteria_ai-xml 08:00:27:8! e="mac"> 7 :D6 Note: If the Al client does not match the criteria for a service (in this case, a specific. MAC address), the Al service will use the default manifest when installing the OS. 12. Add the basic ai manifest and criteria file to the basic_ai service. Foot@sil-servi:-# installadm create-manifest -n basic_ai \ -£ /var/tmp/manifests/basic_ai.xm1 \ -C /var/tmp/manifests/criteria_ai.xml ‘When a custom Al manifest (basic_ai.xm1, in this example) is defined for this install service and the client matches the criteria specified (in the criteria _ai.xml file) for the custom Al manifest, the client will use that manifest. In cases where client characteristics match multiple Al manifests, the client characteristics are evaluated in the order: mac, ipv4, platform, arch, cpu, and men. If the client does not match the criteria for any custom Al manifest, the client uses the default Al manifest 13. Use the installadm list -m command to verify that your manifest and the criteria have been added to the basic_ai service. rootesil-servi:-# installadm list -m Service Name Manifest status default-i386 orig _ default Default basic ai basic ai orig default Default root@sil-servi:-# installadm list -m -n basic ai Manifest Status Criteria basic ai mac = 08:00:27:85:C7:D6 orig default Default None CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 3: Installing Oracle Solaris 11 on Multiple Hosts Chapter 3 - Page 10Practice 3-3: Deploying the OS on the Network Client Overview After you complete the Al server configuration, itis time to test your work by deploying the Oracle Solaris 11 operating system on a network client. You will use the VM named Solt 1- Client1 as the client host. After the client is imaged from the Al server, you will verify that the install was done completely and accurately. Tasks 1. On the host system, launch the Oracle VM VirtualBox Manager. 2. Start the Sol11-Servert virtual machine and verify that itis running, 3. Click the Sol11-Client1 virtual machine icon. 4. Click the Start button. This will boot the Sol11-Client1 virtual machine. If the Al server is configured correctly, you should see the OS installation begin. Note: If the Sol11-Client1 virtual machine fails to boot with a “No bootable medium found” error, change the virtual machine adapter. To change the adapter type, open the Oracle VM VirtualBox Manager, select the Sol11-Clientt virtual machine, and click Settings. In the Settings dialog box, select Network and click Advanced under Adapter 1. Select another adapter from the Adapter Type menu. Restart the Sol11-Client1 virtual machine. Note: Perform the next step as soon as possible, When the Sol11-Client1 system starts the GNU GRUB menu, select the oracle Solaris 11 snv_173 Text Installer and command Line boot option, SCENT Lavra as Sua rarer ae FT Bo 9POO Sw CaRyiGRTS BOT, ae ar Aas, A RG aT, Practices for Lesson 3: Installing Oracle Solaris 11 on Multiple Hosts Chapter 3 - Page 116. On the next screen, type option 1 for “Install Oracle Solaris" and press Enter as instructed. During the OS installation process, use the following configuration data to complete the Text installation. Note: The Text installer program directs you to use the F2 or Esc + 2 keys to move to the next step in the installation process. - Installation menu: 1. Install oracle Solaris - Disks: default - Fdisk Partitions: Use the whole disk. - Computer name: s12-client1 ~ Ethernet network configuration: Automatically - Time zone: Use your local region. - Date and time: Set fo current date and time. - Root password: oracle - User accour - Your real name: oracle - Username: oracle - Passwor 7. The installation should take around 10 minutes. You will see an “i message display. raclel stallation complete” Rees thes wow Gea ed 8. After the installation has completed, reboot (F8) the Sol11-Client1 virtual machine. 9. After Solt1-Client1 completes the initial boot, shut down the virtual machine. Oracle Internal & Oracle Academy Use Only CRAIGS BOT, ae rs ASE, A PG ATT, Practices for Lesson 3: Installing Oracle Solaris 11 on Multiple Hosts Chapter 3 - Page 12Practices for Lesson 4: Managing Business Application Data Chapter 4 CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 4: Managing Business Application Data Chapter 4 - Page 1 Oracle Internal & Oracle Academy Use OnlyPractices for Lesson 4 Practices Overview Following the predeployment test plan, you now need to address the storage requirements of the business applications. You need to configure multiple ZFS storage pools. In this case, your organization is working with the Oracle CRM application. Then you need to create file systems for storing business application data. For file system backup and recovery, you will create snapshots and clones. Then you will need to explore ZFS property compression to minimize the storage space. The default file system for Oracle Solaris 11 is ZFS. ZFS is the root file system on Oracle Solaris 11 that offers a superior experience in terms of manageability, scalability, and data integrity. The key areas explored in this practice are: * Managing data redundanoy with a ZFS mirrored pool + Using ZFS snapshots for backup and recovery * Using a ZFS clone * Configuring ZFS compression Troubleshooting ZFS failures Let's look at our checklist to see where we are. v Oracle Solaris 11 Predeployment Checklist Managing the Image Packaging System (IPS) and Packages Installing Oracle Solaris 11 on Multiple Hosts Managing the Business Application Data Configuring Network and Traffic Failover Configuring Zones and the Virtual Network Managing Services and Service Properties Configuring Privileges and Role-Based Access Control Securing System Resources Using Oracle Solaris Auditing Managing Processes and Priorities Evaluating System Resources Monitoring and Troubleshooting System Failures CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 4: Managing Business Application Data Chapter 4 - Page 2Practice 4-1: Managing Data Redundancy with a ZFS Mirrored Pool Overview In this practice, you test application data redundancy by using different scenarios. First you create a ZFS mirrored pool that contains one mirror. To minimize the chances of losing data, you distribute the data over two mirrors. At this time, to address a policy change, you reconfigure the pool to keep three copies of data, which requires you to create a three-way mirror. Tasks 1. Verify that the Sol11-SuperServer and Sol11-Server! virtual machines are running. This can be determined by viewing the Oracle VM VirtualBox Manager window and checking the run status for each virtual machine. If the virtual machines are not running, start them now. 2. Log into the Sol11-Servert virtual machine as oracle user. Use the oracle1 password. Assume administrator privileges. 3. Execute the zpool 1ist command to display the ZFS pools that are currently configured in the system. root@sil-servi:~# zpool list NAME E ALLOC FREE CAP DEDUP HEALTH ALTROOT rpool 32G 10.66 21.4G 33% 1.00x ONLINE - Currently, the only ZFS pool that is available is the root pool, which is needed to make the ZFS file system a root file system. 4. Use the zpool status command to determine the disks that are currently configured for the ZFS rpool root@sll-servi:-# zpool status rpool pocl: xpeol state: ONLINE scan: none requested config NAME STATE READ WRITE CKSUM rpool ONLINE ° ° ° c7t0d0s0 ONLINE ° ° ° errors: No known data errors This display shows that rpoo! is using the local disk 7t odo. So while creating new pools, leave this disk untouched. CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 4: Managing Business Application Data Chapter 4 - Page 35. Execute the format command to identify any additional disks configured in the system. root@sil-servi:~# format Searching for disks. ..done AVAILABLE DISK SELECTIONS 0, e7t0d0 /peiso,0/peiaoss,282980/aicke2,0 c3d0 4205 alt 2 ha 255 sec 63> /pei#0,0/peis0s6 ,282930/diska3,0 2. cTeadd /pcia0,0/pci 8086 ,282980/di skee,0 4, cTe5d0 /peiad,0/pciaoss, 2828ad/diskes,0 5. cTe6d0 /peiao,0/pcia0s6,282980/dickes,0 ‘ Jd /pcia0, 9/pci 8086 ,282986/di ska7,0 7. cTe8dO /pcie, 0/pcis0se ,282986/dickes, 0 8, cTe9do /pcis0,0/pcie0ss, 28298d/diekss,0°D *C The display tells you that disks <7t2d0 to c7t9d0 are available for use. To cancel the format command, press CTRL-C or CTRL-D. Create a mirrored ZFS pool named oraclecrm by using the disks c7t2d0 and c7t340. Show the results. root@sil-servi:-# zpool fe oraclecrm mirror c7t2d0 ¢7t3d0 root@sll-servi:~-# zpool NAME SIZE ALLOC EE CAP. P HEALTH ALTROOT oraclecrm 1.026 112K 1.026 0% 1.00x ONLINE - rpool 32G 10.66 21.46 33% 1.00% ONLINE - Here you created a pool called oraclecrm with a mirror by using two free disks. The purpose of this pool is to store the Oracle business application Customer Relationship Management (CRM) components. Because your company required redundancy, you have created a mirror, meaning that you have an online copy of the CRM data. This online copy will come in handy in case one of the disks gets corrupted. Oracle Internal & Oracle Academy Use Only CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 4: Managing Business Application Data Chapter 4 - Page 47. Add another mirror in the oraclecrm pool, root@sll-servi:~# zpool add oraclecrm mirror c7t4d0 c7t54d0 s1l-servi:-# zpool status oraclecrm pool: oraclecrm ONLINE : none requested NAME STATE READ oraclecrm ONLINE ° ° ° mirror-0 ONLINE ° o ° c7t2d0 ONLINE - - - c7t3d0 ONLINE mirror-1 ONLINE ° ° ° c7t4d0 ONLINE - - - c7tSd0 ONLINE - - - errors: No known data errors Your company is very concemed about losing data because of data or disk corruption. You are asked to spread the data over multiple disks to mitigate the risk of data loss. To satisfy this objective, you create another mirror by using two free disks. Now, the data is distributed over the two mirrors and the respective disks. This means that 50% of the data will be stored in the first mirror and 50% of the data in the second mirror. You will see a demonstration subsequently. 8. Check the capacity of both the mirrors by issuing the zpool iostat -v oraclecrm command. root@sil-servi:~# zpool iostat -v oraclecrm capacity operations bandwidth pool allec free read write read write oraclecrm 110K 2.056 ° 30, 34.3K mirror 77K 1.026 ° an 22.9K e7t2d0 - - ° 20 90.5K e7t3ao ° 21 90.5K mirror 33.5K 1.026 ° 22 0 27.9K e7tado - - 1 23 197K e7tsao - - 1 24 197K Here you see the two mirrors listed with their details. Note that the total free space in the pool, 2.05G, has been equally distributed between the two mirrors (1.02G each). The alLloc column shows the ZFS overhead. CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 4: Managing Business Application Data Chapter 4 - Page 59. Determine the mount point of the top-level file system. root@sll-servi:-# zfs list oraclecrm NAME USED AVAIL REFER MOUNTPOINT oraclecrm 94K 2.016 31K /oracleerm The mount point of the pool or the top-level file system of oraclecrm is /oraclecrm. This is the root of the pool; that is, all the file systems that are created will be within this mount point. 10. Create a2 MB file by using the mk£ile command. Check the file storage allocation for the mirrors by running the zpool iostat command root@sll-servi:-~# mkfile 2m /oraclecrm/crmindex rootes11-serv: # zpool iostat -v oraclecrm capacity operations —_ bandwidt! pool alloc free read write read write oraclecrm 2.26M 2.046 0 18128 26.5K mirror 1.06M 1.026 ° 1300128 -17.2K e7tado ° 12 9.31K 8.5K e7t3do - - ° 129 58.5K mirror 1.20M 1.026 ° 9 0 14.5K e7t4do - - ° 9 14.4K 80.5K e7tsdo ° 9 14.4K 80.5K Note: Your display may show different numbers. Your CRM analyst shared with you that a small file will be needed for storing the index of the CRM application. You create a 2 MB file called crmindex in the pool. Note how this 2 MB worth of storage has been roughly divided between the two mirrors. This shows that all CRM data will be divided between the two mirrors. Hint: In some cases, it may help to wail for some time before issuing the zpool iostat command to allow ZFS to complete writing to the mirrors. 11, Use the zfs List oraclecrm command to list the capacity summary for the oraclecrm pool rootesii-servi:-# #fe list oraclecrm NAME USED AVAIL REFER MOUNTPOINT oraclecrm 2.09M 2.016 2.03M /oracleerm Note the space used now at the top-level file system. This reflects the 2 MB of storage used by the crmindex file CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 4: Managing Business Application Data Chapter 4 - Page 812, Use the zpool destroy oraclecrm command to delete the pool. Confirm the deletion by using the zpool List command. root@sll-servi:~# zpool destroy oraclecrm root@sil-servi:~# zpool list oraclecrm cannet open 'oraclecrm': no such pool Based on a review by the CRM analyst, there was a change in direction. It was agreed that you keep three copies of data and not distribute it over two separate mirror sets. To address this objective, you delete the current data redundancy configuration and destroy the pool to create the new configuration 13, Re-create the mirrored ZFS pool named oraclecrm by using the disks ¢7t2d0 and c7t3d0. Show the results. root@sll-servi:-# zpool create oraclecrm mirror c7t2d0 c7t3d0 root@s1l-servi:~# zpool list NAME SIZE ALLOC FREE CAP DEDUP HEALTH ALTROOT oraclecrm 1.026 126K 1.026 0% 1.00x ONLINE rpool 32G 10.66 21.4G 33% 1.00x ONLINE - Note: The purpose of the reconfiguration is to create a three-way mirror now and reuse the existing storage disks. This will also assist you in focusing on a cleaner setup, for instance, having one mirror. 14, Use the zpool attach command to add another disk to the mirror to make ita three-way mirror. Confirm this action by using the zpool status command. root@sil-servi:-~# zpool attach oraclecrm ¢7t2d0 c7t4d0 root@sil-servi:-# zpool status oraclecrm pool: oracleerm state: ONLINE scan: resilvered 86.5K in 07:51:21 2011, m with 0 errors on Sat Oct 1! config NAME STATE READ WRITE CKSUM, oraclecrm ONLINE ° mirror-0 ONLINE ° c7t2d0 ONLINE - - - c7t3d0 ONLINE - - - e7t4do ONLINE - - - errors: No known data errors Now this new configuration meets the objective of maintaining redundancy by keeping three copies of data on three individual disks. The application data can be created as shown earlier. CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 4: Managing Business Application Data Chapter 4 - Page 7Notice that the attach command specifies an existing disk in the mirror and a free disk to be included in the mirror. The result is displayed by the status command. The status display also shows the resilvering action. The purpose of resilvering is to replicate data on the newly added disk 15. Use the zpool add command to add a cache device to the mirror to allow the cache device to be used as local pool memory. Confirm this action by using the zpool status ‘command. root@sil-servi:-# zpool add oraclecrm cache ¢7t5d0 root@s11-servi:-# zpool status oraclecrm pool: oraclecrm state: ONLINE scan: resilvered 86.5K in OhOm with 0 errors on Sat Oct 15 07:52:21 2011 config NAME oraclecrm ° mirror-0 ONLINE ° e7t2d0 ONLINE - - - e7t3d0 ONLINE - - - c7tado ONLINE, cache c7tsd0 ONLINE, ° ° ° errors: No known data errors This added device will serve as local memory for the pool to boost the input/output performance. Your business analyst had indicated that you may need to boost the V/O performance of the pool. 16. Your business analyst has now indicated that you do not need to boost pool performance because of the low volume of data. Use the zpool remove command to delete the cache device. Confirm this action by using the zpool status command, root@sll-servi:-# zpool remove oraclecrm c7t5d0 root@s1l-servi:~# zpool status oraclecrm pool: oraclecrm state: ONLINE scan: resilvered 86.5K in OhOm with 0 errors on Sat Oct 1 07:51:21 2011 config: NAME STATE oraclecrm ONLINE ° o ° mirror-0 ONLINE © o ° CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 4: Managing Business Application Data Chapter 4 - Page 817. Use the zpool destroy command to delete the pool. Use the zpool, oc e7t2d0 ONE: c7t3d0 ONL: c7t4do ONLINE - - - errors: No known data errors Note that the cache device does not appear in the display. ist command to confirm the deletion, zpool list ALLOC FREE CAP DEDUP oraclecrm 1.026 150K 1.026 0% 1.00x rpool 32G 10.6G 21.4G 33% 1.00x NAME root@sll-servi:~# zpool destroy oraclecrm sll-servl:-# zpool list SIZE ALLOC FREE CAP DEDUP HEALTH ALTROOT 32G 10.66 21.46 33% 1.00x The purpose of destroying this poo! is to conclude working with the mirrors. In the next practice, you will create a new pool with no mirrors to simplify working with ZFS backup and recovery functions. In addition, you will create a pool with no mirrors. Pract CaRTTGRTS BOT, OFS STG SNS A TE ERT 288 for Lesson 4: Managing Business Application Data Chapter 4 - Page 9 Oracle Internal & Oracle Academy Use OnlyPractice 4-2: Using ZFS Snapshots for Backup and Recovery Overview According to your predeployment test plan, in this practice, you evaluate the data backup and recovery mechanism in Oracle Solaris 11. For backing up the data, you will create snapshots, as well as use ZFS send/receive commands. The send/receive commands can be used to save the backed up data (snapshots) on the local or remote machine. You will use rollback commands to recover the backed up or lost data Tasks 1. Verify that the Sol11-SuperServer and Sol11-Server! virtual machines are running. This can be determined by viewing the Oracle VM VirtualBox Manager window and checking the run status for each virtual machine. If the virtual machines are not running, start them now. 2. Log into the Sol11-Servert virtual machine as the oracle user. Use cracle1 as the password. Assume administrator privileges. 3. Execute the zpool 1ist command to display the ZFS pools that are currently configured in the system. root@sil-servi:-# zpool list NAME SIZE ALLOC FREE CAP DEDUP HEALTH ALTROOT rpool 326 10.66 _21.4G 33% 1.00x ONLINE - 4, Run the zpool create command to create a pool with two top-level virtual devices. Check the pool information by using zpool list and zpool status. root@sil-servi:-# zpool create oraclecrm c7t3d0 c7t4d0 ‘oraclecrm! successfully created, but with no redundancy; failure of one device will cause loss of the pool rootasil-servi:-# zpool list NAME SIZE ALLOC FREE CAP HEALTH ALTROOT oraclecrm 2.056 123K 2,.05G 0% 1.00x ONLINE - rpool 32G 10.66 21.4G 33% 1.00x ONLINE - You now create a fresh pool by using two disks. This will give you experience in creating a simple pool without any mirror. Because your configuration is simple, your displays will be clean and easy to follow. Confirm that the new pool has been created. root@s1l-servi:~# zpool status oraclecrm pool: oraclecrm state: ONLINE scan: none requested config NAME STATE READ WRITE CKSUM oraclecrm ONLINE e ° ° c7t3d0 ONLINE o ° ° c7t4d0 ONLINE ° ° ° errors: No known data errors CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 4: Managing Business Application Data Chapter 4 - Page 10Create a file system named oraclecrm/crmdata with a mount point of /ermdata Check the file system creation and the mount point by running the zfs 1ist command. root@sll-servi:~# zfs create -o mountpoint=/crmdata oraclecrm/crmdata root@sll-servi:~# zfs list -r oraclecrm NAME USED AVAIL REFER MOUNTPOINT oraclecrm 137K 2.016 31K /oraclecrm oraclecrn/crmdata 31K 2.016 31K /crmdata You create a file system called crmdata in the oraclecrm pool. In this fle system, you pian to store data in various CRM applications, such as Order Management, Marketing, and Customers. Note that the mount point was specified to be /crmdata for oraclecrm/crndata to be able to access the crmdata file system directly Create new ZFS file systems named oraclecrm/crndata/cust, oraclecrn/crmdata/nktg, and oracleerm/crmdata/om. List the descendant of the oraclecrmfile system. Tootesli-servii-# Zfs create oraclecrm/crmdata/cust rootesll-servi:-# 2£s create oraclecrm/crmdata/nktg root@sil-servi:-# 2f8 create oraclecrm/crndata/on rootesii-servi:-# zfs list -r oraclecrm NAME USED AVAIL ER MOUNTPOINT oraclecrm 254K 2.016 31K /oraclecrm oraclecrm/crmdata 128K 2.016 35K /ermdata oraclecrn/crmdata/cust 31K 2.016 31K /crmdata/cust oraclecrm/crmdata/mktg 31K 2.016 31K = /crmdata/mktg oraclecrm/ermdata/om 31K 2.016 31K /ermdata/om Note: These file systems are created to demonstrate individual file systems for each business application as you will experience on the job. Here you create file systems to store data for the CRM application. The file systems are cust, mktg, and om. Note the used column and the refer column for the new file systems. The file systems are consuming an initial storage space of 31 KB. CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 4: Managing Business Application Data Chapter 4 - Page 11Using the tax command, create a tar bundle that will serve as an example of the business application data. Copy custarchive.. tar to each crmdata file system and the /opt /ora/course_files directory for future use. Note the amount of data used and referenced by these file systems. rootasil-servi:-# tar evE /ermdata/cust/custarchive.tar /usr/demo skipping 1 line a /usr/demo/expect/ 0K a /usr/demo/expect /mkpasswa 6K a /usr/demo/expect/ftp-rfc 1K a /usr/demo/expect/rftp 9K a Jusr/demo/expect/weather 3K rootésll-servi:~# op /ermdata/cust/custarchive.tar \ /erndata/mktg/custarchive.tar rootesii-servi:-# op /crmdata/cust/custarchive.tar \ /erméata/om/custarchive. tar You are saving the data in /opt /ora/course_files so that it will be available to you in the subsequent steps. rootesli-servi:~# cp /ermdata/cust/custarchive.tar \ /opt/ora/course_files/custarchive.tar For training purposes, you are creating application data and placing it in the crmdata file systems. root@sll-servi:-# zfs list -r oracleerm NAME USED AVAIL REFER MOUNTPOINT oraclecrm 4.54M 2.016 31K /oraclecrm oraclecrm/crmdata 4.26M 2.016 35K /ermdata oraclecrn/crmdata/cust 1.41M 2.01G 1.41M /crmdata/cust oraclecrn/crmdata/mktg 1.41M 2.016 1.41M /crmdata/mktg oraclecrn/crmdata/om 1.41M 2.016 1.41M /crmdata/om After placing application data in each file system, you see that all the file systems indicate 1.41 MB worth of storage. Your numbers may be different. CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 4: Managing Business Application Data Chapter 4 - Page 12 Oracle Internal & Oracle Academy Use Only8. Create a recursive snapshot of oraclecrm/crmdata named oraclecrn/crmdataemonday. List the file systems below oraclecrm. Note the amount of space used and referenced by craclecrm/crmdataamonday. root@sll-servi:-# zfs snapshot -r oraclecrm/crmdata@monday Recursively create snapshots of every file system in crméata. The purpose is to create a backup of each file system—that is, cust, mtg and om data, root@sll-servi:~# zfs list -r oraclecrm NAME USED AVAIL REFER MOUNTPOINT oraclecrm 4.39M 2.016 31K /oraclecrm oraclecrn/crmdata 4.26M 2.016 35K /ermdata oraclecrm/ermdata/cust 1.41M 2.016 1.41M /crmdata/cust oraclecrm/ermdata/mktg 1.41M 2.016 1.41M /crmdata/mktg oraclecrm/crmdata/om 1.41M 2.016 1.41M /crmdata/om Now when you try to display the children file systems of oraclecrm recursively, the snapshots are not displayed. Let's take a look at this. root@sil-servi:~# zpool get listsnapshots oraclecrm NAME PROPERTY VALUE SOURCE oraclecrm listsnapshots off default As displayed here, the 1ist snapshot s property is off by default. Let's enable it. rootesll-servl # zpool set listsnapshots=on oraclecrm Now when you display the descendant file systems of oraclecrn, they are displayed. Note one snapshot for each file system and they are all suffixed with amonday—what an easy way to create multiple data backups and identify all of them with the same identifier. root@sll-servi:~# zfs list -r oraclecrm NAME USED AVAIL REFER MOUNTPOINT oraclecrm 4.40M 2.016 31K /oraclecrm oraclecrn/crmdata 4.26M 2.016 35K /ermdata oraclecrn/crmdatagmonday ° - 38K oraclecrm/crmdata/cust 2.41M 2.016 1.42M /ermdata/cust oraclecrn/crmdata/custamonday ° - 14am - oraclecrn/crmdata/nktg 141M 2,016 141M /ermdéata/mkta oraclecrn/crmdata/nktgsmonday ° - 14am = oraclecrn/crmdata/om 141M 2.016 1.41M /crmdata/om oraclecrn/crmdata/omamonday ° - 14am - Note that the newly created snapshots do not use any space (initially) but they do indicate 1.41 MB worth of storage, which includes the data that you placed in each file system. The snapshots initially do not take up any space because they are using the existing file system data pointers. Oracle Internal & Oracle Academy Use Only CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 4: Managing Business Application Data Chapter 4 - Page 139 10. Create another recursive snapshot named oraclecrn/ermaata’ "1 12, 13, Create a file named /crmdata/cust /colochoc. Confirm that the file exists. root@sll-servi:~# touch /ermdata/cust/colochoe ‘You create a file to store data on a customer colochec (for Colorado Chocolate Company). @s1l-servi:~# 1s /ermdata/cust/colochoc /ormdata/cust/colochoc Success! You confirmed that it exists. Note that this file was created after taking a backup on Monday. esday. rootasil-servi:-# 2£s8 snapshot -r oraclecrm/crmdata@tuesday Note that colechoc file will be included in the Tuesday snapshot but not in the Monday snapshot. Attempt to roll back the oraclecrm/crmdata snapshot by using the oraclecrn/crmdatasMonday snapshot. What happens? root@sil-servi:-# 2fs rollback oraclecrm/crmdata@monday cannot rollback to ‘oraclecrm/crmdatagmonday': more recent snapshots exist use '-r! to force deletion of the following snapshots: oraclecrn/crmdatastuesday Notice that more recent snapshots (crmdatastuesday) exist; therefore, you cannot roll back to an earlier snapshot unless you use the -r option that deletes the more recent snapshots till he crmdata@monday snapshot becomes the most recent. Let's not roll back yet. Question: If the oraclecrm/crmdata snapshot was rolled back to the Monday snapshot, what data will be lost? Answer: The file named /ermdata/cust/colechoc will be lost. Delete the file named /crmdata/cust /eolochoc root@sil-servi:-# rm /ermdata/cust/colochoc Remove the customer colochoc to see if you can recover it List the descendant oraclecrm file systems, Roll back the oraclecrn/crmdata/custatuesday snapshot. root@sll-servi:-# zfs list -r oraclecrm NAME USED AVAIL REFER MOUNTPOINT oracleerm 4.4™M 2,016 31K /oracleerm oraclecrm/crmdata 4.30M 2.01G 35K /crmdata oraclecrn/crndataomonday ° = 35K _- CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 4: Managing Business Application Data Chapter 4 - Page 14craclecrn/crmdatastuesday 0 35K oraclecrn/crmdata/cust 45m 2 141M Jerndata/cust oraclecrm/crmdata/custamonday 19K 1.41M oraclecrm/crmdata/custatuesday 19K 1.41M oraclecrn/crmdata/mktg 2.41M 2.016 1.41 Jerndata/mktg oraclecrm/crmdata/mktgamonday ° 141M oraclecrn/crmdata/mktgstuesday ° - 1am - oraclecrn/crmdata/om 1.41M 2.016 1.41M /crmdata/om oraclecrm/crmdata/omemonday ° - 1.4im - oraclecrm/crmdata/ometuesday ° - aim - rootasil-servi:-# zfs rollback oraclecrm/crmdata/custetuesday You rolled back (recovered) to the cust@tuesday backup. Does it include the colochoe customer file? 14. Confirm that /crmdata/cust /colochoc is restored. root@sil-servi:-# 1s /ermdata/cust/colochoc ferndata/cust/colochee Yes, your customer colochoc is restored; because the Tuesday backup was taken after you created this customer, it was in your custetuesday backup. 15. Create a directory named /backup. rootesii -servi mkdir /backup Create a separate directory to store your Monday backups. Your company wants to save these backups offsite because this is the end of the quarter for your company. 16. Use the zfs send command to recursively send the oraclecrm/crmdataemonday snapshot. Save the copy in a file named /backup/oraclecrm.crmdata monday, rootasll-servi:-# ais send Rv oraclecrm/crmdatagmonday > /backup/oraclecrm. crmdata.monday sending from @ to oraclecrm/crmdataamonday sending from @ to oraclecrm/crmdata/omamonday sending from @ to oraclecrn/crmdata/mktgamonday sending from @ to oraclecrn/crmdata/custenonday Now you have only one /backup directory, which contains all the Monday backups. This directory can be archived on tape or sent to another machine on the network. See how simple the command is. Use -R to send all the snapshots in crmdat aenonday. The backed up snapshot naming convention has changed slightly to enable differentiation between the snapshots and the backed up data CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 4: Managing Business Application Data Chapter 4 - Page 1517. Use the 1s -1h command to list the size of the file in /backup. Verify that it approximately matches the size of the space used by the craclecrn/crmdata file systems. root@sil-servi:-# 1s -1h /backup total 1 rwers-r 1 reot root 4.3M Oct 15 08:07 oraclecrn.crmdata. monday root@sll-servi:-# zfs list /crmdata NAME USED AVAIL REFER MOUNTPOINT oraclecrn/crmdata 4.28M 2,016 35K /crmdata Yes, It'does match approximatel 18. Use the zfs send command to send the oraclecrm/crndata/custemonday snapshot to the /backup directory. Then list the size of the snapshot stream. root@sll-servi:-# zfs send oraclecrm/crmdata/cust@monday > / /backup/oraclecrm. crmdata.cust.monday root@s11-servi:~# 1s -1h /backup/oraclecrm.crmdata. cust .monday crw-r--r-- 1 root root 1.4M Oct 15 08:08 /packup/oraclecrm. crmdata.cust .Monday root@s1l-servi:~# zfs list -r oraclecrm NAME USED AVAIL REFER MOUNTPOINT oraclecrn 4.48M 2.016 31K /oraclecrm oraclecrn/ermdata 4.28M 2.016 35K /ermdata oraclecrm/crmdataamonday ° - 35K - oraclecrn/crmdatastuesday ° - 38K - oraclecrn/crmdata/cust 1.43M 2.016 1.41 /erndata/cust oraclecrm/crmdata/custemonday 19K - aim - oraclecrn/crmdata/custetuesday 1K - 24am - oraclecrn/ermdata/mktg 1.41M 2.016 1.41 /eendata/mktg aim - aim - oraclecrn/crmdata/mktgemonday ° 1 oraclecrn/crmdata/nktgetuesday ° 1 oraclecrm/ermdata/om 1.41M 2.016 1.41M /erméata/om oraclecrm/crmdata/omamonday ° 1.41M oraclecrm/crmdata/ometuesday ° a.4im - ‘As you can see, the Monday snapshot for the cust: file system and its Monday backup file consume approximately the same amount of storage space. Oracle Internal & Oracle Academy Use Only CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 4: Managing Business Application Data Chapter 4 - Page 1619, Destroy the oraclecrm/crmdata/cust file system, Confirm whether it is deleted root@sll-servi:-~# zfs destroy -r oraclecrm/crmdata/cust sll-servl:-# zfa liat /crmdata/cust /ermdata/cust: No such file or directory You are destroying the cust file system so that you can test the recover (receive) function. 20. Use the zfs receive command to re-create the oraclecrm/crmdata/cust file system. Confirm the file system recovery by using the zfs list command, zis receive oraclecrm/crmdata/cust < \ > /backup/oraclecrm.crmdata. cust monday root@s1l-servi:-# zfs list /crmdata/oust NAME USED AVAIL REFER MOUNTPOINT oraclecrm/crmdata/cust 1.41M 2.016 1.41M /crmdata/cust This demonstrates that the recovery was successful 21. Use the zfs list command to confirm the recovery of the full /ermdata/cust file system, yootasli-servi:-# af list -r oraclecrm NAME USED AVAIL REFER MOUNTPOINT oracleczm su 2.016 Joraclecrn oracleczm/ermdata 4.20M 2.016 Jorndata oraclecrm/erndatasmonday 0 - - oraclecrm/crndatastuesday 0 - - oraclecrm/crmdata/cust 141m 2.016 1 Jexndata/cust oracleczm/crndata/custamonday 0 - 2 - oraclecrn/crmdata/nktg 141M 2.016 1.41M /ormdata/ktg oraclecrm/crndata/nktgamonday o -1 - oraclecen/crndata/nktgatuesday 0 a oracleerm/crmdata/on 141m 2.016 1 Jorndata/om oraclecrm/crmdata/on@monday 0 - 2 - oracleczm/crmdata/ometuesday 0 - 2 - This concludes the back up and recover exercise. Keep the pool and destroy crmdata and its descendant file systems. You will create new file systems in the next practice. Confirm whether it has been destroyed. root@sll-servi:~# zfs destroy -R oraclecrm/crmdata Oracle Internal & Oracle Academy Use Only CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 4: Managing Business Application Data Chapter 4 - Page 17Practice 4-3: Using a ZFS Clone Overview According to your predeployment test plan, in this practice, you continue to evaluate the data backup and recovery mechanism in Oracle Solaris 11. In Practice 4-2, you worked with the snapshots. In this practice, you work with the ZFS clone functionality. You have a test file system called crmdata and you want to modify it but you want to keep a version of the unmodified file system Tasks 1 4 Verify that the Soli 1-SuperServer and Sol11-Server1 virtual machines are running. This can be determined by viewing the Oracle VM VirtualBox Manager window and checking the run status for each virtual machine. Ifthe virtual machines are not running, start them now. Log in to the Sol11-Servert virtual machine as the oracle user. Use oracle1 as the password, Assume administrator privileges. Execute the zfs 1ist command to display the ZFS file systems that are currently configured in the oraclecrm pool. Create the crmdata file system by using the 2fs create command. root@sll-servi:-# zfs list -r oraclecrm NAME USED AVAIL REFER MOUNTPOINT oraclecrm 116K 2.016 31K /oraclecrm root@sll-servi:-# zfs create oraclecrm/crmdata root@sll-servi:-# zfs list -r oracleerm NAME USED AVAIL REFER MOUNTPOINT oraclecrm 188K 2.016 32K /oraclecrm oraclecrm/ermdata 31K 2.016 31K __/oraclecrm/ermdata Create a snapshot of the crmdata file system. Display the results Check whether the 1 ist snapshots property is enabled so that the snapshots can be displayed. rootasl-serv! zpool get listenapshots oracleerm NAME PROPERTY VALUE SOURCE oraclecrm listsnapshots on local root@sll-servi:~# zfs snapshot oraclecrm/crmdatag0ct11 root@sll-servi:-# zfs list -r /oraclecrm NAME USED AVAIL REFER MOUNTPOINT oraclecrm 372K 2.016 32K foraclecrm oraclecrm/ermdata 31K 2.016 31K /oraclecrm/ermdata oraclecrn/crmdatasoct1t ° 31K CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 4: Managing Business Application Data Chapter 4 - Page 185. Create a clone of the snapshot and confirm the creation Foots#sll-servi:-# 2f@ clone oraclecrm/crmdata@Octil oraclecrm/crmdatal rootits1i-servi:-# zfs list -r /oraclecrm NAME USED AVAIL REFER NOUNTPOINT oraclee: 202K 2.016 33K /oraclecrm oracleerm/crmdata K 2.016 31K /eraclecrm/ermdata oraclecrm/crmdatagocti1 0 - 3k oraclecrm/ermdata2 18K 2.016 31K /oraclecrm/ermdata? Note that the snapshot is not mounted and the clone is. Remember from the previous. exercise that the snapshots (and clones for that matter) do not take up any storage initially. Identify the snapshot and the clone in this display 6. Compare the attributes of the snapshot and the clone. rootasil-servi:-# 1s -1d /oraclecrm/ormdata2 drwxr-xr-x 2 root root 2 Oct 15 08:14 /oraclecrm/crmdata2 # 1s -1d /oraclecrm/crmdata@oct11 /oraclecrm/crndatagoc! No such file or directory root@s1l-servi:-# ed /oraclecrm/crmdata2 rootesil-servl root@s1l-servi: /oraclecrm/crmdata2# touch newcust root@s1l-servi: /oraclecrm/crndata2# 1s newcust The preceding commands demonstrate the major difference between the snapshot and the clone. The snapshot is not available and the clone is available, as well as modifiable. Assuming that you have made the modifications in the clone, look at the space usage of the clone. rootesil-servi:/oraclecrn/crmdata2# ed sll-servl:-# zf@ list -r /oraclecrm NAME USED AVAIL REFER MOUNTPOINT oraclecrm 202K 2.016 33K /oraclecrm oraclecrn/crmdata 31K 2.016 31K /oraclecrm/crmdata oraclecrn/crmdatasoct11 ° 31K oraclecrm/ermdata2 ak 2.016 31K /oraclecrm/crmdata2 Note the used column for the clone. The space utlization has gone up when compared to the same column in step 5. Because you created a file in the clone, it will use more storage to keep track of the new file CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 4: Managing Business Application Data Chapter 4 - Page 198. Now you can proceed with replacing the main file system with the newly modified clone. root@sll-servi:-# zfs promote oraclecrm/crmdata2 root@s1l-servi:~# zfs list -r /oraclecrm NAME USED AVAIL RE! MoUNTPOINT oraclecrm 206K 2.016 /oracleerm oraclecrn/crmdata © 2.016 /oraclecrm/crmdata oraclecrm/crmdata2 50K 2.016 /oraclecrm/crmdataz oraclecrm/ermdata2gocti1 19K If you do the math, the used space of the clone crmdata2 now reflects the total of the main file system crmdata and the clone, that is, 31K + 19K = SOK. This means that the new file newcust in the clone has been added to crmdata, Rename the main file system to crmdatabackup and rename the clone to replace the main file system. Display the results TootGsli-servii-# #fs rename oraclecrn/crmdata oraclecrm/ermdatabackup rootasll-servi:-# 28 rename oraclecrm/crmdata? oraclecrm/crndata root@sli-servi:-# 2£ list -r oraclecrm USED AVATI, REFER MOUNTPOINT 206K 2.016 33K /oraclecrm oraclecrm/crmdata 50K 2.016 31K /oraclecrm/crmdata oraclecrm/crmdataooct11 18K - 3K oraclecrm/crmdatabackup ©9-«2.016_-— «31K _/oraclecrm/ermdatabackup Now you have the datasets that reflect the modified picture. If you need to go back to the previous version of crmdata, it is saved as crmdatabackup. This method is useful when you want to maintain the previous version of the data or overlay the production file system with modified data 10. Destroy craclecrm by using the zpool destroy command. Confirm the action. woot@sil-servi:- gpool destroy oracleerm root@s1l-servi:~# zpool list NAME SIZE ALLOC FREE CAP DEDUP HEALTH ALTROOT rpool 326 10.66 21.46 33% 1.00x ONLINE You will start fresh in the next practice. CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 4: Managing Business Application Data Chapter 4 - Page 20Practice 4-4: Configuring ZFS Properties Overview According to your predeployment test plan, in this practice, you check to see how share, quotas, and reservation and data compression techniques work in Oracle Solaris 11 While working with the quota and reservation properties, you create a new user, make the home directory a ZFS file system, and set the properties on the user's file system. Task 1: Configuring Quota and Reservation Properties 1. Verify that the Sol11-SuperServer and Sol11-Servert virtual machines are running. 2. Log into the Sol11-Servert virtual machine as the oracle user. Use oracle1 as the password. Assume primary administrator privileges. 3. Run the zpool 1ist command to check the pools available. Use zfs 1ist to display the file systems available. Footw#sli-servi:-# spool list NAWE STZB ALLOC FREB CAP DEDUP HEALTH ALTROOT pool 226 10.66 21.46 33% 1.00x ONLI servi:-# zfs list root@s11-reot@s11 NAME USED AVAIL REFER MOUNTPOINT zpool 10.6¢ 20.86 39K /zpool ‘pool /ROOT 3.236 20,96 31K legacy rpool/ROOT/solaris 3.236 20.96 3.046 ‘pool /dump 1.036 20.96 rpool/expert 5.35¢ 20.96 /export, zpool/expert /TPS 5.35¢ 20.86 5 Jexport /TPS zpool/export/home 74K 20.96 Jexport /nome jool/export/home/oracle 34K 20.96. rpool/swap 1.036 20.96 Jexport, Note that the /export /home file system is designed to store the file systems that become the home directories for users. 4. Now you can create the new user gail and use the ZFS file system as Gail's home directory. root@sil-servi:-# useradd -u 2000 -g 10 -d /export/home/gail -m gail 80 blocks root@sil-servi:-# 1s -1d /export/home/gail drwxr-xr-x 2 gail staff 7 oct 15 08:22 Jexport/nome/gail Note: Create this user only if itis not already there. CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 4: Managing Business Application Data Chapter 4 - Page 215. 6. 7. Set a storage quota of 2 MB for Gail ootesii-sexvi:-f zfs set quota-2M rpool/export/home/gail root@sll-servi:-# zfs get quota rpool/export/home/gail NAME PROPERTY VALUE SOURCE zpool/export/home/gail quota 2M ~— local rootasii-servi:-f zfs List /export/home/gail NAME USED AVAIL REFER MOUNTPOINT zpool/export/home/gail 35K 1.97 35K _/export/home/gail rootesil-servi:-# af -h /export/home/gail Filesystem Size Used Available Capacity Mounted on xpool /export /home/gail 2.0K 35K 20M 28 Jexport /home/gail Note the available space for Gail as displayed by multiple commands. ‘Switch to Gail's account and create some files to test the storage limit yootesil-servi:-# su - gail oracle Corporation sunos 5. snv_173 August 2011 sll-servl:-§ mkfile 1m /export/home/gail/crmindex @si1-servi:~¢ 1s -1 /export/home/gail/crmindex - lgail staff 1048576 oct 15 08:24 /export /nome/gail/ermindex You needed to create a 1 MB file to store the CRM index information. Gail is within her storage quota; so there are no issues. Create more files in Gail's account to test the storage limit Tesil-serv! ga. $ mkfile 2m /export/home/gail/ermdoc /export/home/gail/crmdoc: initialized 917504 of 2097152 byt. Dise quota exceeded Here you have only 1 MB left in the quota. The system allocated the requested amount but initialized only enough storage to meet the quota. It could spell potential problems if you use up all the allocated space. gailesil-servi:-§ 1a -1 /export/home/gail total 4112 srw------- 1 ga staff 2097152 Oct 15 08:24 ermdoc stw------- 1 gail staf€_—-1048576 oct 15 08:24 crmindex crw-r--r-- 1 gail staff 168 Oct 15 08:22 local.cshre crw-r--r-- 1 gai staff 175 Oct 15 08:22 lecal.login xwer--r 1 gail staff 135 Oct 15 08:22 local. profile ga: $ mkfile 2m /export/home/gail/crmreg Could not open /export /home/gail/crmreq: Disc quota exceeded s11-serv! CaRVIGHTS 207, OFS SnIGT Te SINGS. AI TE REET Practices for Lesson 4: Managing Business Application Data Chapter 4 - Page 22This is as expected. @sil-servi:~$ 1s -1 /export/home/gail 1 4112 -rw- - liga: staff 2097152 Oct 15 08:24 crmdoc -rw- - 1 gail staff 1048576 Oct 15 08:24 crmindex wers-r a gail staff 168 Oct 15 08:22 local.cshre rwersor 1 gail staff 1758 Oct 15 08:22 local.login xwer--r gail staff 135 Oct 15 08:22 local.profile Gail is now working on a different project and needs to reserve 10 MB of storage. So now, as the administrator, you want to make storage reservation for Gail gailesil-servi:~§ exit logout root@sil-servi:-# zfs set reservation=10M rpool/export/home/gail cannot set property for ‘rpool/export/home/gail': size is greater than available space From the preceding steps, you know that Gail's available space has been used up and the quota limit is still in force; therefore, you cannot make the storage reservation. Remove the quota and the data files, and check the space utilization of the file systems. root@sll-servi:-# zfs set quotasnone rpool/export/home/gail This will clear the quota property. Gail can create datasets of any size that are not to exceed the total pool storage available. root@sil-servi:-# 2f8 get quota rpool/export/home/gail NAME PROPERTY VALUE SOURCE rpool/export/nome/gail quota none local # rm /export/home/gail/* # zfe list /export/home/gail SED AVAIL REFER MOUNTPOINT rootes11-serv: rootas11 -serv’ NAME rpool/export/home/gail 33.5K 20.9G 33.5K /export/home/gail ‘The used column shows the current space usage since the files were deleted. rootesll-servl:-# zfs list /export/home NAME USED AVAIL REFER NOUNTPOINT rpool/export/home 108K 20.96 41K /export/home Note that the used column currently shows 108K of storage used. CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 4: Managing Business Application Data Chapter 4 - Page 2310, Reserve 10 MB of storage for Gail root@sil-servi:-# 2f@ set reservation=10M rpool/export/home/gail root@s1l-servi:~# zfs get reservation rpool/export/home/gail NAME PROPERTY VALU. SOURCE rpool/export/nome/gail reservation 10M local Confirmed! 11. Now check the file systems. rootasli-servi:- ais list /export/hone/gail NAME USED AVAIL REFER MOUNTPOINT xpool/export/home/gail 33.5K 20.96 33.5X_/export/home/gail Note that the reserved space has not been added to Gail's home directory. rootesll-servl:-# af list /export/home NAME 3D AVAIL REFER MOUNTPOINT rpool/export/home 10.1M 20.86 41K /export/home However, note that space has been reserved in /export /home, which is the parent dataset. This demonstrates that reservations are considered in the used disk space calculation of the parent dataset, Task 2: Configuring the Share Property Note: In this task, you share Gail's home directory. In this situation, an assumption is made that her home directory contains an application documentation that is required by other users in other locations on the network. In real world, you may have another application directory for this purpose, which may need to be shared, 1. Verify that the Sol11-SuperServer, Sol11-Server1, and Sol11-Desktop virtual machines are running. You will need all three VMs in this task 2. Log into the Sol11-Servert virtual machine as the oracle user. Use oracle1 as the password, Assume administrator privileges. 3, Run the zpool list command to check the pools that are available. Use zfs list to display the file systems that are available. Create a file in Gail's directory. rootasli-servi:-# spool list NAME SIZE ALLOC FREE CAP DEDUP HEALTH ALTROOT rpool 326 10.6G 21.46 33% 1.00x ONLT root@sii-servi:-# 2f6 list NAME AVAIL REFER MOUNTPOINT zpool 20.86 /xpool 01 /ROOT 20.86 legacy rpool/ROOT/solaris 20.8 / zpool/dump 20.86 zpool/export 20.96 Jexport CoRIGRTS BOTT, OFS SGT Te ANGST TE HERTS Practices for Lesson 4: Managing Business Application Data Chapter 4 - Page 244 5. zpool/export/IPS 5.356 20.86 5.356 /export/IPS rpool/export /home 10.1N 20.86 41K /export/home zpool/export/home/gail 33.SK_ 20.8 33.8K /export/nome/gail pool/export/home/oracle 34K 20.86 34K _/export/home/oracle rpool/swap 1.036 20.86 1.006 - root@sil-servi:-# cd /export/home/gail root@s11-servi:/export/home/gail# touch crmreq In Gail's home directory, you created the crmrea file, Using the chmod command, change the permissions on Gail's home directory. Pootasli-servi: /export/home/gail# chned 777 /export/home/gail rootesii-servi: /export/home/gail# 1s -14 /export/home/gail Grwxrwxrwx 2 gail staft 4 Oct 15 08:27 /export/home/gail You are setting these permissions only for training purposes. In real world, you will use appropriate permissions as required by your business environment and the policies. Share her home directory with other users on the network, Footsil- servi: Jexport/hone/gaill #f8 set sharenfecon rpool/export/hone/gail Enable the share property on /export /home/gail root#si1-serv2:/export /home/gailt share recs smb Remote IPC export_home_gail /expo! home/gail nfs secesys, This confirms that the file system is being shared. rootesi1-ser /export/hone/gail# sves -a | grep nfs disabled 7:21:46 sve: /network/nfs/chd:default :21:46 sve: /network/nfs/client :default 1:31:55. svc: /network/nts/ 1:31:56 sve: /network/nfs/zquota:default tus:default 1:31:56 sve: /network/nfs/mapid:defaw 1:31:56 sve: /network/nfs/nlockmgr default efault 32:00 sve: /network/nfs/server The system has brought the NFS server online. It is always a good idea to check this. Note: You may need to manually share the NFS file system if it fails to do so automatically In case the NFS server is not enabled, issue this command: # share -F nfs -o rw /export/home/gail CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 4: Managing Business Application Data Chapter 4 - Page 256. Log into the Sol11-Desktop virtual machine as the oracle user. Use oraclet as the password. Assume administrator privileges. Check if you can see the share root@sil-desktop:-# dfshares sll-servi RESOURCE SERVER ACCESS TRANSPORT s11-servi: /export /nome/gail gll-servl - - Yes, you can see the resource shared by the s11-servi server. 7. Create the mount point and mount the shared resource. root@sii-desktop:-# mkdir /gaildiz root#s11-desktop:-# mount -f nfs s1l-serv: oot@s11-desktop:-# ed /gaildir root@sli-desktop:/gaildir# 18 ‘export /home/gail /gaildir crmreq You can see the shared file crmreq in Gail's home directory. root@sll-desktop:/gaildir# touch ermdata rootasi1-desktop:/gaildir# 1s crmdata crmreq You can create another file in the shared directory, meaning you have read/write access. 8. Because you have finished working with Gail's directory, you can unmount it. rootasil-desktop:/gaildir# ed rootasii-desktop:-# umount /gaildir 9. Return to the s11-serv1 VM and stop sharing the directory. rootasil servi:-# zfs set sharent ££ rpool/export/home/gail Task 3: Configuring ZFS Compression 1. Verify that the Sol11-SuperServer and Sol11-Servert virtual machines are running. .og in to the Sol11-Server1 virtual machine as the oracle user. Use oracle1 as the password. Assume primary administrator privileges. 3. Using the command zpool, create the oraclecrm pool. Run the zfs list command to list the space currently used by oraclecrm. Make a note of the value indicated yootasil-servi:-# zpool list NAME SIZE ALLOC FREE CAP DEDUP HEALTH ALTROOT rpool 326 10.6 21.4G 33% 1.00x ONLINE - root@sll-servi:~# zpool create oraclecrm c7t2d0 c7t3d0 ‘oraclecrm! successfully created, but with no redundancy; of one device will cause loss of the pool ilure root@sll-servi:~# zfs list -r oraclecrm NAD USED AVAIL REFER MOUNTPOINT oraclecrm a@K 2.016 31K /oraclecrm Currently, you have the pool available to you with no other file systems, which you confirm by using the -r option. CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 4: Managing Business Application Data Chapter 4 - Page 267. 8 Use the 1s command with the -1h options to list the size of the archive file in /opt /ora/course_files. Make a note of it, Footesil-servi:-# 1s -Ih /opt/ora/course files/custarchive.tar -rwxrwxrwx 1 root root 1.3M Oct 15 2012 /opt/ora/course_files/custarchive. tar The new file takes up approximately 1.3 MB. Create a directory named /oraclecrm/cmp to hold the files that you will copy to the file system rootasil-servi:-# mkdir /oraclecrm/emp This directory will be used to store the compressed customer data root@sll-servi:~# Use the zfs get command to display the current settings of the compression and compressrat io properties for oraclecrm. Verify that compression is off and the compression ratio is 1.00x. Footesll-servi NAME PROPERTY VALUE SOURCE oraclecrm compression of f default % zfs get compression, compressratio oraclecrm oraclecrm compressratio 1.00x - The compression property is set to off by default. Because compression is off, the compressrat io property is set to 1 .00x. A ratio of 1-1o-1 for data means no compression. Copy /opt/ora/course_files/custarchive. tar to Joraclecrm/cmp/custarchive .tar. List the file to display its size. rootasil-servi:/# ep /opt/ora/course_files/custarchive.tar \ /oraclecrm/cmp/custarchive.tar rootesli-servi:~# 1s -1h /oraclecrm/cmp total 2567 crwxr-xr-x 1 root root 1.3M Oct 15 09:09 custarchive.tar After copying the file into the pool, it consumes approximately the same space. Use the zfs 1ist command to list the space used by oraclecrm. Does the space used match the size of /oraclecrm/cmp/custarchive.tar? root@sll-servi:-# zfs list oraclecrm NAME, USED AVAIL REFER MOUNTPOINT oraclecrm 1.34M 2.016 1.28M /oracleerm Yes, the zfs List command also confirms the same space consumption. CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 4: Managing Business Application Data Chapter 4 - Page 279. Use 2fs get to verify that the compression ratio for oraclecrm is stil 1.00x. root@sll-servi:-# zfs get compressratio oraclecrm NAME PROPERTY VALUE SOURCE oraclecrm compressratio 1.00x - Yes, conpressratio is still unchanged 10. Set the compression property for oraclecrm to gzip and verify that the new value is set. root@sil-servi:-# zfs set compression«gzip oraclecrm root@sll-servl:-# zfs get compression oraclecrm NAME PROPERTY VALUE SOURCE oraclecrm compression gzip local You set the compression property on oraclecrm file system to gz ip. Now notice the space usage of the files, which get stored in the oraclecrm file system. rootésll-servi:-# zfs set compression=ggg oraclecrm cannot set property for ‘oraclecrm’: ‘compression’ must be one of ‘on | off | zlet laje | gzip | gzip-(2 The purpose of this command is to demonstrate the different types of compression property values that are available. You intentionally specify ggg so that you can see valid property values. Optionally, you can experiment with these compression types and compare the compression ratio. 11. Copy /opt/ora/course_files/custarchive.tar to / oraclecrm/cmp/archive2. tar. List all the files in /oraclecrm/cmp to display their sizes. Are the files in /oraclecrm/cmp the same size? Tootesliservii-# ep /opt/ora/course files /custarchive. tar /oraclecrn/cnp/archive2.tar rootesii-servi:-# 1s -1h /oraclecrm/emp total 3529 crwxr-xx-x 1 root root 1.3M Oct 15 09:11 archive2.tar crwxr-xr-x 1 root root 1.3M Oct 15 09:09 custarchive.tar Yes, they are equal as displayed by the 1s command. 12. Use the zfs 1ist command to list the space used by oraclecrm. Does the space used st match the sum of the size of the two files? No, the output reports a smaller size than the um of the two files. woot@sil-servi:- fe list oraclecrm NAME, USED AVAIL REFER MOUNTPOINT craclecrm 1.81M 2.016 1.75M /oraclecrm With reference to the preceding step, the sum of the space utilized by the two files would be 2.6 MB as against 1.81 MB displayed by the 2fs 1ist command. Pract CaRTTGRTS BOT, OFS STG SNS A TE ERT 288 for Lesson 4: Managing Business Application Data Chapter 4 - Page 2813. Use the zfs get. command to display the current setting of the compressratio property for oraclecrm. Notice that compressionrat io is now 1.55x. root@sll-servi:-# zfs get compressratio oraclecrm NAME PROPERTY VALUE SOURCE oraclecrm compressratio 1.58% The ratio is 1. 55x, which means that data is being compressed at a ratio of 1.55-1 (approximately 64%). 14, Copy /opt/ora/course_files/custarchive.tar to /oraclecrm/cmp/archive3 . tar. List all the files in /oraclecrm/cmp to display their sizes. Are the files in /oraclecrm/cmp the same size? root@sil-servi:-# ep /opt/ora/course files/custarchive.tar /oraclecrm/cmp/archive3.tar root@s11-servi:~# 1s -1h /oraclecrm/cmp total 3530 -rwxr-we-x 1 roe! root 1,9M Oct 15 99:11 archiver Ewar-xr-x L root oot, L.2M Oct 15 09:12 archives tar crwer-xr-x 1 root Foot L.3M cet 15 99:09 custarchive.tar Yes they are. 15. Use the du -h command to display the space used by the files in /oraclecrm/emp. How does the amount of space used by these files compare? roota@siil-servi:-# du -h /oraclecrm/emp/* 353K /oraclecrm/cmp/archive2.tar 353K /oraclecrm/cmp/archive3.tar 14M /oraclecrm/emp/custarchive.tar The custarchive . tar file uses the same space as the 1s -1 command indicates. The other two files show a percentage of the original size of the files. The custarchive. tar file was created in the cmp file system before enabling compression. This was done intentionally, so that you can see the difference between space usage by compressed and uncompressed files. 16. Use the zfs get command to display the current value of the compressrat io property for oraclecrm. What is the current compression ratio? How has it changed and why? rootasil-servi:-# 2fs get compressratio oraclecrm NAME PROPERTY VALUE SOURCE oraclecrm compressratio 1.98x - The compression ratio is now 1 . 90x. It has increased with the addition of the second compressed file. A larger portion of the data in the pool is now being compressed. This demonstrates that as you add more data files in a ZFS file system with compression enabled, compression would further reduce space utilization CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 4: Managing Business Application Data Chapter 4 - Page 2917, Remove the /oraclecrm/cmp/custarchive. tar file rootesil-servi:-# xm /oraclecrm/cmp/custarchive.tar 18. Use the zfs get command to display the current value of the compressrat io property for oraclecrm. What is the current compression ratio? How has it changed and why? rootasil-servi:-# zfs get compressratio oraclecrm NAM PROPERTY VALUE SOUR oraclecrm compressratio 3.86% - ‘The compression ratio has increased again with the removal of the uncompressed file. 19. Use the zfs 1ist command to list the space used by oraclecrm, and du -h to list the space used by the remaining two files in /oraclecrm/cmp. Does the refer value reported by zfs list reflect the sum of the space used by the two files in /oraclecrm/cmp? root@sll-servi:-~# zfs list oraclecrm NAME SED AVAIL REFER MOUNTPOINT craclecrm 800K 2.016 738K /oraclecrm root@sll-servi:~# du -h /oraclecrm/cmp/* 353K /oraclecrm/cmp/archive2.tar 353K /oraclecrm/cmp/archive3.tar Yes, the two values are correlated. 20. Using the zpool destroy command, delete the oraclecrm pool. Confirm the action. root@sil-servi:-# 2pool destroy oraclecrm sll-servi:-# zpool list NAME SIZE ALLOC FREE CAP DEDUP HEALTH ALTROOT rpool 326 10.6 21.46 33% 1.00x ONLINE - Destroy the pool because you have finished using it, CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 4: Managing Business Application Data Chapter 4 - Page 30Practice 4-5: Troubleshooting ZFS Failures Overview In this practice, you will work with ZFS device and data problems. For demonstration purposes, you will simulate the problems and correct the problems. This practice includes the following activities: * Troubleshooting ZFS device issues + Troubleshooting ZFS data errors Task 1: Troubleshooting ZFS Device Issues This task includes the following activities: + Creating ZFS components ‘+ Configuring syslog for Fault Manager (FMD) messages + Troubleshooting a ZFS device error in a raidz pool Task 1A: Creating the ZFS Components Verify that the Sol11-SuperServer and Sol11-Server1 virtual machines are running, If the Virtual machines are not running, start them now. 2. Log into the Sol11-Servert virtual machine as the oracle user. Use oracle1 as the password. Assume primary administrator privileges. oracleasii-servi:-$ su - Password: root@s1l-servi:~# 3. Using the zpool commands, create a raidz pool with three virtual devices. Verify the results. rootesil-servi:-# format Searching for disks...done AVAILABLE DISK SELECTIONS 0. eTe0d0 /pci#0,0/pcia0s6,282984/dick20,0 1. c7:2d0 /pci a0, 0/poi 8086 ,282986/di ska2,0 2. c7¢3d0 /pciad,0/pciaoss, 28298d/diskas,0 3. eTeado ipcis0,0/peie0s, 28298d/dieke4,0 dO 80,0/pci8086, 282984/di9ks5,0 dO 80, 0/pci ans, 282984/diska6,o ‘VBOK HARDDISK-1.0 cyl 529 alt 2 hd 128 sec 32> /pcie,0/pcisse ,282986/dicke7,0 7. cTe8d0 CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 4: Managing Business Application Data Chapter 4 - Page 315. 0, 0/peia0ee ,a82ea/aiaKee,O 8. cTt9d0 /var/tmp/vtoc5.orig roots1i-servi:-# prtvtec /dev/rdsk/c7t5d0 > /var/tmp/vtocS Note that you have saved a copy of c7¢5d0 vtoc to two files because you will modify the /var/tmp/vtocs file and keep /var/tmp/vtocS .orig as a copy of your original ‘toc configuration. Delete the slice 0 configuration from vtoc (the highlighted entry in the preceding step). rootésli-servi:~# vi /var/tmp/vtocS Verify that the slice 0 line is deleted. rootésli-servi:~# tail /var/tmp/vtocS * 10: read-only * Unallocated space + First Sector Last * sector count Sector * 34 222 255 * First Sector Last * Partition Tag Flags Sector count Sector Mount Directory a oo ©. 2158559 16384 2174942 Is the slice 0 line available? No, it has been deleted. ‘What is the purpose of deleting this entry? So that you can simulate a device problem The system will not be able to use this disk because its vtoc configuration is not available, thus affecting the ZFS pool CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 4: Managing Business Application Data Chapter 4 - Page 35Use the fmchard command to copy the modified vt.oc to the disk. root@sil-servi:-# fmthard -s /var/tmp/vtocS /dev/rdsk/c7t5d0s0 fmthard: New volume table of contents now in place What is the purpose of this command? To overlay the current c7t5d0 vtoc Repeat steps 1 and 2 in the current task Question: Why is the system showing disk c7t5do, whereas its vtoc is corrupted? Answer: Because the system is working with vtoc and its configuration from memory. You need to recycle the disk. Using the zpool command, take the disk offline and attempt to put it back online. Display the status of the pool. root@sil-servi:-# 2pool offline assetpool c7t5d0 root@s1l-servi:~# zpool online assetpool c7t5d0 warning: device 'c7tSd0' enlined, but remains in faulted use 'zpool replace’ to replace devices that are no longer present te rootesli-servi:~# zpool status ai pool: agsetpool state: DEGRADED status: One or more devices could not be used because the label is missing ox tpool invalid. Sufficient replicas exist for the pool to continue functioning in a degraded state action: Replace the device using 'zpool replace’ see: http://www. sun. com/msg/ZPS-8000-47 scan: none requested config NAME, STATE assetpool DEGRADED 00 raidzl-0 DEGRADED 09 0 0 c7t3d0 ONLINE - - c7tado ONLINE e7t5d0 UNAVAIL - - - corrupted data errors: No known data errors In your raidz pool, is disk <7¢5d0 available? No, itis inaccessible. Note that the message displayed on your system may be different. CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 4: Managing Business Application Data Chapter 4 - Page 36 Oracle Internal & Oracle Academy Use Only8 Using the more command, view the contents of your log file /var/adm/messages.. fma. root@sll-servi:~# more /var/adm/messages. ima Aug 19 18:02:13 sli-desktop fmd: [1D 377184 daemon.error) SUNW. MSG-ID: ZFS-8000- D3, TYPE: Fault, VBR: 1, SEVERITY: Major Aug 19 18:02:13 s1i-desktop EVENT-TIME: Fri Aug 19 18:02:13 MDT :02:13 sli-desktop PLATFORM: VirtualBox, CSN: 0, sli-desktep sli-desktop SOURCE: zfs-diagnosis, REV: 1.0 sli-desktop EVENT-ID: ¢828b991-bef0-4a87-da9d- 02: Aug 19 18:02: #8ed3262051¢ Aug 19 18:02:13 sli-desktop DESC: A 2: //sun.con/ msg/ZPS-8000-D3 for more information Aug 19 18:02:13 s1i-desktop AUTO-RESPONSE: No automated response Aug 19 18:02:13 sli-desktop IMPACT: Fault tolerance of the pool may be compromised. Aug 19 18:02:13 sli-desktop REC-ACTION replace the bad device device failed. Refer t Run ‘zpool status -x' and ‘The FMD facility logged the device corruption messages in the configured file 9. Using the zpool command, replace the faulty disk with an available disk. Clear any pool- level errors logged by ZFS. Verify the results. S11 -serv. # zpool replace assetpool c7tsd0 c7t2a0 Which disk is replacing which disk? You are replacing ¢7t5d0 with o7t2d0. rootesil-servi:-# 2pool clear assetpool root@s1l-servi:~# zpool status assetpool pool: assetpool state: ONLINE scan: none requested config NAME STATE READ WRITE CKSUM, assetpool ONLINE ° ° ° vaidzl-0 ONLINE ° ° ° c7t3d0 ONLINE - - - c7t4do ONLINE - - - e7t2d0 ONLINE - - - CaRVIGHTS 207, OFS BMGT Te AINSI. HE WERT Practices for Lesson 4: Managing Business Application Data Chapter 4 - Page 37 Oracle Internal & Oracle Academy Use Onlyerrors: No known data errore Has the faulty disk been replaced? Yes Is the pool healthy? Yes 10. Using the scrub command, have ZFS streamline the data in the raidz pool. root@sil-servi:-# zpool scrub assetpool root@sll-servl:~# zpool status assetpool pool: assetpool state: ONLINE scan: scrub repaired 0 in 0hOm with 0 errors on Fri Aug 19 18:05:55 2012 config NAME STATE READ WRITE CKSUM assetpool ONLINE ° ° o vaidzl-0 ONLINE ° ° ° c7t3d0 ONLINE - - - c7t4d0 ONLINE - - - c7t2d0 ONLINE - - - errors: No known data errors Your display may be a bit different. ‘What is the purpose of the scrub operation? To ensure data population on the new disk 11. Using the zpool command, destroy the pool asset pool root@sil-servi:~# zpool destroy assetpool. Task 2: Troubleshooting ZFS Data Errors in a Mirror Pool In this task, you inject errors in your data file. Then you implement corrective measures to make sure that the data is restored from the mirror copy. The following activities are covered in this task: + Running an explicit scrub + Restoring data from the mirror backup 1. Verify that the Sol11-SuperServer and Sol11-Serv1 virtual machines are running. If the virtual machines are not running, start them now. 2. Log into the Sol11-Serv1 virtual machine as the oracle user. Use oracle1 as the password. Assume administrator privileges. oracleaSii-servi:-§ eu - Password: oraclel # rooteS1l-servl. CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 4: Managing Business Application Data Chapter 4 - Page 383. Use the zpool command and create a mirror pool. Check the health of the pool Footasll-servir~# spool create assetpool mirror e7t3d0 c7e4d0 spare c7e5d0 root@sll-servl:~# zpool status assetpool pool: assetpool state: ONLINE scan: none requested config: NAME sv READ WRITE CKSUM, assetpool ONLINE ° ° ° mizror-0 ONLINE ° ° ° c7t3d0 ONLINE - - - e7tado ONLINE spares c7tsd0 AVAIL errors: No known data errors 4. Use the tar command to create a demonstration data file. Let it generate data for a minute or more, and then break the command. rootesli-servi:-# tar eve /assetpool/data.tar /usr jusr/bin/nvidia-xconfig /usr/bin/alacarte /usr/bin/iceauth /usr/bin/ps2ascii Jusr/bin/gvés-mount /usx/bin/pmap /use/bin/smproxy /usr/bin/pkglint /usr/bin/nautilus-connect -server Jusr/bin/ lui rootssli-servi:-# af -h | grep asset asaetpool 1o16M 1.3m 015M «18 /assetpool For demonstration purposes, you are creating a data file with significant amount of data init Your display may differ slight CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 4: Managing Business Application Data Chapter 4 - Page 395. 6. 7. Using the prt vtoc command, save vtoc of the first disk, root@sll-servi:-# prtvtoc /dev/dsk/c7t3d0 > /var/tmp/vtoc3 You are saving this vtoc because when you corrupt the data in the next step, the vtoc. will also be corrupted. You will then need to restore it, Using the da command, corrupt the data on the first disk. root@sil-servi:-# dd ifs/dev/zero of=/dev/dsk/o7t3d0 bs=8192 count=10000 convsnotrunc 10000+0 records in 10000+0 records out If you are not familiar with the dd command, refer to the man pages. Using full blocks, ou are overlaying 10,000 blocks of 8 kilobytes with zeros. Using the tar command, display your data. Footesli-servii-# tar eve /ai jtpool/data. tar drwxr-xz-x root/sys 2011-07-16 17:34 usr/ 2011-07-16 17:34 usr/tmp -> ../var/tmp 2011-07-16 17:34 usr/mail -> ../var/mail 2011-07-16 17:34 usr/snadm/ Lewxrwxcwx root /zoot Lewxrwxcwx root /zoot arwxr-xz-x root /bin ° Is your data stil there? Yes Using the zpool command, display the status of the pool. root@sil-servi:-# 2pool status assetpool pool: assetpool state: ONLINE status: One or more devices has experienced an unrecoverable error. An attempt was made to correct the error. Applications are unaffected. action: Determine if the device needs to be replaced, and clear the errors using 'zpool clear' or replace the device with 'zpool replace’. see: Attp://www.sun.com/msg/ZPS-8000-9P scan: none requested config NAME STATE D WRITE CKSUM assetpool ONLINE ° ° ° CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 4: Managing Business Application Data Chapter 4 - Page 40wirror-0 ONLINE ° ° 0 e7t3d0 ONLINE - - - c7t4do ONLINE - - - e7tSd0 AVATL errors: No known data errors Notice the error messages, 9. Attempt to correct the issues. Use the zpool command, try to clear the errors, and scrub the pool root@sll-servi:-# zpool offline assetpool c7t3d0 root@s1l-servi:~# zpool online assetpool c7t3d0 sll-servl:-# zpool clear assetpool Note: Press Return to go back to the command prompt after putting the device back online. 10. Using the zpoo1 command, display the pool's status. Sll-servi:-} zpool status assetpool assetpool DEGRADED one or more devices has experienced an unrecoverable error. An attempt was made to correct the error. Applications are unaffected action: Determine if the device needs to be replaced, and clear the errors using 'zpool clear’ or replace the device with 'zpool replace! see: http://www.sun.com/msg/ZFS-8000-9P scan: resilvered 22.4M in 0hOm with 0 errors on Sun Oct 08:56:42 2011 NAME STATE READ WRITE CKSUM, assetpool DEGRADED ° ° mizror-0 DEGRADED o ° spare-0 DEGRADED - - - e7t3d0 DEGRADED - - c7tsd0 ONLINE - - - e7t4do ONLINE - - - too many errors c7tsdo INUSE currently in use Oracle Internal & Oracle Academy Use Only CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 4: Managing Business Application Data Chapter 4 - Page 41"4 errors: No known data errore Is the pool functional? Yes ‘What actions has ZFS taken? Due to data errors, it has placed the first disk in the degraded state and substituted it with the spare. Note the amount of data resilvered Using the zpool command, detach the spare disk, clear the errors, and display the poo'’s health. ‘ootasli-servi:—# fmthard -s /var/tmp/vtoc3 /dev/zdsk/e7e3d0 hard: New volume table of contents now in place root@sl1-servi # zpool clear assetpool rootas11-servi # zpool scrub assetpool rootasli-servi:-# zpool status assetpool pool: assetpoc’ fe: ONLIW: status: One or more devices has experienced an unrecoverab’ Applications are unaffected attempt was made to correct action: Determine if the device needs to be replaced, and clear the errors using 'zpool clear! or replace the device with 'zpool replace! see: http://www. sun, com/msg/ZPS-8000-92 scan; scrub repaired 7.64M in OhOm with 0 errors on Sun Oct 16 08:58:41 2011 config NAME STATE READ WRITZ CKSUM assetpool ONLINE o 0 0 mirror-0 ONLINE o 0 oO e3d0 ONLINE e7t4d0 ONLINE e3tsd0 AVAIL errors: No known data errors -servi:-# zpool clear assetpool -servi:-# zpool status assetpool assetpool ONL TN: scan: scrub repaired 7.64M in OhOm with 0 errors on Sun Oct 1) 08:58:41 2011 config NAME, STATE READ WRITE CKSUM assetpool ONLINE o 0 mirror-0 ONLINE oo CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 4: Managing Business Application Data Chapter 4 - Page 42 Oracle Internal & Oracle Academy Use Only7e2d0 ONLINE = — 7t4d0 ONLINE, - - 7t3d0 AVAIL errors: No known data errors By detaching the spare, you are back to using the main disks in the mirror. The data has been resilvered on the first disk, 12. Using the tar command, display your data. root@sll-servi:-# tar tvE /assetpool/data. tar drwxr-xe-x root/sys 2011-07-16 17:34 usr/ 2011-07-16 17:34 usr/tmp -> ../var/tap 2011-07-16 17:34 usr/mail -> ../var/mail 2011-07-16 17:34 usr/snadm/ Lewxrwxrwx root /zoot Lewarwxrwx root /root xx root /b: Is your data still there? Yes This concludes the data correction exercise CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 4: Managing Business Application Data Chapter 4 - Page 43 Oracle Internal & Oracle Academy Use OnlyCaRATGRTS BOT, OFS HoT BINGE A TE ETS, Practices for Lesson 4: Managing Business Application Data Chapter 4 - Page 44 Oracle Internal & Oracle Academy Use OnlyPractices for Lesson 5: Configuring Network and Traffic Failover Chapter 5 CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 5: Configuring Network and Traffic Failover Chapter 5 - Page 1 Oracle Internal & Oracle Academy Use OnlyPractices for Lesson 5 Practices Over Following the predeployment test plan, it is now time to review the Oracle Solaris 11 networking functionality. Your company's business applications, such as Oracle CRM, work with the data that is being transmitted via the network interfaces configured on server and client hosts. Because you will be monitoring the transaction traffic load and managing the network interfaces, itis critical for you to know how the networking is configured. To provide you an orientation with the network, the following topics are covered in this practice: Modifying the NWAM configuration Configuring the network file system Configuring the link aggregation Implementing link failover by using IP multipathing Let's look at our checklist to see where we are. You have just completed managing the business application data and you are now ready to test the network configuration and network failover. v Oracle Solaris 11 Predeployment Checklist Managing the Image Packaging System (IPS) and Packages Installing Oracle Solaris 11 on Multiple Hosts Managing the Business Application Data Configuring Network and Traffic Failover Configuring Zones and the Virtual Network Managing Services and Service Propertios Configuring Privileges and Role-Based Access Control ‘Securing System Resources Using Oracle Solaris Auditing Managing Processes and Priorities Evaluating System Resources Monitoring and Troubleshooting Software Failures CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 5: Configuring Network and Traffic Failover Chapter 5 - Page 2Practice 5-1: Managing NWAM Overview Network Auto-Magic (NWAM) is a technology that simplifies and automates network configuration on Oracle Solaris 11. The key NWAM components are the network profiles, which allow you to specify various network configurations to be created depending on the current network conditions. In this practice, you perform the following tasks: ‘+ Assess the current NWAM configuration + Create and deploy an NWAM profile Task 1: Assessing the Current NWAM Configuration Note: For NWAM to configure the host's network interface “auto-magically," the DHCP service must be available. 1. Verify that the Sol11-SuperServer and Sol11-Desktop virlual machines are running. This can be determined by viewing the Oracle VM VirtualBox Manager window and checking the run status for each virtual machine. If the virtual machines are not running, start them now. 2. Log into the Sol11-Desktop virtual machine as the oracle user with oracie1 as the password, 3. Click the Network Preferences icon to determine the NCPs and network interfaces (NCUs) that are currently enabled by NWAM. Be wlera 4. Opena terminal window, and su to root CaRyiGRTS BOT, ae ar Aas, A RG aT, Practices for Lesson 5: Configuring Network and Traffic Failover Chapter 5 - Page 35. Display the current network configuration for s11-desktop. root@sil-desktop:-# ipadm show-addr ADDROBI TYEE STATE ADDR static ok 127.0.0.1/8 static ok 192.168.0.111/24 static ok (228 List all available NWAM profiles and their current state. root@sll-desktop:-# netadm list TYPE PROFILE STATE cp Automatic disabled cp start_state ncu:phys net0 neu: ip neto loc aces loc Automatic loc NoNet loc User List the NWAM automatic profile. rootasil-desktop:-# netadm list Automatic Ty PROFILE STATE nep Automatic disabled loc Automatic offline ist the NWAM start_state profile, rootesil-desktop:-# netadm list start state TYPE PROFILE nep start_state ncu:phys neo acu: ip, neto List the NWAM location profiles. root@sil-desktop:-# netadm list -p loc TYPE PROFILE STATE loc aces online loc Automatic offline loc NoNet offline loc User disabled CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 5: Configuring Network and Traffic Failover Chapter 5 - Page 410. List all the pays and ip network configuration units (NCUs) in the active network. configuration profiles (NCPs). yootasll-desktop:-# netadm list -¢ phys TYPE PROFILE STATE ncu:phys net online root@s1l-desktop:~# netadm list -c ip TYPE PROFILE STATE acu: ip neto online 14. List all the NWAM profiles and their auxiliary state, rootasll-desktop:-# netadm list -x TYPE PROFILE. STATE AUXILTARY STATE rep Automatic disabled disabled by administrator nep start_state online active cu:phys net online interface/link is up neurip — neto online interface/link is up lee Automatic offline conditions for activation are unmet Loe Wovet, offline conditions for activation are unmet Loe User disabled disabled by administrator 12, Use the netcfg export command to create backups of the start_state and aces profiles rootasiil-desktop:-# netefg export -f start state nep backup nep \ start_state rootasii-desktop:-j! netefg export -£ aces_loc_backup \ loc aces root@s11-desktop:-# 1s *backup aces_loc backup _start_state_nep_backup 13. Use the net cfg utility to select the start_state profile and list its NCUs. rootasil-desktop:-# netetg netcfg> select ncp start_state fgimep:start_state> list phys neto ip neto 14, Select the phys NCU and display its properties, netcig:mep:start_state> select neu phys netO netcfg:nep:start_state:ncu:netO> list ncu:neto type link class phys parent "start st: activation-mode manual enabled true netefg:mep:start_state:ncu:netd> end CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 5: Configuring Network and Traffic Failover Chapter 5 - Page 515, Select the ip NCU and display its properties, mi fgincp:start_state> select nou ip neto netcfg:nep:start_state: neu:neto curnetO> list type interface class ip parent "start_state" enabled true ip-version ipva ipv4-addrsre static ipva-addr 192,168.0.111" ipvé-addrsre dhep, autoconf fg:ncp:start_state:ncu:netO> end netcfg:mep:start_state> end netefg> 16. Select the aces location profile and list its properties. ‘etcfg> select loc aces craces> Met activation-mode manual, conditions “system domain is mydomain.com" enabled true nameservices-config-file * /ete/neswitch.dns dns-nameservice-configsre manua dns-nameservice-domain mydomain.com™ dns-nameservice-servers "192.168.0,100" loc:aces> end fg> exit root@s11-desktop:-# Task 2: Creating and Deploying an NWAM Profile Create an NCP named oracle profile. sli-desktop:-¥ netefg fg> create nep oracle profile Create a phys NCU for the net data link netefgimep:oracle profiles ereate nou phys neti Created neu ‘neti’. Walking properties activation-mode (manual) {manual|prioritized] > manual link-mac-addr> Press Return link-ai jpush> Press Return CaRVIGHTS 207, OTROS SMIGT Te SINGS A TE EET Practices for Lesson 5: Configuring Network and Traffic Failover Chapter 5 - Page 8Tutus Presa Return fgmep:oracle profile:ncu:netl> list ncu:netl type link class phys paren "oracle profile” activation-mode manual enabled true end netefg:nep:oracle_profile:ncu:ne! Committed changes netcfg:mcp:oracle profile> list Neus phys neti 3. Create an ip NCU for the net data link. netcigmep:oracie profiles create nou ip neti created ncu 'netl'. walking properties ip-version (ipv4,ipvé) [ipvalipvé]> ipv4 ipv4-addrsre (dhcp) [dhep|static]> static ipv4-addr> 192.168.0.111 ipv4-default-route> Press Return netcfg:mep:oracle_profile:ncu:neti> list ncu:netl type interface class ip parent "oracle profile" enabled true ip-version ipva ipv4-addrsre static ipv4-addr 192.168.0.111" ipvé-addrsre dhep, autoconf netcfg:nep:oracle_profile:ncu:neti> verify All properties verified fgmep:oracle profile:ncu:ne ni commit Committed changes netcfg:ncp:oracle profile:ncu:neti> end netcfg:mep:oracle profile> list neu ip netl ncu:netl type interface class ap parent "oracle profile" enabled true ip-version ipva Oracle Internal & Oracle Academy Use Only CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 5: Configuring Network and Traffic Failover Chapter 5 - Page 7ipva-addrere static ipv4-adar 192.168.0.122 ipvé-addrere dhcp, autoconf netefg:ncp:oracle_profile> end netcfg> Create a location (loc) NCP named classroom. fg> create loc classroom a vation-mode (manual) [manual | conditional-any|conditional- > conditional-all conditions> "system-domain is mydomain.com" nameservices (dns) [dns|files|nis|1dap]> ans nameservices-config-file ("/etc/nsswitch.dns")> Press Return dns-nameservice-configsre (dhep) [manual|dhep] > manual dns-nameservice-domain> "mydomain.com* dns-nameservice-servers> "192.168.0.100" dns-nameservice-search> Press Return dns-nameservice-sortlist> Press Return dns-nameservice-options> Press Return nfsv4-domain> Press Return > Press Return ipfilter-config-£ ipfilter-vé-config-file> Press Return ipnat-config-file> Press Return ippool-config-file> Press Return ike-config-file> Press Return ipsecpolicy-config-file> Press Return netefg:loc:classroom> list loc:classroom activation-mode conditional-all conditions “system-domain is mydomain.com" enabled false nameservices dns nameservices-config- "/etc/nsswitch.dns" dns-nameservice-cor manual dns-nameservice-domain "mydomain.cem" dns-nameservice-servers 192.168.0.100" netcfg:loc:classroom> verify All properties verified netcfg:loc:classroom> commit Committed changes netefg:loc:classroom> end netcfg> exit CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 5: Configuring Network and Traffic Failover Chapter 5 - Page 8 Oracle Internal & Oracle Academy Use Only5. Use the net cfg list command to display all the profiles that exist at the current scope. root@sil-desktop:-# netefg list NePs: Automatic oracle_profile start_state Locations: Automatic classroom Nonet 6. Use the net cfg export command to create backups of your oracle profile and 7. classroom profiles. ootesll-desktop'-# netefg export -f oracle nop backup nop \ oracle profile rootesil-desktop:-# netefg export -£ classroom loc_backup \ loc classroom root@sil-desktop:-# 1s *backup classroom loc backup oracle nep backup Destroy the classroom profile and show the results. Toot@sil-desktop:-# netcfg destroy loc classroom ro! -desktop:-# netefg list Neps Automatic oracle profile rt_state Locations: Automatic NoNet Recover the classroom profile from your backup and show the results. yootasil-desktop:-# netefg -£ classroom loc_backup Configuration read. l-desktop:-# netefg list NPs Automatic oracle_profile rt_state Locations CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 5: Configuring Network and Traffic Failover Chapter 5 - Page 9‘Automatic classroom Nonet 9. Use the netadm enable command to enable the classroom and oracle profile profiles. root@sil-desktop:-# netadm enable classroom Enabling loc 'classroon' root@sil-desktop:~i netadm enable oracle profile Enabling nep ‘oracle profile’ 10. Reboot the system to verify that oracle | profiles. ‘of ile and classroom are the default NWAM root@sil-desktop:-# init 6 11. After the system reboots, log in as oracle and su to root 12. Open the Network Preferences dialog box. ae ie SoS Note that the net network interface is now connected to the network. 13. Use the ping command to verify communication with a remote host. rootasil-desktop:-# ping sll-ss sli-ss is alive CaRyiGRTS BOT, ae ar Aas, A RG aT, Practices for Lesson 5: Configuring Network and Traffic Failover Chapter 5 - Page 10Practice 5-2: Configuring the Network File System Overview In this practice, you configure the NFS server as well as the NFS client. You share a documentation folder from the server and access it on the client host. The following activities are covered: * Configuring the NFS Server ‘+ Configuring the NFS Client Task 1: Configuring the NFS Server 1. Verify that the Sol11-SuperServer and Sol11-Server1 virtual machines are running. 2. Log into the Sol11-Servert virtual machine as the oracle user. Use oraclet as the password, Assume primary administrator privileges. 3. Display the current status of the ZFS pool and the file systems. rootesli-servii-# spool list NAME SIZE ALLOC FREE CAP DEDUP HEALTH ALTROOT pool 326 10.66 21.46 33% 1.00x ONLINE - oot@sli-servi:-# 2s list -r /rpool AWE, USED AVAIL REFER zpool 10.76 20.86 39K pool /ROOT 3.236 20.86 31K zpool/ROo?/solaris 3.236 20.86 3.046 ‘pool /dump 1.03¢ 20.96 1.006 rpeol /export 5.36¢ 20.86 33K /export pool /expert /IPS 5.35¢ 20.86 5.35 /export/rPs zpool/export/home 10.1M 20.86 42K /export/home pool/export/home/docs 31.5K 20.86 31.5K /export/home/docs: rpool/export /home/gail 24K 20.96 34K /export /home/gail pool/export/home/oracle 34K 20.86 34K /export/ pool/ewap 1.036 20.96 1.006 - home/oracle Your display may be different. Before you create the docs file system, you want to make sure that it does not exist already. 4. Using the zfs create command, create a ZFS file system called xpool/export /nome/docs. Confirm the creation of the file system. rootasil-servi:-# 2fs create rpool/export/home/docs root@s1l-servi:-# zfs list /export/home/docs NAME USED AVAIL REFER MOUNTPOINT rpool/export/home/docs 31.5K 20.8 31 /export /home/docs What is the mount point of rpool /export /home/docs? /expor! ome /does: 5. Using the touch command, create a file called assetlist in /export /home/docs Footasll-sexvi:-¥ ed /export/home/docs root@sil-servi: /export /home/docs# touch assetlist root@sil-servi: /export/home/docs# cd CaRVIGHTS 207, OFS SMIGT Te SNS. TE REET Practices for Lesson 5: Configuring Network and Traffic Failover Chapter 5 - Pago 116 7. Use the 2£s commands to share the ZFS file system. Footasli-servi:-# af set \ sharesnamendocs,path=/export/home/docs,prot=nfs \ pool /export/home/docs roct@sli-servi:-# 2£s set sharenfa-on rpool/export/home/doce roct@sli-servi:-# 2£s set compression=on rpool/export/home/doce Jervi:-# share docs /export/home/docs nfs sec=sys,rw root@sl. This shows that the /export /home/docs resource is being shared, Verify that the nfs services are up and running rootesil-servi:-# aves -a | grep nfs disabled 9:11:54 sve: /network/nfs/cbd:default disabled 55 sve: /network/nfs/client :default 1S sve: /network/nfs/status:default 158 sve: /network/nfs/mapid:default 1a sve: /network/nfs/nlockmgr :default 36 sve: /network/nfs/rquota :default 37 sve: /network/nfs/server:default Is nfs/server up and running? Yes Task 2: Configuring the NFS Client 1 4 Log in to the Sol11-Desktop virtual machine as the oracle user. Use oraclet as the password. Assume administrator privileges. Use the df shares command to confirm whether you can view the shared resource from the s11-desktop VM. Create a directory called /docs to use as the mount point. Tootesil-desktop:-# dfshares sll-servi s1i-aervi: /export /home/docs sil-servi - root@sii-desktop:-# mkdir /docs Use the mount command to specify the resource to be mounted on the /docs directory. root@sii-desktop:-# mount -F nfs -o ro sli- servi: /export/home/docs /docs rootesil-desktop:-# ed /docs desktop: /docs# 1s rootesi assetlist This demonstrates that the asset1ist file in /export /home/docs can be shared on 1-desktop from s11 Using the umount command, unmount the /docs directory. sl1-desktop:-# ed root@sii-desktop:-# umount /docs CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 5: Configuring Network and Traffic Failover Chapter 5 - Page 125. Retum to the s11-servi VM and stop sharing the directory, root@sil-servi:-# fs set sharenfe-off rpool/export/home/doca 6. Using the share command, check whether any resource is being shared. rootasil-servi:-# share No resource should be displayed because nothing is being shared now. CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 5: Configuring Network and Traffic Failover Chapter 5 - Page 13Practice 5-3: Configuring a Link Aggregation Overview Link aggregation requires at least two network interfaces. The network interfaces must be unplumbed before they can be aggregated. In this practice, you combine four network interfaces into one link aggregation called crmpipe0 to create a larger network pipe for the CRM application. Then you manage the interfaces, which includes removing, adding, and eventually deleting the crmpipe0 link aggregation. This portrays different network management situations while working with the CRM application (for example, adjusting the bandwidth as needed). Task 1: Configuring a Link Aggregation 1. On the Sol11-Severt system, disable IP filtering. yootasil-servi:-# apf -D 2. Delete the IP interface for the net 0 data link, root@sil-servi:-# ipadm delete-ip net 3. List the network links that are currently configured in the system. root@sil-servi:~# dladm show-link LINK CLASS MTU STATE ovER phys 1500 unknown phys 1500 unknown phys 1500 unknown phys 1500 _unknown - 4. Create a link aggregation named crmpipeo that consists of the net 0, net, net2, and net3 network interfaces, and show the results. yootesll-servi ggr -1 net -1 neti \ ¥ dladm creat -1 net2 -1 net3 crmpiped root@s11-servi:~# dladm show-link LINK cLASS MIU STATE OVER phys 1500 up -- phys 1500 up phys 1500 up phys 1500 up crmpipeo aggr 1500 up net neti net2 net3 root@sll-servi:~# dladm show-aggr LINK POLICY ADDRPOLICY —-LACPACTIVITY LACPTIMER FLAGS crmpipeo La auto off short 5. Create an IP interface for the crmpipeo data link and show the results, root@sil-servi:-# ipadm create-ip crmpiped root@sll-servi:~# ipadm show-if IENAME CLASS STATE ACTIVE OVER 100 loopback ok yes crmpipeo ip down no - CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 5: Configuring Network and Traffic Failover Chapter 5 - Page 146 Run the ipadm command to create the static IPv4 address for the s11-serv1 system on the crmpipeo interface, and show the results. root@sil-servi:-~# ipadm create-addr -T static \ -a 192.168.0.112/24 crmpiped/v4 root@s1l-servi:~# ipadm show-addr ADDROBI TYPE STATE ADDR 100/v4 ok 127.0.0.1/8 crmpipeo/v4 ok 192.168.0.112/24 100/vé ok, 21/128 7. Log in to the Sol11-Desktop system and use the ping command to verify connectivity to the Sol1 1-Serv1 server. root@sil-servli-# ping sll-desktop gli-desktop is alive Task 2: Removing the Link Aggregation 1. Using the ipadm command, delete the crmpipeo IP interface. yootesll serv: root@s11 -serv’ ipadm delete-ip crmpipeo ipadm show-addr ADDROBI. YPE STAT ADDR 100/v4 static ok 127.0.0.1/8 100/v6 static ok 1/128 root@sil-servi:~# dladm show-link LINK CLASS MTU STATE = OVER net phys 1500 up -- net2 phys 1500 up net phys soo up ne phys 1500 up - crmpipeo aggr 1500 up net neti net2 net3 2. Using the dladm command, delete the crmpiped aggregation. Tootesll-servii~# dladm delete-aggr ormpipeo root@s11-servi:~# dladm show-link LINK cLASS MTU STATE OVER phys 1500 unknown - phys 1500 unknown -- neto phys 1500 unknown net: phys 1500 unknown root@s1l-servi:~# ipadm show-if IENAME CLASS STATE — ACTIVE OVER 100 loopback ok yes - Currently, the link aggregation has been removed. Note: At this time, you want to keep these links unconfigured because they will be needed in this state for the next practice. CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 5: Configuring Network and Traffic Failover Chapter 5 - Page 15Practice 5-4: Configuring IPMP Overview IP network multipathing (IPMP) provides physical interface failure detection, transparent network access failover, and packet load balancing, ‘An IPMP configuration typically cons 5 of two or more physical interfaces on the same system that are attached to the same LAN. These interfaces can belong to an IPMP group in either of the following configurations: + Active-active configuration — In this configuration, all underlying interfaces are active, ‘An active interface is an IP interface that is currently available for use by the IPMP. group. By default, an underlying interface becomes active when you configure the interface to become a part of an IPMP group. * Active-standby configuration — In this configuration, at least one interface is administratively configured as standby. If an active interface fails, the standby interface is automatically deployed as needed. You can configure as many standby interfaces as you want for an IPMP group. In this practice, you configure both active-active and active-standby configurations. Task 1: Creating an Active-Active IPMP Configuration In this task, you configure an active-active IPMP group that consists of two network interfaces. 1. 4 Verify that the Soli 1-SuperServer and Sol11-Server1 virtual machines are running. This can be determined by viewing the Oracle VM VirtualBox Manager window and checking the run status for each virtual machine. If the virtual machines are not running, start them now. Log in to the Solt1-Servert virtual machine as the oracle user and su to root. Use the ipadm command to display the IP network interfaces that are currently configured in the system yootesil-servi ipadm show-if TENAME CLASS STATE — ACTIVE OVER 100 loopback ok yes neto ip ok yes Note: If you performed the previous practice, you will not see neto in this display. This step is shown here in case you perform this practice independent Delete the net 0 network interface and display the results, root@sil-servi:-# ipadm delete-ip net0 Aug 19 10:29:27 sli-servi in.ndpd[799]: Interface net removed from kernel. In.ndpd will no longer use it has been Note: If you performed the previous practice, you will not see net. in this display. This step is shown here in case you perform this practice independently rootesil-servi:-# ipadm show-if IENAME CLASS STATE ACTIVE OVER 100 loopback ok yes CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 5: Configuring Network and Traffic Failover Chapter 5 - Page 165. 6 10. ‘When configuring IPMP, you must assign all network interfaces that are attached to the same LAN to an IPMP group. In this step, you delete the neto interface in preparation for configuring it in an IPMP group. Rename the neo data link to 1ink0_ipmpo and the neti data link to link: Show the results. pmp0. rootesil-servi % dladm yename-link net0 1ink0_ipmpo root@s1l-servi:-# dladm rename-link net1 link1_ipmp0 root@s11-servi:~# dladm show-link LINK CLASS MTU STATE OVER linko_ipmpo pays 1500 unknown link1_ipmpo phys 500 unknown -- net2 phys 1500 unknown -- ne phys 1500 unknown, -- Create IP interfaces for the 1inko_ipmpo and 1inki_ipmpo data links. Show the results, root@sil-servi:-# ipadm or te-ip linkO_ipmpo root@sil-servi:-# ipadm create-ip link1_ipmpo root@sil-servi:-# ipadm show-if IENAME CLASS STATE ACTIVE OVER oo loopback ok yes linko_ipmpo ip down no inkl ipmpo ip down no Create an IPMP group named ipmpo root@sil-servi:-# ipadm create-ipmp ipmp0 Add the 1inko_ipmpo and 1inki ipmpo IP interfaces to the ipmpo IPMP group and show the results. yootesll servi ipmpo root@sl1-servi:-# ipmpstat -g GROUP GROUPNAME STATE FDT INTERFACES % ipadm add-ipmp -i link0_ipmp0 -i linki_ipmpo \ ipmpo ipmpo ok - Link1_ipmpo_linko_ipmpo Assign two static IP addresses to the IPMP interface to be used for data access. Footasll-servi:-# ipadm create-addr -T static \ wa 192.168.0.112/24 ipmp0/v4add2 rootes1i-servi:-# ipadm create-addr -T static \ =a 192.168.0.113/24 ipmp0/vaadd2 Assign a static IP address to each IPMP subinterface to be used for link testing yootasll-servi:-# ipadm create-addr -T static \ -a 192.168.0.142/24 linkO_ipmp0/test rootésli-servi:~# ipadm create-addr -T static \ ~a 192.168.0.143/24 link1_ipmp0/test CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 5: Configuring Network and Traffic Failover Chapter 5 - Page 1711. Display the data and test the IP addresses roota#sli-servi:-# dpadm show-addr ADDROBS TYPE STATS, ADDR 00 /vé static ok 227.0.0.1/8 Linko_ipmp0/test static ok 192.168.0.142/24 Link1_ipmp0/test static ok 168.0.143/24 pmp0/vaada static ok 192.168.0.112/24 pmp0/vaadd2 static ok 92.168.0.113/24 100/vs static ok 1/128 Linko_ipmpo/_a static ok fe80: :00:27ff:feco:b88a/10 Linkl_ipmpo/_a static ok fe80::a00:27ff:f635:4321/10 12. Use the ipmpstat command to display the IPMP address information. root@sil-servi:-# ipmpstat -an ADDRESS STATE GROUP INBOUND ‘OUTBOUND down ipmpo - - 192.168.0.113 up ipmpo linki_ipmpo0 linki_ipmpo 1inko_ipmpo 192.168.0.112 up ipmpo linko_ipmpo link1_: pmp0 linko_ipmpo Note: The INBOUND traffic is restricted to one interface depending on the IP address. that is used. The oUTBOUND traffic is spread across both interfaces. 13. Use the ipmpstat command to display the IP interface information. root@sll- serv: # ipmpstat -i INTERFACE ACTIVE GROUP FLAGS LINK PROBE STATE linkl_ipmpo yes ipmpo up ok ok Linko_ipmpo yes ipmpo mbM up ok ok The interface FLAGS are defined as: i= Unusable due to being rNAcTIvE s = Masked STANDBY m= Nominated to sendireceive IPv4 multicast for its IPMP group » = Nominated to sendireceive IPv4 broadcast for its IPMP group 1M = Nominated to sendireceive IPvé multicast for its IPMP group = Unusable due to being down Unusable due to being brought oF FLINE by in.mpathd (IPMP daemon) because of a duplicate hardware address 14. Use the ipmpstat command to display information about test address targets. ootasli-servi:-# ipmpatat -at INTERFACE NODE ‘TESTADDR TARGETS ink1_ipmpo multicast 192.168.0.143 192.168 inko_ipmp0 multicast _192,168.0.142 192.168 200 192.168.0.112, 100 192.168.0.111 CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 5: Configuring Network and Traffic Failover Chapter 5 - Page 1815. Use the ipmpstat command to display the current probe information. Foot@sll-servii-# ipmpstat -pa 0.498 Link0_spmpo i195 0.70m9«1.28ms_0.71ms—182.168.0.100 0.738 Linki_spmpo i145 0.68ms 0.96ms_«1.S4ms_—192.168.0.100 1.388 nko ipmp0 i196 0.588 0.738 _—«O.71m@_—«182.168,0.100 2.1ls Linkl_spmpd i146 0.5ims0.65ms_1.78ms_— 182. 168.0.100 3.258 linko_ipmp0 {197 0.50ng0.58m89.70ms_—«192.168.0.100 3.708 Link1_spmpa i147 0.60ms«1.01ms_—«1.69"5 —192.168.0.100 4.583 Linko_spmpa i198 0.56éma_0.72ms_«0.70ms._—«192.168.0.100 5.163 linki_spmpo i148 0.43msa_-0.60ms_«1.55ms_192.168.0.100 6.088 inkO_ipmpd i199 0.538 0.6008 0.89n_—«192.168,0.100 6.618 Linkl_Spmpo i149 0.779 0.84ms_—« 1.465 —192.168.0.100 “ce Your display may be different. Task 2: Testing the Active-Active IPMP Configuration In this task, you test the active-active IPMP configuration by causing one of the subinterfaces to fail. Then you verify that the system is stil accessible by using the remaining interface. 1. Shut down the Sol11-Server1 virtual machine. Soon F 4 [ipwerotva rai 2. Open the VirtualBox Manager GUI and click the Settings utility for the Solt1-Servert virtual machine. any CaRyIGRTS BOT, ae rs Aas, AR aT, Practices for Lesson 5: Configuring Network and Traffic Failover Chapter 5 - Page 19 Oracle Internal & Oracle Academy Use Only3. Under Network settings, select Adapter 2 and set the Attached to: field to "Not attached.” | Asst seme [mek |e retath [sein | em | ovis 4. Start the Solt1-Servert virtual machine. 5. Log into the Sol11-Servert virtual machine as the oracle user and su to root. 6. Use the ipmpstat command to display IPMP group information. Tootesll-servii~# ipmpstat -g GROUP GROUPNAME STATE FDT INTERFACES ipmpo ipmpo degraded 10.008 linki_ipmpo [inko Note that 1inko_ipmpo has been boxed ({1ink0_ipmp)) indicating that it has failed. 7. Use the ipmpstat command to display the IP interface information. root@sil-servi:-# ipmpstat -i TERFACE ACTIVE GROUP FLAGS LINK PROBE STATE linkl_ipmpo yes — ipmpo --mbM-- up ok ok link0_ipmpo no ipmpo up failed failed The 1inko_ipmpo interface is no longer active. 8. Use the ipmpstat command to display the current probe information. root@sil-servi:-# ipmpstat -pn TIME INTERFACE PROBE NETRTT RTT © RYTAVG TARGET 0.218 linkl_ipmpo i505 0.62ms 1.1lms 0.70ms 192.168.0.100 -1.996 linko_ipmpo isos -- - 192.168.0.100 1a linkl_ipmpo iS06 0.5ims 0.65ms 0.70ms 192.168.0.100 0.288 Linko_ipmpo isos 192.168.0.100 1.028 linko_ipmpo isos -- -- 192.168.0.100 2.855 linkl_ipmpo i507 0.56ms 0.70m 0.70ms 192.168.0.100 4.25. Linki ipmpo isos 0.4lms_0.55ms 0.6ams _192.168.0.100 CoRyiGHTS BOT, ae anor saa, AR EAT Practices for Lesson 5: Configuring Network and Traffic Failover Chapter 5 - Page 20 Oracle Internal & Oracle Academy Use OnlyNote that Linko_ipmp0 is failing probe tests. Your display may be different © ‘ag in to the Sol11-Desktop virtual machine and ping the IPMP data IP addresses. root@sil-desktop:-# ping 192.168.0.112 192.168.0.112 is alive root@s1i-desktop:~-# ping 192.168.0.113 192.168.0.113 is alive 10. Shut down the Sol11-Servert virtual machine. 11. Open the VirtualBox Manager GUI and click the Settings utilty for the Sol11-Servert virtual machine, 12, Under Network settings, select Adapter 2 and set the Attached fo: field to Internal Network. ecg eee sengo:/tom ne r2n-ne MPFaRD eae SNe NS CURE. 13. Start the Sol11-Servert virtual machine. 14. Log in to the Sol11-Server1 virtual machine as the oracle user and su to root 15. Use the ipmpstat command to verify that the IPMP group ipmpo STATS is ok. root@sil-servi:-# ipmpstat -g GROUP GROUPNAME STATE FDT INTERFACES ipmpo ipmpo ok -- Linkl_ipmpo linko_ipmpo CaRyiGRTS BOT, ae ar Aas, A RG aT, Practices for Lesson 5: Configuring Network and Traffic Failover Chapter 5 - Page 21 Oracle Internal & Oracle Academy Use OnlyTask 3: Creating an Active-Standby IPMP Configuration In this task, you reconfigure the ipmpo IPMP group from an active-active configuration to an active-standby configuration On the Sol11-Servert virtual machine, display the data links, rootesil-servi:~# dladm show-link LINK cLass MTU STATE OVER linko_ipmpo phys up -- link1_ipmpo phys up -- a phys unknown -- net3 phys unknown = 2. Rename the net? data link to 1ink2_ipmp0 and show the results. yootasll-servi:-# dladm rename-link net2 1ink2_ipmpo rootesli-servi:~# dladm show-Link LINK cLass MTg «STATE OVER linko_ipmpo phys 1500 up - link1_ipmpo phys up 1ink2_ipmpo phys unknown ~~ ne phys unknown _-~ Create IP interfaces for the 1ink2_ipmpo data links and show the results. yoot@sil-servi:-# ipadm create-ip link? ipmpo root@sll-servi:~# ipadm show-if IENAME CLASS STATE ACTIVE OVER 100 loopback ok yes -- ipmpo ipmp ok yes linkO_ipmpo linki_ipmpo linko_ipmpo ip ok yes link1_ipmpo ip ok yes link? _ipmpo ip down no - 4. Add the 1ink2_ipmpo IP interfaces to the ipmpo IPMP group and show the results. yootesil servii-¥ ipadm add-ipmp —i 1ink2_ipmp0 ipmpo root@sll-servi:~# ipmpstat -g GROUP GROUPNAME STATE FDT INTERFACES ipmpo_ipmpo ok 00s link2_ipmpo linkl_ipmp0 linko_ipmpo 5. Assign a static IP address to the IPMP subinterface 1ink2_ipmpo to be used for link testing and show the results. root@sll-servl:-# ipadm create-addr -T static \ -a 192.168.0.144/24 link2_ipmp0/test root@sll-servi:~# ipadm show-adér ADDROBI YPE «STATE ADDR 100/v4 static ok —127.0.0.1/8 ipmpo/vaaddt static ok | -192.168.0.112/24 ipmpo/vaada2 static ok _192.168.0.113/24 CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 5: Configuring Network and Traffic Failover Chapter 5 - Page 2210. Use the ipmpstat Tink0_ipmpd/test static ok 192.168.0.142/24 linkl_ipmp0/test static ok 192.168.0.143/24 link2 ipmpo/test static ok 192.168.0.144/24 100/v6 static ok 1/i28 linko_ipmpo/vé static ok feao: :a00:278£:£e36:a51¢/10 linkl_ipmpo/vé static ok fe80::a00:27££:£e05:424a/10 linkl_ipmp0/vé static ok fe80::a00:27££:£e92:67eb/10 Note: Your display may be different. Show the current setting of the standby property for the 1 ink2_ipmpo interface. Footasli-servii-# ipadm show-ifprop -p standby link? ipmpo IFNAME PROPERTY PROTO PERM CURRENT PERSISTENT DEFAULT POSSIBLE Link2_ipmpo standby ip rw off =~ off on, off Note that standby is currently tumed off. Set the standby property for the 1 ink2_ipmp0 interface to on and show the results Taotasli-servii-# ipadm set-ifprop -p standbyson -m ip 1ink?_ipmpo oot@sli-servi:-# ipadm show-ifprop -p standby link2 ipmpo TFNAME PROPERTY PROTO PERM CURRENT PERSISTENT DEFAULT POSSIBLE ink2_ipmp0 standby ip rw _on on off on off Use the ipmpstat command to display the IPMP group information. ootweli-servi:-# ipmpatat -g GROUP GROU: NAME STATE FDT INTERFACES. ipmpo ipmpo ok_~—=«10.008 Link1_ipmpO linko_ipmpo (1ink2_ipmpo) Note that the 1ink2_ipmpo interface is enclosed in parenthesis. This indicates that the interface is set to standby. Use the ipmpstat command to display the IPMP address information rootasil-servi:-# ipmpstat -an ADDRESS. STATE GROUP INBOUND ‘OUTBOUND : down ipmpo -- -- 192.168.0.113 up impo linko_ipmpo link1_ipmpo linko_ipmpo 192.168.0.112 up ipmpO link1_ipmp0 linkl_ipmp0 linko_ipmpo and oursow Note that the 1ink2_ipmpo interface is not actively used for TNBO% D traffic. ommand to display the IPMP interface information. root@sil-servi:-# ipmpstat -i INTERFACE ACTIVE GROUP FLAGS LINK PROBE STATE link2_ipmpo no ipmpo is----- up ok ok linki_ipmpo yes ipmpo up ok ok inko_ipmpo yes ipmpo --mbM-- up ok ok Note the flags for the 1ink2_ipmp0 interface. This indicates that the interface is inactive and set to standby. CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 5: Configuring Network and Traffic Failover Chapter 5 - Page 23Task 4: Testing the Active-Standby IPMP Configuration In this task, you test the active-standby IPMP configuration by causing one of the subinterfaces to fail. Then you verify that the system is still accessible by using the remaining interface. 1. Shut down the Sol11-Servert virtual machine. Be © 0 serve aman ora 9 9 Boiareiveraiie) 2. Open the VirtualBox Manager GUI and click the Settings utility for the Sol11-Servert virtual machine. Foyer Ase Ames Bam CaRyiGRTS BOT, ae ar Aas, A RG aT, Practices for Lesson 5: Configuring Network and Traffic Failover Chapter 5 - Page 24 Oracle Internal & Oracle Academy Use Only3. Under Network settings, select Adapter 2 and set the Attached to: field to "Not attached.” 4. Start the Sol11-Servert virtual machine 5. Log into the Sol11-Servert virtual machine as the oracle user and su to root. 6. Use the ipmpstat command to display the IPMP group information. Tootsii-servii-# ipmpatat -g GROUP GROUPNAME STATE FDT —INTERFACES. pmp0 ipmpo de: graded 10.00 link?_ipmpo link1_ipmpo [1inko_ipmpo Note that 1ink?_ipmpo has been boxed ([1ink1_ipmo01), indicating that it has failed 7. Use the ipmpstat command to display the IP interface information. Footasii-servi:-# ipmpstat -i INTERFACE ACTIVE GROUP FLAGS LINK PROBE STATE link2_ipmpo yes ipmpo up ok ok linki_ipmpo yes ipmpo up ok ok Linko_ipmpo no ipmpo up failed failed The 1ink’_ipmpo interface is no longer active but Link2_ipmpd is now active. 8. Use the ipmpstat command to display the IPMP address information. root@sil-servi:-# ipmpstat -an ADDRESS st GROUP INBOUND ‘OUTBOUND down — ipmpo - - 192.168.0.113 up ipmpO linki_ipmp0 link2_ipmpo linki_ipmpo 192.168.0.112 up ipmpo ipmp0 link2_ipmpo linki_ipmpo Note that the 1ink2_ipmp0 interface is being used for INBOUND and OUTBOUND traffic. CaRyiGRTS BOT, ae ar Aas, A RG aT, Practices for Lesson 5: Configuring Network and Traffic Failover Chapter 5 - Page 25 Oracle Internal & Oracle Academy Use Only9. Use the ipmpstat command to display the current probe information. TIME 0.068 0.908 0.928 0.498 0.498 528 748 698 ais rootesii- serv Link2 Linke ~# ipmpstat -pn INTERFACE Link2_ipmpo Link1_ipmpo pmpo pmpo Linko_ipmpo Link2_; pmpo Link1_ipmpo Linkt Linko. pmpo pmpo PROB! iiss i162 i164 i161 i180 iss i163 i164 i162 2 NETRIT RIT 0.26ms 0.49m8 0.26ms 0.39ma 0.19ms 0.36me 0.2ams 0.39me 0.24ms 0.38me 0.25ms 0.45me RTTAVG 0.33ms 0.31ms 0.34ms 0.34ns 0.3ams 0.34ms Note that the Link2_ipmpo interface is actively probing targets. TARGET 192 192 192 192 192 1s2 192 192 192 ise 168 ise 168 168 ase. 168 168 168 100 100 100 100 100 -100 100 100 100 10. Log in to the Sol11-Desktop virtual machine and ping the IPMP data IP addresses. root@sll-desktop: 192.168.0.112 is rootes11-desktop 192.168.0.113 ~# ping 192.168.0.112 ~# ping 192.168.0.113 14. Shut down the Sol11-Servert virtual machine. 12. Open the VirtualBox Manager GUI and click the Settings utility for the Sol11-Servert virtual machine. CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 5: Configuring Network and Traffic Failover Chapter 5 - Page 26 Oracle Internal & Oracle Academy Use Only13, Under Network settings, select Adapter 2 and set the Attached to: field to Intemal Network. b agonens 14, Start the Solt1-Servert virtual machine, 15. Log in to the Sol11-Server1 virtual machine as the oracle user and su to root. 16. Use the ipmpstat command to display the IPMP group information Footasii-servi:-# ipmpatat -g GROUP GRO ipmpo ipmpo ok 10.005 PNAME STATE FDT INTERFACES k1_ipmp0 linkO_ipmpo (1ink2_ipmpo) Note that the 1ink2_ipmpo interface has been placed back as standby and is inactive. This indicates that the failed interface is repaired. 17. Use the ipmpstat command to display the IPMP interface information, Toot@sil-servii-# ipmpstat -i INTERFACE ACTIVE GROUP FLAGS LINK PROBE STATE ink2_ipmpo no ipmpo is up ok ok link1_ipmpo yes ipmpo up ok ok linko_ipmpo yes ipmpo up ok ok CaRyiGRTS BOT, ae ar Aas, A RG aT, Practices for Lesson 5: Configuring Network and Traffic Failover Chapter 5 - Page 27 Oracle Internal & Oracle Academy Use OnlyTask 5: Removing the IPMP Configuration In this task, you remove the ipmpo IPMP group and return the network to its original configuration. Remove all the subinterfaces from the ipmpo IPMP group and show the results. yootasil-servii-} ipadm remove-ipmp -i link0_ipmp0 \ -i linkl_ipmpo -i 1ink2_ipmp0 ipmpo root@s1l-servi:~# ipmpstat -g GROUP GROUPNAME STATE FDT INTERFACES ipmpo _ipmpo failed 2. Delete the ipmpo IPMP group. Toot@sll-servii~# ipadm delete-ipmp ipmpo ~# ipmpstat -g rootasll-servi:-# rootes11-serv: Display the IP address that is currently configured in the system. rootesll-servi:-# ipadm show-addr ADDROBS, STATE ADDR 100/v4 ok 127.0.0.1/8 Linko_ipmpo/test ok ——:192.168.0.142/24 Linki_ipmpo/test static ok 192. 168.0.143/24 link2_ipmpo/test static ok | 192.168.0,143/24 100/v6 static ok 2/228 Your display may be different. 4. Delete the test IP addresses and show the results, Footesil-servii-# ipadm delete-addr 1ink0_ipmp0/teat rootésll-servi:~# ipadm delete-addr linki_ipmp0/test sll-servi:- ipadm delete-addr 1ink2_ipmp0/test @611-servi:-# ipadm show-addr ADDROBT TYPE STATE ADDR 100/v4 static ok 127.0.0.1/8 100/v6 static ok 1/a28 Your display may be different. 5, Delete the 1inko_ipmp0, 1inki_ipmpo, and 1ink2_ipmpo IP interfaces. Show the results, rootasll-servi:-# ipadm delete-ip 1ink0_ipmpo rootasil-servi:-# ipadm delete-ip link1_ipmpo root@s11-servi:~# ipadm delete-ip link2_ipmpo root@s1l-servi:-# ipadm show-if IENAME CLASS STATE ACTIVE OVER 100 loopback ok yes CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 5: Configuring Network and Traffic Failover Chapter 5 - Page 286 10, Rename the data links to their original names and show the results. Tootesll-servii-# dladm rename-link link0_ipmp0 neto root@s1l-servi:~# dladm rename-link linkl ipmp0 neti sll-servi:-# dladm rename-link link2_ipmp0 net2 root@s1l-servi:~# dladm show-link CLASS MTU = STATE OVER phys unknown, phys unknown, phys unknown ys anknown, Restart the sve: /network/physical :default service, S1l-servi:-¥ svcadm restart svc:/network/physical:default Verify that the net o network interface has been configured correctly. root@sll-servi padm show-addr ADDROBJ TYPE STATE ADDR 100/v4 static ok 127.0.0 100/v6 static ok 1/a28 Reinstate the physical network interface. Sll-servi:-¥ ipadm create-ip neto root@sll-servi:~# ipadm create-addr -T static \ a 192.168.0.112/24 net0/v4adat 4 ‘est the network interface by using the ping command yootesll serv: % ping 192.168.0.111 192.168.0.111 is alive CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 5: Configuring Network and Traffic Failover Chapter 5 - Page 29CaRATGRTS BOT, OFS HoT BINGE A TE ETS, Practices for Lesson 5: Configuring Network and Traffic Failover Chapter 5 - Page 30 Oracle Internal & Oracle Academy Use OnlyPractices for Lesson 6: Configuring Zones and the Virtual Network Chapter 6 CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 6: Configuring Zones and the Virtual Network Chapter 6 - Page 1 Oracle Internal & Oracle Academy Use OnlyPractices for Lesson 6 Practices Overview According to your predeployment plan, itis time to evaluate the business scenario. On one ‘company server, you are asked to create two independent virtual Oracle Solaris 11 systems (zones) where the company can maintain two separate customers’ environments. Therefore, you create a zone called grandmazone for the vendor Grandma's Cookies and a zone called ‘choezone for Assorted Chocolates Inc. When these customers need assistance, you can re- create their scenario in their respective zones and evaluate the issues. Because you have only one physical interface on this server, you are asked to create two virtual network interfaces and assign one to each zone on a dedicated basis. The key areas explored in the practices are: * Configuring an Oracle Solaris 11 virtual network + Configuring two zones to use VNICs + Allocating resources to Oracle Solaris zones + Managing resources on the virtual network interface + Removing the virtual network v Oracle Solaris 11 Predeployment Checklist ‘ Managing the Image Packaging System (IPS) and Packages Y Installing Oracle Solaris 11 on Multiple Hosts Managing the Business Application Data v Configuring Network and Traffie Failover Configuring Zones and the Virtual Network Managing Services and Service Properties ‘Configuring Privileges and Role-Based Access Control Securing System Resources Using Oracle Solaris Auditing ‘Managing Processes and Priorities Evaluating System Resources Monitoring and Troubleshooting System Failures CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 6: Configuring Zones and the Virtual Network Chapter 6 - Page 2Preparation This practice requires the Sol11-Server VM to have two CPUs so that resource pools can be configured accordingly. To ensure the Sol11-Sever VM has two CPUs in place, follow these steps: 1. Shut down the Sol11-Server1 virlual machine. [BO nena renee @ 0 sere ee nace surat 2 (Sowarotie ace 2. Open the VirtualBox Manager GUI and click the Settings utility for the Sol11-Servert virtual machine. eS See Biome guse CaRyiGRTS BOT, ae ar Aas, A RG aT, Practices for Lesson 6: Configuring Zones and the Virtual Network Chapter 6 - Page 3 Oracle Internal & Oracle Academy Use Only3. Under the System settings, click the Processor tab and change the number of processors to 2. conc eangecangon ten ne ieone mt nar ase gine ne eu os setcgsten Bt moe MEER | CaRATGRTS BOT, OFS HoT BINGE A TE ETS, Practices for Lesson 6: Configuring Zones and the Virtual Network ‘Chapter 6 - Page 4 Oracle Internal & Oracle Academy Use OnlyPractice 6-1: Creating an Oracle Solaris 11 Virtual Network Overview In this practice, you configure an Oracle Solaris 11 virtual network. To do this, you perform the following key tasks’ * Create a virtual network switch + Create the virtual network interfaces. © Display the virtual network configuration. Task: 1. Verify that the Sol11-SuperServer and Sol11-Server! virtual machines are running, If the virtual machines are not running, start them now. 2. Log in to the Sol11-Servert virtual machine as the oracle user. Use oracle1 as the password. Assume administrator privileges. 3. Run the dadn utility to create an etherstub named stub9. Confirm the creation of the etherstub by using the show-1ink command root@sil-servi:-# dladm create-etherstub stub root@sll-servi:~# dladm show-link LINK CLASS MTU STATE BRIDGE OvER neto phys i500 up ni phys 1500 unknown -- ne phys 500 unknown ~~ ne phys 1500 unknown -- stubo etherstub 9000 unknown ~~ Before you create the VNICs, you need to create a virtual network switch. 4. Use the dladm utility to create the vnico, vnici, and vnic2 VNICs. Attach these VNICs to the etherstub stubo. rootesil-servi:-# dladm or rootes11-serv: te-vnie -1 stub0 vnico # dladm create-vnic -1 stub0 vnicl # dladm create-vnic -1 stub0 vnic2 rootesll-servl Here vnico is required for the virtual switch stubo. The other VNICs are the virtual network interfaces that would be available for your use. 5. Show the results of the preceding step. rootesil-servi:~# dladm show-vnic SPEED MACADDRESS MACADDRTYPE vip ° 2:8:20:70:d0:£8 random ° 2:8:20:80:65:0 random ° 2:8:20:1f:c5:bd random Alll three VNICs have been created as displayed. Notice that each VNIC has a MAC address created Now these VNICs are available for use as “physical” networks. You will use them in the following practice for the zones. CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 6: Configuring Zones and the Virtual Network Chapter 6 - Page 5Practice 6-2: Creating Two Zones By Using VNICs Overview In this practice, you configure Oracle Solaris 11 zones and assign the virtual network interfaces, created in the previous exercise. To do this, you perform the following key tasks: + Configure two zones to use VNICs * Display the zone configuration, including the interfaces. Task: Perform the following steps to configure the zone named grandmazone and the zone named choezone! 1 Verify that the Sol1-SuperServer and Sol11-Server1 virtual machines are running, If the virtual machines are not running, start them now. Log in to the Sol11-Servert virtual machine as the oracle user. Use oraclel as the password. Assume administrator privileges. Verify that the IPS publisher is configured correctly and is operational. root@sil-servi:-# pkg publisher PUBLISHER TYPE STATUS URT solaris origin online http: //s11-serv1.mydomain.com/ root@s1l-servi:~# pkg search diffstat INDEX ACTION VALUE PACKAGE pkg.description set The diff command compares files line by line. Diffstat reads the output of the diff command and displays a histogram of the insertions, deletions and modifications in each file. Diffstat is commonly used to provide a summary of the changes in large, complex patch files. Install diffstat if you need a program which provides a summary of the diff command's output. pkg: /text/diffstatel.51-0.173.0.0.0.0.0, I the IPS publisher is configured incorrectly, change to an operational publisher. For example, if your current publisher is http: //s11-ss.mydomain.com, you need to change it to http: //s11-serv1.mydomain. com. Run the following command: rootes1l-servi:~# pkg set-publisher -¢ http: //si1- ss.mydomain.com/ -g http://sii-serv2.mydomain.com/ solaris Refer to practice 2 for detailed IPS configuration. ‘The objective is to access the IPS repository on the local system to speed up package transfer during the zone installation steps. CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 6: Configuring Zones and the Virtual Network Chapter 6 - Page 84. Verify that an rpool/zones ZFS file system exists and is mounted as /zones. root@sil-servi:~# zfs list rpool/zones NAME USED AVAIL REFER MOUNTPOINT rpool/zones 31K 22.66 31K /zones If the pool /zones ZFS file system does not exist, run the following command: root@sl1-servi: # 28 create -o mountpoint=/zones rpool/zones The root file systems for the zones will be stored in rpool/zones file system, 5. Configure grandmazone and display the results. rootesii -servi # zonectg -2 grandmazone grandmazone: No such zone configured Use ‘create! to begin configuring a new zone zonecfg:grandmazone> create zonecfg:grandmazone> set zonepat! zonecfg:grandmazone> set autoboo! zonecfg:grandmazone> add net zonecfg:grandmazone:net> set physical=vnicl zonecfg:grandmazone:net> end zonecfg:grandmazone> verify ‘zones/grandmazone true zonecfg:grandmazone> commit zonecfg:grandmazone> exit sll-servl:-# zonecfg -z grandmazone info zonename: grandmazone zonepath: /zones/grandmazone brand: solaris true bootargs: file-mac-profile scheduling-class: ip-type: exclusive hostid fs-allowed address not specified allowed-address not specified physical: vai defrouter not specified CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 6: Configuring Zones and the Virtual Network Chapter 6 - Page 76. linkname: neto lower-link: aute allowed-address not specified defrouter not specified allowed-dhep-cids not specified link-protection: mac-nospoof mac-address: random mac-prefix not specified mac-slot not specified vlan-id not specified priority not specified rxrings not specified txrings not specified mtu not specified maxbw not specified rxfanout not specified Configure choezone and display the results, root@sll-servi:-# zonecfg -z choczone choczone: No such zone configured Use ‘create! to begin configuring a new zone zonecfg:choczone> create zonecfg:choczone> set zonepati zonecfg:choczone> set autoboo! zones/choczone zonecfg:choczone> add net zonecfg:choczone:net> set physical-vnic2 zonecfg:choczone:net> end zonecfg:choczone> verify zonecfg:choczone> commit zonecfg:choczone> exit sll-servl:-# zonecfg -z choczone info zonename: choczone zonepi /zones/choczone brand: solaris autoboot: true bootargs £ile-mac-profile: limitpriv: scheduling-class: type: exclusive hostid £s-allowed CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 6: Configuring Zones and the Virtual Network Chapter 6 - Page 8 Oracle Internal & Oracle Academy Use Only7. address not specified allowed-address not specified physical: vnic2 defrouter not specified anet: linkname: neto lower-link: aut: allowed-address not spec defrouter not specified allowed-dhep-cids not specified link-protection: mac-nospoof mac-address: random mac-prefix not specified mac-slot not specified vlan-id not specified priority not specified rxrings not specified txrings not specified mtu not specified maxbw not specified zxfanout not specified Using the zoneadm command, display the configured zones. Sll-servi:-} zoneadm list -ov 1D NAME STATUS PATH BRAND TP 0 global miming / solaris sb ~ grandmazone configured /zonea/grandmazone solaris exe! choczone Agured /zones/choczone solaris Both zones are in configured state. They need to be installed. Using the sysconf ig command, create a system configuration profile for grandmazone ootasli-servi:-# sysconfig create-profile -o /opt/ora/course_files/gnconf .xml ‘When the system configuration utility appears, follow the directions on the screen and provide appropriate information from the following + Computer name: grandmazone + Ethemet network configuration: Manually + Network Interface: vnic1 + IP Address: 192.168 1.100 + DNS: Do not configure DNS CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 6: Configuring Zones and the Virtual Network Chapter 6 - Page 9. Alternate Name Service: None + Time zone: Use your local region. + Date and time: Set fo current date and time. + Root password: oracle1 + User account: oraclegm + Your real name: oracleam + Usemame: oraclegm + Password: oraclet ng System Configuration Tool. Log is available at: /vax/tmp/install/sysconfig.log Display the SC profile that you just created for grandmazone. rootesii-servi:-# more /opt/ora/course_files/gmconf.xm1 "defaul "application" nam typ login" value= application" nam user_account"> oraclegm" /> Oracle Internal & Oracle Academy Use Only CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 6: Configuring Zones and the Virtual Network Chapter 6 - Page 10 «service version "service" name="system/timezone"> 1" typ «instance enabled="true" name="default"> «service version="1" type="service" name="system/environment"> rootesll-servi:-# zoneadm -z grandmazone install /opt/ora/course_files/gmconf.xml A ZPS file system has been created for this zone Image: Preparing at /zones/grandmazone/root Install Log: /system/volatile/install.2183/install_log AI Manifest: /tmp/manifest .xml .oTaqpe SC Profile: /opt/ora/course_files/amconf.xm1 Zonename: grandmazone Installation Starting creating IPS image Installing packages from solaris origin: http: //s1i-serv1.mydomain.com/ Done: Installation completed in 356.558 seconds ‘The zone installation should take approximately 5 minutes. Us sing the sysconfig command, create system configuration profile for the choczone Foot@sil-servi:-# sysconfig ore: /opt/ora/course_files/chocconé .xm1. profile -o ‘When the system configuration utility comes up, follow the directions on the screen and provide the appropriate information from the following: + Computer name: choczone + Ethernet network configuration: wanually + Network Interface: vnic2 CaRTTGRTS BOT, OFS STG SNS A TE ERT Practices for Lesson 6: Configuring Zones and the Virtual Network Chapter 6 - Page 11 Oracle Internal & Oracle Academy Use Only