HOW TO INSTALL SOLARIS 10 ×86 ON HP PROLIANT BL460C G6 – PART V


Network configuration is ready, now we will install “Solaris JumpStart Installation Server”.

PART I
PART II
PART III
PART IV

 

# mkdir -p /Install/Solaris10/

# mkdir /Install/jumpstart

# /cdrom/sol_10_1009_x86/Solaris_10/Tools/setup_install_server /Install/Solaris10/

Now is necessary to customize Solaris 10 install miniroot image to include in it HP Proliant BL460c G6 2 drivers:

 

Broadcom  BCM57710/BCM57711/BCM57711E 10 GigE Driver from BRCMbnxe-4.8.11-solaris10-i386.tar.gz file

HP Smart Array Controller Drive from CPQary3-2.3.0-solaris10-i386.tar.gz file.

Both of this files you can download from HP drivers web site or direct from this link.

 

1) Unpack miniroot image files for each architecture – x86 and amd64:

#/boot/solaris/bin/root_archive unpack /Install/Solaris10/boot/x86.miniroot /var/tmp/x86.miniroot

# rm /var/tmp/x86.miniroot/tmp/AdDrEm.lck

#/boot/solaris/bin/root_archive unpack /Install/Solaris10/boot/amd64/x86.miniroot /var/tmp/amd64.miniroot

# rm /var/tmp/amd64.miniroot/tmp/AdDrEm.lck

2) Unpack HP Proliant BL460c G6 Network and RAID controller drivers in to /var/tmp/Drivers:

# unrar HP_Proliant_BL460c_G6.rar in to /tmp

# cd /var/tmp/Drivers; gzip –dc /tmp/CPQary3-2.3.0-solaris10-i386.tar.gz| tar xf –

# cd /var/tmp/Drivers; gzip –dc /tmp/BRCMbnxe-4.8.11-solaris10-i386.tar.gz| tar xf –

 

3) Installing DU drivers in to miniroot images:

# cd /var/tmp/Drivers/CPQary3-2.3.0-solaris10-i386/DU/sol_210/i86pc/Tools

# ./install.sh -R /var/tmp/x86.miniroot

# ./install.sh -R /var/tmp/amd64.miniroot

 

# cd /var/tmp/Drivers/BRCMbnxe-4.8.11-solaris10-i386/bnxe

# mkdir CD

# mount -F hsfs `lofiadm -a $PW/DBRCMbnxe.iso` $PWD/CD

# cd /var/tmp/Drivers/BRCMbnxe-4.8.11-solaris10-i386/bnxe/CD/DU/sol_210/i86pc/Tools

# ./install.sh -R /var/tmp/x86.miniroot

# ./install.sh -R /var/tmp/amd64.miniroot

 

4) Pack back minroot images into Install server directory:

# mv /Install/Solaris10/boot/x86.miniroot /Install/Solaris10/boot/x86.miniroot_old

# /boot/solaris/bin/root_archive pack /Install/Solaris10/boot/x86.miniroot /var/tmp/x86.miniroot

# mv /Install/Solaris10/boot/amd/x86.miniroot /Install/Solaris10/boot/amd/x86.miniroot_old

#/boot/solaris/bin/root_archive pack /Install/Solaris10/boot/amd64/x86.miniroot /var/tmp/amd64.miniroot

 

Now we will begin configuring JumpStart profiles for HP Proliant BL460c G6 servers.

1) # mkdir /Install/jumpstart

2) # cp /Install/Solaris10/Solaris_10/Misc/jumpstart_sample/check /Install/jumpstart/

3) creating /Install/jumpstart/rules file with bellow records:

cat >/Install/jumpstart/rules

arch            i386    -       proliant        post_install_hp

arch            amd64    -       proliant        post_install_hp

press CTRL+c

4) creating /Install/jumpstart/proliant file with bellow records:

# cat >/Install/jumpstart/proliant

install_type    initial_install 
system_type server
cluster SUNWCXall
partitioning explicit

filesys c0t0d0s0 20480 / logging
filesys c0t0d0s1 24576 swap
filesys c0t0d0s3 10240 /u01 logging
filesys c0t0d0s4 free /app logging

filesys c0t0d0s2 all overlap

package CPQary3 add nfs://172.26.53.250/Install/jumpstart/pkg
package BRCMbnxe add nfs://172.26.53.250/Install/jumpstart/pkg

press CTRL+c

5)create /Install/jumpstart/post_install_hp file with bellow records:

# cat >/Install/jumpstart/post_install_hp

#!/bin/sh 
touch /a/autoshutdown
rcp 10.0.0.2:/Install/jumpstart/profile/hosts /a/etc/
rcp 10.0.0.2:/Install/jumpstart/profile/defaultrouter /a/etc/
rcp 10.0.0.2:/Install/jumpstart/profile/hostname* /a/etc/
rcp 10.0.0.2:/Install/jumpstart/profile/login /a/etc/default/login
rcp 10.0.0.2:/Install/jumpstart/profile/sshd_config /a/etc/ssh/sshd_config
rcp 10.0.0.2:/Install/jumpstart/profile/ftpusers /a/etc/ftpd/ftpusers
rcp 10.0.0.2:/Install/jumpstart/profile/netmasks /a/etc/netmasks
rcp 10.0.0.2:/Install/jumpstart/profile/system /a/etc/system
rcp 10.0.0.2:/Install/jumpstart/profile/TCP.Turning.sh /a/etc/init.d/TCP.Turning.sh
ln -s /etc/init.d/TCP.Turning.sh /a/etc/rc2.d/S30TCP.Turning.sh
chmod +x /a/etc/init.d/TCP.Turning.s
rcp 10.0.0.2:/Install/jumpstart/profile/.profile* /a/
echo "+" >;/a/.rhosts
echo "test" >/a/etc/hostname.bnxe0

press CTRL+c

 

6) installing Network interface and RAID Array controller drivers into JumpStart profile:

# mkdir /Install/jumpstart/pkg

# pkgtrans /var/tmp/Drivers/BRCMbnxe-4.8.11-solaris10-386/bnxe/BRCMbnxe.pkg /Install/jumpstart/pkg BRCMbnxe

# pkgtrans /var/tmp/Drivers/CPQary3-2.3.0-solaris10-i386/CPQary3.pkg /Install/jumpstart/pkg CPQary3

 

Check it success installed by command:

# pkginfo -d /Install/jumpstart/pkg

output:

system      BRCMbnxe Broadcom NetXtreme II 10 Gigabit Ethernet Adapter Driver

system      CPQary3  HP Smart Array Controller Driver

 

7) creating custom profile for automated installation process:

# cat >/Install/jumpstart/sysidcfg

system_locale=en_US.UTF-8 
name_service=none
network_interface=primary {dhcp protocol_ipv6=no}
security_policy=none
terminal=ibm-pc
timezone=US/Central
timeserver=localhost
nfs4_domain=dynamic
root_password=ZWMNLYjUwBFGs
service_profile=limited_net

press CTRL+c

# mkdir /Install/jumpstart/profile

now we will create next files:

.profile

TCP.Turning.sh

defaultrouter

ftpusers

hosts

login

netmasks

sshd_config

system

# cat >/Install/jumpstart/profile/.profile

if [ "`tty`" != "not a tty" ] 
then
if [ "`tty`" = "/dev/console" ]
then
TERM=vt100
export TERM
echo ""
echo "TERM=$TERM"
echo ""
else
LOGINFROM=`who am i | cut -f2 -d"(" | cut -f1 -d")"`
DISPLAY=${LOGINFROM}:0.0
export LOGINFROM DISPLAY
# DISPLAY
echo ""
echo "DISPLAY=$DISPLAY"
echo ""
fi
fi
bash

press CTRL+c

 

# cat >/Install/jumpstart/profile/TCP.Turning.sh

/usr/sbin/ndd -set /dev/tcp tcp_conn_req_max_q 8192 
/usr/sbin/ndd -set /dev/tcp tcp_conn_req_max_q0 8192
/usr/sbin/ndd -set /dev/tcp tcp_cwnd_max 2097152
/usr/sbin/ndd -set /dev/tcp tcp_max_buf 4194304
/usr/sbin/ndd -set /dev/tcp tcp_recv_hiwat 400000
/usr/sbin/ndd -set /dev/tcp tcp_xmit_hiwat 400000
/usr/sbin/ndd -set /dev/tcp tcp_time_wait_interval 3000
/usr/sbin/ndd -set /dev/tcp tcp_fin_wait_2_flush_interval 3500
/usr/sbin/ndd -set /dev/tcp tcp_keepalive_interval 15000

press CTRL+c

# chmod +x /Install/jumpstart/profile/TCP.Turning.sh

 

# cat >/Install/jumpstart/profile/defaultrouter

gateway

press CTRL+c

 

# cat >/Install/jumpstart/profile/ftpusers

#root 
daemon
bin
sys
adm
lp
uucp
nuucp
smmsp
listen
gdm
webservd
nobody
noaccess
nobody4

press CTRL+c

 

# cat >/Install/jumpstart/profile/hosts

::1             localhost       loghost 
127.0.0.1 localhost loghost
10.0.0.1 gateway
10.0.0.2 installserver_netboot
10.0.0.10 hp_proliant_server hp_proliant_server.domain.com

press CTRL+c

 

# cat >/Install/jumpstart/profile/login

#ident  "@(#)login.dfl  1.14    04/06/25 SMI" 
#
# Copyright 2004 Sun Microsystems, Inc. All rights reserved.
# Use is subject to license terms.

# Set the TZ environment variable of the shell.
#
#TIMEZONE=EST5EDT

# ULIMIT sets the file size limit for the login. Units are disk blocks.
# The default of zero means no limit.
#
#ULIMIT=0

# If CONSOLE is set, root can only login on that device.
# Comment this line out to allow remote login by root.
#
#CONSOLE=/dev/console

# PASSREQ determines if login requires a password.
#
PASSREQ=YES

# ALTSHELL determines if the SHELL environment variable should be set
#
ALTSHELL=YES

# PATH sets the initial shell PATH variable
#
#PATH=/usr/bin:

# SUPATH sets the initial shell PATH variable for root
#
#SUPATH=/usr/sbin:/usr/bin

# TIMEOUT sets the number of seconds (between 0 and 900) to wait before
# abandoning a login session.
#
#TIMEOUT=300

# UMASK sets the initial shell file creation mode mask. See umask(1).
#
#UMASK=022

# SYSLOG determines whether the syslog(3) LOG_AUTH facility should be used
# to log all root logins at level LOG_NOTICE and multiple failed login
# attempts at LOG_CRIT.
#
SYSLOG=YES

# SLEEPTIME controls the number of seconds that the command should
# wait before printing the "login incorrect" message when a
# bad password is provided. The range is limited from
# 0 to 5 seconds.
#
#SLEEPTIME=4

# DISABLETIME If present, and greater than zero, the number of seconds
# login will wait after RETRIES failed attempts or the PAM framework returns
# PAM_ABORT. Default is 20. Minimum is 0. No maximum is imposed.
#
#DISABLETIME=20

# RETRIES determines the number of failed logins that will be
# allowed before login exits. Default is 5 and maximum is 15.
# If account locking is configured (user_attr(4)/policy.conf(4))
# for a local user's account (passwd(4)/shadow(4)), that account
# will be locked if failed logins equals or exceeds RETRIES.
#
#RETRIES=5
#
# The SYSLOG_FAILED_LOGINS variable is used to determine how many failed
# login attempts will be allowed by the system before a failed login
# message is logged, using the syslog(3) LOG_NOTICE facility. For example,
# if the variable is set to 0, login will log -all- failed login attempts.
#
#SYSLOG_FAILED_LOGINS=5

press CTRL+c

 

# cat >/Install/jumpstart/profile/netmasks

10.0.0.0     255.255.255.0

press CTRL+c

 

# cat >/Install/jumpstart/profile/sshd_config

#
# Copyright 2004 Sun Microsystems, Inc. All rights reserved.
# Use is subject to license terms.
#
# ident "@(#)sshd_config 1.8 04/05/10 SMI"
#
# Configuration file for sshd(1m)

# Protocol versions supported
#
# The sshd shipped in this release of Solaris has support for major versions
# 1 and 2. It is recommended due to security weaknesses in the v1 protocol
# that sites run only v2 if possible. Support for v1 is provided to help sites
# with existing ssh v1 clients/servers to transition.
# Support for v1 may not be available in a future release of Solaris.
#
# To enable support for v1 an RSA1 key must be created with ssh-keygen(1).
# RSA and DSA keys for protocol v2 are created by /etc/init.d/sshd if they
# do not already exist, RSA1 keys for protocol v1 are not automatically created.

# Uncomment ONLY ONE of the following Protocol statements.

# Only v2 (recommended)
Protocol 2

# Both v1 and v2 (not recommended)
#Protocol 2,1

# Only v1 (not recommended)
#Protocol 1

# Listen port (the IANA registered port number for ssh is 22)
Port 22

# The default listen address is all interfaces, this may need to be changed
# if you wish to restrict the interfaces sshd listens on for a multi homed host.
# Multiple ListenAddress entries are allowed.

# IPv4 only
#ListenAddress 0.0.0.0
# IPv4 &; IPv6
ListenAddress ::

# Port forwarding
AllowTcpForwarding yes

# If port forwarding is enabled, specify if the server can bind to INADDR_ANY.
# This allows the local port forwarding to work when connections are received
# from any remote host.
GatewayPorts yes

# X11 tunneling options
X11Forwarding yes
X11DisplayOffset 10
X11UseLocalhost yes

# The maximum number of concurrent unauthenticated connections to sshd.
# start:rate:full see sshd(1) for more information.
# The default is 10 unauthenticated clients.
#MaxStartups 10:30:60

# Banner to be printed before authentication starts.
#Banner /etc/issue

# Should sshd print the /etc/motd file and check for mail.
# On Solaris it is assumed that the login shell will do these (eg /etc/profile).
PrintMotd no

# KeepAlive specifies whether keep alive messages are sent to the client.
# See sshd(1) for detailed description of what this means.
# Note that the client may also be sending keep alive messages to the server.
KeepAlive yes

# Syslog facility and level
SyslogFacility auth
LogLevel info

#
# Authentication configuration
#

# Host private key files
# Must be on a local disk and readable only by the root user (root:sys 600).
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key

# Default Encryption algorithms and Message Authentication codes
#Ciphers aes128-ctr,aes128-cbc,arcfour,3des-cbc,blowfish-cbc
#MACS hmac-md5,hmac-sha1,hmac-sha1-96,hmac-md5-96

# Length of the server key
# Default 768, Minimum 512
ServerKeyBits 768

# sshd regenerates the key every KeyRegenerationInterval seconds.
# The key is never stored anywhere except the memory of sshd.
# The default is 1 hour (3600 seconds).
KeyRegenerationInterval 3600

# Ensure secure permissions on users .ssh directory.
StrictModes yes

# Length of time in seconds before a client that hasn't completed
# authentication is disconnected.
# Default is 600 seconds. 0 means no time limit.
LoginGraceTime 600

# Maximum number of retries for authentication
# Default is 6. Default (if unset) for MaxAuthTriesLog is MaxAuthTries / 2
MaxAuthTries 6
MaxAuthTriesLog 3

# Are logins to accounts with empty passwords allowed.
# If PermitEmptyPasswords is no, pass PAM_DISALLOW_NULL_AUTHTOK
# to pam_authenticate(3PAM).
PermitEmptyPasswords no

# To disable tunneled clear text passwords, change PasswordAuthentication to no.
PasswordAuthentication yes

# Use PAM via keyboard interactive method for authentication.
# Depending on the setup of pam.conf(4) this may allow tunneled clear text
# passwords even when PasswordAuthentication is set to no. This is dependent
# on what the individual modules request and is out of the control of sshd
# or the protocol.
PAMAuthenticationViaKBDInt yes

# Are root logins permitted using sshd.
# Note that sshd uses pam_authenticate(3PAM) so the root (or any other) user
# maybe denied access by a PAM module regardless of this setting.
# Valid options are yes, without-password, no.
PermitRootLogin yes

# sftp subsystem
Subsystem sftp /usr/lib/ssh/sftp-server


# SSH protocol v1 specific options
#
# The following options only apply to the v1 protocol and provide
# some form of backwards compatibility with the very weak security
# of /usr/bin/rsh. Their use is not recommended and the functionality
# will be removed when support for v1 protocol is removed.

# Should sshd use .rhosts and .shosts for password less authentication.
IgnoreRhosts yes
RhostsAuthentication no

# Rhosts RSA Authentication
# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts.
# If the user on the client side is not root then this won't work on
# Solaris since /usr/bin/ssh is not installed setuid.
RhostsRSAAuthentication no

# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication.
#IgnoreUserKnownHosts yes

# Is pure RSA authentication allowed.
# Default is yes
RSAAuthentication yes

press CTRL+c

# cat >/Install/jumpstart/profile/system

* SYSTEM turning

set ip:ip_squeue_bind=0
set ip:ip_squeue_fanout=1

set rlim_fd_cur=260000
set rlim_fd_max=260000
set pcie:pcie_aer_ce_mask=0x1
set maxphys=1048576
set md:md_maxphys=1048576
set semsys:seminfo_semopm=300

press CTRL+c

 

Now creating rules.ok file:

# cd /Install/jumpstart

# ./check

Validating rules…

Validating profile proliant…

The custom JumpStart configuration is ok.

 

Preparing the DHCP/PXE server

1. Configure the DHCP server as follows:

  • a. Start the DHCP Manager:

    # /usr/sadm/admin/bin/dhcpmgr

  • b. If starting with no configuration, dhcpmgr prompts you for the type of configuration, either

    DHCP server or BOOTP relay. Select DHCP server to start the DHCP Configuration Wizard.

  • c. In the wizard, choose to store the DHCP configuration data as text files, and then click the

    right arrow.

  • d. Specify a location to store the configuration data.
  • e. Choose to not manage host records.
  • f. Enter a lease length, and then choose to enable clients to renew their leases.
  • g. Do not specify a DNS domain.
  • h. Select a network from the list, or enter a network address and subnet mask.
  • i. Specify local area network as the network type, and then choose to use the router discovery

    protocol.

  • j. Do not configure an NIS domain.
  • k. Do not configure an NIS+ domain.
  • l. Verify the configuration, and then click Finish to complete the server configuration.
  • m. Start the Address Wizard.
  • n. Enter the number of IP addresses to add.
  • o. Enter the DHCP server name and the first IP address in the range.
  • p. For the configuration macro, select the DHCP server name option.
  • q. Select the dynamic lease type.
  • r. Verify the configuration, and then click Finish to complete the address configuration.

 

2. Use add_install_client(1M) to add the client configuration to the DHCP server:

# cd …/Solaris_10/Tools

# ./add_install_client -d -e ethmac \

> -s installpath \

> -c jsnfspath \

> -p idsnfspath \

> -t mrpath \

i86pc

In our case we must do bellow:

# cd /Install/Solaris10/Solaris_10/Tools; 
# ./add_install_client -d -e 18:A9:05:46:60:08 -s 10.0.0.2:/Install/Solaris10 -c 10.0.0.2:/Install/jumpstart -p 10.0.0.2:/Install/jumpstart -t /Install/Solaris10/boot i86pc

Output:

saving original /etc/dfs/dfstab in /etc/dfs/dfstab.orig
Adding "share -F nfs -o ro,anon=0 /Install/Solaris10/boot" to /etc/dfs/dfstab
share_nfs: /Install/Solaris10/boot: parent-directory (/Install) already shared
enabling tftp in /etc/inetd.conf
Converting /etc/inetd.conf
enabling network/tftp/udp6 service
copying boot file to /tftpboot/pxegrub.I86PC.Solaris_10-1

If not already configured, enable PXE boot by creating
a macro named 0118A905466008 with:
Boot server IP (BootSrvA) : ::1
Boot file (BootFile) : 0118A905466008

Now we must insert new records in to DHCP server for new Boot/TFTP client:

# /usr/sbin/dhtadm -A -m "0118A905466008" -d ‘:BootSrvA=10.0.0.2:BootFile=0118A905466008:’

 

Now is necessary to update grub menu file from "/tftp" folder, replace it with next records:

default=0
timeout=0
min_mem64 1024
title Solaris_10 Jumpstart
kernel$ /I86PC.Solaris_10-1/multiboot kernel/$ISADIR/unix - install -B install_config=172.26.53.250:/Install/jumpstart,sysid_config=172.26.53.250:/Install/jumpstart,install_media=172.26.53.250:/Install/Solaris10,install_boot=172.26.53.250:/Install/Solaris10/boot
module$ /I86PC.Solaris_10-1/$ISADIR/x86.miniroot

Last fix point – file "/etc/dfs/dfstab". It contain records:

share -F nfs -o ro,anon=0 /Install/Solaris10/boot

Change it to:

share -F nfs -o ro,anon=0 /Install

then restart nfs server;

# svcadm restart nfs/server

and check share point must me exactly like this:

# share

-               /Install   ro,anon=0   ""

 

The Solaris JumStart DHCP/TFTP x86 Install Server is ready for service.

 

Now to begin installation process – connect to "HP BladeSystem Onboard Administrator", choice required blade server from device bays

and launch "Integrated Remote Console". Start server from top menu, wait until boot device choice menu and press "F12" for starting network PXE boot mode. If you correct created dhcp pxe profile with exact MAC address which is pop-up from current boot menu, then installation process will be start soon and continue in fully automated mode with reboot at end.

 

If you got misunderstood something from this guide – I can offer to you "Deployment Guide for HP ProLiant Servers. Sun Solaris 10 for x86/x64 Systems".

[ Previous review in PART IV ]


Developed by Eldar Aydayev ©
UNIX Systems Professional Engineer
Aydayev’s Investment Business Group
E-mail: eldar@aydayev.com
URL: http://eldar.aydayev.com
LinkedIn: http://www.linkedin.com/in/eldar
Phone: +1 (650) 206-2624