Solaris 10 Update Workshop for Experienced Solaris Administrators — A 4-Day Course

 Open Public Course Closed In-House Course

Synopsis

This workshop is intended for Solaris Administrators who wish to quickly get up to speed with the new features of Solaris 10. It covers all the major new facilities, in a workshop environment, providing extensive hands-on practicals.

The notes also contain detailed information of significant changes provided by Solaris 8 and 9 releases, and these features will be explained in extended sessions if students require.

This course is similar to Sun's Solaris 10 New Features for Experienced Solaris System Administrators (SA-225-S10) but considerably less expensive.

Prerequisites

This course is only suitable for experienced Solaris administrators. Please call if in doubt.

Follow-up

There are several courses which would be of further benefit to systems and network administrators. A natural follow-up to this course would be the Solaris Utilities and Shell Programming course (suitable for those who wish to become proficient with Solaris utilities and Bourne/Korn shell programming) course. Solaris administrators would also find our Perl Programming course to be of benefit.

Publicly scheduled dates, locations, and prices

Contents

Zones

• Purpose of zones
• How zones exist within a standard Solaris 10 system
• Creating a zone; (including a Linux zone on Solaris x86)
• Zone configuration, including mapping of disk and network resources
• Pre-configuration of zones with the sysidcfg file
• Controlling zones (booting, halting, etc)
• Renaming, relocating and cloning zones
• Zone limitations
• Zone resource capping and resource pools (prctl, rcapd, etc.)
• Assigning dedicated or shared network interfaces
• Patches
• Software installations and packages within zones
• Zones FAQ
• How zones are likely to be developed
• Example zone creation script

User Authentication

• Password history checking and nobody account changes
• Account lockout
• Least Privilege and the ppriv command
• Least privilege and RBAC (Role-Based Access control) for assigning administrative privileges to users

File System Features including ZFS

• Changes to UFS (multi-terabyte FS, devfs, logging, etc.)
• The fsstat command
• The new ZFS (Zettabyte File System)
• Creating and managing storage pools with zpool
• Adding new devices to a storage pool
• Creating mirror, RAID Z and RAIDZ2 devices
• Offlining and replacing pool components
• The creation and use of Hot Spares
• ZFS command history
• Creating and managing file systems with zfs
• Assigning properties such as quotas and NFS sharing to ZFS file systems
• Creating snapshots and clones of filesystems
• Exporting and importing storage pools
• Using zfs send and receive (for backup and restore)
• The new ACL model (NFS v4) as used within ZFS filesystems
• Emulated volumes
• Using ZFS within a zone
• Troubleshooting

Fault and Service Management

• The Fault Management Architecture (FMA) - overview
• The Service Management Facility (SMF)
• Changes to /etc/inittab
• The svc.startd process
• The svc.configd process
• Using svcs to list and obtain information about services
• Using svcadm to control system services
• Using svccfg to import, export and modify service definitions (manifests)
• Examination of the /var/svc and /lib/svc directories
• How SMF attempts to restart failed services
• Using SMF facilities to trace services failures
• Using svccfg to modify service properties
• Adding services (creating scripts, XML files, etc)
• The use of legacy scripts under SMF
• SMF repositories and recovery
• SMF milestones compared to traditional run levels
• How inetd services are affected; the netservices, inetconv and inetadm commands
• Enabling TCP Wrappers using inetadm; the fmd fault manager daemon, and how hardware faults are reported and handled

Dtrace Basics

dtrace is a facility for monitoring low-level system activity, for fault tracing and performance management. This section will introduce administrators to the fundamentals of dtrace, with lots of example dtrace programs to try out. Students are not expected to have a formal programming background. dtrace is not a part of the Solaris certified Administrator curriculum.

Internet Protocol features in Solaris 10

Solaris 10 includes a number of enhancements (mostly transparent to the administrator)in the area of IP networking. These will be expained, with practical examples where possible,including Quality of Service (IPQoS), Performance improvements (Fireengine project), MDT multi-data transmission (Solaris 9 in fact), and others.

NFS Version 4

Solaris 10 introduces a new version of the Network File System protocol, which includes a number of changes and new features, including a stateful architecture. This section will cover NFS V4 changes, plus changes to the auotfs facility..

Security features

The new Solaris OS Cryptographic Framework, a facility for developers to ease the use of encryption, signing, random number generation and so on; availability of hardware encryption accelerators; the Solaris IP Filter firewall facilities, covering the creation of firewall rules, enabling the firewall filter, changing rules, reporting and monitoring. An overview of the Trusted Solaris extensions now included with Solaris 10.

Other Changes to Networking

The System Management Agent (SMA) (an SNMP agent that is based on an open source project, Net-SNMP at http://www.net-snmp.org.); DHCP under Solaris 10; routing changes , including the new routeadm and dladm commands.

Solaris 10 OS Installation

Although the basic installation mechanisms of Solaris 10 will be familiar to experienced administrators there will be a number of changes of which they should be made aware These include:

• Including installation media
• The ability to configure multiple network interfaces
• Modify hard disk partitions using a VTOC
• Specify filesys mirror and patch keywords in a Jumpstart profile
• Minor changes to Jumpstart and flash archives
• Using the WAN boot facility for flash installs (i.e. building from a web server)
• The new web patching and update facility SunUpdate.

Significant Solaris changes in recent history

Not all those coming to Solaris 10 will have experience in intermediate versions, so this section documents (and will cover if required) significant changes in recent versions, such as:

• IP Multipathing
• Flash Archive creation and use in Solaris installations
• Solaris Volume Manager, the integrated advanced disk management facility, previously known as Online: DiskSuite

This section will also review the Solaris Management Console in its latest incarnation, showing how to modify it to add servers, make it Name Service aware, and add legacy applications. It will also show the working of RBAC (Role Based Access Control), a feature combined in SMC but prevalent throughout the Solaris system.