• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Manage your deployments with IPS and Automated Installer
 

Manage your deployments with IPS and Automated Installer

on

  • 1,695 views

Second presentation from Solaris 11 Technology Forum events conducted in New York, Boston, Chicago, Dallas and other North American cities.

Second presentation from Solaris 11 Technology Forum events conducted in New York, Boston, Chicago, Dallas and other North American cities.

Statistics

Views

Total Views
1,695
Views on SlideShare
1,695
Embed Views
0

Actions

Likes
1
Downloads
131
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Manage your deployments with IPS and Automated Installer Manage your deployments with IPS and Automated Installer Presentation Transcript

    • Oracle Solaris 11 Manage You Deployments With The Image Packaging System And The Automated Installer David Miner Senior Principal Software Engineer, Solaris1 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
    • The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle.2 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
    • Agenda • Requirements and Ideas • Updates & Upgrades • Boot Environments • SRUs • Deploying at Scale • IPS Repository Mirrors • Automated Installer • System Configuration • Zones • Additional Transition Tools and Resources3 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
    • Requirements and Big Ideas - Packaging • Updates & upgrades must be fast, reliable, reversible • Updates should be package updates, not patches • Packages dependencies should be handled automatically • Packages should be network-based Plan • Image minimization should be easy Update Deploy • Seamless integration with Zones is required Maintain Test • Deliver practically identical experience Use on SPARC, x864 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
    • Requirements and Big Ideas - Install • Low initial investment, great scalability for deployment – Ease-of-use is a priority for all features • Deployment must be well-integrated with best practices, overall user experience Plan – Limit install-specific features, knowledge Update Deploy • Integrated deployment of Zones is required • Leverage existing Solaris strengths Maintain Test Use5 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
    • Value-engineering in Installation, Configuration No longer a sum of independent partsSimplified architecture + Improved automation + Improved safety + Improved flexibility + Improved integration= Better user experience On a Large Scale6 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
    • Rosetta Stone for Oracle Solaris 10 Users Oracle Solaris 10 Oracle Solaris 11 SVR4 Packages IPS Packages Install DVD Install CD + pkg repository Live Upgrade Boot Environments Upgrade from installer pkg(1), Update Manager JumpStart Automated Installer (AI) JumpStart Profiles AI manifests Blueprints for custom DVDs Distribution Constructor7 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
    • Agenda • Requirements and Ideas • Updates & Upgrades • Boot Environments • SRUs • Deploying at Scale • IPS Repository Mirrors • Automated Installer • System Configuration • Zones • Additional Transition Tools and Resources8 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
    • Safe Upgrades “in a snap” • ZFS Boot Environments Benefits Active BE – No initial investment – Updates are applied to a file system clone, no interruption – Reboot into upgraded environment when you’re Active BE ready New BE – Trivial roll-back if failure occurs – Integrated, enforced best practice for safety • Fast reboot reduces maintenance windows Active BE • Excellent for recovery purposes Updated BE9 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
    • Boot Environments• Make updates safe, reliable, recoverable• Different from/simpler than Solaris 10 Live Upgrade – Takes advantage of ZFS – Use liberally as an administrative safety net• Managed by beadm(1M), functionality includes: – List – Activate, Rename – Create, Destroy – Mount, Unmount10 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
    • beadm(1) Utility Create a new boot environment based on the active boot environment Create a new boot environment based on an inactive boot environment Create a snapshot of an existing boot environment Create a new boot environment based on an existing snapshot Create a new boot environment, and copy it to a different zpool Create a new boot environment and add a custom title to the x86 GRUB menu or the SPARC boot menu Activate an existing, inactive boot environment Mount a boot environment Unmount a boot environment Destroy a boot environment Destroy a snapshot of a boot environment Rename an existing, inactive boot environment Display information about your boot environment snapshots and datasets11 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
    • Listing Boot Environments{badboy} beadm listBE Active Mountpoint Space Policy Created-- ------ ---------- ----- ------ -------b-140 - - 11.51M static 2010-05-26 12:47b-141 - - 11.98M static 2010-06-10 15:40b-142 - - 10.14M static 2010-06-24 08:05b-143 - - 13.85M static 2010-07-12 09:47b-144 - - 1.48G static 2010-07-22 12:09b-145 - - 14.64M static 2010-08-03 22:23b-146 - - 10.43M static 2010-08-20 15:31b-147 - - 12.29M static 2010-09-06 19:28b-148 - - 13.11M static 2010-09-23 17:05b-149 - - 14.49M static 2010-09-30 18:53b-150 - - 11.83M static 2010-10-15 10:32b-151 - - 130.94M static 2010-11-15 10:10b-152 NR / 56.03G static 2010-11-17 16:3212 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
    • More Fun with beadm{badboy} beadm activate b-151{badboy} beadm mount b-151 /tmp/mnt{badboy} beadm listBE Active Mountpoint Space Policy Created-- ------ ---------- ----- ------ -------b-140 - - 11.51M static 2010-05-26 12:47b-141 - - 11.98M static 2010-06-10 15:40b-142 - - 10.14M static 2010-06-24 08:05b-143 - - 13.85M static 2010-07-12 09:47b-144 - - 1.48G static 2010-07-22 12:09b-145 - - 14.64M static 2010-08-03 22:23b-146 - - 10.43M static 2010-08-20 15:31b-147 - - 12.29M static 2010-09-06 19:28b-148 - - 13.11M static 2010-09-23 17:05b-149 - - 14.49M static 2010-09-30 18:53b-150 - - 11.83M static 2010-10-15 10:32b-151 R /tmp/mnt 53.82G static 2010-11-15 10:10b-152 N / 1.71G static 2010-11-17 16:3213 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
    • Live Upgrade -> Boot EnvironmentsOracle Solaris 10 Oracle Solaris 11 Descriptionlucreate –n newBE beadm create newBE Create a new BElustatus beadm list Display BE infoluactivate newBE beadm activate newBE Activate a BEludelete BE beadm destroy BE Destroy an inactive BEluupgrade or patchadd pkg update Upgrade or update a BE 14 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
    • pkg(1)• To install an individual package: pkg install communication/im/pidgin• To check for individual updates: pkg info –r communication/im/pidgin• To update an individual package: pkg update communication/im/pidgin• “Test Run” an image update: pkg update –nv• Update (all packages, or the complete image): pkg update15 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
    • Oracle Solaris 11 Lifecycle Management Improved updates with IPS 6:00: pkg update New Security Maintenance Patch window: 6-7pm 6:00-6:02: Dependency checks, patch/update planning 6:04-6:06: reboot 6:02-6:04: New boot environment created, up and running again updates downloaded and applied• 4X Faster upgrades typical• Create ZFS boot environment to safely apply updates• Full dependency check of packages, crypto verified, auditable• Reboot updated ZFS boot environment 16 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
    • Boot Environments in Non-global Zones• BEs automatically include installed/attached zones• Zone BE is linked to a global zone BE• Multiple zone BEs can be linked to a single global zone BE• Zone administrator can create, mount, activate BEs – Active BE is within the context of the active global zone BE17 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
    • Agenda • Requirements and Ideas • Updates & Upgrades • Boot Environments • SRUs • Deploying at Scale • IPS Repository Mirrors • Automated Installer • System Configuration • Zones • Additional Transition Tools and Resources18 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
    • Maintenance Updates for Oracle Solaris 11• Oracle customers with an active Oracle support plan have access to the support package repository• Register for the support repository at • http://pkg-register.oracle.com• SRU = Support Repository Update• Future Oracle Solaris 11 Releases • will be available in the support repository or a release repository that provides the currently available OS19 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
    • Agenda • Requirements and Ideas • Updates & Upgrades • Boot Environments • SRUs • Deploying at Scale • IPS Repository Mirrors • Automated Installer • System Configuration • Zones • Additional Transition Tools and Resources20 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
    • Local IPS Repositories• Reasons for a local package repository • Security and Performance • Consistency and Replication • Custom Packages• Two Types of Repositories: Origin Mirror21 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
    • Create a Local IPS Repositories• Copy From Internet: • pkgrepo create /export/repoSolaris11 • pkgrecv -s http://pkg.oracle.com/solaris11/release/ -d /export/repoSolaris11 *’• Copy From File: • Get file, and unzip and cat (if necessary) • lofiadm -a /export/repo2010_11/ sol-11-repo-full.iso • mount -F hsfs /dev/lofi/1 /mnt • rsync -aP /mnt/repo /export/repoSolaris11 or cd /mnt/repo; tar cf - . | (cd /export/repoSolaris11; tar xfp -) • umount /mnt • lofiadm -d /dev/lofi/1 22 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
    • Agenda • Requirements and Ideas • Updates & Upgrades • Boot Environments • SRUs • Deploying at Scale • IPS Repository Mirrors • Automated Installer • System Configuration • Zones • Additional Transition Tools and Resources23 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
    • Automated Installation (AI)• Reduce initial and ongoing costs of deploying Solaris- based software stack• Leverages ZFS, SMF, IPS features to provide enhanced features vs. JumpStart – Reduces need for third-party or customer-developed extensions – Most scripting moved to first-boot SMF services• Integrated, seamless Zones deployment• WAN-capable design provides operational flexibility• Designed to be manageable and observable – installadm(1M) provides one-stop management interface 24 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
    • AI Terminology• Client – physical or virtual machine to be installed• Manifest – XML specification of installation (storage layout, software payload)• Profile – SMF profile to pre-configure system services• Service – server infrastructure needed to network boot an installation client• Criteria – mapping of clients to services, manifests and profiles• Repository – IPS package repository• “Bootable AI” - service-less AI boot from media – Manifest included on media or downloaded from network location25 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
    • Basic Flow of Automated Installation26 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
    • Static Manifests • Default manifest provided with service – Installs solaris-large-server package set from Oracles Solaris repository to firmware-designated boot disk – Sysconfig invoked automatically at first boot to interactively configure basic system • Manifest specifies: – Package repositories and lists; major group packages: solaris-small- server, solaris-large-server, solaris-desktop – Target disk: choose by device path, volume id, type, vendor, size, container/receptacle/occupant (CRO) label; ZFS configuration – Locales are installed/removed using package facets; all locales are installed by default27 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
    • Derived Manifests • Dynamically generate manifest in a script • Scales AI management by reducing number of manifests maintained by administrators • Most effective model is to load template manifest, modify specific elements • Script uses the aimanifest(1M) command as interface to generate AI manifest • Generated manifest located on the client at: /system/volatile/manifest.xml28 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
    • Agenda • Requirements and Ideas • Updates & Upgrades • Boot Environments • SRUs • Deploying at Scale • IPS Repository Mirrors • Automated Installer • System Configuration • Zones • Additional Transition Tools and Resources29 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
    • New System Configuration Framework & UI • Replaces sysidtool/sysidcfg/sys-unconfig • sysconfig(1m) interactive UI – configure, unconfigure, create-profile subcommands • Interactive tool provides basic, required system configuration. UI similar to Text Installer. • Profiles can configure any SMF service property • sysconfig unconfigure reverts the properties configured by the interactive UI to shipped defaults – --destructive option requests more complete cleanup, e.g. deleting initial user accounts home directory30 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
    • System Configuration Profiles• Common parameters available in Oracle Solaris 11: – User account, including RBAC roles, profiles and sudo – Root user: password, role/normal – Timezone, locale – Hostname – Console terminal type, keyboard layout – IPv4 and/or IPv6 interface, default route – DNS, NIS, LDAP clients – Name service switch31 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
    • Creating a Configuration Profile with sysconfig • Easiest starting point # sysconfig create-profile -o myprofile.xml • Runs the sysconfig UI, places output into specified profile • Edit further to add properties not configured by sysconfig32 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
    • Agenda • Requirements and Ideas • Updates & Upgrades • Boot Environments • SRUs • Deploying at Scale • IPS Repository Mirrors • Automated Installer • System Configuration • Zones • Additional Transition Tools and Resources33 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
    • Deploying Zones with AI • Zones can be specified in the AI manifest <configuration type=”zone” name=”zone1” source=”http://server/zone1/config”/> <configuration type=”zone” name=”zone2” source=”file:///net/server/zone2/config”/> • config file is the zones configuration file as output from “zonecfg export” • Automatically installed on first boot of the global zone svc:/system/zones-install:default34 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
    • Deploying Zones with AI (2) • Use zonename criterion to associate manifests and profiles with a zone # installadm create-manifest -n S11-x86 -f /tmp/zmanifest.xml -c zonename=”zone1 zone2” # installadm create-profile -n S11-x86 -f /tmp/zprofile1.xml -c zonename=”zone1” # installadm create-profile -n S11-x86 -f /tmp/zprofile2.xml -c zonename=”zone2”35 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
    • Deploying Zones with AI (3) • AI is also used when installing non-global zones from existing global zone • Default manifest is /usr/share/auto_install/manifest/zone_default.xml • Default profile enables interactive system configuration during first boot • Provide alternate manifest and/or profile with # zoneadm -z <zone> install -m <manifest> -c <profile>36 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
    • Agenda • Requirements and Ideas • Updates & Upgrades • Boot Environments • SRUs • Deploying at Scale • IPS Repository Mirrors • Automated Installer • System Configuration • Zones • Additional Transition Tools and Resources37 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
    • JumpStart to AI Mapping JumpStart Automated Installation setup_install_server installadm create-service add_install_client installadm create-client JumpStart profile & rules AI manifest & criteria sysidcfg file SMF configuration profile Begin script Derived Manifests, custom images from Distribution Constructor Finish script pkg actions, First-boot SMF services38 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
    • Steps to Convert from Solaris 10 JumpStart• Deploy S11 server instance to host AI service – Use as JumpStart server as well• Translate rules to criteria• Translate profiles to manifests• Translate sysidcfg to SMF profile• Publish manifests and profiles to AI service• Convert finish scripts to SMF service(s)• Publish SMF service package to IPS repository39 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
    • js2ai JumpStart to AI translation tool• Automatically converts existing JumpStart rules, profiles, sysidcfg files to AI equivalents• Conversion is best-effort, with instructions on issues that need manual resolution• Result is a directory hierarchy with AI profiles, system config manifests, log of the tools actions• See js2ai(1m)40 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
    • Distribution Constructor (DC) • Tool to easily construct installation images and virtual machine images – Used by Solaris engineering to build the product • Use DC to build AI (or interactive install) images customized with additional drivers or services • XML manifest (similar to AI) specifies construction • Checkpoint/resume feature nicely leverages ZFS! • Fully extensible – plug your own customizations into build process • See distro_const(1M) for more information41 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
    • Building and Using a Custom AI Boot Image • Install Distribution Constructor – pkg install distribution-constructor • Copy base AI image manifest, customize – Basic SPARC manifest at /usr/share/distro_const/auto_install/ai_sparc_image.xml • Build the image: – distro_const build my_ai_image.xml • Deploy to AI service: – installadm create-service ...42 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
    • Technical Article Available • “How To Create a Customized Oracle Solaris 11 Image Using the Distribution Constructor” • http://www.oracle.com/technetwork/articles/servers-storage-admin/o11- 087-sol11-dist-const-496819.html43 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
    • Documentation Available • “Transitioning From Oracle Solaris 10 JumpStart to Oracle Solaris 11 Automated Installer” • http://docs.oracle.com/cd/E23824_01/html/E21799/index.html44 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
    • Technical Article Available • “How to Perform System Archival and Recovery Procedures with Oracle Solaris 11” • http://www.oracle.com/technetwork/articles/servers-storage-admin/o11- 091-sol-dis-recovery-489183.html45 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
    • Summary46 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
    • Simplified Administration, Service Provisioning47 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
    • Summary• Oracle Solaris 11 deployment is different from Solaris 10 – Little required customization work to start deploying – Powerful, stable, supported capabilities for those who need to customize• Transition documentation, tools are provided• Feature set will expand & evolve• Boot Environments allow for fast, efficient, and fool- proof software upgrades48 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
    • For More Information / Try Out Today • Product overview and download – oracle.com/solaris • Oracle Technology Network – oracle.com/technetwork/server-storage/solaris11 • System administrators community – oracle.com/technetwork/systems • @ORCL_Solaris • facebook.com/oraclesolaris • Oracle Solaris Insider49 Copyright © 2011, Oracle and/or its affiliates. All rights 49 reserved.
    • 50 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
    • One Installation Engine; Three Installers • Each with its own features and capabilities • Each delivering its own benefits for specific needs • Interactive • Live Media – Desktop, GUI tools • Text Installer – “Headless” servers • Automated • Automated Installer – Large-scale deployments • Distribution Constructor lets you build your own installation media, behaving like any of these categories51 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
    • Two types of interactive installers • 1 - Text-based UI for server systems (SPARC & x86) • 2 - GUI for x86 desktop/laptop systems • Principle: Install fixed software payload with basic configuration, customize after installation – GUI installs desktop/laptop-appropriate software (solaris-desktop group package), automatic network configuration – Text installer installs server-appropriate software (solaris-large-server group package), choice of automatic or manual network & name service configuration • Both provide configuration of initial user account, with administrative privileges via sudo52 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
    • Two types of interactive installers Live Media GUI Install Text-based Install53 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.