Первичная настройка Solaris 11

Материал из Eugene Paniot Wiki
Перейти к: навигация, поиск

Отключить лишние сервисы

svcadm disable svc:/system/ocm:default

Добавление репозитория Oracle-support

pkg set-publisher -k /var/pkg/ssl/Oracle_Solaris_11_Support.key.pem -c /var/pkg/ssl/Oracle_Solaris_11_Support.certificate.pem -G '*' -g https://pkg.oracle.com/solaris/support/ solaris

Обновление системы

pkg update -v

Конфиги

Тюнинг системы

/etc/system

<seealso> http://docs.oracle.com/cd/E19963-01/html/821-1450/toc.html Oracle Solaris Tunable Parameters Reference Manual </seealso>

Добавить диск в zpool mirror

installgrub -m /boot/grub/stage1 /boot/grub/stage2 /dev/rdsk/c4t5d0s0
$ zpool status
  pool: rpool
 state: ONLINE
  scan: none requested
config:

        NAME        STATE     READ WRITE CKSUM
        rpool       ONLINE       0     0     0
          c4t3d0s0  ONLINE       0     0     0
zpool attach -f  rpool c4t3d0s0 c4t5d0s0
zpool status
 pool: rpool
 state: ONLINE
 config:
         NAME          STATE     READ WRITE CKSUM
        rpool         ONLINE       0     0     0
          mirror-0    ONLINE       0     0     0
            c4t3d0s0  ONLINE       0     0     0
            c4t5d0s0  ONLINE       0     0     0  (resilvering)
bootadm install-bootloader -P rpool
bootadm list-menu
bootadm change-entry Solaris-1 kargs="-v -m verbose"

Disable power management

poweradm set administrative-authority=none

<seealso> http://docs.oracle.com/cd/E23824_01/html/821-1451/gjwsz.html#scrolltoc Managing System Power Services </seealso>

Nodename

svccfg -s svc:/system/identity:node setprop config/nodename = astring: nodename
svcadm refresh svc:/system/identity:node
svcadm restart svc:/system/identity:node

Timezone

svccfg -s timezone:default setprop timezone/localtime= astring: Europe/Moscow
svcadm refresh timezone:default

NTP

cat /etc/inet/ntp.conf 

Настройка ntpd

svcadm enable svc:/network/ntp:default

Настройка уведомлений о сбоях в системе

svccfg setnotify problem-diagnosed "mailto:e.paniot@gmail.com"
svccfg setnotify problem-updated  "mailto:e.paniot@gmail.com"
svccfg setnotify problem-resolved "mailto:e.paniot@gmail.com"
svccfg setnotify problem-repaired "mailto:e.paniot@gmail.com"

Переход сервиса в/из состояний degraded,maintenance:

svccfg setnotify -g degraded,maintenance "mailto:e.paniot@gmail.com"
svccfg setnotify -g from-maintenance,from-degraded "mailto:e.paniot@gmail.com"

Просмотр:

svccfg listnotify problem-diagnosed,problem-updated,problem-repaired,problem-resolved
svccfg listnotify -g all

<seealso> http://docs.oracle.com/cd/E23824_01/html/821-1451/dzhaq.html Monitoring SMF Services http://docs.oracle.com/cd/E19963-01/html/821-1462/svccfg-1m.html Notification Parameters Subcommands </seealso>

Syslog

VLAN

netadm enable -p ncp DefaultFixed
netadm list
dladm show-link
dladm show-vlan

<seealso> http://docs.oracle.com/cd/E19963-01/html/821-1458/fpjve.html Administering Virtual Local Area Networks </seealso>

DNS

svccfg -s svc:/network/dns/client
svc:/network/dns/client> setprop config/nameserver = net_address: ( 8.8.8.8 8.8.4.4 )
svc:/network/dns/client> select network/dns/client:default
svc:/network/dns/client:default> refresh
svc:/network/dns/client:default> quit 
svccfg -s system/name-service/switch
svc:/system/name-service/switch> setprop config/host = astring: "files dns"
svc:/system/name-service/switch> select system/name-service/switch:default
svc:/system/name-service/switch:default> refresh 
svc:/system/name-service/switch:default> quit
nscfg export svc:/network/dns/client:default
svcadm enable network/dns/client
svcadm enable system/name-service/switch

<seealso> http://docs.oracle.com/cd/E26502_01/html/E29002/dnsref-31.html#dnsref-36 How to Enable a DNS Client </seealso>

Ipfilter

svccfg -s ipfilter:default setprop firewall_config_default/policy = astring: "custom"
svccfg -s ipfilter:default setprop firewall_config_default/custom_policy_file = astring: "/etc/ipf/ipf.conf"
cat /etc/ipf/ipf.conf 
pass in quick from 10.0.0.0/8 to any keep state
pass in quick from 172.16.0.0/16 to any keep state

#pass in quick proto tcp from any to any port = 22 keep state

pass in quick proto icmp from any to any icmp-type 8 keep state
pass in quick proto icmp from any to any icmp-type 13 keep state

pass out quick from any to any keep state

block in quick all
svcadm refresh svc:/network/ipfilter:default
svcadm enable svc:/network/ipfilter:default

Просмотреть:

ipfstat -iov

Добавить налету правила (и затереть все текущие):

ipf -F as -f /etc/ipf/ipf.conf

Collecting System Activity Data Automatically (sar)

svcadm enable system/sar:default

This version of the sadc command writes a special record that marks the time when the counters are reset to zero (boot time).

crontab -e sys

Add:

* * * * * /usr/lib/sa/sa1

<seealso> http://docs.oracle.com/cd/E23824_01/html/821-1451/spconcepts-60676.html Collecting System Activity Data Automatically (sar) </seealso>

NFS

share -F nfs -o root=@10.0.0.0/24 /tank/home
sharectl set -p server_versmin=3 nfs
sharectl set -p server_versmax=4 nfs
sharectl set -p servers=4096 nfs

<seealso> http://docs.oracle.com/cd/E23824_01/html/821-1454/rfsrefer-1.html#scrolltoc Accessing Network File Systems (Reference) http://docs.oracle.com/cd/E23824_01/html/821-1450/chapter3-3.html#scrolltoc NFS Module Parameters </seealso>

Дополнительно

ZFS Auto-snapshot

pkg install pkg:/service/storage/zfs-auto-snapshot
zfs set com.sun:auto-snapshot=true tank/mysql
zfs set com.sun:auto-snapshot:frequent=true tank/mysql
zfs set com.sun:auto-snapshot:hourly=true tank/mysql
zfs set com.sun:auto-snapshot:daily=true tank/mysql
svcadm restart svc:/system/dbus:default
svcadm clear svc:/system/filesystem/rmvolmgr:default
svcadm enable svc:/application/time-slider:default
svcadm enable svc:/system/filesystem/zfs/auto-snapshot:frequent
svcadm enable svc:/system/filesystem/zfs/auto-snapshot:hourly
svcadm enable svc:/system/filesystem/zfs/auto-snapshot:daily
frequent     snapshots every 15 mins, keeping 4 snapshots
hourly	     snapshots every hour, keeping 24 snapshots
daily	     snapshots every day, keeping 31 snapshots
weekly	     snapshots every week, keeping 7 snapshots
monthly	     snapshots every month, keeping 12 snapshots

<seealso> http://docs.oracle.com/cd/E19082-01/817-2271/ghzuk/index.html How to Manage Automatic ZFS Snapshots http://docs.oracle.com/cd/E19082-01/817-2271/gbcxl/index.html Managing Automatic ZFS Snapshots http://www.oracle.com/technetwork/articles/servers-storage-dev/autosnapshots-397145.html Best Way to Automate ZFS Snapshots and Track Software Updates </seealso>