Archive for server

Setting up VDI software on OpenSolaris & Solaris 11 Express

Although this is supposed to be impossible (according to this guy’s post) I’m game for a laugh!

Initially I just ran

$pfexec vda-install

and it all seemed to work.

So then I followed all the instructions for installing SRSS on an opensolaris machines.

When I ran $vda-config all seemed well until the configuring of SRWC – it just hung – looking at the log created it couldn’t find the files
/usr/sfw/lib/libcrypto.so.0.9.8
/usr/sfw/lib/libssl.so.0.9.8
this does exist on an opensolaris system with openssl package installed but it’s in the wrong place so quick and dirty fix was
pfexec ln -s /lib/libcrypto.so.0.9.8 /usr/sfw/lib/libcrypto.so.0.9.8
pfexec ln -s  /lib/libssl.so.0.9.8 /usr/sfw/lib/libssl.so.0.9.8

Great try again……but when I tried to start again the system had got it’s knickers in a twist and I could neither unconfigure or configure! Trying to uninstall gave a cryptic message about container service – in fact this indicates the need for something else – the cacao (common agent container something!).

$pfexec pkg install cacao

Now running $pfexec vda-config seems to work OK – at least it runs all the way to the end! I can even get access to http://sol:1800 to login to the vdi administration interface! Now then all I have to do is login as the root user and…..whoa opensolaris doesn’t have a root user only a root ROLE (WTF).

The solution is to follow this guide – http://dlc.sun.com/osol/docs/content/IPS/login.html

OK now I login to the VDI webadmin using root credentials and start to troll through the settings BUT I haven’t setup the desktop provider yet.

To check the system is running OK I ran through a few check to see if everything is running.
$cacaoadm status
$svcs svc:/application/management/common-agent-container-1:default
$cacaoadm status com.sun.vda..service_module
$svcs svc:/application/database/vdadb:sql
$/opt/SUNWvda/sbin/vda-webadmin status

Reference information:
– This site has a great set of video walk-throughs for setting up VDI on Solaris – http://blogs.sun.com/weber/

Comments (233)

Codename ‘Dancing Bear’ – OpenSolaris home-server

I’ve had enough of bloody windows server 2008 – the licensing is doing my head in. As a member of staff at a UK research institute I get a free license for Windows Server 2008 – but not the high end version that let’s me create FC targets and I cannot fathom the licensing for running a terminal server. Also reading the fine print in fact I don’t think I do have a license either because I’m a former employee and my rights have lapsed or because the organisation I used to work for is not academic in the sense of being degree-awarding. Also I’ve run it for a few months and to be honest it’s just not my cup-of-tea.

So I’ve decided to go for an OpenSolaris home-server – here’s what I want…
– A general server (file/DHCP/DNS) for the home network.
– A Sun Ray server – yes I have picked up a couple of sunrays off ebay and I think they’d be great for the kids.
– A virtual desktop server (ideally using proper VDI).
– A Fibre Channel server – to centralise all files onto my monster server!

Codename ‘Dancing Bear’ – the whole sunray thing provides that classic dancing-bear moment as does attaching a machine to a remote FC target rather that a local harddisk.

With this shopping list it would have to be OpenSolaris really with SunRay, VDI/Virtualbox software being developed on it by SUN/Oracle. Also the COMSTAR project means I can create a Open Storage server.

Having decided on my setup here’s the task list (I’ll cross them off as I finish them)…

Comments (149)

SGD on home server – set up to traverse a firewall.

I guess most employers will have a pretty robust firewall setup. Since by default SGD uses a load of non-standard  ports a corporate firewall will not allow you to run the client at work and access your SGD server at home. There are two options 1) open holes in the firewall or 2) modify the SGD installation to confine all the traffic to a standard port so that it will traverse a corporate firewall.

A nice post on the subject can be found here http://macrae.wordpress.com/2008/07/02/sun-secure-global-desktop-firewall-friendly/ this post gives the background to the problem but in fact these instructions are out of date for SGD version 4.5.

There is a whole section in the manual that now provides the information neede to setup a SGD server to perform firewall traversal http://docs.sun.com/source/820-6689/chapter1.html#Z400003e1312957.

I’ve reproduced the steps here (in case I need to do it again).

1. Create a selfsigned certificate

shs$pfexec /opt/tarantella/bin/tarantella security certrequest --country UK --state war --orgname "Nobody Puts Baby in a corner"
shs$pfexec /opt/tarantella/bin/tarantella security selfsign

2. Enable security on SGD server

shs$ pfexec /opt/tarantella/bin/tarantella security start

3. Edit apache .conf file

shs$ pfexec vi /opt/tarantella/webserver/apache/2.2.10_openssl‑0.9.8i_jk1.2.27/conf/httpd.conf

replace the section
<IfDefine SSL>
443

with

<IfDefine SSL>
127.0.0.1:443

4. Configure the SGD server to use 443 port
shs$ pfexec /opt/tarantella/bin/tarantella config edit --array-port-encrypted 443
shs$ pfexec /opt/tarantella/bin/tarantella config edit --array --security-firewallurl https://127.0.0.1:443

5. Restart the SGD server

I followed these instructions and when I first accessed it it asked to to confirm the use of the temporary certificate. Straight away I can access my (unix) desktop straight out of the box. More work seems to be needed to access a windows desktop using rdesktop or uttsc (the sun ray windows connector) but I guess it must be relatively straight forward (right?).

What the instructions in the manual about enabling firewall traversal don’t do is setup the server to be accessed by https rather than plain old http – I guess this is a security hole but I decided to stop while

Comments (90)

Installing SRS EA2 on OpenSolaris 2009.06

I’ve gone the whole hog and installed The Early Access 2 release of the upcoming Sun Ray Server Software version 5.

Here goes – I’m following the guide here – http://wiki.sun-rays.org/index.php/SRSS_4.1_on_OpenSolaris_2008.11 which as the title suggests is for 2008.11 but should work ;-<>

1. Set my IP to static 192.168.1.72 (as suggested). In fact I have totally disables NWAM since it seems to be the source of a number of problems for other users and hardcoded all the network information.

2. Checked DNS setup –  in my case resolv.conf looks like this…the router is the DNS server.
domain nobodyputsbabyinacorner.co.uk
nameserver 192.168.1.254

3. Addressed the ‘sock2path bug’

From http://www.filibeto.org/pipermail/sunray-users/2009-May/012776.html

just change In /etc/sock2path change the following lines:
   2   2   0   tcp
   2   2   6   tcp
   26  2   0   tcp
   26  2   6   tcp
   2   1   0   udp
   2   1   17  udp
   26  1   0   udp
   26  1   17  udp

change to...
   2   2   0   /dev/tcp
   2   2   6   /dev/tcp
   26  2   0   /dev/tcp6
   26  2   6   /dev/tcp6
   2   1   0   /dev/udp
   2   1   17  /dev/udp
   26   1  0   /dev/udp6
   26   1  17  /dev/udp6

4. Setup a working DHCP and tftp server.

5. Install SRSS software

Following the instructions step-by-step with a couple of points to note..

Here are instructions for clearing a sun ray frozen in gecko or blank screen mode…http://www.filibeto.org/~aduritz/truetrue/sunray/misc-stuff.html
ALSO – sun web based troubleshooter – here http://www.sun.com/service/sunray/30.html might help.
ALSO – http://www.sunshack.org/data/sh/2.1.8/infoserver.central/data/syshbk/collections/SRDB/1-25-21962-1.html
ALSO – http://tenzer.dk/solaris-dhcp-server for dhcp

See also this blog post with some more recent information… http://thegreyblog.blogspot.com/2010/06/installing-sun-ray-server-software-on.html

Comments (145)

A conundrum – ESXi and solaris zfs

Despite the change to a full hypervisor I wanted to keep using zfs to manage the storage of datafiles. Partly because it seems like a great system and the reporting and management is excellent and simple and partly because that’s what I started out with and I’m too bloody minded to change.

One of my inspirations for this came from solarisinternals.com who have moved to a similar setup.  There they have setup zfs to access the disks on esx server using ‘raw disk mode’ which is obviously exactly what I want isn’t it? This would be my preferred route. I know it goes against the virtual ethos but I could whack the drives into any solaris box and ‘zfs import’ them in the event of a hardware failure. I gives me options to keep the drives without having to offload all the data and re-format; if I run into problems with ESXi in the future.

Well NOT SO FAST…..it’s a case of needed to do the research and read the small print. ESXi 4.0 doesn’t support virtual machines accessing raw disk devices (‘raw disk mode’). It seems that older versions (or maybe other vmware products do or did). RDM or ‘Raw disk Mapping’ is a supoprted option in ESXi 4 but that refers to mapping onto raw disks over a SAN (NOT LOCALLY).

I have created an opensolaris 2009.06 virtual machine running on the hypervisor. The root pool or system disk of this is infact a .vmdk file sitting on the internal mirrored pair of drives sitting in the server. My intention was to add additional drives that would be managed directly under opensolaris. BUT this just doesn’t seem possible…ESXi 4.0 doesn’t allow raw device access or direct disk access.

Research is ongoing I have two choices it seems.

1. Use the hardware raid capabilities of the SAS/SATA RAID cards – Then just use ZFS to manage quotas/snapshots and management stuff. BUT I’m nervous about recovering these should a controller fail (I’m left with a situation where in order to recover the data I’d need to buy a very specific and very expensive RAID controller – or wait ages until the right thing came up on ebay). Also RAID-Z in ZFS removes write-hole errors.
2. Create virtual disks on the actual disks and use zfs to manage these as if they were actual disks. I guess I can see a disaster recover route for this option. The disk could be hooked out and connected to any sata controller and then read from within ESXi (I think) but I need to check that. This would have to be slower wouldn’t it?
3. Forget zfs completely. Use hardware RAID and create another virtual machine which is a small footprint freenas or similar box let that take care of all the file serving work. Still need to think about a possible route for recovering the data in the event of a hardware failure.
4. Find work around – there is always a work around!
5. Sod it – switch to hyper-v which does seem to support it!

ESXi access local disks as a raw device – workarounds
1. Use vmkfstools: There do seem to be worked examples
here………http://www.hardforum.com/showthread.php?t=1441318
and here…http://www.hardforum.com/showthread.php?t=1429640
2. Edit configuration files by hand
discussed here… http://communities.vmware.com/thread/145589?tstart=0&start=0

Decisions, decisions…

Comments (140)

mini-SAS to SATA connectors are they all the same?

I bought a couple of “Mini 32 Pin SAS controller to for SATA Serial ATA cables” off ebay – they cost sod-all (£7 for the two including postage from Hong Kong) but have been the source of some consternation.

They’ve caused me no end of trouble…I tested the PERC 6iR card that I bought on ebay when it arrived and decided it was a dud – after reassurance from the seller I tested it again and it did work. What the hell was going on??????? It turns out that although the two cable sets look identical one works with my setup and the other one doesn’t.

This raised the question in my mind (in the smug style of a Sex in the City episode)… “mini-SAS to SATA connectors are they all the same?”. Alternatively mind I could have just been sold a dud (but since the cost of the item is less than it would cost me to send it back to on Hong Kong – we’ll never know will we :-() ).

Comments (141)

Dell SC440

As ever this entry is really intended as a point of reference for my own use rather than other people’s enlightenment.

I’ve been shopping. I’ve been experiencing all kinds of problems with my server setup and wanted to move to a ESXi hypervisor so I decided up upgrade (perhaps I’m sidegrading since the spec. of the new server is very similar to the old). I’ve come to think that perhaps some of the problems I’ve been having are because I’m using desktop parts and a number of components are poorly supported and perhaps drivers and bit buggy and the hardware itself is of lower quality etc, etc….

I’ve decided to go for all server components and choose parts very carefully to ensure they’s all work and are fully supported in ESXi. Using the unbelievable www.gixen.com service to snip on ebay I’ve been picking up tasty morsels on ebay over a period of a few months…

– A dell SC440 (a Xeon  Dual Core X3040 1.86Ghz with 6GB ECC RAM)
£103.00
– A 1GB USB flash memory ‘pen drive’ (from the back of my desk drawer)
£     0.00
– A dell PERC 6ir SAS/SATA internal RAID controller
£   16.00
– A nobrand broadcom gigabit ethernet card PCI-express
£     2.50
– A 3ware 9590se-4me SAS/SATA external RAID controller
£  15.00
– An intel 1000GT PCI gigabit controller (salvaged)
£    0.00
– Two SATA 5.25″ removable disk caddies data castle BT-32  (already had)
£    ——

Still on the shopping list……
A higher spec CPU;
Ideally a quad-core Xeon (X3210 and X3220) but something like a Q6600 or a Q6700 would work just fine. Another possibility could be a Xeon X3070 which is the maximum available dual-core Xeon for the machine.

A 4GB ECC Ram kit;
Dell states that only 4GB of RAM is supported (4 x 1GB modules) but the system will support upto 8GB as 4 x 2GB modules. My system currently has a total of 6GB installed as 2 x 1GB plus 2 x 2GB.
Compatible RAM for this machine must be 553 or 667Mhz DDR2 unregistered ECC. An example of a compatible ram kit would be Kingston KVR667D2E5/2G OR the IBM part 30R5150

A SFF-8484 cable set;
For completeness I should get hold of a compatible SFF-8484 SAS connector (on the Dell controller) cable set to convert SFF-8484 to 4 x SATA. I’m still researching which I had problems with the last ones.

These components are either a) rare and b) sought after so I’m going to take my time and see what come up!

Current hardware setup;

– The various cards are all plugged in the various slots (as you’d expect).
– The hard drives are all connected to the PERC 6ir at the moment.

Internal drives for ESXi datastore – storage of virtual machines
ESXi doesn’t support storage of virtual machine images on an ordinary SATA controller only RAID arrays or SANs – I’ve setup a pair of internal disks as a mirrored RAID (RAID-2) using the PERC 6iR controller.

Removable drives for data storage
Here it gets complicated. Initially I had intended to use the 3ware controller to connect to an external box containing an array of disks. On reflection that seems overkill so I settled for just 2 removable drives installed in the 5.25″ bays in the SC440 itself.
Problem 1: The plastic bezel supplied with sc440 is only suitable for installation of CD/DVD drives and will not fit round the removable caddies. Solution a) reach for the dremel or b) just leave it off. I’ve gone for solution 2 for now.
Problem 2: The Dell 6iR has two SFF8484 connectors for wiring in drives and it would seem sensible (and probably better use of available bandwidth) to put one set of drives on the first connector and the other set on the second – BUT I only have one cable set
that works. Solution I’ve got the two internal drives connected to channel 0 and channel 1, and the two drives in removable caddies are on channel 2 and 3 of the same connector.
The two removable drives are not setup as a RAID array by the controller they are presented to ESXi as two individual disks – I intend to manage them using zfs from within the solaris guest (more of that later I guess).

The 3ware controller is still installed and I’ll setup the drivers. I could expand the storage to an external box in the future if I need to.

REFERENCES AND SOURCES

– Dell SC440 support pages
http://support.dell.com/
– Dell SC440 manuals
http://support.dell.com/support/edocs/systems/pe440sc/en/index.htm
– The esxi whitebox HCL
http://www.vm-help.com/esx40i/esx40_whitebox_HCL.php
– Silicom PEG2BPI information
http://www.silicom-usa.com/default.asp?contentID=656
– 3ware 9590se-4me information

– 3ware drivers for ESXI
http://www.3ware.com/kb/article.aspx?id=15548

Comments (3)

OpenSolaris and 3ware 5950SE-4ME SATA Controller

Got one of these super cheap of ebay – oh dear not again. What can I say a SATA/SAS x4 RAID controller for £15 it would have been rude not to!

This was originally part of a “sidecar” kit for the mac but is listed as supporting other Operating Systems on the 3ware website so could be a great buy.

But after installing it in the opensolaris server it is not recognised!

I download the 9.5.2 drivers from 3ware that seem to suggest that the device is supported but although the install works just fine – nothing!

The machine knows it’s there (according to the Device Driver Utility) but thinks it’s a 9550SX and says that no driver has been found.

After some digging (AKA googling) here’s the apparent solution. Based on this page (http://defect.opensolaris.org/bz/show_bug.cgi?id=5860).

1. Using the Device Driver Utility, find your Smart Array controller, right-click on it, and select “Show Details”. Note the values of “subsystem-vendor-id” and “subsystem-id”.
IN THIS CASE THE VALUES ARE… pci13c1,1003

2.  Unconfigure the driver:

# rem_drv tw

3. Re-configure the driver with your controller’s PCI IDs:

#add_drv -c scsi -i ‘”pci13c1,1003″‘ tw

The general format of the -i option is

'"pci<subsystem-vendor-id>,<subsystem-id>"'.

4. modinfo should now show the driver as loaded:

#modinfo | grep tw
223 fffffffff7ce9000  140d0 132   1  nsmb (SMBFS network driver v1.36)
249 fffffffff7d2d000   6fb0 265   1  tw (3ware SCSI HBA 1.7)

5. Run the tw_cli to check…
john@shs:/opt/AMCC/CLI$ pfexec ./tw_cli
//shs> show

Ctl   Model        (V)Ports  Drives   Units   NotOpt  RRate   VRate  BBU
————————————————————————
c12   9590SE-4ME   4         0        0       0       1       1      –

Encls         Slots  Drives  Fans  TSUnits  PSUnits
—————————————————–
e0            4      0       1     1        0

OK so far!

All I have to do now is sort out a cable!!!

Ekk! SFF-8088 (aka Infiniband) to SFF-8470 – the cables are more expensive that the controllers! SPAN is a good source but lists the cable at £40!

Now I realise why the controller was so cheap – I found a reasonable cable (from hong-kong via ebay) for $30USD which is about £19 in real money. Oh dear.

Comments (104)

Setup DHCP and tftp servers

Ensure TFTP & DHCP packages are available:

  • On OpenSolaris 2008.11 the TFTP package is installed by default, but DHCP is not. Install the DHCP packages:
pkg install SUNWdhcs SUNWdhcsb SUNWdhcm
  • If you observe an error during the pkg install above: there is a known bug
Bug Ref: http://defect.opensolaris.org/bz/show_bug.cgi?id=4788

If TFTP is missing, install it:
pkg install SUNWtftp

Enable TFTP: Follow the instructions under
http://default-information.blogspot.com/2007/12/opensolaris-tftp-server.html

» Continue reading “Setup DHCP and tftp servers”

Comments (102)

Solaris Home Server: Static IP (disable NWAM)

UPDATE 9-11-2010: This procedure doesn’t work in fresh install of b134 – used this (http://www.parolski.com/2010/02/16/static-ips-with-nwam/) to make IP static instead.

What happened when I tried to follow this recipe in b134 was a failure to get a route established despite trying everything. The symptoms looked a lot like this bug report (http://bugs.opensolaris.org/view_bug.do?bug_id=6913780) but I couldn’t get the work around to fix the problem so I’ve gone back to nwam with a static Ip hoping that will work with sunray server!

ORIGINAL POST……

This is cribbed wholesale from the sun ray users wiki

Background

Use of Open Solaris NWAM causes some problems w/ the Sun Ray utadm command. This set of procedures shows how to turn NWAM off & a few other SRSS work-arounds so utadm will work correctly.

Turn off NWAM SMF Service

svcadm disable nwam

Turn on Physical Network Service

svcadm enable network/physical:default

Setup Network Files

For this example, I used network device pcn0. Substitute yours as appropriate.

Automate NIC start up:

cp /etc/nodename /etc/hostname.pcn0

Adjust /etc/hosts with following edits:

vi /etc/hosts:
  1 BEFORE: ::1 myhost myhost.local localhost loghost
    AFTER:  ::1 myhost.local localhost loghost
  2 BEFORE: 127.0.0.1 myhost myhost.local localhost loghost
    AFTER:  127.0.0.1 myhost.local localhost loghost
  3 ADD:    192.168.1.6 myhost

Note: myhost & IP address 192.168.1.6 are examples. Substitute yours as appropriate.

Edit /etc/netmasks with appropriate netmask. For example:

192.168.1.0 255.255.255.0

Set your default route (192.168.1.1 is an example, substitute yours as appropriate):

echo 192.168.1.1 > /etc/defaultrouter

A reboot will activate all of this…

init 6

… or you can activate on the fly:

ifconfig pcn0 plumb 192.168.1.24/24 up
route -f add default 192.168.1.1 1
svcadm restart name-service-cache

ADDED BY ME...
Ensure DNS is configured (if applicable). Setup /etc/resolv.conf, here's an example:
domain     example.acme.com
nameserver 192.168.1.1

Activate:

cp /etc/nsswitch.dns /etc/nsswitch.conf
svcadm enable dns/client
svcadm restart dns/client

Comments (143)