/devices is now dynamic and managed by the devfs filesystem, if necessary, new devices can be configured using /usr/sbin/cfgadm. Generate /dev/dsk, /dev/rdsk links using
/usr/sbin/devfsadm
Tuesday, December 30, 2008
Solaris JASS / VNC problem
If you ever need to run VNC with inetd on a server after applying SUNWjass's secure.driver, make sure to change the following file that JASS creates - /etc/dt/config/Xaccess (do not confuse this with /usr/dt/config/Xaccess or /usr/openwin/lib/X11/xdm/Xaccess):
(before)
##
## ex.
## !xtra.lcs.mit.edu # disallow direct/broadcast service for xtra
## bambi.ogi.edu # allow access from this particular display
## *.lcs.mit.edu # allow access from any display in LCS
## Deny all remote access (direct/broadcast) to this X server.
!*
(after)
##
## ex.
## !xtra.lcs.mit.edu # disallow direct/broadcast service for xtra
## bambi.ogi.edu # allow access from this particular display
## *.lcs.mit.edu # allow access from any display in LCS
## All remote access (direct/broadcast) to this X server.
*
This combined with /etc/hosts.allow and /etc/hosts.deny will provide the necessary security.
(before)
##
## ex.
## !xtra.lcs.mit.edu # disallow direct/broadcast service for xtra
## bambi.ogi.edu # allow access from this particular display
## *.lcs.mit.edu # allow access from any display in LCS
## Deny all remote access (direct/broadcast) to this X server.
!*
(after)
##
## ex.
## !xtra.lcs.mit.edu # disallow direct/broadcast service for xtra
## bambi.ogi.edu # allow access from this particular display
## *.lcs.mit.edu # allow access from any display in LCS
## All remote access (direct/broadcast) to this X server.
*
This combined with /etc/hosts.allow and /etc/hosts.deny will provide the necessary security.
Auto-ftp script
One of our Peoplesoft developers needed a script to ftp encrypted files to a vendor. Here's what I came up with:
#!/usr/bin/ksh
cd /tmp/ww
HOST='ftp.somehost.com'
USER='myusername'
PASSWD='mypassword'
FILE='somefilename.PGP'
LOCATION='remotefolder'
exec 4>&1
ftp -nv >&4 2>&4 |&
print -p open $HOST
print -p user $USER $PASSWD
print -p cd $LOCATION
print -p binary
print -p put $FILE
exit 0
Monday, December 29, 2008
VMware RCLI commands for ESXi
[I didn't write this, but it's a nice summary]
Using the RCLI to configure a VMware ESXi server.... These tasks can be
accomplished via the Virtual Infrastructure client but with a little
scripting you can easily configure, audit and manage multiple ESX i hosts.
To help identify what command does you can use the --help switch with any
of the perl scripts.
* vicfg-advcfg.pl - allows for the modification of any of the
advanced configuraiton options.
# vicfg-advcfg.pl --server 10.10.1.104 --get Cpu.MigratePeriod
- returns the value of the Cpu.MigrationPeriod
* vicfg-cfgbackup.pl - can backup and restore ESX settings
# vicfg-cfgbackup.pl --server 10.10.1.104 --save rwgood
* vicfg-cfgbackup.pl can also restore the file
# vicfg-cfgbackup.pl --server 10.10.1.104 --load rwgood --force
* vicfg-dns.pl allows you to change the DNS settings of a host
* vicfg-dumppart.pl > helps with the support files
* vicfg-module.pl > allows you to manged the loaded modules
* vicfg-mpath.pl - all sorts of info on the VMFS paths
# vicfg-mpath.pl --server 10.10.1.104 --list
* vicfg-nas.pl
* vicfg-nics.pl > configure the phsical NICs in the host
* vicfg-ntp.pl > managed the NTP settings
# vicfg-ntp.pl --server 10.10.1.104 --list
- Lists the configured NTP servers on the host
# vicfg-ntp.pl --server 10.10.1.104 --add time.gov
- Adds time.gov to the ntp configuration
# vicfg-ntp.pl --server 10.10.1.104 --delete time.gov
- Removes the time.gov from the ntp configuration
# vicfg-ntp.pl --server 10.10.1.104 --start
- Starts the NTP service on the host
# vicfg-ntp.pl --server 10.10.1.104 --stop
- Stops the NTP service on the host
* vicfg-rescan.pl > rescanning for VMFS and storage
* vicfg-route.pl
* vicfg-snmp.pl > configure your SNMP settings
* vicfg-syslog.pl > configure the ESX host syslog target
* vicfg-user.pl > local ESXi user management
* vicfg-vmhbadevs.pl > all about the HBAs
* vicfg-vmknic.pl > more and same infor for you nics
* vicfg-vswitch.pl > configuring the vSwitches
# vicfg-vswitch.pl --server 10.10.1.104 --add mine
- adds new vSwitch called mine
# vicfg-vswitch.pl --server 10.10.1.104 --add-pg public mine
- adds a port group called public to the vSwitch mine
# vicfg-vswitch.pl --server nhqesx036 vSwitch1 --pg mine --vlan 100
- adds a vlan tag of 100 to the port goup mine.
# vicfg-vswitch.pl --server 10.10.1.104 --link vmnic1 mine
- adds the vmnic1 to the vSwitch called mine
* vifs.pl > used to move files to and from the ESX host
* vihostupdate.pl > updating and patching the ESX i
# vihostupdate.pl --server 10.10.1.104 /
--bundle --install ESXe350-200807812-O-BG.zip
- installs the ESXi patch on server 10.10.1.104
# vihostupdate.pl --server 10.10.1.104 -q
- shows the version of the ESXi host
* vmkfstools.pl > same as alway managing disk
* vmkuptime.pl - does nothing yet
* vms.pl
* vmware-cmd.pl > same as always managing the VMs on the host
Using the RCLI to configure a VMware ESXi server.... These tasks can be
accomplished via the Virtual Infrastructure client but with a little
scripting you can easily configure, audit and manage multiple ESX i hosts.
To help identify what command does you can use the --help switch with any
of the perl scripts.
* vicfg-advcfg.pl - allows for the modification of any of the
advanced configuraiton options.
# vicfg-advcfg.pl --server 10.10.1.104 --get Cpu.MigratePeriod
- returns the value of the Cpu.MigrationPeriod
* vicfg-cfgbackup.pl - can backup and restore ESX settings
# vicfg-cfgbackup.pl --server 10.10.1.104 --save rwgood
* vicfg-cfgbackup.pl can also restore the file
# vicfg-cfgbackup.pl --server 10.10.1.104 --load rwgood --force
* vicfg-dns.pl allows you to change the DNS settings of a host
* vicfg-dumppart.pl > helps with the support files
* vicfg-module.pl > allows you to manged the loaded modules
* vicfg-mpath.pl - all sorts of info on the VMFS paths
# vicfg-mpath.pl --server 10.10.1.104 --list
* vicfg-nas.pl
* vicfg-nics.pl > configure the phsical NICs in the host
* vicfg-ntp.pl > managed the NTP settings
# vicfg-ntp.pl --server 10.10.1.104 --list
- Lists the configured NTP servers on the host
# vicfg-ntp.pl --server 10.10.1.104 --add time.gov
- Adds time.gov to the ntp configuration
# vicfg-ntp.pl --server 10.10.1.104 --delete time.gov
- Removes the time.gov from the ntp configuration
# vicfg-ntp.pl --server 10.10.1.104 --start
- Starts the NTP service on the host
# vicfg-ntp.pl --server 10.10.1.104 --stop
- Stops the NTP service on the host
* vicfg-rescan.pl > rescanning for VMFS and storage
* vicfg-route.pl
* vicfg-snmp.pl > configure your SNMP settings
* vicfg-syslog.pl > configure the ESX host syslog target
* vicfg-user.pl > local ESXi user management
* vicfg-vmhbadevs.pl > all about the HBAs
* vicfg-vmknic.pl > more and same infor for you nics
* vicfg-vswitch.pl > configuring the vSwitches
# vicfg-vswitch.pl --server 10.10.1.104 --add mine
- adds new vSwitch called mine
# vicfg-vswitch.pl --server 10.10.1.104 --add-pg public mine
- adds a port group called public to the vSwitch mine
# vicfg-vswitch.pl --server nhqesx036 vSwitch1 --pg mine --vlan 100
- adds a vlan tag of 100 to the port goup mine.
# vicfg-vswitch.pl --server 10.10.1.104 --link vmnic1 mine
- adds the vmnic1 to the vSwitch called mine
* vifs.pl > used to move files to and from the ESX host
* vihostupdate.pl > updating and patching the ESX i
# vihostupdate.pl --server 10.10.1.104 /
--bundle --install ESXe350-200807812-O-BG.zip
- installs the ESXi patch on server 10.10.1.104
# vihostupdate.pl --server 10.10.1.104 -q
- shows the version of the ESXi host
* vmkfstools.pl > same as alway managing disk
* vmkuptime.pl - does nothing yet
* vms.pl
* vmware-cmd.pl > same as always managing the VMs on the host
ISO Mounting on Solaris
# lofiadm -a /export/temp/software.iso /dev/lofi/1
# mount -F hsfs -o ro /dev/lofi/1 /mnt
or
# mkdir /iso ; mount -F hsfs -o ro `lofiadm -a /tmp/software.iso` /iso
# mount -F hsfs -o ro /dev/lofi/1 /mnt
or
# mkdir /iso ; mount -F hsfs -o ro `lofiadm -a /tmp/software.iso` /iso
Tuesday, November 25, 2008
Description of each Solaris service using svcs
Read the svcs manpage for troubleshooting tips, but here's a nice one to list the description of what each service does:
# svcs -o FMRI,DESC
FMRI DESC
lrc:/etc/rcS_d/S29wrsmcfg -
lrc:/etc/rc2_d/S00set-tmp-permissions -
lrc:/etc/rc2_d/S07set-tmp-permissions -
[...]
svc:/system/webconsole:console java web console
svc:/milestone/multi-user-server:default multi-user plus exports milestone
svc:/system/zones:default Zones autoboot and graceful shutdown
svc:/system/basicreg:default -
[Note that the rc scripts don't have a description]
Solaris upgrade / install logs
After performing an upgrade or installation of Solaris 10 you should review the logfiles.
Once the system has been rebooted and is running, the complete transcript of the upgrade and all messages printed to the screen are saved in the file:
/var/sadm/system/logs/upgrade_log
Also of note is the file:
/var/sadm/system/data/upgrade_cleanup
It contains a list of actions that may need to be performed to complete the upgrade.
Once the system has been rebooted and is running, the complete transcript of the upgrade and all messages printed to the screen are saved in the file:
/var/sadm/system/logs/upgrade_log
Also of note is the file:
/var/sadm/system/data/upgrade_cleanup
It contains a list of actions that may need to be performed to complete the upgrade.
Subscribe to:
Posts (Atom)
