Solaris 11 Link Aggregation

Definition : consists of several interfaces on a system that are configured together to form a single,logical unit.

So ,if i have two interfaces with 10Gbps speed,by aggregating them ,we ‘ll get a single interface with 20 Gbps speed and so on.

The Solaris Link Aggregation  follows the standard of IEEE 802.3ad

  • all interfaces must have the same speed, and also the eeprom local-mac-address? must be set to true.

Three main parts of link aggregation:

model ( dlmp or trunk) :Datalink multipathing or standard link-aggregation(trunk)

Aggregation Mode (LCAP mode): off ,active,passive

LCAPDU is Link Aggregation Control Protocol Packets

off: LACPDUS are not generated

active:The system generates LACPDUs at regular intervals

passive:The system generates an LACPDU only when it receives an LACPDU from the switch

Policy for load balancing: L2 ,L3 , L4

L2: Determines the outgoing link by hashing the MAC (layer 2) header of each packet

L3: Determines the outgoing link by hashing the IP (layer 3 ) header of each packet

L4(default): Determines the outgoing link by hashing the TCP, UDP, or other ULP (L4) header of each packet

Typical commands to configure link aggregation ( assuming that we have two free interfaces net3 and net4)

# ipadm show-if     <– check for net3 and net4 are free

# dladm create-aggr -l net3 -l net4 aggr0

# dladm modify-aggr -m trunk aggr0

# dladm modify-aggr -L passive aggr0

# dladm modify-aggr -P L4 aggr0

#ipadm create-ip aggr0

#ipadm create-addr -T static -a 192.168.100.120/24 aggr0/v4

# dladm show-aggr -x <— to get status of link aggregation

LINK     PORT      SPEED    DUPLEX  STATE   ADDRESS           PORTSTATE
aggre0    --        1000Mb  full    up      0:11:1c:3d:91:4d   --
         net3       1000Mb  full    up      0:11:1c:3d:91:4d   attached
         net4       1000Mb  full    up      0:11:1c:19:8d:4f   attached

 

Adding and removing interface from link aggregation :

Lets add an interface (net5) and remove an interface (net4):

# dladm add-aggr -l net5 aggr0

# dladm remove-aggr -l net4 aggr0

Posted in Uncategorized | Tagged , , , , , , , , , , , , | Leave a comment

Configuring Solaris 11 as iSCSI server

Sometimes you need an extra disks for your virtual machines or inside test servers,here we will set up a simple iscsi server and configure one client to access it

Assumption: Server is Solaris 11 , client is Solaris 10

Here is  commands to be used:

############### At server side #######################
# pkg install storage-server    <---- install the iscsi storgae server
# svcadm enable stmf
# zfs create -V .5g ziscsi/disk1  <--- create one volume with size of half gigabyte on zpool named ziscsi
# stmfadm create-lu /dev/zvol/rdsk/ziscsi/disk1    <--- create LUN on the raw volume
Logical unit created: 600144F04ABA0300000056E454F50001
# stmfadm add-view 600144F04ABA0300000056E454F50001   <---Allow access to this iscsi disk
# stmfadm list-lu    <--- to list current lus
Now , enable and Create storage server interface ( Target ) with two commands :
# svcadm enable -r svc:/network/iscsi/target:default
# itadm create-target
Target iqn.1986-03.com.sun:02:121dc29a-7ac6-6342-c131-fc9a8b4756b2 successfully created
# itadm list-target -v   <---- to list targets(storage interface) you have created
 
####### At client Side ###############

# svcadm enable network/iscsi/initiator
The following command to add target that we just created ,we must have two informations: iqn and IP ,from previous commands have a copy of iqn and ip
# iscsiadm add static-config iqn.1986-03.com.sun:02:121dc29a-7ac6-6342-c131-fc9a8b4756b2,10.10.10.23:3260
# iscsiadm list static-config  <--- list static config staus
# iscsiadm modify discovery --static enable
Scan for new devices and list them :
# devfsadm -Cv
# echo|format
Output should contain a word (comstart ) in the disk description

 4. c2t600144F04ABA0300000056E454F50001d0 <SUN -COMSTAR -1.0 cyl 509 alt 2 hd 64 sec 32>
 /scsi_vhci/disk@g600144f04aba0300000056e454f50001

You can directly use the disk now
Posted in Solaris 11 | Tagged , , , , , , | Leave a comment

Migrating OVMM ( Oracle VM Manager)

It was a painful task for me to migrate OVMM from one machine to another ,as no clear document with descriptive steps.

So ,I have rendered some documents and some googled points  into the following steps which works fine with me

To accomplish this task, we need these steps to be done

A-  Backup configuration file (as it will have UUID of VM Manager)

/u01/app/oracle/ovm-manager-3/.config

  Hint: /etc/sysconfig/ovmm will have uuid of vm manager also

Just ,we need   the UUID only to use it during fresh installation of OVMM

B- Use Automatic backups or Create your own manual backup now      

Directory (/u01/app/oracle/mysql/dbbackup) contains automated backups.

To do manual backup ( this step to run on old VM manager):

OVMM services must be running: service ovmm status; service ovmm_mysql status;

              # /u01/app/oracle/ovm-manager-3/ovm_tools/bin/BackupDatabase -w  

  1.                                                                     (-w) to wait till backup is finished
  2.                                                                A directory named Manualxxxxxx is created ,tar this file

# cd /u01/app/oracle/mysql/dbbackup

# tar cvf mydb.tar Manualxxxxxx.

D-     Install OVM manager in new OVM Manager:

Hint : there are multiple accounts ovm will use,some accounts are mysql users and others are for weblogic,during installation ,all these accounts will have the same password, so try using same password of old ovm that we are migrating from,other wise after migration to new server you need to reset all these accounts again.

 

– Run ( ./createOracle.sh )

– Run  ./runInstaller.sh –uuid 0004FB000000100002CH7Y2DFFA8D8  –noprereq

– Choose (1) then (1) again (once prompted for password ,use same admin password as old OVM manager)

– finish installation and check if it is done successfully.

C -Steps For Restoring DB backup into newly installed OVM manager :   

Hint: open another ssh sesiosn and tail  ovm manager log file as following :

# cd /u01/app/oracle/ovm-manager-3/ovm_tools/bin

# python OvmLogTool.py –t  

  keep this session aside as it will tell what is going on.

1- stop services of OVM:

# service ovmcli stop; service ovmm stop; service ovmm_mysql stop;

2- before starting restore ,ensure no database files already exist on the Oracle VM Manager host

           # cd /u01/app/oracle/mysql/data/  

      # rm -rf appfw ibdata1 ib_logfile0 ib_logfile1 mysql ovs performance_schema

3- copy tar file  to location  (/u01/app/oracle/mysql/dbbackup) and untar it

# cd /u01/app/oracle/mysql/dbbackup

# tar xvf mydb.tar

4- switch to oracle user:

# su – oracle

# cd /u01/app/oracle/mysql/dbbackup

5- run restore script :

# bash /u01/app/oracle/ovm-manager-3/ovm_tools/bin/RestoreDatabase.sh ManualBackup-20140324_102412

6- start services of OVM:

service ovmm_mysql  start; service ovmm start; service ovmcli  start;

7- since certificates have been regenerated during new installation,re-configure db to point to newly ones :

# export MW_HOME=/u01/app/oracle/Middleware

# /u01/app/oracle/ovm-manager-3/ovm_upgrade/bin/ovmkeytool.sh setupWebLogic

# /sbin/service ovmm restart.

Rebuild client certificate

# cd /u01/app/oracle/ovm-manager-3/bin/

# ./configure_client_cert_login.sh

8- Now ,login to OVM console BUI (https://IP:7002/ovm/console)

–  Do RefreshAll :

           On the Servers and VMs tab click on the Server Pools folder in the navigation pane.

Select the Server Pools perspective from the drop-down selector.

           Click Refresh All icon the perspective toolbar.

Posted in Uncategorized | Tagged , , , , , , , , | Leave a comment

Replace disks on veritas volume manager and increase filesystem online

It is usual to get a request to increase volume sizes or replace old disk with a new one,with no downtime for the activity.

Task: a mount point (/u03) needs more  200GB space

the (/u03) is mounted on vxvm volume (/dev/vx/oracle_dg/u03_vol)

 

Steps: create a new LUN from storage and map to server.

First, create a new LUN from storage and map to server.

Now at command line ,do these steps

# vxdisk -oalldgs list <—– list all available  disks
DEVICE TYPE DISK GROUP STATUS
emc_clariion0_20 auto:cdsdisk u01 oracle_dg     online
emc_clariion0_21 auto:cdsdisk u02 oracle_dg     online
emc_clariion0_22 auto:cdsdisk u03 oracle_dg    online <—– old disk
emc_clariion0_23 auto:none       –             –              online  <—– new disk

# /opt/VRTS/bin/vxdisksetup -i emc_clariion0_23    <———— initialize the new disk
# vxdg -g oracle_dg adddisk u03-new=emc_clariion0_23 <——-add to disk group and name it u03-new
# /opt/VRTS/bin/vxevac -g oracle_dg u03  u03-new<——-move data from source (u03) disk to target (u03-new)  disk
# vxtask list         <———wait till it finishes and no tasks are running )
# vxdg -g oracle_dg rmdisk u03   <——–remove source or old disk from disk group
# vxassist -g oracle_dg maxsize u03-new  <——– get exact available space on new disk
# vxresize -g oracle_dg u03_vol +204794m  <— grow /u03 online
# vxedit -g oracle_dg rename u03-new u03  <—–(optional step) rename the new disk with old name so you will maintain same names and no need to change documents

Now , the file system has been increased with 200 GB.

Posted in Uncategorized | Tagged , , , , , , , , | Leave a comment

Generating Certificate for iLOM and XSCF

 

To get a certificate, we do these steps:

1- generate private key (myprivkay.key)

2- generate  Certificate Signing Request (CSR ) from private key. (mycsr.csr)

3- Generate a SSL certificate from CSR file (mypubkey.cert)

4- import both private key (myprivkey.key) and public key (mypubkey.cert) into your

 

Now lets apply for iLOM and XSCF

Part I: iLOM

iLOM doesn’t have tools to generate keys,so we use any third party tool like openssl as following :

openssl genrsa -out myprivkey.key  2048

openssl req -new -key myprivkey.key  -out  mycsr.csr

Now you have CSR , you can send it to Certificate Authority CA to get signed certificate ,or use openssl to create your own certificate as following

openssl x509 -req -days 365 -in mycsr.csr -signkey myprivkey.key -out mypubkey.cert

In the iLOM SSL server page, perform the following;

Load  Private Key  file(myprivkey.key)

Load Certifcate key file (mypubkey.cert)

Click Save to apply the changes.

Part II: XSCF

XSCF has its built-in command (sethttps) to generate (private key ,CSR, and certifcate ).

Option 1: create your own certifcate by single command

XSCF> sethttps -c selfsign EG Hassaan  Mansoura Example DevDept
scf-host abc@example.com
CA key and CA cert already exist. Do you still wish to update? [y|n]
:y
Enter passphrase: xxxxxxxx (any word i.e.   sarvoor)
Verifying – Enter passphrase: xxxxxxx (the same word entered before : sarvoor )

XSCF> sethttps -c enable

XSCF> rebootxscf 

Option 2: use Certifcate Authority to get signed certificate

Step A (generate private key )

XSCF> sethttps -c genserverkey

Server key already exists. Do you still wish to update? [y|n] :y

Enter passphrase: xxxxxxxx

Verifying – Enter passphrase: xxxxxxxx

 

Step B : create CSR

XSCF> sethttps -c gencsr EG sarvoor hassaan  Example DevDept  scf_host abc@example.com

 

Step C

Send the copied CSR to the CA and request the web server certificate

 

Step D : import certificate (after copy and paste , Please press Enter and press the “Ctrl” and “D” keys)

XSCF> sethttps -c importca

Please import a certificate:

—–BEGIN CERTIFICATE—–

MIIDdTCCAt6gAwIBAgIBATANBgkqhkiG9w0BAQQFADCBgTELMAkGA1UEBhMCamox: R+OpXAVQvb2tjIn3kO99dq+begECo4mwknW1t7QI7A1BkcW2/MkOolIRa6iP1ZwgJ oPmwAbrGyAvGUtdzUoyIH0jl7dRQrVIRA==

—–END CERTIFICATE—–

 

Step F

XSCF> sethttps -c enable

XSCF> rebootxscf

 

References :

1- ILOM Security Guide Firmware Releases 3.0, 3.1, and 3.2.

2- XSCF User’s Guide ( E25381-01).

Posted in Uncategorized | Tagged , , , , , , , , , | Leave a comment

Adding standard(non-cloned-disk) to a disk group

We have a new LUN created and mapped to a solaris machine with Veritas volume manager.

we tried to add the disk to a disk group, but unfortunately we received this error after  the adding disk command (vxdg -g my_dg adddisk disk_07=emcpower7 )

VxVM vxdg ERROR V-5-1-0 Disk Group my_dg has only cloned disks and tyring to add standard disk to diskgroup. Mix of standard and cloned disks in a diskgroup is not allowed. Please follow the vxdg (1M) man page

If we issue the (vxdisk -o alldgs -e list) , the output is telling disk group(my_dg) has non-cloned disk at all.

So ,the work around is to set disk property (clone=on) and add to disk group ,then again set property(clone=off).

# vxdisk  set emcpower7 clone=on

# vxdg -g   my_dg adddisk   disk_07=emcpower7

# vxdisk  -g  my_dg set disk_07  clone=off

Posted in vxvm | Tagged , , , , , , , , | Leave a comment

Red Hat Enterprise Linux to Oracle Solaris 11 Comparison

Linux administrators can kick start their learning experience when planning Oracle Solaris deployments by reviewing the following summary between Oracle Solaris 11 features and Red Hat Enterprise Linux 7 features. For more information about the Oracle Solaris 11 features, be sure to check out the “Key Links”

Full Article On Oracle http://www.oracle.com/technetwork/server-storage/solaris11/overview/redhat-mapping-guide-1555721.html

 

Posted in Uncategorized | Tagged , , | Leave a comment