Sun Virtualization-Solaris Logical Domains Administration SA-345-S10

Sun Microsystems, Inc.UBRM05-104

500 Eldorado Blvd.Broomfield, CO 80021

U.S.A.

Revision A.1

Student Workbook

Sun Virtualization: Solaris™ 10Logical Domains Administration

SA-345-S10

June 13, 2008 7:31 pm

PleaseRecycle

Copyright 2008 Sun Microsystems, Inc. 4150 Network Circle, Santa Clara, California 95054, U.S.A. All rights reserved.

This product or document is protected by copyright and distributed under licenses restricting its use, copying, distribution, anddecompilation. No part of this product or document may be reproduced in any form by any means without prior written authorization ofSun and its licensors, if any.

Third-party software, including font technology, is copyrighted and licensed from Sun suppliers.

Sun, Sun Microsystems, the Sun logo, Java, Solaris, Ultra, SunOS, Sun Enterprise Authentication Agent, Solstice Enterprise Agents, Netra,OpenBoot, Sun Fire, N1, SunScreen EFS, BigAdmin, and JumpStart are trademarks or registered trademarks of Sun Microsystems, Inc. inthe U.S. and other countries.

All SPARC trademarks are used under license and are trademarks or registered trademarks of SPARC International, Inc. in the U.S. andother countries. Products bearing SPARC trademarks are based upon an architecture developed by Sun Microsystems, Inc.

UNIX is a registered trademark in the U.S. and other countries, exclusively licensed through X/Open Company, Ltd.

PostScript is a trademark or registered trademark of Adobe Systems, Incorporated, which may be registered in certain jurisdictions.

Federal Acquisitions: Commercial Software – Government Users Subject to Standard License Terms and Conditions

Export Laws. Products, Services, and technical data delivered by Sun may be subject to U.S. export controls or the trade laws of othercountries. You will comply with all such laws and obtain all licenses to export, re-export, or import as may be required after delivery toYou. You will not export or re-export to entities on the most current U.S. export exclusions lists or to any country subject to U.S. embargoor terrorist controls as specified in the U.S. export laws. You will not use or provide Products, Services, or technical data for nuclear, missile,or chemical biological weaponry end uses.

DOCUMENTATION IS PROVIDED “AS IS” AND ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS, ANDWARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSEOR NON-INFRINGEMENT, ARE DISCLAIMED, EXCEPT TO THE EXTENT THAT SUCH DISCLAIMERS ARE HELD TO BELEGALLY INVALID.

THIS MANUAL IS DESIGNED TO SUPPORT AN INSTRUCTOR-LED TRAINING (ILT) COURSE AND IS INTENDED TO BEUSED FOR REFERENCE PURPOSES IN CONJUNCTION WITH THE ILT COURSE. THE MANUAL IS NOT A STANDALONETRAINING TOOL. USE OF THE MANUAL FOR SELF-STUDY WITHOUT CLASS ATTENDANCE IS NOT RECOMMENDED.

Export Commodity Classification Number (ECCN) assigned: July 30, 2007

PleaseRecycle

Copyright 2008 Sun Microsystems Inc. 4150 Network Circle, Santa Clara, California 95054, Etats-Unis. Tous droits réservés.

Ce produit ou document est protégé par un copyright et distribué avec des licences qui en restreignent l’utilisation, la copie, la distribution,et la décompilation. Aucune partie de ce produit ou document ne peut être reproduite sous aucune forme, par quelque moyen que ce soit,sans l’autorisation préalable et écrite de Sun et de ses bailleurs de licence, s’il y en a.

Le logiciel détenu par des tiers, et qui comprend la technologie relative aux polices de caractères, est protégé par un copyright et licenciépar des fournisseurs de Sun.

Sun, Sun Microsystems, the Sun logo, Java, Solaris, Ultra, SunOS, Sun Enterprise Authentication Agent, Solstice Enterprise Agents, Netra,OpenBoot, Sun Fire, N1, SunScreen EFS, BigAdmin, et JumpStart sont des marques de fabrique ou des marques déposées de SunMicrosystems, Inc. aux Etats-Unis et dans d’autres pays.

Toutes les marques SPARC sont utilisées sous licence sont des marques de fabrique ou des marques déposées de SPARC International, Inc.aux Etats-Unis et dans d’autres pays. Les produits portant les marques SPARC sont basés sur une architecture développée par SunMicrosystems, Inc.

UNIX est une marques déposée aux Etats-Unis et dans d’autres pays et licenciée exclusivement par X/Open Company, Ltd.

PostScript est une marque fabrique d’Adobe Systems, Incorporated, laquelle pourrait être déposée dans certaines juridictions.

Législation en matière dexportations. Les Produits, Services et données techniques livrés par Sun peuvent être soumis aux contrôlesaméricains sur les exportations, ou à la législation commerciale dautres pays. Nous nous conformerons à lensemble de ces textes et nousobtiendrons toutes licences dexportation, de ré-exportation ou dimportation susceptibles dêtre requises après livraison à Vous. Vousnexporterez, ni ne ré-exporterez en aucun cas à des entités figurant sur les listes américaines dinterdiction dexportation les plus courantes,ni vers un quelconque pays soumis à embargo par les Etats-Unis, ou à des contrôles anti-terroristes, comme prévu par la législationaméricaine en matière dexportations. Vous nutiliserez, ni ne fournirez les Produits, Services ou données techniques pour aucune utilisationfinale liée aux armes nucléaires, chimiques ou biologiques ou aux missiles.

LA DOCUMENTATION EST FOURNIE “EN L’ETAT” ET TOUTES AUTRES CONDITIONS, DECLARATIONS ET GARANTIESEXPRESSES OU TACITES SONT FORMELLEMENT EXCLUES, DANS LA MESURE AUTORISEE PAR LA LOI APPLICABLE, YCOMPRIS NOTAMMENT TOUTE GARANTIE IMPLICITE RELATIVE A LA QUALITE MARCHANDE, A L’APTITUDE A UNEUTILISATION PARTICULIERE OU A L’ABSENCE DE CONTREFAÇON.

CE MANUEL DE RÉFÉRENCE DOIT ÊTRE UTILISÉ DANS LE CADRE D’UN COURS DE FORMATION DIRIGÉ PAR UNINSTRUCTEUR (ILT). IL NE S’AGIT PAS D’UN OUTIL DE FORMATION INDÉPENDANT. NOUS VOUS DÉCONSEILLONS DEL’UTILISER DANS LE CADRE D’UNE AUTO-FORMATION.

vCopyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Table of Contents

About This Lab ....................................................................Preface-viiLab Goals............................................................................... Preface-viiConventions ......................................................................... Preface-viii

Icons ............................................................................. Preface-viiiTypographical Conventions ........................................ Preface-ix

Exercise: Virtualization Trends in the Data Center .......................1-1

Exercise: Logical Domains Fundamentals ....................................2-1

Exercise: Preparing the System to Support LDoms .....................3-1Objective............................................................................................. 3-1

Preparation................................................................................. 3-2Task 1 – Gather System Hardware and Software

Configuration Information ................................................... 3-4Task 2 – Upgrade the System Controller Firmware............. 3-6Task 3 – Install the Logical Domain ManagementSoftware...................................................................................... 3-8Task 4 – Configure LDoms User Authorizations ................. 3-9

Exercise Summary............................................................................ 3-12Exercise Solutions ............................................................................ 3-13

Task 1 – Solutions.................................................................... 3-13Task 2 – Solutions................................................................... 3-17Task 3– Solutions.................................................................... 3-20Task 4 – Solutions................................................................... 3-24

Exercise: Setting Up the Control and Service Logical Domain ...4-1Objectives ........................................................................................... 4-1

Preparation................................................................................. 4-1Task 1 – Create Default Virtual Services ............................... 4-2Task 2 – Setup the Control Domain........................................ 4-3Task 3 – Configure the Virtual Switch as a PrimaryNetwork Interfaces .................................................................. 4-5Task 4 – Enable the Virtual Network Terminal Server........ 4-6

Exercise Summary.............................................................................. 4-7

vi Sun Virtualization: Solaris™ 10 Logical Domains AdministrationCopyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Exercise Solutions .............................................................................. 4-8Task 1 – Solutions...................................................................... 4-8Task 2 – Solutions.................................................................... 4-13Task 3 – Solutions.................................................................... 4-18Task 4 – Solutions.................................................................... 4-19

Exercise: Creating a Guest Logical Domain ................................. 5-1Objectives ........................................................................................... 5-1

Preparation................................................................................. 5-1Task 1 – Create a Guest Domain............................................. 5-2Task 2 – JumpStart the Guest Domain................................... 5-5Task 3 – Explore the Guest Domain ....................................... 5-6

Exercise Summary.............................................................................. 5-8Exercise Solutions .............................................................................. 5-9

Task 1 – Solutions...................................................................... 5-9Task 2 – Solutions.................................................................... 5-14Task 3 – Solutions.................................................................... 5-18

Exercise: Performing Advanced Logical Domain Tasks.............. 6-1Objectives ........................................................................................... 6-1

Preparation................................................................................. 6-1Task 1 – Switch Between Control and Guest Domains ....... 6-2Task 2 – Reconfigure Logical Domain Virtual CPUs........... 6-3Task 3 – Reconfigure Logical Domain Memory ................... 6-4Task 4 – Create a Split PCI Configuration............................ 6-6Task 5 – Use a File as a Virtual Disk....................................... 6-8Task 6 – Export a ZFS File System as a Virtual Disk.......... 6-10Task 7 – Remove and Restore a Guest Logical Domain .... 6-13Task 8 – Reset the System to the Factory Default

Configuration ....................................................................... 6-13Exercise Summary............................................................................ 6-15Exercise Solutions ............................................................................ 6-16

Task 1 – Solutions.................................................................... 6-16Task 2 – Solutions.................................................................... 6-16Task 3 – Solutions.................................................................... 6-20Task 4 – Solutions.................................................................... 6-24Task 5 – Solutions.................................................................... 6-33Task 6 – Solutions.................................................................... 6-37Task 7 – Solutions.................................................................... 6-42Task 8 – Solutions.................................................................... 6-44

Exercise: Bonus Lab .......................................................................A-1Objectives .......................................................................................... A-1

Preparation................................................................................ A-1Logical Domain Configuration Scenario ....................................... A-2

Configuration Details .............................................................. A-2Final Assessment...................................................................... A-4

Preface-viiCopyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Preface

AboutThis Lab

Lab Goals

Upon completion of these labs, you should be able to:

● Gather system hardware and software configuration information

● Upgrade the system controller firmware

● Install operating system patches

● Install the logical domain management software

● Configure LDoms user authorizations

● Create default virtual services

● Setup the control domain

● Configure the virtual switch as a network Interface

● Enable the virtual network terminal server

● Create a guest domain

● JumpStart the guest domain

● Explore the guest domain

● Reconfigure logical domain virtual CPUs

● Reconfigure logical domain memory

● Create a split PCI configuration

● Use ZFS file systems as virtual disks

● Configure virtual networks

● Remove logical domains

Conventions

Preface-viii Sun Virtualization: Solaris™ 10 Logical Domains AdministrationCopyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Conventions

The following conventions are used in this course to represent varioustraining elements and alternative learning resources.

Icons

Additional resources – Indicates other references that provide additionalinformation on the topics described in the module.

?!

Discussion – Indicates a small-group or class discussion on the currenttopic is recommended at this time.

Conventions

About This Lab Preface-ixCopyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Typographical Conventions

Courier is used for the names of commands, files, directories,programming code, and on-screen computer output; for example:

Use ls -al to list all files.system% You have mail.

Courier is also used to indicate programming constructs, such as classnames, methods, and keywords; for example:

The getServletInfo method gets author information.The java.awt.Dialog class contains Dialog constructor.

Courier bold is used for characters and numbers that you type; forexample:

To list the files in this directory, type:# ls

Courier bold is also used for each line of programming code that isreferenced in a textual description; for example:

1 import java.io.*;2 import javax.servlet.*;3 import javax.servlet.http.*;

Notice the javax.servlet interface is imported to allow access to its lifecycle methods (Line 2).

Courier italics is used for variables and command-line placeholdersthat are replaced with a real name or value; for example:

To delete a file, use the rm filename command.

Courier italic bold represents variables whose values are to beentered by the student as part of an activity; for example:

Type chmod a+rwx filename to grant read, write, and executerights for filename to world, group, and users.

Palatino italics is used for book titles, new words or terms, or words thatyou want to emphasize; for example:

Read Chapter 6 in the User’s Guide.These are called class options.

1-1Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Lab 1

Exercise: VirtualizationTrends in the DataCenter

No lab exercise is planned for Module 1.


Lab 2

Exercise: Logical DomainsFundamentals

No lab exercise is planned for Module 2.


Lab 3

Exercise: Preparing the Systemto SupportLDoms

Objective

In this exercise, you will perform the following tasks:

● Gather system hardware and software configuration information

● Upgrade the system controller firmware

● Install operating system patches

● Install the logical domain management software

● Configure LDoms user authorizations

Objective

3-2 Sun Virtualization: Solaris™ 10 Logical Domains AdministrationCopyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Preparation

During this exercise you work with lab equipment located in Sun’sRemote Lab Data Center (RLDC). The RLDC is remote from your presentlocation. To successfully complete the following tasks, you shouldfamiliarize yourself with the RLDC lab topology. Figure 3-1 shows themajor components that make up the lab topology are configured.

Figure 3-1 Course SA-345-S10 Lab Topology

Sun FireT2000 #1

0123

Sun FireT2000 #2

0123

Sun FireT2000 #3

0123

Sun FireT2000 #4

0123

Sun FireT2000 #5

0123

Sun FireT2000 #6

0123

netmgmt

serial

netmgmt

serial

netmgmt

serial

netmgmt

serial

netmgmt

serial

netmgmt

serial

Port 1

Port 2

Port 3

Port 4

Port 5

Port 6

SC Net Mgmt Ethernet

Serial Consoles

Subnet 192.168.100.0

Switch

Classroom System (WAN)

TerminalServer

Objective

Exercise: Preparing the System to Support LDoms 3-3Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Table 3-1 shows the IP addresses assigned to the RLDC lab Sun Fire™T2000 system controller (SC) network management (net mgmt) port andthe login credentials.

Note – Most of the steps in the following tasks should be performed usingthe Terminal Server. If the terminal server is not available, you can logdirectly in to the system controller and perform the appropriate steps.

Verify the following files are located in the /opt/ses/lab directory:

● 136927-01.zip – Sun Fire T2000 system controller firmwareupgrade version 6.6.1.

Verify the following files are located in the /opt/ses/software directory:

● LDoms_Manager-1_0_3.zip – Logical Domains Manager 1.0.3software.

Before You Begin

Before you begin Task 1, complete the following lab configurationinformation. See your instructor if you need help.

You are assigned a Sun Fire T2000 server:

● Sun Fire T2000 assignment:machine # _____

● Solaris™ login credentialsroot/cangetin

● System Controller (SC) IP address _______________

Table 3-1 Sun Fire T2000 System Controller IP Address Assignments

Sun Fire T2000 SC IP Address SC LoginCredentials

HostName

OS LoginCredentials

Machine1 192.168.100.10 admin/cangetin host01 root/cangetin






Objective


● SC login credentials admin/cangetin

Terminal Server:

● IP address 192.168.100.5

● Serial port # to SC _____

Note – Examples shown in this exercise are from lab machine 4. Thecommand responses shown in the “Exercise Solutions” on page Lab 3-13are examples only. Depending upon your lab configuration, the responsesto the commands in the labs might vary slightly.

Task 1 – Gather System Hardware and SoftwareConfiguration Information

In this task you explore your assigned lab equipment and determine if thehardware and software meet the requirements necessary for creatinglogical domains. Figure 3-2 shows the major components that make up theSun Fire T2000 server.

Figure 3-2 Sun Fire T2000 Major Components

Perform the following steps:

1. Log in to your assigned system in the classroom. From the classroomsystem, log in to the system controller (SC) of your assign labmachine. Contact your instructor if you need help.

Operating System

Physical Resourses

(CPUs, LANs, Storage)

System

ControllerHypervisor

Objective


After you log in to the SC, you should see the sc> prompt. If you donot see the sc> prompt, you might have an open console to thesystem. In this case, type #. to return to the SC.

2. Run the showhost command and obtain the following information:

Server Model: ______________

System Firmware: ______________

Do the server model and firmware release meet the requirements forcreating logical domains? _____

3. Run the poweron command to verify the system power is running.

4. Run the console -f command to open a console to the system. Ifthe system is at the ok prompt, boot the operation system.

5. Log in to the operating system as root.

6. Display the contents of the /etc/release file.

Does this OS release meet the requirement for installing the LogicalDomains Manager 1.0.3 software? _____

7. Run the prtdiag command to determine the following configurationinformation:

● Platform group: ______

● Memory size: ______

● Number of available CPU cores: ______

8. Run the format command to determine what disks are installed inthe system.

Note – The device pathing information shown below is from a Sun FireT2000 Server with 2 CPUs and 4 Gbytes of memory. The device pathinginformation may differ based on the server system’s disks.

Note the disk drives: _________ __________ _________

Which of these disk drives resides on PCI bus pci@780? _____

Which of these disk drives resides on PCI bus pci@7c0? _____

Select drive #1 and quit the format utility.

9. Use the dladm show-link command to verify the network devicesare compliant with logical domain requirements.

10. Run the grep e1000g /etc/path_to_inst command to determineon which PCI bus the network interfaces reside.

Objective


● Which network interfaces are attached to PCI bus pci@780?__________ _________

● Which network interfaces are attached to PCI bus pci@7c0?__________ _________

11. Run the ifconfig -a command to identify which networkinterfaces are currently plumbed.

Name IP Address

Network interface: ______ __________

The network interface is connected to which PCI bus? _________

Note – At this point, you have gathered the configuration informationrequired to complete the remaining tasks in this course. This informationwill be required in later exercises.

Task 2 – Upgrade the System Controller Firmware

In this task you upgrade the system controller firmware on your assignedlab equipment. Upgrading the system controller firmware can beperformed by two methods:

● Load the firmware from a local FTP server

● Load the firmware from the operating system

Objective


In this task you upgrade the system controller firmware from theoperating system. See Figure 3-3.

Figure 3-3 System Controller Firmware Upgrade


1. Verify that you are logged in to the Sun Fire T2000’s operatingsystem of your assigned lab machine as root. If not, log in at thistime.

2. Unzip the 136927-01.zip archive located in the /opt/ses/labdirectory to the /var/tmp directory.

3. Move to the 136927-01 directory and list the contents. Note that thesysfwdownload.README file details this procedure.

4. Run the sysfwdownload utility to download theSun_System_Firmware-6_6_1-Sun_Fire_T2000.bin file to thesystem controller.

5. Shut down the operating system.

6. After the operating system is down, type #. to move back to thesystem controller.

7. Use the poweroff -fy command to verify that the system power isoff.

8. Run the flashupdate -s 127.0.0.1 command to upgrade thesystem controller firmware.

9. Run the resetsc -y command to reset the system controller.

If you are accessing the SC using the terminal server, log in to thesystem controller when prompted.

Solaris 10 OSFirmware File

Physical Resourses


System

ControllerHypervisorClassroom

Objective


If you were logged in directly to the SC, log back in to the SC usingtelnet.

10. Run the showhost command to verify the system controllerfirmware level.

11. Run the poweron command to power the system back on. Thesystem will perform power on self test (POST). POST takes a fewminutes to complete.

12. Open a console to the system. If the system stops at the OpenBootPROM ok prompt, boot the operating system.


Task 3 – Install the Logical Domain ManagementSoftware

In this task you install the Logical Domains Manager 1.0.3 software in theSolaris 10 5/08 operating system. Before you begin this task, you mustfirst have successfully completed tasks 1 and 2 in this exercise. SeeFigure 3-4.

Figure 3-4 Logical Domain Management Software


1. Verify that you are logged in to the operating system of yourassigned lab machine as root. If not, log in at this time.

2. Unzip the LDoms_Manager-1_0_3.zip archive located in the/opt/ses/software directory to the /var/tmp directory.

Objective


3. Change to the LDoms_Manager-1_0_3/Product directory and runthe /var/tmp/LDoms_Manager-1_0_3/Install/install-ldminstallation script to install the Logical Domains Manager 1.0.3software.

During the installation, you will be asked to choose one of thefollowing options:

a) Hardened Solaris configuration for LDoms (recommended)

b) Standard Solaris configuration

c) Your custom-defined Solaris security configuration profile

Select option a.

4. Reboot the Sun Fire T2000.

5. Log in to the Sun Fire T2000’s operating system as root.

Because the operating system has been hardened, you are required toset a new password for root. Make the new root passwordcangetin@sun.

Note – At this point, the system has been transformed from a standardSolaris 10 Operating System to a Solaris 10 Control Domain.

6. Verify that the logical domain daemon (ldmd) has been automaticallystarted.

7. Verify the logical domain management utility is operational byrunning the /opt/SUNWldm/bin/ldm list command.

8. Add the /opt/SUNWldm/bin path to the root account $PATHvariable. Also, add /opt/SUNWldm/man to the root account$MANPATH variable.

Note – Using the vi editor over a VNC link is somewhat unwieldy. Referto Step 8 of the “Task 3– Solutions” on page 20 for the appropriate vicommands for updating the .profile file.

9. Run the . $HOME/.profile command to force the system to re-examine your environment variables.

Task 4 – Configure LDoms User Authorizations

You can configure LDoms user authorization by three methods:

Objective


● You can add LDoms read or read/write privilege to a specific user.

● You can assign an LDom read or read/write profile for a user.

● You can create a Solaris Role-Based Access Control (RBAC) role withLDoms read or read/write privilege and assign the role to a user.

In this task you create three new user accounts and authorize each user tomanage LDoms using one of the authorization methods. See Figure 3-5 onpage Lab 3-10.

Figure 3-5 User Authorizations


1. Verify that you are logged in to the control domain of your assignedlab machine as root. If not, log in at this time.

2. List the user and system logins currently configured in the operatingsystem.

3. Add three new users to the operating system named ldmadm1,ldmadm2, and ldmadm3. Set the new user passwords to cangetin.

Logical Domain

Management

Physical Resourses


System

ControllerHypervisorClassroom

Objective


4. Verify that the new user ldmadm1 is unable to perform a basic LDomread operation by switching user (su) to ldmadm1 and running the/opt/SUNWldm/bin/ldm list command. Exit from the ldmadm1user shell.

5. Assign LDoms read and write authorization for user ldmadm1 usingthe usermod -A command. The LDoms read and write authorizationis enabled by the solaris.ldoms.write privilege.

After the privilege is assigned, verify user ldmadm1 is authorized runthe /opt/SUNWldm/bin/ldm list command.


7. Verify that the LDoms Management profile is installed in the/etc/security/prof_attr file.

8. Assign the LDoms Management profile to user ldmadm2.

After the profile has been assign, verify that user ldmadm2 isauthorized run the /opt/SUNWldm/bin/ldm list command.


10. Create a new role for LDoms management named ldomadm. Givethis role LDoms read/write authorization. The LDoms read andwrite authorization is enabled by the solaris.ldoms.writeprivilege.

Set the new role password to cangetin.

11. Assign the ldomadm role to user ldmadm3.

After the role is assigned to user ldmadm3, verify user ldmadm3 isauthorized run the /opt/SUNWldm/bin/ldm list command usingthe ldomadm role.

Exit from the ldomadm role and the ldmadm3 user shell.

Exercise Summary


Exercise Summary

?!

Discussion – Take a few minutes to discuss the experiences, issues, ordiscoveries you had during the lab exercise.

● Experiences

● Interpretations

● Conclusions

● Applications

Exercise Solutions


Exercise Solutions

This section provides the answers to the exercise tasks.

Task 1 – Solutions


1. Log in to your assigned system in the classroom. From the classroomsystem, log in to the system controller (SC) of your assign labmachine. Contact your instructor if you need help.

The following is an example of accessing the SC on machine # 4 using theterminal server.

# telnet 192.168.100.5 5004

The following is an example of logging directly in to the SC of machine # 4.

# telnet 192.168.100.40Please login: adminPlease Enter password: cangetin

After you log in to the SC, you should see the sc> prompt. If you donot see the sc> prompt, you might have an open console to thesystem. In this case, type #. to return to the SC.

Note – The examples shown in the remaining labs in this course assumeyou are using the terminal server to access the system in the lab.

2. Run the showhost command and obtain the following information:

Server Model: Sun Fire T2000

System Firmware: 6.4.6

sc> showhostSun-Fire-T2000 System Firmware 6.4.6 2007/06/24 15:53

Host flash versions:Hypervisor 1.4.1 2007/04/02 16:37OBP 4.26.1 2007/04/02 16:26POST 4.26.0 2007/03/26 16:45

Do the server model and firmware release meet the requirements forcreating logical domains? No. The firmware release required for a T2000is 6.6.1. You will upgrade the firmware in the next task.

3. Run the poweron command to verify the system power is running.

Exercise Solutions


sc> poweronThe Host System Power is already running

4. Run the console -f command to open a console to the system. Ifthe system is at the ok prompt, boot the operation system.

sc> console -fEnter #. to return to ALOM.

You might have to press the Enter key to display the prompt.

{0} ok bootBoot device: /pci@7c0/pci@0/pci@1/pci@0,2/LSILogic,sas@2/disk@0,0:a Fileand args:SunOS Release 5.10 Version Generic 64-bitCopyright 1983-2008 Sun Microsystems, Inc. All rights reserved.Use is subject to license terms....


console login: rootPassword: cangetin

6. Display the contents of the /etc/release file.

# cat /etc/release Solaris 10 5/08 s10s_u5wos_10 SPARC Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Use is subject to license terms. Assembled 24 March 2008

Does this OS release meet the requirement for installing the LogicalDomains Manager 1.0.3 software? Yes

7. Run the prtdiag command to determine the following configurationinformation:

● Platform group: sun4v

● Memory size: 8064 MBytes

● Number of available vCPU cores: 24 cores

# prtdiag...

The Sun Fire T2000 system contains up to 8 cores with 4 threads eachwhich give you 32 threads or virtual CPUs to work with. If prtdiagshows 24 CPUs (virtual CPUs) that means you have a Sun Fire T2000with 6 cores (2 cores disabled.)

You can also use commands, such as: uname -m, prtconf|grep Mem,and psrinfo to obtain this information.

Exercise Solutions


8. Run the format command to determine what disks are installed inthe system.

Note – The command output shown for the following commands arefrom a Sun Fire T2000 Server with 2 CPUs and 4 Gbytes of memory. Thedevice pathing information may differ based on the server system’s disks.

# formatSearching for disks...done

AVAILABLE DISK SELECTIONS:0. c1t0d0 <SUN72G cyl 14087 alt 2 hd 24 sec 424>

/pci@7c0/pci@0/pci@1/pci@0,2/LSILogic,sas@2/sd@0,01. c1t1d0 <SUN72G cyl 14087 alt 2 hd 24 sec 424>

/pci@7c0/pci@0/pci@1/pci@0,2/LSILogic,sas@2/sd@1,02. c1t2d0 <SUN72G cyl 14087 alt 2 hd 24 sec 424>

/pci@7c0/pci@0/pci@1/pci@0,2/LSILogic,sas@2/sd@2,0

Note the disk drives: c1t0d0, c1t1d0, c1t2d0

Which of these disk drives resides on PCI bus pci@780? None

Which of these disk drives resides on PCI bus pci@7c0? All

Select drive #1 and quit the format utility.

Specify disk (enter its number): 1selecting c1t1d0...format> quit

9. Use the dladm show-link command to verify the network devicesare compliant with logical domain requirements.

# dladm show-linke1000g0 type: non-vlan mtu: 1500 device: e1000g0e1000g1 type: non-vlan mtu: 1500 device: e1000g1e1000g2 type: non-vlan mtu: 1500 device: e1000g2e1000g3 type: non-vlan mtu: 1500 device: e1000g3

If the network interface is non-vlan or vlan, the interface meets logicaldomain requirements. If the network interface is legacy, the interface isnot compliant.

10. Run the grep e1000g /etc/path_to_inst command to determineon which PCI bus the network interfaces reside.

# grep e1000g /etc/path_to_inst"/pci@780/pci@0/pci@1/network@0" 0 "e1000g""/pci@780/pci@0/pci@1/network@0,1" 1 "e1000g"

Exercise Solutions


"/pci@7c0/pci@0/pci@2/network@0" 2 "e1000g""/pci@7c0/pci@0/pci@2/network@0,1" 3 "e1000g"

● Which network interfaces are attached to PCI bus pci@780(leaf A)?e1000g0 e1000g1

● Which network interfaces are attached to PCI bus pci@7c0 (leafB)?e1000g2 e1000g3

11. Run the ifconfig -a command to identify which networkinterfaced are currently plumbed.

The following example shows network configuration information formachine 4.

# ifconfig -alo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu8232 index1 inet 127.0.0.1 netmask ff000000e1000g0: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500index 3 inet 192.168.100.104 netmask ffffff00 broadcast 192.168.100.255 ether 0:14:4f:1d:e9:b6

Name IP Address

Network interface: e1000g0 192.168.100.104

The network interface is connected to which PCI bus?PCI bus pci@780

Note – At this point, you have gathered the configuration informationrequired to complete the remaining tasks in this course. This informationwill be required in later exercises.

Exercise Solutions




1. Verify that you are logged in to the Sun Fire T2000’s operatingsystem of your assigned lab machine as root. If not, log in at thistime.

# iduid=0(root) gid=0(root)

2. Unzip the 136927-01.zip archive located in the /opt/ses/labdirectory to the /var/tmp directory.

# cd /var/tmp# cp /opt/ses/lab/136927-01.zip .# unzip 136927-01.zip# ls -d 136927*136927-01 136927-01.zip

3. Move to the 136927-01 directory and list the contents. Note that thesysfwdownload.README file details this procedure.

# cd 136927-01# lscopyrightInstall.infoLEGAL_LICENSE.TXTREADME.136927-01Sun_System_Firmware-6_6-download_SLA_and_Entitlement.txtSun_System_Firmware-6_6_1-SPARC_Enterprise_T2000.binSun_System_Firmware-6_6_1-Sun_Fire_T2000.bin...

4. Run the sysfwdownload utility to download theSun_System_Firmware-6_6_1-Sun_Fire_T2000.bin file to thesystem controller.

# ./sysfwdownload Sun_System_Firmware-6_6_1-Sun_Fire_T2000.bin.......... (10%).......... (20%).......... (30%)..........(40%).......... (51%).......... (61%).......... (71%).......... (81%).......... (92%)........ (100%)

Download completed successfully.

5. Shut down the operating system.

# shutdown -i5 -g0 -yShutdown started. Fri May 30 14:48:20 MDT 2008

Changing to init state 5 - please wait

Exercise Solutions


Broadcast Message from root (console) on train06 Tue May 22 14:48:20...THE SYSTEM train06 IS BEING SHUT DOWN NOW ! ! !Log off now or risk your files being damaged...svc.startd: The system is down.syncing file systems... done

SC Alert: Host system has shut down

6. After the operating system is down, type #. to move back to thesystem controller.

#.sc>

7. Use the poweroff -fy command to verify that the system power isoff.

sc> poweroff -fyHost system power is already off

8. Run the flashupdate -s 127.0.0.1 command to upgrade thesystem controller firmware.

Note that this takes a couple minutes to complete.

sc> flashupdate -s 127.0.0.1SC Alert: System poweron is disabled.......................................................................................................................................................................Update complete. Reset device to use new software.SC Alert: SC firmware was reloaded

9. Run the resetsc -y command to reset the system controller.

If you are accessing the SC using the terminal server, log in to thesystem controller when prompted.

If you were logged in directly to the SC, log back in to the SC usingtelnet.

sc> resetsc -yUser Requested SC Shutdown

ALOM BOOTMON v1.4.2ALOM Build Release: 001Reset register: 00000000

ALOM POST 1.0......Please login: admin

Exercise Solutions


Please Enter password: cangetin

10. Run the showhost command to verify the system controllerfirmware level.

sc> showhostSun-Fire-T2000 System Firmware 6.6.1 2008/02/11 15:53

Host flash versions: OBP 4.28.1 2008/02/11 13:06 Hypervisor 1.6.1 2008/02/11 12:15 POST 4.28.1 2008/02/11 13:28

11. Run the poweron command to power the system back on. Thesystem will perform power on self test (POST). POST takes a fewminutes to complete.

sc> poweronSC Alert: Host System has Reset

12. Open a console to the system. If the system stops at the OpenBootPROM ok prompt, boot the operating system.

sc> console -fEnter #. to return to ALOM.

Expect to see system power on self test (POST) message traffic before the okprompt is displayed. This will a couple minutes to complete.

{0} ok bootBoot device: /pci@7c0/pci@0/pci@1/pci@0,2/LSILogic,sas@2/disk@0,0:a Fileand args:SunOS Release 5.10 Version Generic 64-bit....


host04 console login: rootPassword: cangetin...

Exercise Solutions


Task 3– Solutions


1. Verify that you are logged in to the operating system of yourassigned lab machine as root. If not, log in at this time.

2. Unzip the LDoms_Manager-1_0_3.zip archive located in the/opt/ses/software directory to the /var/tmp directory.

# pwd/var/tmp# cp /opt/ses/software/LDoms_Manager-1_0_3.zip .# unzip LDoms_Manager-1_0_3.zipArchive: LDoms_Manager-1_0_3.zipcreating: LDoms_Manager-1_0_3/creating: LDoms_Manager-1_0_3/Product/creating: LDoms_Manager-1_0_3/Product/SUNWldm.v/inflating: LDoms_Manager-1_0_3/Product/SUNWldm.v/pkgmapinflating: LDoms_Manager-1_0_3/Product/SUNWldm.v/pkginfo...# ls -d LDoms_Manager-1_0_3*LDoms_Manager-1_0_3 LDoms_Manager-1_0_3.zip

3. Change to the LDoms_Manager-1_0_3/Product directory and runthe /var/tmp/LDoms_Manager-1_0_3/Install/install-ldminstallation script to install the Logical Domains Manager 1.0.3software.

During the installation, you will be asked to choose one of thefollowing options:

a) Hardened Solaris configuration for LDoms (recommended)

b) Standard Solaris configuration

c) Your custom-defined Solaris security configuration profile

Select option a.

Option a installs the JumpStart Architecture and Security Scripts (JASS)toolkit. It provides a flexible and extensible mechanism to harden and auditSolaris Operating System.

# cd LDoms_Manager-1_0_3/Product# /var/tmp/LDoms_Manager-1_0_3/Install/install-ldmWelcome to the LDoms installer.

You are about to install the domain manager package that will enableyou to create, destroy and control other domains on your system. Giventhe capabilities of the domain manager, you can now change the security

Exercise Solutions


configuration of this Solaris instance using the Solaris SecurityToolkit.

Select a security profile from this list:

a) Hardened Solaris configuration for LDoms (recommended)b) Standard Solaris configurationc) Your custom-defined Solaris security configuration profile

Enter a, b, or c [a]: aThe changes made by selecting this option can be undone through theSolaris Security Toolkit’s undo feature. This can be done with the’/opt/SUNWjass/bin/jass-execute -u’ command.Installing LDoms and Solaris Security Toolkit packages.pkgadd -n -d "/var/tmp/LDoms_Manager-1_0_3/Product" -a pkg_adminSUNWldm.vCopyright 2008 Sun Microsystems, Inc. All rights reserved.Use is subject to license terms.

Installation of <SUNWldm> was successful.pkgadd -n -d "/var/tmp/LDoms_Manager-1_0_3/Product" -a pkg_admin SUNWjassCopyright 2005 Sun Microsystems, Inc. All rights reserved.Use is subject to license terms.

Installation of <SUNWjass> was successful.

Verifying that all packages are fully installed. OK.Enabling services: svc:/ldoms/ldmd:defaultRunning Solaris Security Toolkit 4.2.0 driver ldm_control-secure.driver.Please wait. . ./opt/SUNWjass/bin/jass-execute -q -d ldm_control-secure.driverExecuting driver, ldm_control-secure.driverSolaris Security Toolkit hardening executed successfully; log file/var/opt/SUNWjass/run/20080521060409/jass-install-log.txt. It will nottake effect until the next reboot. Before rebooting, make sure SSH orthe serial line is setup for use after the reboot.

4. Reboot the Sun Fire T2000’s operating system.

# shutdown -i6 -g0 -y...# svc.startd: The system is coming down. Please wait.svc.startd: 93 system services are now being stopped.May 21 06:08:34 train06 syslogd: going down on signal 15svc.startd: The system is down.syncing file systems... donerebooting...

Exercise Solutions


Expect to see JASS related message traffic when the operation systemreboots.

5. Log in to the Sun Fire T2000’s operating system as root.

Because the operating system has been hardened, you are required toset a new password for root. Make the new root passwordcangetin@sun.

console login: rootPassword: cangetinpasswd: Changing password for rootNew Password: cangetin@sunRe-enter new Password: cangetin@sunpasswd: password successfully changed for root

Note – At this point, the system has been transformed from a standardSolaris 10 operating system to a Solaris 10 Control Domain.

6. Verify that the logical domain daemon (ldmd) has been automaticallystarted.

# svcs -l ldmdfmri svc:/ldoms/ldmd:defaultname Logical Domain Managerenabled truestate onlinenext_state nonestate_time May 21, 2008 6:12:13 AM MDTlogfile /var/svc/log/ldoms-ldmd:default.logrestarter svc:/system/svc/restarter:defaultcontract_id 43dependency require_all/none svc:/system/filesystem/local (online)

The state should be “online”.

7. Verify the logical domain management utility is operational byrunning the /opt/SUNWldm/bin/ldm list command.

# /opt/SUNWldm/bin/ldm list-------------------------------------------------------------------------Notice: the LDom Manager is running in configuration mode. Configuration andresource information is displayed for the configuration under construction;not the current active configuration. The configuration being constructedwill only take effect after it is downloaded to the system controller andthe host is reset.---------------------------------------------------------------------------Name State Flags Cons VCPU Memory Util Uptimeprimary active -t-cv SP 24 8064M 20% 9m

Exercise Solutions


8. Add the /opt/SUNWldm/bin path to the root account $PATHvariable. Also, add /opt/SUNWldm/man to the root account$MANPATH variable.

# TERM=vt100# export TERM# vi $HOME/.profile:/PATHAPATH=/usr/bin:/usr/sbin:/usr/ccs/bin:$PATH:/opt/SUNWldm/bin<esc>:/MANPATHAMANPATH=/usr/man:$MANPATH:/opt/SUNWldm/manexport MANPATH<esc>:wq!

9. Run the . $HOME/.profile command to force the system to re-examine your environment variables.

# . $HOME/.profile

Exercise Solutions




1. Verify that you are logged in to the control domain of your assignedlab machine as root. If not, log in at this time.

2. List the user and system logins currently configured in the operatingsystem.

# loginsroot 0 root 0 Super-Userdaemon 1 other 1bin 2 bin 2sys 3 sys 3adm 4 adm 4 Adminuucp 5 uucp 5 uucp Adminnuucp 9 nuucp 9 uucp Adminsmmsp 25 smmsp 25 SendMail MessageSubmission Programlisten 37 adm 4 Network Admingdm 50 gdm 50 GDM Reserved UIDlp 71 lp 8 Line Printer Adminwebservd 80 webservd 80 WebServer Reserved UIDpostgres 90 postgres 90 PostgreSQL Reserved UIDsvctag 95 daemon 12 Service Tag UIDnobody 60001 nobody 60001 NFS Anonymous Access Usernoaccess 60002 noaccess 60002 No Access Usernobody4 65534 nogroup 65534 SunOS 4.x NFS AnonymousAccess User

3. Add three new users to the operating system named ldmadm1,ldmadm2, and ldmadm3. Set the new user passwords to cangetin.

# useradd -d /export/ldmadm1 -m -s /bin/ksh ldmadm164 blocks# useradd -d /export/ldmadm2 -m -s /bin/ksh ldmadm264 blocks# useradd -d /export/ldmadm3 -m -s /bin/ksh ldmadm364 blocks## passwd ldmadm1New Password: cangetinRe-enter new Password: cangetinpasswd: password successfully changed for ldmadm1# passwd ldmadm2New Password: cangetinRe-enter new Password: cangetin

Exercise Solutions


passwd: password successfully changed for ldmadm2# passwd ldmadm3New Password: cangetinRe-enter new Password: cangetinpasswd: password successfully changed for ldmadm3# loginsroot 0 root 0 Super-Userdaemon 1 other 1bin 2 bin 2sys 3 sys 3adm 4 adm 4 Adminuucp 5 uucp 5 uucp Adminnuucp 9 nuucp 9 uucp Adminsmmsp 25 smmsp 25 SendMail MessageSubmission Programlisten 37 adm 4 Network Admingdm 50 gdm 50 GDM Reserved UIDlp 71 lp 8 Line Printer Adminwebservd 80 webservd 80 WebServer Reserved UIDpostgres 90 postgres 90 PostgreSQL Reserved UIDsvctag 95 daemon 12 Service Tag UIDldmadm1 100 other 1ldmadm2 101 other 1ldmadm3 102 other 1nobody 60001 nobody 60001 NFS Anonymous Access Usernoaccess 60002 noaccess 60002 No Access Usernobody4 65534 nogroup 65534 SunOS 4.x NFS AnonymousAccess User

4. Verify that the new user ldmadm1 is unable to perform a basic LDomread operation by switching user (su) to ldmadm1 and running the/opt/SUNWldm/bin/ldm list command.

# su - ldmadm1$ /opt/SUNWldm/bin/ldm listAuthorization failed$ exit

5. Assign LDoms read and write authorization for user ldmadm1 usingthe usermod -A command. The LDoms read and write authorizationis enabled by the solaris.ldoms.write privilege.

After the privilege is assigned, verify user ldmadm1 is authorized runthe /opt/SUNWldm/bin/ldm list command.

# usermod -A solaris.ldoms.write ldmadm1# su - ldmadm1$ /opt/SUNWldm/bin/ldm list-------------------------------------------------------------------------

Exercise Solutions


Notice: the LDom Manager is running in configuration mode. Configuration andresource information is displayed for the configuration under construction;not the current active configuration. The configuration being constructedwill only take effect after it is downloaded to the system controller andthe host is reset.---------------------------------------------------------------------------NAME STATE FLAGS CONS VCPU MEMORY UTIL UPTIMEprimary active -n-c- SP 24 8064M 0.0% 19h 49m

$ exit


# su - ldmadm2$ /opt/SUNWldm/bin/ldm listAuthorization failed$ exit

7. Verify that the LDoms Management profile is installed in the/etc/security/prof_attr file.

# grep 'LDoms Management' /etc/security/prof_attrLDoms Management:::Manage LDoms domains:auths=solaris.ldoms.*

8. Assign the LDoms Management profile to user ldmadm2.

# usermod -P "LDoms Management" ldmadm2

After the profile has been assign, verify that user ldmadm2 isauthorized run the /opt/SUNWldm/bin/ldm list command. Exitfrom the ldmadm2 user shell.

# su - ldmadm2$ /opt/SUNWldm/bin/ldm list-------------------------------------------------------------------------Notice: the LDom Manager is running in configuration mode. Configuration andresource information is displayed for the configuration under construction;not the current active configuration. The configuration being constructedwill only take effect after it is downloaded to the system controller andthe host is reset.---------------------------------------------------------------------------

NAME STATE FLAGS CONS VCPU MEMORY UTIL UPTIMEprimary active -n-c- SP 24 8064M 0.2% 19h 56m$ exit


# su - ldmadm3$ /opt/SUNWldm/bin/ldm list

Exercise Solutions


Authorization failed$ exit

10. Create a new role for LDoms management named ldomadm. Givethis role LDoms read/write authorization. The LDoms read andwrite authorization is enabled by the solaris.ldoms.writeprivilege.

Set the new role password to cangetin.

# roleadd -A solaris.ldoms.write ldomadm# passwd ldomadmNew Password: cangetinRe-enter new Password: cangetinpasswd: password successfully changed for ldomadm

11. Assign the ldomadm role to user ldmadm3.

# usermod -R ldomadm ldmadm3

After the role is assigned to user ldmadm3, verify user ldmadm3 isauthorized run the /opt/SUNWldm/bin/ldm list command usingthe ldomadm role.

# su - ldmadm3# iduid=102(ldmadm3) gid=1(other)$ su ldomadmPassword: cangetinMay 22 02:10:56 train06 su: ’su ldomadm’ succeeded for root on/dev/console$ iduid=103(ldomadm) gid=1(other)$ /opt/SUNWldm/bin/ldm list-------------------------------------------------------------------------Notice: the LDom Manager is running in configuration mode. Configuration andresource information is displayed for the configuration under construction;not the current active configuration. The configuration being constructedwill only take effect after it is downloaded to the system controller andthe host is reset.---------------------------------------------------------------------------Name State Flags Cons VCPU Memory Util Uptimeprimary active -n-c- SP 24 8064M 0.1% 20h 3m

Exit from the ldomadm role and the ldmadm3 user shell.

$ exit$ exit


Lab 4

Exercise: Setting Up the Control and ServiceLogicalDomain

Objectives


● Create default virtual services

● Setup the control domain

● Configure the virtual switch as a network Interface

● Enable the virtual network terminal server

Preparation

To prepare for this lab exercise:

● Review the Preparation section in Lab 1.

● Review the hardware and software configuration information yougathered in Task 1 of Lab 1.

● When performing this exercise, use the following system logininformation. See your instructor if you need help.

Control domain operating system:

● Login name root

● Login password cangetin@sun


Objectives


Task 1 – Create Default Virtual Services

In this task you use the logical domain management utility to createdefault virtual services initially to be able to use them later in the course.

You setup the following (Figure 4-1) default virtual services:

● vdiskserver – The virtual disk server

● vswitch – The virtual switch service

● vconscon – The virtual console concentrator service

Figure 4-1 Logical Domain Virtual Services


1. Verify you are logged in to the Sun Fire T2000 control domain asroot. If not, log in at this time.

2. List the logical domain configurations currently stored on the systemcontroller.

If configurations other than factory-default are listed, use theldm remove-config config_name command to remove them atthis time. Do not remove the factory-default configuration.

3. List all the logical domains currently configured on the system.

4. List all server bound and unbound devices. Peruse the list to get anunderstanding of the devices available to the Logical DomainManager.

5. List the bindings of all currently configured logical domains.

6. List the virtual services currently configured on the control domain.

7. Add a virtual disk service named primary-vds0 to the primarydomain.

Service Domainvswitch vdiskserver vconscon

Hypervisor

DiskStorage

NetworkInterfaces

Hardware Resources

Objectives

Exercise: Setting Up the Control and Service Logical Domain 4-3Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

8. Add a disk volume named vol0 to the virtual disk service. Bind thethe second disk drive on PCI leaf B (c1t1d0s2) to vol0. Refer to theconfiguration information you gathered in Lab1, Task 1.

9. Add a virtual console service named primary-vcc0 with a portrange of 5000 - 5100 to the primary domain.

10. Add a virtual network switch service named primary-vsw0 to theprimary domain. Bind this virtual network switch to networkinterface e1000g0.

11. List the services to ensure they are configured correctly.

At this point the domain named primary is configured as a servicedomain. Before the changes take effect, the new configuration must besaved to the system controller and the operating system must be rebooted.You will do this in the next task.

Task 2 – Setup the Control Domain

Now that you have the default virtual services configured, the next task isto perform the initial setup of the control (primary) domain. This involvesallocating system resources (Figure 4-2) to be used by the control domain.The remaining unallocated system resources can be used by other logicaldomains in the system. Finally, after the you configure the controldomain, you save the configuration to the system controller.

In this task you allocate the following resources to the control domain:

● mau – The modular arithmetic unit to be used by the control domain.

● vcpu – The virtual CPU presenting the processor cores of the serverto be used my the control domain.

● memory - The amount of memory to be used my the control domain.

Figure 4-2 Initial Configuration Resource Set

Control Domain

Physical Resourses

(vCPUs, Memory, MAU)

Hypervisor

Objectives




2. List all the server resources.

How many virtual CPUs are currently available for creating guestdomains? ________

How much memory is currently available for creating guestdomains? ________

3. Allocate one modular arithmetic unit to the primary domain.

4. Allocate four virtual CPUs to the primary domain.

5. Allocate two gigabytes of memory to the primary domain.

6. Verify the resources allocated to the control domain by running theldm list-bindings command.

7. Save the new configuration to the system controller. Name theconfiguration config_initial.

8. List the configuration stored on the system controller.

9. Reboot the control domain.

10. After the control domain has rebooted, log in as root.

11. Generate a long list of the of the primary domain to verify the newconfiguration was created correctly.

You now have sufficient resources and services to create guest domains.

Objectives


Task 3 – Configure the Virtual Switch as a PrimaryNetwork Interfaces

A virtual switch can serve a the primary network interface to the controldomain. This task demonstrates how the virtual switch can be configuredas the primary network interface for the control domain.

In this task you configure the virtual switch created in “Task 1 – CreateDefault Virtual Services” on page Lab 4-2 to access subnet 192.168.100.0.See Figure 4-3.

Figure 4-3 Virtual Switch Configuration



2. Display the IP addressing information for all network interfaces.

3. Unplumb the current primary network interface (e1000g0).

4. Plumb the virtual switches vsw0.

Subnet 192.168.100.0

Hypervisor

Resources

Service Domain

vsw0

pci@7c0/../network@0

e1000g0

Objectives


5. Manually configure the IP addressing information for the vsw0network interface. Use the IP address information originallyassigned to the e1000g0 interface (see the results of Step 2). Be sureto set the up flag.

6. Use the ifconfig -a command to verify the new IP configuration.

7. Use the ping command to verify the vsw0 interface can access the192.168.100.0 subnet.

8. Rename the /etc/hostname.e1000g0 file to /etc/hostname.vsw0so that the virtual switch will automatically be configured as theprimary interface after the next OS reboot.

Task 4 – Enable the Virtual Network Terminal Server

The virtual network terminal server daemon (vntsd) daemon providesaccess to the virtual console of each logical domain. By default, thisdaemon is disabled.

In this task you enable the vntsd daemon.



2. Run the svcs vntsd command to determine the current state of thevntsd daemon.

3. Use the svcadm command to enable the virtual network terminalserver daemon, vntsd.

4. Use the svcs command to verify that the vntsd daemon is enabled.

Exercise Summary


Exercise Summary

?!


● Experiences

● Interpretations

● Conclusions

● Applications

Exercise Solutions


Exercise Solutions





2. List the logical domain configurations currently stored on the systemcontroller.

primary# ldm list-spconfigfactory-default [current]...

If configurations other than factory-default are listed, use theldm remove-config config_name command to remove them atthis time. Do not remove the factory-default configuration.

primary# ldm remove-spconfig config_name# ldm list-configfactory-default [current]

3. List all the logical domains currently configured on the system.

primary# ldm list-domain-------------------------------------------------------------------------Notice: the LDom Manager is running in configuration mode. Configurationand resource information is displayed for the configuration underconstruction; not the current active configuration. The configurationbeing constructed will only take effect after it is downloaded to thesystem controller and the host is reset.-------------------------------------------------------------------------Name State Flags Cons VCPU Memory Util Uptimeprimary active -n-c- SP 24 8064M 0.1% 20h 9m

By default, the system provides a control domain (named primary) inconfiguration mode. This gives you a configuration starting point.Configuration mode implies any additional changes you make to thisdomain must be saved to the SC and the domain must be restart (rebooted)

4. List all server bound and unbound devices. Peruse the list to get anunderstanding of the devices available to the Logical DomainManager.

Exercise Solutions



primary# ldm list-devices -a-------------------------------------------------------------------------Notice: the LDom Manager is running in configuration mode. Configurationand resource information is displayed for the configuration underconstruction; not the current active configuration. The configurationbeing constructed will only take effect after it is downloaded to thesystem controller and the host is reset.-------------------------------------------------------------------------

VCPU PID %FREE 0 0 1 0 2 0 3 0 8 0 9 0 10 0 11 0 12 0 13 0 14 0 15 0 16 0 17 0 18 0 19 0 20 0 21 0 22 0 23 0 24 0 25 0 26 0 27 0

MAU ID CPUSET BOUND 0 (0, 1, 2, 3) primary 1 (8, 9, 10, 11) primary 2 (12, 13, 14, 15) primary

Exercise Solutions


3 (16, 17, 18, 19) primary 4 (20, 21, 22, 23) primary 5 (24, 25, 26, 27) primary

MEMORY PA SIZE BOUND 0x0 512K _sys_ 0x80000 1536K _sys_ 0x200000 62M _sys_ 0x4000000 64M _sys_ 0x8000000 8064M primary

IO DEVICE PSEUDONYM BOUND OPTIONS pci@780 bus_a yes bypass=on pci@7c0 bus_b yes bypass=on

5. List the bindings of all currently configured logical domains.

primary# ldm list-bindings-------------------------------------------------------------------------Notice: the LDom Manager is running in configuration mode. Configurationand resource information is displayed for the configuration underconstruction; not the current active configuration. The configurationbeing constructed will only take effect after it is downloaded to thesystem controller and the host is reset.-------------------------------------------------------------------------NAME STATE FLAGS CONS VCPU MEMORY UTIL UPTIMEprimary active -n-c- SP 24 8064M 0.1% 20h 22m

MAC 00:14:4f:02:57:4c

VCPU VID PID UTIL STRAND 0 0 0.5% 100% 1 1 0.1% 100% 2 2 0.0% 100% 3 3 0.0% 100% 4 8 0.1% 100% 5 9 0.0% 100% 6 10 0.0% 100% 7 11 0.0% 100% 8 12 0.1% 100% 9 13 0.0% 100% 10 14 0.0% 100% 11 15 0.0% 100%

Exercise Solutions


12 16 0.1% 100% 13 17 0.0% 100% 14 18 0.0% 100% 15 19 0.0% 100% 16 20 0.1% 100% 17 21 0.0% 100% 18 22 0.0% 100% 19 23 0.0% 100% 20 24 0.1% 100% 21 25 0.0% 100% 22 26 0.0% 100% 23 27 0.0% 100%

MAU ID CPUSET 0 (0, 1, 2, 3) 1 (8, 9, 10, 11) 2 (12, 13, 14, 15) 3 (16, 17, 18, 19) 4 (20, 21, 22, 23) 5 (24, 25, 26, 27)

MEMORY RA PA SIZE 0x8000000 0x8000000 8064M

VARIABLES boot-device=/pci@7c0/pci@0/pci@1/pci@0,2/LSILogic,sas@2/disk@0,0:adisk net keyboard-layout=US-English use-nvramrc?=true

IO DEVICE PSEUDONYM OPTIONS pci@780 bus_a bypass=on pci@7c0 bus_b bypass=on

VCONS NAME SERVICE PORT SP

Note that after the initial logical domain software installation, the primary(control) domain owns all available system resources.

6. List the virtual services currently configured on the control domain.

primary# ldm list-services-------------------------------------------------------------------------

Exercise Solutions


Notice: the LDom Manager is running in configuration mode. Configurationand resource information is displayed for the configuration underconstruction; not the current active configuration. The configurationbeing constructed will only take effect after it is downloaded to thesystem controller and the host is reset.-------------------------------------------------------------------------

7. Add a virtual disk service named primary-vds0 to the primarydomain.

primary# ldm add-vdiskserver primary-vds0 primary-------------------------------------------------------------------------Notice: the LDom Manager is running in configuration mode. Anyconfiguration changes made will only take effect after the machineconfiguration is downloaded to the system controller and the host isreset.-------------------------------------------------------------------------

vdiskserver is a virtual disk server which allows you to import virtualdisks into a logical domain. Note that currently no volumes, partitions, orfile have been bound to disk service primary-vds0.

8. Add a disk volume named vol0 to the virtual disk service. Bind thethe second disk drive on PCI leaf B (c1t1d0s2) to vol0. Refer to theconfiguration information you gathered in Lab1, Task 1.

primary# ldm add-vdiskserverdevice /dev/dsk/c1t1d0s2 vol0@primary-vds0-------------------------------------------------------------------------Notice: the LDom Manager is running in configuration mode. Anyconfiguration changes made will only take effect after the machineconfiguration is downloaded to the system controller and the host isreset.-------------------------------------------------------------------------

9. Add a virtual console service named primary-vcc0 with a portrange of 5000 - 5100 to the primary domain.

primary# ldm add-vconscon port-range=5000-5100 primary-vcc0 primary-------------------------------------------------------------------------Notice: the LDom Manager is running in configuration mode. Anyconfiguration changes made will only take effect after the machineconfiguration is downloaded to the system controller and the host isreset.-------------------------------------------------------------------------

vconscon is a virtual console concentrator service with a specific range ofTCP ports to assign to each guest domain at the time it is created.

Exercise Solutions


10. Add a virtual network switch service named primary-vsw0 to theprimary domain. Bind this virtual network switch to networkinterface e1000g0.

primary# ldm add-vswitch net-dev=e1000g0 primary-vsw0 primary-------------------------------------------------------------------------Notice: the LDom Manager is running in configuration mode. Anyconfiguration changes made will only take effect after the machineconfiguration is downloaded to the system controller and the host isreset.-------------------------------------------------------------------------

vswitch is a virtual network switch that connects the virtual networkdevices to the external net-work and also switches packets between them.

11. List the services to ensure they are configured correctly.

primary# ldm list-services primary-------------------------------------------------------------------------Notice: the LDom Manager is running in configuration mode. Configurationand resource information is displayed for the configuration underconstruction; not the current active configuration. The configurationbeing constructed will only take effect after it is downloaded to thesystem controller and the host is reset.-------------------------------------------------------------------------VCC NAME PORT-RANGE primary-vcc0 5000-5100

VSW NAME MAC NET-DEV DEVICE MODE primary-vsw0 00:14:4f:f9:66:6b e1000g0 switch@0

VDS NAME VOLUME OPTIONS DEVICE primary-vds0 vo10 /dev/dsk/c1t1d0s2

At this point the domain named primary is configured as a servicedomain. Before the changes take effect, the new configuration must besaved to the system controller and the operating system must be rebooted.You will do this in the next task.



Exercise Solutions



2. List all the server resources.

primary# ldm list-devices -a-------------------------------------------------------------------------Notice: the LDom Manager is running in configuration mode. Configurationand resource information is displayed for the configuration underconstruction; not the current active configuration. The configurationbeing constructed will only take effect after it is downloaded to thesystem controller and the host is reset.-------------------------------------------------------------------------

VCPU PID %FREE 0 0 1 0 2 0 3 0 8 0 9 0 10 0 11 0 12 0 13 0 14 0 15 0 16 0 17 0 18 0 19 0 20 0 21 0 22 0 23 0 24 0 25 0 26 0 27 0

MAU ID CPUSET BOUND 0 (0, 1, 2, 3) primary 1 (8, 9, 10, 11) primary 2 (12, 13, 14, 15) primary 3 (16, 17, 18, 19) primary

Exercise Solutions


4 (20, 21, 22, 23) primary 5 (24, 25, 26, 27) primary

MEMORY PA SIZE BOUND 0x0 512K _sys_ 0x80000 1536K _sys_ 0x200000 62M _sys_ 0x4000000 64M _sys_ 0x8000000 8064M primary

IO DEVICE PSEUDONYM BOUND OPTIONS pci@780 bus_a yes bypass=on pci@7c0 bus_b yes bypass=on

How many virtual CPUs are currently available for creating guestdomains? 0 vCPUs

How much memory is currently available for creating guestdomains? 0 memory

3. Allocate one modular arithmetic unit to the primary domain.

primary# ldm set-mau 1 primary----------------------------------------------------------------------------Notice: the LDom Manager is running in configuration mode. Any configurationchanges made will only take effect after the machine configuration isdownloaded to the system controller and the host is reset.----------------------------------------------------------------------------

4. Allocate four virtual CPUs to the primary domain.

primary# ldm set-vcpu 4 primary----------------------------------------------------------------------------Notice: the LDom Manager is running in configuration mode. Any configurationchanges made will only take effect after the machine configuration isdownloaded to the system controller and the host is reset.----------------------------------------------------------------------------

5. Allocate two gigabytes of memory to the primary domain.

primary# ldm set-memory 2G primary----------------------------------------------------------------------------Notice: the LDom Manager is running in configuration mode. Any configurationchanges made will only take effect after the machine configuration isdownloaded to the system controller and the host is reset.----------------------------------------------------------------------------

6. Verify the resources allocated to the control domain by running theldm list-bindings command.

primary# ldm list-bindings primary-------------------------------------------------------------------------

Exercise Solutions


Notice: the LDom Manager is running in configuration mode. Configurationand resource information is displayed for the configuration underconstruction; not the current active configuration. The configurationbeing constructed will only take effect after it is downloaded to thesystem controller and the host is reset.-------------------------------------------------------------------------NAME STATE FLAGS CONS VCPU MEMORY UTIL UPTIMEprimary active -n-cv SP 4 2G 0.0% 2h 28m

MAC 00:14:4f:02:57:4c

VCPU VID PID UTIL STRAND 0 0 0.3% 100% 1 1 0.0% 100% 2 2 0.0% 100% 3 3 0.0% 100%

MAU ID CPUSET 0 (0, 1, 2, 3)

MEMORY RA PA SIZE 0x8000000 0x8000000 2G


IO DEVICE PSEUDONYM OPTIONS pci@780 bus_a bypass=on pci@7c0 bus_b bypass=on

VCC NAME PORT-RANGE primary-vcc0 5000-5100


Exercise Solutions




7. Save the new configuration to the system controller. Name theconfiguration config_initial.

primary# ldm add-config config_initial

8. List the configuration stored on the system controller.

primary# ldm list-configfactory-default [current]config_initial [next]

9. Reboot the control domain.

# shutdown -i6 -g0 -y...

You will have to wait a few minutes until the login prompt is available.

10. After the control domain has rebooted, log in as root.

console login: rootPassword: cangetin@sun...

11. Generate a long list of the of the primary domain to verify the newconfiguration was created correctly.

primary# ldm list-domain -l primaryNAME STATE FLAGS CONS VCPU MEMORY UTIL UPTIMEprimary active -n-cv SP 4 2G 22% 4m

SOFTSTATESolaris running

VCPU VID PID UTIL STRAND 0 0 61% 100% 1 1 10% 100% 2 2 9.4% 100% 3 3 8.0% 100%

MAU ID CPUSET 0 (0, 1, 2, 3)

Exercise Solutions




IO DEVICE PSEUDONYM OPTIONS pci@780 bus_a pci@7c0 bus_b





Additionally, you can run the psrinfo and prtconf|grep Memcommand to view the results of your work.

You should now have sufficient resources and services to create guestdomains.




2. Display the IP addressing information for all network interfaces.

Exercise Solutions


This example uses machine # 4.

primary# ifconfig -alo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu8232 index 1 inet 127.0.0.1 netmask ff000000e1000g0: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500index 2 inet 192.168.100.104 netmask ffffff00 broadcast 192.168.100.255 ether 0:14:4f:2:57:4c

3. Unplumb the current primary network interface (e1000g0).

primary# ifconfig e1000g0 unplumb

4. Plumb the virtual switches vsw0.

primary# ifconfig vsw0 plumb

5. Manually configure the IP addressing information for the vsw0network interface. Use the IP address information originallyassigned to the e1000g0 interface (see the results from Step 2). Besure to set the up flag.

The following example shows network configuration information formachine 4.

primary# ifconfig vsw0 192.168.100.104 netmask 255.255.255.0broadcast + up

6. Use the ifconfig -a command to verify the new IP configuration.

primary# ifconfig -alo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu8232 index 1 inet 127.0.0.1 netmask ff000000vsw0: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 3 inet 192.168.100.104 netmask ffffff00 broadcast 192.168.100.255 ether 0:14:4f:f9:da:3b

7. Use the ping command to verify the vsw0 interface can assess the192.168.100.0 subnet.

primary# ping -s 192.168.100.255...^C

You should see responses from other system on the subnet.

8. Rename the /etc/hostname.e1000g0 file to /etc/hostname.vsw0so that the virtual switch will automatically be configured as theprimary interface after the next OS reboot.

primary# mv /etc/hostname.e1000g0 /etc/hostname.vsw0

Exercise Solutions





2. Run the svcs vntsd command to determine the current state of thevntsd daemon.

primary# svcs -l vntsd..state: disabled...

The state should be “disabled”.

3. Use the svcadm command to enable the virtual network terminalserver daemon, vntsd.

primary# svcadm enable vntsd

4. Use the svcs command to verify that the vntsd daemon is enabled.

primary# svcs -l vntsdfmri svc:/ldoms/vntsd:defaultname virtual network terminal serverenabled truestate onlinenext_state nonestate_time May 29, 2008 12:39:56 AM MDTlogfile /var/svc/log/ldoms-vntsd:default.logrestarter svc:/system/svc/restarter:defaultcontract_id 261dependency optional_all/error svc:/milestone/network (online)dependency optional_all/none svc:/system/system-log (online)

The state should be “online”.


Lab 5

Exercise: Creating aGuestLogical Domain

Objectives


● Create a guest domain

● JumpStart the guest domain

● Explore the guest domain

Preparation




● Review the LDom services you configured in the previous exercise.



● Login name root


Guest domain operating system:

● Login name root

● Login password cangetin

Objectives



Task 1 – Create a Guest Domain

In this task you use the logical domain management utility to create aguest domain.

You add the following resources (Figure 5-1) to your new guest domain:

● Four virtual CPUs

● Two gigabytes of memory

● One virtual network interface

● One virtual disk drive

Figure 5-1 Guest Domain Configuration

Internal Disk 1192.168.100.0

Hypervisor

Service Domain

vsw0

vds0

/pci@7c0/../sd@1,0/pci@7c0/../network@0

c0d0

vnet0

vnet0vCPUs

Memory

MemoryvCPUs

Guest Domain

e1000g0

vol0

c1t1d0s2

vdisk0

Resources

Objectives

Exercise: Creating a Guest Logical Domain 5-3Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1



2. List the control domain services.

Are there sufficient services available to create the new guest domainthat has a boot disk and network interface? ________

3. List all the Sun Fire T2000 server devices to identify the resourcesavailable for creating a new guest domain.

Are there sufficient vCPU and memory resources available to createthe new guest domain? ________

4. Use the ldm add-domain command to create the framework for anew guest domain named ldom1.

5. Add four virtual CPUs to the configuration of guest domain ofldom1.

6. Add two gigabytes of memory to the configuration of guest domainof ldom1.

7. List the bindings for logical domain ldom1.

Note that memory and vCPUs are not currently bound to a newguest domain. This is because the guest domain is in the inactivestate. Resources are only bound to a guest domain that is in thebound or active state.

8. Add a virtual network interface named vnet0 to the configuration ofguest domain of ldom1. Bind vnet0 to the virtual switch primary-vsw0. Use the information in Table 5-1 to assign an Ethernet addressthat is associated with your lab machine to the vnet0 interface.

Table 5-1 Lab Ethernet Address Assignments

Assigned Machine Ethernet Address

machine1 08:00:20:ab:01:10

machine2 08:00:20:ab:01:20

machine3 08:00:20:ab:01:30

machine4 08:00:20:ab:01:40

machine5 08:00:20:ab:01:50

machine6 08:00:20:ab:01:60

Objectives


9. Add a virtual disk named vdisk0 to the configuration of guestdomain ldom1. Use the volume currently bound to virtual diskservice vds0.

10. Set the boot-device variable for guest domain ldom1 to/virtual-devices@100/channel-devices@200/disk@0.

11. Set the auto-boot variable for guest domain ldom1 to false.

12. Bind all the resources you configured in this task to the guestdomain ldom1.

13. List the logical domains.

14. List the constraints for guest domain ldom1 in machine-readableformat.

15. Create a backup configuration file named /var/tmp/ldom1.xmlcontaining the constraints for guest domain ldom1 in XML format.

16. Start logical domain ldom1.

17. Generate a long list of all the logical domains in the system to verifyyour work.

Objectives


Task 2 – JumpStart the Guest Domain

In this task you open a virtual console to the guest domain, configure thevirtual devices in the OpenBoot environment, and JumpStart theoperating system. See Figure 5-2.

Figure 5-2 JumpStart Guest Domain



2. Use the telnet command to open a virtual console to guest domainldom1.

3. Use the banner command to display the guest domain ldom1OpenBoot banner. Note the Ethernet address.

This must match the Ethernet address assigned to your lab machinein Table 5-1 on page -3 to perform the JumpStart later in this task.

Internal Disk 1

Hypervisor

Service Domain

vsw0

vds0

/pci@7c0/../sd@1,0/pci@7c0/../network@0

c0d0 vnet0vnet0

Guest Domain

e1000g0

vol0

c1t1d0s2

vdisk0

Resources

JumpStart Server

Objectives


4. Use the printenv command to display the OpenBoot environmentvariables.

Are the boot-device and auto-boot variables configured asspecified in Task 1?

5. Use the show-devs command to display the guest domain ldom1devices. Type q to quit the command.

6. Use the show-disks command to display the guest domain ldom1disks. Type q to quit the command.

7. Use the show-nets command to display the guest domain ldom1network devices. Select the virtual network by typing the letterassociated with it.

8. Create a device alias (nvalias) named vnet0. Use the networkdevice name obtained in the previous step.

9. JumpStart the guest domain ldom1 using the vnet0 device alias.

Note – Jumpstarting the Standard End User metacluster normally takesapproximately 50 minutes to complete.

Contact your instructor when the JumpStart begins to load the softwarepackages.

Note – After the OS has been installed and the smf service descriptionshave been loaded, the JumpStart operation will run a post installationscript to set the root password to cangetin. This will cause the OS toreboot. After the OS has rebooted, you can log in as root with thepassword cangetin.

Task 3 – Explore the Guest Domain

In this task you open a virtual console to the guest domain, log in to theguest domain operating system, and explore the guest domain.


1. Verify you have an virtual console open to the guest domain ldom1.If not, open a console at this time.

Objectives


2. After the Solaris 10 5/08 Operating System has been completelyinstalled in the guest domain ldom1, log in to the OS as root. Usethe password cangetin.

3. Check the /etc/path_to_inst file to determine if the on-boardnetwork interfaces e1000g are present.

Are the on-board network interfaces present? _____

Why?

4. Check /etc/path_to_inst to determine if the virtual networkinterfaces vnet are present.

5. Run the /usr/sbin/dladm show-link command to view networklinks available on the operating system.

6. Verify the new IP configuration.

7. Verify that guest domain ldom1 can access subnet 192.168.100.0.

8. Use the psrinfo -vp command to determine how many virtualCPUs can be seen by the operating system.

9. Use the prtdiag command to determine how much memory can beseen by the operating system.

10. Run the format command to determine which disks are available onthe operating system. Be sure to view the partition table.

Exercise Summary


Exercise Summary

?!


● Experiences

● Interpretations

● Conclusions

● Applications

Exercise Solutions


Exercise Solutions





2. List the control domain services.


primary# ldm list-services primaryVCC NAME PORT-RANGE primary-vcc0 5000-5100



Are there sufficient services available to create the new guest domainthat has a boot disk and network interface? Yes

3. List all the Sun Fire T2000 server devices to identify the resourcesavailable for creating a new guest domain.

primary# ldm list-devices -aVCPU PID %FREE 0 0 1 0 2 0 3 0 8 100

Exercise Solutions


9 100 10 100 11 100 12 100 13 100 14 100 15 100 16 100 17 100 18 100 19 100 20 100 21 100 22 100 23 100 24 100 25 100 26 100 27 100

MAU ID CPUSET BOUND 0 (0, 1, 2, 3) primary 1 (8, 9, 10, 11) 2 (12, 13, 14, 15) 3 (16, 17, 18, 19) 4 (20, 21, 22, 23) 5 (24, 25, 26, 27)

MEMORY PA SIZE BOUND 0x0 512K _sys_ 0x80000 1536K _sys_ 0x200000 62M _sys_ 0x4000000 64M _sys_ 0x8000000 2G primary 0x88000000 6016M

IO DEVICE PSEUDONYM BOUND OPTIONS pci@780 bus_a yes pci@7c0 bus_b yes

Are there sufficient vCPU and memory resources available to createthe new guest domain? Yes

Exercise Solutions


4. Use the ldm add-domain command to create the framework for anew guest domain named ldom1.

primary# ldm add-domain ldom1

5. Add four virtual CPUs to the configuration of guest domain ofldom1.

primary# ldm add-vcpu 4 ldom1

6. Add two gigabytes of memory to the configuration of guest domainof ldom1.

primary# ldm add-memory 2G ldom1

7. List the bindings for logical domain ldom1.

primary# ldm list-bindings ldom1NAME STATE FLAGS CONS VCPU MEMORY UTIL UPTIMEldom1 inactive ----- 4 2G

8. Add a virtual network interface named vnet0 to the configuration ofguest domain of ldom1. Bind vnet0 to the virtual switch primary-vsw0. Use the information in Table 5-1 to assign an Ethernet addressthat is associated with your lab machine to the vnet0 interface.

primary# ldm add-vnet mac-addr=08:00:20:ab:01:40 vnet0 primary-vsw0ldom1

Note that you must use the appropriate Ethernet address from Table 5-2 toJumpStart the logical domain later in this exercise.

9. Add a virtual disk named vdisk0 to the configuration of guestdomain ldom1. Use the volume currently bound to virtual diskservice vds0.

primary# ldm add-vdisk vdisk0 vol0@primary-vds0 ldom1

Table 5-2 Lab Ethernet Address Assignments

Assigned Machine Ethernet Address

machine1 08:00:20:ab:01:10

machine2 08:00:20:ab:01:20

machine3 08:00:20:ab:01:30

machine4 08:00:20:ab:01:40

machine5 08:00:20:ab:01:50

machine6 08:00:20:ab:01:60

Exercise Solutions


The virtual disk (vdisk0) exported to guest domain ldom1 will berepresented in the guest domain’s OpenBoot environment as device/virtual-devices@100/channel-devices@200/disk@0. Youuse the show-disks OpenBoot command to determine this device name.

10. Set the boot-device variable for guest domain ldom1 to/virtual-devices@100/channel-devices@200/disk@0.

primary# ldm set-variable boot-device=/virtual-devices@100/channel-devices@200/disk@0 ldom1

11. Set the auto-boot variable for guest domain ldom1 to false.

primary# ldm set-variable auto-boot\?=false ldom1

12. Bind all the resources you configured in this task to the guestdomain ldom1.

primary# ldm bind-domain ldom1

13. List the logical domains.

primary# ldm list-domainNAME STATE FLAGS CONS VCPU MEMORY UTIL UPTIMEprimary active -n-cv SP 4 2G 0.2% 6d 20h 4mldom1 bound ----- 5000 4 2G

Note that ldom1 is currently is the bound state.

14. List the constraints for guest domain ldom1 in machine-readableformat.

primary# ldm list-constraints -p ldom1VERSION 1.1DOMAIN|name=ldom1VCPU|count=4MEMORY|size=2147483648VARIABLES|auto-boot?=false|boot-device=/virtual-devices@100/channel-devices@200/disk@0VNET|name=vnet0|dev=network@0|service=primary-vsw0|mac-addr=08:00:20:ab:01:40VDISK|name=vdisk0|vol=vo10@primary-vds0VCONS

15. Create a backup configuration file named /var/tmp/ldom1.xmlcontaining the constraints for guest domain ldom1 in XML format.

primary# ldm list-constraints -x ldom1 > /var/tmp/ldom1.xml

This XML-based file can be used to restore the logical domain (ldom1)configuration. For example, to restore the configuration for logical domainldom1, you run the ldm bind-domain -i ldom1.xmlcommand.banner

Exercise Solutions


16. Start logical domain ldom1.

primary# ldm start-domain ldom1LDom ldom1 started

17. Generate a long list of all the logical domains in the system to verifyyour work.

primary# ldm list-domain -lNAME STATE FLAGS CONS VCPU MEMORY UTIL UPTIMEprimary active -n-cv SP 4 2G 0.3% 6d 20h 57m

SOFTSTATESolaris running


MAU ID CPUSET 0 (0, 1, 2, 3)






Exercise Solutions




------------------------------------------------------------------------------NAME STATE FLAGS CONS VCPU MEMORY UTIL UPTIMEldom1 active -t--- 5000 4 2G 25% 17s

SOFTSTATEOpenboot initializing

VCPU VID PID UTIL STRAND 0 8 4.1% 100% 1 9 1.7% 100% 2 10 15% 100% 3 11 0.0% 100%


VARIABLES auto-boot?=false boot-device=/virtual-devices@100/channel-devices@200/disk@0

NETWORK NAME SERVICE DEVICE MAC vnet0 primary-vsw0@primary network@008:00:20:ab:01:40

DISK NAME VOLUME TOUT DEVICE SERVER vdisk0 vo10@primary-vds0 disk@0 primary

VCONS NAME SERVICE PORT ldom1 primary-vcc0@primary 5000

Exercise Solutions






primary# telnet localhost 5000...{0} ok

You can obtain the logical domain console port number from the “Cons”field when running the ldm list-domain command.

If you don’t see the ok prompt, tap the Enter key.

3. Use the banner command to display the guest domain ldom1OpenBoot banner. Note the Ethernet address.

This must match the Ethernet address assigned to your lab machinein Table 5-1 on page Lab 5-3 to perform the JumpStart later in thistask.

{0} ok bannerSun Fire T200, No KeyboardCopyright 2008 Sun Microsystems, Inc. All rights reserved.OpenBoot 4.28.1, 2048 MB memory available, Serial #66756516.Ethernet address 8:0:20:ab:1:40, Host ID: 83ab0140.

4. Use the printenv command to display the OpenBoot environmentvariables.

{0} ok printenvVariable Name Value Default Value

ttya-rts-dtr-off false falsettya-ignore-cd true truekeyboard-layoutreboot-commandsecurity-mode none No defaultsecurity-password No defaultsecurity-#badlogins 0 No defaultverbosity min minpci-mem64? false falsediag-switch? false falselocal-mac-address? true truefcode-debug? false false

Exercise Solutions


scsi-initiator-id 7 7oem-logo No defaultoem-logo? false falseoem-banner No defaultoem-banner? false falseansi-terminal? true truescreen-#columns 80 80screen-#rows 34 34ttya-mode 9600,8,n,1,- 9600,8,n,1,-output-device virtual-console virtual-consoleinput-device virtual-console virtual-consoleauto-boot-on-error? false falseload-base 16384 16384auto-boot? false truenetwork-boot-argumentsboot-command boot bootboot-fileboot-device /virtual-devices@100/cha ... disk netmultipath-boot? false falseboot-device-index 0 0use-nvramrc? false falsenvramrcerror-reset-recovery boot boot

Are the boot-device and auto-boot variables configured asspecified in Task 1? Yes.

5. Use the show-devs command to display the guest domain ldom1devices. Type q to quit the command.

{0} ok show-devs/cpu@3/cpu@2/cpu@1/cpu@0/virtual-devices@100/virtual-memory/memory@m0,8000000/aliases/options/openprom/chosen/packages/virtual-devices@100/channel-devices@200/virtual-devices@100/console@1/virtual-devices@100/ncp@4/virtual-devices@100/flashprom@0/virtual-devices@100/channel-devices@200/disk@0

Exercise Solutions


/virtual-devices@100/channel-devices@200/network@0/openprom/client-services/packages/obp-tftp/packages/kbd-translator/packages/SUNW,asr

6. Use the show-disks command to display the guest domain ldom1disks. Type q to quit the command.

{0} ok show-disksa) /virtual-devices@100/channel-devices@200/disk@0q) NO SELECTIONEnter Selection, q to quit:q

7. Use the show-nets command to display the guest domain ldom1network devices. Select the virtual network by typing the letterassociated with it.

Selecting the letter associated with the virtual network interface in theshow-nets command stores the device path in memory buffer to beinvoked later (next step) on the command-line by typing ^Y.

{0} ok show-netsa) /virtual-devices@100/channel-devices@200/network@0q) NO SELECTIONEnter Selection, q to quit: a/virtual-devices@100/channel-devices@200/network@0 has beenselected.Type ^Y ( Control-Y ) to insert it in the command line.e.g. ok nvalias mydev ^Y for creating devalias mydev for /virtual-devices@100/channel-devices@200/network@0

8. Create a device alias (nvalias) named vnet0. Use the networkdevice name obtained in the previous step.

{0} ok nvalias vnet0 (press ^Y here) /virtual-devices@100/channel-devices@200/network@0{0} ok devaliasvnet0 /virtual-devices@100/channel-devices@200/network@0vdisk0 /virtual-devices@100/channel-devices@200/disk@0net /virtual-devices@100/channel-devices@200/network@0disk /virtual-devices@100/channel-devices@200/disk@0virtual-console /virtual-devices/console@1name aliases

9. JumpStart the guest domain ldom1 using the vnet0 device alias.

Exercise Solutions


Note – Jumpstarting the Standard End User metacluster normally takesapproximately 50 minutes to complete.

{0} ok boot vnet0 - installBoot device: /virtual-devices@100/channel-devices@200/network@0 File andargs: - installRequesting Internet Address for 8:0:20:ab:1:40...whoami: no domain nameConfiguring devices.Using RPC Bootparams for network configuration information.Attempting to configure interface vnet0...Configured interface vnet0...

Contact your instructor when the JumpStart begins to load the softwarepackages.

Note – After the OS has been installed and the smf service descriptionshave been loaded, the JumpStart operation will run a post installationscript to set the root password to cangetin. This will cause the OS toreboot. After the OS has rebooted, you can log in as root with thepassword cangetin.



1. Verify you have an virtual console open to the guest domain ldom1.If not, open a console at this time.

2. After the Solaris 10 5/08 operating system has been completelyinstalled in the guest domain ldom1, log in to the OS as root. Usethe password cangetin.

machine4_vnet0 console login: rootPassword: cangetinJun 4 04:49:23 machine4_vnet0 login: ROOT LOGIN /dev/consoleLast login: Tue Jun 3 06:37:31 on consoleSun Microsystems Inc. SunOS 5.10 Generic January 2005Welcome to SA345LDOM_A on machine4_vnet0

Exercise Solutions


3. Check the /etc/path_to_inst file to determine if the on-boardnetwork interfaces e1000g are present.

guest# grep e1000g /etc/path_to_inst

Are the on-board network interfaces present? No.

Why?

The on-board network interfaces e1000g are not present in guest domainldom1 because the PCI leaves A or B are not currently bound to ldom1.

4. Check /etc/path_to_inst to determine if the virtual networkinterfaces vnet are present.

guest# grep vnet /etc/path_to_inst"/virtual-devices@100/channel-devices@200/network@0" 0 "vnet"

5. Run the /usr/sbin/dladm show-link command to view networklinks available on the operating system.

guest# /usr/sbin/dladm show-linkvnet0 type: non-vlan mtu: 1500 device: vnet0

6. Verify the new IP configuration.

guest# ifconfig -alo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu8232 index 1 inet 127.0.0.1 netmask ff000000vnet0: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index2 inet 192.168.100.43 netmask ffffff00 broadcast 192.168.100.255 ether 8:0:20:ab:1:40

7. Verify that guest domain ldom1 can access subnet 192.168.100.0.

guest# ping -s 192.168.100.255...^C

You should see responses from other systems on subnet 192.168.100.0.


guest# psrinfo -vpThe physical processor has 4 virtual processors (0-3) UltraSPARC-T1 (cpuid 0 clock 1000 MHz)


guest# prtdiag|grep MemMemory size: 2048 Megabytes

Exercise Solutions


10. Run the format command to determine which disks are available onthe operating system. Be sure to view the partition table.

guest# formatSearching for disks...doneAVAILABLE DISK SELECTIONS: 0. c0d0 <SUN72G cyl 14087 alt 2 hd 24 sec 424> /virtual-devices@100/channel-devices@200/disk@0Specify disk (enter its number): 0selecting c0d0[disk unformatted]Warning: Current Disk has mounted partitions./dev/dsk/c0d0s0 is currently mounted on /. Please see umount(1M)./dev/dsk/c0d0s1 is currently used by swap. Please see swap(1M)./dev/dsk/c0d0s7 is currently mounted on /export/home. Please seeumount(1M)....format> partition...partition> printCurrent partition table (original):Total disk cylinders available: 14087 + 2 (reserved cylinders)

Part Tag Flag Cylinders Size Blocks 0 root wm 104 - 963 4.17GB (860/0/0) 8751360 1 swap wu 0 - 103 516.75MB (104/0/0) 1058304 2 backup wm 0 - 14086 68.35GB (14087/0/0)143349312 3 unassigned wm 0 0 (0/0/0) 0 4 unassigned wm 0 0 (0/0/0) 0 5 unassigned wm 0 0 (0/0/0) 0 6 unassigned wm 0 0 (0/0/0) 0 7 home wm 964 - 14086 63.68GB (13123/0/0) 133539648partition> quit...format> quit

Note the disk name c0d0. Virtual disk device names in a logical domaindiffer from physical disk device names in that they do not contain a targetID (tN) in the device name. Instead of the normal cNtNdNsN format,virtual disk device names are of the format cNdNsN, where cN is thevirtual controller, dN is the virtual disk number, and sN is the slice.


Lab 6

Exercise: PerformingAdvancedLogicalDomain Tasks

Objectives


● Switch between control and guest domains

● Reconfigure logical domain virtual CPUs

● Reconfigure logical domain memory

● Create a split PCI configuration

● Use ZFS file systems as virtual disks

● Use a file as a virtual disk

● Remove and restore a guest domain

● Reset the system to the factory default configuration

Preparation




● Review the LDom services you configured in the previous exercise.



● Login name root

Objectives



Guest domain operating system:

● Login name root

● Login password cangetin


Task 1 – Switch Between Control and Guest Domains

To perform administrative tasks, you can switch from the guest domain tothe control domain by using the ~. sequence.

1. Verify you are logged in to the guest domain ldom1 operating systemas root using the virtual console. If not, open a console at this time.

2. Use the character sequence to move back to the control domain.

3. Log back to the guest domain.

Objectives

Exercise: Performing Advanced Logical Domain Tasks 6-3Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Task 2 – Reconfigure Logical Domain Virtual CPUs

Dynamic reconfiguration (DR) is the ability to add or remove resourceswhile the operating system is running. In this task you use the logicaldomain management utility to dynamically add virtual CPUs to a guestdomain. You then remove the virtual CPUs. See Figure 6-1.

Figure 6-1 Dynamically Reconfiguring Guest Domain vCPUs



2. Verify the Logical Domains dynamic reconfiguration daemon, drd, isrunning in the guest domain ldom1.

3. Use the psrinfo -vp command to determine how many CPUs canbe seen by the operating system.

4. List all the Sun Fire T2000 server resources.

Are there sufficient resources available to allocate a total of eightvirtual CPUs to the guest domain ldom1? ____

5. Allocate a total of eight virtual CPUs to guest domain ldom1.

6. List the bindings of guest domain ldom1.

7. Use the telnet command to open a virtual console to guest domainldom1. Log in as root.


9. Move back to the control domain.

Hypervisor

Control Domain

vCPUs

Guest Domain

Resources

Objectives


10. Remove four vCPUs from guest domain ldom1.



Task 3 – Reconfigure Logical Domain Memory

The Solaris 10 operating system does not support dynamicreconfiguration of system memory in logical domains. Instead, changes tological domain memory is handled as a delayed reconfigurationoperation. Delayed reconfiguration operations take effect after the nextreboot of the operating system or stop and start of the logical domain if nooperating system is running. In this task you use the logical domainmanagement utility to add memory to and remove memory from a guestdomain as a delayed reconfiguration operation. See Figure 6-2.

Figure 6-2 Guest Domain Delayed Memory Reconfiguration


1. Verify you are logged in to the guest domain ldom1 operating systemas root using the virtual console. If not, log in at this time.


3. Move to the control domain.


Hypervisor

Control Domain

memory

Guest Domain

Resources

Objectives


Are there sufficient resources available to allocate a total of fourgigabytes of memory to the guest domain ldom1? ______

5. Allocate four gigabytes of memory to guest domain ldom1.

6. List the bindings of guest domain ldom1. Note that the guest domainhas the delayed flag set.



9. Reboot the guest domain ldom1 operating system and log back in asroot.

10. Use the prtdiag command to verify that the new system memorycan be seen by the operating system.

11. Return to the control domain.

12. Remove two gigabytes of memory from guest domain ldom1.


14. Reboot the guest domain ldom1 operating system.


Objectives


Task 4 – Create a Split PCI Configuration

The PCIe bus on a supported server consists of two ports (leaves) withvarious leaf devices attached to them. These are identified on a serverwith the names pci@780 (bus_a) and pci@7c0 (bus_b). In a multidomainenvironment, the PCIe bus can be programmed to assign each leaf to aseparate domain using the Logical Domains Manager. Thus, you canenable more than one domain with direct access to physical devicesinstead of using I/O virtualization.

In this task you use the logical domain management utility to split the PCIbus such that the control (primary) maintains access to network and diskdevices attached to PCI bus pci@7c0 (bus_b). You then bind PCI buspci@780 (bus_a) to the guest domain ldom1. Finally, you configure theguest domain physical network interface to provide direct access to thenetwork. See Figure 6-3.

Figure 6-3 Split PCI Configuration


1. Verify that you are logged in to the control domain as root. If not,log in at this time.

2. List the primary domain’s current bindings to determine PCI busownership.

3. Determine which disk is being used as the boot disk.

4. Determine the physical device to which the boot disk is linked.

On which PCI leaf is the control domain boot disk located?

________

Hypervisor

Control/Service Domain

pci@7c0 pci@780

Guest Service/IO Domain

Resources

Objectives


5. Determine which network interfaces are currently used (direct I/Oand virtual service) by the control domain operating system.

Which network interface are currently being used by the controldomain? _______

6. Check /etc/path_to_inst to determine the physical path of the on-board network interfaces currently in use.

Note – The device pathing information shown in the examples is from aSun Fire T2000 Server with 2 CPUs and 4 Gbytes of memory. The devicepathing information may differ based on the server system’s disks.

Based on the information gathered in Step 2 through Step 6, can PCIbus pci@780 (bus_a) be removed from the control domain withoutreconfiguring the current disks and network interfaces?

7. To reconfigure virtual switch vsw0, run the ldm set-vswitchcommand. Replace network interface e1000g0 with e1000g2 on PCIbus pci@7c0.

8. Reboot the service domain. Log back in as root.

If the system enters the OpenBoot environment, run the boot -rcommand to force the control domain to re-examine it’s bounddevices.

9. Verify that the virtual switch service has been updated.

10. Open a virtual console to guest domain ldom1. Log in as root.

11. Reboot guest domain ldom1. Log back in as root.

12. Use the ping command to verify that you have access to subnet192.168.100.0.


14. Remove the PCI leaf pci@780 (bus_a) from the control domain.

15. Save the split configuration to the system controller. Name thisconfiguration config_split.

16. List the configurations stored on the system controller.

17. Move to the system controller and reset the control domain so thatthe next configuration takes effect.

18. Open a console of the control domain.

19. Log in to the primary domain as root.

Objectives


20. List the configurations on the system controller to verify thatconfig_split is current.

21. Verify that PCI leaf a (pci@780) is not bound to the control domain.

22. Add the PCI leaf pci@780 to guest domain ldom1.

23. Verify that PCI leaf a (pci@780) is bond to guest domain ldom1.


If the guest domain ldom1 is in the OpenBoot environment, run theboot command. After Solaris is completely booted, log in as root.

If the guest domain ldom1 has already booted Solaris, log in as root.

25. Run the grep e1000g /etc/path_to_inst command toidentify the network devices that currently can be seen the guestdomain ldom1 operating system.

If network interfaces e1000g0 and e1000g1 are not present, rebootthe guest domain ldom1. Log in as root. Run the grep e1000g/etc/path_to_inst command to verify that Solaris can now see thedevices on PCI leaf A.

26. Plumb the first network interface attached to PCI leaf pci@780(e1000g0).

27. Manually configure the IP addressing information for networkinterface e1000g0. Use the IP information for your lab machine inthe /etc/host file. Look for the entry with the comment “#Interfaces e1000g0”.

28. Verify the operating system can access the 192.168.100.0 network.


Task 5 – Use a File as a Virtual Disk

You can export a disk image file directly using the virtual disk service.The file is exported as a raw disk by the virtual disk server and can beused as an installation disk by the Solaris OS installer on the guestdomain.

Objectives


In this task, you create a disk image file, export it to the guest domain,and create a file system on it. Then you remove it from the system. SeeFigure 6-4.

Figure 6-4 Exporting an Image File to the Guest Domain



2. Create a directory named /ldoms/images. This directory will beused to stored the disk image file.

3. Use the following command to create a disk image.

# /usr/sbin/mkfile 5G /ldoms/disk-images/S10U5-5g.img

4. Add a virtual disk service device to virtual disk service vds0 usingthe /ldoms/images/S10U5-5g.img file. Name this device vol1.

5. Export the virtual disk vol1 to guest domain ldom1 using theadd-vdisk subcommand. Name the virtual disk vdisk1.

Hypervisor

Service Domain

vds0

/pci@7c0/../sd@0,0

c0d1s0

Guest Domain

vol1

c1t0d0s0

S10U3-5g.img

vdisk1

Internal Disk 0

Resources

Objectives



7. Reboot the guest domain ldom1. Log back in as root.

8. List the contents of the /dev/rdsk directory to determine thecurrently configured raw devices.

9. Run the devfsadm -v command to create the new special file for thevirtual disk. List the /dev/rdsk directory to determine the name ofthe raw device associated with the new virtual disk.

10. Run the format command to view the new virtual disk. Display thepartition table.

11. Use the newfs command to create a file system on raw devicec0d1s0.

12. Mount the new file system as /mnt.

13. Run the df -h /mnt command to verify the new file systemconfiguration.

14. Unmount /mnt.


16. Remove virtual disk vdisk1 from guest domain ldom1.


18. Reboot the guest domain operating system.

19. After ldom1 is rebooted, return to the control domain.

20. Remove virtual disk device vol1 from the service domain.

21. Verify the configuration change by listing the guest domain ldom1bindings and primary domain services.

Task 6 – Export a ZFS File System as a Virtual Disk

The Solaris ZFS files system is a revolutionary new file system thatfundamentally changes the way file systems are administered, withfeatures and benefits not found in any other file system available today.ZFS has been designed to be robust, scalable, and simple to administer.

Objectives


In this task you create a ZFS volume in the control domain and make thatvolume available to a guest domains as a virtual disk. See Figure 6-5.

Figure 6-5 Exporting a ZFS Volume to the Guest Domain



2. Run the following command to create a ZFS storage pool using theremaining used disk (c1t2d0) on the control domain.

# zpool create -f tank1 c1t2d0

3. Run the following command to create a 500 megabyte ZFS volumenamed vol1.

# zfs create -V 500m tank1/vol1

4. Run the following command to verify that the zpool (tank1) andZFS volume (tank1/vol1) have been created.

Hypervisor

Service Domain

vds0

/pci@7c0/../sd@2,0

c0d1s0

Guest Domain

zvol

c1t2d0

tank1/vol1

zvdisk

Internal Disk 2

Resources

Objectives


# zfs listNAME USED AVAIL REFER MOUNTPOINTtank1 500M 66.4G 24.5K /tank1tank1/vol1 22.5K 66.9G 22.5K -

5. Add the /dev/zvol/rdsk/tank1/vol1 device to the control domainvirtual disk service. Name the virtual disk device zvol.

6. Export the disk zvol to guest domain ldom1 using the add-vdisksubcommand. Name the virtual disk zvdisk.


8. Reboot the guest domain operating system. Login as root.


10. Run the devfsadm -v command to create the new special file for theZFS file system. List the /dev/rdsk directory to determine the nameof the raw device associated with the ZFS volume.

11. Use the newfs command to create a file system on the new ZFSvirtual disk.

12. Mount the new ZFS file system as /mnt.

13. Run the df -h /mnt command to verify the ZFS file systemconfiguration.

14. Unmount the ZFS file system.


16. Remove virtual disk zvdisk from guest domain ldom1.



19. After ldom1 has rebooted, return to the control domain.

20. Remove virtual disk device zvol from the virtual disk service.


22. Run the following commands to destroy the ZFS pool tank1.

primary# zpool destroy -f tank1primary# zfs listno datasets available

Objectives


Task 7 – Remove and Restore a Guest Logical Domain

In this task you stop, unbind resources, and remove the guest logicaldomains. After the logical domain is removed, you restore it from abackup configuration file.



2. List the logical domains currently configured on the system.

3. Stop the guest domain ldom1.

4. Release (unbind) all the resources attached to the guest domainldom1.

5. Remove the guest domain ldom1.


7. Restore the guest domain ldom1 configuration from the XML file youpreviously stored in the /var/tmp directory.

8. List the guest domain ldom1 bound resources.


10. Boot guest domain ldom1 so that the change takes effect. Log in tothe guest domain ldom1 as root.

11. Verify that the bound resources are available to the guest domainldom1 operation system.


Task 8 – Reset the System to the Factory DefaultConfiguration

In this task you remove the guest domain ldom1 and reset the primarydomain back to the factory fault configuration. Then you remove the user-defined configuration files stored on the system controller.



Objectives


2. Remove guest domain ldom1.


4. List the logical domain configuration files stored on the systemcontroller.

5. Set the next logical domain configuration to factory-default.

6. Disable the vntsd service.

7. Shutdown the control domain operating system.

8. Move to the system controller and reset the system.

9. After the system has reset, open a console of the control domain.



12. Remove all the user-defined configuration files stored on the systemcontroller.


14. Generate a long list of the primary domain to verify that it hasreturned to the factory default state.

Exercise Summary


Exercise Summary

?!


● Experiences

● Interpretations

● Conclusions

● Applications

Exercise Solutions


Exercise Solutions



Perform the following steps.



guest# ~.Connection to localhost closed by foreign host.

3. Log back to the guest domain.

primary# telnet localhost 5000Trying 127.0.0.1...Connected to localhost.Escape character is '^]'.

Connecting to console "ldom1" in group "ldom1" ....Press ~? for control options ..




2. Verify the Logical Domains dynamic reconfiguration daemon, drd, isrunning in the guest domain ldom1.

guest# svcs -a |grep drdonline 5:53:36 svc:/platform/sun4v/drd:default




guest# ~.

Exercise Solutions


Connection to localhost closed by foreign host.


primary# ldm list-devices -aVCPU PID %FREE 0 0 1 0 2 0 3 0 8 0 9 0 10 0 11 0 12 100 13 100 14 100 15 100 16 100 17 100 18 100 19 100 20 100 21 100 22 100 23 100 24 100 25 100 26 100 27 100


MEMORY PA SIZE BOUND 0x0 512K _sys_ 0x80000 1536K _sys_ 0x200000 62M _sys_ 0x4000000 64M _sys_

Exercise Solutions


0x8000000 2G primary 0x88000000 2G ldom1 0x108000000 3968M


Are there sufficient resources available to allocate a total of eightvirtual CPUs to the guest domain ldom1? Yes.

6. Allocate a total of eight virtual CPUs to guest domain ldom1.

primary# ldm set-vcpu 8 ldom1

or

primary# ldm add-vcpu 4 ldom1

7. List the bindings of guest domain ldom1.

primary# ldm list-bindings ldom1NAME STATE FLAGS CONS VCPU MEMORY UTIL UPTIMEldom1 active -n--- 5000 8 2G 51% 23h 23m

MAC 00:14:4f:f9:b6:8d

VCPU VID PID UTIL STRAND 0 8 0.4% 100% 1 9 0.2% 100% 2 10 0.1% 100% 3 11 0.1% 100% 4 12 2.9% 100% 5 13 2.3% 100% 6 14 2.9% 100% 7 15 3.7% 100%


VARIABLES auto-boot?=false boot-device=/virtual-devices@100/channel-devices@200/disk@0 keyboard-layout=US-English nvramrc=devalias vnet0 /virtual-devices@100/channel-devices@200/network@0

Exercise Solutions


use-nvramrc?=true

NETWORK NAME SERVICE DEVICE MAC vnet0 primary-vsw0@primary network@008:00:20:ab:01:40 PEER MAC primary-vsw0@primary 00:14:4f:fa:9f:a4




primary# telnet localhost 5000Trying 127.0.0.1...Connected to localhost.Escape character is '^]'.

Connecting to console "ldom1" in group "ldom1" ....Press ~? for control options ..

You might have to press the Return key to get the login prompt to bedisplayed.

machine4_vnet0 console login: rootPassword: cangetinLast login: Wed Jun 4 05:05:46 on consoleSun Microsystems Inc. SunOS 5.10 Generic January 2005Welcome to SA345LDOM_A on machine4_vnet0





Exercise Solutions


11. Remove four vCPUs from guest domain ldom1.

primary# ldm remove-vcpu 4 ldom1

or

primary# ldm set-vcpu 4 ldom1


primary# telnet localhost 5000...machine4_vnet0 console login: rootPassword: cangetinLast login: Wed Jun 4 05:09:11 on consoleSun Microsystems Inc. SunOS 5.10 Generic January 2005Welcome to SA345LDOM_A on machine4_vnet0





1. Verify you are logged in to the guest domain ldom1 operating systemas root using the virtual console. If not, log in at this time.






primary# ldm list-devices -aVCPU PID %FREE 0 0 1 0 2 0 3 0

Exercise Solutions


8 0 9 0 10 0 11 0 12 100 13 100 14 100 15 100 16 100 17 100 18 100 19 100 20 100 21 100 22 100 23 100 24 100 25 100 26 100 27 100


MEMORY PA SIZE BOUND 0x0 512K _sys_ 0x80000 1536K _sys_ 0x200000 62M _sys_ 0x4000000 64M _sys_ 0x8000000 2G primary 0x88000000 2G ldom1 0x108000000 3968M


Exercise Solutions


Are there sufficient resources available to allocate a total of fourgigabytes of memory to the guest domain ldom1? Yes.

5. Allocate four gigabytes of memory to guest domain ldom1.

primary# ldm set-memory 4G ldom1Initiating delayed reconfigure operation on LDom ldom1. Allconfiguration changes for other LDoms are disabled until the LDomreboots, at which time the new configuration for LDom ldom1 will alsotake effect.

or

primary# ldm add-memory 2G ldom1Initiating delayed reconfigure operation on LDom ldom1. Allconfiguration changes for other LDoms are disabled until the LDomreboots, at which time the new configuration for LDom ldom1 will alsotake effect.

6. List the bindings of guest domain ldom1. Note that the guest domainhas the delayed flag set.

primary# ldm list-bindings ldom1NAME STATE FLAGS CONS VCPU MEMORY UTIL UPTIMEldom1 active -nd-- 5000 4 4G 0.2% 1h 25m

MAC 00:14:4f:f9:b6:8d




use-nvramrc?=true

NETWORK

Exercise Solutions


NAME SERVICE DEVICE MAC vnet0 primary-vsw0@primary network@008:00:20:ab:01:40 PEER MAC primary-vsw0@primary 00:14:4f:fa:9f:a4




# telnet localhost 5000...machine4-vnet0 console login: rootPassword: cangetin...



9. Reboot the guest domain ldom1 operating system and log back in asroot.

guest# shutdown -i6 -g0 -y...machine4_vnet0 console login: rootPassword: cangetinJun 5 05:11:59 machine4_vnet0 login: ROOT LOGIN /dev/consoleLast login: Thu Jun 5 05:09:22 on consoleSun Microsystems Inc. SunOS 5.10 Generic January 2005Welcome to SA345LDOM_A on machine4_vnet0

10. Use the prtdiag command to verify that the new system memorycan be seen by the operating system.




12. Remove two gigabytes of memory from guest domain ldom1.

Exercise Solutions


primary# ldm remove-memory 2G ldom1Initiating delayed reconfigure operation on LDom ldom1. Allconfiguration changes for other LDoms are disabled until the LDomreboots, at which time the new configuration for LDom ldom1 will alsotake effect.


primary# telnet localhost 5000...machine4_vnet0 console login: rootPassword: cangetinLast login: Wed Jun 4 05:12:22 on consoleSun Microsystems Inc. SunOS 5.10 Generic January 2005Welcome to SA345LDOM_A on machine4_vnet0

14. Reboot the guest domain ldom1 operating system.

guest# shutdown -i6 -g0 -y...


~.Connection to localhost closed by foreign host.




2. List the primary domain’s current bindings to determine PCI busownership.

primary# ldm list-bindings primary

NAME STATE FLAGS CONS VCPU MEMORY UTIL UPTIMEprimary active -n-cv SP 4 2G 0.2% 1h 44m

MAC 00:14:4f:02:57:4c

VCPU VID PID UTIL STRAND 0 0 0.3% 100% 1 1 0.2% 100%

Exercise Solutions


2 2 0.2% 100% 3 3 0.2% 100%

MAU ID CPUSET 0 (0, 1, 2, 3)



VCC NAME PORT-RANGE primary-vcc0 5000-5100 CLIENT PORT ldom1@primary-vcc0 5000

VSW NAME MAC NET-DEV DEVICE MODE primary-vsw0 00:14:4f:fa:9f:a4 e1000g0 switch@0 PEER MAC vnet0@ldom1 08:00:20:ab:01:40

VDS NAME VOLUME OPTIONS DEVICE primary-vds0 vo10 /dev/dsk/c1t1d0s2 CLIENT VOLUME vdisk0@ldom1 vo10


Note that pci@780 (bus_a) and pci@7c0 (bus_b) are currently boundto the primary domain.

3. Determine which disk is being used as the boot disk.

primary# df // (/dev/dsk/c1t0d0s0 ):131988520 blocks 8267434 files

4. Determine the physical device to which the boot disk is linked.

primary# ls -l /dev/dsk/c1t0d0s0

Exercise Solutions


lrwxrwxrwx 1 root root 65 May 5 11:12 /dev/dsk/c1t0d0s0 -> ../../devices/pci@7c0/pci@0/pci@1/pci@0,2/LSILogic,sas@2/sd@0,0:a

On which PCI leaf is the control domain boot disk located?

PCI leaf B.

5. Determine which network interfaces are currently used (direct I/Oand virtual service) by the control domain operating system.

primary# ifconfig -alo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu8232 index 1 inet 127.0.0.1 netmask ff000000vsw0: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2 inet 192.168.100.104 netmask ffffff00 broadcast 192.168.100.255 ether 0:14:4f:1d:e9:b6primary# ldm list-servicesVCC NAME PORT-RANGE primary-vcc0 5000-5100

VSW NAME MAC NET-DEV DEVICE MODE primary-vsw0 00:14:4f:fa:9f:a4 e1000g0 switch@0


Which network interface is currently being used by the controldomain? e1000g0

6. Check /etc/path_to_inst to determine the physical path of theonboard network interfaces currently in use.

primary# grep e1000g /etc/path_to_inst"/pci@780/pci@0/pci@1/network@0" 0 "e1000g""/pci@780/pci@0/pci@1/network@0,1" 1 "e1000g""/pci@7c0/pci@0/pci@2/network@0" 2 "e1000g""/pci@7c0/pci@0/pci@2/network@0,1" 3 "e1000g"

Based on the information gathered in Step 2 through Step 6, can PCIbus pci@780 (bus_a) be removed from the control domain withoutreconfiguring the current disks and network interfaces?

No. Physical network interface e1000g0 (mapped to vsw0) is attached toPCI bus pc1@780. PCI bus pc1@780 is currently bound to the controldomain.

Exercise Solutions


7. To reconfigure virtual switch vsw0, run the ldm set-vswitchcommand. Replace network interface e1000g0 with e1000g2 on PCIbus pci@7c0.

primary# ldm set-vswitch net-dev=e1000g2 primary-vsw0

8. Reboot the service domain. Log back in as root.

primary# shutdown -i6 -g0 -y...console login: rootPassword: cangetin@sun...

If the system enters the OpenBoot environment, run the boot -rcommand to force the control domain to re-examine it’s bounddevices.

9. Verify that the virtual switch service has been updated.

primary# ldm list-servicesVCC NAME PORT-RANGE primary-vcc0 5000-5100



10. Open a virtual console to guest domain ldom1. Log in as root.

primary# telnet localhost 5000.......machine4-vnet0 console login: rootPassword: cangetinJun 5 05:41:54 machine4_vnet0 login: ROOT LOGIN /dev/consoleLast login: Thu Jun 5 05:40:01 on consoleSun Microsystems Inc. SunOS 5.10 Generic January 2005Welcome to SA345LDOM_A on machine4_vnet0

11. Reboot guest domain ldom1. Log back in as root.

guest# shutdown -i6 -g0 -y...machine4-vnet0 console login: rootPassword: cangetinJun 5 05:41:54 machine4_vnet0 login: ROOT LOGIN /dev/console

Exercise Solutions


Last login: Thu Jun 5 05:44:01 on consoleSun Microsystems Inc. SunOS 5.10 Generic January 2005Welcome to SA345LDOM_A on machine4_vnet0

12. Use the ping command to verify that you have access to subnet192.168.100.0.

guest# ping -s 192.168.100.255....^C


guest# ~.

14. Remove the PCI leaf pci@780 (bus_a) from the control domain.

primary# ldm remove-io pci@780 primaryInitiating delayed reconfigure operation on LDom primary. Allconfiguration changes for other LDoms are disabled until the LDomreboots, at which time the new configuration for LDom primary will alsotake effect.

15. Save the split configuration to the system controller. Name thisconfiguration config_split.

primary# ldm add-spconfig config_split

16. List the configurations stored on the system controller.

primary# ldm list-spconfigfactory-defaultconfig_initial [current]config_split [next]

17. Move to the system controller and reset the control domain so thatthe next configuration takes effect.

primary# #.sc> resetAre you sure you want to reset the system [y/n]? ysc>SC Alert: SC Request to Reset Host.

SC Alert: Host System has Reset

SC Alert: Host system has shut down.

Press the Return key to get the sc> prompt back.

18. Open a console of the control domain.

sc> console -fEnter #. to return to ALOM....

Exercise Solutions


Press the return key to get the prompt back. You might have to wait a fewminutes for the login prompt to appear. If the system has entered theOpenBoot environment, run the boot command to boot the OS.



20. List the configurations on the system controller to verify thatconfig_split is current.

primary# ldm list-configfactory-defaultconfig_initialconfig_split [current]

21. Verify that PCI leaf a (pci@780) is not bound to the control domain.

primary# ldm list-bindings primaryNAME STATE FLAGS CONS VCPU MEMORY UTIL UPTIMEprimary active -n-cv SP 4 2G 12% 7m

MAC 00:14:4f:02:57:4c

VCPU VID PID UTIL STRAND 0 0 34% 100% 1 1 4.8% 100% 2 2 4.7% 100% 3 3 5.5% 100%

MAU ID CPUSET 0 (0, 1, 2, 3)


IO DEVICE PSEUDONYM OPTIONS pci@7c0 bus_b

VCC NAME PORT-RANGE primary-vcc0 5000-5100 CLIENT PORT

Exercise Solutions


ldom1@primary-vcc0 5000

VSW NAME MAC NET-DEV DEVICE MODE primary-vsw0 00:14:4f:fa:9f:a4 e1000g2 switch@0 PEER MAC vnet0@ldom1 08:00:20:ab:01:40

VDS NAME VOLUME OPTIONS DEVICE primary-vds0 vo10 /dev/dsk/c1t1d0s2 CLIENT VOLUME vdisk0@ldom1 vo10


22. Add the PCI leaf pci@780 to guest domain ldom1.

primary# ldm add-io pci@780 ldom1Initiating delayed reconfigure operation on LDom ldom1. Allconfiguration changes for other LDoms are disabled until the LDomreboots, at which time the new configuration for LDom ldom1 will alsotake effect.

Note that this operation will turn the ldom1 domain in to a direct I/Odomain.

23. Verify that PCI leaf a (pci@780) is bond to guest domain ldom1.

primary# ldm list-bindings ldom1NAME STATE FLAGS CONS VCPU MEMORY UTIL UPTIMEldom1 active -td-- 5000 4 2G 25% 9m

MAC 00:14:4f:f9:b6:8d



Exercise Solutions



use-nvramrc?=true

IO DEVICE PSEUDONYM OPTIONS pci@780 bus_a





If the guest domain ldom1 is in the OpenBoot environment, run theboot command. After Solaris is completely booted, log in as root.

primary# telnet localhost 5000...{0} ok reset-all{0} ok boot...machine4-vnet0 console login: rootPassword: cangetin...

If the guest domain ldom1 has already booted Solaris, log in as root.

machine4-vnet0 console login: rootPassword: cangetin...

Exercise Solutions


25. Run the grep e1000g /etc/path_to_inst command toidentify the network devices that currently can be seen the guestdomain ldom1 operating system.

If network interfaces e1000g0 and e1000g1 are not present, rebootthe guest domain ldom1. Log in as root. Run the grep e1000g/etc/path_to_inst command to verify that Solaris can now see thedevices on PCI leaf A.

guest# grep e1000g /etc/path_to_instguest# shutdown -i6 -g0 -y...machine4-vnet0 console login: rootPassword: cangetin...guest# grep e1000g /etc/path_to_inst"/pci@780/pci@0/pci@1/network@0" 0 "e1000g""/pci@780/pci@0/pci@1/network@0,1" 1 "e1000g"

26. Plumb the first network interface attached to PCI leaf pci@780(e1000g0).

guest# ifconfig e1000g0 plumbJun 6 12:28:46 machine4-vnet0 e1000g: NOTICE: pciex8086,105e - e1000g[0]: Adapter 100Mbps full duplex copper link is up.

27. Manually configure the IP addressing information for networkinterface e1000g0. Use the IP information for your lab machine inthe /etc/host file. Look for the entry with the comment “#Interfaces e1000g0”.

The following example is from machine # 4.

guest# ifconfig e1000g0 192.168.100.41 netmask 255.255.255.0broadcast + up

28. Verify the operating system can access the 192.168.100.0 network.

guest# ping -s 192.168.100.255...^C...



Exercise Solutions





2. Create a directory named /ldoms/images. This directory will beused to stored the disk image file.

primary# mkdir -p /ldoms/images

3. Use the following command to create a disk image.

primary# /usr/sbin/mkfile 5G /ldoms/images/S10U5-5g.img

This will take a couple of minutes to complete.

4. Add a virtual disk service device to virtual disk service vds0 usingthe /ldoms/images/S10U5-5g.img file. Name this device vol1.

primary# ldm add-vdiskserverdevice /ldoms/images/S10U5-5g.img \vol1@primary-vds0

5. Export the virtual disk vol1 to guest domain ldom1 using theadd-vdisk subcommand. Name the virtual disk vdisk1.

primary# ldm add-vdisk vdisk1 vol1@primary-vds0 ldom1Initiating delayed reconfigure operation on LDom ldom1. All configurationchanges for other LDoms are disabled until the LDom reboots, at whichtime the new configuration for LDom ldom1 will also take effect.


primary# telnet localhost 5000...machine4-vnet0 console login: rootPassword: cangetinJun 5 06:45:54 machine4_vnet0 login: ROOT LOGIN /dev/consoleLast login: Thu Jun 5 06:40:01 on consoleSun Microsystems Inc. SunOS 5.10 Generic January 2005Welcome to SA345LDOM_A on machine4_vnet0

7. Reboot the guest domain ldom1. Log back in as root.

guest# shutdown -i6 -g0 -y...machine4-vnet0 console login: rootPassword: cangetinJJun 5 05:41:54 machine4_vnet0 login: ROOT LOGIN /dev/consoleLast login: Thu Jun 5 06:50:54 on consoleSun Microsystems Inc. SunOS 5.10 Generic January 2005Welcome to SA345LDOM_A on machine4_vnet0

Exercise Solutions



guest# ls /dev/rdskc0d0s0 c0d0s1 c0d0s2 c0d0s3 c0d0s4 c0d0s5 c0d0s6 c0d0s7 c0d1s0

9. Run the devfsadm -v command to create the new special file forthe virtual disk. List the /dev/rdsk directory to determine the nameof the raw device associated with the new virtual disk.

guest# devfsadm -v...guest# ls /dev/rdskc0d0s0 c0d0s2 c0d0s4 c0d0s6 c0d1s0 c0d1s2 c0d1s4 c0d1s6c0d0s1 c0d0s3 c0d0s5 c0d0s7 c0d1s1 c0d1s3 c0d1s5 c0d1s7

10. Run the format command to view the new virtual disk. Display thepartition table.

guest# formatSearching for disks...done

AVAILABLE DISK SELECTIONS: 0. c0d0 <SUN72G cyl 14087 alt 2 hd 24 sec 424> /virtual-devices@100/channel-devices@200/disk@0 1. c0d1 <SUNVDSK cyl 17474 alt 2 hd 1 sec 600> /virtual-devices@100/channel-devices@200/disk@1Specify disk (enter its number): 1selecting c0d1[disk unformatted]...format> partition...partition> printCurrent partition table (original):Total disk cylinders available: 17474 + 2 (reserved cylinders)

Part Tag Flag Cylinders Size Blocks0 unassigned wm 0 - 17473 5.00GB (17474/0/0) 104844001 unassigned wm 0 0 (0/0/0) 02 backup wm 0 - 17473 5.00GB (17474/0/0) 104844003 unassigned wm 0 0 (0/0/0) 04 unassigned wm 0 0 (0/0/0) 05 unassigned wm 0 0 (0/0/0) 06 unassigned wm 0 0 (0/0/0) 07 unassigned wm 0 0 (0/0/0) 0partition> quit...format> quit

Exercise Solutions


11. Use the newfs command to create a file system on raw devicec0d1s0.

guest# newfs /dev/rdsk/c0d1s0newfs: construct a new file system /dev/rdsk/c0d1s0: (y/n)? yWarning: 2048 sector(s) in last cylinder unallocated/dev/rdsk/c0d1s0: 1024000 sectors in 167 cylinders of 48 tracks,128 sectors 500.0MB in 12 cyl groups (14 c/g, 42.00MB/g, 20160 i/g)super-block backups (for fsck -F ufs -o b=#) at: 32, 86176, 172320, 258464, 344608, 430752, 516896, 603040, 689184,775328, 861472, 947616

12. Mount the new file system as /mnt.

guest# mount /dev/dsk/c0d1s0 /mnt

13. Run the df -h /mnt command to verify the new file systemconfiguration.

guest# df -h /mntFilesystem size used avail capacity Mounted on/dev/dsk/c0d1s0 4.9G 5.0M 4.9G 1% /mnt

14. Unmount /mnt.

guest# umount /mnt



16. Remove virtual disk vdisk1 from guest domain ldom1.

primary# ldm remove-vdisk vdisk1 ldom1Initiating delayed reconfigure operation on LDom ldom1. Allconfiguration changes for other LDoms are disabled until the LDomreboots, at which time the new configuration for LDom ldom1 willalso take effect.


primary# telnet localhost 5000...machine4-vnet0 console login: rootPassword: cangetinJun 5 07:41:54 machine4_vnet0 login: ROOT LOGIN /dev/consoleLast login: Thu Jun 5 07:04:34 on consoleSun Microsystems Inc. SunOS 5.10 Generic January 2005Welcome to SA345LDOM_A on machine4_vnet0

Exercise Solutions




19. After ldom1 is rebooted, return to the control domain.


20. Remove virtual disk device vol1 from the service domain.

primary# ldm remove-vdiskserverdevice vol1@primary-vds0


primary# ldm list-bindings ldom1NAME STATE FLAGS CONS VCPU MEMORY UTIL UPTIMEldom1 active -t--- 5000 4 2G 25% 9m

MAC 00:14:4f:f9:b6:8d




use-nvramrc?=true


NETWORK NAME SERVICE DEVICE MAC

Exercise Solutions


vnet0 primary-vsw0@primary network@008:00:20:ab:01:40 PEER MAC primary-vsw0@primary 00:14:4f:fa:9f:a4


VCONS NAME SERVICE PORT ldom1 primary-vcc0@primary 5000# ldm list-servicesVCC NAME PORT-RANGE primary-vcc0 5000-5100






2. Run the following command to create a ZFS storage pool using theremaining used disk (c1t2d0) on the control domain.

primary# zpool create -f tank1 c1t2d0

3. Run the following command to create a 500 megabyte ZFS volumenamed vol1.

primary# zfs create -V 500m tank1/vol1

4. Run the following command to verify that the zpool (tank1) andZFS volume (tank1/vol1) have been created.

primary# zfs listNAME USED AVAIL REFER MOUNTPOINTtank1 500M 66.4G 24.5K /tank1tank1/vol1 22.5K 66.9G 22.5K -

Exercise Solutions


5. Add the /dev/zvol/rdsk/tank1/vol1 device to the control domainvirtual disk service. Name the virtual disk device zvol.

primary# ldm add-vdiskserverdevice /dev/zvol/rdsk/tank1/vol1 \zvol@primary-vds0

6. Export the disk zvol to guest domain ldom1 using the add-vdisksubcommand. Name the virtual disk zvdisk.

primary# ldm add-vdisk zvdisk zvol@primary-vds0 ldom1Initiating delayed reconfigure operation on LDom ldom1. Allconfiguration changes for other LDoms are disabled until the LDomreboots, at which time the new configuration for LDom ldom1 will alsotake effect.


primary# telnet localhost 5000...machine4-vnet0 console login: rootPassword: cangetinJul 13 17:15:19 machine4-vnet0 login: ROOT LOGIN /dev/consoleLast login: Fri Jul 13 17:02:37 on consoleSun Microsystems Inc. SunOS 5.10 Generic January 2005Welcome to SA345LDOM_A on machine4-vnet0

8. Reboot the guest domain operating system. Login as root.

guest# shutdown -i6 -g0 -y...machine4-vnet0 console login: rootPassword: cangetinJul 13 17:15:19 machine4-vnet0 login: ROOT LOGIN /dev/consoleLast login: Fri Jul 13 17:02:37 on consoleSun Microsystems Inc. SunOS 5.10 Generic January 2005Welcome to SA345LDOM_A on machine4-vnet0


guest# ls /dev/rdskc0d0s0 c0d0s1 c0d0s2 c0d0s3 c0d0s4 c0d0s5 c0d0s6 c0d0s7

Note that only the boot disk special files are present.

10. Run the devfsadm -v command to create the new special file for theZFS file system. List the /dev/rdsk directory to determine the nameof the raw device associated with the ZFS volume.

guest# devfsadm -v...guest# ls /dev/rdsk

Exercise Solutions


c0d0s0 c0d0s1 c0d0s2 c0d0s3 c0d0s4 c0d0s5 c0d0s6 c0d0s7 c0d1s0

11. Use the newfs command to create a file system on the new ZFSvirtual disk.

guest# newfs /dev/rdsk/c0d1s0newfs: construct a new file system /dev/rdsk/c0d1s0: (y/n)? yWarning: 2048 sector(s) in last cylinder unallocated/dev/rdsk/c0d1s0: 1024000 sectors in 167 cylinders of 48 tracks,128 sectors 500.0MB in 12 cyl groups (14 c/g, 42.00MB/g, 20160 i/g)super-block backups (for fsck -F ufs -o b=#) at: 32, 86176, 172320, 258464, 344608, 430752, 516896, 603040, 689184,775328, 861472, 947616

12. Mount the new ZFS file system as /mnt.

guest# mount /dev/dsk/c0d1s0 /mnt

13. Run the df -h /mnt command to verify the ZFS file systemconfiguration.

guest# df -h /mntFilesystem size used avail capacity Mounted on/dev/dsk/c0d1s0 470M 1.0M 422M 1% /mnt

14. Unmount the ZFS file system.

guest# umount /mnt



16. Remove virtual disk zvdisk from guest domain ldom1.

primary# ldm remove-vdisk zvdisk ldom1Initiating delayed reconfigure operation on LDom ldom1. Allconfiguration changes for other LDoms are disabled until the LDomreboots, at which time the new configuration for LDom ldom1 willalso take effect.


primary# telnet localhost 5000...machine4-vnet0 console login: rootPassword: cangetinJul 13 17:15:19 machine4-vnet0 login: ROOT LOGIN /dev/consoleLast login: Fri Jul 13 17:02:37 on consoleSun Microsystems Inc. SunOS 5.10 Generic January 2005Welcome to SA345LDOM_A on machine4-vnet0

Exercise Solutions






20. Remove virtual disk device zvol from the virtual disk service.

primary# ldm remove-vdiskserverdevice zvol@primary-vds0

If you see the following message:

-------------------------------------------------------------------Notice: LDom ldom1 is in the process of a delayed reconfiguration.Any changes made to this LDom will only take effect after itreboots.-------------------------------------------------------------------

the guest domain has not completed rebooting. After the guest domaincompletes the reboot operation, the virtual disk device will be removed fromservice.


primary# ldm list-bindings ldom1NAME STATE FLAGS CONS VCPU MEMORY UTIL UPTIMEldom1 active -t--- 5000 4 2G 25% 9m

MAC 00:14:4f:f9:b6:8d



VARIABLES auto-boot?=false boot-device=/virtual-devices@100/channel-devices@200/disk@0 keyboard-layout=US-English

Exercise Solutions


nvramrc=devalias vnet0 /virtual-devices@100/channel-devices@200/network@0

use-nvramrc?=true





primary# ldm list-servicesVCC NAME PORT-RANGE primary-vcc0 5000-5100



22. Run the following commands to destroy the ZFS pool tank1.

primary# zpool destroy -f tank1primary# zfs listno datasets available

Exercise Solutions






primary# ldm list-domainName State Flags Cons VCPU Memory Util Uptimeprimary active -t-cv SP 4 2G 0.3% 35mldom1 active -t--- 5000 4 4G 100% 1m

3. Stop the guest domain ldom1.

primary# ldm stop-domain ldom1LDom ldom1 stopped

The stop-domain subcommand sends a shutdown request to the logicaldomain if the Solaris OS is booted. If the domain cannot be stopped by anyother means, use the -f option of the stop-domain subcommand to force thedomain to stop.

4. Release (unbind) all the resources attached to the guest domainldom1.

primary# ldm unbind-domain ldom1

5. Remove the guest domain ldom1.

primary# ldm remove-domain ldom1


primary# ldm list-domainName State Flags Cons VCPU Memory Util Uptimeprimary active -t-cv SP 4 2G 0.2% 36m

7. Restore the guest domain ldom1 configuration from the XML file youpreviously stored in the /var/tmp directory.

primary# ldm bind-domain -i /var/tmp/ldom1.xml

8. List the guest domain ldom1 bound resources.

primary# ldm list-bindings ldom1NAME STATE FLAGS CONS VCPU MEMORY UTIL UPTIMEldom1 bound ----- 5000 4 2G 25% 9m

MAC 00:14:4f:f9:b6:8d

VCPU VID PID UTIL STRAND

Exercise Solutions


0 8 100% 1 9 100% 2 10 100% 3 11 100%



use-nvramrc?=true





9. Start guest domain ldom1.

primary# ldm start-domain ldom1LDom ldom1 started


primary# telnet localhost 5000

11. Boot guest domain ldom1 so that the change takes effect. Log in tothe guest domain ldom1 as root.

Exercise Solutions


{0} ok boot...machine4-vnet0 console login: rootPassword: cangetinJul 18 11:26:11 machine4-vnet0 login: ROOT LOGIN /dev/consoleLast login: Wed Jul 18 11:11:30 on consoleSun Microsystems Inc. SunOS 5.10 Generic January 2005guest#

12. Verify that the bound resources are available to the guest domainldom1 operation system.

guest# psrinfo -vpThe physical processor has 4 virtual processors (0-3) UltraSPARC-T1 (cpuid 0 clock 1000 MHz)guest# prtdiag|grep MemMemory size: 2048 Megabytesguest# ifconfig -alo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL>mtu 8232 index 1inet 127.0.0.1 netmask ff000000vnet0: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500index 2 inet 192.168.100.43 netmask ffffff00 broadcast192.168.100.255 ether 8:0:20:ab:1:40guest# formatSearching for disks...done

AVAILABLE DISK SELECTIONS: 0. c0d0 <SUN72G cyl 14087 alt 2 hd 24 sec 424> /virtual-devices@100/channel-devices@200/[email protected] disk (enter its number): 0selecting c1t1d0...format> quit






Exercise Solutions


2. Remove guest domain ldom1.

primary# ldm stop-domain ldom1LDom ldom1 stoppedprimary# ldm unbind-domain ldom1primary# ldm remove-domain ldom1


primary# ldm list-domainName State Flags Cons VCPU Memory Util Uptimeprimary active -t-cv SP 4 2G 0.2% 25m


primary# ldm list-configfactory-defaultconfig_initialconfig_split [current]

5. Set the next logical domain configuration to factory-default.

primary# ldm set-config factory-default

6. Disable the vntsd service.

primary# svcadm disable vntsd

7. Shutdown the control domain operating system.

primary# shutdown -i5 -g0 -y

8. Move to the system controller and reset the system.

primary# #.sc> resetAre you sure you want to reset the system [y/n]? ysc>SC Alert: SC Request to Reset Host.

SC Alert: Host System has Reset

SC Alert: Host system has shut down.sc>

Press the return key to get the sc> prompt back.

9. After the system has reset, open a console of the control domain.

sc> console -fEnter #. to return to ALOM....

Press the return key to get the prompt back.

Exercise Solutions


Depending on when you open the console to the system , you might seesystem power on self test messages.




primary# ldm list-configfactory-default [current]config_initialconfig_split

Note that the factory-default configuration is the currentconfiguration.

12. Remove all the user-defined configuration files stored on the systemcontroller.

primary# ldm remove-config config_initialprimary# ldm remove-config config_split


primary# ldm list-configfactory-default [current]

14. Generate a long list of the primary domain to verify that it hasreturned to the factory default state.

primary# ldm list-domain -l primary-------------------------------------------------------------------------Notice: the LDom Manager is running in configuration mode. Configurationand resource information is displayed for the configuration underconstruction; not the current active configuration. The configurationbeing constructed will only take effect after it is downloaded to thesystem controller and the host is reset.-------------------------------------------------------------------------NAME STATE FLAGS CONS VCPU MEMORY UTIL UPTIMEprimry active -t-cv SP 24 8G 25% 9mVCPU: 24 vid pid util strand 0 0 19% 100% 1 1 19% 100% 2 2 19% 100% 3 3 19% 100% 4 4 19% 100%

Exercise Solutions


5 5 19% 100% 6 6 19% 100% 7 7 19% 100% 8 12 19% 100% 9 13 19% 100% 10 14 19% 100% 11 15 19% 100% 12 16 19% 100% 13 17 19% 100% 14 18 19% 100% 15 19 19% 100% 16 20 19% 100% 17 21 19% 100% 18 22 19% 100% 19 23 19% 100% 20 24 19% 100% 21 25 19% 100% 22 26 19% 100% 23 27 19% 100%Mau: 6 mau cpuset (0, 1, 2, 3) mau cpuset (4, 5, 6, 7) mau cpuset (12, 13, 14, 15) mau cpuset (16, 17, 18, 19) mau cpuset (20, 21, 22, 23) mau cpuset (24, 25, 26, 27)Memory: 8064M real-addr phys-addr size 0x8000000 0x8000000 8064MIO: pci@780 (bus_a) (in IO MMU bypass mode) pci@7c0 (bus_b) (in IO MMU bypass mode)Vldc: primary-vldc0 [num_clients=3]Vldc: primary-vldc3 [num_clients=7]Vcons: SP

A-1Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

Appendix A

Exercise: BonusLab

Objectives


● Configure a logical domain environment based on the scenarioprovided in this appendix.

Preparation


● You must have successfully completed the standard exercisesprovided in this student workbook.

Logical Domain Configuration Scenario

A-2 Sun Virtualization: Solaris™ 10 Logical Domains AdministrationCopyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1


You are tasked with configuring a logical domain environment thatconsists of three domain: the primary domain, the secondary domain,and the guest domain. The configuration goal is to provide futureapplications running on the guest domain with redundant storage andnetwork connectivity. Figure A-1 shows how this logical domainenvironment is to be configured.

Figure A-1 Bonus Lab Configuration

Configuration Details

This section provides you with the configuration details for each logicaldomain shown in Figure A-1.

The primary domain configuration:

● Domain roles Control, Service, IO

● Virtual CPUs 4

Boot Disk

NIC

The secondary Domain

VirtualSwitch

Virtual DiskServices

Virtual DiskServices

VirtualSwitch

I/O Bridge (Leaf A)

The guest Domain

Hypervisor

The primary Domain

vdisk1 vdisk0 vnet1 vnet0

IPMP

c1t1d0and

c1t2d0e1000g2

SVMMirror

BootDisk

BootDisk

(c1t0d0)

StorageStorage

Storage

I/O Bridge (Leaf B)

Virtual SAN

Virtual SAN

Virtual SAN

Virtual LAN Virtual LAN

Virtual SAN

e1000g0

NIC0

12


Exercise: Bonus Lab A-3Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

● Memory 2 Gigabytes

● MAU 1

● I/O PCI leaf B

● Boot disk c1t0d0

● Primary network interface e1000g2

● Virtual console service Telnet ports 5000 - 5100

● Virtual group console Add the secondary and guestdomains to this console group.

● Virtual disk service One disk service with device c1t1d0bound

● Virtual disk service One disk service with device c1t2d0bound

● Virtual disk service One disk service with one10 GB file-based device bound

● Virtual switch service One switch service with networkinterface e1000g2 bound

The secondary domain configuration:

● Domain roles Service, IO

● Virtual CPUs 4


● I/O PCI leaf A

● Boot disk c1t1d0 – Provided by primaryvirtual disk service

● Primary network interface e1000g0

● Virtual disk service One disk service with one10 GB file-based device bound

● Virtual switch service One switch service with networkinterface e1000g0 bound

The guest domain guest:

● Domain role Guest

● Virtual CPUs 8


● MAU 1


A-4 Sun Virtualization: Solaris™ 10 Logical Domains AdministrationCopyright 2008 Sun Microsystems, Inc. All Rights Reserved. Sun Services, Revision A.1

● Boot disk c1t2d0 – Provided by primaryvirtual disk service

● Virtual network interface vnet0 – Provided by primaryvirtual switch service

● Virtual network interface vnet1 – Provided by secondaryvirtual switch service

● Virtual disk vdisk0 – 10 GB file-base virtualdevice provided by primary virtualdisk service

● Virtual disk vdisk1 – 10 GB file-base virtualdevice provided by secondaryvirtual disk service

Initial System State

If you have successfully completed the standard exercises provided in thisstudent workbook, the your assigned Sun Fire T2000 should currently beloaded with the Logical Domain Manager software and the system shouldbe in the factory-default configuration. If the factory-defaultconfiguration is not current, then make it current before you begin toconfigure the logical domain.

Final Assessment

After you have completely configured the logical domains according tothe stated configuration requirements, have your instructor evaluate yourwork.

Sun Virtualization-Solaris Logical Domains Administration SA-345-S10

Documents

device pci 7c0 pci 0 pci 1 pci 0

pci 7c0 pci 0 pci 1 pci 0

pci 7c0 pci 0 pci 2 network 0

pci 780 pci 0 pci 1 network 0

pci bus pci 7c0

cylinder unallocated dev rdsk c0d1s0

dans dautres pays

mdt logfile var svc log ldoms