* Changes to Solaris 11

  1. OS runs on ZFS Filesystem
    So What?
    * Automatically creates a “Boot Environment” backup when you install packages (similar to Windows Restore Points. More Later)
    * network based. You don’t have to download a big package, you point at a network service. You CAN still run it locally too.
  2. Network changes
    * New network structures
    – vnic
    – etherstub (virtual physical NIC )
    – bridge      (virtual net switch)
    – IP Tunnel
    – vlan
    – … more .


    A network interface is now composed of multiple layers, which can be categorized by ISO network layers
    The physical layer
    #dladm  show-phys
    Types (in OS priority):
    Onboard devices have priority / assigned lower instance numbers over peripheral

    The datalink layer  –   dladm 
    # dladm  show-link
    # dladm rename-link net0  oldnet0 ;  dladm rename-line  newnet0  net0
              (eg. net0 maps to igbe0 and newnet0 maps to ixgbe0 : 1Gb to 10Gb)
    Types of Datalink objects:
    etherstub0 (a virtual HW NIC)
    switches – link aggregations, VLan, bridges
    Properties of a DL :
    Link Speed&Duplex & negotiation,
    Up/Down state,
    STREAMS modules (allow 3rd party SW network function plugins)
     The network layer
    # ipadm   (all interfaces) ;  ipadm show-ip           ;    ipadm show-addr
    # ipadm create-ip  net0   ipadm create-addr -a net0
    Examples : net0, vnet0,
    Classes   : IP, IPMP, vni=Streams
    The Transport layer
    # netstat -P
    Protocols : IP, arp, ICMP, UDP, SCTP

    Also cool, you can run your network in reactive mode, where based on preconfigured ‘profiles’ (say a wifi goes active or a VPN is enabled), the OS will switch network configuration and/or  IP filter settings.  Managed by netcfg and netadm commands.

    * New commands
    –  plumb becomes    ‘ipadm  create-ip’
    –  ipadm  show-phys  or  ipadm  show-addr

  3. Solaris 11 automatically can mount ISO images as a filesystem type hsfs
  4. New IPS =  Image Packaging System
    – Note: This new stuff is non-intuitive with weird-paths and service properties.
    Don’t wing it. Find and follow instructions.
    * Automatically figures out dependencies (amazing to be proud of that – WAY late to the party. The beer’s already warm. And IPS is STILL not prime-time. The OS of the IPS repo has to be newer or the same version as the clients. And it’s not too hard to apply patches that get you into a funky state – ie applying some patches will (incorrectly?) bump your OS version to a os-rev higher than 11.1 and prevent you from properly installing 11.1. BUT as is typical, if you can get through the small weirdness and complexity, it will do pretty cool stuff.)
    * It seems that the previous term ‘package’ is now called a ‘relocatable package’.
    Package now refers to a *large* group of relocatable packages as large as the entire Solaris OS.
    * A package repository also has a catalog with  intelligence about dependencies etc
    * A package repository can have different versions of top-level pkgs eg solaris, solaris_plus_company-tools.
    *There are three types of packages : full pkg type for an OS install, zone pkg type for installing a zone, relocatable package (the former ‘package’)
    * There are three official sources from which to download repos.
    – http://pkg.oracle.com/solaris/release/en/index.shtml
    https://pkg.oracle.com/solaris/releaseA few Interesting IPS commands 
    $ pkg update -nv          (a dry run of a full update of all relocatable packages)
    $ pkg update                (full upgrade to the latest on the IPS server)
    $ beadm list                 (show available BEs – like restore points)
    # pkg install myRelopackage
    phases : create plan, resolve depend, check conflicting actions,
  5. Boot Environments
    These are snapshots of the filesystem similar to Windows’ “restore points”. When you install packages, the OS automatically creates a BE for the previous.
    Each BE created automatically has an entry in grub for x86
    For Sparc,  obp>  boot -L    -> list      ::  obp>  boot -N rpool/ROOT/solaris-2
  6. Newly built-in packages  : wireshark,  sudo, top
  7. root is no longer a user but a role
  8.  default FS is ZFS
  9.  kickstart -> “automated installer”
  10. Network interfaces are virtualized onto virtual switches
  11. Automated Installer – a re-packaging of    jumpstart   using PXE
    – uses IPS repository service (proxyd)   AI service,
    – DHCP not needed for sparc. Use wanboot (http loaded image) instead.
    DHCP and DNS multicast is still needed for x86
    – optional profile per computer (pre-choose hostname etc)

Commands to configure a local IPS Repository

1. Create a ZFS dataset
# zfs create rpool/export/IPS

2. Download and assemble the software package
# unzip sol-11-1-repo-full.iso-a.zip
# unzip sol-11-1-repo-full.iso-a.zip
# cat    sol-11-1-repo-full.iso-a  sol-11-1-repo-full.iso-b > sol-11-1-repo-full.iso

3. Copy files from the ISO to the ZFS filesystem

## If the hosting OS is less than  Solaris 11
# lofiadm -a sol-11-1-repo-full.iso /dev/lofi/1
# mount -F hsfs   /dev/lofi/i    /mnt/IPS_repo                            – OR –
# If the host OS is Solaris 11
# mount -F hsfs -o ro sol-11-1-repo-full.iso /mnt/IPS_repo

# rsync   -aP  /mnt/IPS_repo/repo   /export/IPS
(This will likely take a few hours – it copies data from the ISO to the filesystem)

# pkgrepo refresh -s /export/IPS
(refresh the catalogs and search data for the repo)

4.  Configure the repo server service – set readonly property. set inst_root property
# svccfg -s application/pkg/server   setprop  pkg/inst_root=/export/IPS/repo
# svccfg -s application/pkg/server   setprop  pkg/readonly=true     ( In the future,  set readonly to false before updating IPS with patches )

# svcprop -p   pkg/inst_root           application/pkg/server        /export/IPS/repo
(This will set the inst_root property of the ‘server’ package to be IPS/repo )
# svcadm  refresh                         application/pkg/server
( Force service to re-read its config file – !before starting it.
Refresh the snapshot’d configs with the service running config )
# svcadm  enable                          application/pkg/server

# svcs                                          application/pkg/server
online …

# zfs set  share.nfs=on  /export/IPS  name=repoSolaris11,path/export/IPS,prot=nfs
# dfshares  s11-ss
This shares out /export/IPS  as a mountpoint /export/IPS using NFS.

5.  Setup the  local IPS publisher   URI (to server.mydomain.com )
#  pkg  publisher
solaris          origin  online      F   http://pkg.oracle.com/solaris/release
# pkg set-publisher -G ‘*’            -g http://server.mydomain.com/
( where server is your server and include the trailing ‘/’ -G means first delete old data )
(output shows:)  solaris
# pkg publisher
solaris            origin   online      F  http://server.mydomain.com
(Note the URI returned- http://server.mydomain.com as the destination for jumpstart. publisher is the type of repository:  solaris / cluster-ha / etc )

6.  Testing IPS on the local server –
Search the IPS repo for the package named ‘entire’
# pkg search entire
(output)  pkg.fmri     set    solaris/entire       pkg:/entire@0.5.11-0….

## Client Side

#  pkg info    ( NOTE : NOT pkginfo )
#  pkg list      – Locally installed packages     ( the last column  shows three fields :  ifo  – Installed, Frozen, Obsolete)
#  pkg list -a   : all packages (even not installed, but in the repository)
#  pkg search pkg : search in the repository