Sun Data Center
Sun Data Center
http://www.sun.com/blueprints
Sun Microsystems, Inc.
4150 Network Circle
Santa Clara, CA 95045 U.S.A.
650 960-1300
Part No. 817-0183-10
Revision 1.0, 10/01/02
Edition: October 2002
Copyright 2002 Sun Microsystems, Inc. 4150 Network Circle, Santa Clara, California 95045 U.S.A. All rights reserved.
This product or document is protected by copyright and distributed under licenses restricting its use, copying, distribution, and decompilation. No part of this
product or document may be reproduced in any form by any means without prior written authorization of Sun and its licensors, if any. Third-party software,
including font technology, is copyrighted and licensed from Sun suppliers.
Parts of the product may be derived from Berkeley BSD systems, licensed from the University of California. UNIX is a registered trademark in the United
States and other countries, exclusively licensed through X/Open Company, Ltd.
Sun, Sun Microsystems, the Sun logo, Sun BluePrints, Sun Blade, Sun Fire, Solaris, Solstice DiskSuite, and JumpStart are trademarks or registered trademarks
of Sun Microsystems, Inc. in the United States and other countries. All SPARC trademarks are used under license and are trademarks or registered trademarks
of SPARC International, Inc. in the US and other countries. Products bearing SPARC trademarks are based upon an architecture developed by Sun
Microsystems, Inc.
The OPEN LOOK and Sun™ Graphical User Interface was developed by Sun Microsystems, Inc. for its users and licensees. Sun acknowledges the pioneering
efforts of Xerox in researching and developing the concept of visual or graphical user interfaces for the computer industry. Sun holds a non-exclusive license
from Xerox to the Xerox Graphical User Interface, which license also covers Sun’s licensees who implement OPEN LOOK GUIs and otherwise comply with
Sun’s written license agreements.
RESTRICTED RIGHTS: Use, duplication, or disclosure by the U.S. Government is subject to restrictions of FAR 52.227-14(g)(2)(6/87) and FAR
52.227-19(6/87), or DFAR 252.227-7015(b)(6/95) and DFAR 227.7202-3(a).
DOCUMENTATION IS PROVIDED “AS IS” AND ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES,
INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT,
ARE DISCLAIMED, EXCEPT TO THE EXTENT THAT SUCH DISCLAIMERS ARE HELD TO BE LEGALLY INVALID.
Copyright 2002 Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, Californie 95045 Etats-Unis. Tous droits réservés.
Ce produit ou document est protégé par un copyright et distribué avec des licences qui en restreignent l’utilisation, la copie, la distribution, et la décompilation.
Aucune partie de ce produit ou document ne peut être reproduite sous aucune forme, par quelque moyen que ce soit, sans l’autorisation préalable et écrite de
Sun et de ses bailleurs de licence, s’il y en a. Le logiciel détenu par des tiers, et qui comprend la technologie relative aux polices de caractères, est protégé par un
copyright et licencié par des fournisseurs de Sun.
Des parties de ce produit pourront être dérivées des systèmes Berkeley BSD licenciés par l’Université de Californie. UNIX est une marque enregistree aux
Etats-Unis et dans d’autres pays et licenciée exclusivement par X/Open Company Ltd.
Sun, Sun Microsystems, the Sun logo, Sun BluePrints, Sun Blade, Sun Fire, Solaris, Solstice DiskSuite, et JumpStart sont des marques de fabrique ou des
marques déposées, ou marques de service, de Sun Microsystems, Inc. aux Etats-Unis et dans d’autres pays. Toutes les marques SPARC sont utilisées sous
licence et sont des marques de fabrique ou des marques déposées de SPARC International, Inc. aux Etats-Unis et dans d’autres pays. Les produits portant les
marques SPARC sont basés sur une architecture développée par Sun Microsystems, Inc.
L’interface d’utilisation graphique OPEN LOOK et Sun™ a été développée par Sun Microsystems, Inc. pour ses utilisateurs et licenciés. Sun reconnaît les
efforts de pionniers de Xerox pour la recherche et le développement du concept des interfaces d’utilisation visuelle ou graphique pour l’industrie de
l’informatique. Sun détient une licence non exclusive de Xerox sur l’interface d’utilisation graphique Xerox, cette licence couvrant également les licenciés de
Sun qui mettent en place l’interface d’utilisation graphique OPEN LOOK et qui en outre se conforment aux licences écrites de Sun.
CETTE PUBLICATION EST FOURNIE "EN L’ETAT" ET AUCUNE GARANTIE, EXPRESSE OU IMPLICITE, N’EST ACCORDEE, Y COMPRIS DES
GARANTIES CONCERNANT LA VALEUR MARCHANDE, L’APTITUDE DE LA PUBLICATION A REPONDRE A UNE UTILISATION
PARTICULIERE, OU LE FAIT QU’ELLE NE SOIT PAS CONTREFAISANTE DE PRODUIT DE TIERS. CE DENI DE GARANTIE NE
S’APPLIQUERAIT PAS, DANS LA MESURE OU IL SERAIT TENU JURIDIQUEMENT NUL ET NON AVENU.
Please
Recycle
Managing Data Centers With Sun™
Management Center Change
Manager
Deploying and updating software are two of the most challenging and time
consuming tasks facing data center managers. The Sun™ Management Center
(SunMC) Change Manager provides a framework and tools for data center personnel
to quickly and efficiently deploy, replicate, update, and manage software over a
large number of systems.
This paper presents techniques and best practices for using SunMC Change
Manager. The software utilizes Solaris™ Flash archives and Solaris™ Live Upgrade
(LU) technology to manage software stacks. This paper details the following topics:
■ Overview of Solaris Flash archives and LU technology
■ Creation of software stacks
■ Uses of the SunMC Change Manager deployment engine
■ Provisioning and reprovisioning of systems
■ Installation and management of software patches
1
Overview of Solaris Flash Technology
Solaris Flash technology provides a mechanism by which you can archive a specific
or reference installation of the Solaris™ Operating Environment (Solaris OE). You
can then use that archive to install the Solaris OE. The reference installation is
created from the on-disk Solaris OE, which includes all installed software. This
system is designated as the master machine. The reference installation can be a
Solaris OE installed by any means, for example, with JumpStart™ software, from
CD, or by an interactive installation.
After you identify the master machine, capture the reference installation in a Solaris
Flash archive. A central feature of Solaris Flash software, this archive is essentially a
point-in-time snapshot of the Solaris OE, software patches, and applications on the
master machine. To create an archive, execute the flarcreate(1m) command on
the master machine.
Solaris Flash extensions enable you to install an archive from a Network File System
(NFS) server, a Hypertext Transfer Protocol (HTTP) server, or a traditional JumpStart
server. Additionally, you can access the archive from a disk device (including CD-
ROM) or from tape device that is local to the installation client. When you install an
archive, it is transmitted over the network to the installation client and is written to
the disk. After the archive is written to the installation client’s disk, any necessary
archive modifications are performed. For example, configuration files on the
installation client, such as the /etc/nsswitch.conf file, might need to vary from
the file on the master machine. The Solaris Flash mechanism enables you to
automate modifications and allows for differences in kernel architecture or device
differences between the master machine and the installation client.
A flash archive is a snapshot of a system and, as such, includes all specified files on
a system. If an archive is created from a system that is in use, you will need to clean
up or zero out some files after the flash archive is installed. Examples of these types
of files include log files, such as those found in /var/adm, and any files in the
/var/tmp directory.
Modify the finish script to zero out log files after installation of the Solaris Flash
archive. To exclude temporary directories, such as the /var/tmp directory, exclude
the directory when you create the flash archive. See “Inducing System Amnesia” on
page 8 for additional details.
2 Managing Data Centers With Sun™ Management Center Change Manager • October 2002
Create the flash archive after installing all software, but before placing the system
into production. Depending on the software installed and the intended use for the
system, you might need to create the flash archive after installing the software, but
before configuring it. For example, you should create archives for database servers
or Lightweight Directory Access Protocol (LDAP) servers after installing the
database management software, but before creating and populating the databases.
Installing the Solaris OE with a flash archive can be dramatically faster than with
other mechanisms, depending on network traffic and disk speeds.
You can find further details on the use of Solaris Flash software in the Solaris 9 OE
Advanced Installation Guide and the Sun BluePrints™ book, JumpStart Technology:
Effective Use in the Solaris Operating Environment by John S. Howard and Alex
Noordergraaf (ISBN 0-13-062154-4).
LU 2.0 software was also released as a web release (08/01) that is available at
http://www.sun.com/solaris/liveupgrade. LU 2.0 software works with, and
can be installed on, all releases of the Solaris OE versions 2.6, 7, 8, and 9. LU 2.0
software is the first general-availability release of the software. It is recommended
over the use of LU 1.0 software, which must never be used in a production
environment or on a production server.
Note – The CUI has a few restrictions: it is neither localized, nor internationalized.
Also, the existing CUI does not provide access to the full functionality of the LU
software.
The active BE is the one that is currently booted and active; all other defined BEs are
considered inactive. Inactive BEs, are referred to as ABEs (alternate BEs).
BEs can be completely self-contained, or they can share file systems. Only file
systems that do not contain any OE-specific data and that must be available in any
OE should be shared among BEs. For example, users’ home directories on the
/export/home file system are good candidates to share among several BEs.
If you used multiple file systems for the Solaris OE, such as separate file systems for
/kernel, /usr, /etc, /, and so forth, do not share OE-specific file systems among
BEs. In addition, do not split certain file systems (such as /kernel, /etc, /dev, or
/devices) from /. If you split them onto a separate file system from /, the BE that
is created might not be bootable.
To back up BEs created with LU, use the ufsdump or fssnap commands. Consult
the man pages for information about the uses of these commands.
Upgrading Systems
To appreciate the value of using LU software to upgrade a system, consider the
common situation of having to upgrade a production server from the Solaris 8 OE to
the Solaris 9 OE. Most likely, you could not take the server down to do the upgrade.
Additionally, site change control procedures likely require that you provide a back-
out plan to restore the initial Solaris 8 OE in the case of any unforeseen upgrade
failures or software incompatibilities. Using LU, you can complete this upgrade
while the Solaris 8 OE is up and live. The LU framework also provides for the
retention of the Solaris 8 OE as a fallback in case of a failure during the upgrade
procedure.
3. Install (or upgrade) unbundled software, patching as necessary, in the new BE.
4. When you are ready to cut over to the new version of the OE, activate the new BE
and reboot into the new BE.
4 Managing Data Centers With Sun™ Management Center Change Manager • October 2002
Rather than using slice 7 of the boot disk for the /export file system, use this slice
for the clone OE or as an ABE.
The use of a software stack helps diminish the total cost of ownership (TCO) of a
system. With a software stack, the configured system implements published best
practices and site standards that have been validated before the system is deployed
in the data center.
The use of a software stack ensures that all such systems are identically configured.
This consistency leverages the experiences of the data center personnel. Their
experiences on one system are now applicable across many systems. This helps
decrease the TCO as well as speeding system recovery in the event of a failure. In the
The SunMC Change Manager uses a customizable flash archive to implement and
deploy software stacks. The system that is used as the archetype from which the
software stack is created is referred to as the master system.
Software that stores configuration information outside of a UNIX R file system might
not be correctly configured on the flash installed client. For example, logical volume
management software like VERITAS Volume Manager (VxVM) or Solstice
DiskSuite™ software store metainformation (such as logical volume layout and
RAID configuration information) in raw partitions, outside of a file system.
Installing a system from a flash archive created on a master machine that uses VxVM
with an encapsulated and mirrored boot disk is not possible. Because archive
creation does not (and cannot) access the metainformation in the VxVM private
regions, any subsequent installation from that archive would be incomplete and
unbootable. The configuration of system software such as this is specified by the
SunMC Change Manager parameters file. The configuration of software is done by
processing this parameters file after the flash archive is installed.
To implement software stacks in a flash archive, create the archive on the master
machine after installing all software, but before configuring the software. Using the
example of a master machine with a VxVM encapsulated and mirrored boot disk,
you would create the flash archive after installing the Solaris OE, after adding VxVM
packages, and before executing vxinstall to configure the VxVM software. In this
example, you can configure the VxVM installation client, including encapsulating
and mirroring the boot disk, from a finish script after the flash archive is installed.
The values required to complete this configuration, such as the disk to use as the
root mirror, are specified in the parameters file as user defined keyword and value
pairs.
6 Managing Data Centers With Sun™ Management Center Change Manager • October 2002
Building Software Stacks
When selecting a system to be used as the master system and when building the
software stack, pay attention to the types of hardware where the stack will be
deployed. All software that might be necessary on the installation clients must be
contained in the software stack.
As another example, consider a flash archive created on a Sun Fire™ 15K domain. In
most instances, the domain will not have a graphics frame buffer installed, and
consequently, no drivers for any graphic frame buffers. This will not prohibit the
flash archive from being correctly deployed onto a wide range of platforms.
However, if one of those platforms is a Sun Blade™ 1000 workstation, the graphics
monitor and frame buffer will not be available due to the lack of frame buffer drivers
in the flash archive. To avoid this issue, either:
■ Ensure that all possible drivers and Solaris OE software that might be needed on
any potential client are on the master system (and in the flash archive) or that any
missing software is installed from a JumpStart finish script after the flash archive
is installed.
■ Or, deploy the software stack to only those systems that are appropriate for that
stack.
The first approach is the recommended solution. You can easily install all Solaris OE
software by installing the Entire Distribution plus OEM Software (SUNWCXall)
package meta-cluster, as well as any third-party or specialized device drivers, on the
master system.
Unconfiguring Software
Just as some software applications require specific information and procedures to
complete their configuration, some software applications have specific de-
installation and unconfiguration procedures. Typically, this unconfiguration can
consist of removing host specific information, such as host or device names, from
configuration files.
8 Managing Data Centers With Sun™ Management Center Change Manager • October 2002
It is also important to keep in mind that if any locally developed applications or
tools utilize any of the preceding file types, those files must also be cleaned. To help
enable locally developed system applications and tools to automatically clean up
after themselves on a re-configuration boot, register them with the sysidconfig
command. Consult the sysidconfig(1m) man page for details about registering
applications.
The SunMC Change Manager also provides a software stack audit tool to create
inventories of software stacks running on clone systems. This tool helps validate the
contents of deployed stacks by comparing the contents of a managed host’s file
systems (the deployed and installed software stack) to a known good reference
configuration. These auditing features are referred to as the bart subsystem. For
details on the usage of the auditing tool, consult the bart(1m) man page.
You can also use the software to implement rolling upgrades, that is, software
upgrades of a large number of systems. You can deploy upgrades to managed
systems and to systems that are scheduled to reboot into the upgraded system at a
convenient time. This approach helps ensure a smooth transition to the new
software, with minimal impact to the end user.
10 Managing Data Centers With Sun™ Management Center Change Manager • October 2002
Additionally, you can use a system profile to specify per system information. The
values specified in this profile override or complete information from the shared
profile, and are applied only to the specified individual host.
The following example shows the shared profile template and system profile
template used to install a software stack on a system named barossa.
Note – These profile templates use the JumpStart framework profile keyword
rootdisk. Using this keyword avoids the need to know the Small Computer
Systems Interface (SCSI) or fibre disk configuration of the target system.
The system disk layout specified by the shared template is suitable for a 36-gigabyte
disk:
■ Root device: rootdisk.s0
■ Root size: 8192
■ Swap device: rootdisk.s1
■ Swap size: 2048
These templates also specify that an LU ABE is to be created when the software stack
is installed. The ABE location information specified is:
■ ABE root device: any
■ ABE root size: 8192
# sharedProf.template
The profile template used to install barossa follows. However, barossa has only
an 18-gigabyte disk drive, so this profile overrides the following specifications from
the shared template:
■ Root size: 4096
■ ABE root device: rootdisk.s5
■ ABE root size: 4096
■ Network timeserver host: timehost
12 Managing Data Centers With Sun™ Management Center Change Manager • October 2002
The specifications that have been overridden are in bold.
# barossaProf.template
To deploy a patch or set of patches using the SunMC Change Manager, install, verify,
and validate the patches on a single system. The verification and validation of the
patches on a single system is very important. At this time, you should validate not
only that patches address the issue for which they were designed, but also that they
do not negatively interact with other third-party software and that they do not
negatively affect software performance.
After you have tested and validated the patches, use the patched system as a master
system for creating a software stack that contains the system software, any other
installed software, and all installed patches. You can then deploy this software stack
on all similar systems or on all systems that require the patched software stack.
It is also important to keep in mind that because LU technology is being used, you
can deploy the patched software stack to an ABE. If you later determine that a
problem exists with the patched software stack, the previous software stack is still
available in the previously activated BE. This fact might also be used to mitigate
exposure to risk during the deployment of new versions of system software or
application software.
John is the author of numerous technical papers and co-author of the books
“JumpStart Technology: Effective Use in the Solaris™ Operating Environment” and
“Boot Disk Management: A Guide for the Solaris™ Operating Environment.”
Acknowledgements
The author would like to thank Julie Snow, Richard Elling, and Barry Greenberg for
their suggestions, comments, and criticisms of this paper.
14 Managing Data Centers With Sun™ Management Center Change Manager • October 2002
Accessing Sun Documentation Online
The docs.sun.com web site enables you to access Sun technical documentation
online. You can browse the docs.sun.com archive or search for a specific book title
or subject. The URL is http://docs.sun.com/
To reference Sun BluePrints OnLine articles, visit the Sun BluePrints OnLine Web site at:
http://www.sun.com/blueprints/online.html