| Skip Navigation Links | |
| Exit Print View | |
|
Oracle Solaris 10 9/10 Installation Guide: Network-Based Installations |
| Skip Navigation Links | |
| Exit Print View | |
|
|
Oracle Solaris 10 9/10 Installation Guide: Network-Based Installations |
Part I Planning to Install Over the Network
1. Where to Find Solaris Installation Planning Information
2. Preconfiguring System Configuration Information (Tasks)
3. Preconfiguring With a Naming Service or DHCP
Part II Installing Over a Local Area Network
4. Installing From the Network (Overview)
5. Installing From the Network With DVD Media (Tasks)
6. Installing From the Network With CD Media (Tasks)
7. Patching the Miniroot Image (Tasks)
8. Installing Over the Network (Examples)
9. Installing From the Network (Command Reference)
Part III Installing Over a Wide Area Network
11. Preparing to Install With WAN Boot (Planning)
12. Installing With WAN Boot (Tasks)
Installing Over a Wide Area Network (Task Maps)
Configuring the WAN Boot Server
Creating the Document Root Directory
Creating the WAN Boot Miniroot
SPARC: To Create a WAN Boot Miniroot
Verifying WAN Boot Support on the Client
To Check the Client OBP for WAN Boot Support
Installing the wanboot Program on the WAN Boot Server
SPARC: To Install the wanboot Program on the WAN Boot Server
Creating the /etc/netboot Hierarchy on the WAN Boot Server
To Create the /etc/netboot Hierarchy on the WAN Boot Server
Copying the WAN Boot CGI Program to the WAN Boot Server
To Copy the wanboot-cgi Program to the WAN Boot Server
(Optional) To Configure the WAN Boot Logging Server
(Optional) Protecting Data by Using HTTPS
(Optional) To Use Digital Certificates for Server and Client Authentication
(Optional) To Create a Hashing Key and an Encryption Key
Creating the Custom JumpStart Installation Files
To Create the Solaris Flash Archive
(Optional) Creating Begin and Finish Scripts
(Optional) Providing Configuration Information With a DHCP Server
13. SPARC: Installing With WAN Boot (Tasks)
14. SPARC: Installing With WAN Boot (Examples)
WAN boot uses the following files to specify the location of the data and files that are required for a WAN boot installation.
System configuration file (system.conf)
wanboot.conf file
This section describes how to create and store these two files.
In the system configuration file, you can direct the WAN boot installation programs to the following files.
sysidcfg file
rules.ok file
Custom JumpStart profile
WAN boot follows the pointers in the system configuration file to install and configure the client.
The system configuration file is a plain text file, and must be formatted in the following pattern.
setting=value
To use a system configuration file to direct the WAN installation programs to the sysidcfg, rules.ok, and profile files, follow these steps.
Before you create the system configuration file, you must create the installation files for you WAN boot installation. See Creating the Custom JumpStart Installation Files for detailed instructions.
This setting points to the flash directory on the install server that contains the sysidcfg file. Make sure that this URL matches the path to the sysidcfg file that you created in To Create the sysidcfg File.
For WAN installations that use HTTPS, set the value to a valid HTTPS URL.
This setting points to the Solaris Flash directory on the install server that contains the rules.ok file, profile file, and begin and finish scripts. Make sure that this URL matches the path to the custom JumpStart files that you created in To Create the Profile and To Create the rules File.
For WAN installations that use HTTPS, set the value to a valid HTTPS URL.
For administration purposes, you might want to save the file to the appropriate client directory in the /etc/netboot directory on the WAN boot server.
# chmod 600 /path/system-conf-file
Example 12-12 System Configuration File for WAN Boot Installation Over HTTPS
In the following example, the WAN boot programs check for the sysidcfg and custom JumpStart files on the web server https://www.example.com on port 1234. The web server uses secure HTTP to encrypt data and files during the installation.
The sysidcfg and custom JumpStart files are located in the flash subdirectory of the document root directory /opt/apache/htdocs.
SsysidCF=https://www.example.com:1234/flash SjumpsCF=https://www.example.com:1234/flash
Example 12-13 System Configuration File for Insecure WAN Boot Installation
In the following example, the WAN boot programs check for the sysidcfg and custom JumpStart files on the web server http://www.example.com. The web server uses HTTP, so the data and files are not protected during the installation.
The sysidcfg and custom JumpStart files are located in the flash subdirectory of the document root directory /opt/apache/htdocs.
SsysidCF=http://www.example.com/flash SjumpsCF=http://www.example.com/flash
After you create the system configuration file, create the wanboot.conf file. For instructions, see To Create the wanboot.conf File.
The wanboot.conf file is a plain text configuration file that the WAN boot programs use to perform a WAN installation. The wanboot-cgi program, the boot file system, and the WAN boot miniroot all use the information included in the wanboot.conf file to install the client machine.
Save the wanboot.conf file in the appropriate client subdirectory in the /etc/netboot hierarchy on the WAN boot server. For information about how to define the scope of your WAN boot installation with the /etc/netboot hierarchy, see Creating the /etc/netboot Hierarchy on the WAN Boot Server.
If the WAN boot server is running the current Solaris release, a sample wanboot.conf file is located in /etc/netboot/wanboot.conf.sample. You can use this sample as a template for your WAN boot installation.
You must include the following information in the wanboot.conf file.
|
You specify this information by listing parameters with associated values in the following format.
parameter=value
For detailed information about wanboot.conf file parameters and syntax, see wanboot.conf File Parameters and Syntax.
To create the wanboot.conf file, follow these steps.
You can create a new text file that is named wanboot.conf, or use the sample file that is located in /etc/netboot/wanboot.conf.sample. If you use the sample file, rename the file wanboot.conf after you add parameters.
For detailed descriptions of wanboot.conf parameters and values, see wanboot.conf File Parameters and Syntax.
For information about how to create the /etc/netboot hierarchy, see Creating the /etc/netboot Hierarchy on the WAN Boot Server.
# bootconfchk /etc/netboot/path-to-wanboot.conf/wanboot.conf
Specifies the path to the client's wanboot.conf file on the WAN boot server
If the wanboot.conf file is structurally valid, the bootconfchk command returns an exit code of 0.
If the wanboot.conf file is invalid, the bootconfchk command returns a nonzero exit code.
# chmod 600 /etc/netboot/path-to-wanboot.conf/wanboot.conf
Example 12-14 wanboot.conf File for WAN Boot Installation Over HTTPS
The following wanboot.conf file example includes configuration information for a WAN installation that uses secure HTTP. The wanboot.conf file also indicates that a 3DES encryption key is used in this installation.
boot_file=/wanboot/wanboot.s10_sparc root_server=https://www.example.com:1234/cgi-bin/wanboot-cgi root_file=/miniroot/miniroot.s10_sparc signature_type=sha1 encryption_type=3des server_authentication=yes client_authentication=no resolve_hosts= boot_logger=https://www.example.com:1234/cgi-bin/bootlog-cgi system_conf=sys-conf.s10–sparc
This wanboot.conf file specifies the following configuration.
The second level boot program is named wanboot.s10_sparc. This program is located in the /wanboot directory in the WAN boot server's document root directory.
The location of the wanboot-cgi program on the WAN boot server is https://www.example.com:1234/cgi-bin/wanboot-cgi. The https portion of the URL indicates that this WAN boot installation uses secure HTTP.
The WAN boot miniroot is named miniroot.s10_sparc. This miniroot is located in the /miniroot directory in the WAN boot server's document root directory.
The wanboot.s10_sparc program and the WAN boot file system are signed with a HMAC SHA1 hashing key.
The wanboot.s10_sparc program and the boot file system are encrypted with a 3DES key.
The server is authenticated during the installation.
The client is not authenticated during the installation.
No additional host names are needed to perform the WAN installation. All required files and information are located in the document root directory on the WAN boot server.
(Optional) Booting and installation log messages are recorded on the WAN boot server by using secure HTTP.
For instructions on how to set up a logging server for your WAN boot installation, see (Optional) To Configure the WAN Boot Logging Server.
The system configuration file that contains the locations of the sysidcfg and JumpStart files is located in a subdirectory of the /etc/netboot hierarchy. The system configuration file is named sys-conf.s10–sparc.
Example 12-15 wanboot.conf File for Insecure WAN Boot Installation
The following wanboot.conf file example includes configuration information for a less secure WAN boot installation that uses HTTP. This wanboot.conf file also indicates that the installation does not use an encryption key or a hashing key.
boot_file=/wanboot/wanboot.s10_sparc root_server=http://www.example.com/cgi-bin/wanboot-cgi root_file=/miniroot/miniroot.s10_sparc signature_type= encryption_type= server_authentication=no client_authentication=no resolve_hosts= boot_logger=http://www.example.com/cgi-bin/bootlog-cgi system_conf=sys-conf.s10–sparc
This wanboot.conf file specifies the following configuration.
The second level boot program is named wanboot.s10_sparc. This program is located in the /wanboot directory in the WAN boot server's document root directory.
The location of the wanboot-cgi program on the WAN boot server is http://www.example.com/cgi-bin/wanboot-cgi. This installation does not use secure HTTP.
The WAN boot miniroot is named miniroot.s10_sparc. This miniroot is located in the /miniroot subdirectory in the WAN boot server's document root directory.
The wanboot.s10_sparc program and the WAN boot file system are not signed with a hashing key.
The wanboot.s10_sparc program and the boot file system are not encrypted.
The server is not authenticated with keys or certificates during the installation.
The client is not authenticated with keys or certificates during the installation.
No additional host names are needed to perform the installation. All required files and information are located in the document root directory on the WAN boot server.
(Optional) Booting and installation log messages are recorded on the WAN boot server.
For instructions on how to set up a logging server for your WAN boot installation, see (Optional) To Configure the WAN Boot Logging Server.
The system configuration file that contains the locations of the sysidcfg and JumpStart files is named sys-conf.s10–sparc. This file is located in the appropriate client subdirectory of the /etc/netboot hierarchy.
After you create the wanboot.conf file, you can optionally configure a DHCP server to support WAN boot. For instructions, see (Optional) Providing Configuration Information With a DHCP Server.
If you do not want to use a DHCP server in your WAN boot installation, see To Check the net Device Alias in the Client OBP to continue the WAN boot installation.
For detailed descriptions of wanboot.conf parameters and values, see wanboot.conf File Parameters and Syntax and the man page wanboot.conf(4).
|