test

Trusted Solaris Installation and Configuration

Appendix C Sample Custom JumpStart Installation

This example shows a set of steps an install team would take to do a custom JumpStart installation for a fictitious site.

Sample Site Setup

The following figure shows the sample site setup for this example.

Figure C-1 Sample Site Setup

Graphic

At this fictitious site:

Create a JumpStart directory.

The system administrator sets up a JumpStart directory on the install server, server_1. This directory will hold files necessary for a custom JumpStart installation of Trusted Solaris software. The easiest way to set up this directory is to copy the sample directory from the copy of the Trusted Solaris CD that has been put in /export/install. As root at the label ADMIN_LOW: 


# cp -r /export/install/jumpstart_sample /jumpstart

Share the JumpStart directory.

The system administrator shares the /jumpstart directory so that the rules file and profiles are accessible to systems on the network. To accomplish this, the administrator in the role admin at the label ADMIN_LOW uses the Set Mount Points action in the System_Admin folder to add the following line to the /etc/dfs/dfstab file: 


share -F nfs -o ro,anon=0 /jumpstart

Then, at the command line, the administrator in the role admin at the label ADMIN_LOW uses the unshareall and shareall commands:


# unshareall
# shareall

Create the eng_profile profile.

The security administrator in the role root at the label ADMIN_LOW using the Admin Editor action, creates a file named eng_profile in the /jumpstart directory. The eng_profile file has the following entries, which define the Trusted Solaris software to be installed on systems in the engineering group. 

install_type  initial_install
system_type   standalone
partitioning  default
cluster       SUNWCprog
filesys       any 128 swap

  1. Specifies that the installation will be treated as an initial installation.

  2. Specifies that the engineering systems are standalone systems.

  3. Specifies that the JumpStart software uses default disk partitioning for installing Trusted Solaris software on the engineering systems.

  4. Specifies that the developer's software cluster will be installed.

  5. Specifies that each system in the engineering group will have 128 Mbytes of swap space.

Create the marketing_profile profile.

An administrator in the role root at the label ADMIN_LOW using the Admin Editor creates a file named marketing_profile in the /jumpstart directory. The marketing_profile file has the following entries, which define the Trusted Solaris software to be installed on systems in the marketing group. 

install_type    initial_install
system_type     standalone
partitioning    default
cluster         SUNWCuser
package         SUNWaudmo

  1. Specifies that the installation will be treated as an initial installation, as opposed to an upgrade.

  2. Specifies that the marketing systems are standalone systems.

  3. Specifies that the JumpStart software will use default disk partitioning for installing Trusted Solaris software on the marketing systems.

  4. Specifies that the end user software cluster is to be installed.

  5. Specifies that the audio demo software package is to be added to each system.

Edit the rules file.

The security administrator must define the rules file. The Trusted Solaris installation program will use the contents of this file to select the proper installation for each department.

At this site, each department is on its own subnet and network address. The administrator uses this information to control how systems are installed. The engineering department is on subnet 255.222.43.0, and marketing is on 255.222.44.0.

In the /jumpstart directory, the administrator in the role secadmin at the label ADMIN_LOW using the Admin Editor edits the rules file, deletes all of the example rules, and enters:

network 255.222.43.0 - eng_profile    -
network 255.222.44.0 - marketing_profile -
Note -

These are sample rules in which an administrator uses a network address to identify which systems will be installed with the eng_profile and marketing_profile, respectively. The administrator could also have chosen to use host names, memory size, or model type as the rule keyword. See "Rule Keyword and Rule Value Descriptions"for a complete list of keywords you can use in a rules file.

Execute the check script.

After the rules and profile files are properly set up, the system administrator runs the check(1M) script to verify the files. At the label ADMIN_LOW in a profile shell (pfsh(1M)), as role admin: 


$ cd /jumpstart
$ ./check

When check finds no errors, it creates the rules.ok file.

Set up the engineering systems for installation.

After setting up the /jumpstart directory and appropriate files, the administrator sets up the install server to install Trusted Solaris software on the engineering systems.

The administrator first sets up the engineering systems because they are on the same subnet as the install server. On the install server, the administrator in the role root at the label ADMIN_LOW uses the add_install_client(1M) command:


# cd /export/install
# ./add_install_client -c server_1:/jumpstart host_eng1 sun4u
# ./add_install_client -c server_1:/jumpstart host_eng2 sun4u
	.
	.
	.

In the add_install_client command,

-c

Specifies the server (server_1) and path (/jumpstart) to the JumpStart directory.

host_eng1

Is the name of a system in the engineering group.

host_eng2

Is the name of another system in the engineering group.

sun4u

Specifies the platform of the systems that will use server_1 as an install server. (This is the proper platform name for Sun Ultra systems.)

Set up the marketing systems for installation.

Systems cannot boot from an install server on a different subnet, so the administrator sets up a boot server on the marketing group's subnet. On a server on the marketing subnet, the administrator inserts a Trusted Solaris CD. The administrator in the role root at the label ADMIN_LOW then uses the setup_install_server(1M) command to copy the boot software from the CD to the marketing server. 


# cd /cdrom/cdrom0/s0
# ./setup_install_server -b /marketing/boot-dir sun4c

In the setup_install_server command,

-b

Specifies that setup_install_server will copy the boot information from the Trusted Solaris CD to the directory named /marketing/boot-dir.

sun4c

Specifies the platform of the systems that will use this boot server. (This is the proper platform name for Sun IPX systems.)

Next, an administrator in the role root sets up the marketing systems to boot from the local boot server and install Trusted Solaris from the remote install server. At the label admin_low, the administrator uses the add_install_client command on the marketing group's boot server:


# cd /marketing/boot-dir
# ./add_install_client -s server_1:/export/install \
-c server_1:/jumpstart host_mkt1 sun4c
# ./add_install_client -s server_1:/export/install \
-c server_1:/jumpstart host_mkt2 sun4c	...

In the add_install_client command,

-s

Specifies the install server (server_1) and the path to the Trusted Solaris software (/export/install).

-c

Specifies the server (server_1) and path (/jumpstart) to the JumpStart directory.

host_mkt1

Is the name of a system in the marketing group.

host_mkt2

Is the name of another system in the marketing group.

sun4c

Specifies the platform of the systems that will use this boot server. (This is the proper platform name for Sun IPX systems.)

Boot the systems and install Trusted Solaris software.

The install team boots the engineering systems by using the following boot(1M) command at the ok (PROM) prompt of each system.


ok boot net - install