The following tables list the tasks you need to perform to prepare for a WAN boot installation.
For a list of the tasks you need to perform to prepare for a secure WAN boot installation, see Table 11–1.
For a description of a secure WAN boot installation over HTTPS, see Secure WAN Boot Installation Configuration.
For a list of the tasks you need to perform to prepare for an insecure WAN boot installation, see Table 11–2.
For a description of an insecure WAN boot installation, see Insecure WAN Boot Installation Configuration.
To use a DHCP server or a logging server, complete the optional tasks that are listed at the bottom of each table.
Table 11–1 Task Map: Preparing to Perform a Secure WAN Boot Installation
Task |
Description |
For Instructions |
---|---|---|
Decide what security features you want to use in your installation. |
Review the security features and configurations to decide what level of security you want to use in your WAN boot installation. | |
Collect WAN boot installation information. |
Complete the worksheet to record all the information you need to perform a WAN boot installation. | |
Create the document root directory on the WAN boot server. |
Create the document root directory and any subdirectories to serve the configuration and installation files. | |
Create the WAN boot miniroot. |
Use the setup_install_server command to create the WAN boot miniroot. | |
Verify that the client system supports WAN boot. |
Check the client OBP for boot argument support of WAN boot. | |
Install the wanboot program on the WAN boot server. |
Copy the wanboot program to the document root directory of the WAN boot server. | |
Install the wanboot-cgi program on the WAN boot server. |
Copy the wanboot-cgi program to the WAN boot server's CGI directory. | |
(Optional) Set up the logging server. |
Configure a dedicated system for displaying boot and installation log messages. | |
Set up the /etc/netboot hierarchy. |
Populate the /etc/netboot hierarchy with the configuration and security files that are required for a WAN boot installation. | |
Configure the web server to use secure HTTP for a more secure WAN boot installation. |
Identify the web server requirements that are necessary to perform a WAN installation with HTTPS. | |
Format digital certificates for a more secure WAN boot installation. |
Split PKCS#12 file into a private key and a certificate to use with the WAN installation. |
(Optional) To Use Digital Certificates for Server and Client Authentication |
Create a hashing key and an encryption key for a more secure WAN boot installation. |
Use the wanbootutil keygen command to create HMAC SHA1, 3DES, or AES keys. | |
Create the Solaris Flash archive. |
Use the flarcreate command to create an archive of the software that you want to install on the client. | |
Create the installation files for the custom JumpStart installation. |
Use a text editor to create the following files:
| |
Create the system configuration file. |
Set the configuration information in the system.conf file. | |
Create the WAN boot configuration file. |
Set the configuration information in the wanboot.conf file. | |
(Optional) Configure the DHCP server to support a WAN boot installation. |
Set Sun vendor options and macros in the DHCP server. |
Preconfiguring System Configuration Information With the DHCP Service (Tasks) |
Table 11–2 Task Map: Preparing to Perform an Insecure WAN Boot Installation
Task |
Description |
For Instructions |
---|---|---|
Decide what security features you want to use in your installation. |
Review the security features and configurations to decide what level of security you want to use in your WAN boot installation. | |
Collect WAN boot installation information. |
Complete the worksheet to record all the information you need to perform a WAN boot installation. | |
Create the document root directory on the WAN boot server. |
Create the document root directory and any subdirectories to serve the configuration and installation files. | |
Create the WAN boot miniroot. |
Use the setup_install_server command to create the WAN boot miniroot. | |
Verify that the client system supports WAN boot. |
Check the client OBP for boot argument support of WAN boot. | |
Install the wanboot program on the WAN boot server. |
Copy the wanboot program to the document root directory of the WAN boot server. | |
Install the wanboot-cgi program on the WAN boot server. |
Copy the wanboot-cgi program to the WAN boot server's CGI directory. | |
(Optional) Set up the logging server. |
Configure a dedicated system for displaying boot and installation log messages. | |
Set up the /etc/netboot hierarchy. |
Populate the /etc/netboot hierarchy with the configuration and security files that are required for a WAN boot installation. | |
(Optional) Create a hashing key. |
Use the wanbootutil keygen command to create HMAC SHA1 key. For insecure installations that check data integrity, complete this task to create an HMAC SHA1 hashing key. | |
Create the Solaris Flash archive. |
Use the flarcreate command to create an archive of the software that you want to install on the client. | |
Create the installation files for the custom JumpStart installation. |
Use a text editor to create the following files:
| |
Create the system configuration file. |
Set the configuration information in the system.conf file. | |
Create the WAN boot configuration file. |
Set the configuration information in the wanboot.conf file. | |
(Optional) Configure the DHCP server to support a WAN boot installation. |
Set Sun vendor options and macros in the DHCP server. |
Preconfiguring System Configuration Information With the DHCP Service (Tasks) |