How Solaris for ISPs Installs

Because the typical UNIX server must run a variety of applications, the default Solaris installation assumes that most UNIX services are needed. ISPs focus more narrowly on providing specific services in a public environment. They have heavy performance and security requirements.

To configure Solaris to their needs, ISP administrators typically perform elaborate hardening and tuning tasks. They stop unneeded Solaris services and change file permissions to close security vulnerabilities. This process can take hours.

The host configuration software in Solaris for ISPs automates this hardening and tuning process for the administrator. In addition to copying the necessary software packages to their proper locations, it hardens the underlying Solaris 2.6 foundation, changing file owners and modes where appropriate as well as configuring Solaris security and logging mechanisms. A final step in this process is selectively disabling standard Solaris services (such as finger or rlogin) when they do not support the purpose of a given host machine.

Solaris for ISPs host configuration can be performed interactively by using its graphical user interface, or repeatably and non-interactively using JumpStart.

Host Configuration Model

The configuration process works by building a scenario of the current state of the system, what software components are available to be installed, and what the user has selected for install or uninstall.

Figure 1-2 Solaris for ISPs Host Configuration Process

The host configuration software can also be used to reconfigure a host after installation, adding and removing services as needed.

Repeatable Configuration

Interactive host configuration (using the graphical user interface) provides the option to save a configuration scenario (in the form of a binary and some associated files). By creating and saving a scenario, the ISP administrator can use it in a JumpStart^TM finish script, forming a non-interactive, one-step installation. Such JumpStart installations are repeatable and can be used to configure identically.

JumpStart is a part of the Solaris operating system that can perform customized, repeatable installations of Solaris both locally and remotely. See the Solaris Advanced Installation Guide for details on how to create a custom JumpStart installation. See Chapter 2 of this guide for information on how to use a scenario file in a finish script for a custom JumpStart installation.