Skip Navigation Links | |
Exit Print View | |
Installing Oracle Solaris 11 Systems Oracle Solaris 11 Information Library |
Part I Oracle Solaris 11 Installation Options
1. Overview of Installation Options
Part II Installing Using Installation Media
2. Preparing for the Installation
5. Automated Installations That Boot From Media
6. Unconfiguring or Reconfiguring an Oracle Solaris instance
Part III Installing Using an Install Server
7. Automated Installation of Multiple Clients
8. Setting Up an Install Server
10. Provisioning the Client System
11. Configuring the Client System
Providing Configuration Profiles
Creating System Configuration Profiles
Validating System Configuration Profiles
Adding System Configuration Profiles To an Install Service
Specifying Configuration in a System Configuration Profile
Terminal Type and Keyboard Layout
Using System Configuration Profile Templates
Example System Configuration Profiles
Sample System Configuration Profile
Specifying Static Network Configuration
12. Installing and Configuring Zones
13. Running a Custom Script During First Boot
14. Setting Up Oracle Configuration Manager For Use By AI Client Systems
The examples in this section are complete system configuration profiles that can be added to an install service using the installadm create-profile command.
This section shows a sample system configuration profile that you might want to use as a base to modify. This sample is available at /usr/share/auto_install/sc_profiles/sc_sample.xml. After you have created an install service, this sample configuration profile is available at image_path/auto_install/sc_profiles/sc_sample.xml.
<?xml version='1.0'?> <!-- Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved. --> <!-- Sample system configuration profile for use with Automated Installer Configures the following: * User account name 'jack', password 'jack', GID 10, UID 101, root role, bash shell * 'root' role with password 'solaris' * Keyboard mappings set to US-English * Timezone set to UTC * Network configuration is automated with Network Auto-magic * DNS name service client is enabled See installadm(1M) for usage of 'create-profile' subcommand. --> <!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1"> <service_bundle type="profile" name="system configuration"> <service name="system/config-user" version="1"> <instance name="default" enabled="true"> <property_group name="user_account"> <propval name="login" value="jack"/> <propval name="password" value="9Nd/cwBcNWFZg"/> <propval name="description" value="default_user"/> <propval name="shell" value="/usr/bin/bash"/> <propval name="gid" value='10'/> <propval name="type" value="normal"/> <propval name="roles" value="root"/> <propval name="profiles" value="System Administrator"/> </property_group> <property_group name="root_account"> <propval name="password" value="encrypted_password"/> <propval name="type" value="role"/> </property_group> </instance> </service> <service version="1" name="system/identity"> <instance enabled="true" name="node"> <property_group name="config"> <propval name="nodename" value="solaris"/> </property_group> </instance> </service> <service name="system/console-login" version="1"> <instance name='default' enabled='true'> <property_group name="ttymon"> <propval name="terminal_type" value="sun"/> </property_group> </instance> </service> <service name='system/keymap' version='1'> <instance name='default' enabled='true'> <property_group name='keymap'> <propval name='layout' value='US-English'/> </property_group> </instance> </service> <service name='system/timezone' version='1'> <instance name='default' enabled='true'> <property_group name='timezone'> <propval name='localtime' value='UTC'/> </property_group> </instance> </service> <service name='system/environment' version='1'> <instance name='default' enabled='true'> <property_group name='environment'> <propval name='LC_ALL' value='en_US.UTF-8'/> </property_group> </instance> </service> <service name="network/physical" version="1"> <instance name="default" enabled="true"> <property_group name='netcfg' type='application'> <propval name='active_ncp' type='astring' value='Automatic'/> </property_group> </instance> </service> </service_bundle>
This sample profile is available at /usr/share/auto_install/sc_profiles/static_network.xml.
This example profile configures the following parameters:
bge0 with IPv4 static address 10.0.0.10 and netmask 255.0.0.0
10.0.0.1 IPv4 default route
bge1 with IPv6 addrconf address type
DNS 8.8.8.8 nameserver
example1.com as local DNS domain name
example2.com and example3.com as DNS search list for host name lookup
The netmask is specified with the notation IPaddress/netmask, where netmask is a number that specifies the number of high-order bits of the netmask.
|
<!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1"> <service_bundle type="profile" name="system configuration"> <service name="system/config-user" version="1"> <instance name="default" enabled="true"> <property_group name="user_account"> <propval name="login" value="jack"/> <propval name="password" value="9Nd/cwBcNWFZg"/> <propval name="description" value="default_user"/> <propval name="shell" value="/usr/bin/bash"/> <propval name="gid" value='10'/> <propval name="type" value="normal"/> <propval name="roles" value="root"/> <propval name="profiles" value="System Administrator"/> </property_group> <property_group name="root_account"> <propval name="password" value="encrypted_password"/> <propval name="type" value="role"/> </property_group> </instance> </service> <service version="1" name="system/identity"> <instance enabled="true" name="node"> <property_group name="config"> <propval name="nodename" value="solaris"/> </property_group> </instance> </service> <service name="system/console-login" version="1"> <instance name='default' enabled='true'> <property_group name="ttymon"> <propval name="terminal_type" value="sun"/> </property_group> </instance> </service> <service name='system/keymap' version='1'> <instance name='default' enabled='true'> <property_group name='keymap'> <propval name='layout' value='US-English'/> </property_group> </instance> </service> <service name='system/timezone' version='1'> <instance name='default' enabled='true'> <property_group name='timezone'> <propval name='localtime' value='UTC'/> </property_group> </instance> </service> <service name='system/environment' version='1'> <instance name='default' enabled='true'> <property_group name='environment'> <propval name='LC_ALL' value='en_US.UTF-8'/> </property_group> </instance> </service> <service name="network/physical" version="1"> <instance name="default" enabled="true"> <property_group name='netcfg' type='application'> <propval name='active_ncp' type='astring' value='DefaultFixed'/> </property_group> </instance> </service> <service name='network/install' version='1' type='service'> <instance name='default' enabled='true'> <property_group name='install_ipv4_interface' type='application'> <propval name='name' type='astring' value='net0/v4'/> <propval name='address_type' type='astring' value='static'/> <propval name='static_address' type='net_address_v4' value='x.x.x.x/n'/> <propval name='default_route' type='net_address_v4' value='x.x.x.x'/> </property_group> <property_group name='install_ipv6_interface' type='application'> <propval name='name' type='astring' value='net0/v6'/> <propval name='address_type' type='astring' value='addrconf'/> <propval name='stateless' type='astring' value='yes'/> <propval name='stateful' type='astring' value='yes'/> </property_group> </instance> </service> <service name='network/dns/client' version='1'> <property_group name='config'> <property name='nameserver'> <net_address_list> <value_node value='x.x.x.x'/> </net_address_list> </property> <property name='search'> <astring_list> <value_node value='example.com'/> </astring_list> </property> </property_group> <instance name='default' enabled='true'/> </service> <service version="1" name="system/name-service/switch"> <property_group name="config"> <propval name="default" value="files"/> <propval name="host" value="files dns mdns"/> <propval name="printer" value="user files"/> </property_group> <instance enabled="true" name="default"/> </service> <service version="1" name="system/name-service/cache"> <instance enabled="true" name="default"/> </service> </service_bundle>
You can use the sample profiles in this section as templates to create your own profiles, or you can use the sysconfig tool with the naming_services grouping to produce a profile based on your responses to prompts. See Creating a Configuration Profile Using the SCI Tool and the sysconfig(1M) man page for more information about using sysconfig to create a system configuration profile.
Example 11-7 Enable NIS For a Specified Domain
This example profile performs the following configuration:
Enables NIS for my.domain.com
Uses broadcasting to discover the NIS server, which must be on the same subnet
Enables the name service cache service, which is required
<?xml version="1.0"?> <!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1"> <!-- Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved. --> <service_bundle type='profile' name='default'> <service name='network/nis/domain' type='service' version='1'> <property_group name='config' type='application'> <propval name='domainname' type='hostname' value='my.domain.com'/> </property_group> <instance name='default' enabled='true' /> </service> <service name='network/nis/client' type='service' version='1'> <property_group name='config' type='application'> <propval name='use_broadcast' type='boolean' value='true'/> </property_group> <instance name='default' enabled='true' /> </service> <service name='system/name-service/switch' type='service' version='1'> <property_group name='config' type='application'> <propval name='default' type='astring' value='files nis'/> <propval name='printer' type='astring' value='user files nis'/> <propval name='netgroup' type='astring' value='nis'/> </property_group> <instance name='default' enabled='true' /> </service> <service name='system/name-service/cache' type='service' version='1'> <instance name='default' enabled='true' /> </service> </service_bundle>
Example 11-8 Configure NIS and Disable DNS
This example profile performs the following configuration:
Configures name service NIS with automatic broadcasting for a NIS server, which must be on the same subnet
Configures the NIS domain my.domain.com
Enables the name service cache service, which is required
Disables the DNS name service
<?xml version='1.0'?> <!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1"> <service_bundle type="profile" name="sysconfig"> <!-- service name-service/switch below for NIS only - (see nsswitch.conf(4)) --> <service version="1" type="service" name="system/name-service/switch"> <property_group type="application" name="config"> <propval type="astring" name="default" value="files nis"/> <propval type="astring" name="printer" value="user files nis"/> <propval type="astring" name="netgroup" value="nis"/> </property_group> <instance enabled="true" name="default"/> </service> <!-- service name-service/cache must be present along with name-service/switch --> <service version="1" type="service" name="system/name-service/cache"> <instance enabled="true" name="default"/> </service> <!-- if no DNS, must be explicitly disabled to avoid error msgs --> <service version="1" type="service" name="network/dns/client"> <instance enabled="false" name="default"/> </service> <service version="1" type="service" name="network/nis/domain"> <property_group type="application" name="config"> <propval type="hostname" name="domainname" value="my.domain.com"/> </property_group> <instance enabled="true" name="default"/> </service> <!-- configure the NIS client service to broadcast the subnet for a NIS server --> <service version="1" type="service" name="network/nis/client"> <property_group type="application" name="config"> <propval type="boolean" name="use_broadcast" value="true"/> </property_group> <instance enabled="true" name="default"/> </service> </service_bundle>
Example 11-9 Configure NIS
The following profile configures name service NIS with server IP address 10.0.0.10 and domain mydomain.com. The NIS server is not required to be on the same subnet when the server IP address is explicitly specified.
<?xml version='1.0'?> <!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1"> <service_bundle type="profile" name="sysconfig"> <!-- name-service/switch below for NIS only - (see nsswitch.conf(4)) --> <service version="1" type="service" name="system/name-service/switch"> <property_group type="application" name="config"> <propval type="astring" name="default" value="files nis"/> <propval type="astring" name="printer" value="user files nis"/> <propval type="astring" name="netgroup" value="nis"/> </property_group> <instance enabled="true" name="default"/> </service> <!-- name-service/cache must be present along with name-service/switch --> <service version="1" type="service" name="system/name-service/cache"> <instance enabled="true" name="default"/> </service> <!-- if no DNS, must be explicitly disabled to avoid error msgs --> <service version="1" type="service" name="network/dns/client"> <instance enabled="false" name="default"/> </service> <service version="1" type="service" name="network/nis/domain"> <property_group type="application" name="config"> <propval type="hostname" name="domainname" value="mydomain.com"/> <!-- Note: use property with net_address_list and value_node as below --> <property type="net_address" name="ypservers"> <net_address_list> <value_node value="10.0.0.10"/> </net_address_list> </property> </property_group> <!-- configure default instance separate from property_group --> <instance enabled="true" name="default"/> </service> <!-- enable the NIS client service --> <service version="1" type="service" name="network/nis/client"> <instance enabled="true" name="default"/> </service> </service_bundle>
Example 11-10 Enable NIS and DNS For a Specified Domain
This example configures both DNS and NIS name services:
Specifies multiple DNS name servers
Specifies a DNS domain search list
Specifies a NIS domain
Specifies broadcasting to discover the NIS server
<?xml version="1.0"?> <!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1"> <!-- Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved. --> <service_bundle type='profile' name='default'> <service name='network/dns/client' type='service' version='1'> <property_group name='config' type='application'> <propval name='domain' type='astring' value='us.oracle.com'/> <property name='nameserver' type='net_address'> <net_address_list> <value_node value='130.35.249.52' /> <value_node value='130.35.249.41' /> <value_node value='130.35.202.15' /> </net_address_list> </property> <property name='search' type='astring'> <astring_list> <value_node value='us.oracle.com oracle.com oraclecorp.com' /> </astring_list> </property> </property_group> <instance name='default' enabled='true' /> </service> <service name='network/nis/domain' type='service' version='1'> <property_group name='config' type='application'> <propval name='domainname' type='hostname' value='mydomain.com'/> </property_group> <instance name='default' enabled='true' /> </service> <service name='network/nis/client' type='service' version='1'> <property_group name='config' type='application'> <propval name='use_broadcast' type='boolean' value='true'/> </property_group> <instance name='default' enabled='true' /> </service> <service name='system/name-service/switch' type='service' version='1'> <property_group name='config' type='application'> <propval name='default' type='astring' value='files nis'/> <propval name='host' type='astring' value='files dns'/> <propval name='printer' type='astring' value='user files nis'/> <propval name='netgroup' type='astring' value='nis'/> </property_group> <instance name='default' enabled='true' /> </service> <service name='system/name-service/cache' type='service' version='1'> <instance name='default' enabled='true' /> </service> </service_bundle>
Example 11-11 Configure DNS With Search List
The following example profile configures the following parameters:
Name service DNS
Server IP addresses 1.1.1.1 and 2.2.2.2
Domain dom.ain.com
<?xml version='1.0'?> <!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1"> <service_bundle type="profile" name="sysconfig"> <!-- name-service/switch below for DNS only - (see nsswitch.conf(4)) --> <service version="1" type="service" name="system/name-service/switch"> <property_group type="application" name="config"> <propval type="astring" name="default" value="files"/> <propval type="astring" name="host" value="files dns"/> <propval type="astring" name="printer" value="user files"/> </property_group> <instance enabled="true" name="default"/> </service> <!-- name-service/cache must be present along with name-service/switch --> <service version="1" type="service" name="system/name-service/cache"> <instance enabled="true" name="default"/> </service> <service version="1" type="service" name="network/dns/client"> <property_group type="application" name="config"> <!-- Note: use property with net_address_list and value_node as below --> <property type="net_address" name="nameserver"> <net_address_list> <value_node value="1.1.1.1"/> <value_node value="2.2.2.2"/> </net_address_list> </property> <!-- Note: use property with astring_list and value_node, concatenating search names, as below --> <property type="astring" name="search"> <astring_list> <value_node value="dom.ain.com ain.com"/> </astring_list> </property> </property_group> <instance enabled="true" name="default"/> </service> </service_bundle>
Example 11-12 Configure LDAP and LDAP Search Base
This example profile configures the following parameters:
Name service LDAP with server IP address 10.0.0.10
Domain my.domain.com specified in service system/nis/domain
LDAP search base, which is required, dc=my,dc=domain,dc=com
<?xml version='1.0'?> <!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1"> <service_bundle type="profile" name="sysconfig"> <service version="1" type="service" name="system/name-service/switch"> <property_group type="application" name="config"> <propval type="astring" name="default" value="files ldap"/> <propval type="astring" name="printer" value="user files ldap"/> <propval type="astring" name="netgroup" value="ldap"/> </property_group> <instance enabled="true" name="default"/> </service> <service version="1" type="service" name="system/name-service/cache"> <instance enabled="true" name="default"/> </service> <service version="1" type="service" name="network/dns/client"> <instance enabled="false" name="default"/> </service> <service version="1" type="service" name="network/ldap/client"> <property_group type="application" name="config"> <propval type="astring" name="profile" value="default"/> <property type="host" name="server_list"> <host_list> <value_node value="10.0.0.10"/> </host_list> </property> <propval type="astring" name="search_base" value="dc=my,dc=domain,dc=com"/> </property_group> <instance enabled="true" name="default"/> </service> <service version="1" type="service" name="network/nis/domain"> <property_group type="application" name="config"> <propval type="hostname" name="domainname" value="my.domain.com"/> </property_group> <instance enabled="true" name="default"/> </service> </service_bundle>
Example 11-13 Configure LDAP With a Secure LDAP Server
This example profile configures the following parameters:
Name service LDAP with server IP address 10.0.0.10
Domain my.domain.com specified in service system/nis/domain
LDAP search base, which is required, dc=my,dc=domain,dc=com
LDAP proxy bind distinguished name cn=proxyagent,ou=profile,dc=my,dc=domain,dc=com
LDAP proxy bind password, encrypted as a security measure. You can find the encrypted value by using one of the following methods:
Take the bind_passwd property value from sysconfig create-profile.
Take the value from the SMF configuration on the LDAP server.
<?xml version='1.0'?> <!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1"> <service_bundle type="profile" name="sysconfig"> <service version="1" type="service" name="system/name-service/switch"> <property_group type="application" name="config"> <propval type="astring" name="default" value="files ldap"/> <propval type="astring" name="printer" value="user files ldap"/> <propval type="astring" name="netgroup" value="ldap"/> </property_group> <instance enabled="true" name="default"/> </service> <service version="1" type="service" name="system/name-service/cache"> <instance enabled="true" name="default"/> </service> <service version="1" type="service" name="network/dns/client"> <instance enabled="false" name="default"/> </service> <service version="1" type="service" name="network/ldap/client"> <property_group type="application" name="config"> <propval type="astring" name="profile" value="default"/> <property type="host" name="server_list"> <host_list> <value_node value="10.0.0.10"/> </host_list> </property> <propval type="astring" name="search_base" value="dc=my,dc=domain,dc=com"/> </property_group> <property_group type="application" name="cred"> <propval type="astring" name="bind_dn" value="cn=proxyagent,ou=profile,dc=my,dc=domain,dc=com"/> <!-- note that the password below is encrypted --> <propval type="astring" name="bind_passwd" value="{NS1}c2ab873ae7c5ceefa4b9"/> </property_group> <instance enabled="true" name="default"/> </service> <service version="1" type="service" name="network/nis/domain"> <property_group type="application" name="config"> <propval type="hostname" name="domainname" value="my.domain.com"/> </property_group> <instance enabled="true" name="default"/> </service> </service_bundle>
DNS name service can be used in conjunction with LDAP name service. A typical usage is for DNS to resolve node names (including the LDAP server name), and for LDAP to resolve all other names. The service system/name-service/switch is used to specify DNS for node name search and LDAP to resolve other names, as shown in the first service element in this example:
<?xml version='1.0'?> <!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1"> <service_bundle type="profile" name="sysconfig"> <service version="1" type="service" name="system/name-service/switch"> <property_group type="application" name="config"> <propval type="astring" name="default" value="files ldap"/> <propval type="astring" name="host" value="files dns"/> <propval type="astring" name="printer" value="user files ldap"/> </property_group> <instance enabled="true" name="default"/> </service> <service version="1" type="service" name="system/name-service/cache"> <instance enabled="true" name="default"/> </service> <service version="1" type="service" name="network/dns/client"> <property_group type="application" name="config"> <property type="net_address" name="nameserver"> <net_address_list> <value_node value="10.0.0.10"/> </net_address_list> </property> <propval type="astring" name="domain" value="my.domain.com"/> <property type="astring" name="search"> <astring_list> <value_node value="my.domain.com"/> </astring_list> </property> </property_group> <instance enabled="true" name="default"/> </service> <service version="1" type="service" name="network/ldap/client"> <property_group type="application" name="config"> <propval type="astring" name="profile" value="default"/> <property type="host" name="server_list"> <host_list> <!-- here, DNS is expected to resolve the LDAP server by name --> <value_node value="ldapserver.my.domain.com"/> </host_list> </property> <propval type="astring" name="search_base" value="dc=my,dc=domain,dc=com"/> </property_group> <instance enabled="true" name="default"/> </service> <service version="1" type="service" name="network/nis/domain"> <property_group type="application" name="config"> <propval type="hostname" name="domainname" value="my.domain.com"/> </property_group> <instance enabled="true" name="default"/> </service> </service_bundle>
NIS can be used in conjunction with DNS in a similar way.
<?xml version='1.0'?> <!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1"> <service_bundle type="profile" name="sysconfig"> <service version="1" type="service" name="system/name-service/switch"> <property_group type="application" name="config"> <propval type="astring" name="default" value="files nis"/> <propval type="astring" name="host" value="files dns"/> <propval type="astring" name="printer" value="user files nis"/> </property_group> <instance enabled="true" name="default"/> </service> <service version="1" type="service" name="system/name-service/cache"> <instance enabled="true" name="default"/> </service> <service version="1" type="service" name="network/dns/client"> <property_group type="application" name="config"> <property type="net_address" name="nameserver"> <net_address_list> <value_node value="10.0.0.10"/> </net_address_list> </property> <propval type="astring" name="domain" value="my.domain.com"/> <property type="astring" name="search"> <astring_list> <value_node value="my.domain.com"/> </astring_list> </property> </property_group> <instance enabled="true" name="default"/> </service> <service version="1" type="service" name="network/nis/domain"> <property_group type="application" name="config"> <propval type="hostname" name="domainname" value="my.domain.com"/> </property_group> <instance enabled="true" name="default"/> </service> <service version="1" type="service" name="network/nis/client"> <property_group type="application" name="config"> <propval type="boolean" name="use_broadcast" value="true"/> </property_group> <instance enabled="true" name="default"/> </service> </service_bundle>