- Purpose of zones; how zones exist within a standard Solaris 10 system;
- creating a zone (including a Linux zone on Solaris x86);
- zone configuration, including mapping of disk and network resources;
- pre-configuration of zones with the sysidcfg file;
- controlling zones (booting, halting, etc);
- renaming, relocating and cloning zones;
- zone limitations;
- zone resource capping and resource pools (prctl, rcapd, etc.);
- assigning dedicated or shared network interfaces;
- patches, software installations and packages within zones;
- automatic update on attach;
- zones FAQ.
- Password history checking and nobody account changes;
- Account lockout;
- Least Privilege and the ppriv command;
- Least privilege and RBAC (Role-Based Access control) for assigning administrative privileges to users.
File System Features including ZFS
- Changes to UFS (multi-terabyte FS, EFS disk labels, devfs, logging, etc.);
- the fsstat command;
- the new ZFS (Zettabyte File System);
- Creating and managing storage pools with zpool;
- adding new devices to a storage pool;
- creating mirror, RAID Z and RAIDZ2 devices;
- offlining and replacing pool components;
- the creation and use of Hot Spares;
- ZFS command history;
- creating and managing file systems (datasets) with zfs;
- assigning properties such as quotas and NFS sharing to ZFS datasets;
- creating snapshots and clones of datasets;
- exporting and importing storage pools;
- recursive rename of ZFS datasets;
- using zfs send and receive (for backup and restore);
- the new ACL model (NFS v4) as used within ZFS datasets;
- emulated volumes; using ZFS within a zone;
- using ZFS in Update 6 for root and swap, including booting issues.
Fault and Service Management
- The Fault Mana;gement Architecture (FMA) - overview;
- the Service Management Facility (SMF);
- changes to /etc/inittab;
- the svc.startd process;
- the svc.configd process;
- using svcs to list and obtain information about services;
- using svcadm to control system services;
- using svccfg to import, export and modify service definitions (manifests);
- examination of the /var/svc and /lib/svc directories;
- how SMF attempts to restart failed services;
- using SMF facilities to trace services failures;
- using svccfg to modify service properties;
- adding services (creating scripts, XML files, etc);
- the use of legacy scripts under SMF;
- SMF repositories and recovery;
- SMF milestones compared to traditional run levels;
- how inetd services are affected;
- the netservices, inetconv and inetadm commands;
- enabling TCP Wrappers using inetadm;
- the fmd fault manager daemon, and how hardware faults are reported and handled.
dtrace is a facility for monitoring low-level system activity, for fault tracing and performance management. This section will introduce administrators to the fundamentals of dtrace, with lots of example dtrace programs to try out. Students are not expected to have a formal programming background. dtrace is not a part of the Solaris certified Administrator curriculum.
Internet Protocol features in Solaris 10
Solaris 10 includes a number of enhancements (mostly transparent to the administrator) in the area of IP networking. These will be expained, with practical examples where possible,including
- Quality of Service (IPQoS),
- Performance improvements (Fireengine project),
- MDT multi-data transmission,
- and others.
NFS Version 4
Solaris 10 introduces a new version of the Network File System protocol, which includes a number of changes and new features, including a stateful architecture. This section will cover NFS V4 changes, plus changes to the auotfs facility.
- The new Solaris OS Cryptographic Framework, a facility for developers to ease the use of encryption, signing, random number generation and so on;
- availability of hardware encryption accelerators;
- the Solaris IP Filter firewall facilities, covering
- the creation of firewall rules,
- enabling the firewall filter,
- changing rules,
- reporting and monitoring.
- An overview of the Trusted Solaris extensions now included with Solaris 10.
Other Changes to Networking
- The System Management Agent (SMA)
- (an SNMP agent that is based on an open source project, Net-SNMP at http://www.net-snmp.org.);
- DHCP under Solaris 10; routing changes, including the new routeadm and dladm commands.
Solaris 10 OS Installation
Although the basic installation mechanisms of Solaris 10 will be familiar to experienced administrators there will be a number of changes of which they should be made aware, including
- installation media;
- the ability to configure multiple network interfaces;
- modify hard disk partitions using a VTOC;
- specify filesys mirror and patch keywords in a Jumpstart profile;
- use ZFS for root and swap;
- minor changes to Jumpstart and flash archives;
- using the WAN boot facility for flash installs (i.e. building from a web server);
- the new web patching and update facility Sun Connection.
Significant Solaris changes in recent history
Not all those coming to Solaris 10 will have experience in intermediate versions, so this section documents (and will cover if required) significant changes in recent versions, such as
- IP Multipathing;
- Flash Archive creation and use in Solaris installations;
- Solaris Volume Manager, the integrated advanced disk management facility, previously known as Online: DiskSuite.
This section will also review the Solaris Management Console in its latest incarnation,
- showing how to modify it to add servers,
- make it Name Service aware, and
- add legacy applications.
It will also show the working of RBAC (Role Based Access Control), a feature combined in SMC but prevalent throughout the Solaris system.