Jailbreak tutorial for iOS8.0-8.1.2

Support device: iPhone 4s- 6Plus; iPad/iPad Air/2; iPad mini/mini2/mini3; iPod touch 5

One of the common tasks that you may do on a regular basis is installing Windows Server 2012 and you want to automate it as much as possible. Using similar tools to those used with Windows Server 2008 R2, you can create an autounattend.xml file that you inject into the Windows Server 2012 installation ISO for a hands-free install.


The same set of instructions would also work for Windows 8 as well, but you will need to use the Windows 8 install.wim image, and also pay attention to whether you want to automate a 32-bit or 64-bit installation. The autounattend.xml can contain configuration data for both, so only one xml file is needed. If you want to download a pre-configured autounattend.xml file, you can find it hereon my Skydrive folder.

1. Download the Windows ADK (Assessment and Deployment Kit) from this link. Never mind that it says Windows 8, as it will work with Windows Server 2012 since they are the same code base.

2. Start the installation process and after a long download select the two options below (Deployment Tools and Windows Preinstallation Environment (Windows PE)). WinPE is technically optional, but in case you need it in the future, I’d install it anyway.


3. After the installation completes go to the Start Menu and select Windows Kits > Windows ADK > Windows System Image Manager.

4. Mount the ISO image of Windows Server 2012, go to the sources directory and copy install.wim to a local drive, such as D.

5. From the File menu click on Select Windows Image, find the install.wim you copied, then select the edition that you want to build an answer file for. I selected SERVERSTANDARD.


6. Next it will complain that a catalog cannot be found, so it will build one for you, taking a few minutes. After the catalog is built, from the file menu select New Answer File.

7. Scroll through the Components pane and select amd64_Microsoft-Windows-International-Core-WinPE-_6.2.9200.0_neutral, as shown below, right click, and add to Pass 1.


8. In the Answer File pane click on the component, and fill in the language settings as appropriate. In this case it is configured for US English. You can find a list of the codes here. You also need to configure the SetupUILanguage too.



9. Configuring the disk partitions is tedious, but required. To do that, find amd64_Microsoft-Windows-Setup_6.2.9200.0_neutral and add it to Pass 1 as well.


10. In the Answer File pane right click DiskConfiguration and select Insert New Disk. Right click on CreatePartitions and select Insert New CreatePartition. Configure the partition as shown below. This will create a 100MB primary boot partition. Note: The default in 2008 R2 was 100MB, but in 2012 this is now 350MB. I would suggest using 350MB instead of the 100MB in the screenshot.


11. Create a second partition, but this time set Extend to true, and don’t configure a size. This will use the remainder of the disk size.


12. In the Answer File pane click on Disk and change the ID to 0 and WillWipeDisk to true.


13. Right click on ModifyPartition and select Insert New ModifyPartition. Configure the partition as shown below.


14. Add a second ModifyPartitions and configure as shown below:


15. Drill down to the OSImage option and configure as shown below:


16. Right click InstallFrom and select Insert New Metadata. Configure the metadata as shown below. To determine the proper label just think back to when you opened the Windows image (step 5) and enter the image name exactly as it is listed.


17. Configure the InstallTo and use DiskID 0 and PartitionID 2.


18. Configure the UserData options as shown below.


19. Configure the UserDataProductKey option. The key you use will vary depending on how you are going to activate it (KMS or MAK). You should use the GVLK (generic volume license key) that Microsoft publishes here if you use a KMS server, or your MAK key.


20. Add the amd64_Microsoft-Windows-Shell-Setup_6.2.9200.0_neutral component to Pass 4 specialize.


21. In the Answer File pane click on amd64_Microsoft-Windows-Shell-Setup_6.2.9200.0_neutral  and configure the highlighted items below (use the same key as before). You can change the computer name, or leave it blank and it will create a random name upon installation. For a list of timezone values, click here.


22. Add the amd64_Microsoft-Windows-Shell-Setup_6.2.9200.0_neutral component to Pass 7 oobesystem. In the Answer File pane click on amd64_Microsoft-Windows-Shell-Setup_6.2.9200.0_neutral and configure the highlighted items below.


23. Normally I configure autologon for a count of 2, so my image build process goes quicker and in case I forget the administrator password I configured in the answer file I can reset it during the first two reboots. You will also need to configure the password. Enter a password, and when the answer file is written it will be encrypted.

Oracle Solaris 11 is a complete, integrated, and open platform engineered for large-scale enterprise environments. Its built-in Oracle Solaris Native Zones technology provides application virtualization through isolated, encapsulated, and highly secure environments that run on top of a single, common kernel. As a result, native zones provide a highly efficient, scalable, zero-overhead virtualization solution that sits at the core of the platform.


With the inclusion of the Kernel Zones feature, Oracle Solaris 11.2 provides a flexible, cost-efficient, cloud-ready solution that is perfect for the data center.

This article describes how to create a kernel zone in Oracle Solaris 11.2, as well as how to configure the kernel zone to your requirements, install it, and boot it.

You will learn about the two main methods of installing a kernel zone: direct installation and installation via an ISO image. In addition, you will learn about a third installation method that enables you to convert a native zone to a kernel zone. You will learn how to update a kernel zone so that it uses a different Oracle Solaris release than the release that is running in the host machine's kernel.

The examples in this article will leave you familiar with the basic procedures for installing, configuring, and managing kernel zones in Oracle Solaris 11.2.

Note: This article demonstrates how to update a kernel zone from Oracle Solaris 11.2 to a later release through examples that mention "Oracle Solaris 11.3" and "Oracle Solaris Next." These examples are purely hypothetical and are for demonstration purposes only; no release later than Oracle Solaris 11.2 is currently available.

About Oracle Solaris Zones and Kernel Zones

Oracle Solaris Zones let you isolate one application from others on the same operating system (OS), allowing you to create a user-, security-, and resource-controlled environment suitable to that particular application. Each Oracle Solaris Zone can contain a complete environment and also allows you to control different resources such as CPU, memory, networking, and storage.

The system administrator who owns the host system can choose to closely manage all the Oracle Solaris Zones on the system. Alternatively, the system administrator can assign rights to other system administrators for specific Oracle Solaris Zones. This flexibility lets you tailor an entire computing environment to the needs of a particular application.

Kernel zones, the newest type of Oracle Solaris Zones, provide all the flexibility, scalability, and efficiency of Oracle Solaris Zones while adding the capability to have zones with independent kernels. This capability is highly useful when you are trying to coordinate the updating of multiple zone environments belonging to different owners.

With kernel zones, the updates can be done at the level of an individual kernel zone at a time that is convenient for each owner. In addition, applications that have specific version requirements can run side by side on the same system and benefit from the high consolidation ratios that Oracle Solaris Zones provide.

Benefits of the Each Installation Method

In this article, we will create three kernel zones using different methods:

• The first method will show how quickly and easily you can create a new kernel zone using a direct installation—that is, an installation based on the OS running on the host system. This is an extremely useful method for getting additional kernel zone environments up and running quickly in response to a new application or user demands.
• Using the second method, you will learn how to create a kernel zone from an ISO image. This is useful when it is desirable to deploy a specific kernel version to support an application or environment.
• Using the final method, you will learn how to convert a native zone to a kernel zone. This is useful when you want to update an application or service to run on a later kernel version without affecting the other services running on the system.

Figure 1 summarizes what we will do:


Figure 1. Illustration of the three methods for creating kernel zones

Prerequisites

There are a couple of tasks that need to be completed before we create our first kernel zone. We need to check that the hardware is capable of running kernel zones, and we also need to provide a hint to the system about application memory usage.

Checking the Hardware Capabilities

Kernel zones will run only on certain types of hardware, as follows:

• Intel CPUs with CPU virtualization (VT-x) enabled in BIOS and with support for Extended Page Tables (EPT), such as Nehalem or newer CPUs
• AMD CPUs with CPU virtualization (AMD-v) enabled in BIOS and with support for Nested Page Tables (NPT), such as Barcelona or newer CPUs
• sun4v CPUs with a "wide" partition register, for example, Oracle's SPARC T4 or SPARC T5 processors running a supported firmware version and Oracle's SPARC M5, SPARC M6, or newer processors

You can easily check that the system is capable of running kernel zones by using the virtinfo command, as shown in Listing 1:

root@global:~# virtinfo
NAME            CLASS     
non-global-zone supported 
kernel-zone     supported 

Listing 1

You can see from the output in Listing 1 that kernel zones are supported.

There are some other hardware prerequisites; for a full list, see the Oracle Solaris Kernel Zones documentation.

Providing Information About Application Memory Usage

When using kernel zones, is it necessary to provide a hint to the system about application memory usage. This information is used to limit the growth of the ZFS Adaptive Replacement Cache (ARC) so that more memory stays available for applications and, in this case, for the kernel zones themselves.

Providing this hint is achieved by setting the user_reserve_hint_pct parameter. A script is provided for doing this, and the current recommendation is to set the value to 80.

root@global:~# ./set_user_reserve.sh -f 80
Adjusting user_reserve_hint_pct from 0 to 80
Adjustment of user_reserve_hint_pct to 80 successful.

You can find this script and more information by visiting the My Oracle Support website and then accessing Doc ID 1663862.1.

Creating Your First Kernel Zone Using the Direct Installation Method

For a full discussion on all the steps involved in creating a kernel zone and configuring all its attributes, please see Creating and Using Oracle Solaris Kernel Zones. This article will concentrate on a subset of the steps to demonstrate how to quickly get a kernel zone instance up and running.
 

Prerequisites

First, check the status of the ZFS file system and the network, as shown in Listing 2:

demo@global:~$ zfs list | grep zones
rpool/VARSHARE/zones           16.5G   348G    32K  /system/zones

demo@global:~$ dladm show-link
LINK                CLASS     MTU    STATE    OVER
net1                phys      1500   unknown  --
net2                phys      1500   unknown  --
net0                phys      1500   up       --
net3                phys      1500   unknown  --

Listing 2

Note: In Listing 2, there are no ZFS datasets associated with any specific zones. We will see later how these are created for you as you install zones. Also note that there are no virtual network interface card (VNIC) devices.

Let's also check the Oracle Solaris version of the global zone, as shown in Listing 3, because we will use this information later:

root@global:~# uname -a
SunOS global 5.11 11.2 i86pc i386 i86pc

Listing 3

In Listing 3, we can see the version is Oracle Solaris 11.2.

Note: In this article, we will use uname as a quick way of showing the kernel version of the system. However, that is not the recommended way to check the system version. The recommended way is to query the entire package, as shown in Listing 4, which also indicates that the version is Oracle

Solaris 11.2. (See "Understanding Oracle Solaris 11 Package Versioning" for an explanation about how to decipher the output when you query the entire package.)

demo@dcsw-79-168:~$ pkg list entire
NAME (PUBLISHER)                                  VERSION                    IFO
entire                                            0.5.11-0.175.2.0.0.41.0    i—

Listing 4

We can also see that the system has a publisher set up:

root@global:~# pkg publisher
PUBLISHER       TYPE     STATUS P LOCATION
solaris         origin   online F http://ipkg.us.oracle.com/solaris11/dev/

 

Step 1: Create the Kernel Zone

Let's start by creating our first kernel zone using the command line, as shown in Listing 5:

root@global:~# zonecfg -z myfirstkz create -t SYSsolaris-kz

Listing 5

In Listing 5, note that all we need to supply is the zone name (myfirstkz) and the kernel zone brand (SYSsolaris-kz).

By default, all Oracle Solaris Zones are configured to have an automatic VNIC called anet, which gives us a network device automatically. We cannot see this network device, but it is automatically created upon booting the zone (and also automatically destroyed upon shutdown). We can check this by using the dladm command:

root@global:~# dladm show-link
LINK                CLASS     MTU    STATE    OVER
net1                phys      1500   unknown  --
net2                phys      1500   unknown  --
net0                phys      1500   up       --
net3                phys      1500   unknown  --

We can also see that, as of yet, no storage has been created for our kernel zone:

root@global:~# zfs list | grep zones
rpool/VARSHARE/zones                  16.5G   348G    32K  /system/zones

We can verify that the kernel zone is now in the configured state by using the zoneadm command:

root@global:~# zoneadm list -cv
  ID NAME             STATUS      PATH                         BRAND      IP    
   0 global           running     /                            solaris    shared
   - myfirstkz        configured  -                            solaris-kz excl  

Let's take a look at the default settings for the kernel zone that we have created. We can do this by passing the info option to the zonecfg command, as shown in Listing 6:

root@global~# zonecfg -z myfirstkz info
zonename: myfirstkz
brand: solaris-kz
autoboot: false
autoshutdown: shutdown
bootargs: 
pool: 
scheduling-class: 
hostid: 0x3888f5a3
tenant: 
anet:
        lower-link: auto
        allowed-address not specified
        configure-allowed-address: true
        defrouter not specified
        allowed-dhcp-cids not specified
        link-protection: mac-nospoof
        mac-address: auto
        mac-prefix not specified
        mac-slot not specified
        vlan-id not specified
        priority not specified
        rxrings not specified
        txrings not specified
        mtu not specified
        maxbw not specified
        rxfanout not specified
        vsi-typeid not specified
        vsi-vers not specified
        vsi-mgrid not specified
        etsbw-lcl not specified
        cos not specified
        evs not specified
        vport not specified
        id: 0
device:
        match not specified
        storage: dev:/dev/zvol/dsk/rpool/VARSHARE/zones/myfirstkz/disk0
        id: 0
        bootpri: 0
capped-memory:
        physical: 2G

Listing 6

From the output in Listing 6, we can see that the zone is called myfirstkz, that it is a kernel zone (brand: solaris-kz), that we have a boot disk (and its location is dev:/dev/zvol/dsk/rpool/VARSHARE/zones/myfirstkz/disk0) and, finally, that we have 2 GB of physical memory assigned to this kernel zone.

What we don't see is the amount of CPU resources we have for this kernel zone. When nothing is specified, the default is to have one virtual CPU assigned. We'll see how to verify this later when we boot the kernel zone.

Step 2: Install the Kernel Zone

Now that the kernel zone has been created, we need to install it.

For this first installation, we are going to use what is called a direct installation. With a direct installation, the installer runs on the host. It will create and format the kernel zone's boot disk and install Oracle Solaris packages on that disk, using the host's package publishers. Since the installer is running on the host, the installer can install only the exact version of Oracle Solaris that it is actively running on the host.

This installation method makes use of the Oracle Solaris 11 Image Packaging System. You will need to make sure you have access to your Image Packaging System repository; in this case, we have network access to our repository. For more details on the Image Packaging System, see "Introducing the Basics of Image Packaging System (IPS) on Oracle Solaris 11."

Run the following command to install the myfirstkz kernel zone:

root@global:~# zoneadm -z myfirstkz install
Progress being logged to /var/log/zones/zoneadm.20140724T124406Z.myfirstkz.install
pkg cache: Using /var/pkg/publisher.
 Install Log: /system/volatile/install.7395/install_log
 AI Manifest: /tmp/zoneadm6814.Voa43n/devel-ai-manifest.xml
  SC Profile: /usr/share/auto_install/sc_profiles/enable_sci.xml
Installation: Starting ...

        Creating IPS image
        Installing packages from:
            solaris
                origin:  http://ipkg.us.oracle.com/solaris11/dev/
        The following licenses have been accepted and not displayed.
        Please review the licenses for the following packages post-install:
          consolidation/osnet/osnet-incorporation                     
        Package licenses may be viewed using the command:
          pkg info --license 

DOWNLOAD                                PKGS         FILES    XFER (MB)   SPEED
Completed                            483/483   64276/64276  543.8/543.8 11.6M/s

PHASE                                          ITEMS
Installing new actions                   87529/87529
Updating package state database                 Done 
Updating package cache                           0/0 
Updating image state                            Done 
Creating fast lookup database                   Done 
Installation: Succeeded
        Done: Installation completed in 538.018 seconds.

We can check on the status of the myfirstkz kernel zone using the zoneadm command:

root@global:~# zoneadm list -cv
  ID NAME             STATUS      PATH                         BRAND      IP    
   0 global           running     /                            solaris    shared
   - myfirstkz        installed   -                            solaris-kz excl

Note: A kernel zone needs a boot disk on which it is installed; by using the command shown in Listing 7, we can see that this boot disk has been created for us:

root@global:~# zfs list | grep zones
rpool/VARSHARE/zones                            16.5G   348G    32K  /system/zones
rpool/VARSHARE/zones/myfirstkz                  16.5G   348G    31K  /system/zones/myfirstkz
rpool/VARSHARE/zones/myfirstkz/disk0            16.5G   361G  2.92G  -

Listing 7

You can see in Listing 7 that the /myfirstkz/disk0 dataset has been created automatically for you.
 

Step 3: Boot the Kernel Zone and Complete the System Configuration

The final step in getting myfirstkz up and running is to boot it and set up the system configuration. We will boot the zone and then access its console using one command at the command line, as shown in Listing 8, so the majority of the console output can be seen:

root@global:~# zoneadm -z myfirstkz boot; zlogin -C myfirstkz
[Connected to zone 'myfirstkz' console]
Boot device: disk0  File and args: 
reading module /platform/i86pc/amd64/boot_archive...done.
reading kernel file /platform/i86pc/kernel/amd64/unix...done.
SunOS Release 5.11 Version 11.2 64-bit
Copyright (c) 1983, 2014, Oracle and/or its affiliates. All rights reserved.
Loading smf(5) service descriptions: 183/183
Configuring devices.

Listing 8

Note: The -C option to zlogin shown in Listing 8 lets us access the zone console; the command will bring us into the zone and let us work within the zone.

Because no system configuration files are available, the System Configuration Tool starts up, as shown in Figure 2.

             Figure 2. Initial screen of the System Configuration Tool

Press F2 to continue.

In the System Identity screen (shown in Figure 3), enter myfirstkz as the computer name, and then
press F2 to continue.

             Figure 3. System Identity screen

In the Network screen (shown in Figure 4), Enter the network settings appropriate for your network and then press F2. Here we will select Automatically.

             Figure 4. Network screen

In the Time Zone: Regions screen (shown in Figure 5), choose the time zone region appropriate for your location. In this example, we chose Europe. Then press F2.

             Figure 5. Time Zone: Regions screen

In the Time Zone: Locations screen (shown in Figure 6), choose the time zone location appropriate for your location, and then press F2.

             Figure 6. Time Zone: Locations screen

In the Time Zone screen (shown in Figure 7), choose the time zone appropriate for your location, and then press F2.

             Figure 7. Time Zone screen

In the Locale: Language screen (shown in Figure 8), choose the language appropriate for your location, and then press F2.

             Figure 8. Locale: Language screen

In the Locale: Territory screen (shown in Figure 9), choose the language territory appropriate for your location, and then press F2.

             Figure 9. Locale: Territory screen

In the Date and Time screen (shown in Figure 10), set the date and time, and then press F2.

             Figure 10. Date and Time screen

In the Keyboard screen (shown in Figure 11), select the appropriate keyboard, and then press F2.

             Figure 11. Keyboard screen

In the Users screen (shown in Figure 12), choose a root password and enter information for a user account. Then press F2.

            Figure 12. Users screen

In the Support — Registration screen (shown in Figure 13), enter your My Oracle Support credentials. Then press F2.

             Figure 13. Support — Registration screen

In the Support — Network Configuration screen (shown in Figure 14), choose how you will send configuration data to Oracle. Then press F2.

             Figure 14. Support — Network Configuration screen

In the System Configuration Summary screen (shown in Figure 15), verify that the configuration you have chosen is correct and apply the settings by pressing F2.

            Figure 15. System Configuration Summary screen

The zone will continue booting, and soon you will see the console login:

SC profile successfully generated as:
/etc/svc/profile/sysconfig/sysconfig-20140724-130314/sc_profile.xml

Exiting System Configuration Tool. Log is available at:
/system/volatile/sysconfig/sysconfig.log.287
Hostname: myfirstkz


myfirstkz console login: 

The zone is now ready to be logged in to. For this example, we will now exit the console using the "~." escape sequence.

You can check that your zone is booted and running using the zoneadm command:

root@global:~# zoneadm list -cv
  ID NAME             STATUS      PATH                         BRAND      IP    
   0 global           running     /                            solaris    shared
   2 myfirstkz        running     -                            solaris-kz excl  

As promised, a VNIC was automatically created for us when the zone was booted. We can verify this by using the dladm command shown in Listing 9:

root@global:~# dladm show-link
LINK                CLASS     MTU    STATE    OVER
net1                phys      1500   unknown  --
net2                phys      1500   unknown  --
net0                phys      1500   up       --
net3                phys      1500   unknown  --
myfirstkz/net0      vnic      1500   up       net0

Listing 9

In Listing 9, we can see the VNIC is listed as myfirstkz/net0.

Step 4: Log In to Your Kernel Zone

The last step is to log in to your zone and have a look. You can do this from the global zone using the zlogin command, as shown in Listing 10:

root@global:~# zlogin myfirstkz
[Connected to zone 'myfirstkz' pts/1]
Oracle Corporation      SunOS 5.11      11.2    June 2014
root@myfirstkz:~# uname -a
SunOS myfirstkz 5.11 11.2 i86pc i386 i86pc 

root@myfirstkz:~# ipadm show-addr
ADDROBJ           TYPE     STATE        ADDR
lo0/v4            static   ok           127.0.0.1/8
net0/v4           dhcp     ok           10.134.79.210/24
lo0/v6            static   ok           ::1/128
net0/v6           addrconf ok           fe80::8:20ff:fe47:ca30/10 

root@myfirstkz:~# dladm show-link
LINK                CLASS     MTU    STATE    OVER
net0                phys      1500   up       -- 

root@myfirstkz:~# zfs list
NAME                              USED  AVAIL  REFER  MOUNTPOINT
rpool                            4.65G  10.7G  32.5K  /rpool
rpool/ROOT                       2.58G  10.7G    31K  legacy
rpool/ROOT/solaris-5             2.58G  10.7G  2.08G  /
rpool/ROOT/solaris-5/var          510M  10.7G   508M  /var
rpool/VARSHARE                   2.52M  10.7G  2.43M  /var/share
rpool/VARSHARE/pkg                 63K  10.7G    32K  /var/share/pkg
rpool/VARSHARE/pkg/repositories    31K  10.7G    31K  /var/share/pkg/repositories
rpool/VARSHARE/zones               31K  10.7G    31K  /system/zones
rpool/dump                       1.03G  10.8G  1.00G  -
rpool/export                     96.5K  10.7G    32K  /export
rpool/export/home                64.5K  10.7G    32K  /export/home
rpool/export/home/demo           32.5K  10.7G  32.5K  /export/home/demo
rpool/swap                       1.03G  10.8G  1.00G  - 

root@myfirstkz:~# zonename
global 

root@myfirstkz:~# exit
logout

[Connection to zone 'myfirstkz' pts/1 closed]

Listing 10

Note: In Listing 10, we did not use the -C option for the zlogin command, which means we are not accessing the zone via its console. This is why we can simply exit the shell at the end to leave the zone.

Let's look at the output shown in Listing 10 to see what we have:

• The output of the uname command shows that we are running on Oracle Solaris 11.2—the same kernel version used in the global zone in which our myfirstkz kernel zone is running.
• The output of the ipadm command shows the IP address for myfirstkz. There are four entries: two loopback devices (IPv4 and IPv6), our IPv4 net0 device with an IP address of 10.134.79.210 and, finally, an IPv6 net0 device.
• The output of the dladm command shows our automatically created net0 VNIC.
• The output of the zfs list command shows our ZFS dataset.
• Finally, the output of the zonename command shows that our zone name is global. With native zones, this would be the actual zone name. However, a kernel zone actually runs a full kernel instance, so users running inside the kernel zone have their own instance of a global zone.

If you want to determine the zone name from inside the kernel zone, you can use the virtinfo command:

root@global:~# zlogin myfirstkz
[Connected to zone 'myfirstkz' pts/1]
Oracle Corporation      SunOS 5.11      11.2    June 2014 

root@myfirstkz:~# virtinfo -c current get zonename
NAME        CLASS   PROPERTY VALUE     
kernel-zone current zonename myfirstkz 
root@myfirstkz:~# exit
logout

Note: From within myfirstkz, we cannot see any information about the global zone; we can see only the attributes of our own zone.

You have now verified that myfirstkz is up and running. You can give the login information to your users to allow them to complete the setup of their team's kernel zone as if it were a single system.

Updating a Kernel Zone to a Later Oracle Solaris Release

One of the main features of kernel zones is the ability to run your kernel zone with a different kernel version from that of the host global zone.

Starting with Oracle Solaris 11.2, kernel zones support both backwards and forwards compatibility. What that means in practice is that you can not only have a kernel zone running Oracle Solaris 11.2 on a host running a later Oracle Solaris version, say Oracle Solaris 11.3 (when it is available), but you can also have a kernel zone running a later Oracle Solaris version, say Oracle Solaris 11.3, on a host running Oracle Solaris 11.2. Figure 16 illustrates this capability.

               Figure 16. Example of forward and backward compatibility of kernel zones

Updating myfirstkz to a Later Oracle Solaris Release

Let's update our kernel zone to use a later Oracle Solaris release—a hypothetical "Oracle Solaris Next" release—rather than the release running on the host (Oracle Solaris 11.2).

First, let's use the command shown in Listing 11 to look at what boot environments we have from the host global zone:

root@global:~# beadm list
BE                 Active Mountpoint Space   Policy Created          
--                 ------ ---------- -----   ------ -------          
solaris            -      -          44.67M  static 2012-01-26 18:59 
solaris-1          -      -          47.78M  static 2014-06-25 08:12 
solaris-2          -      -          46.71M  static 2014-06-25 08:40 
solaris-3          -      -          1.03G   static 2014-06-25 23:30 
solaris-3-backup-1 -      -          221.0K  static 2014-07-10 14:23 
solaris-4          NR     /          52.77G  static 2014-07-20 18:41 
solaris-backup-1   -      -          144.0K  static 2012-01-26 19:28 

Listing 11

In Listing 11, we could see a list of native zone boot environments, if there were any. However, we will not see kernel zone boot environments listed, because a kernel zone has its own boot disk.

Let's check what our current publisher is and point the kernel zone to a publisher that has a newer kernel. We start by logging in to myfirstkz, as shown in Listing 12:

root@global:~# zlogin myfirstkz
[Connected to zone 'myfirstkz' pts/2]
Oracle Corporation      SunOS 5.11      11.2    June 2014 

root@myfirstkz:~# pkg publisher
PUBLISHER                   TYPE     STATUS P LOCATION
solaris                     origin   online F http://ipkg.us.oracle.com/solaris11/dev/ 

root@myfirstkz:~# pkg set-publisher -G '*' -g http://ipkg.us.oracle.com/solaris-n/dev/ solaris 

root@myfirstkz:~# pkg publisher
PUBLISHER                   TYPE     STATUS P LOCATION
solaris                     origin   online F http://ipkg.us.oracle.com/solaris-n/dev/

Listing 12

Note that in this example, we will use an internally created repository. You will be able to reproduce this for yourself as later releases of Oracle Solaris become available. In Listing 12, we can see that we are running Oracle Solaris 11.2, and we have set our publisher to point to the dev repository.

Before we update, let's look at what the kernel zone sees as its boot environment:

root@myfirstkz:~# beadm list
BE        Active Mountpoint Space Policy Created          
--        ------ ---------- ----- ------ -------          
solaris-5 NR     /          7.91M static 2014-07-24 13:44 

Now, let's update our kernel zone, as shown in Listing 13:

root@myfirstkz:~# pkg update --accept
------------------------------------------------------------
Package: pkg://solaris/consolidation/osnet/osnet-incorporation@5.12,5.12-
5.12.0.0.0.52.0:20140714T022826Z
License: lic_OTN

You acknowledge that your use of this Oracle Solaris software product
is subject to (i) the license terms that you accepted when you obtained
the right to use Oracle Solaris software; or (ii) the license terms that
you agreed to when you placed your Oracle Solaris software order with
Oracle; or (iii) the Oracle Solaris software license terms included with
the hardware that you acquired from Oracle; or, if (i), (ii) or (iii)
are not applicable, then, (iv) the OTN License Agreement for Oracle
Solaris (which you acknowledge you have read and agree to) available at
http://www.oracle.com/technetwork/licenses/solaris-cluster-express-license-
167852.html.
Note: Software downloaded for trial use or downloaded as replacement
media may not be used to update any unsupported software.



            Packages to remove:  37
           Packages to install:  57
            Packages to update: 432
           Mediators to change:   4
       Create boot environment: Yes
Create backup boot environment:  No
DOWNLOAD                                PKGS         FILES    XFER (MB)   SPEED
Completed                            526/526   23157/23157  363.4/363.4 16.7M/s

PHASE                                          ITEMS
Removing old actions                       6580/6580
Installing new actions                     9594/9594
Updating modified actions                24807/24807
Updating package state database                 Done 
Updating package cache                       469/469 
Updating image state                            Done 
Creating fast lookup database                   Done 
Updating package cache                           1/1 

A clone of solaris-5 exists and has been updated and activated.
On the next boot the Boot Environment solaris-6 will be
mounted on '/'.  Reboot when ready to switch to this updated BE.

Updating package cache                           1/1 

---------------------------------------------------------------------------
NOTE: Please review release notes posted at:

http://www.oracle.com/pls/topic/lookup?ctx=solaris11&id=SERNS
---------------------------------------------------------------------------

Listing 13

In the command shown in Listing 13, we use the --accept option to automatically accept any licenses. We can see in the output that a boot environment has been created. Let's look at what that is, as shown in Listing 14:

root@myfirstkz:~# beadm list
BE        Active Mountpoint Space Policy Created          
--        ------ ---------- ----- ------ -------          
solaris-5 N      /          7.91M static 2014-07-24 13:44 
solaris-6 R      -          7.39G static 2014-07-24 17:04

Listing 14

In Listing 14, we can see from the R next to the solaris-6 boot environment that after a reboot, we will select this new environment.

Finally, let's reboot the zone.

root@myfirstkz:~# reboot

[Connection to zone 'myfirstkz' pts/2 closed]
root@global:~# 

We are now back in the host global zone, and we can use zoneadm to check the status of our kernel zone, as shown in Listing 15:

root@global:~# zoneadm list -cv
  ID NAME             STATUS      PATH                         BRAND      IP    
   0 global           running     /                            solaris    shared
   3 myfirstkz        running     -                            solaris-kz excl  

Listing 15

As shown in Listing 15, our kernel zone has already rebooted and is running again.

Let's log back in, as shown in Listing 16, and check what kernel version we are running:

root@global:~# zlogin myfirstkz
[Connected to zone 'myfirstkz' pts/2]
Oracle Corporation      SunOS 5.n      sn_52  June 2014

Listing 16

Listing 16 shows we are running a completely different kernel: the hypothetical "Oracle Solaris Next."

Let's run the command shown in Listing 17 to take a final look at the boot environments before we leave this kernel zone:

root@myfirstkz:~# beadm list
BE        Active Mountpoint Space  Policy Created          
--        ------ ---------- -----  ------ -------          
solaris-5 -      -          12.35M static 2014-07-24 13:44 
solaris-6 NR     /          7.50G  static 2014-07-24 17:04 
root@myfirstkz:~# exit
logout

[Connection to zone 'myfirstkz' pts/2 closed]

Listing 17

In Listing 17, we can see that we are running in the new boot environment.

Installing a Kernel Zone from an ISO Image

Sometimes you might not want to do a direct installation with a kernel zone; you might want to install from an ISO image instead. This is supported for kernel zones, and this section will show how to do that.

We will also use this opportunity to explore how to allocate some dedicated CPU resources to the kernel zone, as well as how to add some extra memory and increase the size of its boot disk.

Step 1: Configure Dedicated CPU Resources and More Memory

Let's create a new kernel zone similar to what we did before, but this time we will use the zonecfg command to add some dedicated CPU resources.

Let's start by checking how many CPU resources we have:

root@global:~# psrinfo -t
socket: 0
  core: 0
    cpus: 0,8
  core: 1
    cpus: 1,9
  core: 2
    cpus: 2,10
  core: 3
    cpus: 3,11
socket: 1
  core: 8
    cpus: 4,12
  core: 9
    cpus: 5,13
  core: 10
    cpus: 6,14
  core: 11
    cpus: 7,15

Now, let's create a new kernel zone called iso-kz and then add four CPU's worth of dedicated CPU resources to it:

root@global:~# zonecfg -z iso-kz create -t SYSsolaris-kz
root@global:~# zonecfg -z iso-kz
zonecfg:iso-kz> add dedicated-cpu
zonecfg:iso-kz:dedicated-cpu> set ncpus=4
zonecfg:iso-kz:dedicated-cpu> end
zonecfg:iso-kz> verify
zonecfg:iso-kz> commit
zonecfg:iso-kz> exit

We can check that the zone creation and resource configuration worked by using the zonecfg command:

root@global:~# zonecfg -z iso-kz info dedicated-cpu
dedicated-cpu:
         ncpus: 4
         cpus not specified
         cores not specified
         sockets not specified

You can set a kernel zone to have either virtual CPUs or dedicated CPUs. The difference between the two types is basically about sharing.

• With a virtual CPU, the CPU resource is shared with the rest of the system or other zones and it can be leveraged in cases where the kernel zone is not busy.
• With dedicated a CPU, the CPU resource is exclusive to the kernel zone and will never be used by anything other than that specific kernel zone.

We can also use the zonecfg command to add some extra memory to the kernel zone:

root@global:~# zonecfg -z iso-kz
zonecfg:iso-kz> select capped-memory
zonecfg:iso-kz:capped-memory> set physical=3g
zonecfg:iso-kz:capped-memory> end
zonecfg:iso-kz> verify
zonecfg:iso-kz> commit
zonecfg:iso-kz> exit 

root@global:~# zonecfg -z iso-kz info capped-memory
capped-memory:
         physical: 3G

Step 2: Install the Kernel Zone with a Bigger Disk

It's now time to install our zone. We will use a hypothetical Oracle Solaris 11.3 ISO image to do this and we will also increase the size of the install disk. The default is a 16 GB disk, so let's increase that to 24 GB. Listing 18 shows how you do this at installation time:

root@global:~# zoneadm -z iso-kz install -b /root/sol-11_3-42-text-x86.iso -x install-size=24g

Listing 18

In Listing 18, you can see that this time, the image we used is using the text installer.
Once we have answered the usual installation questions, we can log in to our zone, as shown in

Listing 19:

root@global:~# zoneadm list -cv
  ID NAME             STATUS      PATH                         BRAND      IP    
   0 global           running     /                            solaris    shared
   3 myfirstkz        running     -                            solaris-kz excl  
   5 iso-kz           running     -                            solaris-kz excl  

root@global:~# zlogin iso-kz
[Connected to zone 'iso-kz' pts/2]
Oracle Corporation      SunOS 5.11      11.3    June 2014
root@:~# 
root@solarisiso-kz:~# psrinfo -t
socket: 0
  core: 0
    cpu: 0
  core: 1
    cpu: 1
  core: 2
    cpu: 2
  core: 3
    cpu: 3
 root@:~# exit
logout

[Connection to zone 'iso-kz' pts/2 closed]

Listing 19

In Listing 19, we can see the four dedicated CPUs we assigned and we can see that we are running a release different than that of the host global zone.

Before we move on, let's shut down our two kernel zones:

root@global:~# zoneadm -z myfirstkz shutdown
root@global:~# zoneadm -z iso-kz shutdown

Converting a Native Zone to a Kernel Zone

The final operation to try is converting a native zone to a kernel zone, which is made especially easy through the use of Oracle Solaris Unified Archives.

In this example, we will use a native zone that has already been created. If you are not sure how to create a native zone, see "How to Get Started Creating Oracle Solaris Zones in Oracle Solaris 11."

Let's start by having a look at the native zone we are going to convert, as shown in Listing 20:

root@global:~# zoneadm list -cv
  ID NAME             STATUS      PATH                         BRAND      IP    
   0 global           running     /                            solaris    shared
   6 native-zone      running     /system/zones/native-zone    solaris    excl  
   - myfirstkz        installed   -                            solaris-kz excl  
   - iso-kz           installed   -                            solaris-kz excl  

root@global:~# zlogin native-zone
[Connected to zone 'native-zone' pts/2]
Oracle Corporation      SunOS 5.11      11.2    June 2014
root@native-zone:~# touch my_special_files
root@native-zone:~# zonename
native-zone
root@native-zone:~# exit
logout

[Connection to zone 'native-zone' pts/2 closed]
root@global:~# zoneadm list -cv
  ID NAME             STATUS      PATH                         BRAND      IP    
   0 global           running     /                            solaris    shared
   - myfirstkz        installed   -                            solaris-kz excl  
   - iso-kz           installed   -                            solaris-kz excl  
   - native-zone      installed   /system/zones/native-zone    solaris    excl  

Listing 20

In Listing 20, we can see our native-zone is already up and running, and we have logged in and created a file called my_special_files. This example is just to reflect any configuration that we might have done when taking a zone from a real environment. Finally, we checked the zone name, logged out, and shut down the native zone.

Note: One of the big advantages of using a Unified Archive to capture a zone is that you can do the capture on a running zone, which means you can avoid outages to end users. In this case, because we want to convert our native zone to a kernel zone (rather than clone the native zone), we shut down the native zone.

Now let's create a Unified Archive of our native zone:

root@global:~# archiveadm create -z native-zone ./native-zone-archive.uar
Initializing Unified Archive creation resources...
Unified Archive initialized: /root/native-zone-archive.uar
Logging to: /system/volatile/archive_log.26165
Executing dataset discovery...
Dataset discovery complete
Preparing archive system image...
Beginning archive stream creation...
Archive stream creation complete
Beginning final archive assembly...
Archive creation complete

Once we have created the archive, we can examine it to see what it contains:

root@global:~# ls -l
total 5602777
-rw-r--r--   1 root     root     901992448 Jul  1 06:18 0.175.2_ai_i386.iso
-rw-r--r--   1 root     root     1308958720 Jul 24 17:27 native-zone-archive.uar
-rw-r--r--   1 demo     staff    675102720 Jul 24 07:37 sol-11_2-42-text-x86.iso

root@global:~# archiveadm info -v ./native-zone-archive.uar
Archive Information
          Creation Time:  2014-07-24T21:54:08Z
            Source Host:  global
           Architecture:  i386
       Operating System:  Oracle Solaris 11.3 X86
       Recovery Archive:  No
              Unique ID:  e1bf0d42-338b-e879-fec4-ab78290ef55c
        Archive Version:  1.0

Deployable Systems
'native-zone'
             OS Version:  0.5.11
              OS Branch:  0.175.3.0.0.1.0
              Active BE:  solaris
                  Brand:  solaris
            Size Needed:  978MB
              Unique ID:  f488ea7c-ab1e-6cc4-d407-c60fce1e3818
               AI Media:  0.175.3_ai_i386.iso
              Root-only:  Yes

Next, let's configure a new kernel zone and when we are ready to install it, we will pass in the archive, as shown in

Listing 21:

root@global:~# zonecfg -z converted-zone-kz create -t SYSsolaris-kz
root@global:~# zoneadm -z converted-zone-kz install -a ./native-zone-archive.uar
Progress being logged to /var/log/zones/zoneadm.20140724T233807Z.converted-zone-kz.install
[Connected to zone 'converted-zone-kz' console]
Boot device: cdrom1  File and args: -B install=true,auto-shutdown=true -B aimanifest=/system/shared/ai.xml
reading module /platform/i86pc/amd64/boot_archive...done.
reading kernel file /platform/i86pc/kernel/amd64/unix...done.
SunOS Release 5.11 Version 11.2 64-bit
Copyright (c) 1983, 2014, Oracle and/or its affiliates. All rights reserved.
Remounting root read/write
Probing for device nodes ...
Preparing image for use
Done mounting image
Configuring devices.
Hostname: solaris
Using specified install manifest : /system/shared/ai.xml

solaris console login: 
Automated Installation started
The progress of the Automated Installation will be output to the console
Detailed logging is in the logfile at /system/volatile/install_log
Press RETURN to get a login prompt at any time.

23:40:15    Install Log: /system/volatile/install_log
23:40:15    Using XML Manifest: /system/volatile/ai.xml
23:40:15    Using profile specification: /system/volatile/profile
23:40:15    Starting installation.
23:40:15    0% Preparing for Installation
23:40:15    100% manifest-parser completed.
23:40:15    100% None
23:40:15    0% Preparing for Installation
23:40:18    1% Preparing for Installation
23:40:18    2% Preparing for Installation
23:40:19    3% Preparing for Installation
23:40:19    4% Preparing for Installation
23:40:19    5% archive-1 completed.
23:40:21    8% target-discovery completed.
23:40:23    Pre-validating manifest targets before actual target selection
23:40:23    Selected Disk(s) : c1d0
23:40:24    Pre-validation of manifest targets completed
23:40:24    Validating combined manifest and archive origin targets
23:40:24    Selected Disk(s) : c1d0
23:40:24    9% target-selection completed.
23:40:24    10% ai-configuration completed.
23:40:24    9% var-share-dataset completed.
23:40:29    10% target-instantiation completed.
23:40:29    10% Beginning archive transfer
23:40:29    Commencing transfer of stream: ce6d4b69-ad85-e7e1-aaf7-fdbfdc17f001-0.zfs
to rpool
23:40:35    30% Transferring contents
23:40:39    50% Transferring contents
23:40:43    70% Transferring contents
23:40:54    86% Transferring contents
23:41:09    Completed transfer of stream: 'ce6d4b69-ad85-e7e1-aaf7-fdbfdc17f001-0.zfs'
from file:///system/shared/uafs/OVA
23:41:12    Archive transfer completed
23:41:31    90% generated-transfer-965-1 completed.
23:41:31    90% Beginning IPS transfer
23:41:31    Setting post-install publishers to:
23:41:31        solaris
23:41:31            origin:  http://ipkg.us.oracle.com/solaris11/dev/
23:41:32    90% generated-transfer-965-2 completed.
23:41:32    Changing target pkg variant. This operation may take a while
23:51:17    90% apply-pkg-variant completed.
23:51:21    Setting boot devices in firmware
23:51:21    91% boot-configuration completed.
23:51:21    91% update-dump-adm completed.
23:51:21    92% setup-swap completed.
23:51:22    92% device-config completed.
23:51:23    92% apply-sysconfig completed.
23:51:23    93% transfer-zpool-cache completed.
23:51:36    98% boot-archive completed.
23:51:36    98% transfer-ai-files completed.
23:51:37    98% cleanup-archive-install completed.
23:51:38    100% create-snapshot completed.
23:51:39    100% None
23:51:39    Automated Installation succeeded.
23:51:39    You may wish to reboot the system at this time.
Automated Installation finished successfully
Shutdown requested. Shutting down the system
Log files will be available in /var/log/install/ after reboot
svc.startd: The system is coming down.  Please wait.
root@global:~# zoneadm list -cv
  ID NAME             STATUS      PATH                         BRAND      IP    
   0 global           running     /                            solaris    shared
   - myfirstkz        installed   -                            solaris-kz excl  
   - iso-kz           installed   -                            solaris-kz excl  
   - native-zone      installed   /system/zones/native-zone    solaris    excl  
   - converted-zone-kz installed   -                            solaris-kz excl  

Listing 21

As we can see in Listing 21, the install process completed successfully and we have an installed kernel zone.

Let's boot up our newly converted zone and have a look at it, as shown in Listing 22:

root@global:~# zoneadm -z converted-zone-kz boot
root@global:~# zoneadm list -cv
  ID NAME             STATUS      PATH                         BRAND      IP    
   0 global           running     /                            solaris    shared
   3 converted-zone-kz running     -                            solaris-kz excl  
   - duckstack        unavailable -                            solaris-kz excl  
   - native-zone      installed   /system/zones/native-zone    solaris    excl  
root@global:~# zlogin converted-zone-kz
[Connected to zone 'converted-zone-kz' pts/1]

Oracle Corporation      SunOS 5.11      11.2    June 2014
root@unknown:~# ls
my_special_files

Listing 22

In Listing 22, we can see that the contents of our native zone have been preserved.

Conclusion

In this article, we explored how to create, install, boot, and configure a kernel zone. You learned that Oracle Solaris Kernel Zones have the ability to run kernel versions that are different from the kernel version running on the host. We also saw how to do a direct installation and an installation based on an ISO image. Finally, we saw how to convert a native zone to a kernel zone using Unified Archives.

This article is intended to help a new or experienced Oracle Solaris user to quickly and easily install and configure Oracle Solaris Cluster software for two nodes, including the creation of Single Root I/O Virtualization/InfiniBand (SR-IOV/IB) devices. It provides a step-by-step procedure to simplify the process.

This article does not cover the configuration of highly available services. For more details on how to install and configure other Oracle Solaris Cluster software configurations, see the Oracle Solaris Cluster Software Installation Guide.

This articles uses the interactive scinstall utility to configure all the nodes of a cluster quickly and easily. The interactive scinstall utility is menu driven. The menus help reduce the chance of mistakes and promote best practices by using default values and prompting you for information specific to your cluster. The utility also helps prevent mistakes by identifying invalid entries. Finally, the scinstall utility eliminates the need to manually set up a quorum device by automating the configuration of a quorum device for your new cluster.

Note: This article applies to the Oracle Solaris Cluster 4.1 release. For more information about the Oracle Solaris Cluster release, see the Oracle Solaris Cluster 4.1 Release Notes.

Overview of SR-IOV

SR-IOV is a PCI-SIG standards-based I/O virtualization specification. SR-IOV enables a PCIe function known as physical function (PF) to create multiple lightweight PCIe functions known as virtual functions (VFs). VFs show up like a regular PCIe functions and also operate like regular PCIe functions. The address space for a VF is well contained so that a VF can be assigned to a virtual machine (a logical domain or LDom) with the help of a hypervisor. SR-IOV provides a high degree of sharing compared to other forms of direct hardware access methods that are available in LDom technology, that is, PCIe bus assignment and direct I/O.

Prerequisites, Assumptions, and Defaults

This section discusses several prerequisites, assumptions, and defaults for two-node clusters.

Configuration Assumptions

This article assumes the following configuration is used:

• You are installing the two-node cluster on Oracle Solaris 11.1 and you have basic system administration skills.
• You are installing the Oracle Solaris Cluster 4.1 software.
• The cluster hardware is a supported configuration for Oracle Solaris Cluster 4.1 software.
• This is a two-node cluster for SPARC T4-4 servers from Oracle. SR-IOV is only supported on servers based on Oracle's SPARC T4 (or above) processors.
• Each cluster node is an I/O domain.
• Each node has two spare network interfaces to be used as private interconnects, also known as transports, and at least one network interface that is connected to the public network.
• iSCSI shared storage is connected to the two nodes.
• Your setup looks like Figure 1. You might have fewer or more devices, depending on your system or network configuration.

In addition, it is recommended that you have console access to the nodes during cluster installation, but this is not required.

Figure 1. Oracle Solaris Cluster Hardware Configuration

Prerequisites

Perform the following prerequisite tasks:

1. Ensure that Oracle Solaris 11.1 SRU13 is installed on both the SPARC T4-4 systems.
2. Perform the initial preparation of public IP addresses and logical host names.
   
   You must have the logical names (host names) and IP addresses of the nodes to configure a cluster. Add those entries to each node's /etc/inet/hosts file or to a naming service if such a service (for example, DNS, NIS, or NIS+ maps) is used. The example in this article uses a NIS service.
   Table 1 lists the configuration used in this example.
   Table 1. Configuration

   Component	Name	Interface	IP Address
   cluster	phys-schost	—	—
   node 1	phys-schost-1	igbvf0	1.2.3.4
   node 2	phys-schost-2	igbvf0	1.2.3.5

   
   
3. Create SR-IOV VF devices for the public, private, and storage networks.
   
   You have to create the VF devices on the corresponding adapters for public, private, and storage networks in the primary domain and assign the VF devices to the logical domains that will be configured as cluster nodes.
   Type the commands shown in Listing 1 on the control domain phys-primary-1:
   

   root@phys-primary-1# ldm ls-io|grep IB
   /SYS/PCI-EM0/IOVIB.PF0                    PF     pci_0    primary
   /SYS/PCI-EM1/IOVIB.PF0                    PF     pci_0    primary
   /SYS/PCI-EM0/IOVIB.PF0.VF0                VF     pci_0    primary
   root@phys-primary-1# ldm start-reconf primary
   root@phys-primary-1# ldm create-vf /SYS/MB/NET2/IOVNET.PF0
   root@phys-primary1# ldm create-vf /SYS/PCI-EM0/IOVIB.PF0
   root@phys-primary-1# ldm create-vf /SYS/PCI-EM1/IOVIB.PF0
   root@phys-primary-1# ldm add-domain domain1
   root@phys-primary-1# ldm add-vcpu 128 domain1
   root@phys-primary-1# ldm add-mem 128g domain1
   root@phys-primary-1# ldm add-io /SYS/MB/NET2/IOVNET.PF0.VF1 domain1
   root@phys-primary-1# ldm add-io /SYS/PCI-EM0/IOVIB.PF0.VF1 domain1
   root@phys-primary-1# ldm add-io /SYS/PCI-EM1/IOVIB.PF0.VF1 domain1
   root@phys-primary-1# ldm ls-io | grep domain1
   /SYS/MB/NET2/IOVNET.PF0.VF1           VF     pci_0    domain1
   /SYS/PCI-EM0/IOVIB.PF0.VF1            VF     pci_0    domain1
   /SYS/PCI-EM0/IOVIB.PF0.VF2            VF     pci_0    domain1
   

   Listing 1
   The VF IOVNET.PF0.VF1 is used for the public network. IB VF devices have partitions that host both private network and storage network devices.
   Repeat the commands shown in Listing 1 on phys-primary-2. The I/O domain domain1 on both nodes must be installed with Oracle Solaris 11.1 SRU13 before installing the cluster software.
   

Note: To learn more about SR-IOV technology, take a look at the documentation for Oracle VM Server for SPARC 3.1. For information about InfiniBand VFs, see "Using InfiniBand SR-IOV Virtual Functions."

Defaults

The scinstall interactive utility in the Typical mode installs the Oracle Solaris Cluster software with the following defaults:

• Private-network address 172.16.0.0
• Private-network netmask 255.255.248.0
• Cluster-transport switches switch1 and switch2

Perform the Preinstallation Checks

1. Temporarily enable rsh or ssh access for root on the cluster nodes.
2. Log in to the cluster node on which you are installing Oracle Solaris Cluster software and become superuser.
3. On each node, verify the /etc/inet/hosts file entries. If no other name resolution service is available, add the name and IP address of the other node to this file.
   
   The /etc/inet/hosts file on node 1 has the following information.
   

   # Internet host table
   #
   ::1 phys-schost-1 localhost 
   127.0.0.1 phys-schost-1 localhost loghost 
   

   
   The /etc/inet/hosts file on node 2 has the following information.
   

   # Internet host table
   #
   ::1 phys-schost-2 localhost 
   127.0.0.1 phys-schost-2 localhost loghost
   

4. On each node, verify that at least one shared storage disk is available.
   
   In this example, the following disks are shared between the two nodes: c0t600A0B800026FD7C000019B149CCCFAEd0 and c0t600A0B800026FD7C000019D549D0A500d0.
   

   # format
   Searching for disks...done
   AVAILABLE DISK SELECTIONS:
          0. c4t0d0 
             /pci@7b,0/pci1022,7458@11/pci1000,3060@2/sd@0,0
             /dev/chassis/SYS/HD0/disk
          1. c4t1d0 
             /pci@7b,0/pci1022,7458@11/pci1000,3060@2/sd@1,0
             /dev/chassis/SYS/HD1/disk
          2. c0t600144F0CD152C9E000051F2AFE20007d0 
             /scsi_vhci/ssd@g600144f0cd152c9e000051f2afe20007
          3. c0t600144F0CD152C9E000051F2AFF00008d0 
             /scsi_vhci/ssd@g600144f0cd152c9e000051f2aff00008        
   

5. On each node, ensure that the right OS version is installed.
   
   

   # more /etc/release
                                                  Oracle Solaris 11.1 SPARC
     Copyright (c) 1983, 2013, Oracle and/or its affiliates.  All rights reserved.
                                                Assembled 06 November 2013
   

6. Ensure that the network interfaces are configured as static IP addresses (not DHCP or of type addrconf, as displayed by the ipadm show-addr -o all command.)
   
   If the network interfaces are not configured as static IP addresses, then run the command shown in Listing 2 on each node, which will unconfigure all network interfaces and services.
   If the nodes are configured as static, go to the "Configure the Oracle Solaris Cluster Publisher" section.
   

   # netadm enable -p ncp defaultfixed
   Enabling ncp 'DefaultFixed'
   phys-schost-1: Sep 27 08:19:19 phys-schost-1 in.ndpd[1038]: Interface net0 has been removed from
    kernel. in.ndpd will no longer use it
   Sep 27 08:19:19 phys-schost-1 in.ndpd[1038]: Interface net1 has been removed from kernel
   . in.ndpd will no longer use it
   Sep 27 08:19:19 phys-schost-1 in.ndpd[1038]: Interface net2 has been removed from kernel
   . in.ndpd will no longer use it
   Sep 27 08:19:20 phys-schost-1 in.ndpd[1038]: Interface net3 has been removed from kernel
   . in.ndpd will no longer use it
   Sep 27 08:19:20 phys-schost-1 in.ndpd[1038]: Interface net4 has been removed from kernel
   . in.ndpd will no longer use it
   Sep 27 08:19:20 phys-schost-1 in.ndpd[1038]: Interface net5 has been removed from kernel
   . in.ndpd will no longer use it
   

   Listing 2
   
7. On each node, type the following commands to configure the naming services and update the name service switch configuration:
   
   

   # svccfg -s svc:/network/nis/domain setprop config/domainname = hostname: nisdomain.example.com
   # svccfg -s svc:/network/nis/domain:default refresh
   # svcadm enable svc:/network/nis/domain:default
   # svcadm enable svc:/network/nis/client:default
   # /usr/sbin/svccfg -s svc:/system/name-service/switch setprop config/host = astring: \"files nis\"
   # /usr/sbin/svccfg -s svc:/system/name-service/switch setprop config/netmask = astring: \"files nis\"
   # /usr/sbin/svccfg -s svc:/system/name-service/switch setprop config/automount = astring: \"files nis\"
   # /usr/sbin/svcadm refresh svc:/system/name-service/switch
   

8. Bind each node to the NIS server.
   
   

   # ypinit -c
   

9. Reboot each node to make sure that the new network setup is working fine.

Configure the Oracle Solaris Cluster Publisher

There are two main ways to access the Oracle Solaris Cluster package repository, depending on whether the cluster nodes have direct access (or through a web proxy) to the internet: using a repository hosted on pkg.oracle.com or using a local copy of the repository.

Using a Repository Hosted on pkg.oracle.com

To access either the Oracle Cluster Solaris Release or Support repositories, obtain the SSL public and private keys.

1. Go to http://pkg-register.oracle.com.
2. Choose the Oracle Solaris Cluster Release or Support repository.
3. Accept the license.
4. Request a new certificate by choosing the Oracle Solaris Cluster software and submitting a request. This displays a certification page that contains download buttons for download the key and certificate files.
5. Download the key and certificate files and install them, as described in the returned certification page.
6. Configure the ha-cluster publisher with the downloaded SSL keys to point to the selected repository URL on pkg.oracle.com.
   
   This example uses the release repository:
   

   # pkg set-publisher \
   -k /var/pkg/ssl/Oracle_Solaris_Cluster_4.key.pem \
   -c /var/pkg/ssl/Oracle_Solaris_Cluster_4.certificate.pem \
   -g https://pkg.oracle.com/ha-cluster/release/ ha-cluster 
   

Using a Local Copy of the Repository

To access a local copy of the Oracle Solaris Cluster Release or Support repository, download the repository image.

1. Download the repository image from the Oracle Technology Network or Oracle Software Delivery Cloud. To download the repository image from Oracle Software Delivery Cloud, select Oracle Solaris as the Product Pack on the Media Pack Search Page.
   
2. Mount the repository image and copy the data to a shared file system that all the cluster nodes can access.
   
   

   # mount -F hsfs  /mnt
   # rsync -aP /mnt/repo /export
   # share /export/repo
   

3. Configure the ha-cluster publisher.
   
   This example uses node 1 as the system that shared the local copy of the repository:
   

   # pkg set-publisher -g file:///net/phys-schost-1/export/repo ha-cluster
   

Install the Oracle Solaris Cluster Software Packages

1. On each node, ensure that the correct Oracle Solaris package repositories are published.
   
   If they are not, unset the incorrect publishers and set the correct ones. The installation of the ha-cluster packages is highly likely to fail if it cannot access the solaris publisher.
   

   # pkg publisher
   PUBLISHER          TYPE     STATUS   URI
   solaris            origin   online   
   ha-cluster         origin   online   
   

2. On each cluster node, install the ha-cluster-full package group.
   
   

   # pkg install ha-cluster-full
   
              Packages to install:  68
          Create boot environment:  No
   Create backup boot environment: Yes
               Services to change:   1
   
   DOWNLOAD                                  PKGS       FILES    XFER (MB)
   Completed                                68/68   6456/6456    48.5/48.5$<3>
   
   PHASE                                        ACTIONS
   Install Phase                              8928/8928 
   
   PHASE                                          ITEMS
   Package State Update Phase                     68/68 
   Image State Update Phase                         2/2 
   Loading smf(5) service descriptions: 9/9
   Loading smf(5) service descriptions: 57/57
   3>

Configure the Oracle Solaris Cluster Software

1. On each node of the cluster, identify the network interfaces that will be used for the private interconnects.
   
   In this example, 8513 and 8514 are the PKEYs for a private IB partition that is used for transport. 8503 is the PKEY for a private storage network that is used to configure iSCSI storage from an Oracle ZFS Storage Appliance with an IB connection.
   The Oracle ZFS Storage Appliance has the IP address 192.168.0.61 configured on the InfiniBand network. The priv1 and priv2 IB partitions are used as private interconnects for the private network. The storage1 and storage2 partitions are used for the storage network.
   Type the following commands on node 1:
   

   phys-schost-1# dladm show-ib |grep net
   net6      21290001EF8BA2 14050000000001 1    up      localhost    0a-eth-1 8031,8501,8511,8513,8521,FFFF
   net7      21290001EF8BA2 14050000000008 2    up      localhost    0a-eth-1 8503,8514,FFFF
   phys-schost-1# dladm create-part -l net6 -P 8513 priv1
   phys-schost-1# dladm create-part -l net7 -P 8514 priv2
   phys-schost-1# dladm create-part -l net6 -P 8503 storage1
   phys-schost-1# dladm create-part -l net7 -P 8503 storage2
   phys-schost-1# dladm show-part
   LINK         PKEY   OVER         STATE    FLAGS
   priv1        8513   net6         up       ----
   priv2        8514   net7         up       ----
   storage1     8503   net6         up       ----
   storage2     8503   net7         up       ----
   phys-schost-1# ipadm create-ip storage1
   phys-schost-1# ipadm create-ip storage2
   phys-schost-1# ipadm create-ipmp -i storage1 -i storage2 storage_ipmp0
   phys-schost-1# ipadm create-addr -T static -a 192.168.0.41/24 storage_ipmp0/address1
   phys-schost-1# iscsiadm add static-config iqn.1986-03.com.sun:02:a87851cb-4bad-c0e5-8d27-dd76834e6985,192.168.10.61
   

   
   Type the following commands on node 2:
   

   phys-schost-2# dladm show-ib |grep net
   net9      21290001EF8FFE 1405000000002B 2    up      localhost    0a-eth-1 8032,8502,8512,8516,8522,FFFF
   net6      21290001EF4E36 14050000000016 1    up      localhost    0a-eth-1 8031,8501,8511,8513,8521,FFFF
   net7      21290001EF4E36 1405000000000F 2    up      localhost    0a-eth-1 8503,8514,FFFF
   net8      21290001EF8FFE 14050000000032 1    up      localhost    0a-eth-1 8503,8515,FFFF
   phys-schost-2# dladm create-part -l net6 -P 8513 priv1
   phys-schost-2# dladm create-part -l net7 -P 8514 priv2
   phys-schost-2# dladm create-part -l net6 -P 8503 storage1
   phys-schost-2# dladm create-part -l net7 -P 8503 storage2
   phys-schost-2# dladm show-part
   LINK         PKEY   OVER         STATE    FLAGS
   priv1        8513   net6         up       ----
   priv2        8514   net7         up       ----
   storage1     8503   net6         up       ----
   storage2     8503   net7         up       ----
   phys-schost-2# ipadm create-ip storage1
   phys-schost-2# ipadm create-ip storage2
   phys-schost-2# ipadm create-ipmp -i storage1 -i storage2 storage_ipmp0
   phys-schost-2# ipadm create-addr -T static -a 192.168.0.42/24 storage_ipmp0/address1
   phys-schost-2# iscsiadm add static-config iqn.1986-03.com.sun:02:a87851cb-4bad-c0e5-8d27-dd76834e6985,192.168.10.61
   

2. On each node, ensure that the Oracle Solaris Service Management Facility services are not in the maintenance state.
   
   

   # svcs -x
   

3. On each node, ensure that the service network/rpc/bind:default has the local_only configuration set to false.
   
   

   # svcprop network/rpc/bind:default | grep local_only
   config/local_only boolean false
   

   
   If not, set the local_only configuration to false.
   

   # svccfg
   svc:> select network/rpc/bind
   svc:/network/rpc/bind> setprop config/local_only=false
   svc:/network/rpc/bind> quit
   # svcadm refresh network/rpc/bind:default
   # svcprop network/rpc/bind:default | grep local_only
   config/local_only boolean false
   

4. From one of the nodes, start the Oracle Solaris Cluster configuration. This will configure the software on the other node as well.
   
   In this example, the following command is run on the node 2, phys-schost-2.
   

   # /usr/cluster/bin/scinstall
     *** Main Menu ***
   
       Please select from one of the following (*) options:
   
         * 1) Create a new cluster or add a cluster node
         * 2) Print release information for this cluster node
         * ?) Help with menu options
         * q) Quit
   
       Option:  1
   

   
   From the Main menu, type 1 to choose the first menu item, which can be used to create a new cluster or add a cluster node.
   

   *** Create a New Cluster ***
   
   
       This option creates and configures a new cluster.
       Press Control-D at any time to return to the Main Menu.
   
   
       Do you want to continue (yes/no) [yes]?  
   
       Checking the value of property "local_only" of service svc:/network/rpc/bind
    ...
       Property "local_only" of service svc:/network/rpc/bind is already correctly 
   set to "false" on this node.
   
   Press Enter to continue:  
   

   
   Answer yes and then press Enter to go to the installation mode selection. Then select the default mode: Typical.
   

   >>> Typical or Custom Mode <<<
   
       This tool supports two modes of operation, Typical mode and Custom 
       mode. For most clusters, you can use Typical mode. However, you might 
       need to select the Custom mode option if not all of the Typical mode 
       defaults can be applied to your cluster.
   
       For more information about the differences between Typical and Custom 
       modes, select the Help option from the menu.
       Please select from one of the following options:
   
           1) Typical
           2) Custom
   
           ?) Help
           q) Return to the Main Menu
   
       Option [1]:  1
   

   
   Provide the name of the cluster. In this example, type the cluster name as phys-schost.
   

   >>> Cluster Name <<<
   
       Each cluster has a name assigned to it. The name can be made up of any
       characters other than whitespace. Each cluster name should be unique 
       within the namespace of your enterprise.
   
       What is the name of the cluster you want to establish? phys-schost
   

   
   Provide the name of the other node. In this example, the name of the other node is phys-schost-1. Finish the list by pressing ^D. Answer yes to confirm the list of nodes.
   

   >>> Cluster Nodes <<<
   
       This Oracle Solaris Cluster release supports a total of up to 16 
       nodes.
   
       List the names of the other nodes planned for the initial cluster 
       configuration. List one node name per line. When finished, type 
       Control-D:
   
       Node name (Control-D to finish):  phys-schost-1
       Node name (Control-D to finish):  
   
    ^D
   
   
       This is the complete list of nodes:
   
           phys-schost-2
           phys-schost-1
   
       Is it correct (yes/no) [yes]?  
   

   
   The next two screens configure the cluster's private interconnects, also known as the transport adapters. Select the priv1 and priv2 IB partitions.
   

   >>> Cluster Transport Adapters and Cables <<<
   
       Transport adapters are the adapters that attach to the private cluster
       interconnect.
   
       Select the first cluster transport adapter:
   
           1) net1
           2) net2
           3) net3
           4) net4
           5) net5
           6) priv1
           7) priv2
           8) Other
   
       Option:  6
   
       Adapter "priv1" is an Infiniband adapter.
   
       Searching for any unexpected network traffic on "priv1" ... done
       Verification completed. No traffic was detected over a 10 second 
       sample period.
   
       The "dlpi" transport type will be set for this cluster.
   
    For node "phys-schost-2",
       Name of the switch to which "priv1" is connected [switch1]?  
   
       Each adapter is cabled to a particular port on a switch. And, each 
       port is assigned a name. You can explicitly assign a name to each 
       port. Or, for Ethernet and Infiniband switches, you can choose to 
       allow scinstall to assign a default name for you. The default port 
       name assignment sets the name to the node number of the node hosting 
       the transport adapter at the other end of the cable.
   
    For node "phys-schost-2",
       Use the default port name for the "priv1" connection (yes/no) [yes]?  
   
       Select the second cluster transport adapter:
   
           1) net1
           2) net2
           3) net3
           4) net4
           5) net5
           6) priv1
           7) priv2
           8) Other
   
       Option:  7
   
       Adapter "priv2" is an Infiniband adapter.
   
       Searching for any unexpected network traffic on "priv2" ... done
       Verification completed. No traffic was detected over a 10 second 
       sample period.
   
       The "dlpi" transport type will be set for this cluster.
   
    For node "phys-schost-2",
       Name of the switch to which "priv2" is connected [switch2]?  
   
    For node "phys-schost-2",
       Use the default port name for the "priv2" connection (yes/no) [yes]? 
   

   
   The next screen configures the quorum device. Select the default answers for the questions asked in the Quorum Configuration screen.
   

   >>> Quorum Configuration <<<
   
       Every two-node cluster requires at least one quorum device. By 
       default, scinstall selects and configures a shared disk quorum device 
       for you.
   
       This screen allows you to disable the automatic selection and 
       configuration of a quorum device.
   
       You have chosen to turn on the global fencing. If your shared storage 
       devices do not support SCSI, such as Serial Advanced Technology 
       Attachment (SATA) disks, or if your shared disks do not support 
       SCSI-2, you must disable this feature.
   
       If you disable automatic quorum device selection now, or if you intend
       to use a quorum device that is not a shared disk, you must instead use
       clsetup(1M) to manually configure quorum once both nodes have joined 
       the cluster for the first time.
   
       Do you want to disable automatic quorum device selection (yes/no) [no]?  
   
     Is it okay to create the new cluster (yes/no) [yes]?  
    During the cluster creation process, cluster check is run on each of the new 
    cluster nodes. If cluster check detects problems, you can 
       either interrupt the process or check the log files after the cluster 
       has been established.
   
       Interrupt cluster creation for cluster check errors (yes/no) [no]?  
   

   
   The final screens print details about the configuration of the nodes and the installation log's file name. The utility then reboots each node in cluster mode.
   

   Cluster Creation
   
       Log file - /var/cluster/logs/install/scinstall.log.3386
   
       Configuring global device using lofi on phys-schost-1: done
   
       Starting discovery of the cluster transport configuration.
   
       The following connections were discovered:
   
           phys-schost-2:priv1  switch1  phys-schost-1:priv1
           phys-schost-2:priv2  switch2  phys-schost-1:priv2
   
       Completed discovery of the cluster transport configuration.
   
       Started cluster check on "phys-schost-2".    
       Started cluster check on "phys-schost-1".
   
   ...
   ...
   ...
   
   Refer to the log file for details.
   The name of the log file is /var/cluster/logs/install/scinstall.log.3386.
   
   
       Configuring "phys-schost-1" ... done
       Rebooting "phys-schost-1" ... 
       Configuring "phys-schost-2" ... 
       Rebooting "phys-schost-2" ... 
   
   Log file - /var/cluster/logs/install/scinstall.log.3386
   

   
   When the scinstall utility finishes, the installation and configuration of the basic Oracle Solaris Cluster software is complete. The cluster is now ready for you to configure the components you will use to support highly available applications. These cluster components can include device groups, cluster file systems, highly available local file systems, and individual data services and zone clusters. To configure these components, refer to the Oracle Solaris Cluster 4.1 documentation library.
   
5. Verify on each node that multiuser services for the Oracle Solaris Service Management Facility (SMF) are online. Ensure that the new services added by Oracle Solaris Cluster are all online.
   
   

   # svcs -x
   # svcs multi-user-server
   STATE          STIME    FMRI
   online          9:58:44 svc:/milestone/multi-user-server:default
   

6. From one of the nodes, verify that both nodes have joined the cluster.
   
   

   # cluster status
   === Cluster Nodes ===
   --- Node Status ---
   
   Node Name                                 Status
   ---------                                 ------
   phys-schost-1                             Online
   phys-schost-2                             Online
   
   
   === Cluster Transport Paths ===
   Endpoint1                        Endpoint2                       Status
   ---------                        ---------                       ------
   phys-schost-1:priv1              phys-schost-2:priv1             Path online
   phys-schost-1:priv2              phys-schost-2:priv2             Path online
   
   === Cluster Quorum ===
   --- Quorum Votes Summary from (latest node reconfiguration) ---
              Needed   Present   Possible
              ------   -------   --------
              2        3         3
   
   --- Quorum Votes by Node (current status) ---
   
   Node Name         Present     Possible   Status
   ---------         -------     --------   ------
   phys-schost-1     1           1          Online
   phys-schost-2     1           1          Online
   
   
   --- Quorum Votes by Device (current status) ---
   
   Device Name       Present     Possible    Status
   -----------       -----       -------     -----
   d1                1           1           Online
   
   
   === Cluster Device Groups ===
   
   --- Device Group Status ---
   
   Device Group Name     Primary     Secondary     Status
   -----------------     -------     -------       ------
   
   
   --- Spare, Inactive, and In Transition Nodes ---
   Device Group Name   Spare Nodes   Inactive Nodes   In Transition Nodes
   -----------------   ---------     --------------   --------------------
   
   --- Multi-owner Device Group Status ---
   Device Group Name        Node Name           Status
   -----------------        -------             ------
   
   
   === Cluster Resource Groups ===
   Group Name    Node Name       Suspended     State
   ----------    ---------       ---------     -----
   
   === Cluster Resources ===
   
   Resource Name       Node Name       State       Status Message
   -------------       ---------       -----       --------------
   
   === Cluster DID Devices ===
   Device Instance               Node                           Status
   ---------------               ---                            ------
   /dev/did/rdsk/d1              phys-schost-1                    Ok
                                 phys-schost-2                    Ok
   /dev/did/rdsk/d2              phys-schost-1                    Ok
                                 phys-schost-2                    Ok
   /dev/did/rdsk/d3              phys-schost-1                    Ok
   /dev/did/rdsk/d4              phys-schost-1                    Ok
   /dev/did/rdsk/d5              phys-schost-2                    Ok
   /dev/did/rdsk/d6              phys-schost-2                    Ok
   
   === Zone Clusters ===
   
   --- Zone Cluster Status ---
   
   Name    Node Name    Zone HostName    Status    Zone Status
   ----    ---------    -------------    ------    ---------- 
   

Verify High Availability (Optional)

This section describes how to create a failover resource group with a LogicalHostname resource for a highly available network resource and an HAStoragePlus resource for a highly available ZFS file system on a zpool resource.

1. Identify the network address that will be used for this purpose and add it to the /etc/inet/hosts file on the nodes. In this example, the host name is schost-lh.
   
   The /etc/inet/hosts file on node 1 contains the following information:
   

   # Internet host table
   #
   ::1 localhost
   127.0.0.1 localhost loghost
   1.2.3.4   phys-schost-1 # Cluster Node
   1.2.3.5   phys-schost-2 # Cluster Node
   1.2.3.6   schost-lh
   

   
   The /etc/inet/hosts file on node 2 contains the following information:
   

   # Internet host table
   #
   ::1 localhost 
   127.0.0.1 localhost loghost 
   1.2.3.4   phys-schost-1 # Cluster Node
   1.2.3.5   phys-schost-2 # Cluster Node
   1.2.3.6   schost-lh
   

   
   schost-lh will be used as the logical host name for the resource group in this example. This resource is of the type SUNW.LogicalHostname, which is a preregistered resource type.
   
2. From one of the nodes, create a zpool with the two shared storage disks /dev/did/rdsk/d1s0 and /dev/did/rdsk/d2s0. In this example, the entire disk is assigned to slice 0 of the disks, using the format utility.
   
   

   # zpool create -m /zfs1 pool1 mirror /dev/did/dsk/d1s0 /dev/did/dsk/d2s0
   # df -k /zfs1
   Filesystem           1024-blocks        Used   Available Capacity  Mounted on
   pool1                20514816            31    20514722        1%      /zfs1
   

   
   The created zpool will now be placed in a highly available resource group as a resource of type SUNW.HAStoragePlus. This resource type has to be registered before it is used for the first time.
   
3. To create a highly available resource group to house the resources, on one node, type the following command:
   
   

   # /usr/cluster/bin/clrg create test-rg
   

4. Add the network resource to the test-rg group.
   
   

   # /usr/cluster/bin/clrslh create -g test-rg -h schost-lh schost-lhres
   

5. Register the storage resource type.
   
   

   # /usr/cluster/bin/clrt register SUNW.HAStoragePlus
   

6. Add the zpool to the group.
   
   

   # /usr/cluster/bin/clrs create -g test-rg -t SUNW.HAStoragePlus -p  zpools=pool1 hasp-res
   

7. Bring the group online:
   
   

   # /usr/cluster/bin/clrg online -eM test-rg
   

8. Check the status of the group and the resources:
   
   

   # /usr/cluster/bin/clrg status
   
   === Cluster Resource Groups ===
   
   Group Name       Node Name         Suspended      Status
   ----------       ---------         ---------      ------
   test-rg          phys-schost-1     No             Online
                    phys-schost-2     No             Offline
   
   
   
   # /usr/cluster/bin/clrs status
   
   === Cluster Resources ===
   
   Resource Name       Node Name             State      Status Message
   -------------       -------               -----      --------------
   hasp-res             phys-schost-1        Online     Online
                        phys-schost-2        Offline    Offline
   
   schost-lhres         phys-schost-1        Online     Online - LogicalHostname online.
                        phys-schost-2        Offline    Offline
   
   

   
   The command output shows that the resources and the group are online on node 1.
   
9. To verify availability, switch over the resource group to node 2 and check the status of the resources and the group.
   
   

   # /usr/cluster/bin/clrg switch -n phys-schost-2 test-rg
   # /usr/cluster/bin/clrg status
   
   === Cluster Resource Groups ===
   
   Group Name       Node Name              Suspended     Status
   ----------       ---------              ---------     ------
   test-rg          phys-schost-1          No            Offline
                    phys-schost-2          No            Online
   
   # /usr/cluster/bin/clrs status
   
   === Cluster Resources ===
   
   Resource Name       Node Name              State        Status Message
   -------------       ---------              -----         --------------
   hasp-res            phys-schost-1          Offline      Offline
                       phys-schost-2          Online       Online
   
   schost-lhres        phys-schost-1          Offline      Offline - LogicalHostname offline.
                       phys-schost-2          Online       Online - LogicalHostname online.
   

This article is intended to help a new or experienced Oracle Solaris administrator to quickly and easily configure an Oracle Solaris Kernel Zone in failover mode using the Oracle Solaris Cluster HA for Oracle Solaris Zones agent.

About Oracle Solaris Cluster Failover Zones

Oracle Solaris Zones include support for fully independent and isolated environments called kernel zones, which provide a full kernel and user environment within a zone. Kernel zones increase operational flexibility and are ideal for multitenant environments where maintenance windows are significantly harder to schedule. Kernel zones can run at a different kernel version from the global zone and can be updated separately without requiring a reboot of the global zone. You can also use kernel zones in combination with Oracle VM Sever for SPARC for greater virtualization flexibility.

This article describes how to set up a failover kernel zone on a two-node cluster.

Configuration Assumptions

This article assumes the following configuration is used:

• The cluster is installed and configured with Oracle Solaris 11.2 and Oracle Solaris Cluster 4.2.
• The repositories for Oracle Solaris and Oracle Solaris Cluster are configured on the cluster nodes.
• The cluster hardware is a supported configuration for Oracle Solaris Cluster 4.2 software.
• The cluster is a two-node SPARC cluster. (However, the installation procedure is applicable to x86 clusters as well.)
• Each node has two spare network interfaces to be used as private interconnects, also known as transports, and at least one network interface that is connected to the public network.
• SCSI shared storage is connected to the two nodes.
• Your setup looks like Figure 1. You might have fewer or more devices, depending on your system or network configuration.

It is recommended that you have console access to the nodes during administration, but this is not required.

Figure 1. Oracle Solaris Cluster hardware configuration

Prerequisites

Ensure the following prerequisites are met:

1. The boot disk of a kernel zone in an HA zone configuration must reside on a shared disk.
2. The zone must be configured on each cluster node where the zone can fail over.
3. The zone must be active on only one node at a time, and the zone's address must be plumbed on only one node at a time.
4. Make sure you have a shared disk available to host the zonepath for the failover zone. You can use /usr/cluster/bin/scdidadm -L or /usr/cluster/bin/cldevice list to see the shared disks. Each cluster node has a path to the shared disk.
5. Verify that the Oracle Solaris operating system version is at least 11.2.
   
   

   root@phys-schost-1:~# uname -a
   SunOS phys-schost-1 5.11 11.2 sun4v sparc sun4v
   

6. Verify that the kernel zone brand package, brand/brand-solaris-kz, is installed on the host.
   
   

   root@phys-schost-1# pkg list brand/brand-solaris-kz
   NAME (PUBLISHER)                                  VERSION                    IFO
   system/zones/brand/brand-solaris-kz               0.5.11-0.175.2.0.0.41.0    i--
   

7. Run the virtinfo command to verify that kernel zones are supported on cluster nodes. The following example shows that the kernel zone brand package is installed on the host phys-schost-1.
   
   

   root@phys-schost-1:~# virtinfo
   NAME            CLASS
   logical-domain  current
   non-global-zone supported
   kernel-zone     supported
   

8. Identify two shared disks, one for the boot disk and the other for the suspend disk. Suspend and resume are supported for a kernel zone only if a kernel zone has a suspend resource property in its configuration. If the suspend device is not configured, it is not possible to use warm migration. Kernel zones support cold and warm migration during switchover. This example uses shared disks d7 and d8. You can use suriadm for looking up the URI for both disks.
   
   

   root@phys-schost-1:~# /usr/cluster/bin/scdidadm -L d7 d8
   7        phys-schost-1:/dev/rdsk/c0t60080E500017B5D80000084D52711BB9d0 /dev/did/rdsk/d7     
   7        phys-schost-2:/dev/rdsk/c0t60080E500017B5D80000084D52711BB9d0 /dev/did/rdsk/d7     
   8        phys-schost-1:/dev/rdsk/c0t60080E500017B5D80000084B52711BAEd0 /dev/did/rdsk/d8     
   8        phys-schost-2:/dev/rdsk/c0t60080E500017B5D80000084B52711BAEd0 /dev/did/rdsk/d8     
   root@phys-schost-1:~# suriadm lookup-uri /dev/did/dsk/d7
   dev:did/dsk/d7
   root@phys-schost-1:~# suriadm lookup-uri /dev/did/dsk/d8
   dev:did/dsk/d8
   

9. The zone source and destination must be on the same platform for zone migration. On x86 systems, the vendor as well as the CPU revision must be identical. On SPARC systems, the zone source and destination must be on the same hardware platform. For example, you cannot migrate a kernel zone from a SPARC T4 host to a SPARC T3 host.

Enable a Kernel Zone to Run in a Failover Configuration Using a Failover File System

In a failover configuration, the zone's zonepath must reside on a highly available file system. Oracle Solaris Cluster provides the SUNW.HAStoragePlus service to manage a failover file system.

1. Register the SUNW.HAStoragePlus (HASP) resource type.
   
   

   phys-schost-1# /usr/cluster/bin/clrt register SUNW.HAStoragePlus
   

2. Create the failover resource group.
   
   

   phys-schost-1# /usr/cluster/bin/clrg create sol-kz-fz1-rg
   

3. Create a HAStoragePlus resource to monitor the disks that are used as boot or suspend devices for the kernel zone.
   
   

   root@phys-schost-1:~# clrs create -t SUNW.HAStoragePlus -g sol-kz-fz1-rg \
   -p GlobalDevicePaths=dsk/d7,dsk/d8 sol-kz-fz1-hasp-rs
   root@phys-schost-1:~# /usr/cluster/bin/clrg online -emM -n phys-schost-1 \ sol-kz-fz1-rg
   

4. Create and configure the zone on phys-schost-1. You must ensure that the boot and suspend devices reside on shared disks. For configuring a two-node cluster, execute the following commands on phys-schost-1 and then replicate the zone configuration to phys-schost-2.
   
   

   root@phys-schost-1:~# zonecfg -z sol-kz-fz1 'create -b; set brand=solaris-kz;
   add capped-memory;
   set physical=2G; end; add device;
   set storage=dev:did/dsk/d7; set bootpri=1; end; add suspend; set 
   storage=dev:did/dsk/d8; end; add anet; set lower-link=auto; end; set autoboot=false; add attr;
   set name=osc-ha-zone; set type=boolean; set value=true; end;'
   

5. Verify that the zone is configured.
   
   

   phys-schost-1# zoneadm list -cv
     ID NAME             STATUS      PATH      BRAND      IP
      0 global           running      /        solaris    shared
      - sol-kz-fz1       configured   -        solaris-kz excl
   

6. Install the zone using zoneadm and then boot the zone.
   
   

   root@phys-schost-1:~# zoneadm -z sol-kz-fz1 install
   Progress being logged to /var/log/zones/zoneadm.20140829T212403Z.sol-kz-fz1.install
   pkg cache: Using /var/pkg/publisher.
    Install Log: /system/volatile/install.4811/install_log
    AI Manifest: /tmp/zoneadm4203.ZLaaYi/devel-ai-manifest.xml
     SC Profile: /usr/share/auto_install/sc_profiles/enable_sci.xml
   Installation: Starting ...
           Creating IPS image
           Installing packages from:
               solaris
                   origin:  http://solaris-publisher.domain.com/support/sru/
               ha-cluster
                   origin:  http://cluster-publisher.domain.com/solariscluster/sru/
           The following licenses have been accepted and not displayed.
           Please review the licenses for the following packages post-install:
             consolidation/osnet/osnet-incorporation                     
           Package licenses may be viewed using the command:
             pkg info --license 
   
   DOWNLOAD                                PKGS         FILES    XFER (MB)   SPEED
   Completed                            482/482   64261/64261  544.1/544.1  1.9M/s
   
   PHASE                                          ITEMS
   Installing new actions                   87569/87569
   Updating package state database                 Done
   Updating package cache                           0/0
   Updating image state                            Done
   Creating fast lookup database                   Done
   Installation: Succeeded
           Done: Installation completed in 609.014 seconds.
   

7. Verify that the zone is successfully installed and boots up.
   
   

   phys-schost-1# zoneadm list -cv
     ID NAME             STATUS      PATH        BRAND       IP   
      0 global           running     /           solaris     shared
      - sol-kz-fz1       installed   -           solaris-kz  excl
   

8. In another window, log in to the zone's console and boot the zone. Follow the prompts through the system configuration interactive screens to configure the zone.
   
   

   phys-schost-1# zlogin -C sol-kz-fz1
   phys-schost-1# zoneadm -z sol-kz-fz1 boot
   

9. Shut down the zone and switch the resource group to another node available in the list of resource group nodes.
   
   

   phys-schost-1# zoneadm -z sol-kz-fz1 shutdown
   phys-schost-1# zoneadm -z sol-kz-fz1 detach -F
   phys-schost-1# /usr/cluster/bin/clrg switch -n phys-schost-2 sol-kz-fz1-rg
   phys-schost-1# zoneadm list -cv
     ID NAME        STATUS      PATH   BRAND      IP
      0 global      running     /      solaris    shared
      - sol-kz-fz1  configured  -      solaris-kz excl
   

10. Copy the zone configuration to the second node and create the kernel zone on the second node using the configuration file.
    
    

    root@phys-schost-1:~# zonecfg -z sol-kz-fz1 export -f \ 
    /var/cluster/run/sol-kz-fz1.cfg
    root@phys-schost-1:~# scp /var/cluster/run/sol-kz-fz1.cfg phys-schost- \
    2:/var/cluster/run/
    root@phys-schost-1:~# rm /var/cluster/run/sol-kz-fz1.cfg
    root@phys-schost-2:~# zonecfg -z sol-kz-fz1 -f /var/cluster/run/sol-kz-\ 
    fz1.cfg
    root@phys-schost-2:~# rm /var/cluster/run/sol-kz-fz1.cfg
    

11. Attach the zone and verify that the zone can boot on the second node. Log in from another session to ensure that the zone boots up fine.
    
    

    root@phys-schost-2:~# zoneadm -z sol-kz-fz1 attach -x force-takeover
    root@phys-schost-2:~# zoneadm -z sol-kz-fz1 boot
    root@phys-schost-2:~# zlogin -C sol-kz-fz1
    

12. Shut down and detach the zone.
    
    

    root@phys-schost-2:~# zoneadm -z sol-kz-fz1 shutdown
    root@phys-schost-2:~# zoneadm -z sol-kz-fz1 detach -F
    

13. Install the failover zone agent if it is not already installed.
    
    

    root@phys-schost-1# pkg install ha-cluster/data-service/ha-zones
    root@phys-schost-2# pkg install ha-cluster/data-service/ha-zones
    

14. To create the resource from any one node, edit the sczbt_config file and set the parameters as shown below.
    
    

    root@phys-schost-2:~# clrt register SUNW.gds
    root@phys-schost-2:~# cd /opt/SUNWsczone/sczbt/util
    root@phys-schost-2:~# cp -p sczbt_config sczbt_config.sol-kz-fz1-rs
    root@phys-schost-2:~# vi sczbt_config.sol-kz-fz1-rs
    RS=sol-kz-fz1-rs
    RG=sol-kz-fz1-rg
    PARAMETERDIR=
    SC_NETWORK=false
    SC_LH=
    FAILOVER=true
    HAS_RS=RS=sol-kz-fz1-hasp-rs
    RG=sol-kz-fz1-rg
    Zonename="sol-kz-fz1"
    Zonebrand="solaris-kz"
    Zonebootopt=""
    Milestone="svc:/milestone/multi-user-server"
    LXrunlevel="3"
    SLrunlevel="3"
    Mounts=""
    Migrationtype="warm"
    

15. To configure the zone-boot resource, set the parameters in the zone-boot configuration file.
    
    

    root@phys-schost-2:~# ./sczbt_register -f ./sczbt_config.kz
    sourcing ./sczbt_config.kz
    Registration of resource kz-rs succeeded.
    root@phys-schost-2:~# /usr/cluster/bin/clrs enable sol-kz-fz1-rs
    

16. Check the status of the resource groups and resources.
    
    

    root@phys-schost-2:~# /usr/cluster/bin/clrs status -g sol-kz-fz1-rg
    === Cluster Resources ===
    Resource Name         Node Name     State        Status Message
    -------------------   ------------- -----        -------------------
    sol-kz-fz1-rs         phys-schost-1 Online       Online - Service is online.
                          phys-schost-2 Offline      Offline
    
    sol-kz-fz1-hasp-rs    phys-schost-1  Online      Online
                          phys-schost-2  Offline     Offline
    root@phys-schost-2:~#
    

17. Log in using the zlogin -C sol-kz-fz1 command to verify that zone successfully boots up and then switch to other node to test switchover.
    
    

    root@phys-schost-2:~# /usr/cluster/bin/clrg switch -n phys-schost-1 sol-kz-fz1-rg
    root@phys-schost-2:~# /usr/cluster/bin/clrs status -g sol-kz-fz1-rg
    === Cluster Resources ===
    
    Resource Name         Node Name     State         Status Message
    -------------------   ----------    -----          -------------------
    sol-kz-fz1-rs         phys-schost-1 Online         Online
                          phys-schost-2 Offline        Offline
    
    ha-zones-hasp-rs      phys-schost-1 Online         Online
                          phys-schost-2 Offline        Offline
    root@phys-schost-2:~#
    

Calibre is a free and open source ebook manager.

Although Calibre is probably better known for its desktop client, it can also act as a powerful server, allowing you to access your ebooks from anywhere in the world (or share your collection with friends). Keeping your ebooks on a server is great, as you aren't reliant on having the same reading device with you whenever you want to read. And if you go traveling, you don't need to worry about taking your ebook collection with you!

The server includes a simple and elegant browser front-end that allows you to search for and download books from your library. It also has a mobile-friendly site built in, making it easy to download books straight to an e-reader – even to ones with only the most basic web functionality.

For example, Calibre's browser works with the Kindle Touch, which can download books directly even though the device only has an e-ink display and an experimental browser.

In this article we'll look at how to install, set up, and use Calibre on a Ubuntu 14.04 server. We'll also take a look at how to use the calibredb command to create, customize, and maintain your ebook database right from the server.

For this tutorial we'll cover:

• Installing Calibre
• Creating an ebook library, or importing an existing one
• Making Calibre server a background service
• Automatically adding new books to the library

By the end of this tutorial, you'll have a small initial library to which you can easily add new books!

Prerequisites

Please make sure you have these prerequisites:

• Ubuntu 14.04
• A sudo user

Examples in this tutorial are shown for a virtual or physical machine running a fresh installation of Ubuntu 14.04, but they should be easily adaptable to other operating systems.

Step 1 — Installing Calibre

Calibre is available from the APT software repositories, but as advised by its creators it is far better to install from the binaries provided on their website. Calibre is updated very frequently and the version in the repos tends to lag behind.

Luckily, the creators of Calibre have made this very simple to do. Just run the following Python command on your server. Before running the command, please double-check the official Calibre site in case the command has been changed.

Install Calibre (make sure you scroll to get the entire command):

sudo -v && wget -nv -O- https://raw.githubusercontent.com/kovidgoyal/calibre/master/setup/linux-installer.py | sudo python -c "import sys; main=lambda:sys.stderr.write('Download failed\n'); exec(sys.stdin.read()); main()"

You will notice some warnings about failed desktop integration, but these are safe to ignore, since you are installing Calibre on a remote server.

Step 2 — Installing Dependencies

The Calibre command line tool calibredb is used for various operations on your Calibre library, such as adding or importing books, and fetching metadata and covers for books.

We'll take a look at how to use some of these commands later, but for now we'll just install two dependencies. The first is ImageMagick, without which calibredb won't run; and the second is xvfb which we'll use to run calibredb in a virtual X display server – in order to sidestep issues caused by running Calibre in a non-display environment.

To install these just run the following commands.

Update your package lists:

sudo apt-get update

Install xvfb:

sudo apt-get install xvfb

Install ImageMagick:

sudo apt-get install ImageMagick

Step 3 — Creating the Library

Now we're almost ready to start running the server. We need to get some books to serve, however.

You may well have your own ebook library already, so we'll look at two ways of doing this.

1. Add ebook files directly; we'll grab a couple from Project Gutenberg
2. Import an existing Calibre library; useful if you're already running the desktop version of Calibre

Getting Books

First let's make a directory for our Calibre library. This example creates the directory in your user's home directory, although you could place it anywhere on the server. Run the following commands:

mkdir ~/calibre-library
mkdir ~/calibre-library/toadd

We've created two directories: the first, ~/calibre-library is the one that Calibre will organize automatically, while we'll add books manually to the toadd sub-directory. Later, we'll take a look at how to automate this process too.

How we'll grab some books from Project Gutenberg. For this tutorial we'll download Pride and Prejudice by Jane Austen and A Christmas Carol by Charles Dickens.

Change to the toadd directory to get started.

cd ~/calibre-library/toadd

Download the two ebooks:

wget http://www.gutenberg.org/ebooks/1342.kindle.noimages -O pride.mobi
wget http://www.gutenberg.org/ebooks/46.kindle.noimages -O christmascarol.mobi

Calibre relies somewhat on file extensions to correctly add books, so the -O flag in the wget command specifies a more friendly filename. If you downloaded a different format from Gutenberg (such as .epub) then you need to change the file extension accordingly.

Adding the Books to Calibre's Database

Now we need to add these books to the Calibre database using the calibredb command through the xvfb virtual display we installed earlier. To do this, run:

xvfb-run calibredb add ~/calibre-library/toadd/* --library-path ~/calibre-library

The asterisk means that Calibre will add all books found in the toadd directory to the library, in the calibre-library directory. You might see an error about not finding a cover (we chose to download the .mobi files without images), but you should also see confirmation that the books were added to the Calibre database.

Sample output:

Failed to read MOBI cover
Backing up metadata
Added book ids: 1, 2
Notifying calibre of the change

That's all we need to start seeing the first results. Let's test out the server. Run:

calibre-server --with-library ~/calibre-library

The command won't produce any output, but will just appear to hang in your terminal. This is fine for now; we'll look at daemonizing it properly later. Now open a web browser and navigate to:

• http://your_server_ip:8080

Replace your_server_ip with your Ubuntu machine IP address. You should see the main page of your library, looking similar to the screenshot below.


If you click on the All books link, you should see the two books that we added earlier. You can click on the Get button below either book to download it.

Uploading an Existing Calibre Library

If you're already running the desktop version of Calibre and already have your library set up, you can import it to your server easily.

Double-check your current library folder for a file called metadata.db. If this file exists, then everything should just work without any additional configuration.

Upload your entire library folder to your server.

Then, run this command:

calibre-server --with-library /path/to/calibre-library

This will add your existing library in its entirety to the server. You can add more books to it on the server by placing the book files in the toadd directory, as explained in this tutorial.

Step 4 — Making Calibre a Background Service

We don't really want to keep a shell open with the calibre-server command running in it just to keep the server running.

While we could add the --daemonize flag to the command, there are better ways to do it. Below we'll look at how easy it is to make calibre-server into a service so that it will automatically start on system reboot and so that we can very easily start, stop, or restart the process.

Until recently, the way to achieve this was to write complex scripts and put them in the /etc/init.d/ directory. The currently recommended way is to use a far simpler Upstart script, which is a .conf file placed in the /etc/init/ directory. We'll take a look at how to do this:

If the server is still running, hit CTRL + C in your terminal to stop it.

Now create a new configuration file:

sudo nano /etc/init/calibre-server.conf

Create the Upstart script, being sure to replace the variables according your environment:

description "Calibre (ebook manager) content server"

start on runlevel [2345]
stop on runlevel [^2345]

respawn

env USER='myusername'
env PASSWORD='mypassword'
env LIBRARY_PATH='/home/user/calibre-library'
env MAX_COVER='300x400'
env PORT='80'

script
    exec /usr/bin/calibre-server --with-library $LIBRARY_PATH --auto-reload \
                                 --max-cover $MAX_COVER --port $PORT \
                                 --username $USER --password $PASSWORD
end script

Paste this into your text editor and save it. (CTRL + X, then Y, then ENTER). We'll look at what each line does below:

• The first line is just a description to help you (or others) know what the script does
• The next two lines state at what level you want your script to start and stop on, since Upstart, allows for order specification so that scripts that rely on each other will start in the right order. Level 1 is for all essential services, so we'll start on level 2, by which time we know that the network and anything else we need will be up and running
• respawn means that if the service stop unexpectedly, it'll try to restart

The next lines are all variables that we pass to the calibre-server command. Before, we just used the minimum of specifying the --with-library option, but we can see now how much flexibility Calibre offers. Above, we've specified:

• Username and password to access the library from the web (please change these from the examples provided)
• Library location path, as before
• Max image size for book cover images (this is useful to make the page load more quickly)
• Port number (here we've changed it to 80; change this to something else if you already use port 80 to serve standard web pages, etc.)
• Finally, in the script section (known as a stanza) we run the main command using exec, and passing in all our variables. The /usr/bin/calibre-server part is the path to the executable

Once you've saved the script and closed the editor, start up the server:

sudo start calibre-server

This time you should see this output, but with a different process number:

calibre-server start/running, process 7811

Now use a browser to navigate to your server's IP address or domain name.

You should see a popup form asking for the username and password. These should be the ones you added to the Upstart script. Enter these and you'll be taken to your ebook library as before.

The server can now easily be stopped, started, and restarted using the following commands:

sudo service calibre-server stop
sudo service calibre-server start
sudo service calibre-server restart

This makes managing the server a lot easier than having to manually deal with daemon processes and process IDs!

The site by default has a mobile version that works nicely with smaller-screen devices such as phones and e-readers. This should load automatically if you visit the site from a mobile device.

Step 5 — Creating a Cron Job to Add Books Automatically

We can write a simple cron job to watch our toadd directory for new books.

Every 10 minutes it will look for files in the /home/user/calibre-library/toadd/ directory, add any files in there to our Calibre database, and then remove the original files. (Calibre makes copies of the files when it adds them to our library so we don't need the originals once the add has taken effect.) This means that if you transfer book files via scp, ssh, etc. to this directory from your main machine, or just download them directly into the toadd directory, then they'll automatically be added to your Calibre database and be available for download from your library!

To create a cron job, execute:

crontab -e

You might have to make a selection about your preferred text editor.

At the end of the file add the line:

*/10 * * * * xvfb-run calibredb add /home/user/calibre-library/toadd/ -r --with-library /home/user/calibre-library && rm /home/user/calibre-server/toadd/*

The first part of the command (*/10 * * * *) means that the command should be run every ten minutes. The second part is the same as the command we manually ran earlier. It adds all the books from the toadd folder to the database and then removes the original files.

That's that. You can now access your ebooks from anywhere in the world.

Note: The search results in Calibre aren't sorted by relevance, so if you enter a common term you often find unrelated books before the one you're looking for. However, you can specify to search only by title or author, which does help a lot, and the browse options (browse alphabetically by Author, for example) are very well implemented as well.

Conclusion

There are one or two things to keep in mind about running and maintaining a Calibre server. We'll take a brief look at these to finish off.

SchoolTool is an open-source student management system alternative to Blackboard or Pearson’s PowerSchool. It can be used to manage any of the following records a school might keep:

• Achievement and goal tracking
• Attendance journals
• Event calendars
• Gradebooks
• Guardian/parent, staff, and student contact information
• Infraction/intervention reports

School administrators, clerks, students, and teachers can access SchoolTool using a typical web browser. Unlike PowerSchool, it does not require the Java Runtime Environment.

Prerequisites

Make sure you have these prerequisites before you begin.

• A server with at least 2GB of RAM running Ubuntu 14.04. Depending on the number of SchoolTool users, you may need more memory
• One server per school. SchoolTool does not natively support multiple schools on the same server; i.e., a single district-wide deployment
• A sudo user to execute day-to-day commands

Step 1 — Adding SchoolTool’s Package Repository

The SchoolTool team does not publish its software on the official Ubuntu package repositories, so you will need to add the address of their repository to your server:

sudo add-apt-repository ppa:schooltool-owners/2.8

When prompted, press ENTER.

Step 2 — Installing SchoolTool

Now that SchoolTool’s repository is added to your server, update your server’s package list.

sudo apt-get update

Then, install SchoolTool.

sudo apt-get install schooltool

SchoolTool will install a vast assortment of Python packages along with the SchoolTool software itself, so this can take a few minutes. Python is the programming language that SchoolTool is written in. Those of you who are experienced sysadmins will notice that SchoolTool does not require a LAMP stack for serving web pages or storing data. According to SchoolTool’s developers, the use of Python apps provides more stability in day-to-day operation and during program updates.

Step 3 — Allowing Public Access

By default, SchoolTool is accessible only from the computer where it's installed. In this section, we will open it up to public Internet access.

Open SchoolTool’s paste.ini configuration file on your server in nano, a terminal-based text editor.

sudo nano /etc/schooltool/standard/paste.ini

Use the down arrow on your keyboard to move your cursor towards the bottom of the file. You will see this:

[server:main]
use = egg:zope.server
host = 127.0.0.1
port = 7080

Use the arrow and BACKSPACE keys to replace 127.0.0.1 with 0.0.0.0.

[server:main]
use = egg:zope.server
host = 0.0.0.0
port = 7080

Press the CONTROL + X keys simultaneously for a moment. At the bottom of your screen, nano will ask you this:

Save modified buffer (ANSWERING "No" WILL DESTROY CHANGES) ?                    
 Y Yes
 N No           ^C Cancel

Press the Y key on your keyboard to save your changes to the configuration file.

To apply the changes to SchoolTool, you will need to restart it.

sudo service schooltool restart

Now you can take a moment to view SchoolTool in your browser, to make sure everything is working so far.

Open your browser, and visit the URL http://example.com:7080 or http://your_server_ip:7080, depending on your desired configuration. Note that for now, you need to add the :7080 port number. The next section will show you how to access the server on the default port (80), which should make it easier for more users to access.

You should see the default calendar page.

(Optional) Step 4 — Configuring Port 80 Access

SchoolTool’s default port is 7080. However, most users will be more comfortable accessing it on port 80, which is one of the normal ports used by web browsers. That means people will be able to access the server at example.com rather than example.com:7080.

If you do not have any programs (e.g., Apache or Nginx) using port 80 on your server, you can change SchoolTool’s default port to 80 by following the instructions in this section. If you already have a program on your server that uses port 80, you will have to use the default port 7080 or create a new server specifically for SchoolTool.

You can use iptables to forward port 80 to port 7080. Assuming your server is connected to the internet using the interface eth0, use the following commands to accomplish this.

Execute these three commands on your server to set up port forwarding:

sudo iptables -A INPUT -i eth0 -p tcp --dport 80 -j ACCEPT
sudo iptables -A INPUT -i eth0 -p tcp --dport 7080 -j ACCEPT
sudo iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 7080

Now you will be able to log into SchoolTool using the URL http://example.com or http://your_server_ip, depending on your desired configuration.

Step 5 — Logging in to SchoolTool

Use your favorite web browser to access SchoolTool. SchoolTool’s home page is the Calendar page by default.

In the upper right-hand corner, click on the Log in link.



Use the default SchoolTool login credentials:

• Username: manager
• Password: schooltool

Then press the Log in button to log in.


You're now logged in to SchoolTool.

Step 6 — Making Basic Configuration Changes

Now that you have logged into SchoolTool, you will want to make the following changes:

• Change the manager account’s password
• Specify your school’s name
• Specify your school’s logo

First we'll update the password for the manager account. Do not leave this with the default password; otherwise, anyone could log into the account.

Click on the Home tab in the navigation menu located at the top of the web page. Next, click on the Settings > Password link in the left-hand navigation menu.























Type in the current password, schooltool. Then type in your new password twice, and press the Apply button. Please choose a strong password.

A Password changed successfully popup will appear. From now on, you should use this password to log in to the SchoolTool control panel.



Next we'll change your school's name and logo.

Click on the School tab in the navigation bar located at the top of the web page. Then, click on the Customize > School Name link in the left-hand navigation menu.

Replace Your School with the name of your school. In this tutorial, we'll use TechSupportPK Academy.

Click on the Choose File button to upload an image from your computer to use as your school’s logo. Once you have selected an image to use, press the Submit button to save your changes.



When the page reloads, SchoolTool will use the name and logo of your school instead of its defaults.

Conclusion

Now that you have installed SchoolTool, you have a free alternative to BlackBoard or PowerSchool that will allow your school to manage student records from a browser-based application.

You'll want to add teachers and students, set up grade books, and more. To access the full SchoolTool manual, refer to The SchoolTool Book, a knowledge base maintained by the developers of SchoolTool.

Did your software vendor indicate that you can Virtualize their application, but only if you dedicate one or more CPU cores to it? Not clear on what happens when you assign CPUs to a virtual machine? You are far from alone.

Physical Processors are Never Assigned to Specific Virtual Machines

Start by Understanding Operating System Processor Scheduling

Let’s kick this off by looking at how CPUs are used in regular Windows. Here’s a shot of my Task Manager screen:


Nothing fancy, right? Looks familiar, right?

Taking These Concepts to the Hypervisor

What About Processor Affinity?

How Does Thread Scheduling Work?

What Does the Number of vCPUs I Select Actually Mean?

But Can’t You Assign More Total vCPUs to all VMs than Physical Cores?

What’s The Proper Ratio of vCPU to pCPU/Cores?

Then it became 12.

And then the recommendations went away.

What About Reserve and Weighting (Priority)?

Let’s look at the config screen:

But What About Hyper-Threading?

How to reset your admin password

D:
CD Windows/system32
Ren utilman.exe utilman.exe.old
Copy cmd.exe utilman.exe

Change the Local Administrator Password

Net user administrator newpassword
Net user Administrator /active:yes

Create an Additional Local Administrator Account

Type the following commands add another local administrator account

Net user newadmin P@ssw0rd /add
Net localgroup administrators newadmin /add

After storage, Hyper-V’s next most confusing subject is networking. There are a dizzying array of choices and possibilities. To make matters worse, many administrators don’t actually understand that much about the fundamentals because, up until now, they’ve never really had to.

• Part 1 - Mapping the OSI Model
• Part 2 - VLANs
• Part 3 - IP Routing
• Part 4 - Link Aggregation and Teaming
• Part 5 – DNS
• Part 6 - Ports, Sockets, and Applications
• Part 7 - Bindings
• Part 8 - Load-Balancing Algorithms

 

Why It Matters

In the Windows NT 4.0 days, the Microsoft Certified Systems Engineer exam track required passage of “Networking Essentials” and the electives included a TCP/IP exam. Neither of these exams had a corollary in the Windows 2000 track and, although I haven’t kept up much with the world of certification since the Windows 2003 series, I’m fairly certain that networking has largely disappeared from Microsoft certifications.

That’s both a blessing and a curse. Basic networking isn’t overly difficult and a working knowledge can be absorbed through simple hands-on experience. More advanced, and sometimes even intermediate skills, can be involved and require a fair level of dedication. If all you really need to do is plug a Windows Server into an existing network and get it going, then a lot of that is probably excess detail that you can leave to someone else.

There are certification, expertise, and career tracks available just for networking, and the network engineers and administrators that earn them deserve to have their own world separate from system engineering and administration. Learning all of that is burdensome for systems administrators and is unlikely to pay dividends, especially with the risk of skill rot.

The downside is that it’s no longer good enough to know how to set up a vendor team and slam in some basic IP information. Too many systems people have ignored the networking stacks in favor of their servers and applications and are now playing catch-up as integrated teaming, datacenter bridging, software-defined networking, and other technologies escape the confines of netops and intrude into the formerly tidy world of sysops.

The first post of this series will (re)introduce you to the fundamentals of networking that you will build the rest of your Hyper-V networking understanding upon.

The OSI Model

If you’ve never heard the phrases “All People Seem To Need Data Processing” or “Please Do Not Throw Sausage Pizza Away”, then someone along your technical education path has done you a great disservice (or you learned the OSI model in a non-English language). These are mnemonics used by students to drill for exams that test on the seven layers of the OSI model, which obviously worked because I can still recall them fifteen years later:

1. Physical
2. Data Link
3. Network
4. Transport
5. Session
6. Presentation
7. Application

Oddly enough, I’ve never been asked on any test what “OSI” stands for and I had to look that up: Open Systems Interconnection. Now you know what to put on that blank Apples to Apples card if you want to never be invited to a party again.

The reason that we have two mnemonics is because traffic travels both ways in the model. If your application is Skype, then the model covers your voice being broken into a rush of electrons (from seventh down to first layer) and back into something that might sound almost like you on the other side of an ocean (from first up to seventh layer).

The OSI model is a true model in that it does nothing but describe how a complete networking stack might look. In practice, there is nothing that perfectly matches to this model. The idea is that each of the seven layers performs a particular function in network communications, but only knows enough to interoperate with the layer immediately above and immediately below. So, no jumping from the physical layer to the presentation layer, for instance.

I’m not going to spend a bunch of time on the seven layers. There are a lot of great references and guides available on the Internet, so if you really care, do some searching and find the resource that suits your learning model. If you’re in systems or network administration/engineering, layers six and seven will likely never be of any real concern to you. You might occasionally care about layer five. We’re really focused on layers one through four, and that’s what we’ll talk about.

Use the following diagram as a visual reference for the upcoming sections:

• Part 1 - Mapping the OSI Model
• Part 2 - VLANs
• Part 3 - IP Routing
• Part 4 - Link Aggregation and Teaming
• Part 5 – DNS
• Part 6 - Ports, Sockets, and Applications
• Part 7 - Bindings
• Part 8 - Load-Balancing Algorithms

• Part 1 - Mapping the OSI Model
• Part 2 - VLANs
• Part 3 - IP Routing
• Part 4 - Link Aggregation and Teaming
• Part 5 – DNS
• Part 6 - Ports, Sockets, and Applications
• Part 7 - Bindings
• Part 8 - Load-Balancing Algorithms

• Part 1 - Mapping the OSI Model
• Part 2 - VLANs
• Part 3 - IP Routing
• Part 4 - Link Aggregation and Teaming
• Part 5 – DNS
• Part 6 - Ports, Sockets, and Applications
• Part 7 - Bindings
• Part 8 - Load-Balancing Algorithms

To save you from needing to click back to part 2, here is the visualization again:

The last couple of posts in this series have dealt with how Ethernet frames and IP packets get to their destination. In this post, we’ll step up a little bit and look at the role DNS plays in getting those packets to the correct IP address. We’ll see how this works in general and the issues specific to a Hyper-V environment.

• Part 1 - Mapping the OSI Model
• Part 2 - VLANs
• Part 3 - IP Routing
• Part 4 - Link Aggregation and Teaming
• Part 5 – DNS
• Part 6 - Ports, Sockets, and Applications
• Part 7 - Bindings
• Part 8 - Load-Balancing Algorithms

 

DNS

DNS is a remarkably simple, yet just as remarkably misunderstood technology. I’ve lost track of the number of truly brilliant people I’ve met that struggle with it. So, if you’re confused by DNS, you’re in good company. Let’s see what we can do to get rid of the confusion.

Its usage has expanded over the years, but the basic problem that DNS addresses is that humans are not very good at remembering numbers. We have a comparably good ability to recall words, especially when using associative techniques. Computers, as you’ve probably noticed, have the opposite problem. Not only do they like numbers, they store “words” as numbers. DNS was designed to bridge this gap.

At its core, DNS (domain name system) is a directory that matches names with numbers. That’s about as complicated as it gets. It has a few other functions, but they all boil down to matching a name to a number. There are a couple of common analogies that easily illustrate this concept.

The first is phone numbers. Each phone line has a globally unique number. Remembering more than a few of them is extremely difficult. So, phone directories were created. For most of my life, these directories were manifested in large printed books known as the “white pages”, which first lost ground to basic speed dial, and are now built right into everyone’s smart phone.

The second are physical street addresses. In the U.S., the ZIP+4 alone specifies the exact destination. It’s usually accompanied by a larger, more complicated arrangement that is more human-comprehensible.

Just as those systems match human-decipherable addresses to more specific locations, DNS matches human-readable names to IP addresses. Like the telephone system, it does so in a precisely ordered, hierarchical fashion. This system works from right-to-left. As you work toward the left, each successive element becomes more specific. In a fully-qualified domain name, the left-most object represents the final destination. We’ll work with the TechSupport website as an example:

Each element is separated by a dot. In a complete DNS name, a dot does exist at the very right-most position, although it’s usually suppressed. This dot represents the root domain; nothing can be any higher in the hierarchy. This root domain contains all other domains.

Moving to the left, the next object we encounter is “com”. This is known as a top-level domain, which is occasionally abbreviated to TLD. “com” is one of several well-known top-level domains that are available on the Internet. Recently, changes to the public registration system have added quite a number of additional top-level domains. Some of these are protected, like edu and gov. Others are open to registrars to provide naming services to customers.

After “com”, we find another period. The periods are how DNS separates elements, but have no special meaning in any position other than the root domain.

Next, we reach “techsupportpk”. The contents of this element are generally just called the domain. In this case, the company called “Techsupportpk” has registered the domain name of “techsupportpk” underneath the top-level domain of “com”. As the legal registrants, they can put just about anything inside this domain that they like and no one else is allowed to use it.

The next element is “www”. I believe that this particular character string is largely responsible for most of the confusion that people feel when talking about DNS. Because it is the left-most element, it is the most specific part of the entire DNS name. In a traditional fully-qualified DNS name, this would refer to a single computer called “www”. However, since the dawn of the web page, it seems that everyone has a computer called “www” sitting on the Internet, serving up web traffic. It is the ubiquity of computers named “www” that confuse people when you tell them that it is the most specific element of the web name, not the least.

In traditional DNS parlance, the “www” portion is usually called the hostname. Of course, in the modern era, there probably isn’t a computer actually called “www”. It’s probably a hardware load-balancer or a group of computers operating in round-robin or something of the sort. But the point is, “www” is a singular entity that has a specific IP address that is the target of the fully-qualified name “www.techsupportpk.com”.

So, to match it back to the street address analogy, the right-most period means “the world”, “com” means the country, “techsupportpk” is the city, and “www” is the street and house number. To match it to the phone number analogy, the right-most period is again “the world”, “com” is the country code, “techsupportpk” is the area code and prefix, and “www” is the final set of numbers. These analogies are obviously not completely perfect, but the concepts are the same.

DNS becomes considerably easier to understand when you move away from “www”. Another DNS name that’s common to many Internet entities is “support”. For example, “support.microsoft.com” refers to an entity named “support” that is part of the domain “microsoft” that is a member of the TLD “com”.

Confusing Conventions

The usage of “www” isn’t the only way that people trip up over DNS. Another is that we’ve also developed tools, especially web servers and browsers, to reduce the complexity in a way that masks the true operation of DNS. For instance, if you just tell your browser to go to “techsupportpk.com”, you’ll land on “http://www.techsupportpk.com”. Some websites, such as http://sourceforge.net, mask the computer name out entirely. This very common behavior has led people to believe that they are connecting to “techsupportpk.com” and that the “www” is just an optional relic. Even though the actual name of the system you’re connecting to really doesn’t matter, it’s still there and is separate from its containing domain name.

What about https:// and other URL components?

Another stumbling block for many people is the fact that a DNS name is just one part of a uniform resource locator (URL). A fully-qualified DNS name is composed of nothing more than alphanumeric identifiers (hyphens are also acceptable) separated by periods. The other elements of a URL have different purposes and are not part of DNS. The first of these elements that you usually encounter is the protocol identifier, such as “http://”. Other common protocol identifiers are “https://” and “file://”. What these do is identify to the browser (or any URL-friendly application) that it should connect using a specific protocol. As with “www”, “http://” is so ubiquitous that it’s sometimes assumed to be attached to the DNS name somehow.

A complete URL also contains a resource identifier. For example, http://www.techsupportpk.com/support.php refers to a resource named “support.php” that is served by the entity named “www” on the domain “techsupportpk” which is a member of the TLD named “com”. Most web sites employ default resources, which means that they automatically serve up a specifically-named entity, such as index.html whenever the client browser doesn’t request a resource. In terms of a web server, such as resource is always delivered in some fashion. For other URLs, such as ldap://dc1.domain.local, just access to the target system may be enough. The important fact for this discussion is that a trailing slash (/) and anything that comes after it is not part of the DNS name.

Subdomains

The above examples are the most common and basic format for a DNS name. The dotted notation can continue to proceed to the left with subdomains. Consider:

The above refers to the entity named “chat1” which is a member of subdomain “chatnet” which is a part of the domain “socialmediaco” which is under the TLD “com”.

Fully-Qualified and not-so-Fully-Qualified

In the early days of DNS, you really only thought about hostnames, domain names, and fully-qualified domain names (FQDN). For an individual host, the first two would combine to form the latter. So, going back to our original example, “www” is the hostname, “techsupportpk.com” is the domain name, and “www.techsupportpk.com” is the FQDN for the “www” host. But, as work was done to simplify even the DNS system for the average user, other things began to be lost. To reuse another example, http://sourceforge.net is missing a hostname. http://intranet is missing a domain name. Any time you see a DNS name that appears to stray from the format shown above, just be aware that it’s likely that you’re looking at a name that is somewhat less than fully-qualified. There are methods employed that take these partial inputs and resolve them into FQDNs. We’ll look at these later.

DNS Server Operation

If you have access to a Microsoft DNS system, I find that DNS is pretty simple to understand just by poking around in the console. Here’s a screenshot of mine:

In many ways, this particular post won’t have a great deal to do with Hyper-V itself. It will earn its place in this series by helping to clear up a common confusion point I see being posted on various Hyper-V help forums. People have problems moving traffic to or from virtual machines, and, unfortunately, spend a lot of time working on the virtual switch and the management operating system.

• Part 1 - Mapping the OSI Model
• Part 2 - VLANs
• Part 3 - IP Routing
• Part 4 - Link Aggregation and Teaming
• Part 5 – DNS
• Part 6 - Ports, Sockets, and Applications
• Part 7 - Bindings
• Part 8 - Load-Balancing Algorithms

So far, this series has spent most of its time focused on the methods that systems use to decide where traffic should go and how it should get there. A logical next step is to discuss how bindings work. What this article will do is bring the concepts of that topic inline with the aims of this series along with an explanation of the machinations of binding.

• Part 1 - Mapping the OSI Model
• Part 2 - VLANs
• Part 3 - IP Routing
• Part 4 - Link Aggregation and Teaming
• Part 5 – DNS
• Part 6 - Ports, Sockets, and Applications
• Part 7 - Bindings
• Part 8 - Load-Balancing Algorithms

Network Binding Basics

The concept of binding is fairly simple. It determines what capabilities will be available to a given adapter. You can choose what will be bound to an adapter and their order of precedence.
Let’s start by looking at the bindings for a typical physical network adapter:

• Part 1 - Mapping the OSI Model
• Part 2 - VLANs
• Part 3 - IP Routing
• Part 4 - Link Aggregation and Teaming
• Part 5 – DNS
• Part 6 - Ports, Sockets, and Applications
• Part 7 - Bindings

Hyper-V Port Load-Balancing Algorithm

Recommendations for Hyper-V Port Distribution Mode

Hash Load-Balancing Algorithms

Download link:

Prerequisites

• Minimum - Dual core server with 4 GB RAM, with 25 GB free disk space and 1 Gbps network
• interface.
• Recommended - Dual Sockets/Quad core server with 16 GB RAM, 50 GB free disk space on multiple disk spindles and 1 Gbps network interface.

• For the Red Hat Enterprise Linux 6 operating system: minimum 1 GB RAM and 5 GB local disk space.
• For the Manager: minimum 3 GB RAM, 3 GB local disk space and 1 Gbps network controller
• bandwidth.
• If you wish to create an ISO domain on the Manager server, you need minimum 15 GB disk space.

• The Red Hat Enterprise Virtualization Manager (v.3 x86_64 ) channel, also referred to as rhel-x86_64 -server-6-rhevm -3, which provides Red Hat Enterprise Virtualization Manager.

• The JBoss Application Platform (v 5) for 6Server x86_64 channel, also referred to as jbappplatform -5-x86_64 -server-6-rpm , which provides the supported release of the application platform on which the manager runs.

• The RHEL Server Supplem entary (v. 6 64 -bit x86_64 ) channel, also referred to as rhel-x86_64 -server-supplem entary-6, which provides the supported version of the Java Runtime Environment (JRE).

A client for connecting to Red Hat Enterprise Virtualization Manager.

• Microsoft Windows (7, XP, 2003 or 2008) with Internet Explorer 7 and above
• Microsoft .NET Framework 4

For each Host (Red Hat Enterprise Virtualization Hypervisor or Red Hat Enterprise Linux)

• Minimum - Dual core server, 10 GB RAM and 10 GB Storage, 1 Gbps network interface.

• Recommended - Dual socket server, 16 GB RAM and 50 GB storage, two 1 Gbps network interfaces.

The breakdown of the server requirements are as below:

• For each host: AMD-V or Intel VT enabled, AMD64 or Intel 64 extensions, minimum 1 GB RAM, 3GB free storage and 1 Gbps network interface.

• For virtual machines running on each host: minimum 1 GB RAM per virtual machine.

• Valid Red Hat Network subscriptions for each host. You can use either Red Hat Enterprise Virtualization Hypervisor or Red Hat Enterprise Linux hosts, or both.

For each Red Hat Enterprise Virtualization Hypervisor host:

• The Red Hat Enterprise Virtualization Hypervisor (v.6 x86-64 ) channel, also referred to as rhel-x86_64 -server-6-rhevh
• For each Red Hat Enterprise Virtualization Linux host: The Red Hat Enterprise Virt Management Agent (v 6 x86_64 ) channel, also referred to as rhel-x86_64 -rhevmgm t-agent-6.

Storage and Networking

• At leasTone of the supported storage types (NFS, iSCSI and FCP).
• For NFS storage, a valid IP address and export path is required.
• For iSCSI storage, a valid IP address and target information is required.
• Static IP addresses for the Red Hat Enterprise Virtualization Manager server and for each host server.
• DNS service which can resolve (forward and reverse) all the IP addresses.
• An existing DHCP server which can allocate network addresses for the virtual machines.

Virtual Machines

• Installation images for creating virtual machines, depending on which operating system you wish to use.
• Microsoft Windows XP, 7, 2003 or 2008.
• Red Hat Enterprise Linux 3, 4, 5 or 6.
• Valid licenses or subscription entitlements for each operating system.

Red Hat Enterprise Virtualization User Portal

• A Red Hat Enterprise Linux client running Mozilla Firefox 3.6 and higher or a Windows client running Internet Explorer 7 and higher.

Install Red Hat Enterprise Virtualization

The Red Hat Enterprise Virtualization platform consists of at leasTone Manager and one or more hosts.

Red Hat Enterprise Virtualization Manager provides a graphical user interface to manage the
physical and logical resources of the Red Hat Enterprise Virtualization infrastructure. The Manager is installed on a Red Hat Enterprise Linux 6 server, and accessed from a Windows client running
Internet Explorer.

Red Hat Enterprise Virtualization Hypervisor runs virtual machines. A physical server running
Red Hat Enterprise Linux can also be configured as a host for virtual machines on the Red Hat
Enterprise Virtualization platform.

Install Red Hat Enterprise Virtualization Manager

                                Figure 2.1. Install Red Hat Enterprise Virtualization Manager

The Manager is the control center of the Red Hat Enterprise Virtualization environment. It allows you to define hosts, configure data centers, add storage, define networks, create virtual machines, manage user permissions and use templates from one central location.

The Red Hat Enterprise Virtualization Manager must be installed on a server running Red Hat
Enterprise Linux 6, with minimum 4 GB RAM, 25 GB free disk space and 1 Gbps network interface.

Install Red Hat Enterprise Linux 6 on a server. When prompted for the software packages to
install, select the default Basic Server option. See the Red Hat Enterprise Linux Installation
Guide for more details.

Note: During installation, remember to set the fully qualified domain name (FQDN) and IP for the
server.

If the classpathx-jaf package has been installed, it must be removed because it conflicts with some of the components required to support JBoss in Red Hat Enterprise Virtualization Manager. Run:

# yum remove classpathx-jaf

If your server has not been registered with the Red Hat Network, run:

# rhn_register

To complete registration successfully you need to supply your Red Hat Network username and
password. Follow the onscreen prompts to complete registration of the system.
After you have registered your server, update all the packages on it. Run:

# yum -y update

Reboot your server for the updates to be applied.

Subscribe the server to the required channels using the Red Hat Network web interface.

a. Log on to Red Hat Network (http://rhn.redhat.com/).
b. Click System s at the top of the page.
c. Select the system to which you are adding channels from the list presented on the screen,
by clicking the name of the system.
d. Click Alter Channel Subscriptions in the Subscribed Channels section of the
screen.
e. Select the following channels from the list presented on the screen.
Red Hat Enterprise Virtualization Manager (v.3 x86_64 )
RHEL Server Supplem entary (v. 6 64 -bit x86_64 )
JBoss Application Platform (v 5) for 6Server x86_64 (note that this
channel is listed under "Additional Services Channels for Red Hat Enterprise Linux 6 for
x86_64")
Click the Change Subscription button to finalize the change.

You are now ready to install the Red Hat Enterprise Virtualization Manager. Run the following
command:

# yum -y install rhevm

This command will download the Red Hat Enterprise Virtualization Manager installation software
and resolve all dependencies.

When the packages have finished downloading, run the installer:

# rhevm -setup

Note: rhevm -setup supports the en_US.UT F-8, en_US.utf8, and en_US.utf-8 locales.
You will not be able to run this installer on a system where the locale in use is noTone of
these supported values.

The installer will take you through a series of interactive questions as listed in the following
example. If you do not enter a value when prompted, the installer uses the default settings which
are stated in [ ] brackets.

Example: Red Hat Enterprise Virtualization Manager installation

Welcom e to RHEV Manager setup utility
HTTP Port [8080] :
HTTPS Port [8443] :
Host fully qualified Dmain Name, note that this Name should be fully
resolvable [rhevm .dem o.redhat.com ] :
Password for Adm inistrator (adm in@ internal) :
Database password (required for secure authentication with the locally
created database) :
Confirm password :
Organization Name for the Certificate: Red Hat
The default storage type you will be using ['NFS'| 'FC'| 'ISCSI'] [NFS] :
ISCSI
Should the installer configure NFS share on this server to be used as an ISO
Dmain? ['yes'| 'no'] [no] : yes
Mount point path: /data/iso
Display Name for the ISO Dmain: local-iso-share
Firewall ports need to be opened.
You can let the installer configure iptables autom atically overriding the current configuration. The old configuration will be backed up.
Alternately you can configure the firewall later using an example iptables file found under /usr/share/rhevm /conf/iptables.example
Configure iptables ? ['yes'| 'no']: yes

Important points to note:

• The default ports 8080 and 84 4 3 must be available to access the manager on HTTP and HTTPS respectively.
• If you elect to configure an NFS share it will be exported from the machine on which the manager is being installed.
• The storage type that you select will be used to create a data center and cluster. You will then be able to attach storage to these from the Administration Portal.

You are then presented with a summary of the configurations you have selected. Type yes to
accept them.

Example: Confirm Manager installation settings

RHEV Manager will be installed using the following configuration:
=================================================================
http-port: 8080
https-port: 8443
host-fqdn: rhevm .dem o.redhat.com
auth-pass: * * * * * * * *
db-pass: * * * * * * * *
org-Name: Red Hat
default-dc-type: ISCSI
nfs-m p: /data/iso
iso-Dmain-Name: local-iso-share
override-iptables: yes
Proceed with the configuration listed above? (yes|no): yes

The installation commences. The following message displays, indicating that the installation was
successful.

Example: Successful installation

Installing:
Creating JBoss Profile... [ DONE ]
Creating CA... [ DONE ]
Setting Database Security... [ DONE ]
Creating Database... [ DONE ]
Updating the Default Data Center Storage Type... [ DONE ]
Editing JBoss Configuration... [ DONE ]
Editing RHEV Manager Configuration... [ DONE ]
Configuring the Default ISO Dmain... [ DONE ]
Starting JBoss Service... [ DONE ]
Configuring Firewall (iptables)... [ DONE ]

* * * * Installation com pleted successfully * * * * * *

Your Red Hat Enterprise Virtualization Manager is now up and running. You can log in to the Red Hat Enterprise Virtualization Manager's web administration portal with the username adm in (the
administrative user configured during installation) in the internal domain. Instructions to do so are
provided at the end of this chapter.

Important: The internal domain is automatically created upon installation, however no new users can be added to this domain. To authenticate new users, you need an external directory service. Red Hat
Enterprise Virtualization supports IPA and Active Directory, and provides a utility called rhevmmanage-domains to attach new directories to the system.

Install Hosts

                       Figure 2.2. Install Red Hat Enterprise Virtualization Hosts

After you have installed the Red Hat Enterprise Virtualization Manager, install the hosts to run your
virtual machines. In Red Hat Enterprise Virtualization, you can use either Red Hat Enterprise
Virtualization Hypervisor or Red Hat Enterprise Linux as hosts.

Install Red Hat Enterprise Virtualization Hypervisor

To prepare a Red Hat Enterprise Virtualization Hypervisor installation CD

• Download the latest version of the rhev-hypervisor* package from Red Hat Network. The lisTof hypervisor packages is located at the Red Hat Enterprise Virtualization Hypervisor
  (v.6 x86_64 ) channel.

a. Log on to Red Hat Network (http://rhn.redhat.com/).
b. Click System s at the top of the page.
c. From the list presented on the screen, select the system on which the Red Hat Enterprise
Virtualization Manager is installed by clicking on its name.
d. Click Alter Channel Subscriptions in the Subscribed Channels section of the screen.
e. Select the Red Hat Enterprise Virtualization Hypervisor (v.6 x86_64 ) channel from the list presented on the screen, then click the Change Subscription button to finalize the change.

Log in to the system on which the Red Hat Enterprise Virtualization Manager is installed. You must log in as the root user to install the rhev-hypervisor package. Run the following command:

# yum install "rhev-hypervisor* "

The hypervisor ISO image is installed into the /usr/share/rhev-hypervisor/ directory.

Insert a blank CD into your CD writer. Use the cdrecord utility to burn the hypervisor ISO image
onto your disc. Run:

# cdrecord dev=/dev/cdrw /usr/share/rhev-hypervisor/rhev-hypervisor.iso

Install Red Hat Enterprise Linux Host

Log In to Administration Portal

Configure Red Hat Enterprise Virtualization

Configure Data Centers

Configure Cluster

Configure Networking

Configure Hosts

Approve Red Hat Enterprise Virtualization Hypervisor Host

The Hypervisor you installed in Section “Install Red Hat Enterprise Virtualization Hypervisor” is automatically registered with the Red Hat Enterprise Virtualization platform. It displays in the Red Hat Enterprise Virtualization Manager, and needs to be approved for use.

To set up a Red Hat Enterprise Virtualization Hypervisor host
On the Tree pane, click Expand All and select Hosts under the Default cluster. On the Hosts tab, select the name of your newly installed hypervisor.

   Figure 3.8. Red Hat Enterprise Virtualization Hypervisor pending approval

Click the Approve button. The Edit and Approve Host dialog displays. Accept the defaults
or make changes as necessary, then click OK.

               Figure 3.9. Approve Red Hat Enterprise Virtualization Hypervisor

The host status will change from Non Operational to Up.

Attach Red Hat Enterprise Linux Host

In contrast to the hypervisor host, the Red Hat Enterprise Linux host you installed in Section,
“Install Red Hat Enterprise Linux Host” is not automatically detected. It has to be manually attached to the Red Hat Enterprise Virtualization platform before it can be used.

To attach a Red Hat Enterprise Linux host
On the Tree pane, click Expand All and select Hosts under the Default cluster. On the Hosts
tab, click New.
The New Host dialog displays.

             Figure 3.10. Attach Red Hat Enterprise Linux Host

Enter the details in the following fields:

• Data Center: the data center to which the host belongs. Select the Default data center.
• Host Cluster: the cluster to which the host belongs. Select the Default cluster.
• Name: a descriptive name for the host.
• Address: the IP address, or resolvable hostname of the host, which was provided during installation.
• Root Password: the password of the designated host; used during installation of the host.
• Configure iptables rules: This checkbox allows you to override the firewall settings on the host with the default rules for Red Hat Enterprise Virtualization.

If you wish to configure this host for OuTof Band (OOB) power management, select the Power Managem ent tab. T ick the Enable Power Managem ent checkbox and provide the required information in the following fields:

• Address: The address of the host.
• User Name: A valid user name for the OOB management.
• Password: A valid, robust password for the OOB management.
• Type: The type of OOB management device. Select the appropriate device from the drop down list.

alom Sun Advanced Lights Out Manager
apc American Power Conversion Master
MasterSwitch network power switch
bladecenter IBM Bladecentre Remote Supervisor Adapter
drac5 Dell Remote Access Controller for Dell
computers
eps ePowerSwitch 8M+ network power switch
ilo HP Integrated Lights Out standard
ilo3 HP Integrated Lights Out 3 standard
ipmilan Intelligent Platform Management Interface
rsa IBM Remote Supervisor Adaptor
rsb Fujitsu-Siemens RSB management interface
wti Western T elematic Inc Network PowerSwitch
cisco_ucs Cisco Unified Computing System Integrated
Management Controller

• Options: Extra command line options for the fence agent. Detailed documentation of the options available is provided in the man page for each fence agent.

Click the Test button to test the operation of the OOB management solution.

If you do not wish to configure power management, leave the Enable Power Management checkbox unmarked.

Click OK. If you have not configured power management, a pop-up window prompts you to confirm if you wish to proceed without power management. SelecToK to continue.

The new host displays in the lisTof hosts with a status of Installing. Once installation is complete, the status will update to Reboot and then Awaiting. When the host is ready for use, its status changes to Up.

You have now successfully configured your hosts to run virtual machines. The next step is to prepare data storage domains to house virtual machine disk images.

Configure Storage

                                Figure 3.11. Configure Storage

After configuring your logical networks, you need to add storage to your data center.

Red Hat Enterprise Virtualization uses a centralized shared storage system for virtual machine disk
images and snapshots. Storage can be implemented using Network File System (NFS), Internet Small
Computer System Interface (iSCSI) or Fibre Channel Protocol (FCP). Storage definition, type and function, are encapsulated in a logical entity called a Storage Dmain. Multiple storage domains are
supported.

For this guide you will use two types of storage domains. The first is an NFS share for ISO images of installation media. You have already created this ISO domain during the Red Hat Enterprise Virtualization Manager installation

The second storage domain will be used to hold virtual machine disk images. For this domain, you need at leasTone of the supported storage types. You have already set a default storage type during
installation as described in Section, “Install Red Hat Enterprise Virtualization Manager”. Ensure that you use the same type when creating your data domain.

Select your next step by checking the storage type you should use:

1. Navigate to the Tree pane and click the Expand All button. Under System, click Default. On
   the results list, the Default data center displays.
2. On the results list, the Storage T ype column displays the type you should add.
3. Now that you have verified the storage type, create the storage domain:

For NFS storage, refer to Section, “Create an NFS Data Domain”.
For iSCSI storage, refer to Section, “Create an iSCSI Data Domain”.
For FCP storage, refer to Section, “Create an FCP Data Domain”.

Create an NFS Data Domain

Because you have selected NFS as your default storage type during the Manager installation, you will
now create an NFS storage domain. An NFS type storage domain is a mounted NFS share that is
attached to a data center and used to provide storage for virtual machine disk images.

To add NFS storage:

Navigate to the Tree pane and click the Expand All button. Under System, select the Default
data center and click on Storage. The available storage domains display on the results list. Click
New Domain.

The New Storage dialog box displays.

    Figure 3.12. Add New Storage

Configure the following options:

• Name: Enter a suitably descriptive name.
• Data Center: The Default data center is already pre-selected.
• Dmain Function / Storage T ype: In the drop down menu, select Data → NFS. The storage domain types not compatible with the Default data center are grayed out. After you select your domain type, the Export Path field appears.
• Use Host: Select any of the hosts from the drop down menu. Only hosts which belong in the pre-selected data center will display in this list.
• Export path: Enter the IP address or a resolvable hostname of the chosen host. The export path should be in the formaTof 192.168.0.10:/data or domain.example.com :/data

Click OK. The new NFS data domain displays on the Storage tab. It will remain with a Locked status while it is being prepared for use. When ready, it is automatically attached to the data center.

You have created an NFS storage domain. Now, you need to attach an ISO domain to the data center
and upload installation images so you can use them to create virtual machines. Proceed to Section, “Attach and Populate ISO domain”.

Create an iSCSI Data Domain

Because you have selected iSCSI as your default storage type during the Manager installation, you will now create an iSCSI storage domain. Red Hat Enterprise Virtualization platform supports iSCSI storage domains spanning multiple pre-defined Logical Unit Numbers (LUNs).

To add iSCSI storage:

On the side pane, select the Tree tab. On System , click the + icon to display the available data
centers.
Double click on the Default data center and click on Storage. The available storage domains
display on the results list. Click New Domain.
The New Dmain dialog box displays.

    Figure 3.13. Add iSCSI Storage

Configure the following options:

• Name: Enter a suitably descriptive name.
• Data Center: The Default data center is already pre-selected.
• Domain Function / Storage Type: In the drop down menu, select Data → iSCSI.
• The storage domain types which are not compatible with the Default data center are grayed out. After you select your domain type, the Use Host and Discover T argets fields display.
• Use host: Select any of the hosts from the drop down menu. Only hosts which belong in this data center will display in this list.

To connect to the iSCSI target, click the Discover Targets bar. This expands the menu to
display further connection information fields.

  Figure 3.14 . Attach LUNs to iSCSI domain

Enter the required information:

• Address: Enter the address of the iSCSI target.
• Port: Select the port to connect to. The default is 3260.
• User Authentication: If required, enter the username and password.

Click the Discover button to find the targets. The iSCSI targets display in the results list with a
Login button for each target.

Click Login to display the lisTof existing LUNs. Tick the Add LUN checkbox to use the selected
LUN as the iSCSI data domain.

Click OK. The new NFS data domain displays on the Storage tab. It will remain with a Locked
status while it is being prepared for use. When ready, it is automatically attached to the data
center.

You have created an iSCSI storage domain. Now, you need to attach an ISO domain to the data center
and upload installation images so you can use them to create virtual machines. Proceed to Section ,“Attach and Populate ISO domain”.

Create an FCP Data Domain

Because you have selected FCP as your default storage type during the Manager installation, you will
now create an FCP storage domain. Red Hat Enterprise Virtualization platform supports FCP storage domains spanning multiple pre-defined Logical Unit Numbers (LUNs).

To add FCP storage:

On the side pane, select the Tree tab. On System , click the + icon to display the available data
centers.

Double click on the Default data center and click on Storage. The available storage domains
display on the results list. Click New Domain.

The New Dmain dialog box displays.

   Figure 3.15. Add FCP Storage

Configure the following options:

• Name: Enter a suitably descriptive name.
• Data Center: The Default data center is already pre-selected.
• Domain Function / Storage Type: Select FCP.
• Use Host: Select the IP address of either the hypervisor or Red Hat Enterprise Linux host.
• The lisTof existing LUNs display. On the selected LUN, tick the Add LUN checkbox to use it as the FCP data domain.

Click OK. The new FCP data domain displays on the Storage tab. It will remain with a Locked
status while it is being prepared for use. When ready, it is automatically attached to the data
center.

You have created an FCP storage domain. Now, you need to attach an ISO domain to the data center
and upload installation images so you can use them to create virtual machines. Proceed to Section, “Attach and Populate ISO domain”.

Attach and Populate ISO domain

You have defined your first storage domain to store virtual guest data, now it is time to configure your second storage domain, which will be used to store installation images for creating virtual machines. You have already created a local ISO domain during the installation of the Red Hat Enterprise Virtualization Manager. To use this ISO domain, attach it to a data center.

To attach the ISO domain
Navigate to the Tree pane and click the Expand All button. Click Default. On the results list,
the Default data center displays.

On the details pane, select the Storage tab and click the Attach ISO button.

The Attach ISO Library dialog appears with the available ISO domain. Select it and click OK.

   Figure 3.16. Attach ISO Library

The ISO domain appears in the results lisTof the Storage tab. It displays with the Locked status
as the domain is being validated, then changes to Inactive.

Select the ISO domain and click the Activate button. The status changes to Locked and then to
Active.

Media images (CD-ROM or DVD-ROM in the form of ISO images) must be available in the ISO repository for the virtual machines to use. To do so, Red Hat Enterprise Virtualization provides a utility that copies the images and sets the appropriate permissions on the file. The file provided to the utility and the ISO share have to be accessible from the Red Hat Enterprise Virtualization Manager.

Log in to the Red Hat Enterprise Virtualization Manager server console to upload images to the ISO
domain.

To upload ISO images

Create or acquire the appropriate ISO images from boot media. Ensure the path to these images
is accessible from the Red Hat Enterprise Virtualization Manager server.

The next step is to upload these files. First, determine the available ISO domains by running:

# rhevm -iso-uploader list

You will be prompted to provide the admin user password which you use to connect to the
administration portal. The tool lists the name of the ISO domain that you attached in the previous
section.

ISO Storage Dmain List:
local-iso-share

Now you have all the information required to upload the required files. On the Manager console,
copy your installation images to the ISO domain. For your images, run:

# rhevm -iso-uploader upload -i local-iso-share [file1] [file2] .... [fileN]

You will be prompted for the admin user password again, provide it and press Enter.
Note that the uploading process can be time consuming, depending on your storage performance.

After the images have been uploaded, check that they are available for use in the Manager
administration portal.

• Navigate to the Tree and click the Expand All button.
• Under Storage, click on the name of the ISO domain. It displays in the results list. Click on it to display its details pane.
• On the details pane, select the Im ages tab. The lisTof available images should be populated with the files which you have uploaded. In addition, the RHEV-toolsSetup.iso and virtio-win.vfd images should have been automatically uploaded during installation.

    Figure 3.17. Uploaded ISO images

Now that you have successfully prepared the ISO domain for use, you are ready to start creating virtual machines.

Manage Virtual Machines

The final stage of setting up Red Hat Enterprise Virtualization is the virtual machine lifecycle - spanning the creation, deployment and maintenance of virtual machines; using templates; and configuring user permissions. This chapter will also show you how to log in to the user portal and connect to virtual machines.

Create Virtual Machines
                   Figure 4 .1. Create Virtual Machines

On Red Hat Enterprise Virtualization, you can create virtual machines from an existing template, as a
clone, or from scratch. Once created, virtual machines can be booted using ISO images, a network boot (PXE) server, or a hard disk. This document provides instructions for creating a virtual machine using an ISO image.

In your current configuration, you should have at leasTone host available for running virtual machines, and uploaded the required installation images to your ISO domain. This section guides you through the creation of a Red Hat Enterprise Linux 6 virtual server. You will perform a normal attended installation using a virtual DVD.

To create a Red Hat Enterprise Linux server

Navigate to the Tree pane and click Expand All. Click the VMs icon under the Default cluster.
On the Virtual Machines tab, click New Server.

    Figure 4 .2. Create New Linux Virtual Machine

You only need to fill in the Name field and select Red Hat Enterprise Linux 6.x as your
Operating System . You may alter other settings but in this example we will retain the defaults.
Click OK to create the virtual machine.

A New Virtual Machine - Guide Me window opens. This allows you to add networks and
storage disks to the virtual machine.

                                 Figure 4 .3. Create Virtual Machines

Click Configure Network Interfaces to define networks for your virtual machine. The parameters in the following figure are recommended, but can be edited as necessary. When you have configured your required settings, click OK.

                                             Figure 4 .4 . New Network Interface configurations

You are returned to the Guide Me window. This time, click Configure Virtual Disks to add
storage to the virtual machine. The parameters in the following figure are recommended, but can
be edited as necessary. When you have configured your required settings, click OK.

                                           Figure 4 .5. New Virtual Disk configurations

Close the Guide Me window by clicking Configure Later. Your new RHEL 6 virtual machine will
display in the Virtual Machines tab.

You have now created your first Red Hat Enterprise Linux virtual machine. Before you can use your
virtual machine, install an operating system on it.

To install the Red Hat Enterprise Linux guesToperating system

Right click the virtual machine and select Run Once. Configure the following options:

                                          Figure 4 .6. Run Red Hat Enterprise Linux Virtual Machine

• Attach CD: Red Hat Enterprise Linux 6
• Boot Sequence: CD-ROM
• Display protocol: SPICE

Retain the default settings for the other options and click OK to start the virtual machine.

Select the virtual machine and click the Console icon. As this is your first time connecting to
the virtual machine, allow the installation of the Spice Active X and the SPICE client.

After the SPICE plugins have been installed, select the virtual machine and click the Console icon
again. This displays a window to the virtual machine, where you will be prompted to begin installing the operating system.

After the installation has completed, shut down the virtual machine and reboot from the hard drive.

You can now connect to your Red Hat Enterprise Linux virtual machine and start using it.

Create a Windows Virtual Machine

You now know how to create a Red Hat Enterprise Linux virtual machine from scratch. The procedure of creating a Windows virtual machine is similar, except that it requires additional virtio drivers. This example uses Windows 7, but you can also use other Windows operating systems. You will perform a normal attended installation using a virtual DVD.

To create a Windows desktop

Navigate to the Tree pane and click Expand All. Click the VMs icon under the Default cluster.
On the Virtual Machines tab, click New Desktop.

   Figure 4 .7. Create New Windows Virtual Machine

You only need to fill in the Name field and select Windows 7 as your Operating System . You
may alter other settings but in this example we will retain the defaults. Click OK to create the virtual
machine.

A New Virtual Machine - Guide Me window opens. This allows you to define networks for
the virtual machine. Click Configure Network Interfaces. See Figure 4.4, “New Network
Interface configurations” for details.

You are returned to the Guide Me window. This time, click Configure Virtual Disks to add
storage to the virtual machine. See Figure 4.5, “New Virtual Disk configurations” for details.

Close the Guide Me windows. Your new Windows 7 virtual machine will display in the Virtual
Machines tab.

To install Windows guesToperating system

Right click the virtual machine and select Run Once. The Run Once dialog displays as in
Figure 4.6, “Run Red Hat Enterprise Linux Virtual Machine”. Configure the following options:

• Attach Floppy: virtio-win
• Attach CD: Windows 7
• Boot sequence: CD-ROM
• Display protocol: SPICE

Retain the default settings for the other options and click OK to start the virtual machine.

Select the virtual machine and click the Console icon. This displays a window to the virtual
machine, where you will be prompted to begin installing the operating system.

Accept the default settings and enter the required information as necessary. The only change you must make is to manually install the VirtIO drivers from the virtual floppy disk (vfd) image. To do so, select the Custom (advanced) installation option and click Load Driver. Press Ctrl and select:

• Red Hat VirtIO Ethernet Adapter
• Red Hat VirtIO SCSI Controller

The installation process commences, and the system will reboot itself several times.

Back on the administration portal, when the virtual machine's status changes back to Up, right click on it and select Change CD. From the lisTof images, select RHEV-toolsSetup to attach the Guest Tools ISO which provides features including USB redirection and SPICE display optimization.

Click Console and log in to the virtual machine. Locate the CD drive to access the contents of the Guest Tools ISO, and launch the RHEV-toolsSetup executable. After the tools have been installed, you will be prompted to restart the machine for changes to be applied.

You can now connect to your Windows virtual machine and start using it.

Using Templates

                    Figure 4 .8. Create Templates

Now that you know how to create a virtual machine, you can save its settings into a template. This template will retain the original virtual machine's configurations, including virtual disk and network interface settings, operating systems and applications. You can use this template to rapidly create replicas of the original virtual machine.

Create a Red Hat Enterprise Linux Template

To make a Red Hat Enterprise Linux virtual machine template, use the virtual machine you created in Section, “Create a Red Hat Enterprise Linux Virtual Machine” as a basis. Before it can be used, it has to be sealed. This ensures that machine-specific settings are not propagated through the template.

To prepare a Red Hat Enterprise Linux virtual machine for use as a template

Connect to the Red Hat Enterprise Linux virtual machine to be used as a template. Flag the
system for re-configuration by running the following command as root:

# touch /.unconfigured

Remove ssh host keys. Run:

# rm -rf /etc/ssh/ssh_host_*

Shut down the virtual machine. Run:

# poweroff

The virtual machine has now been sealed, and is ready to be used as a template for Linux virtual
machines.

To create a template from a Red Hat Enterprise Linux virtual machine

In the administration portal, click the Virtual Machines tab. Select the sealed Red Hat
Enterprise Linux 6 virtual machine. Ensure that it has a status of Down.

Click Make Template. The New Virtual Machine Template displays.

Click Make Template. The New Virtual Machine Template displays.

   Figure 4 .9. Make new virtual machine template

Enter information into the following fields:

• Name: Name of the new template
• Description: Description of the new template
• Host Cluster: The Host Cluster for the virtual machines using this template.
• Make Private: If you tick this checkbox, the template will only be available to the template's creator and the administrative user. Nobody else can use this template unless they are given permissions by the existing permitted users.

Click OK. The virtual machine displays a status of "Image Locked" while the template is being
created. The template is created and added to the Templates tab. During this time, the action
buttons for the template remain disabled. Once created, the action buttons are enabled and the
template is ready for use.

Clone a Red Hat Enterprise Linux Virtual Machine

In the previous section, you created a Red Hat Enterprise Linux template complete with pre-configured storage, networking and operating system settings. Now, you will use this template to deploy a preinstalled virtual machine.

To clone a Red Hat Enterprise Linux virtual machine from a template

Navigate to the Tree pane and click Expand All. Click the VMs icon under the Default cluster.
On the Virtual Machines tab, click New Server.

   Figure 4 .10. Create virtual machine based on Linux template

On the General tab, select the existing Linux template from the Based on Template
list.
Enter a suitable Name and appropriate Description, then accept the default values
inherited from the template in the resTof the fields. You can change them if needed.
Click the Resource Allocation tab. On the Provisioning field, click the drop down
menu and select the Clone option.

          Figure 4 .11. Set the provisioning to Clone

Retain all other default settings and click OK to create the virtual machine. The virtual machine
displays in the Virtual Machines list.

Create a Windows Template

To make a Windows virtual machine template, use the virtual machine you created in Section,
“Create a Windows Virtual Machine” as a basis.

Before a template for Windows virtual machines can be created, it has to be sealed with sysprep. This ensures that machine-specific settings are not propagated through the template.

Note that the procedure below is applicable for creating Windows 7 and Windows 2008 R2 templates.

To seal a Windows virtual machine with sysprep

In the Windows virtual machine to be used as a template, open a command line terminal and type
regedit.

The Registry Editor window displays. On the left pane, expand HKEY_LOCAL_MACHINE →
SYSTEM → SETUP.

On the main window, right click to add a new string value using New → String Value. Right click
on the file and select Modify. When the Edit String dialog box displays, enter the following
information in the provided text boxes:

• Value name: UnattendFile
• Value data: a:\sysprep.inf

Launch sysprep from C:\Windows\System 32\sysprep\sysprep.exe

• Under System Cleanup Action, select Enter System Out-of-Box-Experience (OOBE).
• Tick the Generalize checkbox if you need to change the computer's system identification number (SID).
• Under Shutdown Options, select Shutdown.

Click OK. The virtual machine will now go through the sealing process and shut down
automatically.

To create a template from an existing Windows machine

In the administration portal, click the Virtual Machines tab. Select the sealed Windows 7
virtual machine. Ensure that it has a status of Down and click Make Template.

The New Virtual Machine Template displays. Enter information into the following fields:

• Name: Name of the new template
• Description: Description of the new template
• Host Cluster: The Host Cluster for the virtual machines using this template.
• Make Public: Check this box to allow all users to access this template.

Click OK. In the T em plates tab, the template displays the "Image Locked" status icon while it is
being created. During this time, the action buttons for the template remain disabled. Once created,
the action buttons are enabled and the template is ready for use.

You can now create new Windows machines using this template.

Create a Windows Virtual Machine from a Template

This section describes how to create a Windows 7 virtual machine using the template created in
Section, “Create a Windows Template”.

To create a Windows virtual machine from a template
Navigate to the Tree pane and click Expand All. Click the VMs icon under the Default cluster.
On the Virtual Machines tab, click New Desktop.

• Select the existing Windows template from the Based on Template list.
• Enter a suitable Name and appropriate Description, and accept the default values inherited from the template in the resTof the fields. You can change them if needed.

Retain all other default setting and click OK to create the virtual machine. The virtual machine
displays in the Virtual Machines list with a status of "Image Locked" until the virtual disk is created.
The virtual disk and networking settings are inherited from the template, and do not have to be
reconfigured.

Click the Run icon to turn iTon. This time, the Run Once steps are not required as the
operating system has already been installed onto the virtual machine hard drive. Click the green
Console button to connect to the virtual machine.

You have now learned how to create Red Hat Enterprise Linux and Windows virtual machines with and without templates. Next, you will learn how to access these virtual machines from a user portal.

Using Virtual Machines

Now that you have created several running virtual machines, you can assign users to access them from the user portal. You can use virtual machines the same way you would use a physical desktop.

Assign User Permissions
                    Figure 4 .12. Assign Permissions

Red Hat Enterprise Virtualization has a sophisticated multi-level administration system, in which
customized permissions for each system component can be assigned to different users as necessary.
For instance, to access a virtual machine from the user portal, a user must have either UserRole or
PowerUserRole permissions for the virtual machine. These permissions are added from the manager
administration portal.

To assign PowerUserRole permissions
Navigate to the Tree pane and click Expand All. Click the VMs icon under the Default cluster.
On the Virtual Machines tab, select the virtual machine you would like to assign a user to.

On the Details pane, navigate to the Perm issions tab. Click the Add button.

The Add Perm ission to User dialog displays. Enter a Name, or User Name, or part thereof in
the Search textbox, and click Go. A lisTof possible matches display in the results list.

      Figure 4 .13. Add PowerUserRole Permission

Select the check box of the user to be assigned the permissions. Scroll through the Assign
role to user list and select PowerUserRole. Click OK.

Log in to the User Portal

                    Figure 4 .14 . Connect to the User Portal

Now that you have assigned PowerUserRole permissions on a virtual machine to the user named admin, you can access the virtual machine from the user portal. To log in to the user portal, all you
need is a Linux client running Mozilla Firefox or a Windows client running Internet Explorer.

If you are using a Red Hat Enterprise Linux client, install the SPICE plug-in before logging in to the User Portal. Run:

# yum install spice-xpi

To log in to the User Portal

Open your browser and navigate to https://Dmain.exam ple.com :84 4 3/UserPortal.
Substitute domain.example.com with the Red Hat Enterprise Virtualization Manager server
address.

The login screen displays. Enter your User Name and Password, and click Login.

You have now logged into the user portal. As you have PowerUserRole permissions, you are taken by
default to the Extended User Portal, where you can create and manage virtual machines in addition to
using them. This portal is ideal if you are a system administrator who has to provision multiple virtual machines for yourself or other users in your environment.

    Figure 4 .15. The Extended User Portal

You can also toggle to the Basic User Portal, which is the default (and only) display for users with
UserRole permissions. This portal allows users to access and use virtual machines, and is ideal for
everyday users who do not need to make configuration changes to the system.

    Figure 4 .16. The Basic User Portal

You have now completed the Quick Start Guide, and successfully set up Red Hat Enterprise
Virtualization. However, this is just the first step for you to familiarize yourself with basic Red Hat
Enterprise Virtualization operations. You can further customize your own unique environment based on your organization's needs by working with our solution architects.

Introduction

Prerequisites

• Minimum - Dual core server with 4 GB RAM, with 25 GB free disk space and 1 Gbps network
• interface.
• Recommended - Dual Sockets/Quad core server with 16 GB RAM, 50 GB free disk space on multiple disk spindles and 1 Gbps network interface.

• For the Red Hat Enterprise Linux 6 operating system: minimum 1 GB RAM and 5 GB local disk space.
• For the Manager: minimum 3 GB RAM, 3 GB local disk space and 1 Gbps network controller
• bandwidth.
• If you wish to create an ISO domain on the Manager server, you need minimum 15 GB disk space.

• The Red Hat Enterprise Virtualization Manager (v.3 x86_64 ) channel, also referred to as rhel-x86_64 -server-6-rhevm -3, which provides Red Hat Enterprise Virtualization Manager.

• The JBoss Application Platform (v 5) for 6Server x86_64 channel, also referred to as jbappplatform -5-x86_64 -server-6-rpm , which provides the supported release of the application platform on which the manager runs.

• The RHEL Server Supplem entary (v. 6 64 -bit x86_64 ) channel, also referred to as rhel-x86_64 -server-supplem entary-6, which provides the supported version of the Java Runtime Environment (JRE).

A client for connecting to Red Hat Enterprise Virtualization Manager.

• Microsoft Windows (7, XP, 2003 or 2008) with Internet Explorer 7 and above
• Microsoft .NET Framework 4

For each Host (Red Hat Enterprise Virtualization Hypervisor or Red Hat Enterprise Linux)

• Minimum - Dual core server, 10 GB RAM and 10 GB Storage, 1 Gbps network interface.

• Recommended - Dual socket server, 16 GB RAM and 50 GB storage, two 1 Gbps network interfaces.

The breakdown of the server requirements are as below:

• For each host: AMD-V or Intel VT enabled, AMD64 or Intel 64 extensions, minimum 1 GB RAM, 3GB free storage and 1 Gbps network interface.

• For virtual machines running on each host: minimum 1 GB RAM per virtual machine.

• Valid Red Hat Network subscriptions for each host. You can use either Red Hat Enterprise Virtualization Hypervisor or Red Hat Enterprise Linux hosts, or both.

For each Red Hat Enterprise Virtualization Hypervisor host:

• The Red Hat Enterprise Virtualization Hypervisor (v.6 x86-64 ) channel, also referred to as rhel-x86_64 -server-6-rhevh
• For each Red Hat Enterprise Virtualization Linux host: The Red Hat Enterprise Virt Management Agent (v 6 x86_64 ) channel, also referred to as rhel-x86_64 -rhevmgm t-agent-6.

Storage and Networking

• At leasTone of the supported storage types (NFS, iSCSI and FCP).
• For NFS storage, a valid IP address and export path is required.
• For iSCSI storage, a valid IP address and target information is required.
• Static IP addresses for the Red Hat Enterprise Virtualization Manager server and for each host server.
• DNS service which can resolve (forward and reverse) all the IP addresses.
• An existing DHCP server which can allocate network addresses for the virtual machines.

Virtual Machines

• Installation images for creating virtual machines, depending on which operating system you wish to use.
• Microsoft Windows XP, 7, 2003 or 2008.
• Red Hat Enterprise Linux 3, 4, 5 or 6.
• Valid licenses or subscription entitlements for each operating system.

Red Hat Enterprise Virtualization User Portal

• A Red Hat Enterprise Linux client running Mozilla Firefox 3.6 and higher or a Windows client running Internet Explorer 7 and higher.

Install Red Hat Enterprise Virtualization

The Red Hat Enterprise Virtualization platform consists of at leasTone Manager and one or more hosts.

Red Hat Enterprise Virtualization Manager provides a graphical user interface to manage the
physical and logical resources of the Red Hat Enterprise Virtualization infrastructure. The Manager is installed on a Red Hat Enterprise Linux 6 server, and accessed from a Windows client running
Internet Explorer.

Red Hat Enterprise Virtualization Hypervisor runs virtual machines. A physical server running
Red Hat Enterprise Linux can also be configured as a host for virtual machines on the Red Hat
Enterprise Virtualization platform.

Install Red Hat Enterprise Virtualization Manager

                                Figure 2.1. Install Red Hat Enterprise Virtualization Manager

The Manager is the control center of the Red Hat Enterprise Virtualization environment. It allows you to define hosts, configure data centers, add storage, define networks, create virtual machines, manage user permissions and use templates from one central location.

The Red Hat Enterprise Virtualization Manager must be installed on a server running Red Hat
Enterprise Linux 6, with minimum 4 GB RAM, 25 GB free disk space and 1 Gbps network interface.

Install Red Hat Enterprise Linux 6 on a server. When prompted for the software packages to
install, select the default Basic Server option. See the Red Hat Enterprise Linux Installation
Guide for more details.

Note: During installation, remember to set the fully qualified domain name (FQDN) and IP for the
server.

If the classpathx-jaf package has been installed, it must be removed because it conflicts with some of the components required to support JBoss in Red Hat Enterprise Virtualization Manager. Run:

# yum remove classpathx-jaf

If your server has not been registered with the Red Hat Network, run:

# rhn_register

To complete registration successfully you need to supply your Red Hat Network username and
password. Follow the onscreen prompts to complete registration of the system.
After you have registered your server, update all the packages on it. Run:

# yum -y update

Reboot your server for the updates to be applied.

Subscribe the server to the required channels using the Red Hat Network web interface.

a. Log on to Red Hat Network (http://rhn.redhat.com/).
b. Click System s at the top of the page.
c. Select the system to which you are adding channels from the list presented on the screen,
by clicking the name of the system.
d. Click Alter Channel Subscriptions in the Subscribed Channels section of the
screen.
e. Select the following channels from the list presented on the screen.
Red Hat Enterprise Virtualization Manager (v.3 x86_64 )
RHEL Server Supplem entary (v. 6 64 -bit x86_64 )
JBoss Application Platform (v 5) for 6Server x86_64 (note that this
channel is listed under "Additional Services Channels for Red Hat Enterprise Linux 6 for
x86_64")
Click the Change Subscription button to finalize the change.

You are now ready to install the Red Hat Enterprise Virtualization Manager. Run the following
command:

# yum -y install rhevm

This command will download the Red Hat Enterprise Virtualization Manager installation software
and resolve all dependencies.

When the packages have finished downloading, run the installer:

# rhevm -setup

Note: rhevm -setup supports the en_US.UT F-8, en_US.utf8, and en_US.utf-8 locales.
You will not be able to run this installer on a system where the locale in use is noTone of
these supported values.

The installer will take you through a series of interactive questions as listed in the following
example. If you do not enter a value when prompted, the installer uses the default settings which
are stated in [ ] brackets.

Example: Red Hat Enterprise Virtualization Manager installation

Welcom e to RHEV Manager setup utility
HTTP Port [8080] :
HTTPS Port [8443] :
Host fully qualified Dmain Name, note that this Name should be fully
resolvable [rhevm .dem o.redhat.com ] :
Password for Adm inistrator (adm in@ internal) :
Database password (required for secure authentication with the locally
created database) :
Confirm password :
Organization Name for the Certificate: Red Hat
The default storage type you will be using ['NFS'| 'FC'| 'ISCSI'] [NFS] :
ISCSI
Should the installer configure NFS share on this server to be used as an ISO
Dmain? ['yes'| 'no'] [no] : yes
Mount point path: /data/iso
Display Name for the ISO Dmain: local-iso-share
Firewall ports need to be opened.
You can let the installer configure iptables autom atically overriding the current configuration. The old configuration will be backed up.
Alternately you can configure the firewall later using an example iptables file found under /usr/share/rhevm /conf/iptables.example
Configure iptables ? ['yes'| 'no']: yes

Important points to note:

• The default ports 8080 and 84 4 3 must be available to access the manager on HTTP and HTTPS respectively.
• If you elect to configure an NFS share it will be exported from the machine on which the manager is being installed.
• The storage type that you select will be used to create a data center and cluster. You will then be able to attach storage to these from the Administration Portal.

You are then presented with a summary of the configurations you have selected. Type yes to
accept them.

Example: Confirm Manager installation settings

RHEV Manager will be installed using the following configuration:
=================================================================
http-port: 8080
https-port: 8443
host-fqdn: rhevm .dem o.redhat.com
auth-pass: * * * * * * * *
db-pass: * * * * * * * *
org-Name: Red Hat
default-dc-type: ISCSI
nfs-m p: /data/iso
iso-Dmain-Name: local-iso-share
override-iptables: yes
Proceed with the configuration listed above? (yes|no): yes

The installation commences. The following message displays, indicating that the installation was
successful.

Example: Successful installation

Installing:
Creating JBoss Profile... [ DONE ]
Creating CA... [ DONE ]
Setting Database Security... [ DONE ]
Creating Database... [ DONE ]
Updating the Default Data Center Storage Type... [ DONE ]
Editing JBoss Configuration... [ DONE ]
Editing RHEV Manager Configuration... [ DONE ]
Configuring the Default ISO Dmain... [ DONE ]
Starting JBoss Service... [ DONE ]
Configuring Firewall (iptables)... [ DONE ]

* * * * Installation com pleted successfully * * * * * *

Your Red Hat Enterprise Virtualization Manager is now up and running. You can log in to the Red Hat Enterprise Virtualization Manager's web administration portal with the username adm in (the
administrative user configured during installation) in the internal domain. Instructions to do so are
provided at the end of this chapter.

Important: The internal domain is automatically created upon installation, however no new users can be added to this domain. To authenticate new users, you need an external directory service. Red Hat
Enterprise Virtualization supports IPA and Active Directory, and provides a utility called rhevmmanage-domains to attach new directories to the system.

Install Hosts

                       Figure 2.2. Install Red Hat Enterprise Virtualization Hosts

After you have installed the Red Hat Enterprise Virtualization Manager, install the hosts to run your
virtual machines. In Red Hat Enterprise Virtualization, you can use either Red Hat Enterprise
Virtualization Hypervisor or Red Hat Enterprise Linux as hosts.

Install Red Hat Enterprise Virtualization Hypervisor

To prepare a Red Hat Enterprise Virtualization Hypervisor installation CD

• Download the latest version of the rhev-hypervisor* package from Red Hat Network. The lisTof hypervisor packages is located at the Red Hat Enterprise Virtualization Hypervisor
  (v.6 x86_64 ) channel.

a. Log on to Red Hat Network (http://rhn.redhat.com/).
b. Click System s at the top of the page.
c. From the list presented on the screen, select the system on which the Red Hat Enterprise
Virtualization Manager is installed by clicking on its name.
d. Click Alter Channel Subscriptions in the Subscribed Channels section of the screen.
e. Select the Red Hat Enterprise Virtualization Hypervisor (v.6 x86_64 ) channel from the list presented on the screen, then click the Change Subscription button to finalize the change.

Log in to the system on which the Red Hat Enterprise Virtualization Manager is installed. You must log in as the root user to install the rhev-hypervisor package. Run the following command:

# yum install "rhev-hypervisor* "

The hypervisor ISO image is installed into the /usr/share/rhev-hypervisor/ directory.

Insert a blank CD into your CD writer. Use the cdrecord utility to burn the hypervisor ISO image
onto your disc. Run:

# cdrecord dev=/dev/cdrw /usr/share/rhev-hypervisor/rhev-hypervisor.iso

Install Red Hat Enterprise Linux Host

Log In to Administration Portal

Configure Red Hat Enterprise Virtualization

Configure Data Centers

Configure Cluster

Configure Networking

Configure Hosts

Approve Red Hat Enterprise Virtualization Hypervisor Host

The Hypervisor you installed in Section “Install Red Hat Enterprise Virtualization Hypervisor” is automatically registered with the Red Hat Enterprise Virtualization platform. It displays in the Red Hat Enterprise Virtualization Manager, and needs to be approved for use.

To set up a Red Hat Enterprise Virtualization Hypervisor host
On the Tree pane, click Expand All and select Hosts under the Default cluster. On the Hosts tab, select the name of your newly installed hypervisor.

   Figure 3.8. Red Hat Enterprise Virtualization Hypervisor pending approval

Click the Approve button. The Edit and Approve Host dialog displays. Accept the defaults
or make changes as necessary, then click OK.

               Figure 3.9. Approve Red Hat Enterprise Virtualization Hypervisor

The host status will change from Non Operational to Up.

Attach Red Hat Enterprise Linux Host

In contrast to the hypervisor host, the Red Hat Enterprise Linux host you installed in Section,
“Install Red Hat Enterprise Linux Host” is not automatically detected. It has to be manually attached to the Red Hat Enterprise Virtualization platform before it can be used.

To attach a Red Hat Enterprise Linux host
On the Tree pane, click Expand All and select Hosts under the Default cluster. On the Hosts
tab, click New.
The New Host dialog displays.

             Figure 3.10. Attach Red Hat Enterprise Linux Host

Enter the details in the following fields:

• Data Center: the data center to which the host belongs. Select the Default data center.
• Host Cluster: the cluster to which the host belongs. Select the Default cluster.
• Name: a descriptive name for the host.
• Address: the IP address, or resolvable hostname of the host, which was provided during installation.
• Root Password: the password of the designated host; used during installation of the host.
• Configure iptables rules: This checkbox allows you to override the firewall settings on the host with the default rules for Red Hat Enterprise Virtualization.

If you wish to configure this host for OuTof Band (OOB) power management, select the Power Managem ent tab. T ick the Enable Power Managem ent checkbox and provide the required information in the following fields:

• Address: The address of the host.
• User Name: A valid user name for the OOB management.
• Password: A valid, robust password for the OOB management.
• Type: The type of OOB management device. Select the appropriate device from the drop down list.

alom Sun Advanced Lights Out Manager
apc American Power Conversion Master
MasterSwitch network power switch
bladecenter IBM Bladecentre Remote Supervisor Adapter
drac5 Dell Remote Access Controller for Dell
computers
eps ePowerSwitch 8M+ network power switch
ilo HP Integrated Lights Out standard
ilo3 HP Integrated Lights Out 3 standard
ipmilan Intelligent Platform Management Interface
rsa IBM Remote Supervisor Adaptor
rsb Fujitsu-Siemens RSB management interface
wti Western T elematic Inc Network PowerSwitch
cisco_ucs Cisco Unified Computing System Integrated
Management Controller

• Options: Extra command line options for the fence agent. Detailed documentation of the options available is provided in the man page for each fence agent.

Click the Test button to test the operation of the OOB management solution.

If you do not wish to configure power management, leave the Enable Power Management checkbox unmarked.

Click OK. If you have not configured power management, a pop-up window prompts you to confirm if you wish to proceed without power management. SelecToK to continue.

The new host displays in the lisTof hosts with a status of Installing. Once installation is complete, the status will update to Reboot and then Awaiting. When the host is ready for use, its status changes to Up.

You have now successfully configured your hosts to run virtual machines. The next step is to prepare data storage domains to house virtual machine disk images.

Configure Storage

                                Figure 3.11. Configure Storage

After configuring your logical networks, you need to add storage to your data center.

Red Hat Enterprise Virtualization uses a centralized shared storage system for virtual machine disk
images and snapshots. Storage can be implemented using Network File System (NFS), Internet Small
Computer System Interface (iSCSI) or Fibre Channel Protocol (FCP). Storage definition, type and function, are encapsulated in a logical entity called a Storage Dmain. Multiple storage domains are
supported.

For this guide you will use two types of storage domains. The first is an NFS share for ISO images of installation media. You have already created this ISO domain during the Red Hat Enterprise Virtualization Manager installation

The second storage domain will be used to hold virtual machine disk images. For this domain, you need at leasTone of the supported storage types. You have already set a default storage type during
installation as described in Section, “Install Red Hat Enterprise Virtualization Manager”. Ensure that you use the same type when creating your data domain.

Select your next step by checking the storage type you should use:

1. Navigate to the Tree pane and click the Expand All button. Under System, click Default. On
   the results list, the Default data center displays.
2. On the results list, the Storage Type column displays the type you should add.
3. Now that you have verified the storage type, create the storage domain:

For NFS storage, refer to Section, “Create an NFS Data Domain”.
For iSCSI storage, refer to Section, “Create an iSCSI Data Domain”.
For FCP storage, refer to Section, “Create an FCP Data Domain”.

Create an NFS Data Domain

Because you have selected NFS as your default storage type during the Manager installation, you will
now create an NFS storage domain. An NFS type storage domain is a mounted NFS share that is
attached to a data center and used to provide storage for virtual machine disk images.

To add NFS storage:

Navigate to the Tree pane and click the Expand All button. Under System, select the Default
data center and click on Storage. The available storage domains display on the results list. Click
New Domain.

The New Storage dialog box displays.

    Figure 3.12. Add New Storage

Configure the following options:

• Name: Enter a suitably descriptive name.
• Data Center: The Default data center is already pre-selected.
• Dmain Function / Storage Type: In the drop down menu, select Data → NFS. The storage domain types not compatible with the Default data center are grayed out. After you select your domain type, the Export Path field appears.
• Use Host: Select any of the hosts from the drop down menu. Only hosts which belong in the pre-selected data center will display in this list.
• Export path: Enter the IP address or a resolvable hostname of the chosen host. The export path should be in the formaTof 192.168.0.10:/data or domain.example.com :/data

Click OK. The new NFS data domain displays on the Storage tab. It will remain with a Locked status while it is being prepared for use. When ready, it is automatically attached to the data center.

You have created an NFS storage domain. Now, you need to attach an ISO domain to the data center
and upload installation images so you can use them to create virtual machines. Proceed to Section, “Attach and Populate ISO domain”.

Create an iSCSI Data Domain

Because you have selected iSCSI as your default storage type during the Manager installation, you will now create an iSCSI storage domain. Red Hat Enterprise Virtualization platform supports iSCSI storage domains spanning multiple pre-defined Logical Unit Numbers (LUNs).

To add iSCSI storage:

On the side pane, select the Tree tab. On System , click the + icon to display the available data
centers.
Double click on the Default data center and click on Storage. The available storage domains
display on the results list. Click New Domain.
The New Dmain dialog box displays.

    Figure 3.13. Add iSCSI Storage

Configure the following options:

• Name: Enter a suitably descriptive name.
• Data Center: The Default data center is already pre-selected.
• Domain Function / Storage Type: In the drop down menu, select Data → iSCSI.
• The storage domain types which are not compatible with the Default data center are grayed out. After you select your domain type, the Use Host and Discover T argets fields display.
• Use host: Select any of the hosts from the drop down menu. Only hosts which belong in this data center will display in this list.

To connect to the iSCSI target, click the Discover Targets bar. This expands the menu to
display further connection information fields.

  Figure 3.14 . Attach LUNs to iSCSI domain

Enter the required information:

• Address: Enter the address of the iSCSI target.
• Port: Select the port to connect to. The default is 3260.
• User Authentication: If required, enter the username and password.

Click the Discover button to find the targets. The iSCSI targets display in the results list with a
Login button for each target.

Click Login to display the lisTof existing LUNs. Tick the Add LUN checkbox to use the selected
LUN as the iSCSI data domain.

Click OK. The new NFS data domain displays on the Storage tab. It will remain with a Locked
status while it is being prepared for use. When ready, it is automatically attached to the data
center.

You have created an iSCSI storage domain. Now, you need to attach an ISO domain to the data center
and upload installation images so you can use them to create virtual machines. Proceed to Section ,“Attach and Populate ISO domain”.

Create an FCP Data Domain

Because you have selected FCP as your default storage type during the Manager installation, you will
now create an FCP storage domain. Red Hat Enterprise Virtualization platform supports FCP storage domains spanning multiple pre-defined Logical Unit Numbers (LUNs).

To add FCP storage:

On the side pane, select the Tree tab. On System , click the + icon to display the available data
centers.

Double click on the Default data center and click on Storage. The available storage domains
display on the results list. Click New Domain.

The New Dmain dialog box displays.

   Figure 3.15. Add FCP Storage

Configure the following options:

• Name: Enter a suitably descriptive name.
• Data Center: The Default data center is already pre-selected.
• Domain Function / Storage Type: Select FCP.
• Use Host: Select the IP address of either the hypervisor or Red Hat Enterprise Linux host.
• The lisTof existing LUNs display. On the selected LUN, tick the Add LUN checkbox to use it as the FCP data domain.

Click OK. The new FCP data domain displays on the Storage tab. It will remain with a Locked
status while it is being prepared for use. When ready, it is automatically attached to the data
center.

You have created an FCP storage domain. Now, you need to attach an ISO domain to the data center
and upload installation images so you can use them to create virtual machines. Proceed to Section, “Attach and Populate ISO domain”.

Attach and Populate ISO domain

You have defined your first storage domain to store virtual guest data, now it is time to configure your second storage domain, which will be used to store installation images for creating virtual machines. You have already created a local ISO domain during the installation of the Red Hat Enterprise Virtualization Manager. To use this ISO domain, attach it to a data center.

To attach the ISO domain
Navigate to the Tree pane and click the Expand All button. Click Default. On the results list,
the Default data center displays.

On the details pane, select the Storage tab and click the Attach ISO button.

The Attach ISO Library dialog appears with the available ISO domain. Select it and click OK.

   Figure 3.16. Attach ISO Library

The ISO domain appears in the results lisTof the Storage tab. It displays with the Locked status
as the domain is being validated, then changes to Inactive.

Select the ISO domain and click the Activate button. The status changes to Locked and then to
Active.

Media images (CD-ROM or DVD-ROM in the form of ISO images) must be available in the ISO repository for the virtual machines to use. To do so, Red Hat Enterprise Virtualization provides a utility that copies the images and sets the appropriate permissions on the file. The file provided to the utility and the ISO share have to be accessible from the Red Hat Enterprise Virtualization Manager.

Log in to the Red Hat Enterprise Virtualization Manager server console to upload images to the ISO
domain.

To upload ISO images

Create or acquire the appropriate ISO images from boot media. Ensure the path to these images
is accessible from the Red Hat Enterprise Virtualization Manager server.

The next step is to upload these files. First, determine the available ISO domains by running:

# rhevm -iso-uploader list

You will be prompted to provide the admin user password which you use to connect to the
administration portal. The tool lists the name of the ISO domain that you attached in the previous
section.

ISO Storage Dmain List:
local-iso-share

Now you have all the information required to upload the required files. On the Manager console,
copy your installation images to the ISO domain. For your images, run:

# rhevm -iso-uploader upload -i local-iso-share [file1] [file2] .... [fileN]

You will be prompted for the admin user password again, provide it and press Enter.
Note that the uploading process can be time consuming, depending on your storage performance.

After the images have been uploaded, check that they are available for use in the Manager
administration portal.

• Navigate to the Tree and click the Expand All button.
• Under Storage, click on the name of the ISO domain. It displays in the results list. Click on it to display its details pane.
• On the details pane, select the Im ages tab. The lisTof available images should be populated with the files which you have uploaded. In addition, the RHEV-toolsSetup.iso and virtio-win.vfd images should have been automatically uploaded during installation.

    Figure 3.17. Uploaded ISO images

Now that you have successfully prepared the ISO domain for use, you are ready to start creating virtual machines.

Manage Virtual Machines

The final stage of setting up Red Hat Enterprise Virtualization is the virtual machine lifecycle - spanning the creation, deployment and maintenance of virtual machines; using templates; and configuring user permissions. This chapter will also show you how to log in to the user portal and connect to virtual machines.

Create Virtual Machines
                   Figure 4 .1. Create Virtual Machines

On Red Hat Enterprise Virtualization, you can create virtual machines from an existing template, as a
clone, or from scratch. Once created, virtual machines can be booted using ISO images, a network boot (PXE) server, or a hard disk. This document provides instructions for creating a virtual machine using an ISO image.

In your current configuration, you should have at leasTone host available for running virtual machines, and uploaded the required installation images to your ISO domain. This section guides you through the creation of a Red Hat Enterprise Linux 6 virtual server. You will perform a normal attended installation using a virtual DVD.

To create a Red Hat Enterprise Linux server

Navigate to the Tree pane and click Expand All. Click the VMs icon under the Default cluster.
On the Virtual Machines tab, click New Server.

    Figure 4 .2. Create New Linux Virtual Machine

You only need to fill in the Name field and select Red Hat Enterprise Linux 6.x as your
Operating System . You may alter other settings but in this example we will retain the defaults.
Click OK to create the virtual machine.

A New Virtual Machine - Guide Me window opens. This allows you to add networks and
storage disks to the virtual machine.

                                 Figure 4 .3. Create Virtual Machines

Click Configure Network Interfaces to define networks for your virtual machine. The parameters in the following figure are recommended, but can be edited as necessary. When you have configured your required settings, click OK.

                                             Figure 4 .4 . New Network Interface configurations

You are returned to the Guide Me window. This time, click Configure Virtual Disks to add
storage to the virtual machine. The parameters in the following figure are recommended, but can
be edited as necessary. When you have configured your required settings, click OK.

                                           Figure 4 .5. New Virtual Disk configurations

Close the Guide Me window by clicking Configure Later. Your new RHEL 6 virtual machine will
display in the Virtual Machines tab.

You have now created your first Red Hat Enterprise Linux virtual machine. Before you can use your
virtual machine, install an operating system on it.

To install the Red Hat Enterprise Linux guesToperating system

Right click the virtual machine and select Run Once. Configure the following options:

                                          Figure 4 .6. Run Red Hat Enterprise Linux Virtual Machine

• Attach CD: Red Hat Enterprise Linux 6
• Boot Sequence: CD-ROM
• Display protocol: SPICE

Retain the default settings for the other options and click OK to start the virtual machine.

Select the virtual machine and click the Console icon. As this is your first time connecting to
the virtual machine, allow the installation of the Spice Active X and the SPICE client.

After the SPICE plugins have been installed, select the virtual machine and click the Console icon
again. This displays a window to the virtual machine, where you will be prompted to begin installing the operating system.

After the installation has completed, shut down the virtual machine and reboot from the hard drive.

You can now connect to your Red Hat Enterprise Linux virtual machine and start using it.

Create a Windows Virtual Machine

You now know how to create a Red Hat Enterprise Linux virtual machine from scratch. The procedure of creating a Windows virtual machine is similar, except that it requires additional virtio drivers. This example uses Windows 7, but you can also use other Windows operating systems. You will perform a normal attended installation using a virtual DVD.

To create a Windows desktop

Navigate to the Tree pane and click Expand All. Click the VMs icon under the Default cluster.
On the Virtual Machines tab, click New Desktop.

   Figure 4 .7. Create New Windows Virtual Machine

You only need to fill in the Name field and select Windows 7 as your Operating System . You
may alter other settings but in this example we will retain the defaults. Click OK to create the virtual
machine.

A New Virtual Machine - Guide Me window opens. This allows you to define networks for
the virtual machine. Click Configure Network Interfaces. See Figure 4.4, “New Network
Interface configurations” for details.

You are returned to the Guide Me window. This time, click Configure Virtual Disks to add
storage to the virtual machine. See Figure 4.5, “New Virtual Disk configurations” for details.

Close the Guide Me windows. Your new Windows 7 virtual machine will display in the Virtual
Machines tab.

To install Windows guesToperating system

Right click the virtual machine and select Run Once. The Run Once dialog displays as in
Figure 4.6, “Run Red Hat Enterprise Linux Virtual Machine”. Configure the following options:

• Attach Floppy: virtio-win
• Attach CD: Windows 7
• Boot sequence: CD-ROM
• Display protocol: SPICE

Retain the default settings for the other options and click OK to start the virtual machine.

Select the virtual machine and click the Console icon. This displays a window to the virtual
machine, where you will be prompted to begin installing the operating system.

Accept the default settings and enter the required information as necessary. The only change you must make is to manually install the VirtIO drivers from the virtual floppy disk (vfd) image. To do so, select the Custom (advanced) installation option and click Load Driver. Press Ctrl and select:

• Red Hat VirtIO Ethernet Adapter
• Red Hat VirtIO SCSI Controller

The installation process commences, and the system will reboot itself several times.

Back on the administration portal, when the virtual machine's status changes back to Up, right click on it and select Change CD. From the lisTof images, select RHEV-toolsSetup to attach the Guest Tools ISO which provides features including USB redirection and SPICE display optimization.

Click Console and log in to the virtual machine. Locate the CD drive to access the contents of the Guest Tools ISO, and launch the RHEV-toolsSetup executable. After the tools have been installed, you will be prompted to restart the machine for changes to be applied.

You can now connect to your Windows virtual machine and start using it.

Using Templates

                    Figure 4 .8. Create Templates

Now that you know how to create a virtual machine, you can save its settings into a template. This template will retain the original virtual machine's configurations, including virtual disk and network interface settings, operating systems and applications. You can use this template to rapidly create replicas of the original virtual machine.

Create a Red Hat Enterprise Linux Template

To make a Red Hat Enterprise Linux virtual machine template, use the virtual machine you created in Section, “Create a Red Hat Enterprise Linux Virtual Machine” as a basis. Before it can be used, it has to be sealed. This ensures that machine-specific settings are not propagated through the template.

To prepare a Red Hat Enterprise Linux virtual machine for use as a template

Connect to the Red Hat Enterprise Linux virtual machine to be used as a template. Flag the
system for re-configuration by running the following command as root:

# touch /.unconfigured

Remove ssh host keys. Run:

# rm -rf /etc/ssh/ssh_host_*

Shut down the virtual machine. Run:

# poweroff

The virtual machine has now been sealed, and is ready to be used as a template for Linux virtual
machines.

To create a template from a Red Hat Enterprise Linux virtual machine

In the administration portal, click the Virtual Machines tab. Select the sealed Red Hat
Enterprise Linux 6 virtual machine. Ensure that it has a status of Down.

Click Make Template. The New Virtual Machine Template displays.

Click Make Template. The New Virtual Machine Template displays.

   Figure 4 .9. Make new virtual machine template

Enter information into the following fields:

• Name: Name of the new template
• Description: Description of the new template
• Host Cluster: The Host Cluster for the virtual machines using this template.
• Make Private: If you tick this checkbox, the template will only be available to the template's creator and the administrative user. Nobody else can use this template unless they are given permissions by the existing permitted users.

Click OK. The virtual machine displays a status of "Image Locked" while the template is being
created. The template is created and added to the Templates tab. During this time, the action
buttons for the template remain disabled. Once created, the action buttons are enabled and the
template is ready for use.

Clone a Red Hat Enterprise Linux Virtual Machine

In the previous section, you created a Red Hat Enterprise Linux template complete with pre-configured storage, networking and operating system settings. Now, you will use this template to deploy a preinstalled virtual machine.

To clone a Red Hat Enterprise Linux virtual machine from a template

Navigate to the Tree pane and click Expand All. Click the VMs icon under the Default cluster.
On the Virtual Machines tab, click New Server.

   Figure 4 .10. Create virtual machine based on Linux template

On the General tab, select the existing Linux template from the Based on Template
list.
Enter a suitable Name and appropriate Description, then accept the default values
inherited from the template in the resTof the fields. You can change them if needed.
Click the Resource Allocation tab. On the Provisioning field, click the drop down
menu and select the Clone option.

          Figure 4 .11. Set the provisioning to Clone

Retain all other default settings and click OK to create the virtual machine. The virtual machine
displays in the Virtual Machines list.

Create a Windows Template

To make a Windows virtual machine template, use the virtual machine you created in Section,
“Create a Windows Virtual Machine” as a basis.

Before a template for Windows virtual machines can be created, it has to be sealed with sysprep. This ensures that machine-specific settings are not propagated through the template.

Note that the procedure below is applicable for creating Windows 7 and Windows 2008 R2 templates.

To seal a Windows virtual machine with sysprep

In the Windows virtual machine to be used as a template, open a command line terminal and type
regedit.

The Registry Editor window displays. On the left pane, expand HKEY_LOCAL_MACHINE →
SYSTEM → SETUP.

On the main window, right click to add a new string value using New → String Value. Right click
on the file and select Modify. When the Edit String dialog box displays, enter the following
information in the provided text boxes:

• Value name: UnattendFile
• Value data: a:\sysprep.inf

Launch sysprep from C:\Windows\System 32\sysprep\sysprep.exe

• Under System Cleanup Action, select Enter System Out-of-Box-Experience (OOBE).
• Tick the Generalize checkbox if you need to change the computer's system identification number (SID).
• Under Shutdown Options, select Shutdown.

Click OK. The virtual machine will now go through the sealing process and shut down
automatically.

To create a template from an existing Windows machine

In the administration portal, click the Virtual Machines tab. Select the sealed Windows 7
virtual machine. Ensure that it has a status of Down and click Make Template.

The New Virtual Machine Template displays. Enter information into the following fields:

• Name: Name of the new template
• Description: Description of the new template
• Host Cluster: The Host Cluster for the virtual machines using this template.
• Make Public: Check this box to allow all users to access this template.

Click OK. In the T em plates tab, the template displays the "Image Locked" status icon while it is
being created. During this time, the action buttons for the template remain disabled. Once created,
the action buttons are enabled and the template is ready for use.

You can now create new Windows machines using this template.

Create a Windows Virtual Machine from a Template

This section describes how to create a Windows 7 virtual machine using the template created in
Section, “Create a Windows Template”.

To create a Windows virtual machine from a template
Navigate to the Tree pane and click Expand All. Click the VMs icon under the Default cluster.
On the Virtual Machines tab, click New Desktop.

• Select the existing Windows template from the Based on Template list.
• Enter a suitable Name and appropriate Description, and accept the default values inherited from the template in the resTof the fields. You can change them if needed.

Retain all other default setting and click OK to create the virtual machine. The virtual machine
displays in the Virtual Machines list with a status of "Image Locked" until the virtual disk is created.
The virtual disk and networking settings are inherited from the template, and do not have to be
reconfigured.

Click the Run icon to turn iTon. This time, the Run Once steps are not required as the
operating system has already been installed onto the virtual machine hard drive. Click the green
Console button to connect to the virtual machine.

You have now learned how to create Red Hat Enterprise Linux and Windows virtual machines with and without templates. Next, you will learn how to access these virtual machines from a user portal.

Using Virtual Machines

Now that you have created several running virtual machines, you can assign users to access them from the user portal. You can use virtual machines the same way you would use a physical desktop.

Assign User Permissions
                    Figure 4 .12. Assign Permissions

Red Hat Enterprise Virtualization has a sophisticated multi-level administration system, in which
customized permissions for each system component can be assigned to different users as necessary.
For instance, to access a virtual machine from the user portal, a user must have either UserRole or
PowerUserRole permissions for the virtual machine. These permissions are added from the manager
administration portal.

To assign PowerUserRole permissions
Navigate to the Tree pane and click Expand All. Click the VMs icon under the Default cluster.
On the Virtual Machines tab, select the virtual machine you would like to assign a user to.

On the Details pane, navigate to the Perm issions tab. Click the Add button.

The Add Perm ission to User dialog displays. Enter a Name, or User Name, or part thereof in
the Search textbox, and click Go. A lisTof possible matches display in the results list.

      Figure 4 .13. Add PowerUserRole Permission

Select the check box of the user to be assigned the permissions. Scroll through the Assign
role to user list and select PowerUserRole. Click OK.

Log in to the User Portal

                    Figure 4 .14 . Connect to the User Portal

Now that you have assigned PowerUserRole permissions on a virtual machine to the user named admin, you can access the virtual machine from the user portal. To log in to the user portal, all you
need is a Linux client running Mozilla Firefox or a Windows client running Internet Explorer.

If you are using a Red Hat Enterprise Linux client, install the SPICE plug-in before logging in to the User Portal. Run:

# yum install spice-xpi

To log in to the User Portal

Open your browser and navigate to https://Dmain.exam ple.com :84 4 3/UserPortal.
Substitute domain.example.com with the Red Hat Enterprise Virtualization Manager server
address.

The login screen displays. Enter your User Name and Password, and click Login.

You have now logged into the user portal. As you have PowerUserRole permissions, you are taken by
default to the Extended User Portal, where you can create and manage virtual machines in addition to
using them. This portal is ideal if you are a system administrator who has to provision multiple virtual machines for yourself or other users in your environment.

    Figure 4 .15. The Extended User Portal

You can also toggle to the Basic User Portal, which is the default (and only) display for users with
UserRole permissions. This portal allows users to access and use virtual machines, and is ideal for
everyday users who do not need to make configuration changes to the system.

    Figure 4 .16. The Basic User Portal

You have now completed the Quick Start Guide, and successfully set up Red Hat Enterprise
Virtualization. However, this is just the first step for you to familiarize yourself with basic Red Hat
Enterprise Virtualization operations. You can further customize your own unique environment based on your organization's needs by working with our solution architects.