realsysadmin.com

This is a study we’d (a former colleague of mine and yours truly) done last year of a log analysis tool called Splunk
What you will read in this article are the results/excerpts of that study.

Some of the questions we asked are as follows –

• Why use a log analysis tool?
• What do most shops use
• What does a tool such as splunk buy us (as an IT shop)
• What are it’s benefits and pit-falls?
• What is the cost of ownership?

Why use a log-analysis tool?

The biggest reason to use such a tool would be to move from a Reactive to Proactive Systems Management paradigm

With the number of systems (about 900+ *nix servers in that shop) and the criticality (many systems cost millions of dollars in down-time) of availability of these, it is imperative to find a tool that can actually be used quickly and effortlessly to analyze valuable log information

If such a tool can look at various layers of a “delivered stack” (aka hardware, os, application, network, san, etc), it would be a gold-mine by virtue of being able to link the stack “end-to-end” and by speeding up the analysis process.

What do most shops use?

Most shops I’ve been in do log analysis like this –

a) Don’t do any log analysis unless absolutely required. And if it is required, admins log into the individual servers and parse through the logs using vi (or using a combination of grep/awk/sed if they are script-savvy)

b) Have a centralized ssh (or god forbid! rsh) trusted admin host from where they launch a log parser script that filters specific key words and that gets emailed to a mailbox or to the individual admins’ email boxes

c) have a centralized log host where they run a script akin to the one mentioned above

I’ve worked in shops of varying sizes — from a ISP/Telecom giant who ran 4000+ sun servers to a 50-server tiny sweatshop. Most of the shops I’ve been in fall some where in between (with hosts ranging from 200 - 1000 in number). That’s a lot of hosts to manage and a lot of logging that needs to be parsed.

What does a log-analysis tool buy an IT shop?

You’ve all probably thought about this — a centralized, easy-to-use log analysis tool buys an IT shop valuable time!

So what does Splunk claim to do?

In there own words –

“The Splunk Server indexes IT data from ANY source. No need to configure it for specific formats, write regular expressions or change your logging output. Search mountains of data by time, keywords, type of event, source, host or relationships to other events. “

Some key features of Splunk:

• Universal Indexing
• Can index terabytes of data all from one place
• Capable of indexing approx. 22,000 events/second at density of 150 bytes/event.

How does splunk acquire data?

Access data from any live source:

• Mounted files: NFS/SMB, CIFS/AFP, NAS/SAN, FIFO,
• Remote files: rsync, scp/ftp/rcp,
• Network ports: UDP & TCP, syslog/syslog-ng, log4j/log4php, JMX/JMS, SNMP
• Databases: SQL/ODBC
• Splunk Servers: Access data locally on production hosts and forward it to another Splunk Server over SSL/TCP

The actual evaluation results will be the next article.

This infoworld article caught my eye and induced some much needed mirth.

http://www.infoworld.com/article/08/04/01/14FE-april-fool-hp-windy_1.html

Remember to delete the service maps for NFS using svccfg command

With Solaris 10 and VCS 5.x, nfsd HAS TO run under VCS control. In order to achieve that, the following needs ton happen (on every node that will host the NFS share) —

Disable/Delete the NFS services from SMF

# svccfg delete -f svc:/network/nfs/server:default# svccfg delete -f svc:/network/nfs/status:default# svccfg delete -f svc:/network/nfs/nlockmgr:default

Manually restart lockd, statd and automountd

# /usr/lib/nfs/lockd# /usr/lib/nfs/statd# /usr/lib/fs/autofs/automount# /usr/lib/autofs/automountd

NOTE: In this example (see below), the NFSgrp is configured only for one node. To add another node, add the node name and number to SystemList and AutoStartList

       group NFSgrp (               SystemList = { hostA = 0 }               AutoStartList = { hostA }        )        DiskGroup nfsDG (               Critical = 0               DiskGroup = testdg        )        Volume nfsVOL (              Critical = 0              Volume = testnfshome              DiskGroup = testdg        )        IP IPres (                Device = bge0               Address = "10.10.10.22"                NetMask = "255.255.255.0"        )        Mount Mountres (                MountPoint = "/nfs/testnfs"                BlockDevice = "/dev/vx/dsk/testdg/testnfshome"                FSType = vxfs                MountOpt = rw                FsckOpt = "-y"        )        NFS NFSres (                Nservers = 16        )        NFSLock NFSLockres (                PathName = "/nfs/testnfs"        )        NIC NICres (                Device = bge0        )        Share Shareres (                PathName = "/nfs/testnfs"                Options = "-o rw -d \"test home dirs\""        )        // IPres requires Shareres        IPres requires NICres        nfsVOL requires nfsDG        Mountres requires nfsVOL        NFSLockres requires Mountres        Shareres requires NFSLockres        Shareres requires NFSres        // resource dependency tree        //        // group NFSgrp        // {        // IP IPres        //      {        //      NIC NICres        //      Share Shareres        //          {        //          NFSLock NFSLockres        //              {        //              Mount Mountres        //                  {        //                  Volume nfsVOL        //                      {        //                      DG nfsDG        //                      }        //                  }        //              }        //          NFS NFSres        //          }        //       }        // }

Welcome to WordPress. This is your first post. Edit or delete it, then start blogging!

Solaris8 BrandZ pre-requisites

Requires kernel patch 127111-05 (or latest version) for sparc. Find all dependencies and fulfill then (ie patch requirements).

# lsSUNWs8brandr  SUNWs8brandu  SUNWs8p2v# pwd/mypool/software/sol8p2v/s8ma-1_0-rr/Product# pkgadd -d .The following packages are available:  1  SUNWs8brandr     Solaris 8 Migration Assistant: solaris8 brand support (Root)                      (sparc) 11.10.0,REV=2007.10.08.16.51  2  SUNWs8brandu     Solaris 8 Migration Assistant: solaris8 brand support (Usr)                      (sparc) 11.10.0,REV=2007.10.08.16.51  3  SUNWs8p2v        Solaris 8 p2v Tool                      (sparc) 11.10.0,REV=2007.10.08.16.51Select package(s) you wish to process (or 'all' to processall packages). (default: all) [?,??,q]:

The SUNWs8brandr and SUNWs8brandu packages need to be added to the Solaris 10 Host OS (Global Zone).

Zone configuration

Then configure the Zone —

# zonecfg -z s8-zones8-zone: No such zone configuredUse 'create' to begin configuring a new zone.zonecfg:s8-zone> create -t SUNWsolaris8zonecfg:s8-zone> set zonepath=/mypool/zones/s8-zonezonecfg:s8-zone>zonecfg:s8-zone> set autoboot=truezonecfg:s8-zone> add netzonecfg:s8-zone:net> set address=192.168.99.100zonecfg:s8-zone:net> set physical=bge1zonecfg:s8-zone:net> endzonecfg:s8-zone> add fszonecfg:s8-zone:fs> set type=zfszonecfg:s8-zone:fs> set dir=/mypool/vol1zonecfg:s8-zone:fs> endspecial not specifiedzonecfg:s8-zone:fs> set special=share/zone/s8-zonezonecfg:s8-zone:fs> endzonecfg:s8-zone>zonecfg:sol8zone> add attrzonecfg:sol8zone:attr> set name=hostidzonecfg:sol8zone:attr> set type=stringzonecfg:sol8zone:attr> set value=8325f14dzonecfg:sol8zone:attr> endzonecfg:sol8zone> verifyzonecfg:sol8zone> commitzonecfg:sol8zone> exitdwailsun:$() # zonecfg -z sol8zone infozonename: sol8zonezonepath: /mypool/zones/sol8zonebrand: solaris8autoboot: falsebootargs:pool:limitpriv:scheduling-class:ip-type: sharedfs:        dir: /mypool/vol1        special: share/zone/sol8zone        raw not specified        type: zfs        options: []net:        address: 192.168.99.100        physical: bge1attr:        name: hostid        type: string        value: 8325f14ddwailsun:$() # zonecfg -z sol8zone info attrattr:        name: hostid        type: string        value: 8325f14ddwailsun:$() #

Install the zone

dwailsun:$() # zonecfg -z sol8zone export > /var/tmp/safe/sol8zone.configdwailsun:$(safe) # zoneadm -z s8-zone install -u -a /mypool/software/sol8p2v/solaris8-image.flarcould not verify fs /mypool/vol1: could not access zfs dataset 'share/zone/s8-zone'zoneadm: zone s8-zone failed to verifydwailsun:$(safe) # zfs listNAME                  USED  AVAIL  REFER  MOUNTPOINTmypool               3.75G  15.4G  39.3K  /mypoolmypool/software      3.22G  6.78G  3.22G  /mypool/softwaremypool/vol1          66.6K  5.00G  34.0K  /mypool/vol1mypool/vol1/s8-zone  32.6K  5.00G  32.6K  /mypool/vol1/s8-zonemypool/www            544M  3.47G   544M  /mypool/wwwmypool/zones         34.0K  5.00G  34.0K  /mypool/zonesdwailsun:$(safe) # zfs set mountpoint=legacy mypool/vol1/s8-zonedwailsun:$(safe) # zfs listNAME                  USED  AVAIL  REFER  MOUNTPOINTmypool               3.75G  15.4G  39.3K  /mypoolmypool/software      3.22G  6.78G  3.22G  /mypool/softwaremypool/vol1          65.3K  5.00G  32.6K  /mypool/vol1mypool/vol1/s8-zone  32.6K  5.00G  32.6K  legacymypool/www            544M  3.47G   544M  /mypool/wwwmypool/zones         34.0K  5.00G  34.0K  /mypool/zonesdwailsun:$(safe) # zoneadm -z s8-zone install -u -a /mypool/software/sol8p2v/solaris8-image.flar      Log File: /var/tmp/s8-zone.install.987.log        Source: /mypool/software/sol8p2v/solaris8-image.flar    Installing: This may take several minutes...Postprocessing: This may take several minutes...        Result: Installation completed successfully.      Log File: /mypool/zones/sol8zone/root/var/log/s8-zone.install.987.log

Solaris8 P2V

Run sol8-p2v —

dwailsun:$(safe) # /usr/lib/brand/solaris8/s8_p2v s8-zone[Fri Dec 28 12:36:01 PST 2007]         S20_apply_patches:  Unpacking patch:  109 147-44[Fri Dec 28 12:36:01 PST 2007]         S20_apply_patches: Installing patch:  109 147-44Checking installed patches...Patch 109147-44 has already been applied.See patchadd(1M) for instructions.Patchadd is terminating.[Fri Dec 28 12:36:09 PST 2007]         S20_apply_patches:  Unpacking patch:  111 023-03[Fri Dec 28 12:36:09 PST 2007]         S20_apply_patches: Installing patch:  111 023-03Checking installed patches...Patch 111023-03 has already been applied.See patchadd(1M) for instructions.Patchadd is terminating.[Fri Dec 28 12:36:11 PST 2007]         S20_apply_patches:  Unpacking patch:  111 431-01[Fri Dec 28 12:36:11 PST 2007]         S20_apply_patches: Installing patch:  111 431-01Checking installed patches...This patch is obsoleted by patch 108993-67 which has alreadybeen applied to this system.Patchadd is terminating.[Fri Dec 28 12:36:13 PST 2007]         S20_apply_patches:  Unpacking patch:  112 605-04[Fri Dec 28 12:36:13 PST 2007]         S20_apply_patches: Installing patch:  112 605-04Checking installed patches...This patch is obsoleted by patch 108993-67 which has alreadybeen applied to this system.Patchadd is terminating.[Fri Dec 28 12:36:15 PST 2007]         S20_apply_patches:  Unpacking patch:  112 050-04[Fri Dec 28 12:36:15 PST 2007]         S20_apply_patches: Installing patch:  112 050-04Checking installed patches...Patch 112050-04 has already been applied.See patchadd(1M) for instructions.Patchadd is terminating.[Fri Dec 28 12:36:17 PST 2007]         S20_apply_patches:  Unpacking patch:  109 221-01[Fri Dec 28 12:36:17 PST 2007]         S20_apply_patches: Installing patch:  109 221-01Checking installed patches...This patch is obsoleted by patch 109318-39 which has alreadybeen applied to this system.Patchadd is terminating.dwailsun:$(safe) #

dwailsun:$(safe) # zoneadm -z s8-zone bootdwailsun:$(safe) # zoneadm list -v  ID NAME             STATUS     PATH                           BRAND    IP   0 global           running    /                              native   shared   3 s8-zone          running    /mypool/zones/sol8zone         solaris8 shareddwailsun:$(safe) # zlogin -C s8-zone[Connected to zone 's8-zone' console]You did not enter a selection.What type of terminal are you using? 1) ANSI Standard CRT 2) DEC VT52 3) DEC VT100 4) Heathkit 19 5) Lear Siegler ADM31 6) PC Console 7) Sun Command Tool  Sun Workstation 9) Televideo 910 10) Televideo 925 11) Wyse Model 50 12) X Terminal Emulator (xterms) 13) OtherType the number of your choice and press Return: 12Configuring network interface addresses: bge1.RPC: Timed out

Then it goes through and does the sysidcfg bit…

System identification is completed.rebooting system due to change(s) in /etc/default/initDec 28 12:41:25 rpcbind: rpcbind terminating on signal.System identification is completed.[NOTICE: Zone rebooting]SunOS Release 5.8 Version Generic_Virtual 64-bitCopyright 1983-2000 Sun Microsystems, Inc.  All rights reservedHostname: sol8virtThe system is coming up.  Please wait.starting rpc services: rpcbind done.syslog service starting.Print services started.Dec 28 14:41:37 sol8virt sendmail[4102]: My unqualified host name (sol8virt) unknown; sleeping for retryThe system is ready.sol8virt console login:

# uname -aSunOS sol8virt 5.8 Generic_Virtual sun4u sparc SUNW,A70# exit[Connection to zone 's8-zone' pts/5 closed]dwailsun:$(safe) # uname -aSunOS dwailsun 5.10 Generic_127111-05 sun4u sparc SUNW,A70dwailsun:$(safe) # zlogin s8-zone[Connected to zone 's8-zone' pts/5]Last login: Fri Dec 28 14:43:35 on pts/5Sun Microsystems Inc.   SunOS 5.8       Generic Patch   February 2004# uname -aSunOS sol8virt 5.8 Generic_Virtual sun4u sparc SUNW,A70## cat /etc/release                       Solaris 8 2/04 s28s_hw4wos_05a SPARC           Copyright 2004 Sun Microsystems, Inc.  All Rights Reserved.                            Assembled 08 January 2004#

Think of a optimal battery of tests that can help us determine whether this virtualized solaris 8 is a viable platform for servers that cannot be migrated….

• Adding packages — pkgadd works

# uname -aSunOS sol8virt 5.8 Generic_Virtual sun4u sparc SUNW,A70# pkginfo|grep -i smcapplication SMCgcc         gccapplication SMCliconv      libiconvapplication SMClintl       libintlapplication SMCosh471      opensshapplication SMCossl        opensslapplication SMCzlib        zlib

Set up sshd after adding these packages, complete with start up scripts, sshd privsep user id in the system accounts files (passwd and shadow).

# /etc/init.d/sshd startCould not load host key: /usr/local/etc/ssh_host_keyCould not load host key: /usr/local/etc/ssh_host_dsa_keyDisabling protocol version 1. Could not load host key# ps -ef|grep sshd    root  5086  4609  0 15:18:13 ?        0:00 /usr/local/sbin/sshd

Installing Oracle 8i

Setting up Oracle 8i was a breeze. Simply dumped the 2 cds of Oracle 8i 64-bit installation media onto a solaris8 zone visible fileystem and ran the runInstaller with all defaults and the demo database (scott/tiger) getting created as the end step.

Make sure to copy the media to local disk when installing inside the zone. The reason being, even though the cdrom can be exported to the local zone from the Global zone this way —

add fsset dir=/mntset special=/cdromset type=lofsadd options roadd options nodevicesend

We would have issues ejecting and inserting new cdroms, etc.

dwailsun:$() # ssh oracle@sol8virtoracle@sol8virt's password:Last login: Thu Jan  3 11:27:25 2008 from 10.119.10.4Sun Microsystems Inc.   SunOS 5.8       Generic Patch   February 2004Sun Microsystems Inc.   SunOS 5.8       Generic Patch   February 2004$ ps -ef|grep ora  oracle 22608 22152  0 11:25:48 ?        0:00 ora_reco_brandz  oracle 22610 22152  0 11:25:48 ?        0:00 ora_snp0_brandz  oracle 22626 22152  0 11:26:55 ?        0:00 /export/shared/oracle/OraHome1/bin/tnslsnr LISTENER -inherit  oracle 22614 22152  0 11:25:48 ?        0:00 ora_snp2_brandz  oracle 22687 22685  0 11:56:04 ?        0:00 /usr/local/sbin/sshd -R  oracle 22695 22689  0 11:56:09 pts/6    0:00 grep ora  oracle 22689 22687  0 11:56:04 pts/6    0:00 -ksh  oracle 22604 22152  4 11:25:48 ?        1:04 ora_ckpt_brandz  oracle 22600 22152  0 11:25:48 ?        0:00 ora_dbw0_brandz  oracle 22598 22152  0 11:25:48 ?        0:00 ora_pmon_brandz  oracle 22620 22152  0 11:25:48 ?        0:00 ora_d000_brandz  oracle 22602 22152  0 11:25:48 ?        0:02 ora_lgwr_brandz  oracle 22618 22152  0 11:25:48 ?        0:00 ora_s000_brandz  oracle 22616 22152  0 11:25:48 ?        0:00 ora_snp3_brandz  oracle 22612 22152  0 11:25:48 ?        0:00 ora_snp1_brandz  oracle 22606 22152  0 11:25:48 ?        0:00 ora_smon_brandz$

I am a regular of the ZDNet blog by Paul Murphy and thought I’d add to his thoughts on Virtualization and all the brouhaha that’s going on these days –

Virtualization? uh huh… by ZDNet’s Paul Murphy — Virtualization is popular because it was popular - and not because there’s a practical reason to do it.

The most interesting thing I discovered in the process of working on a “high-visibility” project (ERP solution) is that most mgt-types don’t understand what Virtualization has to offer. Someone high up (high-up enough I guess) decides that Virtualization is the answer to all evils that haunt a modern datacenter. The claims are that –

1. Virtualization reduces server sprawl
2. Virtualization reduces power and cooling footprints
3. It empowers the IT support organization to be agile (read build more boxes fast) and really support a dynamic business (with lots of development type activities going on)
4. It is a cure for many problems..blah blah

But when you look at what you’re saving on the standard UNIX platforms (except Sun), the costs amount to something exorbitant. I won’t name the vendor, but it charges for everything starting from it’s multi-pathing software to Resource Mgt software to Virtualization, and they charge by the core.

Soon you start thinking, does this really buy me the cost savings by reducing server-sprawl?
Then the vendor will say, “Why look at this as a consolidation platform? Why don’t you think about the flexibility you’ll get by using this model? Moving workloads around on the fly, etc?”

The problem with that is that Workload management (called SLOs I believe) calls for very detailed and in-depth recording of metrics (what kind of loads are generated by applications, starting by categorizing by application types, etc.

So you first identify the right kinds of metrics to track. The collect the data for a reasonable period of time (say 3-4 months). Then, only after munging all that data, is it possible to say with any authority that a certain amount of resources are required for a particular workload (and build a system that can manage those resource requirements on the fly). T

his entire process might take about 1 year (from start to finish) before being a viable option (some shops I’ve been in are better equipped to do this kind of measurements than others — depending on how “modern” the IT organization usually is — does it “REALLY” employ standards such as ITIL or not, etc).

I’d say that something like Sun’s container model on the Cool-threads servers would be more appropriate for all the above criteria. Consolidation, Resource management, flexibility, etc.

• SRM has been free with Solaris since Solaris 9.
• Solaris 10 has the virtualization pieces completely free.
• The hardware is cheap(er than the competition’s for sure)

Install the VCS Packages after patching the server to appropriate/recommended Patch list.

VCS LICENSE KEY : !@$-@$%-(*&^-$%@-$%%-!

List of VCS Packages:

VRTSappqw VRTSvcs VRTSvcsqw
VRTScscm VRTSvcsag VRTSvcsw
VRTSgab VRTSvcsdc VRTSvlic
VRTSllt VRTSvcsmg VRTSweb
VRTSoraqw VRTSvcsmn VRTSperl VRTSvcsor

edit /etc/llthosts (on both servers - for a 2 node cluster)

0 hostd02
1 hostd03

edit /etc/llttab

set-node hostd03 #here the nodename will change with each host
set-cluster 54 #Set the appropriate cluster ID
link qfe1 /dev/qfe:1 - ether - - #heartbeat 1
link qfe5 /dev/qfe:5 - ether - - #heartbeat 2
link-lowpri qfe0 /dev/qfe:0 - ether - - #Low-pri heartbeat

Edit the /etc/gabtab file with

cat > /etc/gabtab <<EOGAB
gabconfig -c -n 2
EOGAB

#Here the number after the “-n” varies with the number of nodes in cluster

Edit the main.cf (/etc/VRTSvcs/conf/config) to match your reqs

##Only on the first/main server of the Cluster

##Start of main.cf##

include “types.cf”
include “OracleTypes.cf”

cluster OneBill_Prod (
UserNames = { admin = “cDRpdxPmHpzS.” }
Administrators = { admin }
CounterInterval = 5
)

system hostd02 (
)

system hostd03 (
)

group network_grp (
SystemList = { hostd02 = 0, hostd03 = 1 }
PrintTree = 0
Parallel = 1
AutoStartList = { hostd02, hostd03 }
)

NIC OneBillv1_nic (
Device = qfe0
NetworkType = ether
)

Phantom OneBillv1_phantom (
)

group oracle_grp (
SystemList = { hostd02 = 0, hostd03 = 1 }
PrintTree = 0
AutoStartList = { hostd02 }
)

DiskGroup orashrdg_dg (
DiskGroup = orashrdg
)

IP OneBillv1_vip (
Device = qfe0
Address = “112.64.90.54“
NetMask = “255.255.255.0“
IfconfigTwice = 1
)

Mount au1_mnt (
MountPoint = “/au1″
BlockDevice = “/dev/vx/dsk/orashrdg/au1″
FSType = vxfs
MountOpt = rw
FsckOpt = “-y”
)

Mount bu1_mnt (
MountPoint = “/bu1″
BlockDevice = “/dev/vx/dsk/orashrdg/bu1″
FSType = vxfs
MountOpt = rw
FsckOpt = “-y”
)

Mount u01_mnt (
MountPoint = “/au1″
BlockDevice = “/dev/vx/dsk/orashrdg/au1″
FSType = vxfs
MountOpt = rw
FsckOpt = “-y”
)

Mount bu1_mnt (
MountPoint = “/bu1″
BlockDevice = “/dev/vx/dsk/orashrdg/bu1″
FSType = vxfs
MountOpt = rw
FsckOpt = “-y”
)

Mount u01_mnt (
MountPoint = “/u01″
BlockDevice = “/dev/vx/dsk/orashrdg/u01″
FSType = vxfs
MountOpt = rw
FsckOpt = “-y”
)

Mount u02_mnt (
MountPoint = “/u02″
BlockDevice = “/dev/vx/dsk/orashrdg/u02″
FSType = vxfs
MountOpt = rw
FsckOpt = “-y”
)

Mount u03_mnt (
MountPoint = “/u03″
BlockDevice = “/dev/vx/dsk/orashrdg/u03″
FSType = vxfs
MountOpt = rw
FsckOpt = “-y”
)

Mount u04_mnt (
MountPoint = “/u04″
BlockDevice = “/dev/vx/dsk/orashrdg/u04″
BlockDevice = “/dev/vx/dsk/orashrdg/u04″
FSType = vxfs
MountOpt = rw
FsckOpt = “-y”
)

Mount u05_mnt (
MountPoint = “/u05″
BlockDevice = “/dev/vx/dsk/orashrdg/u05″
FSType = vxfs
MountOpt = rw
FsckOpt = “-y”
)

Proxy OneBillv1_proxy (
TargetResName = OneBillv1_nic
)

Volume au1_vol (
Volume = au1
DiskGroup = orashrdg
)

Volume bu1_vol (
Volume = bu1
DiskGroup = orashrdg
)

Volume u01_vol (
Volume = u01
DiskGroup = orashrdg
)

Volume u02_vol (
Volume = u02
DiskGroup = orashrdg
)

Volume u03_vol (
Volume = u03
DiskGroup = orashrdg
)

Volume u04_vol (
Volume = u04
DiskGroup = orashrdg
)

Volume u05_vol (
Volume = u05
DiskGroup = orashrdg
)

OneBillv1_vip requires OneBillv1_proxy
au1_mnt requires au1_vol
au1_mnt requires orashrdg_dg
bu1_mnt requires bu1_vol
bu1_vol requires orashrdg_dg
u01_mnt requires u01_vol
u01_vol requires orashrdg_dg
u02_mnt requires u02_vol
u02_vol requires orashrdg_dg
u03_mnt requires u03_vol
u03_vol requires orashrdg_dg
u04_mnt requires u04_vol
u04_vol requires orashrdg_dg
u05_mnt requires u05_vol
u05_vol requires orashrdg_dg

##End of main.cf##

Copy OracleTypes.cf, etc to the config directory

From /etc/VRTSvcs/conf/config run

opt/VRTSvcs/bin/hacf -verify .

###(Fix errors as you get them)

Setting up GAB and LLT

sbin/gabconfig -U
/sbin/lltconfig -U
/sbin/lltconfig -c
/sbin/gabconfig -c -n 2
/sbin/lltconfig -a list

##Make sure Filesystems (Shared Filesystems) are commented out of the /etc/vfstab file

#Make sure each node in the cluster has the host/IP information of every other in it’s local hosts file#

Reboot the servers, bringing up the main server/node up first

On each node of the cluster

• /sbin/vxlicinst -k <KEY>
• /opt/VRTSvcs/bin/hastop -local -force
• /opt/VRTSvcs/bin/hastart

Create Mount points on all nodes for Shared Filesystems

for i in au1 bu1 u01 u02 u03 u04 u05
do
if [ ! -d $i ]; then
mkdir $i
fi
done

Test failovers by bringing down resources and checking the failover

Displays existing DG resources in the Cluster

scstat -D

Registering VxVM DGs

scconf -a -D type=vxvm,name=. \nodelist=:, \preferenced=true,failback=enabled

• nodelist should contain only nodes that are physically connected to the disks of that dg.
• preferenced=true/false affects whether nodelist indiciates an order of failover preference. On a two-node cluster, this options is only meaningful if failback is enabled.
• failback=disabled/enabled affects whether a preferred node “takes back” it’s device group when it joins the cluster. The default value is disabled. When faileback is disabled, preferenced is set to false. If it is enabled, preferenced also must be set to true.

Moving DGs across nodes of a cluster

When VxVM dgs are registered as Sun Cluster resources, NEVER USE vxdg import/deport commands to change ownership (node-wise) of the dgs. This will cause SC to treat dg as failed resource.

Use the following command instead:

# scswitch -z -D  -h 

Resyncing Device Groups

scconf -c -D name=,sync

Changing DG configuration

scconf -c -D name=,preferenced=
,failback=

Maintenance mode

scswitch -m -D 

NOTE: all volumes in the dg must be unopened or unmounted (not being used) in order to do that.

To come back out of maintenance mode

scswitch -z -D  -h 

Repairing DID device database after replacing JBOD disks

• ‘Make sure you know which disk to update …’

scdidadm -l c1t1d0

returns node1:/dev/rdsk/c1t1d0 /dev/did/rdsk/d7

scdidadm -l d7

returns node1:/dev/rdsk/c1t1d0 /dev/did/rdsk/d7

Then use following cmds to update and verify the DID info:

scdidadm -R d7scdidadm -l -o diskid d7

returns a large string with disk id.

Replacing a failed disk in a A5200 Array (similar concept with other FC disk arrays)

vxdisk list - get the failed disk namevxprint -g dgname -- determine state of the volume(s) that might be affected

On the hosting node, replace the failed disk:

luxadm remove enclosure,positionluxadm insert enclosure,position

On either node of the cluster (that hosts the dg):

scdidadm -l c#t#d#scdidadm -R d#

On the hosting node:

vxdctl enablevxdiskadm (replace failed disk in vxvm)vxprint -g vxtask list     #ensure that resyncing is completed

Remove any relocated submirrors/plexes (if hot-relocation had to move something out of the way):

vxunreloc repaired-diskname

Solaris Vol Mgr (SDS) in Sun Clustered Env

Preferred method of using Soft partitions is to use single slices to create mirrors and then create volumes (soft partitions) from that (kind of similar to VxVM public region in an initialized disk).

Shared Disksets and Local Disksets

Only disks that are physically located in the multi-ported storage will be members of shared disksets. Only disks that are in the same diskset operate as a unit; they can be used together to build mirrored volumes, and primary ownership of the diskset transfers as a while from node to node.

Boot disks are the local disksets. This is a pre-requisite in order to have shared disksets.

Replica management

• Add local replicas manually.
• Put local state db replicas on slice 7 of disks (as a convention) in order to maintain uniformity. Shared disksets have to have replicas on slice 7.
• Spread local replicas evenly across disks and controllers.
• Support for Shared disksets is provided by Pkg SUNWmdm

Modifying /kernel/drv/md.conf

nmd == max num of volumes (default 128)md_nsets == max is 32, default 4.

Creating shared disksets and mediators

scdidadm -l c1t3d0

• – returns d17 as DID device

scdidadm -l d17metaset -s  -a -h    # creates metasetmetaset -s  -a -m    # creates mediatormetaset -s  -s /dev/did/rdsk/d9 /dev/did/rdsk/d17metaset # returns valuesmetadb -s medstat -s  (reports mediator status)

Remaining syntax vis-a-vis Sun Cluster is identical to that for VxVM.

IPMP and sun cluster

IPMP is cluster un-aware. To work around that, Sun Cluster uses Cluster-specific public network mgr daemon (pnmd) to integrate IPMP into the cluster.

pmnd daemon has two capabilities:

• populate CCR with public network adapter status
• facilitate application failover

When pnmd detects all members of a local IPMP group have failed, it consults a file called /var/cluster/run/pnm_callbacks. This file contains entries that would have been created by the activation of Log icalHostname and SharedAddress resources. It is the job of hafoip_ipmp_callback to device whether to migrate resources to another node.

scstat -i       #view IPMP configuration

Leveraging Centralized SSH2 based trusts to monitor network interface status on solaris servers

Since SSH2 key-based trusts have been established in this landscape (at root level), the automation of a variety of tasks becomes easily achievable. The SSH2 key-based trust ensures secure and encrypted transport mechanism (that reinforces security-oriented approach to system administration). Leveraging tools such as sudo (1m) or powerbroker an additional layer of security and auditability can be added.

Using TLRC and ndd_get.sh to collect Network-related information

The following two scripts can be used to make network interface related metrics collections.

tlrc.pl (Test Login Run Command) is a perl script that reads input from a colon-separated text file (of very specific format) or from the command-line and can execute any command on the remote host(s) specified with STDOUT/STDERR logging, etc.

tlrc.pl (test login run command) –

#!/usr/bin/env perl

use Getopt::Std;
use Net::Ping;

my %Args;

getopts( ‘l:i:c:o:n:adT:th’, \%Args );

if ( $Args{h} ) {
&printUsage &amp;amp;& exit 0;
}

my $hlist = $Args{i} || “/path/to/inventory.txt”;
my $ssh = “/usr/bin/ssh”;

my $rsh = “/usr/bin/rsh”;
my $p = Net::Ping->new();
my $lid = $Args{l} || “nobody”;
my $outfile = $Args{o} || “tlrc.out”;
my @shlcmd = $Args{c};
my $conprot = $Args{T} or “ssh”;

if ( $conprot = “rsh|remsh|rlogin” ) {
$conprot = “rsh”;
}
else {
&printUsage &amp;amp;& exit 1;
}

open( RHL, “< $hlist" ) or die "Unable to open input file $hlist: $! \n"; @rhl = ;
close(RHL);
open( WOF, “|tee $outfile” )
or die “Unable to open output file $outfile for writes: $! \n”;
open( WHL, “>> hlist.tlrc” );

if ( $Args{c} ) {
die “Can’t execute $Args{c} with the \”-t\” switch \n”
if ( ( $Args{t} or $Args{d} ) );
runCmd(@shlcmd);
}

if ( $Args{d} ) {
die “Can’t munge dmesg and run login tests at the same time! \n”
if $Args{t};
&dmesgMunger;
}

if ( $Args{t} ) {
&loginTest;
}

sub printUsage {
print
“Usage: $0 [ -l <> ][ -i
][ -c ][ -n ]|[ -a ]|[ -t ]|[ -h ] \n”;
print
“\t -l — pass the login name you want to use for this session \n
\t -i
— pass the input file (colon-delimited) with list of hosts an
d pingability status \n
\t -c — quoted Command you want to run remotely \n
\t -n — comma delimited list of hosts you want to run remote c
ommand specified with \”cmdstring\” on \
\t -a — specifies all hosts in input file to run remote command specified with
\”cmdstring\” on \
\t -T — specifies the Connection type — ssh or rsh \
\t -t — Optional switch to the -c or -h switches, it will only run testing port
ion of the script \
\t -h — print this message \n”;
}

sub runCmd {

my @cmdstring = @_;

if ( $Args{a} ) {
foreach $line (@rhl) {
next if ( $line =~ m/^#/ );
next if ( $line =~ m/^$/ );
my ( $name, $domain, $ip, $pstate, $canlogin, $contype, $serial,
$hid, $usage )
= split( ‘:’, $line );
chomp( $name, $domain, $ip, $pstate, $canlogin, $contype, $serial,
$hid, $usage );
if ( $pstate == 0 ) {
if ( $canlogin == 0 ) {
if ( $contype == 0 ) {
ssh_cmd( $lid, $name, @cmdstring );
}
elsif ( $contype == 1 ) {
rsh_cmd( $lid, $name, @cmdstring );
}
else {
print “Cannot understand connection type! \n”;
}
}
else {
print “Cannot log into the server! \n”;
}
}
else {
print “$name is unpingable — can’t reach! \n”;
}
}
}
elsif ( $Args{n} ) {
$hlist = $Args{n};
@hostlist = split( ‘ ‘, $hlist );
foreach $name (@hostlist) {
if ( $conprot = “ssh” ) {
ssh_cmd( $lid, $name, @cmdstring );
}
elsif ( $conprot = “rsh” ) {
rsh_cmd( $lid, $name, @cmdstring );
}
else {
die “Unknown Option with \”-T\” switch! \n”;
}
}
}
}

sub ssh_cmd {

my ( $id, $host, @cmd ) = @_;
print “$ssh $id\@$host ‘@cmd’ \n”;
@sshout = qx/$ssh $id\@$host ‘@cmd’/;

#or die “Can’t run cmd : $! \n”;
print WOF “$host \n”;
print WOF “@sshout \n”;
}

sub rsh_cmd {

my ( $id, $host, @cmd ) = @_;
print “$rsh -l $id $host ‘@cmd’ \n”;

@rshout = qx/$rsh -l $id $host ‘@cmd’ /;

#or die “can’t run $rsh -l $id $host ‘@cmd’ : $! \n”;

print WOF “$host \n”;
print WOF “@rshout \n”;
}

sub dmesgMunger {

&getToday;
&runCmd(
“cat /var/adm/messages|grep \”$today\”|egrep -v \”vas|auth\|lw8\|mail.info\|Wait
ing\|Networker savegroup\|local1|checked|wrap|Normal\”|egrep -i \”scsi|disk|err|
fatal|pers|mem|link|fcp|AFT|ASFR|PSYND|ESYND|full|vx_nospace|vxfs|vxvm\”"
);
}

sub getToday {
my ( $sec, $min, $hour, $mday, $mon, $year, $wday, $yday, $isdst ) =
localtime(time);
chomp( $sec, $min, $hour, $mday, $mon, $year, $wday, $yday, $isdst );
$year += 1900;
$mon += 1;

my %months = (
1 => ‘Jan’,
2 => ‘Feb’,
3 => ‘Mar’,
4 => ‘Apr’,
5 => ‘May’,
6 => ‘Jun’,
7 => ‘Jul’,
8 => ‘Aug’,
9 => ‘Sep’,
10 => ‘Oct’,
11 => ‘Nov’,
12 => ‘Dec’,
);

if ( $mday < mday = " $mday" today = "$months{$mon} $mday" line ="~" pstate ="=" npstate =" $p-">ping( $name, 1 );
if ( $npstate == 0 ) {

#$p->close();
print “Running \”$ssh $lid\@$name\”…\n”;
my @sshout =
system( “$ssh”, “-l”, “$lid”, “$name”, “\’exit\’” );
$exitval = $? >> 8;
chomp $exitval;
print WOF
“attempt to log into $name ended with status $exitval \n”;
print WHL “$name:$domain:$ip:$pstate:$exitval\n”;
}
else {
print WOF “Unable to ping $name \n”;
}
}
if ( $pstate == 1 ) {
print
“$hlist says $name is inaccessible.\nBut I will try to ping $name again anyway..
.\n”;
my $npstate = $p->ping( $name, 1 );
if ( $npstate == 0 ) {

#$p->close();
print “Running \”$ssh $lid\@$name\”…\n”;
my @sshout =
system( “$ssh”, “-l”, “$lid”, “$name”, “\’exit;\’” );
$exitval = $? >> 8;
chomp $exitval;
print WOF
“attempt to log into $name ended with status $exitval \n”;
print WHL “$name:$domain:$ip:$pstate:$exitval\n”;
}
else {
print WOF “Unable to ping $name \n”;
}
}
}
close(WOF);
}

inventory.txt (the input file passed to tlrc.pl) –

#HOSTNAME:DOMAIN NAME:IP:PINGABLE(1 == no; 0 == yes):Login(1 == no;0 == yes):Connection(0=ssh:1=telnet/rsh):SERIAL:HOSTID:USAGE(P|NP)

This is a colon-delimited file with fields as listed above. Not all of them are required for running the script, but can be useful in certain cases (eg: hostid, serial #).

ndd_get.sh is a Korn-shell based script that returns the NIC link-related statistics in a comma-separated output format.

#!/usr/bin/env ksh

NDD=/usr/sbin/ndd
ID=`/usr/xpg4/bin/id -u`
HOSTNAME=`/usr/bin/hostname`

printUsage() {
echo “Usage: $0 [ -a ]|[-n -i ]|[-h] \n”;
}

splitter() {
interface=$1
INSTANCE=`echo $interface|awk -F\e ‘{print $2}’`
BASEDEV=`echo $interface|awk -F\e ‘{print $1}’`
ADAPTER=”$BASEDEV”e
}

macipget() {
IF=$1
IFCONFIG=/usr/sbin/ifconfig
IP=`$IFCONFIG $IF|grep inet|awk ‘{print $2}’`
MAC=`$IFCONFIG $IF|grep ether|awk ‘{print $2}’`
}

nddget() {
#set -x
AD=$1
INST=$2
$NDD -set /dev/$AD instance $INST
LSTAT=`$NDD -get /dev/$AD link_status`
LSPEED=`$NDD -get /dev/$AD link_speed`
LMODE=`$NDD -get /dev/$AD link_mode`
IS_100FDX=`$NDD -get /dev/$AD adv_100fdx_cap`
IS_100HDX=`$NDD -get /dev/$AD adv_100hdx_cap`
IS_10FDX=`$NDD -get /dev/$AD adv_10fdx_cap`
IS_10HDX=`$NDD -get /dev/$AD adv_10hdx_cap`
AUTONEG=`$NDD -get /dev/$AD adv_autoneg_cap`
LP_100FDX=`$NDD -get /dev/$AD lp_100fdx_cap`
LP_100FDX=`$NDD -get /dev/$AD lp_100hdx_cap`
LP_10FDX=`$NDD -get /dev/$AD lp_10fdx_cap`
LP_10HDX=`$NDD -get /dev/$AD lp_10hdx_cap`
LP_AUTONEG=`$NDD -get /dev/$AD lp_autoneg_cap`
if [ $LSTAT -eq 0 ]; then
linkstat=”down”
else
linkstat=”up”
fi
if [ $LSPEED -eq 0 ]; then
linkspeed=”10″
else
linkspeed=”100″
fi
if [ $LMODE -eq 0 ]; then
linkmode=”Half Duplex”
else
linkmode=”Full Duplex”
fi
if [ $AUTONEG -eq 0 ]; then
autoneg=”Off”
else
autoneg=”on”
fi
if [ $LP_AUTONEG -eq 0 ]; then
lp_autoneg=”Off”
else
lp_autoneg=”On”
fi
IF=$AD$INST
macipget $IF
print “$HOSTNAME,$IF,$IP,$MAC,$linkstat,$linkspeed,$linkmode,$autoneg,$lp_au
toneg”
}

kstatget() {
#set -x
AD=$1
INST=$2

linkspeed=`/usr/bin/kstat -p $AD|grep -i link_|\
grep “$AD:$INST”|grep link_speed|awk ‘{print $2}’`

is_up=`/usr/bin/kstat -p $AD|grep -i link_|\
grep “$AD:$INST”|grep link_up| awk ‘{print $2}’`
if [ $is_up -eq 1 ]; then
linkstat=”UP”
else
linkstat=”DOWN”
fi
LINK_MODE=`/usr/bin/kstat -p $AD|grep -i link_|\
grep $AD:$INST|grep link_duplex|awk ‘{print $2}’`
case $LINK_MODE in
2) linkmode=”Full Duplex”;;
1) linkmode=”Half Duplex”;;
*) linkmode=”Unknown”;;
esac

$NDD -set /dev/$AD instance $INST
AUTONEG=`$NDD -get /dev/$AD adv_autoneg_cap`
LP_AUTONEG=`/usr/bin/kstat -p $AD|\
grep $AD:$INST|grep lp_cap_autoneg|awk ‘{print $2}’`
if [ $AUTONEG -eq 0 ]; then
autoneg=”Off”
else
autoneg=”On”
fi
if [ $LP_AUTONEG -eq 0 ]; then
lp_autoneg=”Off”
else
lp_autoneg=”On”
fi
IF=$AD$INST
macipget $IF
print “$HOSTNAME,$IF,$IP,$MAC,$linkstat,$linkspeed,$linkmode,$autoneg,$lp_au
toneg”

}

bgekstatget() {
#set -x
AD=$1
INST=$2

linkspeed=`/usr/bin/kstat -m $AD -i $INST -n parameters|\
grep -i link_| grep link_speed|awk ‘{print $2}’`

is_up=`/usr/bin/kstat -m $AD -i $INST -n parameters|\
grep -i link_|grep link_status| awk ‘{print $2}’`
if [ $is_up -eq 1 ]; then
linkstat=”UP”
else
linkstat=”DOWN”
fi
LINK_MODE=`/usr/bin/kstat -m $AD -i $INST -n parameters|\
grep -i link_|grep link_duplex|awk ‘{print $2}’`
case $LINK_MODE in
2) linkmode=”Full Duplex”;;
1) linkmode=”Half Duplex”;;
*) linkmode=”Unknown”;;
esac

AUTONEG=`/usr/bin/kstat -m $AD -i $INST -n parameters|\
grep -i link_|grep autoneg|awk ‘{print $2}’`
LP_AUTONEG=`/usr/bin/kstat -m $AD -i $INST -n parameters|\
grep lp_| grep autoneg |awk ‘{print $2}’`
if [ $AUTONEG -eq 0 ]; then
autoneg=”Off”
else
autoneg=”On”
fi
if [ $LP_AUTONEG -eq 0 ]; then
lp_autoneg=”Off”
else
lp_autoneg=”On”
fi

IF=$AD$INST
macipget $IF
print “$HOSTNAME,$IF,$IP,$MAC,$linkstat,$linkspeed,$linkmode,$autoneg,$lp_au
toneg”

}

dmfeget() {

AD=$1
INST=$2
EADAPT=$AD$INST
#$NDD -set /dev/$EADAPT
# NOte the ndd set is not required since dmfe interfaces are directly
# set up as device files (such as /dev/dmfe0, /dev/dmfe1)

LSTAT=`$NDD -get /dev/$EADAPT link_status`
LSPEED=`$NDD -get /dev/$EADAPT link_speed`
LMODE=`$NDD -get /dev/$EADAPT link_mode`
IS_100FDX=`$NDD -get /dev/$EADAPT adv_100fdx_cap`
IS_100HDX=`$NDD -get /dev/$EADAPT adv_100hdx_cap`
IS_10FDX=`$NDD -get /dev/$EADAPT adv_10fdx_cap`
IS_10HDX=`$NDD -get /dev/$EADAPT adv_10hdx_cap`
AUTONEG=`$NDD -get /dev/$EADAPT adv_autoneg_cap`
LP_AUTONEG=`$NDD -get /dev/$ADAPT lp_autoneg_cap`
if [ $LSTAT -eq 0 ]; then
linkstat=”down”
else
linkstat=”up”
fi
if [ $LSPEED -eq 0 ]; then
linkspeed=”10″
else
linkspeed=”100″
fi
if [ $LMODE -eq 0 ]; then
linkmode=”Half Duplex”
else
linkmode=”Full Duplex”
fi
if [ $AUTONEG -eq 0 ]; then
autoneg=”Off”
else
autoneg=”on”
fi
if [ $LP_AUTONEG -eq 0 ]; then
lp_autoneg=”Off”
else
lp_autoneg=”On”
fi
macipget $EADAPT

print “$HOSTNAME,$EADAPT,$IP,$MAC,$linkstat,$linkspeed,$linkmode,$autoneg,$l
p_autoneg”

}

getParms() {
#set -x
case $ADAPTER in
qfe) nddget $ADAPTER $INSTANCE;;
hme) nddget $ADAPTER $INSTANCE;;
eri) nddget $ADAPTER $INSTANCE;;
ce) kstatget $ADAPTER $INSTANCE;;
bge) bgekstatget $ADAPTER $INSTANCE;;
dmfe) dmfeget $ADAPTER $INSTANCE;;
*) echo “Error: Unknown adapter! \n” &&amp;amp; exit 1;;
esac
}

nicStatAll() {
#set -x
/usr/sbin/ifconfig -a|nawk ‘/UP/{print $1}’|egrep -v “lo0|clprivnet”| \
awk -F: ‘{print $1}’ |sort -nr|uniq > /tmp/iflist;
for interface in `cat /tmp/iflist`
do
if [ $interface = ":*" ]; then
next
fi
# Deprecated code — left behind for old time’s sake
#count=`echo $interface|wc -m|sed -e”s!^[ /t]!!g”`
#count1=`expr $count - 2`
#count2=`expr $count - 1`
#int=`echo $interface|cut -c 1-${count1}`
#dev=/dev/${int}
#inst=`echo $interface|cut -c ${count2}`
case $interface in
eri*) INSTANCE=`echo $interface|awk -F\i ‘{print $2}’`
BASEDEV=`echo $interface|awk -F\i ‘{print $1}’`
ADAPTER=”$BASEDEV”i;;
*) splitter $interface;;
esac
getParms
done
}

if [ $ID -ne 0 ]; then
echo “ERROR: You are not root! Only root can run this script!\n”;
exit 1;
fi

while getopts an:i:h arg
do
case $arg in
a) nicStatAll &&amp;amp; exit 0;;
n) ADAPTER=${OPTARG};;
i) INSTANCE=${OPTARG};;
h) printUsage &&amp;amp; exit 0;;
*) printUsage &&amp;amp; exit 1;;
esac
done
shift $(($OPTIND - 1))

if [ ! -z ${ADAPTER} ]; then
if [ ! -z ${INSTANCE} ]; then
getParms
else
printUsage && exit 1
fi
else
printUsage && exit 1
fi

On the centralized management host (whose SSH2-based Key is trusted by the monitored hosts) run the following command to perform the inventory:

admin:(dev) $ sudo ./tlrc.pl -l root -a \-c "/path/to/nddget.sh -a" \-o ~/logs/ndd_get_today.txt/usr/bin/ssh root@host1 '/path/to/ndd_get.sh -a'/usr/bin/ssh root@host2 '/path/to/ndd_get.sh -a'host1host1,bge2,IP,MAC,UP,100,Full Duplex,On,Onhost1,bge1,IP,MAC,UP,100,Full Duplex,On,Onhost1,bge0,IP,MAC,UP,100,Full Duplex,On,Onhost2host2,bge2,10.228.147.62,0:3:ba:49:45:51,UP,100,Full Duplex,On,Onhost2,bge1,10.228.143.62,0:3:ba:49:45:50,UP,100,Full Duplex,On,Onhost2,bge0,10.228.139.62,0:3:ba:49:45:4f,UP,100,Full Duplex,On,On/usr/bin/rsh -l root host3 '/path/to/ndd_get.sh -a'/usr/bin/rsh -l root host4 '/path/to/ndd_get.sh -a'

host3host3,qfe1,IP,MAC,up,100,Full Duplex,Off,Offhost3,qfe0,IP,MAC,up,100,Full Duplex,Off,Offhost3,ce0,IP,MAC,UP,1000,Full Duplex,On,On

Look at the text output created thus:

admin:(logs) $ more ndd_get_today.txt

host1host1,bge2,IP,MAC,UP,100,Full Duplex,On,Onhost1,bge1,IP,MAC,UP,100,Full Duplex,On,Onhost1,bge0,IP,MAC,UP,100,Full Duplex,On,Onhost2host2,bge2,IP,MAC,UP,100,Full Duplex,On,Onhost2,bge1,IP,MAC,UP,100,Full Duplex,On,Onhost2,bge0,IP,MAC,UP,100,Full Duplex,On,On

Now look at the sudo log file to see if there’s associated logging captured.

admin:(log) $ sudo tail sudo.logSep  5 16:32:36 : lahirdx : TTY=pts/27 ; PWD=/export/home/lahirdx/dev ;    USER=root ; COMMAND=/usr/bin/ssh aesdbc1Sep  6 09:49:31 : lahirdx : TTY=pts/30 ; PWD=/export/home/lahirdx/dev ;    USER=root ; COMMAND=./tlrc.pl -a -c /export/patches/Scripts/bin/ndd_get.sh    -a -o /export/home/lahirdx/logs/ndd_get_9606.txtSep  6 09:49:40 : lahirdx : TTY=pts/30 ; PWD=/export/home/lahirdx/dev ;    USER=root ; COMMAND=./tlrc.pl -l root -a -c    /export/patches/Scripts/bin/ndd_get.sh -a -o /export/home/lahirdx/logs/ndd_get_9606.txt

NOTE: Look at the full command line, who executed a particular command, when etc getting captured in the logs. Also, it is imperative to ensure that the “/path/to/ndd_get.sh” is the same on all the monitored hosts. This author recommends creating a system V package to deploy commonly used scripts and tools under /opt/tools (or similar directory structure) to ensure standardization of the environment.

# more zonecfg-hints.txt
LOFS mount:

global# newfs /dev/rdsk/c1t0d0s0
global# mount /dev/dsk/c1t0d0s0 /mystuff
global# zonecfg -z my-zone
zonecfg:my-zone> add fs
zonecfg:my-zone:fs> set dir=/usr/mystuff
zonecfg:my-zone:fs> set special=/mystuff
zonecfg:my-zone:fs> set type=lofs
zonecfg:my-zone:fs> end
* Use a UFS mount:

global# newfs /dev/rdsk/c1t0d0s0
global# zonecfg -z my-zone
zonecfg:my-zone> add fs
zonecfg:my-zone:fs> set dir=/usr/mystuff
zonecfg:my-zone:fs> set special=/dev/dsk/c1t0d0s0
zonecfg:my-zone:fs> set raw=/dev/rdsk/c1t0d0s0
zonecfg:my-zone:fs> set type=ufs
zonecfg:my-zone:fs> end
* Export the device node and mount from the non-global zone:

global# zonecfg -z my-zone
zonecfg:my-zone> add device
zonecfg:my-zone:device> set match=/dev/rdsk/c1t0d0s0
zonecfg:my-zone:device> end
zonecfg:my-zone> add device
zonecfg:my-zone:device> set match=/dev/dsk/c1t0d0s0
zonecfg:my-zone:device> end
my-zone# newfs /dev/rdsk/c1t0d0s0
my-zone# mount /dev/dsk/c1t0d0s0 /usr/mystuff
* Mount the FS directly from the Global zone when the non-global zone is run
ning:

global# mount /dev/dsk/c1t0d0s0 /export/zones/zone1/root/mnt
* Using lofiadm

#