rageek

A place for Unix Thoughts and Ideas

Customizing Your Solaris 11 Auto Installer builds using a first boot script

Unlike Solaris 10, there are no equivalents to finish scripts with Solaris 11.

What is done instead, is to create a script which is installed as a IPS package during the install and run on firstboot and then removed.

Oracle outlines this here
http://docs.oracle.com/cd/E23824_01/html/E21798/firstboot-1.html

I will be going over the process, giving the example from my site and going over adding it into your AI manifest.

The first thing you will need to do is create the firstboot SVC manifest and the script itself.

The manifest is described here:
http://docs.oracle.com/cd/E23824_01/html/E21798/firstboot-2.html

And the logic behind the first boot script here:
http://docs.oracle.com/cd/E23824_01/html/E21798/glcfe.html

As with all things unix there are multiple ways and philosophies for how to manage build scripts.

For my Solaris 11 baseline, I choose to write a first boot script that determines my closest package repository and then mounts and copies over my directory of admin scripts.
It then runs a script called frist_boot_config.sh. This script actually does all of the work on the first boot. Some could argue that it may be better to have all the work done in original script run on boot and then version the IPS package, but I was looking to keep things simple and consistent with my previous builds and easy to update, especially while I was refining my Solaris 11 baseline. I might move it into the one script in the future.

The general flow to my System build is:
1. AI installs my server packages and then the first-boot package.
2. On the first boot the script is run which copies my tree of admin scripts and then runs a script which does the heavy lifting. This script will fix the gateway and set up the hostname and correct the host file and disables autofs. It also will apply kernel parameters and any fixes or packages required for any specific servers or platforms. It does it work and then copies into place a second script which handles any further configuration. I found that certain changes really require a reboot before taking effect, and hence I have 2 different scripts as some of my changes build on each other.

One thing I really like about Solaris 11 is that provisioning zones is extremely similar to provisioning physicals and I’m able to use the same manifests and scripts for both.

You can download my service manifest here, it is pretty much identical to the one provided by oracle and I’m not going to dive into that.

Here is my first boot script, you can download it here

#!/bin/sh

# Load SMF shell support definitions
. /lib/svc/share/smf_include.sh

echo "Save original boot environment first."
# Obtain the active BE name from beadm: The active BE on reboot has an R in
# the third column of 'beadm list' output. Its name is in column one.
bename=`beadm list -Hd|nawk -F ';' '$3 ~ /R/ {print $1}'`
beadm create ${bename}.orig

mkdir /tmp/mnt

#determine the closest server
FIRSTSR=10.x.x.x #san
SECSR=10.x.x.x #den

FST=`ping  -vs $FIRSTSR 20 5 | grep round  | cut -d'/' -f6 | cut -d. -f1`
SST=`ping  -vs $SECSR 20 5 | grep round  | cut -d'/' -f6 | cut -d. -f1`

if [ $FST -lt $SST ]; then
        echo "Using $FIRSTSR for nfs mount"
        mount $FIRSTSR:/export/jumpstart/post /tmp/mnt
else
        echo "Using $SECSR for nfs mount"
        mount $SECSR:/export/jumpstart/post /tmp/mnt
fi

cd /tmp/mnt
cp -rp admin /
cd /

if [ -f /admin/config_files/first_boot_config.sh ];then
        echo "Running Solaris 11 First boot config script"
        /admin/config_files/first_boot_config.sh
fi

# Disable service and uninstall package
svcadm disable svc:/site/first-boot-script-svc:default
pkg uninstall pkg:/first-boot-script
pkg unset-publisher firstboot

echo "Site first-boot script done. Rebooting in 5 seconds." > /dev/console

sleep 5 && reboot -p || reboot &

exit $SMF_EXIT_OK

Now that we have created a IPS Package script and manifest, we will create the package

You can review the oracle instructions here: http://docs.oracle.com/cd/E23824_01/html/E21798/glcej.html

root@testserver:~# mkdir -p proto/lib/svc/manifest/site
root@testserver:~# mkdir -p proto/opt/site
root@testserver:~# cp first-boot-script-svc-manifest.xml proto/lib/svc/manifest/site
root@testserver:~# cp first-boot-script.sh proto/opt/site

root@testserver:~# cat << EOF >> first-boot-script.p5m
set name=pkg.fmri value=first-boot-script@1.0,5.11
set name=pkg.summary value="AI first boot script"
set name=pkg.description value="Script that runs at first boot after AI installation"
file path=lib/svc/manifest/site/first-boot-script-svc-manifest.xml mode=0444 \
    owner=root group=sys
dir path=opt/site mode=0755 owner=root group=sys
file path=opt/site/first-boot-script.sh mode=0555 owner=root group=sys
EOF

root@testserver:~# pkglint first-boot-script.p5m
Lint engine setup...
Starting lint run...
WARNING opensolaris.manifest001.1 Missing attribute 'org.opensolaris.consolidation' in pkg:/first-boot-script@1.0,5.11
WARNING opensolaris.manifest001.1 Missing attribute 'info.classification' in pkg:/first-boot-script@1.0,5.11

Now we will create our repository and add the package to it

root@testserver:~# zfs create -o mountpoint=/export/firstbootrep aiserver/firstbootrepo
root@testserver:~# zfs set compression=on aiserver/firstbootrepo
root@testserver:~# pkgrepo create /export/firstbootrepo
root@testserver:~# pkgrepo -s /export/firstbootrepo add-publisher firstboot
root@testserver:~# pkgsend publish -d ./proto -s /export/firstbootrepo first-boot-script.p5m
pkg://firstboot/first-boot-script@1.0,5.11:20120525T204216Z
PUBLISHED

Now lets add additional repository to our Repository SMF Service

root@testserver:/# svccfg -s pkg/server add firstboot
root@testserver:/# svccfg -s pkg/server:firstboot addpg pkg application
root@testserver:/# svccfg -s pkg/server:firstboot setprop pkg/port=1081
root@testserver:/# svccfg -s pkg/server:firstboot setprop pkg/inst_root=/export/firstbootrepo
root@testserver:/# svccfg -s pkg/server:firstboot addpg general framework
root@testserver:/# svccfg -s pkg/server:firstboot addpropvalue general/complete astring: firstboot
root@testserver:/# svccfg -s pkg/server:firstboot addpropvalue general/enabled boolean: true
root@testserver:/# svccfg -s pkg/server:firstboot setprop pkg/readonly=true
root@testserver:/# svcadm refresh application/pkg/server:firstboot
root@testserver:/# svcadm enable application/pkg/server:firstboot
root@testserver:/# pkg list -g http://localhost:1081/
NAME (PUBLISHER)                                  VERSION                    IFO
first-boot-script (firstboot)                     1.0                        ---

And finally we’ll add it to our manifest.

<source>
	<publisher name="solaris">
		<origin name="http://aimaster"/>
	</publisher>
	<publisher name="firstboot">
		<origin name="http://aimaster:1081"/>
	</publisher>
</source>
<software_data>
	<name>pkg:/entire@latest</name>
	<name>pkg:/group/system/solaris-large-server</name>
</software_data>
<software_data action="install">
	<name>pkg:/first-boot-script</name>
	<name>pkg://solaris/x11/server/xvfb</name>
	<name>pkg://solaris/compatibility/packages/SUNWxwplt</name>
</software_data>

Now we test our build:

From the Install Log:
16:34:03    Creating IPS image
16:34:17    Installing packages from:
16:34:17        solaris
16:34:17            origin:  http://denaimaster/
16:34:17        firstboot
16:34:17            origin:  http://denaimaster:1081/
16:47:32    18% Transferring contents
16:47:33    35% Transferring contents
16:54:51    Installing packages from:
16:54:51        solaris
16:54:51            origin:  http://denaimaster/
16:54:51        firstboot
16:54:51            origin:  http://denaimaster:1081/

and

root@testserver:/ # cat /var/svc/log/site-first-boot-script-svc\:default.log
[ May 20 17:05:04 Executing start method ("/opt/site/first-boot-script.sh"). ]
Save original boot environment first.
Using 10.x.x.x for nfs mount
Running Solaris 11 First boot config script
            Packages to remove:  1
       Create boot environment: No
Create backup boot environment: No

Removal Phase ...  Done
Package State Update Phase ...  Done
Package Cache Update Phase ...  Done
Image State Update Phase ...  Done
[ May 20 17:08:07 Method "start" exited with status 0. ]
[ May 20 17:08:07 Stopping because service disabled. ]
[ May 20 17:08:07 Executing stop method (null). ]
updating //platform/sun4v/boot_archive

And now it is complete.

If you need to update your first boot script. You can modify the files directly and then run:

pkgsend publish -d ./proto -s /export/firstbootrepo first-boot-script.p5m

again to have the repository reflect the updates.

Advertisements

2 responses to “Customizing Your Solaris 11 Auto Installer builds using a first boot script

  1. Raymond August 6, 2015 at 2:41 pm

    Where should the second script be placed? In /etc/rc*? I need to have about three reboots before the system is considered completely installed.

    “It does it work and then copies into place a second script which handles any further configuration. I found that certain changes really require a reboot before taking effect, and hence I have 2 different scripts as some of my changes build on each other.”

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: