The current Jumpstart-based Solaris install mechanism.

The Suns are currently installed using a hybrid system which uses a mixture of Jumpstart, our own Jumpstart extension scripts, LCFG and manual intervention.

Craig's description of how to install a Sun tells you how to use the process:


This is a rough list of what's involved:

  • [Manual] Make an entry for your Sun in dns/inf. It has to be on the same subnet as either the main install server (roc on wire AT1) or one of its "boot servers" (hippocampus on wire 144, sphinx on wire S).
  • [Manual] Create an LCFG profile as per instructions (see above URL for details).
  • [Manual] A line needs to be added to Jumpstart's "rules" file on roc, /export/install/jumpstart/rules.
  • [Manual] The "rules" file then needs to be processed by running /export/install/jumpstart/check.
  • [Manual] Create the machine's Kerberos host principle
  • [Manual] Create the machine's Kerberos keytab
  • [Manual] Move the machine's Kerberos keytab onto roc
  • [Manual] Check the sysidcfg file contents
  • [Manual] Add the machine to the boot server's /etc/ethers
  • [Manual] Run "add_install_client" on the boot server
  • [Manual] Start the install.
  • [Jumpstart/local] the "start.lcfg" script runs and creates the machine's Jumpstart profile.
  • [Jumpstart] The disks are partitioned and Sun's core Solaris software cluster is installed. The core cluster is called SUNWCreq (all cluster names start with SUNWC). It's a standard Sun thing, unaltered, and is defined in /var/sadm/system/admin/.clustertoc.
  • [Jumpstart/local] The "finish.lcfg" script adds a few more files. It also installs the "lcfg_setup" script as /etc/rc2.d/S801lcfg_setup. This script will run on the first reboot.
  • [Jumpstart] The machine then reboots.
  • [Solaris] As the machine reboots, /etc/rc2.d/S801lcfg_setup is called.
  • [Solaris/local] "lcfg_setup" installs all remaining local software including LCFG, installs the recommended patch set, then triggers another reboot, after which the machine should be running as DICE Solaris.
  • [Manual] Delete the Kerberos keytab from the JumpStart directory on roc

The "rules" file

Details of the "rules" file syntax can be found in the Solaris 9 Installation Guide chapters 22-28, pages 131-221. But basically, for each machine to be installed it lists three files: a "begin" script, called by Jumpstart before it installs Solaris; a profile, which tells Jumpstart what to do; and a "finish" script which runs after Solaris has been installed but before the machine reboots.

Inside the "start.lcfg" script

Our install system uses the same begin script for all installs, a script called "start.lcfg". Its job is to create the machine's Jumpstart profile on the fly (Jumpstart allows this). The script is in /export/install/jumpstart/scripts/start.lcfg on roc.

start.lcfg does these jobs:

  • It creates the machine's on-the-fly Jumpstart profile and inserts instructions which specify a brand new and simple install;
  • To this it adds instructions specifying the desired software (every machine gets the same: just the basic core Solaris software cluster at this stage, plus "gzip" and "tsort");
  • It also adds instructions which specify the desired partitioning of the disks.

The desired disk partition configuration is discovered by downloading the machine's LCFG profile and looking at its "fstab" resources. The script looks at these fstab resources: fstab.disks, fstab.partitions_*, fstab.mntopts_*, fstab.size_*, fstab.mpt_*. The values are extracted and the equivalent configuration is written out in Jumpstart syntax to the on-the-fly Jumpstart profile.

The downloading and parsing of the LCFG profile is done using LCFG tools which the script obtains by NFS-mounting /export/lcfg/image from phoenix. This is a cut-down directory tree containing only basic LCFG tools, utilities and Perl libraries. It's also used by lcfg_setup (see later). The LCFG profile is downloaded from

Inside the "finish.lcfg" script

This script is run by Jumpstart immediately after Jumpstart has finished configuring the machine as per the Jumpstart profile: the disks have been partitioned, basic Solaris software has been installed, but the machine has not yet rebooted. It can be found at /export/install/jumpstart/scripts/finish.lcfg on roc. It's based on a venerable but serviceable AI dept suninstall finish script. It can do these things:

  • removing files;
  • making directories;
  • copying files;
  • making symlinks;
  • making hard links;
  • appending to files;
  • moving files;
  • running arbitrary scripts.
For each of these methods, each machine can have its own separate config. Each method also has a "common" config which applies to every machine being installed. The config files for this script are in the form of a tree; this lives in the directory /export/install/jumpstart/install. This directory contains subdirectories for each activity. The subdirectories are named as follows:
for the appending of given files to files on the host
for the copying of given files onto the host
for the making of hard links on the host
for the making of new directories on the host
for the moving of installed files on the host
for the removing of files installed on the host
for the making of symbolic links on the host

Each of these subdirectories can contain an optional file named after each host to be installed, and an optional "common" file containing shared configuration.

Each file contains a line per file to be manipulated, with comments allowed in lines starting with a "#" symbol. The format of the line varies from one subdirectory to another:

  • There are two fields per line.
  • The first field is the name of the file containing the data to be appended (see below for the location of this file).
  • The second field is the full path name of the file to be appended to.
  • There are five compulsory fields per line with all further fields being treated as a comment.
  • The first field is the name of the file to be copied to the host.
  • The second field is the name of the destination directory.
  • The third field is the name of the owner of the file.
  • The fourth field is the name of the group of the file.
  • The fifth field is the octal number giving the desired file permissions.
  • Subsequent fields are treated as a comment. This comment forms part of a message which is output to the screen when the script runs at install time.
  • (Not currently used, but still operational.)
  • There are two fields per line.
  • The first field is the full path name of a file to be linked to.
  • The second field is the full path name of the hard link.
  • There are four fields per line.
  • The first field is the desired owner of the directory.
  • The second field is the desired group of the directory.
  • The third field is the desired octal permissions number of the directory.
  • The fourth field is the full path name of the directory.
  • (Not currently used, but still operational.)
  • There are two fields per line.
  • The first field is the old full path name of the file to be moved.
  • The second field is the new full path name of the file to be moved.
  • There are two fields per line.
  • The first field contains any command line option for the "rm" command which is desired. It can just be "-" if no special option is needed: this is an option to "rm" which marks the end of command line options on the command line.
  • The second field contains the full path name of the file to be removed.
  • (Not currently used, but still operational.)
  • There are two fields per line.
  • The first field is the full path name of a file to be linked to.
  • The second field is the full path name of the symbolic link.

There are two further subdirectories in /export/install/jumpstart/install on roc, "files" and "scripts".

/export/install/jumpstart/install/files contains the files specified in the first fields of each non-comment line in the files in the append.conf and copy.conf directories.
/export/install/jumpstart/install/scripts contains arbitrary shell scripts to be run. These scripts are run after finish.lcfg has completed its other activities. The scripts subdirectory differs from the other subdirectory in that there are no host-specific scripts. Every script in the scripts subdirectory is run for every host.

What "finish.lcfg" does for us

Mainly (for our purposes) it installs the LCFG bootstrap script. But it also does these things:

  • adds a couple of hosts to the standard /etc/hosts
  • installs some config files for NTP, LDAP and Kerberos
  • makes the /opt/sfw/bin directory, where non-Sun software lives
  • removes /etc/defaultrouter
  • runs scary amounts of wee scripts: 31 of them. (We'd better see what these are doing!)

Inside the "lcfg_setup" script

The lcfg_setup script is the last major part of the bootstrap mechanism. It installs LCFG on to the machine; adjusts the installed software as specified in the machine's LCFG profile; initialises LDAP; and installs a recommended list of patches.

It uses a number of remote locations:

  • [HTTP] - for LCFG profiles
  • [NFS] /export/repository/LCFG on phoenix - the repository for Informatics-sourced packages
  • [NFS] /export/repository/SUNW on phoenix - the repository for core Sun-sourced Solaris packages
  • [NFS] /export/repository/SFW on phoenix - the repository for all other Solaris packages
  • [NFS] /export/install/image on phoenix - contains LCFG and other tools and libraries necessary for bootstrapping a new system. Also used by the start.lcfg script used in Jumpstart earlier in the install process (see above).
  • [NFS] /export/install/9_Recommended on - contains all recommended patches and patch list and install script.

The script also provides another custom mechanism for making directories and symbolic links, and uses this to make several directories and links which are necessary for LCFG to work.

The (undocumented) perl module LCFG::Client is used, specifically its RPMFile function, to get the location of the host's rpmcfg file. This is then passed to "updatepkgs" (the script used by the Solaris version of the updaterpms LCFG component in place of the Linux "updaterpms" program) to perform the package installations necessary to get the machine's software installation to the desired state.

lcfg_setup then runs "ldapclient" to initialise LDAP on the machine. It uses the LDAP server

All recommended patches are then installed. The install is coordinated by a Sun-supplied script named "install_cluster" located in the same NFS directory as the patches.

Finally the script deletes itself and triggers a reboot.

Observations and Suggestions on reading this page

  • Looking at the number of manual steps, it's a good thing we don't have too many solaris hosts!
  • We could automate the generation and checking of the rules file
  • Can we eliminate finish.lcfg or at least simplify it a lot?
  • I'd suggest that the way forward was to gradually strip out redundant (obsolete?) functionality from these scripts and try to simplify things and gradually incorporate them in more "standard" places. In particular, I think it is very bad practice to have scripts read resources belonging to other components - this is going to lead to problems when the component is changed. For example, the stuff that reads the fstab resources should be factored out and put in the fstab component - perhaps used by a special method (?) and perhaps only compiled in to the Solaris version of the component (?)
  • Should (the files installed or altered by finish.lcfg) really be separate packages (or created by components?)
  • My recommendation would be chip away at it gradually - there seems to be lots of small stuff.
  • Maybe EPCC could help if they are looking at Solaris ...

-- ChrisCooke - 18 Jan 2007

Topic revision: r5 - 18 Jan 2007 - 15:35:27 - ChrisCooke
This site is powered by the TWiki collaboration platformCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback
This Wiki uses Cookies