OpenSolaris as a Xen domU

From Sfvlug

Revision as of 09:04, 21 August 2010 by Jeff (Talk | contribs)
# -*- python -*-

if xm_vars.env.get('install'):
    kernel	= "/var/lib/xen/images/osol-0906-unix.amd64"
    ramdisk	= "/var/lib/xen/images/osol-0906-x86.microroot.amd64"
    extra	= "/platform/i86xpv/kernel/amd64/unix " + \
		  "- nowin -B install_media=cdrom"
    disk	= [ "phy:/dev/VolGroup00/osolvm,xvda,w",
		    "file:/home/jeff/OpenSolaris/osol-0906-x86.iso,6:cdrom,r"
		    ]
    on_reboot	= "destroy"
    on_crash	= "destroy"
else:
    kernel	= "/var/lib/xen/images/osol.0906.xpv.unix"
    ramdisk	= "/var/lib/xen/images/osol.0906.xpv.boot_archive"
    extra	= "/platform/i86xpv/kernel/amd64/unix -B " + \
		  "zfs-bootfs=rpool/ROOT/opensolaris,"	   + \
		  "bootpath=/xpvd/xdf@51712:a"
    disk	= [ "phy:/dev/VolGroup00/osolvm,xvda,w" ]
    on_reboot	= "restart"
    on_crash	= "restart"

name		= "osolvm"
uuid		= "280b2556-94c8-49e0-b9c8-1127d57cee9c"
maxmem		= 1024
memory		= 1024
vcpus		= 1
on_poweroff	= "destroy"
vif		= [ "mac=00:16:3E:A8:01:04,bridge=xenbr0" ]

The above is how I got started, installed and running with OpenSolaris 0906 in Xen. As anybody should know, installation is just the beginning. Next I sat down and tried to turn my OpenSolaris installation into a functional member of my LAN.

And just what does being a functional member of my LAN mean? In short it means users are authenticated via LDAP, they NFS mount their HOME directories using the automounter, and the machine participates in IPv6. It also means my own user account needs to be treated as the administrator via some mechanism available, be that using su(1m), sudo(1m), or something else. In the case of OpenSolaris, that something else is called pfexec(1).

LDAP Authentication under OpenSolaris

ldapclient manual -a credentialLevel=proxy \
                  -a proxyDN=cn=Manager,dc=ultimateevil,dc=org \
                  -a proxyPassword=soopersekrit \
                  -a defaultServerList=ldap:389 \
                  -a defaultSearchBase=dc=ultimateevil,dc=org \
                  -a authenticationMethod=tls:simple \
                  -a certificatePath=/var/ldap/cacert.pem \
                  -a serviceSearchDescriptor=passwd:ou=People,dc=ultimateevil,dc=org \
                  -a serviceSearchDescriptor=group:ou=Group,dc=ultimateevil,dc=org
Retrieved from "http://editthis.info/SFVLUG/OpenSolaris_as_a_Xen_domU"
Personal tools