Firmware upgrade on T4-1 Sparc server

disclaimer: Please refer vendor provided instructions and follow carefully.

SUMMARY:

  1. cd /tmp/patch/
  2. unzip 148822-05.zip
  3. cd 148822-05
  4. ./sysfwdownload Sun_System_Firmware-8_2_2_c-SPARC_T4-1.pkg
  5. /usr/sbin/shutdown -i0 -g0 -yOK> type #. to go to ILOM mode in console
  6. show /HOST/boodmode (note config parameter value for LDOM servers to set after upgrade)
  7. show /HOST/ (will display the current versions of Hypervisor, OpenBoot, Post and  sysfw_version)
  8. stop /SYS
  9. set /SYS keyswitch_state=Normal
  10. show /SP/firmware/localimage (This will display upload date and version, if by mistake wrong image uploaded, it will display invalid image)
  11. load -source /SP/firmware/localimage (show progress in … and will reboot ILOM on completion)
  12. set /HOST/bootmode=”config-name”” (This is important for the LDOM servers)
  13. start the system “start /SYS”
  14. console /HOST/console….

Detailed explanation, have patience and read below steps

Step: 1

Go to this Oracle site and find the suitable firmware level for your server or refer your internal engineering documents to know upgrade level.

http://www.oracle.com/technetwork/systems/patches/firmware/release-history-jsp-138416.html

I need upgrade to SysFW 8.2.2.c, this comes with Oracle Patch “148822-05

Step2: Login to oracle site with valid support id and download the patch. (Most of the enterprise organizations have engineering team, who test these patches and upload to internal repositories)

Step3: copy the “148822-05.zip” to the servers, where you need upgrade the firmware and unzip it.

Step4: Pre tasks

  • This firmware upgrade require down time. If you are planning on Production/Live servers, take proper down time from application teams.
  • Firmware upgrade require console, hence check your console access.
  • Take all LDOM guest configuration backup. Refer my previous article on saving and restoring Ldom guest configuration.
  • Check current configuration stored in Service Processor(SP). When you upgrade the firmware, it will reset SP bootmode configuration to default-factory. If you save the config name, it will be easy for you to reset. You can also check this from ILOM using “show /HOST/bootmode” save the config property value.
Step5: Load the firmware to System Processor (SP). ILOM has the mechanism to copy the image from OS using sysfwdownload tool. This tool always comes with your firmware patch and it’s recommended to use the same tool.

cd /tmp/patch/148822-05

./sysfwdownload [image].pkg (in my case the image name “Sun_System_Firmware-8_2_2_c-SPARC_T4-1.pkg

(if you observer image file name has all information like this firmware is for Sun Sparc hardware,it’s version is 8.2.2.c and it’s for Sparc T4-1 model. This is first level of defense to avoid loading wrong firmware image)

When downloading it will show progress in format “….(10%)….” it ends with download completed successfully

shutdown -i0 -g0 -y

OK> type #. to go to ILOM mode in console

show /HOST/boodmode (note config parameter value for LDOM servers)

show /HOST/ will display the current versions of Hypervisor, OpenBoot, Post and  sysfw_version

(sysfw_version is the one we mentioned above)

Verify downloaded image is correct or not with “show /SP/firmware/localimage” and verify upload date and Version. (Here second level of defense comes, if valid image is not uploaded instead of version it will show invalid image).

stop the system to poweroff competely “stop /SYS”

Verify the key_switch state “show /SYS keyswitch_state” it should be in normal state. If it’s in locked state change to normal

“set /SYS keyswitch_state=Normal” Check if value set properly.

After completing all pre checks now we are ready to upgrade the firmware

  load -source /SP/firmware/localimage

This will show progress in … and once it complete, it will reboot the ILOM.

Once it’s completed, change the bootmode “set /HOST/bootmode=”config-name”” (This is important for the LDOM servers)

start the system “start /SYS”

go to console to see the server boot progress

console /HOST/console

Advertisements

Soalris10: how_to_determine_which_processes using ports

cat proc2port.sh
#!/bin/ksh
#Use At Your Own Risk
#aak
#Beta proc2port.sh v0.01

ps -ef | awk ‘{print $2,$9}’ | while read a b
do
port=`pfiles $a | grep -i port | wc -l`
if [ “$port” -gt 0  ]
then
echo “$a has opened ports:-($b)”
pfiles $a | grep -i port
else
echo  “$a —> $b:NONE”
fi
done

Sample OUTPUT:

./proc2port.sh
pfiles: cannot examine PID: no such process
PID —> :NONE
0 —> sched:NONE
1 —> /sbin/init:NONE
2 —> pageout:NONE
3 —> fsflush:NONE
20908 has opened ports:-(/usr/lib/sendmail)
sockname: AF_INET 127.0.0.1  port: 25
sockname: AF_INET 0.0.0.0  port: 587
7 has opened ports:-(/lib/svc/bin/svc.startd)
5: S_IFPORT mode:0000 dev:357,0 uid:0 gid:0 size:0
9 —> /lib/svc/bin/svc.configd:NONE
390 has opened ports:-(/usr/lib/nfs/statd)
sockname: AF_INET 0.0.0.0  port: 0
279 —> /usr/sbin/cron:NONE
115 —> /usr/sbin/ipmon:NONE
171 —> /usr/lib/crypto/kcfd:NONE
28904 —> /sbin/sh:NONE
384 —> /usr/sbin/rpcbind:NONE
413 —> /usr/lib/saf/sac:NONE
129 —> /usr/lib/sysevent/syseventd:NONE
391 —> /usr/lib/nfs/nfsmapid:NONE
389 —> /usr/lib/nfs/nfs4cbd:NONE
435 —> /usr/lib/utmpd:NONE
169 —> /usr/lib/picl/picld:NONE
141 —> /usr/sbin/nscd:NONE

Reference: https://blogs.oracle.com/kanmaz/entry/how_to_determine_which_processes

Solaris: Good Jumpstart Notes

How to Configure a Solaris 10 Jumpstart server and client [SPARC]

Configuring Link Based IPMP Solaris 10

Basic requirements for IPMP

  1. All interfaces in an IPMP group must have uniqueMAC addresses
  2. All interfaces in an IPMP group must be of the same media type
  3. All interfaces in an IPMP group must be on the same IP link

Two types of IPMP:

  1. Link-Based FailureDetection
  2. Probe-Based FailureDetection

Terminology:

Data Addresses: Conventional address configured to interface.

Test Addresses: used by in.mpathd for probe based failure detection.

IP link:  Physical connection to  network switch

To configure link based IPMP, we do not required test address. So configure the two interface hostname files

Ex., nxge0 and nxge4

echo “myhost netmask + broadcast + group ipmp0 up” > /etc/hostname.nxge0

echo “group ipmp0 up” > /etc/hostname.nxge4

then restart the network services

svcadm disable network/physical

svcadm enable network/physical

Jan  7 18:26:52 myhost in.mpathd[1501]: No test address configured on interface nxge4; disabling ed failure detection on it

Jan  7 18:26:52 myhost in.mpathd[1501]: No test address configured on interface nxge0; disabling probe-based failure  on it

Then ifconfig output will look like below. Notice that nxge4 do not have  IP configured.

nxge0: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 3

        inet 192.168.0.100netmask ffffff80 broadcast 165.40.63.127

        groupname ipmp0

        ether 0:xx:xx:xx:xx:xx

nxge4: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 4

        inet 0.0.0.0 netmask ff000000 broadcast 0.255.255.255

        groupname ipmp0

        ether 0:xx:xx:xx:xx:xx

Then verify the failover and back with ‘if_mpadm” command

root@myhost # if_mpadm -d nxge0

Jan  7 18:28:29 myhost in.mpathd[1501]: Successfully failed over from NIC nxge0 to NIC nxge4

root@myhost # if_mpadm -r nxge0

Jan  7 18:28:43 myhost in.mpathd[1501]: Successfully failed back to NIC nxge0

While testing ran a ping test

H:\>ping 192.168.0.100-t

Pinging 192.168.0.100with 32 bytes of data:

Reply from 192.168.0.100: bytes=32 time=38ms TTL=244

Reply from 192.168.0.100: bytes=32 time=38ms TTL=244

Reply from 192.168.0.100: bytes=32 time=38ms TTL=244

Reply from 192.168.0.100: bytes=32 time=39ms TTL=244

Reply from 192.168.0.100: bytes=32 time=38ms TTL=244

Reply from 192.168.0.100: bytes=32 time=38ms TTL=244

Reply from 192.168.0.100: bytes=32 time=38ms TTL=244

Reply from 192.168.0.100: bytes=32 time=38ms TTL=244

Reply from 192.168.0.100: bytes=32 time=38ms TTL=244

Request timed out. –here tested failover to nxge4

Reply from 192.168.0.100: bytes=32 time=39ms TTL=244

Reply from 192.168.0.100: bytes=32 time=38ms TTL=244

Reply from 192.168.0.100: bytes=32 time=38ms TTL=244

Reply from 192.168.0.100: bytes=32 time=38ms TTL=244

Reply from 192.168.0.100: bytes=32 time=38ms TTL=244

Reply from 192.168.0.100: bytes=32 time=38ms TTL=244

Reply from 192.168.0.100: bytes=32 time=38ms TTL=244

Reply from 192.168.0.100: bytes=32 time=38ms TTL=244

Reply from 192.168.0.100: bytes=32 time=38ms TTL=244

Request timed out.—here tested failback to nxge0

Reply from 192.168.0.100: bytes=32 time=39ms TTL=244

Reply from 192.168.0.100: bytes=32 time=38ms TTL=244

Reply from 192.168.0.100: bytes=32 time=38ms TTL=244

Reply from 192.168.0.100: bytes=32 time=38ms TTL=244

Reply from 192.168.0.100: bytes=32 time=38ms TTL=244

Ping statistics for 192.168.0.100:

    Packets: Sent = 25, Received = 23, Lost = 2 (8% loss),

Approximate round trip times in milli-seconds:

    Minimum = 38ms, Maximum = 39ms, Average = 38ms

Control-C

Note: For trouble shooting you can test network connectivity from OK prompt with watch-net command

/pci@400/pci@2/pci@0/pci@6/network@0

1000 Mbps full duplex Link up

Looking for Ethernet Packets.

‘.’ is a Good Packet.  ‘X’ is a Bad Packet.

Type any key to stop.

………………………………………

/pci@400/pci@1/pci@0/pci@8/network@0

1000 Mbps link up

Looking for Ethernet Packets.

‘.’ is a Good Packet.

Type any key to stop.

…………………………………………

Reference

http://docs.oracle.com/cd/E23823_01/pdf/816-4554.pdf

http://sunaytripathi.wordpress.com/2010/03/25/solaris-10-networking-the-magic-revealed/#mozTocId342636.125

https://blogs.oracle.com/stw/entry/using_ipmp_with_link_based

Installing Oracle VM for Sparc 2.2 (LDOM) and Configuration

I have installed Oracle VM Server for Sparc 2.2 on Sparc T4-1 server

Pre requisites:

supported Platforms: http://docs.oracle.com/cd/E35434_01/html/E23810/gentextid-296.html#LDSRNldomssupportedplatforms

OS: Solaris 10 8/11 or Solaris 11 SRU 7 (Support Repository Update)

http://docs.oracle.com/cd/E35434_01/html/E23810/gentextid-296.html#LDSRNldomsrequiredsoftwarepatches

For Sparc T4-1 required firmware patch:  148822-01

148822-01 Synopsis: Obsoleted by: 148822-02 FIRMWARE: SPARC T4-1 – Sun System Firmware 8.2.0.a
Date: May/22/2012

We have uptodate firmware i.e.: 148822-04

Synopsis: Obsoleted by: 148822-04 FIRMWARE: SPARC T4-1 – Sun System Firmware 8.2.1.b
Date: Aug/31/2012

Installation:

  1. Download and install the package “p14054041_22_SOLARIS64.zip”
  2. cd /var/tmp/ldom (Assuming copied .zip file in this folder)
  3. unzip p14054041_22_SOLARIS64.zip
  4. cd OVM_Server_SPARC-2_2/Install
  5. ./install-ldm

Welcome to the Oracle VM Server for SPARC installer.

You are about to install the LDoms Manager package, SUNWldm, that will enable
you to create, destroy and control other domains on your system. You will
also be given the option of running the Oracle VM Server for SPARC Configuration
Assistant (ldmconfig) to setup the control domain and create guest domains.

If the Solaris Security Toolkit (SST) is installed, you will be prompted to
optionally harden your control domain.

Installing LDoms packages.
pkgadd -n -d “./Product” -a pkg_admin SUNWldm.v
Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved.

Installation of <SUNWldm> was successful.
pkgadd -n -d “./Product” -a pkg_admin SUNWldmp2v
Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved.

Installation of <SUNWldmp2v> was successful.

Oracle VM Server for SPARC Configuration

Once installed, you may configure your system for a basic LDoms
deployment.  If you select “y” for the following question, the Oracle
VM Server for SPARC Configuration Assistant (tty) will be launched
following a successful installation of the packages.

(You may launch the Configuration Assistant at a later time with the
command:  /usr/sbin/ldmconfig, or use the GUI Configuration Assistant
which is bundled in the Oracle VM Server for SPARC zip file – see
README.GUI for more details)

Select an option for configuration:

y) Yes, launch the Configuration Assistant after install
n) No thanks, I will configure the system manually later

Enter y or n [y]:n

Verify installed packages:

bash-3.2# pkginfo -l SUNWldmp2v
   PKGINST:  SUNWldmp2v
      NAME:  LDoms P2V tool
  CATEGORY:  application
      ARCH:  sparc
   VERSION:  2.2.0.0,REV=2012.04.19.14.10
   BASEDIR:  /
    VENDOR:  Oracle Corporation
      DESC:  Oracle VM Server for SPARC Physical-to-Virtual (P2V) Migration Tool
    PSTAMP:  scapen-on10-020120419141017
  INSTDATE:  Dec 21 2012 15:20
   HOTLINE:  Please contact your local service provider
    STATUS:  completely installed
     FILES:       19 installed pathnames
                   6 shared pathnames
                  12 directories
                   3 executables
                 264 blocks used (approx)

bash-3.2# pkginfo -l SUNWldm
   PKGINST:  SUNWldm
      NAME:  LDoms Manager software
  CATEGORY:  application
      ARCH:  sparc.sun4v
   VERSION:  2.2.0.0,REV=2012.04.19.14.10
   BASEDIR:  /
    VENDOR:  Oracle Corporation
      DESC:  Oracle VM Server for SPARC – Virtualization for SPARC T-Series
    PSTAMP:  scapen-on10-020120419141012
  INSTDATE:  Dec 21 2012 15:20
   HOTLINE:  Please contact your local service provider
    STATUS:  completely installed
     FILES:       79 installed pathnames
                  18 shared pathnames
                  23 directories
                  22 executables
                5851 blocks used (approx)

Verify the ldms

bash-3.2# svcs|grep ldmd
online         15:20:55 svc:/ldoms/ldmd:default

bash-3.2# ldm list
NAME             STATE      FLAGS   CONS    VCPU  MEMORY   UTIL  UPTIME
primary          active     -n-c–  UART    64    32256M   0.2%  1d 4h 38m

Save and Restore ldm configuration:

bash-3.2# tar -cvpf /var/tmp/autosave.tar var/opt/SUNWldm/autosave-*
a var/opt/SUNWldm/autosave-_Default_SP_Config/ 0K
a var/opt/SUNWldm/autosave-_Default_SP_Config/md-primary.bin 61K
a var/opt/SUNWldm/autosave-_Default_SP_Config/hv-md.bin 22K
a var/opt/SUNWldm/autosave-_Default_SP_Config/timestamp 1K
a var/opt/SUNWldm/autosave-_Default_SP_Config/sp-pri.bin 88K
a var/opt/SUNWldm/autosave-_Default_SP_Config/sp-timestamp 1K

to restore

cd /

tar -xvpf /var/tmp/autosave.tar

Saving and Restorig LDOM constraint Database
backup and restore the xml file: /var/opt/SUNWldm/ldom-db.xml

create default services after installing the LDOM manager:

3 defaults services need to be created on primary ldom:

virtual control concentrator service (vcc) service for use by the virtual network terminal server
daemon (vntsd) and as a concentrator for all logical domain consoles.

virtual disk server (vds) to allowimporting virtual disks into a logical domain

virtual switch service (vsw) to enable networking between virtual network (vnet)
devices in logical domains

VCC # ldm add-vcc port-range=5000-5100 vcc_primary primary
VDS # ldm add-vds vds0_primary primary
VSW # ldm add-vsw net-dev=nxge0 vsw0_primary primary

MAC address to vsw can be manually set using below command: only on Solaris 10:

primary# ldm add-vsw mac-addr=2:04:4f:fb:9f:0d net-dev=nxge0 primary-vsw0 primary

list services:
#ldm list-services primary
VCC
    NAME             LDOM             PORT-RANGE
    vcc_primary primary          5000-5100

VSW
    NAME             LDOM             MAC               NET-DEV   ID   DEVICE     LINKPROP   DEFAULT-VLAN-ID PVID VID                  MTU   MODE   INTER-VNET-LINK
    vsw0_primary primary          00:14:4f:fb:af:0d nxge0     0    switch@0              1               1                         1500         on     

VDS
    NAME             LDOM             VOLUME         OPTIONS          MPGROUP        DEVICE
    vds0_primary primary
bash-3.2# ldm set-vcpu 8 primary
bash-3.2# ldm list-constraints primary

bash-3.2# ldm start-reconf primary
Initiating a delayed reconfiguration operation on the primary domain.
All configuration changes for other domains are disabled until the primary
domain reboots, at which time the new configuration for the primary domain
will also take effect.

bash-3.2# ldm set-memory 1G primary
——————————————————————————
Notice: The primary domain is in the process of a delayed reconfiguration.
Any changes made to the primary domain will only take effect after it reboots.
——————————————————————————
bash-3.2#

bash-3.2# ldm add-config initial
bash-3.2# ldm list-config
factory-default
initial [current]
bash-3.2#sync;sync

bash-3.2# /usr/sbin/shutdown -y -g0 -i6

How to stop all domains:

1. power down all domains OS to OK prompt
2. primary# ldm stop-domain -a
3. primary# ldm unbind-domain ldom

 To remove all guest domains, run above 3 steps and below one step
4. ldm remove-domain -a

 How to upgrade LODM Manager:

1. svcadm disable ldmd
2. pkgrm SUNWldm
3. Instll the new package (copied to /var/tmp)
cd /var/tmp;pkgadd -Gd. SUNWldm.v
4. ldm list (verify)

 How to disable logical domain manager and remove the package?
1. svcadm disable ldmd
2. pkgrm SUNWldm; pkgrm SUNWldmp2v

Documents:

Oracle®VMServer for SPARC 2.2 Administration Guide : E23807.pdf

Reset Root password in Solaris 10

{0} ok boot -F failsafe
Boot device: /pci@400/pci@1/pci@0/pci@4/scsi@0/disk@wx000cx00xxxxxfdx,0:a  File and args: -F failsafe
SunOS Release 5.10 Version Generic_147440-01 64-bit
Copyright (c) 1983, 2011, Oracle and/or its affiliates. All rights reserved.
Configuring devices.
Searching for installed OS instances…
ROOT/zfsroot was found on root.
Do you wish to have it mounted read-write on /a? [y,n,?] y
mounting root on /a

An out of sync boot archive was detected on root.
The boot archive is a cache of files used during boot and
should be kept in sync to ensure proper system operation.

Do you wish to automatically update this boot archive? [y,n,?] y
Updating boot archive on root.
The boot archive on root was updated successfully.

# cd /a
# cp etc/shadow etc/shadow.21dec2012
# vi etc/shadow
root::6445::::::
:wq!
# init 6