Author Archives: Daz

OpenSolaris – Samba server

Posted on by No Comments ↓

Time to share your newly created ZFS volume via samba to your windows clients.  There is some CIFS / SMB support built into the kernel now, but i’ve grown used to the SMB server…

Fire up add software – click filesystems – enable filter for “smb”, there are three packages generally. I get all three, but you only need the kernel update and the server package. The other is the SMB client.

Once installed make sure you enable the server in servicesgui.

Ensure the filesystem does not have any permission issues. I usually run chmod -R 777 /share just to ensure everyone can access the files without issue.

Add some users into smb password file (U need to create the users and sync the passwords). I usually create a guest user profile

useradd guest

smbpasswd -a guest – it should prompt for password twice (this is the password you use from windows). Press enter twice to leave the password blank.

The configuration can be done via /etc/sfw/smb.conf or via the shared folders admin gui.

I prefer doing the admin via the /etc/sfw/smb.conffile as it tends to let you have more control than the basic options available to you via the GUI. The contents of the file are as follows;  (note: i have included alot of the setting as an example which may contridict other settings)

[global] – global settings, the following are obvious

workgroup = workgroup

server string = opensolaris

wins support = yes – lets your server act as a WINS box


[share] – share name

path = /raidz1/share – share path

available = yes – enabled?

browseable = yes

public = yes

valid users = user1, user2 – only these users can access the share

writable = yes – equivalent to read / write in windows share properties

read only = yes – sets the default permissions to read only

write list = user1, user2 – these users can write to the share. Overrides above “read only” setting.

There are some good examples within /etc/sfw/smb.conf-example. Look there for some tips.

You also have an option of managing samba via the web – SWAT (samba web admin t). To get this up an running enable the swat service svc:/network/swat:default then browse to http://server:901

Optimizing SMB

I’ve found that adding this to /etc/sfw/smb.conf helps throughput in some cases. Try for yourself;  (it tends to put a higher load on cpu)

[global]

aio read size = 1
aio write size = 1

Further to this entry i have discovered that the built in CIFS / SMB service is much more efficient since it is included as part of the kernel. See my other posts on setting up cifs

Updated : 9/08/2009

I’ve swapped back to samba due to the issues i’ve had with cifs in the later releases. Remember if you wish to swap back to samba yo uneed to remove the sharesmb properties from each of your zfs shares – else on reboot zfs will re-enable the server/smb service.

There are some additional settings to ensure that your file server is the master browser for your workgroup. Put these under your [global]

[global]
domain master = Yes
local master = Yes
preferred master = Yes
os level = 35

Apparently on windows the os level reaches only 32 – so setting this to 35 ensures that your file server remains the master browser when an election is performed.

opensolaris – network teaming

Posted on by No Comments ↓

Otherwise known as trunking or link aggregation. I believe it is the best way to get that additional boost out of your network server while providing a bit of redundancy on link failure. here is how to do it…

Official docs on the process here… http://docs.sun.com/app/docs/doc/819-6990/gdysn?a=view and some good bits here http://blogs.sun.com/nickyv/entry/link_aggregation_jumpstart_post_install

dladm (data link admin) is the tool for the job. List the links you currently have…

dladm show-link

First shut down the links you are currently using..  (you will have to do this on the console)

ifconfig e1000g1 unplumb

Now join the two nics into one aggregate connection via….

dladm create-aggr -l e1000g1 -l rge0 aggr1

then bring up the new aggregate link

ifconfig aggr1 plumb IP-address up

Show link

dladm show-aggr

(Optional) Make the IP configuration of the link aggregation persist across reboots.

  1. Create the /etc/hostname file for the aggregation’s interface.

    If the aggregation contains IPv4 addresses, the corresponding hostname file is/etc/hostname.aggr1. For IPv6–based link aggregations, the corresponding hostname file is/etc/hostname6.aggr1.

  2. Type the IPv4 or IPv6 address of the link aggregation into the file.

  3. Perform a reconfiguration boot.

I have teamed an intel nic (e1000g) and a (rge) together without any issues…  the rge drive by itself had issues, but i have not come across them again since i trunked both interfaces together. Perhaps the e1000g takes the load while the other nic dies off..

Updated : 4/08/2009

To test the throughput / load balancing run these commands (in two terminal sesssions);

dladm show-link -s -i 5 rge0

dladm show-link -s -i 5 e1000g1

It will return the packets going over each nic. Copy some files back and forth over the interface and watch the numbers. RBYTES and OBYTES are the fields to watch (received and out bytes)

SCCM – installing client via GPO

Posted on by No Comments ↓

If you dont have sms / sccm client in your gold disk then GPO is the next best thing to get the SCCM client out into your environment.

This is a real nice and clean install script for IE 7 which i have modified to install SCCM. http://www.symantec.com/connect/blogs/installing-application-using-vbscript

object.Run(strCommand, [intWindowStyle],[bWaitOnReturn])  

'INSTALL MS INTERNET EXPLORER 7 USING VBScript    
Set objShell = WScript.CreateObject("WScript.Shell")
spath = objShell.CurrentDirectory

If fso.FileExists(spath & "\IE7-WindowsXP-x86-enu.exe") Then
	path = """" & spath & "\IE7-WindowsXP-x86-enu.exe" & """ /passive /norestart /update-no"
	objShell.Run(path, 1 ,True)
	i = 0
	'INSTALL MICROSOFT INTERNET EXPLORER 7    
	i = objShell.Run(path, 1 ,True)
	If (i = 0) Or (i = 3010) Then 
		'WRITE EXIT CODE [0-success/3010-success&requires reboot] TO EVENTLOG
		objShell.LogEvent vbLogSuccess, sLogHeader & "Microsoft Internet Explorer 7 installation completed successfully." & VbCrLf & "Exit code: " & i
	Else
		MsgBox "The installation of Microsoft Internet Explorer 7 returned an error: " & i & VbCrLf & _
		"Please contact IT Support to report this error.", vbOKOnly
		objShell.LogEvent vbLogError, sLogHeader & "Installation returned failure code: " & VbCrLf & "Exit code: " & i
	End If

Else
	WScript.Quit (1)
End If

set fso = Nothing
set WSHShell = Nothing
Wscript.Quit

 

selinux – opening additional ports / or disabling

Posted on by No Comments ↓

If you are having problems starting apache on a non-standard port you might find that the problem is related to selinux.

Type this command to check to see what http ports are currently allowed;  (remove filter to show all rules)

semanage port -l|grep http

To add another port type the following (with the port you wish to add etc);

semanage port -a -t http_port_t -p tcp 81

If you want to disable selinux completely then go into /etc/selinux/config and set selinux=disabled. Save then reboot.

Citrix XenServer 5.5 – First impressions

Posted on by No Comments ↓

I had decided to try out Citrix Xen Server at home since i work a lot with vmware during my working week and felt like a change. It all seemed well… That is until i had to deal with snapshots. I suppose i have taken for granted almost all other virtual host software that provides a simple “revert to snapshot” option. From what i can tell this is totally absent from Citrix XenServer 5.5.

There are comments from within Citrix that they are working on this as a feature, but it has yet to make it to fruition. Unfortunately for me with the type of work i do (testing / proof of concept etc) this is a deal breaker. Looks like i’m gunna have to try out vSphere at home. (currently only using 3.5 at work)

Least vSphere has thin provisioning now, so nothing (feature wise) i’ll be missing from Citrix’s Xen Server.

Updated : 28/07/2009

I’ve actually got no choice but to stay with Citrix Xen for now, looks like the sata controller and network chip on my motherboard is not supported by either 3.5 U4 or vSphere. Doh! (i should have checked the HCL but sometimes just like to try my luck)