Tour d’horizon du processeur SPARC M7
Oracle a récemment dévoilé à l'OpenWorld 2015 son nouveau processeur SPARC M7. Il s'agit du 6ème que l'entreprise a sorti depuis le rachat de Sun Microsystem en 2010. Avec le SPARC M7, Oracle a repoussé les limite des capacités des systèmes SPARC.
Mettre à jour des Ldoms sur Oracle Solaris 11.3 en 20 minutes !
Oracle Solaris 11 dispose d'un puissant système de mise à jour basé sur IPS et sur ZFS. Quand on met à jour le système d'exploitation un nouvel environnement est créé contenant le système mis à jour. Ce fonctionnement a pour avantage de ne pas avoir d'impact sur l'environnement actuellement actif puisqu'on ne le modifie pas directement.
Livre Oracle Solaris 11.2 System Administration Handbook
Il y a peu de livres traitant de Solaris et aujourd'hui d'Oracle Solaris. De plus le système d'exploitation a énormément évolué depuis ces dernières années.
Déployer des agents Oracle Enterprise Manger 12c sur Solaris 11.x
Déployer des agents Enterprise Manger sur Solaris n'est pas une tache difficile, et est similaire au déploiement sur les environnements Linux avec juste quelques changements mineurs.
oracle Solaris 11.3 découvrez la vidéo de présentation
Avec l'arrivée de la nouvelle mouture d'Oracle Solaris, Oracle a décidé de vous présenter les nouveaux challenges auquel répond Oracle Solaris 11.3 orienté sur 3 valeurs : La sécurité, la vitesse et la simplicité.
Vue d’ensemble des différentes générations de Sparc
Savez-vous combien il y a de types de CPU SPARC actuellement sur le marché ? Pas un, pas deux, mais cinq. Le SPARC64-VII, le T3, le T4, T5, M5 et M10.
Benchmark entre Oracle et IBM en terme de coût global
Benchmark entre Oracle et IBM en terme de coût global
Vidéo de la TechDay 2013 sur Sparc et Solaris
Retrouver le compte rendu vidéo du TechDay Solaris/SPARC qui s'est déroulé le 15 mai à PARIS.
Oracle Solaris Sparc TechDay 2013 : Retour sur l’événement
Oracle-Solaris.fr était présent à cette événement d'envergure pour les technologies Oracle Solaris et Sparc. L'objectif premier était d'y faire des rencontres, entre administrateur et ingénieur système Solaris mais aussi d'y partager ces expériences.
Récemment (en particulier depuis la publication de SPARC T4) et compte tenu des possibilités de virtualisation offertes par Zones et Ldoms nous pouvons nous demander vers où aller, Zones ou LDoms. ?
Bien sûr, on ne peut pas répondre à cette question sans parler des exigences de plate-forme et des raisons pour prendre les bonnes technologies, mais avant que nous allions dans les détails voici un bref rappel sur ces deux technologies :
Zones et LDoms ne sont pas rivales en soit, mais des technologies complémentaires. Si vous avez besoin de séparation au niveau du noyau, utilisez LDoms.Vous pourrez toujours de toute façon exécuter vos applications dans des zones au sein de ces LDoms!
Petits points de terminologie :
- LDOM est maintenant appelé Oracle VM pour SPARC.
- Les zones ont commencé leur vie en tant que projet Kevlar, alors nommé zones, puis commercialisé en tant que Containers, nous sommes maintenant de retour à des Zones.
- LDOM est une technologie de virtualisation HW sur SPARC T (CMT, ChipMultiThreading, Coolthread, sun4v, etc), cela est du à la capacité de sparc à multithreader ses processors parfaitement adaptée dans Logical Domains. De plus LDom s’exécute de l’hyperviseur.
- Zones est le poids plume OS-technologie de virtualisation de Solaris sur toutes les plateformes (Sparc-T, Sparc et x86-M)
- Chaque installation de l’OS Solaris dispose d’une zone, la zone globale (GZ).
Maintenant, pourquoi voudriez-vous utiliser les zones?
- Principe de conteneurs: Ils séparer proprement vos applications les unes des autres, par le maintien d’un ensemble distinct de packages Solaris, de leurs ressources CPU dédiés, de leur pile IP, des systèmes de fichiers , etc
- Architecture OS propre: Vous ne pourrez pas « salir » votre installation de l’OS dans la GZ fonctionnant sur le HW avec des paquets supplémentaires et une configurations spécifiques aux applicatifs que vous souhaitez faire tourner dessus. La GZ gère les ressources entre les zones, lance le noyau, dirige l’ensemble des zones, gère les périphériques, etc . A côté de ça les NGZs (zones non globales) exécute les applications.
- Flexibilité: Vous pouvez tout simplement détacher une zone de la GZ et l’attacher à une autre GZ sur une autre machine, y compris l’application. Vous pouvez facilement cloner des zones.
- Sécurité: Si une NGZ était compromis en terme d’intrusion ou de sécurité, l’attaquant ne peut pas déranger le GZ, ou les applications qui s’exécutent dans d’autres NGZs.
- Gestion des ressources: Vous pouvez allouer un montant garanti de CPU dans une zone tout en permettant à chaque zone de pouvoir utiliser plus que le montant qui lui est dédié.
Et quelles sont les raisons d’utiliser LDOM?
La séparation au niveau du noyau:
- Vous pouvez exécuter différentes mises à jour de Solaris 10 par OS virtualisé.
- Vous pouvez exécuter Solaris 10 et Solaris 11 juste à côté de l’autre.
Migrer vos OS:
- Vous ne pouvez pas faire de migration en live avec Zone
Certains de vos applications pourraient avoir besoin pour s’exécuter dans la GZ, et que vous n’aimez pas l’idée de lancer des applications à la fois dans le GZ et son NGZ dans le même temps, donc vous les séparer en LDoms.
Vous avez besoin de réduire le nombre de CPU virtuels dans un OS pour des questions de licence. LDOM est maintenant reconnus comme hardpartitioners par Oracle.
Conclusion
Comme vous le voyez ces deux technologies satisfont à des exigences différentes, ils sont dans des niveaux différents, LDoms est une virtualisation hardware et les zones sont des conteneurs d’applications dans un même OS, on pourrait parlé ici de virtualisation applicative.
Pour résumer la question n’a pas lieu d’être entre zones et LDoms. Utilisez les zones et les Ldoms selon votre besoin réel.
Articles en relation:
Actualités by .
Description
La commande dladm est utilisé pour gérer les cartes réseaux en parallèle avec ifconfig. Son nom vient de Data Link Administration.
dladm permet de voir plus profondément les paramètres des liens de données (« Data Link ») que ifconfig. On peut utiliser dladm pour faire des aggrégation de lien, configurer des ponts et afficher des statistiques sur les interfaces.
Très utilisé par les administrateurs systèmes Solaris vous retrouverez dans la partie « Exemple » la liste des options les plus utilisées avec cette commande.
La commande a quelques peu évoluée sur la version 11 de Solaris. En effet, par exemple show-dev n’existe plus vous devez utiliser à la place show-phys. Tous mes exemples sont tirés d’ailleurs de Solaris 11.
Exemple
Afficher les états des interfaces réseaux :
root@solaris:~# dladm show-phys LINK MEDIA STATE SPEED DUPLEX DEVICE e1000g0 Ethernet up 1000 full e1000g0
Afficher les états des liens :
root@solaris:~# dladm show-link LINK CLASS MTU STATE BRIDGE OVER e1000g0 phys 1500 up -- --
Afficher quelques statistiques réseaux des liens :
root@solaris:~# dladm show-link -s LINK IPACKETS RBYTES IERRORS OPACKETS OBYTES OERRORS e1000g0 6707 904846 0 1087 171490 0
Afficher des statistiques en temps réel sur un lien, -i pour le nombre de seconde :
root@solaris:~# dladm show-link -s -i 5 e1000g0 LINK IPACKETS RBYTES IERRORS OPACKETS OBYTES OERRORS e1000g0 6779 911065 0 1101 173192 0 e1000g0 4 328 0 1 258 0 e1000g0 8 682 0 2 304 0 e1000g0 12 1773 0 1 178 0 e1000g0 10 1620 0 1 178 0 e1000g0 3 674 0 1 178 0 e1000g0 10 1290 0 1 178 0 e1000g0 5 375 0 1 178 0
Man Solaris de la commande svcadm
System Administration Commands dladm(1M)
NAME
dladm - administer data links
SYNOPSIS
dladm show-link [-P] [-s [-i interval]] [[-p] -o field[,...]] [link]
dladm rename-link [-R root-dir] link new-link
dladm delete-phys phys-link
dladm show-phys [-P] [-m] [[-p] -o field[,...]] [-H] [phys-link]
dladm create-aggr [-t] [-R root-dir] [-P policy] [-L mode]
[-T time] [-u address] -l ether-link1 [-l ether-link2...] aggr-link
dladm modify-aggr [-t] [-R root-dir] [-P policy] [-L mode]
[-T time] [-u address] aggr-link
dladm delete-aggr [-t] [-R root-dir] aggr-link
dladm add-aggr [-t] [-R root-dir] -l ether-link1 [-l ether-link2...]
aggr-link
dladm remove-aggr [-t] [-R root-dir] -l ether-link1 [-l ether-link2...]
aggr-link
dladm show-aggr [-PLx] [-s [-i interval]] [[-p] -o field[,...]]
[aggr-link]
dladm create-bridge [-P protect] [-R root-dir] [-p priority]
[-m max-age] [-h hello-time] [-d forward-delay] [-f force-protocol]
[-l link...] bridge-name
dladm modify-bridge [-P protect] [-R root-dir] [-p priority]
[-m max-age] [-h hello-time] [-d forward-delay] [-f force-protocol]
bridge-name
dladm delete-bridge [-R root-dir] bridge-name
dladm add-bridge [-R root-dir] -l link [-l link...]bridge-name
dladm remove-bridge [-R root-dir] -l link [-l link...] bridge-name
dladm show-bridge [-flt] [-s [-i interval]] [[-p] -o field,...]
[bridge-name]
dladm create-vlan [-ft] [-R root-dir] -l ether-link -v vid [vlan-link]
dladm delete-vlan [-t] [-R root-dir] vlan-link
dladm show-vlan [-P] [[-p] -o field[,...]] [vlan-link]
dladm scan-wifi [[-p] -o field[,...]] [wifi-link]
dladm connect-wifi [-e essid] [-i bssid] [-k key,...]
[-s none | wep | wpa ] [-a open | shared] [-b bss | ibss] [-c]
[-m a | b | g | n ] [-T time] [wifi-link]
dladm disconnect-wifi [-a] [wifi-link]
dladm show-wifi [[-p] -o field[,...]] [wifi-link]
dladm show-ether [-x] [[-p] -o field[,...]] [ether-link]
dladm set-linkprop [-t] [-R root-dir] -p prop=value[,...] link
dladm reset-linkprop [-t] [-R root-dir] [-p prop[,...]] link
dladm show-linkprop [-P] [[-c] -o field[,...]] [-p prop[,...]] [link]
dladm create-secobj [-t] [-R root-dir] [-f file] -c class secobj
dladm delete-secobj [-t] [-R root-dir] secobj[,...]
dladm show-secobj [-P] [[-p] -o field[,...]] [secobj,...]
dladm create-vnic [-t] -l link [-R root-dir] [-m value | auto |
{factory [-n slot-identifier]} | {vrrp -A {inet | inet6} -V vrid}
| {random [-r prefix]}] [-v vlan-id] [-p prop=value[,...]] vnic-link
dladm delete-vnic [-t] [-R root-dir] vnic-link
dladm show-vnic [-pP] [-s [-i interval]] [-o field[,...]]
[-l link] [vnic-link]
dladm create-etherstub [-t] [-R root-dir] etherstub
dladm delete-etherstub [-t] [-R root-dir] etherstub
dladm show-etherstub [etherstub]
dladm create-iptun [-t] [-R root-dir] -T type [-a {local|remote}=addr,...]
iptun-link
dladm modify-iptun [-t] [-R root-dir] -a {local|remote}=addr,...
iptun-link
dladm delete-iptun [-t] [-R root-dir] iptun-link
dladm show-iptun [-P] [[-p] -o field[,...]] [iptun-link]
dladm create-part [-t] [-f] -l ib-link [-R root-dir] -P pkey
[-p prop=value[,...]] part-link
dladm delete-part [-t] [-R root-dir] part-link
dladm show-part [-pP] [-o field[,...]] [-l ib-link] [part-link]
dladm show-ib [-pP] [-o field[,...]] [ib-link]
dladm show-usage [-a] -f filename [-p plotfile -F format] [-s time]
[-e time] [link]
DESCRIPTION
The dladm command is used to administer data-links. A data-
link is represented in the system as a STREAMS DLPI (v2)
interface which can be plumbed under protocol stacks such as
TCP/IP. Each data-link relies on either a single network
device or an aggregation of devices to send packets to or
receive packets from a network.
Each dladm subcommand operates on one of the following
objects:
link
A datalink, identified by a name. In general, the name
can use any alphanumeric characters (or the underscore,
_), but must start with an alphabetic character and end
with a number. A datalink name can be at most 31 charac-
ters, and the ending number must be between 0 and
4294967294 (inclusive). The ending number must not begin
with a zero. Datalink names between 3 and 8 characters
are recommended.
Some subcommands operate only on certain types or
classes of datalinks. For those cases, the following
object names are used:
aggr-link
An aggregation datalink (or a key; see NOTES).
ether-link
A physical Ethernet datalink.
iptun-link
An IP tunnel link.
part-link
An InfiniBand (IB) partition data link.
phys-link
A physical datalink.
vlan-link
A VLAN datalink.
vnic-link
A virtual network interface created on a link or an
etherstub. It is a pseudo device that can be treated
as if it were an network interface card on a
machine.
wifi-link
A WiFi datalink.
bridge
A bridge instance, identified by an administratively-
chosen name. The name may use any alphanumeric charac-
ters or the underscore, _, but must start and end with
an alphabetic character. A bridge name can be at most 31
characters. The name default is reserved, as are all
names starting with SUNW.
Note that appending a zero (0) to a bridge name produces
a valid link name, used for observability.
dev
A network device, identified by concatenation of a
driver name and an instance number.
etherstub
An Ethernet stub can be used instead of a physical NIC
to create VNICs. VNICs created on an etherstub will
appear to be connected through a virtual switch, allow-
ing complete virtual networks to be built without physi-
cal hardware.
part
An IB partition link created on a IB physical link.
secobj
A secure object, identified by an administratively-
chosen name. The name can use any alphanumeric charac-
ters, as well as underscore (_), period (.), and hyphen
(-). A secure object name can be at most 32 characters.
Articles en relation:
Command by .
Oracle Solaris SPARC a énormément évolué au fil des années au niveau de la virtualisation. Que ce soit au niveau d’un processus avec Solaris Container ou d’un os virtualisé avec Logical Domain on constate
Plusieurs types de technologies s’entremêle sur Solaris SPARC et il est parfois difficile de savoir à quel point ces technologies marchent entre elles aujourd’hui.
Les progrès en matière de virtualisation sous Solaris SPARC
Depuis la première version de Solaris 10 en 2005, Solaris Container a pris des proportions incroyables et est la méthode la plus largement utilisée pour la virtualisation sur Solaris, en grande partie parce que cela fonctionne sur toute machine qui fonctionne sous Solaris 10 ou plus.
En 2006, Logical Domains (LDoms) ont été ajoutés et ont fait évoluer l’ensemble avec des améliorations sur les serveurs SPARC équipés de la technologie Chip Multi-Threading (CMT), dont la famille la plus récente est la famille SPARC T4.
La première augmentation significative de l’adoption de Logical Domains a débuté en 2008 avec l’introduction de serveurs basés sur le UltraSPARC T2 Plus, avec une hausse plus important par la suite en popularité en raison des progrès apportés pour les SPARC T3 et T4. La technologie que nous avons connu comme Logical Domains est maintenant appelé Oracle VM Server pour SPARC.
On a une très forte interopérabilité entre ZFS, Solaris Container et Oracle VM Server pour Sparc depuis Oracle Solaris 11
Enterprise Manager Ops Center
La nouvelle version d’Ops Center dans Oracle Enterprise Manager 12c apporte beaucoup à la relation qu’il y a entre ces différents produits. En effet, avec Live Migration on peut maintenant centraliser la virtualisation de manière plus efficace notamment quand il y a de très nombreux container et qu’il faut savoir mixer entre les configurations de stockages sous ZFS et les serveurs virtuels avec Oracle VM Server pour Sparc.
Articles en relation:
Actualités by .
Description
La commande svcadm fait partie d’un ensemble de commande permettant de gérer les services Solaris. Celui-ci en est d’ailleurs le plus important car il permet par exemple d’activer ou de désactiver un service.
Indispensable pour les administrateurs systèmes Solaris cette commande a besoin des droits root pour pouvoir fonctionner correctement.
Exemple
root@solaris:~# svcadm disable smtp root@solaris:~# svcs smtp STATE STIME FMRI disabled 4:15:44 svc:/network/smtp:sendmail root@solaris:~# svcadm enable smtp root@solaris:~# svcs smtp STATE STIME FMRI online 4:15:55 svc:/network/smtp:sendmail
Man Solaris de la commande svcadm
System Administration Commands svcadm(1M)
NAME
svcadm - manipulate service instances
SYNOPSIS
/usr/sbin/svcadm [-v] enable [-rst] {FMRI | pattern}...
/usr/sbin/svcadm [-v] disable [-st] {FMRI | pattern}...
/usr/sbin/svcadm [-v] restart {FMRI | pattern}...
/usr/sbin/svcadm [-v] refresh {FMRI | pattern}...
/usr/sbin/svcadm [-v] clear {FMRI | pattern}...
/usr/sbin/svcadm [-v] mark [-It] instance_state
{FMRI | pattern}...
/usr/sbin/svcadm [-v] milestone [-d] milestone_FMRI
DESCRIPTION
svcadm issues requests for actions on services executing
within the service management facility (see smf(5)). Actions
for a service are carried out by its assigned service res-
tarter agent. The default service restarter is svc.startd
(see svc.startd(1M)).
OPTIONS
The following options are supported:
-v Print actions verbosely to standard output.
SUBCOMMANDS
Common Operations
The subcommands listed below are used during the typical
administration of a service instance.
For subcommands taking one or more operands, if the operand
specifies a service (instead of a service instance), and
that service has only a single instance, svcadm operates on
that instance. If an abbreviated FMRI (a fault management
resource identifier) or pattern matches more than one ser-
vice, a warning message is displayed and that operand is
ignored. See smf(5).
SunOS 5.11 Last change: 9 May 2008 1
System Administration Commands svcadm(1M)
In the case that the service has more than one instance,
svcadm return a non-zero exit status.
enable [-rst] {FMRI | pattern}. . .
Enables the service instances specified by the operands.
For each service instance, the assigned restarter will
try to bring it to the online state. This action
requires permission to modify the "general" property
group of the service instance (see smf_security(5)).
If the -r option is specified, svcadm enables each ser-
vice instance and recursively enables its dependencies.
If the -s option is specified, svcadm enables each ser-
vice instance and then waits for each service instance
to enter the online or degraded state. svcadm will
return early if it determines that the service cannot
reach these states without administrator intervention.
If the -t option is specified, svcadm temporarily
enables each service instance. Temporary enable only
lasts until reboot. This action requires permission to
modify the "restarter_actions" property group of the
service instance (see smf_security(5)). By default,
enable is persistent across reboot.
disable [-st] {FMRI | pattern}. . .
Disables the service instance specified by the operands.
For each service instance, the assigned restarter will
try to bring it to the disabled state. This action
requires permission to modify the "general" property
group of the service instance (see smf_security(5)).
If the -s option is specified, svcadm disables each ser-
vice instance and then waits for each service instance
to enter the disabled state. svcadm will return early if
it determines that the service cannot reach this state
without administrator intervention.
If the -t option is specified, svcadm temporarily dis-
ables each service instance. Temporary disable only
lasts until reboot. This action requires permission to
modify the "restarter_actions" property group of the
service instance (see smf_security(5)). By default, dis-
able is persistent across reboot.
restart {FMRI | pattern}. . .
SunOS 5.11 Last change: 9 May 2008 2
System Administration Commands svcadm(1M)
Requests that the service instances specified by the
operands be restarted. This action requires permission
to modify the "restarter_actions" property group of the
service instance (see smf_security(5)).
This subcommand can restart only those services that are
in the online or degraded states, as those states are
defined in smf(5).
refresh {FMRI | pattern}. . .
For each service instance specified by the operands,
requests that the assigned restarter update the
service's running configuration snapshot with the values
from the current configuration. Some of these values
take effect immediately (for example, dependency
changes). Other values do not take effect until the next
service restart. See the restarter and service documen-
tation for more information.
If the service is managed by svc.startd(1M), the refresh
method will be invoked if it exists to request the ser-
vice reread its own configuration. For other restarters,
see the restarter documentation.
This action requires permission to modify the
"restarter_actions" property group of the service
instance (see smf_security(5)).
clear {FMRI | pattern}. . .
For each service instance specified by the operands, if
the instance is in the maintenance state, signal to the
assigned restarter that the service has been repaired.
If the instance is in the degraded state, request that
the assigned restarter take the service to the online
state. This action requires permission to modify the
"restarter_actions" property group of the service
instance (see smf_security(5)).
Exceptional Operations
The following subcommands are used for service development
and temporary administrative manipulation.
mark [-It] instance_state {FMRI | pattern}. . .
If instance_state is "maintenance", then for each ser-
vice specified by the operands, svcadm requests that the
assigned restarter place the service in the maintenance
SunOS 5.11 Last change: 9 May 2008 3
System Administration Commands svcadm(1M)
state. See svc.startd(1M) and inetd(1M) for a detailed
description of the actions taken for each restarter.
If instance_state is "degraded", then for services
specified by the operands in the online state, svcadm
requests that the restarters assigned to the services
move them into the degraded state.
If the -I option is specified, the request is flagged as
immediate.
The -t option is only valid for maintenance requests.
When this option is specified, the request is flagged as
temporary, and its effect will only last until the next
reboot.
milestone [-d] milestone_FMRI
If milestone_FMRI is the keyword "none", all services
other than the master restarter,
svc:/system/svc/restarter:default, will be temporarily
disabled.
If milestone_FMRI is the keyword "all", temporary enable
and disable requests for all services will be nullified.
If milestone_FMRI is one of the following:
svc:/milestone/single-user:default
svc:/milestone/multi-user:default
svc:/milestone/multi-user-server:default
then temporary enable and disable requests for the indi-
cated service and all services it depends on (directly
or indirectly) will be nullified. All other services
will be temporarily disabled.
Changing the system's current milestone with the "mile-
stone" subcommand will not change the current run level
of the system. To change the system's run level, invoke
/sbin/init directly.
This action requires permission to modify the
"options_ovr" property group of the
svc:/system/svc/restarter:default service instance (see
smf_security(5)).
The -d option immediately changes the milestone to the
requested milestone, as above. Additionally, it makes
the specified milestone the default boot milestone,
SunOS 5.11 Last change: 9 May 2008 4
System Administration Commands svcadm(1M)
which persists across reboot. The default milestone is
defined by the options/milestone property on the master
restarter, svc:/system/svc/restarter:default. If this
property is absent, "all" is the default. This action
requires permission to modify the "options" property
group of the svc:/system/svc/restarter:default service
instance (see smf_security(5)).
Operands
The following operands are supported:
FMRI An FMRI that specifies one or more instances.
FMRIs can be abbreviated by specifying the
instance name, or the trailing portion of the
service name. For example, given the FMRI:
svc:/network/smtp:sendmail
All the following are valid abbreviations:
sendmail
:sendmail
smtp
smtp:sendmail
network/smtp
While the following are invalid:
mail
network
network/smt
If the FMRI specifies a service, then the command
applies to all instances of that service. Abbre-
viated forms of FMRIs are unstable, and should
not be used in scripts or other permanent tools.
pattern A pattern that is matched against the FMRIs of
service instances according to the "globbing"
rules described by fnmatch(5). If the pattern
does not begin with "svc:", then "svc:/" is
prepended.
If an abbreviated FMRI or pattern matches more than one ser-
vice, a warning message is displayed and that operand is
SunOS 5.11 Last change: 9 May 2008 5
System Administration Commands svcadm(1M)
ignored.
EXAMPLES
Example 1 Restarting a Service Instance
The following command restarts the NFS server. The full FMRI
for the default service instance is:
svc:/network/nfs/server:default
However, you can abbreviate the full FMRI as follows:
# svcadm restart nfs/server
Example 2 Disabling the Standard HTTP Server
The following command disables the standard HTTP server,
using an abbreviated FMRI:
$ svcadm disable http
Example 3 Enabling an Instance and Its Dependent Instances
The following command enables the foo:bar instance, and all
instances on which it depends:
$ svcadm enable -r foo:bar
Example 4 Synchronously enabling an instance
The following command enables the foo:bar instance. The com-
mand will not return until the instance comes online or
svcadm determines it is not possible for the service to come
online.
$ svcadm enable -s foo:bar
SunOS 5.11 Last change: 9 May 2008 6
System Administration Commands svcadm(1M)
Example 5 Restricting and Restoring the Running Services
The following command restricts the running services to sin-
gle user mode:
# svcadm milestone milestone/single-user
The following command restores the running services:
# svcadm milestone all
EXIT STATUS
The following exit values are returned:
0 Successful completion.
1 A fatal error occurred. One or more error messages are
displayed on standard error.
2 Invalid command line options were specified.
3 svcadm determined that a service instance that it was
waiting for could not reach the desired state without
administrator intervention due to a problem with the
service instance itself.
4 svcadm determined that a service instance that it was
waiting for could not reach the desired state without
administrator intervention due to a problem with the
service's dependencies.
ATTRIBUTES
See attributes(5) for descriptions of the following attri-
butes:
SunOS 5.11 Last change: 9 May 2008 7
System Administration Commands svcadm(1M)
____________________________________________________________
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
|_____________________________|_____________________________|
| Availability | SUNWcs |
|_____________________________|_____________________________|
| Interface Stability | See below. |
|_____________________________|_____________________________|
The interactive output is Uncommitted. The invocation and
non-interactive output are Committed.
SEE ALSO
svcprop(1), svcs(1), inetd(1M), init(1M), svccfg(1M),
svc.startd(1M), libscf(3LIB), contract(4), attributes(5),
smf(5), smf_security(5)
NOTES
The amount of time svcadm will spend waiting for services
and their dependencies to change state is implicitly limited
by their method timeouts. For example, a service using the
default restarter whose start method hangs will be transi-
tioned to the maintenance state when its timeout expires.
svcadm will then consider it impossible for this service to
come online without administrator intervention.
Attempts to synchronously enable a service which depends
(directly or indirectly) on a file may fail with an exit
status indicating that dependencies are unsatisfied if the
caller does not have the privileges necessary to search the
directory containing the file. This limitation may be
removed in a future Solaris release.
SunOS 5.11 Last change: 9 May 2008 8
Articles en relation:
Command by .
Description
La commande svccfg est une commande qui fait d’un ensemble de commande permettant de manipuler les services sur Solaris à côté par exemple de svcs et de svcadm. Cette commande permet de gérer les fichiers xml servant à définir le fonctionnement d’un service. En effet, dans /var/svc/manifest on trouve l’ensemble des fichiers xml définissant l’ensemble des services visible avec la commande svcs.
Avec svccfg on peut importer, exporter et modifier ces fichiers xml importés.
Par exemple si vous créez un service monsoft.xml pour l’intégrer dans votre système vous devrez faire les commandes suivantes :
svccfg import /var/svc/manifest/monsoft.xml
/lib/svc/method/manifest-import
Man de la commande Solaris svccfg
System Administration Commands svccfg(1M)
NAME
svccfg - import, export, and modify service configurations
SYNOPSIS
/usr/sbin/svccfg [-v] [-s FMRI]
/usr/sbin/svccfg [-v] [-s FMRI] subcommand [args]...
/usr/sbin/svccfg [-v] [-s FMRI] -f command-file
DESCRIPTION
The svccfg command manipulates data in the service confi-
guration repository. svccfg can be invoked interactively,
with an individual subcommand, or by specifying a command
file that contains a series of subcommands.
Changes made to an existing service in the repository typi-
cally do not take effect for that service until the next
time the service instance is refreshed. See the refresh sub-
command on the svcadm(1M) man page for more details.
OPTIONS
The following options are supported:
-f command-file
Reads and executes svccfg subcommands from command-file.
-s FMRI
Selects the entity indicated by FMRI (a fault management
resource identifier) before executing any subcommands.
See smf(5).
-v
Verbose.
SUBCOMMANDS
Subcommands are divided into the categories specified in the
subsections that follow.
All subcommands that accept FMRIs also accept abbreviated or
globbed patterns. Instances and services can be abbreviated
SunOS 5.11 Last change: 30 Jul 2010 1
System Administration Commands svccfg(1M)
by specifying the instance name, or the trailing portion of
the service name. For example, given the FMRI:
svc:/network/smtp:sendmail
All the following are valid abbreviations:
sendmail
:sendmail
smtp
smtp:sendmail
network/smtp
While the following are invalid:
mail
network
network/smt
Abbreviated forms of FMRIs are unstable, and should not be
used in scripts or other permanent tools. If a pattern
matches more than one instance or service, an error message
is printed and no action is taken.
General Subcommands
end
exi
quit
Exits immediately.
repository repfile
Uses repfile as a repository. By default, svccfg(1M)
uses the system repository.
Use repository only with files from the identical ver-
sion of Solaris, including patches, that you are
currently running. Do not use this subcommand with the
system repository, /etc/svc/repository.db.
SunOS 5.11 Last change: 30 Jul 2010 2
System Administration Commands svccfg(1M)
set [-v|-V]
Sets optional behavior. If no options are specified, set
displays the options currently in effect.
-v
Turns on verbose mode.
-V
Turns off verbose mode.
Service Profile Subcommands
apply [-n] file | directory
If a argument is a service profile, properties, includ-
ing general/enabled, that are specified in the file are
modified in the SMF repository. Not-yet-existent proper-
ties and property groups will be created. The type of
the pre-existing property groups will not be changed by
the profile. Existing properties (as distinguished from
property groups) can have their type changed by the pro-
file.
If the type attribute of a property or property group is
unspecified, an attempt will be made to determine the
type from existing type settings or from the service
template. If a type cannot be determined, a warning will
be presented and the service will be skipped so incon-
sistent data will not be introduced into a service and
instance. Nonexistent services and instances are
ignored.
To use the relaxed element definitions in a profile, the
following definitions need to be added to the DOCTYPE
entry:
<!ENTITY % profile "INCLUDE">
<!ENTITY % manifest "IGNORE">
Services and instances modified by the profile will be
refreshed. If -n is specified, the profile is processed
and no changes are applied to the SMF repository. Any
syntax error found will be reported on stderr and an
exit code of 1 will be returned. See smf(5) for a
description of service profiles. This command requires
privileges to modify properties in the service and
SunOS 5.11 Last change: 30 Jul 2010 3
System Administration Commands svccfg(1M)
instance. See smf_security(5) for the privileges
required to modify properties.
If the argument to apply is a directory, all profiles
found under that directory tree will get applied as
described above. The subcommand fails if a specified
file or any file found under a specified directory is
not a service profile.
extract [> file]
Prints a service profile which represents the enabled
status of the service instances in the repository to
standard output. The output may be redirected to a file.
Service Manifest Subcommands
archive [-a]
Dumps a full XML service description for all services,
instances, and their persistent properties in the repo-
sitory. This does not include transient properties such
as service state, and is suitable for a relocatable
repository backup.
Without the -a option, property groups containing pro-
tected information (identified by the presence of the
read_authorization property-see smf_security(5)) will be
archived without their property values. When the -a
option is specified, all values will be archived. An
error results if there are insufficient privileges to
read these values.
export [-a] service_FMRI [>file]
The service description for the specified service and
its instances is written to standard output or
redirected to the given file. Dependencies with a
boolean "external" property set to true are omitted in
the belief that they were created on behalf of another
service.
Without the -a option, property groups containing pro-
tected information (identified by the presence of the
read_authorization property-see smf_security(5)) will be
exported without their property values. When the -a
option is specified, all values will be archived. An
error results if there are insufficient privileges to
read these values.
SunOS 5.11 Last change: 30 Jul 2010 4
System Administration Commands svccfg(1M)
Note that export requires a service FMRI. If you specify
an instance (including an abbreviation, such as apache2
or sendmail, that specifies an instance), the command
fails.
import [-V] [file | directory]
If a directory is supplied, for each manifest file found
in the directory tree, the service manifest file is
imported as stated below. Only files with an .xml exten-
sion are considered for import when a directory is
searched.
If file is a service manifest, then the services and
instances it specifies are imported into the repository.
According to the file, dependencies may be created in
other services. See smf(5) for a description of service
manifests. See smf_security(5) for the privileges
required to create and modify service configurations.
Services and instances in the manifest will be validated
against template data in the manifest and the reposi-
tory, and warnings will be issued for all template vio-
lations. See smf_template(5) for a description of tem-
plates. If the -V option is specified, manifests that
violate the defined templates will fail to import. In
interactive invocations of svccfg, -V is the default
behavior.
For existing services and instances, properties which
have not changed since the last import snapshot was
taken are upgraded to those specified by the manifest.
Conflicts (properties which have been changed both in
the repository and the manifest) are reported on the
standard error stream. svccfg will never upgrade the
"general/enabled" and "general/restarter" properties,
since they represent administrator preference.
inventory file
If file is determined to be a service manifest, then the
FMRIs of the services and instances the file describes
are printed. For each service, the FMRIs of its
instances are displayed before the FMRI of the service.
restore
Restores the contents of the repository from a full XML
service description previously created by the archive
SunOS 5.11 Last change: 30 Jul 2010 5
System Administration Commands svccfg(1M)
subcommand. If the archive was generated without the use
of the -a option, the contents of the repository follow-
ing completion of the restore will not include the
values of any read-protected properties (see
smf_security(5)). If these are required, they must be
restored manually.
Restoring an archive which is inconsistent with
currently installed software (including patch revisions)
might yield unpredictable results. Therefore, prior to
restoring an archive, all system and application
software, including any service manifests, should be
restored to the same state it was in at the time the
archive was made.
validate [file | fmri]
The validate subcommand can operate on a manifest file,
an instance FMRI, or the current instance or snapshot
entity selection. When an argument is specified, svccfg
will check to see whether the specified file exists. If
the file exists, it will be validated. If a file of the
specified name does not exist, the argument is treated
as an FMRI pattern. If a conflict arises between a
filename and an FMRI, use the svc: and file: prefixes to
tell svccfg how to interpret the argument.
When you specify a file, the file is processed in a
manner similar to import -V, but no changes are made to
the repository. If any errors are detected, svccfg
displays the errors and exits with a nonzero exit
status.
For an instance fmri, instance entity selection, or
snapshot entity selection, the specified instance in its
composed form (see "Properties and Property Groups" in
smf(5)) will be validated against template data in the
repository. Instance FMRIs and instance entity selec-
tions use the "running" snapshot for validation. Warn-
ings will be issued for all template violations. See
smf_template(5) for a description of templates.
Entity Selection, Modification, and Navigation Subcommands
An "entity" refers to a scope, service, or service instance.
add name
A new entity with the given name is created as a child
of the current selection. See smf_security(5) for the
privileges required to create entities.
SunOS 5.11 Last change: 30 Jul 2010 6
System Administration Commands svccfg(1M)
delete [-f] {name | fmri}
The named child of the current selection or the entity
specified by fmri is deleted. Attempts to delete service
instances in the "online" or "degraded" state will fail
unless the -f flag is specified. If a service or service
instance has a "dependents" property group of type
"framework", then for each of its properties with type
"astring" or "fmri", if the property has a single value
which names a service or service instance then the
dependency property group in the indicated service or
service instance with the same name as the property will
be deleted. See smf_security(5) for the privileges
required to delete service configurations.
list [pattern]
The child entities of the current selection whose names
match the glob pattern pattern are displayed (see
fnmatch(5)). ':properties' is also listed for property-
bearing entities, namely services and service instances.
select {name | fmri}
If the argument names a child of the current selection,
it becomes the current selection. Otherwise, the argu-
ment is interpreted as an FMRI and the entity that the
argument specifies becomes the current selection.
unselect
The parent of the current selection becomes the current
selection.
Property Inspection and Modification Subcommands
addpg name type [flags]
Adds a property group with the given name and type to
the current selection. flags is a string of characters
which designates the flags with which to create the pro-
perty group. 'P' represents SCF_PG_FLAG_NONPERSISTENT
(see scf_service_add_pg(3SCF)). See smf_security(5) for
the privileges required to create property groups.
addpropvalue pg/name [type:] value
Adds the given value to a property. If type is given and
SunOS 5.11 Last change: 30 Jul 2010 7
System Administration Commands svccfg(1M)
the property exists, then if type does not agree with
the property's type, the subcommand fails. The values
may be enclosed in double-quotes. String values contain-
ing double-quotes or backslashes must be enclosed by
double-quotes and the contained double-quotes and
backslashes must be quoted by backslashes. Nonexistent
properties are created, in which case the type specifier
must be present. See scf_value_create(3SCF) for a list
of available property types. See smf_security(5) for the
privileges required to modify properties. The new value
will be appended to the end of the list of property
values associated with the property.
delpg name
Deletes the property group name of the current selec-
tion. See smf_security(5) for the privileges required to
delete property groups.
delprop pg[/name]
Deletes the named property group or property of the
current selection. See smf_security(5) for the
privileges required to delete properties.
delpropvalue pg/name globpattern
Deletes all values matching the given glob pattern in
the named property. Succeeds even if no values match.
See smf_security(5) for the privileges required to
modify properties.
describe [-v] [-t] [propertygroup/property]
Describes either the current or the possible settings.
When invoked without arguments, describe gives basic
descriptions (if available) of the currently selected
entity and all of its currently set property groups and
properties. A property group or specific property can be
queried by specifying either the property group name, or
the property group name and property name, separated by
a slash (/), as an argument.
The -v option gives all information available, including
descriptions for current settings, constraints, and
other possible setting choices.
SunOS 5.11 Last change: 30 Jul 2010 8
System Administration Commands svccfg(1M)
The -t option shows only the template data for the
selection (see smf_template(5)), and does not display
the current settings for property groups and properties.
editprop
Comments of commands to reproduce the property groups
and properties of the current selection are placed in a
temporary file and the program named by the EDITOR
environment variable is invoked to edit it. Upon comple-
tion, the commands in the temporary file are executed.
The default editor is vi(1). See smf_security(5) for the
privileges required to create, modify, or delete proper-
ties.
listpg [pattern]
Displays the names, types, and flags of property groups
of the current selection. If an argument is given, it is
taken as a glob pattern and only property groups with
names which match the argument are listed.
In interactive mode, a basic description of the property
groups is also given.
listprop [pattern]
Lists property groups and properties of the current
selection. For property groups, names, types, and flags
are listed. For properties, names (prepended by the pro-
perty group name and a slash (/)), types, and values are
listed. See scf_value_create(3SCF) for a list of avail-
able property types. If an argument is supplied it is
taken as a glob pattern and only property groups and
properties with names which match the argument are
listed.
setenv [-i | -s] [-m method_name] envvar value
Sets a method environment variable for a service or
instance by changing the "environment" property in the
method_name property group, if that property group has
type "method". If method_name is not specified and the
-i option is used, the "method_context" property group
is used, if an instance is currently selected. If the -s
option is used and a service is currently selected, its
"method_context" property group is used. If the -s
option is used and an instance is currently selected,
SunOS 5.11 Last change: 30 Jul 2010 9
System Administration Commands svccfg(1M)
the "method_context" property group of its parent is
used. If neither the -i option nor the -s option is
used, the "start" property group is searched for in the
currently selected entity and, if an instance is
currently selected, its parent is also searched. If the
"inetd_start" property group is not located, it is
searched for in a similar manner.
Once the property is located, all values which begin
with envvar followed by a "=" are removed, and the value
"envvar=value" is added. See smf_security(5) for the
privileges required to modify properties.
setprop pg/name = [type:] value
setprop pg/name = [type:] ([values ...])
Sets the name property of the pg property group of the
current selection to the given values of type type. See
scf_value_create(3SCF) for a list of available property
types. If the property already exists and the type
disagrees with the existing type on the property, the
subcommand fails. Values may be enclosed in double-
quotes. String values which contain double-quotes or
backslashes must be enclosed by double-quotes and the
contained double-quotes and backslashes must be quoted
by backslashes. If the named property does not exist, it
is created, as long as the type is specified. See
smf_security(5) for the privileges required to create or
modify properties. Multiple values will be stored in the
order in which they are specified.
unsetenv [-i | -s] [-m method_name] envvar value
Removes a method environment variable for a service or
instance by changing the "environment" property in the
method_name property group, if that property group has
type "method". If method_name is not specified and the
-i option is used, the "method_context" property group
is used, if an instance is currently selected. If the -s
option is used and a service is currently selected, its
"method_context" property group is used. If the -s
option is used and an instance is currently selected,
the "method_context" property group of its parent is
used. If neither the -i option nor the -s option is
used, the "start" property group is searched for in the
currently selected entity and, if an instance is
currently selected, its parent is also searched. If the
"inetd_start" property group is not located, it is
searched for in a similar manner.
SunOS 5.11 Last change: 30 Jul 2010 10
System Administration Commands svccfg(1M)
Once the property is located, all values which begin
with envvar followed by "=" are removed. See
smf_security(5) for the privileges required to modify
properties.
Notification Parameters Subcommands
setnotify {[-g] tset | class} notification_parameters
Sets notifications parameters for software events and
Fault Management problem lifecycle events in the SMF
repository.
-g
Used to set system-wide notification parameters for
SMF state transition. See smf(5). These notification
parameters are set in svc:/system/svc/global:default
regardless of any svccfg current selection. This
subcommand refreshes all instances it modifies.
class
Comma-separated list of FMA Event classes or
aliases. See smf(5) Notification Parameters.
tset
Comma-separated list of SMF state transitions. See
smf(5) Notification Parameters.
notification_parameters
URI format for each notification mechanism imple-
mented: For SMTP use:
mailto:addr[?header1=value1[&header2=value2]]
...or:
mailto:{[active]|inactive}
...and for SNMP traps use:
snmp:{[active]|inactive}
SunOS 5.11 Last change: 30 Jul 2010 11
System Administration Commands svccfg(1M)
The parameter msg_template defined in smtp-
notify(1M) can be set as a header value in the
mailto URI. For example:
mailto:root@localhost?msg_template=<path to template file>
SNMP traps are directed to the host as defined by
the trapsink directive in /etc/net-
snmp/snmp/snmpd.conf or as specified by the SNMP
trap notification daemon. See smtp-notify(1M).
The notification parameters are specific to the
class or tset specified and overwrite preexisting
notification parameters. The active/inactive form
does not overwrite previous notification parameters.
It just switches on or off the notification mechan-
ism for the specified class or tset. Setting notifi-
cation parameters implicitly sets them as active.
listnotify [-g] [tset] | class
Displays the existing notification parameters for the
specified class or tset. With the -g option, the notifi-
cation parameters in svc:/system/svc/global:default are
displayed. If tset is omitted, all is implied.
delnotify [-g] tset | class
Delete the existing notification parameters for the
specified class or tset. With the -g option, the notifi-
cation parameters in svc:/system/svc/global:default are
deleted.
Snapshot Navigation and Selection Subcommands
listsnap
Displays snapshots available for the currently selected
instance.
revert [snapshot]
Reverts the properties of the currently selected
instance and its service to those recorded in the named
snapshot. If no argument is given, use the currently
selected snapshot and deselect it on success. The
changed property values can be made active via the
SunOS 5.11 Last change: 30 Jul 2010 12
System Administration Commands svccfg(1M)
refresh subcommand of svcadm(1M). See smf_security(5)
for the privileges required to change properties.
selectsnap [name]
Changes the current snapshot to the one named by name.
If no name is specified, deselect the currently selected
snapshot. Snapshots are read-only.
Instance Subcommands
refresh
Commit the values from the current configuration to the
running snapshot, making them available for use by the
currently selected instance. If the repository subcom-
mand has not been used to select a repository, direct
the instance's restarter to reread the updated confi-
guration.
EXAMPLES
Example 1 Importing a Service Description
The following example imports a service description for the
seismic service in the XML manifest specified on the command
line.
# svccfg import /var/svc/manifest/site/seismic.xml
Note that the manifest must follow the format specified in
service_bundle(4).
Example 2 Exporting a Service Description
To export a service description on the local system:
# svccfg export dumpadm >/tmp/dump.xml
Example 3 Deleting a Service Instance
SunOS 5.11 Last change: 30 Jul 2010 13
System Administration Commands svccfg(1M)
To delete a service instance:
# svccfg delete network/inetd-upgrade:default
Example 4 Checking Properties in an Alternate Repository
To examine the state of a service's properties after loading
an alternate repository, use the sequence of commands shown
below. One might use such commands, for example, to deter-
mine whether a service was enabled in a particular reposi-
tory backup.
# svccfg
svc:> repository /etc/svc/repository-boot
svc:> select telnet:default
svc:/network/telnet:default> listprop general/enabled
general/enabled boolean false
svc:/network/telnet:default> exit
Example 5 Enabling Debugging
To modify LD_PRELOAD for a start method and enable the use
of libumem(3LIB) with debugging features active:
$ svccfg -s system/service setenv LD_PRELOAD libumem.so
$ svccfg -s system/service setenv UMEM_DEBUG default
Example 6 Using describe Subcommand
The following command illustrates the use of the describe
subcommand.
# svccfg -s console-login describe ttymon
ttymon application
ttymon/device astring /dev/console
terminal device to be used for the console login prompt
ttymon/label astring console
appropriate entry from /etc/ttydefs
...
SunOS 5.11 Last change: 30 Jul 2010 14
System Administration Commands svccfg(1M)
Example 7 Configuring Notification Preferences
The following command configures notification preferences
for SMF service state transition events.
# svccfg setnotify -g from-online,to-maintenance \
mailto:admin@somehost.com
Example 8 Enabling SNMP Notifications
The following command enables SNMP notifications for Fault
Management events.
# svccfg setnotify problem-diagnosed,problem-updated \
mailto:admin@somehost.com snmp:
Example 9 Listing Notification Settings
The following command lists notification settings for Fault
Management events.
# svccfg listnotify problem-diagnosed,problem-updated
Event: problem-diagnosed
Notification Type: smtp
active: true
to: admin@somehost.com
Notification Type: snmp
active: true
Event: problem-updated
Notification Type: smtp
active: true
to: admin@somehost.com
Notification Type: snmp
active: true
ENVIRONMENTAL VARIABLES
EDITOR
The command to run when the editprop subcommand is used.
SunOS 5.11 Last change: 30 Jul 2010 15
System Administration Commands svccfg(1M)
The default editor is vi(1).
EXIT STATUS
The following exit values are returned:
0
Successful execution.
1
One or more subcommands resulted in failure. Error mes-
sages are written to the standard error stream.
2
Invalid command line options were specified.
ATTRIBUTES
See attributes(5) for descriptions of the following attri-
butes:
____________________________________________________________
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
|_____________________________|_____________________________|
| Availability | SUNWcsu |
|_____________________________|_____________________________|
| Interface Stability | See below. |
|_____________________________|_____________________________|
The interactive output is Uncommitted. The invocation and
non-interactive output are Committed.
SEE ALSO
svcprop(1), svcs(1), smtp-notify(1M), svcadm(1M),
svc.configd(1M), libscf(3LIB), libumem(3LIB),
scf_service_add_pg(3SCF), scf_value_create(3SCF), con-
tract(4), service_bundle(4), attributes(5), fnmatch(5),
smf(5), smf_method(5), smf_security(5), smf_template(5)
SunOS 5.11 Last change: 30 Jul 2010 16
Articles en relation:
Command by .