Chapter 3 Solaris Installation and Upgrade (Roadmap)
This chapter provides you with information about decisions you need
to make before you install or upgrade the Solaris Operating System (Solaris
OS). This chapter contains the following sections:
Note –
This book uses the term slice, but some Solaris
documentation and programs might refer to a slice as a partition.
x86:
To avoid confusion, this book distinguishes between x86 fdisk
partitions and the divisions within the Solaris fdisk partition.
The x86 fdisk divisions are called partitions. The divisions
within the Solaris fdisk partition are called slices.
Task Map: Installing or Upgrading the Solaris
Software
The following task map is an overview of the steps necessary to
install or upgrade the Solaris OS when using any installation program. Use
this task map to identify all of the decisions that you need to make to complete
the most efficient installation for your environment.
Table 3–1 Task Map: Installing
or Upgrading the Solaris Software
|
Task
|
Description
|
For Instructions
|
|
Choose initial installation or upgrade.
|
Decide if you want to perform an initial installation or an upgrade.
|
Initial Installation, or Upgrade?.
|
|
Choose an installation program.
|
The Solaris OS provides several programs for installation or upgrade.
Choose the installation method that is most appropriate for your environment.
|
Choosing a Solaris Installation Method.
|
|
(Solaris interactive installation program) Choose a default or custom
installation.
|
Decide which type installation is suitable for your environment:
-
If you are using a graphical user interface (GUI) you can
choose a default or a custom installation:
-
A default installation formats the hard disk and installs
a preselected set of software.
-
A custom installation enables you to modify the hard disk
layout and select the software that you want to install.
-
If you use a text installer (non-graphical interface), you
can select the default values or edit the values to select the software you
want to install.
|
For information on the Solaris installation program's choices, see Chapter 5, Gathering Information Before Installation or Upgrade (Planning)
|
|
For initial installations only, choose open network security or restricted
network security.
|
For an initial installation, determine whether to disable or constrain
network services to respond to local requests only during the installation.
The default is to open network security during installation.
|
Planning Network Security
|
|
Review system requirements. Also, plan and allocate disk space and swap
space.
|
Determine if your system meets the minimum requirements to install or
upgrade. Allocate disk space on your system for the components of the Solaris
OS that you want to install. Determine the appropriate swap-space layout for
your system.
|
Chapter 4, System Requirements, Guidelines, and Upgrade (Planning).
|
|
Choose to install a system from local media or from the network.
|
Decide on the most appropriate installation media for your environment.
|
Installing From the Network or From DVD or CDs?.
|
|
Gather information about your system.
|
-
For the Solaris installation program, complete the worksheet
to collect all of the information that you need to install or upgrade.
-
For the custom JumpStart installation method, decide which
profile keywords to use in your profile. Then review the keyword descriptions
to find the information about your system that you need.
|
|
|
(Optional) Set system parameters.
|
You can preconfigure system information to avoid being prompted for
the information during the installation or upgrade.
|
Chapter 2, Preconfiguring System Configuration Information (Tasks), in Solaris 10 11/06 Installation Guide: Network-Based Installations.
|
|
(Optional) Prepare to install the Solaris software from the network.
|
If you chose to install the Solaris software from the network, complete
the following tasks.
-
(x86 based systems) Verify that your system supports PXE
-
Create an installation server
-
Create a boot server (if necessary)
-
Configure a DHCP server (if necessary)
-
Set up systems to be installed from the network
|
To install over a local area network, see Chapter 6, Installing From the Network With CD Media (Tasks), in Solaris 10 11/06 Installation Guide: Network-Based Installations.
To install over a wide area network, see Chapter 11, Installing With WAN Boot (Tasks), in Solaris 10 11/06 Installation Guide: Network-Based Installations.
|
|
(Upgrade only) Perform tasks prior to upgrade.
|
Back up your system and determine if you can upgrade with disk space
reallocation.
|
Upgrade Planning.
|
|
Perform an installation or upgrade.
|
Use the Solaris installation method that you chose to install or upgrade
the Solaris software.
|
The chapter or chapters that provide detailed instructions for the installation
programs.
|
|
Troubleshoot installation problems
|
Review the troubleshooting information when you encounter problems with
your installation.
|
Appendix A, Troubleshooting (Tasks), in Solaris 10 11/06 Installation Guide: Custom JumpStart and Advanced Installations.
|
Installing From the Network or From DVD or CDs?
The Solaris software is distributed on DVD or CD media so that you can
install or upgrade systems that have access to a DVD-ROM or CD-ROM drive.
You can set up the systems to install from the network with remote DVD
or CD images. You might want to set up systems this way for the following
reasons:
You can use all of the Solaris installation methods to install a system
from the network. However, by installing systems from the network with the Solaris Flash installation
feature or with a custom JumpStart installation, you can centralize and automate
the installation process in a large enterprise. For more details about the
different installation methods, refer to Choosing a Solaris Installation Method.
Installing the Solaris software from the network requires initial setup.
For information about preparing to install from the network, choose one of
the following options.
Initial Installation, or Upgrade?
You can choose to perform an initial installation or, if your system
is already running the Solaris OS, you can upgrade your system.
Initial Installation
An initial installation overwrites the system's disk with the new version
of the Solaris OS. If your system is not running the Solaris OS, you must
perform an initial installation.
If the system is already running the Solaris OS, you can choose to perform
an initial installation. If you want to preserve any local modifications,
before you install, you must back up the local modifications. After you complete
the installation, you can restore the local modifications.
You can use any of the Solaris installation methods to perform an initial
installation. For detailed information about the different Solaris installation
methods, refer to Choosing a Solaris Installation Method.
Upgrade
You can upgrade the Solaris OS by using two upgrade methods: standard
and Solaris Live Upgrade. A standard upgrade maintains as many existing configuration
parameters as possible of the current Solaris OS. Solaris Live Upgrade creates
a copy of the current system. This copy can be upgraded with a standard upgrade.
The upgraded Solaris OS can then be switched to become the current system
by a simple reboot. If a failure occurs, you can switch back to the original
Solaris OS with a reboot. Solaris Live Upgrade enables you to keep your system
running while you upgrade and enables you to switch back and forth between
Solaris OS releases.
For more information about upgrading and the list of upgrade methods,
see Upgrade Planning.
Choosing a Solaris Installation Method
The Solaris OS provides several programs for installation or upgrade.
Each installation technology offers different features that are designed for
specific installation requirements and environments. Use the following table
to help you decide which installation method to use.
Table 3–2 Choosing Your Installation
Method
|
Task
|
Installation Method
|
Reasons for Choosing This Program
|
Instructions
|
|
Install one system from CD-ROM or DVD-ROM media with an interactive
program.
|
Solaris installation program
|
-
This program divides tasks into panels, prompts you for information,
and offers default values.
-
This program is not an efficient method when you have to install
or upgrade multiple systems. For batch installations of multiple systems,
use custom JumpStart or the Solaris Flash installation feature.
|
Solaris 10 11/06 Installation Guide: Basic Installations
|
|
Install one system over a local area network.
|
Solaris installation program over the network
|
This program enables you to set up an image of the software you want
to install on a server and install this image on a remote system. If you need
to install multiple systems, you can use the network installation image with
the custom JumpStart and Solaris Flash installation methods to efficiently
install or upgrade systems on your network.
|
Part II, Installing Over a Local Area Network, in Solaris 10 11/06 Installation Guide: Network-Based Installations
|
|
Automate the installation or upgrade of multiple systems based on profiles
you create.
|
Custom JumpStart
|
This program efficiently installs multiple systems. But if you only
have a few systems, the creation of a custom JumpStart environment might be
time consuming. For a few systems, use the Solaris interactive installation
program.
|
Chapter 3, Preparing Custom JumpStart Installations (Tasks), in Solaris 10 11/06 Installation Guide: Custom JumpStart and Advanced Installations
|
|
Replicate the same software and configuration on multiple systems.
|
Solaris Flash archives
|
-
This program saves installation time by installing all Solaris
packages at once on your system. Other programs install each individual Solaris
package and update the package map for each package.
-
Solaris Flash archives are large files and require a significant
amount of disk space. To manage different installation configurations or to
change your installation configuration, you might consider using the custom
JumpStart installation method. Alternatively, you can accomplish system-specific
customizations by using a JumpStart finish script or an embedded Solaris Flash postdeployment
script.
|
Chapter 1, Solaris Flash (Overview), in Solaris 10 11/06 Installation Guide: Solaris Flash Archives (Creation and Installation)
|
|
Install systems over a wide area network (WAN) or the Internet.
|
WAN boot
|
If you want to install a Solaris Flash archive over the network, this
program enables a secure installation.
|
Chapter 9, WAN Boot (Overview), in Solaris 10 11/06 Installation Guide: Network-Based Installations
|
|
Upgrade a system while it is running.
|
Solaris Live Upgrade
|
-
This program enables you to upgrade or add patches to avoid
the system down time related to a standard upgrade
-
This program enables you to test an upgrade or new patches
without affecting the current OS
|
Chapter 2, Solaris Live Upgrade (Overview), in Solaris 10 11/06 Installation Guide: Solaris Live Upgrade and Upgrade Planning
|
|
After installing the Solaris OS, create an isolated application environment.
|
Solaris Zones partitioning technology
|
This program creates isolated non-global zones that provide a secure
application environment. This isolation prevents processes that are running
in one zone from monitoring or affecting processes that are running in any
other zones.
|
Chapter 16, Introduction to Solaris Zones, in System Administration Guide: Solaris Containers-Resource Management and Solaris Zones
|
Planning
Network Security
Starting with the Solaris 10 11/06 release, you have
the option during an initial installation to change the network security settings
so that all network services, except Secure Shell, are disabled or restricted
to respond to local requests only. This option minimizes the potential vulnerabilities
a remote attacker might try to exploit. In addition, this option provides
a base for customers to enable only the services they require. This security
option is only available during an initial installation, not during an upgrade.
An upgrade maintains any set services that were previously set. If necessary,
you can restrict network services after an upgrade by using the netservices command.
Depending on the installation program you are using, you can select
to restrict network services or keep the services enabled by default:
Restricted Security Specifics
If you choose to restrict network security, numerous
services are fully disabled. Other services are still enabled, but these services
are restricted to local connections only. The Secure Shell remains fully enabled.
For example, the following table lists network services that, for the
Solaris 10 11/06 release, are restricted to local connections.
Table 3–3 Solaris 10 11/06 SMF Restricted Services
|
Service
|
FMRI
|
Property
|
|
rpcbind
|
svc:/network/rpc/bind
|
config/local_only
|
|
syslogd
|
svc:/system/system-log
|
config/log_from_remote
|
|
sendmail
|
svc:/network/smtp:sendmail
|
config/local_only
|
|
smcwebserver
|
svc:/system/webconsole:console
|
options/tcp_listen
|
|
WBEM
|
svc:/application/management/wbem
|
options/tcp_listen
|
|
X server
|
svc:/application/x11/x11-server
|
options/tcp_listen
|
|
dtlogin
|
svc:/application/graphical-login/cde-login
|
dtlogin/args
|
|
ToolTalk
|
svc:/network/rpccde-ttdbserver:tcp
|
proto=ticotsord
|
|
dtcm
|
svc:/network/rpccde-calendar-manager
|
proto=ticits
|
|
BSD print
|
svc:/application/print/rfc1179:default
|
bind_addr=localhost
|
Revising Security Settings After Installation
With the restricted network security feature, all of the affected services
are controlled by the Service Management Framework (SMF). Any individual network
service can be enabled after an initial installation by using the svcadm and svccfg commands.
The restricted network access is
achieved by invoking the netservices command from the SMF
upgrade file found in /var/svc/profile. The netservices command can be used to switch the service startup behavior.
To disable network services manually, run the following command:
This command can be used on
upgraded systems, where no changes are made by default. This command can also
be used to re-establish the restricted state after enabling individual services.
Similarly, default services can be enabled as they were in previous Solaris
releases by running the following command:
For further information about revising security settings, see How to Create an SMF Profile in System Administration Guide: Basic Administration. See also the following man
pages.
-
netservices(1M)
-
svcadm(1M)
-
svccfg(1M) commands.
Sun Java System Application Server Platform
Edition 8
The Sun Java System Application Server Platform Edition 8 provides for
broad deployment of application services and web services. This software is
automatically installed with the Solaris OS. You can find documentation for
the server in the following areas:
Scarica il manuale in formato PDF (720 KB)