Friday, July 31, 2009

Solaris Cluster and Zones

Read http://blogs.sun.com/Maddy/entry/making_sense_of_zones_in for details,

Summary to remember,

FAILOVER ZONE/HA ZONE:
- zone failover from one cluster node to the other
- application running inside the zone has to switch with the zone
- application monitoring has to be done by SMF inside the zone, Sun Cluster agents are not monitoring the applications (more appropriate for legacy applications with no proven cluster agents)
- It supports branded zones (Solaris 8, Solaris 9 and lx branded zones (Linux branded)) apart from native zone (Solaris 10)
- Read more -
http://docs.sun.com/app/docs/doc/819-2664/6n4uhp5gq?a=view
- Example - http://www.sun.com/bigadmin/content/submitted/ha_containers_zfs.jsp

ZONE NODE:
- zones to be treated like physical nodes to be part of Resource Groups
- It is best for applications which are supported with containers and have a Sun Cluster agent
- application running inside the zone can failover to other zone or physical node
- It supports only native zone as a zone node
- it is more useful,
o applications which are scalable and have to hosted exclusively in zones
o application running in a combination of physical nodes and zones
- Read more -
http://docs.sun.com/app/docs/doc/819-2969/gcbkf?a=view

ZONE CLUSTER:
- introduces a new brand of zone called "cluster”
- A single physical cluster can be partitioned and many virtual clusters can be created for hosting different applications/isolate the application and data
- Still have a specific usage for
Deploying Oracle RAC in Zone Clusters.
- clzonecluster is the utility for configurations
- Read more -
http://docs.sun.com/app/docs/doc/820-4677/ghcoa?a=view

Monday, July 27, 2009

LDAP Failover for Messaging Server / Calendar Server / Multi-Plexor / Access Manager / Communications Express / Instant Messaging / Sun Convergence

This is an extract from wikis.sun.com and some other web sites and configurations are verified in practice.

LDAP Failover Messaging Server 6.x

----------------------------------
Change following parameters,
/opt/SUNWmsgsr/sbin
/opt/SUNWmsgsr/sbin/configutil -o local.ugldaphost -v "ldap1.example.com ldap2.example.com:389"
/opt/SUNWmsgsr/sbin/configutil -o local.service.pab.ldaphost -v "ldap1.example.com ldap2.example.com:389"
/opt/SUNWmsgsr/sbin/configutil -o local.service.pab.alwaysusedefaulthost -v "yes"
/opt/SUNWmsgsr/sbin/imsimta cnbuild
/opt/SUNWmsgsr/sbin/stop-msg
/opt/SUNWmsgsr/sbin/start-msg

LDAP Failover for Calendar Server 6.x

--------------------------------------
Edit the ics.conf file (Eg: /etc/opt/SUNWics5/config/ics.conf)
Change following parameters,
local.authldaphost="ldap1.example.com ldap2.example.com:389"
local.ugldaphost="ldap1.example.com ldap2.example.com:389"
Restart Calendar services:
/opt/SUNWics5/cal/sbin/stop-cal
/opt/SUNWics5/cal/sbin/start-cal

LDAP Failover for Messaging Multi-Plexor 6.x

---------------------------------------------
vi /var/opt/SUNWmsgsr/config/ImapProxyAService.cfg
Change following parameters,
default:LdapUrl "ldap://ldap1.example.com:389 ldap2.example.com:389/o=internet"
vi /var/opt/SUNWmsgsr/config/PopProxyAService.cfg
Change following parameters,
default:LdapUrl "ldap://ldap1.example.com:389 ldap2.example.com:389/o=internet"
/opt/SUNWmsgsr/sbin/stop-msg mmp
/opt/SUNWmsgsr/sbin/start-msg mmp

LDAP Failover for Access Manager 7.x

--------------------------------------
vi /etc/opt/SUNWam/config/serverconfig.xml
Add a line like this after 'Server1' line in the name="default" ServerGroup:

Stop and start the web container
1. Log into amconsole (http:///amconsole) as the "amadmin" user
2. Click on "Service Configuration" tab
3. Click on the triangle next to the "LDAP" Service name
4. Scroll down to "Secondary LDAP Server:" in the right-hand pane
5. Add the server ldap2.example.com:389, click add, then scroll up and click 'Save'
6. Click on the "Identity Management" tab
7. From the drop-down box in the left-hand menu, select "Services"
8. Click on the triangle next to the "LDAP" Service name
9. Scroll down to "Secondary LDAP Server:" in the right-hand pane
10. Add the server ldap2.example.com:389, click add, then scroll up and click 'Save'

LDAP Failover for Communications Express (UWC)

-----------------------------------------------
vi /var/opt/SUNWuwc/WEB-INF/config/uwcauth.properties
Change following parameters,
ldapusersession.ldaphost = ldap1.example.com,ldap2.example.com:389
Stop and start the web container
Communications Express (UWC) - Addressbook
Edit /var/opt/SUNWuwc/WEB-INF/config/corp-dir/db_config.properties
Change following parameters,
defaultserver.ldaphost=ldap1.example.com,ldap2.example.com:389
Edit /var/opt/SUNWuwc/WEB-INF/config/ldappstore/db_config.properties
Change following parameters,
defaultserver.ldaphost=ldap1.example.com,ldap2.example.com:389

LDAP Failover for Instant Messaging 7.x

----------------------------------------
No changes needed if Access Manager is configured for Authentication and Configuration storage.
Note: User and Group lookup functionality will be non-operational whilst the primary LDAP server is unavailable.
If direct LDAP authentication and local storage of configuration is used, then LDAP fail-over support is not available. LDAP fail-over support is scheduled for the next release.

LDAP Failover for Delegated Administrator 6.x

----------------------------------------------
Delegated Administrator 6.x does not support LDAP failover.

LDAP Failover for Sun Convergence 6.x

--------------------------------------
To configure Convergence for LDAP failover, type the following command:
iwcadmin -u -w -o ugldap.host -v ldap1.example.com:389,ldap1.example.com:389
If your LDAP hosts are configured for SSL, all the failover LDAP servers in the failover mechanism are also in SSL mode.
Each host does not have a separate SSL flag. All the LDAP servers should have the same privileged userid and password.
All the LDAP servers should run in Master-Master replication mode.

HA Zpool in Sun Cluster

Create the zpool
----------------
zpool create store-zpool /dev/did/dsk/d5s2
(d5 is the did number of the disk device to use in zpool)


Create file systems required in the above pool, set all settings like size, compression ..etc (zfs properties, see man zfs)
---------------------------------------------------------------------------------------------------------------------------
zfs create store-zpool/msg-config
zfs set mountpoint=/jes/mail/config store-zpool/msg-config
zfs create store-zpool/cal-config
zfs set mountpoint=/jes/cal/config store-zpool/cal-config


Create the resource group
---------------------------
clresourcegroup create store-rg
(store-rg is the name of the resource group)


Register the resource type for Highly Available Storge into Sun Cluster
-----------------------------------------------------------------------
clresourcetype register SUNW.HAStoragePlus


Create the resource
---------------------
clresource create -g store-rg -t SUNW.HAStoragePlus -p Zpools=store-zpool store-fs-rs
(store-fs-rs is the resource name)


Online the resource/resource group
-----------------------------------
clresourcegroup manage store-rg
clresourcegroup online store-rg

Wednesday, July 8, 2009

Tuning UFS

Tuning UFS
----------------
All the tuning parameters must be verified against tuning parameter guides of respective OS versions.


Look for “Solaris Tunable Parameters” in docs.sun.com for details, following are some of the tips for UFS.

• forcedirectio — File systems were mounted with forcedirectio enabled.
The use of direct I/O is appropriate for sequential I/O on very large files, especially
files that are significantly larger than an operating system’s RAM file cache. This can
improve performance by reducing the overhead of a file cache. Direct I/O is not
recommended for all workloads, for instance operations with random I/O patterns
(such as sorts) for the most part are much faster with a file cache. A file cache is a
primary mechanism to hide disk latency, so by default it is always on.

forcedirectio

• maxphys —The maxphys parameter in the /etc/system file, which controls
the maximum number of bytes that a device driver read or writes at any one time
was modified from the default value of 128K to 8 MB by adding the following line:

set maxphys=0x800000


• ssd_max_xfer_size — The Fibre Channel disk maximum transfer parameter
was modified to 8 MB to reflect the change in maxphys. The ssd driver enables
large transfers for a specific file by checking the ssd_max_xfer_size definition
in the /kernel/drv/ssd.conf file. If this definition does not exist, the driver
uses the default value, which is 1024 x 1024 bytes. The following line needs to added
to the /kernel/drv/ssd.conf file.

ssd_max_xfer_size=0x800000;


• sd_max-xfer_size — The SCSI disk maximum transfer parameter was modified
to 8 MB to correspond with maxphys. This parameter works similarly to the Fibre
Channel disk maximum transfer parameter. The following line needs to be added to
the /kernel/drv/sd.conf file.

sd_max_xfer_size=0x800000;


• To increases about n% of RAM available for file system buffer cache instead of the default of 12%.

segmap_percent=n

• If ufs_WRITES is non-zero, the number of bytes outstanding for writes on a file is checked.
See ufs_HW subsequently to determine whether the write should be issued or should be deferred
until only ufs_LW bytes are outstanding. The total number of bytes outstanding is tracked
on a per-file basis so that if the limit is passed for one file, it won't affect writes to other files.

ufs:ufs_WRITES=0

• In order to put the full contents of the large into the filesystem cache,
we need to make sure the filesystem cache is large enough to hold the file and we need to adjust
freebehind to allow ungoverned population of the filesystem cache

ufs:freebehind=0

OS is 64-bit or 32-bit ? , Kernel Compliant ?

Solaris
--------
# isainfo -v
64-bit sparcv9 applications
32-bit sparc applications

Which Architecture is booted ?
--------------------------------------
# isainfo -kv

64-bit sparcv9 kernel modules

# isalist - display the native instruction sets executable on this platform

# uname -a

UltraSparc processors are capable of 64-bit computing, the OS release level may be the limiting factor
SunOS5.7 or greater is 64-bit compliant
Solaris 2.7 or greater is 64-bit compliant

AIX
----

# getconf -a grep KERN

KERNEL_BITMODE: 64


or

# file /usr/lib/boot/unix*

/usr/lib/boot/unix_64


Linux
------

# uname -a

x86_64 x86_64 x86_64 GNU/Linux or ia64 ia64 ia64 GNU/Linux
------ -----

Windows
-------

Start -> Run, and type dxdiag

x64_edition


Mac OS
-------

select About This Mac from the Apple menu

Mac OS X 10.4 offers 64-bit support to console applications