{"id":282,"date":"2011-07-08T09:40:35","date_gmt":"2011-07-08T07:40:35","guid":{"rendered":""},"modified":"2015-08-17T18:18:01","modified_gmt":"2015-08-17T16:18:01","slug":"przygotowanie-kontenera","status":"publish","type":"post","link":"https:\/\/drfugazi.eu.org\/en\/przygotowanie-kontenera\/","title":{"rendered":"(Polski) Przygotowanie kontenera dla OpenDJ"},"content":{"rendered":"

Sorry, this entry is only available in Polish<\/a>. For the sake of viewer convenience, the content is shown below in the alternative language. You may click the link to switch the active language.<\/p>

<\/p>\n

Przygotowanie kontenera (Solaris zone) dla serwera us\u0142ug katalogowych OpenDJ<\/h3>\n

Uruchamiam format aby system wykry\u0142 dyski i pokaza\u0142 ich WWN:<\/p>\n

\r\n# format\r\nSearching for disks...done\r\n\r\nc4t600A0B80002ACF5A000015954E16BDE3d0: configured with capacity of 15.00GB\r\nc4t600A0B80002ACF5A000015974E16BE5Fd0: configured with capacity of 15.00GB\r\nc4t600A0B80002ACF5A000015994E16BEDBd0: configured with capacity of 15.00GB\r\n<\/code><\/pre>\n
Tworz\u0119 zpool\u0119 raidz o nazwie zldapdj1, na kt\u00f3rej umieszcz\u0119 filesystemy kontenera, ustawiam od razu punkt montowania:<\/p>\n
\r\n# zpool create -m \/zones\/ldapdj1 zldapdj1 raidz c4t600A0B80002ACF5A000015954E16BDE3d0 \\\r\n> c4t600A0B80002ACF5A000015974E16BE5Fd0 c4t600A0B80002ACF5A000015994E16BEDBd0\r\n<\/code><\/pre>\n
Tworz\u0119 filesystemy ZFS dla ustawie\u0144 i danych (etc i var):<\/p>\n
\r\n# zfs create -o mountpoint=\/data\/etc\/ldapdj1 zldapdj1\/etc\r\n# zfs create -o mountpoint=\/data\/var\/ldapdj1 zldapdj1\/var\r\n<\/code><\/pre>\n
Na filesystemie z danymi zmiennymi wy\u0142\u0105czam atime<\/code> dla poprawy wydajno\u015bci:<\/p>\n
\r\n# zfs set atime=off zldapdj1\/var\r\n<\/code><\/pre>\n
Tworz\u0119 plik z konfiguracj\u0105 kontenera i zapisuj\u0119 go jako ldapdj1.cfg<\/code>, jego zawarto\u015b\u0107:<\/p>\n
\r\ncreate -b\r\nset zonepath=\/zones\/ldapdj1\r\nset autoboot=true\r\nset ip-type=shared\r\nadd inherit-pkg-dir\r\nset dir=\/lib\r\nend\r\nadd inherit-pkg-dir\r\nset dir=\/platform\r\nend\r\nadd inherit-pkg-dir\r\nset dir=\/sbin\r\nend\r\nadd inherit-pkg-dir\r\nset dir=\/usr\r\nend\r\nadd inherit-pkg-dir\r\nset dir=\/usr\/local\r\nend\r\nadd fs\r\nset dir=\/data\/etc\r\nset special=\/data\/etc\/ldapdj1\r\nset type=lofs\r\nend\r\nadd fs\r\nset dir=\/data\/var\r\nset special=\/data\/var\/ldapdj1\r\nset type=lofs\r\nset options=[noatime]\r\nend\r\nadd net\r\nset address=192.168.10.45\r\nset physical=qfe2\r\nend\r\n<\/code><\/pre>\n
Utworzenie konfiguracji kontenera na podstawie pliku ldapdj1.cfg<\/code>:<\/p>\n
\r\n# zonecfg -z ldapdj1 -f ldapdj1.cfg\r\n<\/code><\/pre>\n
Instalacja kontenera:<\/p>\n
\r\n# zoneadm -z ldapdj1 install\r\n\/zones\/ldapdj1 must not be group readable.\r\n\/zones\/ldapdj1 must not be group executable.\r\n\/zones\/ldapdj1 must not be world readable.\r\n\/zones\/ldapdj1 must not be world executable.\r\ncould not verify zonepath \/zones\/ldapdj1 because of the above errors.\r\nzoneadm: zone ldapdj1 failed to verify\r\n<\/code><\/pre>\n
Katalog \/zones\/ldapdj1<\/code> ma zbyt szerokie uprawnienia, trzeba je ograniczy\u0107 i spr\u00f3bowa\u0107 raz jeszcze:<\/p>\n
\r\n# chmod 700 \/zones\/ldapdj1 \r\n# zoneadm -z ldapdj1 install\r\nPreparing to install zone .\r\nCreating list of files to copy from the global zone.\r\nCopying  files to the zone.\r\nDetermining zone package initialization order.\r\nPreparing to initialize  packages on the zone.\r\nInitialized  packages on zone.                                \r\nZone  is initialized.\r\nInstallation of  packages was skipped.\r\nThe file  contains a log of the zone installation.\r\n<\/code><\/pre>\n
Instalacja kontenera zako\u0144czona, trzeba doko\u0144czy\u0107 konfiguracj\u0119. Ja cz\u0119sto korzystam z pliku sysidcfg<\/code> umieszczonego w katalogu \/etc danego kontenera. Najpierw jednak trzeba ustawi\u0107 kontener w tryb ready:<\/p>\n
\r\n# zoneadm -z ldapdj1 ready\r\n# vi \/zones\/ldapdj1\/root\/etc\/sysidcfg\r\n<\/code><\/pre>\n
Zawarto\u015b\u0107 pliku sysidcfg<\/code>:<\/p>\n
\r\nsystem_locale=C\r\ntimezone=Poland\r\ntimeserver=localhost\r\nterminal=vt100\r\nnfs4_domain=priv.domain.tld\r\nname_service=none\r\nnetwork_interface=qfe2 { primary\r\n        hostname=ldapdj1\r\n        ip_address=192.168.X.X\r\n        netmask=255.255.255.0\r\n        default_route=NONE\r\n        protocol_ipv6=no }\r\nsecurity_policy=NONE\r\nroot_password=XXXXXXXXXXX\r\nservice_profile=limited_net\r\n<\/code><\/pre>\n
Uruchamiam zone i loguj\u0119 si\u0119 na jej konsol\u0119 (opcja -C<\/code>). Celowo przedefiniowuj\u0119 klawisz ESC (opcja -e +<\/code>), gdy\u017c standardowa sekwencja ~.<\/code> roz\u0142\u0105czy\u0142a by mi nie tylko konsol\u0119 ale te\u017c terminal, kt\u00f3ry mam pod\u0142\u0105czony do serwera.<\/p>\n
\r\n# zoneadm -z ldapdj1 boot\r\n# zlogin -C -e + ldapdj1\r\n[Connected to zone 'ldapdj1' console]\r\n...\r\nrebooting system due to change(s) in \/etc\/default\/init\r\n\r\n\r\n[NOTICE: Zone rebooting]\r\n\r\n\r\nSunOS Release 5.10 Version Generic_142909-17 64-bit\r\nCopyright (c) 1983, 2010, Oracle and\/or its affiliates. All rights reserved.\r\nHostname: ldapdj1\r\nReading ZFS config: done.\r\n\r\nldapdj1 console login:\r\n\r\n<\/code><\/pre>\n
Mo\u017cna zako\u0144czy\u0107 sesj\u0119 z konsol\u0105 wydaj\u0105c sekwencj\u0119 kontroln\u0105:<\/p>\n
\r\n+.\r\n[Connection to zone 'ldapdj1' console closed]\r\n<\/code><\/pre>\n
A nast\u0119pnie zalogowa\u0107 si\u0119 normalnie do kontenera w celu dalszych dzia\u0142a\u0144:<\/p>\n
\r\n# zlogin ldapdj1\r\n[Connected to zone 'ldapdj1' pts\/2]\r\nOracle Corporation\tSunOS 5.10\tGeneric Patch\tJanuary 2005\r\n<\/code><\/pre>\n
W tym miejscu warto ustawi\u0107 sobie \u015brodowisko, \u015bcie\u017cki itp.<\/p>","protected":false},"excerpt":{"rendered":"
Przygotowanie kontenera (Solaris zone) dla serwera us\u0142ug katalogowych OpenDJ<\/h3>\n
Uruchamiam format aby system wykry\u0142 dyski i pokaza\u0142 ich WWN:<\/p>\n
\r\n# format\r\nSearching for disks...done\r\n\r\nc4t600A0B80002ACF5A000015954E16BDE3d0: configured with capacity of 15.00GB\r\nc4t600A0B80002ACF5A000015974E16BE5Fd0: configured with capacity of 15.00GB\r\nc4t600A0B80002ACF5A000015994E16BEDBd0: configured with capacity of 15.00GB\r\n<\/code><\/pre>\n
Tworz\u0119 zpool\u0119 raidz o nazwie zldapdj1, na kt\u00f3rej umieszcz\u0119 filesystemy kontenera, ustawiam od razu punkt montowania:<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_exactmetrics_skip_tracking":false,"_exactmetrics_sitenote_active":false,"_exactmetrics_sitenote_note":"","_exactmetrics_sitenote_category":0,"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_newsletter_tier_id":0,"footnotes":"","jetpack_publicize_message":"","jetpack_is_tweetstorm":false,"jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","enabled":false}}},"categories":[115],"tags":[30,6,88,9],"jetpack_publicize_connections":[],"acf":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p7M9Tz-4y","jetpack-related-posts":[{"id":200,"url":"https:\/\/drfugazi.eu.org\/en\/0401-instalacja-kontenera-st1\/","url_meta":{"origin":282,"position":0},"title":"04.01 Instalacja kontenera st1","author":"drfugazi","date":"Thursday August 12th, 2010","format":false,"excerpt":"Tworzenie kontenera o nazwie st1, bez kontroli zasob\u00f3w, z dziedziczonymi katalogami standardowymi i dodatkowo z dziedziczonym \/usr\/local (w trybie tylko do odczytu). Skonfigurowane dwie karty sieciowe: qfe4 i qfe5 w trybie wsp\u00f3\u0142dzielonym oraz dodana pula ZFS (zpool) o nazwie studmail.","rel":"","context":"In \"Kontenery\"","block_context":{"text":"Kontenery","link":"https:\/\/drfugazi.eu.org\/en\/tag\/kontenery\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":283,"url":"https:\/\/drfugazi.eu.org\/en\/opendj\/","url_meta":{"origin":282,"position":1},"title":"OpenDJ","author":"drfugazi","date":"Monday July 11th, 2011","format":false,"excerpt":"OpenDJ jest nowy serwerem us\u0142ug katalogowych zgodnym z LDAPv3, rozwijanym na platformie Java, dostarczaj\u0105cym wysoko wydajnego, niezawodnego i bezpiecznego magazynu to\u017csamo\u015bci. \u0141atwy proces instalacyjny w po\u0142\u0105czeniu z si\u0142\u0105 platformy Java powoduje, \u017ce OpenDJ jest jednym z najprostszych do zarz\u0105dzania i najszybszych do uruchomienia serwerem us\u0142ug katalogowych. OpenDJ jest rozszerzeniem projektu\u2026","rel":"","context":"In "LDAP"","block_context":{"text":"LDAP","link":"https:\/\/drfugazi.eu.org\/en\/category\/ldap\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":237,"url":"https:\/\/drfugazi.eu.org\/en\/usuwanie-starych-i-tworzenie-nowych-snapshotow-zfs\/","url_meta":{"origin":282,"position":2},"title":"Usuwanie starych i tworzenie nowych snapshot\u00f3w ZFS","author":"drfugazi","date":"Tuesday February  1st, 2011","format":false,"excerpt":"Niedawno pisa\u0142em o masowym tworzeniu snapshot\u00f3w ZFS. Tam robi\u0142em to rekursywnie dla ca\u0142ej puli u\u017cywaj\u0105c zpool list -H i przekierowuj\u0105c wyj\u015bcie do zfs snapshot -r. Tym razem zrobimy to inaczej. Je\u015bli mamy stare snapshoty to mo\u017cemy je wy\u015bwietli\u0107 poleceniem: # zfs list -t snapshot NAME USED AVAIL REFER MOUNTPOINT dappserv@20101130\u2026","rel":"","context":"In \"Solaris\"","block_context":{"text":"Solaris","link":"https:\/\/drfugazi.eu.org\/en\/tag\/solaris\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":213,"url":"https:\/\/drfugazi.eu.org\/en\/jak-zamienic-w-kontenerze-dataset-na-lofs\/","url_meta":{"origin":282,"position":3},"title":"Jak zamieni\u0107 w kontenerze dataset na lofs","author":"drfugazi","date":"Tuesday August 17th, 2010","format":false,"excerpt":"Poniewa\u017c konfiguruj\u0119 system pocztowy, potrzebuj\u0119 wyeksportowa\u0107 filesystem ZFS przez NFS do innego noda, gdzie postfix poprzez delivera b\u0119dzie zapisywa\u0142 wiadomo\u015bci do skrzynek. Jak wida\u0107 w tym zapisie sesji, skonfigurowa\u0142em ca\u0142\u0105 zpoole \"studmail\" jako dataset ZFS dla kontenera st1. Niestety w prosty spos\u00f3b nie da si\u0119 wsp\u00f3\u0142dzieli\u0107 systemu plik\u00f3w ZFS przez\u2026","rel":"","context":"In \"Kontenery\"","block_context":{"text":"Kontenery","link":"https:\/\/drfugazi.eu.org\/en\/tag\/kontenery\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":345,"url":"https:\/\/drfugazi.eu.org\/en\/usuwanie-starych-i-tworzenie-nowych-snapshotow-zfs\/","url_meta":{"origin":282,"position":4},"title":"Usuwanie starych i tworzenie nowych snapshot\u00f3w ZFS","author":"","date":"Tuesday February  1st, 2011","format":false,"excerpt":"Niedawno pisa\u0142em o masowym tworzeniu snapshot\u00f3w ZFS. Tam robi\u0142em to rekursywnie dla ca\u0142ej puli u\u017cywaj\u0105c zpool list -H i przekierowuj\u0105c wyj\u015bcie do zfs snapshot -r. Tym razem zrobimy to inaczej. Je\u015bli mamy stare snapshoty to mo\u017cemy je wy\u015bwietli\u0107 poleceniem: # zfs list -t snapshot NAME USED AVAIL REFER MOUNTPOINT dappserv@20101130\u2026","rel":"","context":"Similar post","block_context":{"text":"Similar post","link":""},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":337,"url":"https:\/\/drfugazi.eu.org\/en\/dodawanie-schematow-opendj\/","url_meta":{"origin":282,"position":5},"title":"Dodawanie schemat\u00f3w do OpenDJ","author":"drfugazi","date":"Tuesday July 12th, 2011","format":false,"excerpt":"Sorry, this entry is only available in Polish. For the sake of viewer convenience, the content is shown below in the alternative language. You may click the link to switch the active language.OpenDJ podobnie jak inne us\u0142ugi katalogowe pozwala na rozszerzanie funkcjonalno\u015bci katalogu poprzez dodawanie schemat\u00f3w. Istnieje szereg gotowych schemat\u00f3w,\u2026","rel":"","context":"In "LDAP"","block_context":{"text":"LDAP","link":"https:\/\/drfugazi.eu.org\/en\/category\/ldap\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"_links":{"self":[{"href":"https:\/\/drfugazi.eu.org\/en\/wp-json\/wp\/v2\/posts\/282"}],"collection":[{"href":"https:\/\/drfugazi.eu.org\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/drfugazi.eu.org\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/drfugazi.eu.org\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/drfugazi.eu.org\/en\/wp-json\/wp\/v2\/comments?post=282"}],"version-history":[{"count":0,"href":"https:\/\/drfugazi.eu.org\/en\/wp-json\/wp\/v2\/posts\/282\/revisions"}],"wp:attachment":[{"href":"https:\/\/drfugazi.eu.org\/en\/wp-json\/wp\/v2\/media?parent=282"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/drfugazi.eu.org\/en\/wp-json\/wp\/v2\/categories?post=282"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/drfugazi.eu.org\/en\/wp-json\/wp\/v2\/tags?post=282"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}