Question 8 Explanation

Compartments are the primary building blocks you use to organize your cloud resources. You use compartments to organize and isolate your resources to make it easier to manage and secure access to them.

Compartments are tenancy-wide, across regions. When you create a compartment, it is available in every region that your tenancy is subscribed to. You can get a cross-region view of your resources in a specific compartment with the compartment explorer.

When your tenancy is provisioned, a root compartment is created for you. Your root compartment holds all of your cloud resources. You can think of the root compartment like a root folder in a file system.

To delete a compartment, it must be empty of all resources. Before you initiate deleting a compartment, be sure that all its resources have been moved, deleted, or terminated, including any policies attached to the compartment.

so Answer "make sure you have at least one more compartment in your tenancy other than the root compartment." which you can keep only the root compartment and not mandatory to have other compartment

Question 7 Explanation

due to the network speed is not good enough and the connection is Intermittent due to the damages caused to the electrical grid

Oracle offers offline data transfer solutions that let you migrate data to Oracle Cloud Infrastructure.

you have 2 Options of Data Transfer

DISK-BASED DATA TRANSFER

You send your data as files on encrypted commodity disk to an Oracle transfer site. Operators at the Oracle transfer site upload the files into your designated Object Storage bucket in your tenancy.

APPLIANCE-BASED DATA TRANSFER

you send your data as files on secure, high-capacity, Oracle-supplied storage appliances to an Oracle transfer site. Operators at the Oracle transfer site upload the data into your designated Object Storage bucket in your tenancy.

the Storage Capacity is 150 TB of protected usable space

Question 6 Explanation

Service Gateway is virtual router that you can add to your VCN. It provides a path for private network traffic between your VCN and supported services in the Oracle Services Network like Object Storage)

so compute Instances in a private subnet in your VCN can back up data to Object Storage without needing public IP addresses or access to the intern

Question 5 Explanation

Answer A is correct

You can check on an active multipart upload by listing all parts that have been uploaded. (You cannot list information for an individual object part in an active multipart upload.)

Answer B is correct

The Oracle Cloud Infrastructure Object Storage service supports multipart uploads for more efficient and resilient uploads, especially for large objects. You can perform multipart uploads using the API and CLI

Before you use the multipart upload API, you are responsible for creating the parts to upload. Object Storage provides API operations for the remaining steps.

Note:

When you perform a multipart upload using the CLI, you do not need to split the object into parts as you are required to do by the API. Instead, you specify the part size of your choice, and Object Storage splits the object into parts and performs the upload of all parts automatically.

Answer C is not correct

After you finish creating object parts, initiate a multipart upload by making a CreateMultipartUpload REST API call. Provide the object name and any object metadata. Object Storage responds with a unique upload ID that you must include in any requests related to this multipart upload. Object Storage also marks the upload as active. The upload remains active until you explicitly commit it or abort it.

Answer D is not correct

You do not need to assign contiguous numbers, but Object Storage constructs the object by ordering part numbers in ascending order. also Part numbers do not have to be contiguous

Question 4 Explanation

WAF can protect any internet facing endpoint, providing consistent rule enforcement across a customer's applications.

WAF provides you with the ability to create and manage rules for internet threats including

Cross-Site Scripting (XSS), SQL Injection and other OWASP-defined vulnerabilities. Unwanted

bots can be mitigated while tactically allowed desirable bots to enter. Access rules can limit

based on geography or the signature of the request.

As a WAF administrator you can define explicit actions for requests that meet various

conditions. Conditions use various operations and regular expressions. A rule action can be

set to log and allow, detect, or block requests.

Question 3 Explanation

Moving Resources to a Different Compartment

Most resources can be moved after they are created. There are a few resources that you can't move from one compartment to another. Some resources have attached resource dependencies and some don’t. Not all attached dependencies behave the same way when the parent resource moves.

For some resources, the attached dependencies move with the parent resource to the new compartment. The parent resource moves immediately, but in some cases attached dependencies move asynchronously and are not visible in the new compartment until the move is complete.

For other resources, the attached resource dependencies do not move to the new compartment. You can move these attached resources independently.

You can move Compute resources such as instances, instance pools, and custom images from one compartment to another. When you move a Compute resource to a new compartment, associated resources such as boot volumes and VNICs are not moved.

You can move a VCN from one compartment to another. When you move a VCN, its associated VNICs, private IPs, and ephemeral IPs move with it to the new compartment.

Question 2 Explanation

You can move a compartment to a different parent compartment within the same tenancy.When you move a compartment, all its contents (subcompartments and resources) are moved with it.

After you move a compartment to a new parent compartment, the access policies of the new parent take effect and the policies of the previous parent no longer apply. Before you move a compartment, ensure that:

- You are aware of the policies that govern access to the compartment in its current position.

- You are aware of the polices in the new parent compartment that will take effect when you move the compartment.

1- Policy  that defined in root compartment: Allow group admins to read subnets in compartment Finance:A:X

you move compartment X from Finance:A to HR:C. The policy that governs compartment X is attached to the shared parent, root compartment. When the compartment X is moved, the policy statement is automatically updated by the IAM service to specify the new compartment location.

The policy

Allow group admins to read subnets in compartment Finance:A:X

is updated to

Allow group admins to read subnets in compartment HR:C:X

so the admins group will have the same access after the compartment X is moved

2- Policy that defined in compartment A: Allow group networkadmins to manage subnets in compartment X

you move compartment X from Finance:A  to HR:C. However, the policy that governs compartment X here is attached directly to the A compartment. When the compartment is moved, the policy is not automatically updated. The policy that specifies compartment X is no longer valid and must be manually removed. Group networkadmins  no longer has access to compartment X in its new location under HR:C. Unless another existing policy grants access to group networkadmins  , you must create a new policy to allow networkadmins   to continue to manage buckets in compartment X.

Question 1 Explanation

The Oracle Cloud Infrastructure Compute service provides console connections that enable you to remotely troubleshoot malfunctioning instances, such as:

An imported or customized image that does not complete a successful boot.

A previously working instance that stops responding.

the steps to connect to console and troubleshoot the OS Issue 

1- Before you can connect to the serial console you need to create the instance console connection.

Open the navigation menu. Under Core Infrastructure, go to Compute and click Instances.

Click the instance that you're interested in.

Under Resources, click Console Connections.

Click Create Console Connection.

Upload the public key (.pub) portion for the SSH key. You can browse to a public key file on your computer or paste your public key into the text box.

Click Create Console Connection.

When the console connection has been created and is available, the status changes to ACTIVE.

2- Connecting to the Serial Console

you can connect to the serial console by using a Secure Shell (SSH) connection to the service endpoint of the console connection service

Open the navigation menu. Under Core Infrastructure, go to Compute and click Instances.

Click the instance that you're interested in.

Under Resources, click Console Connections.

Click the Actions icon (three dots), and then click Copy Serial Console Connection for Linux/Mac.

Paste the connection string copied from the previous step to a terminal window on a Mac OS X or Linux system, and then press Enter to connect to the console.

If you are not using the default SSH key or ssh-agent, you can modify the serial console connection string to include the identity file flag, -i, to specify the SSH key to use. You must specify this for both the SSH connection and the SSH ProxyCommand, as shown in the following line:

ssh -i /<path>/<ssh_key> -o ProxyCommand='ssh -i /<path>/<ssh_key> -W %h:%p -p 443...

Press Enter again to activate the console.

3- Troubleshooting Instances from Instance Console Connections

To boot into maintenance mode

Reboot the instance from the Console.

When the reboot process starts, switch back to the terminal window, and you see Console messages start to appear in the window. As soon as you see the GRUB boot menu appear, use the up/down arrow key to stop the automatic boot process, enabling you to use the boot menu.

In the boot menu, highlight the top item in the menu, and type e to edit the boot entry.

In edit mode, use the down arrow key to scroll down through the entries until you reach the line that starts with either linuxefi for instances running Oracle Autonomous Linux 7.x or Oracle Linux 7.x, or kernel for instances running Oracle Linux 6.x.

At the end of that line, add the following:

init=/bin/bash

Reboot the instance from the terminal window by entering the keyboard shortcut CTRL+X.

How to Install the Oracle Solaris OS on a Guest Domain From an Oracle Solaris ISO File

1. Stop and unbind the guest domain (ldg1).

   primary# ldm stop ldg1
   primary# ldm unbind ldg1

2. Add the Oracle Solaris ISO file as a secondary volume and virtual disk.

   The following uses solarisdvd.iso as the Oracle Solaris ISO file, iso_vol@primary-vds0 as a secondary volume, and vdisk_iso as a virtual disk:

   primary# ldm add-vdsdev /export/solarisdvd.iso  iso_vol@primary-vds0
   primary# ldm add-vdisk vdisk_iso iso_vol@primary-vds0 ldg1

   The following uses solarisdvd.iso as the Oracle Solaris ISO file, which is stored on the server1 server. iso_vol@primary-vds0 is a secondary volume, and vdisk_isois a virtual disk. The lofiadm command attaches a block device to the ISO image.

   primary# lofiadm -a /net/server1/solarisdvd.iso
   primary# ldm add-vdsdev /dev/lofi/1 iso_vol@primary-vds0
   primary# ldm add-vdisk vdisk_iso iso_vol@primary-vds0 ldg1

3. Check to see that the Oracle Solaris ISO file is added as a secondary volume and virtual disk.

   primary# ldm list-bindings
   NAME             STATE    FLAGS   CONS    VCPU  MEMORY   UTIL  UPTIME 
   primary          active   -n-cv   SP      4     4G       0.2%  22h 45m
   ...
   VDS 
      NAME             VOLUME         OPTIONS          DEVICE
      primary-vds0     vol1                            /dev/dsk/c2t1d0s2
      iso_vol                                          /export/solarisdvd.iso
   ....
   ------------------------------------------------------------------------------
   NAME             STATE    FLAGS   CONS    VCPU  MEMORY   UTIL  UPTIME
   ldg1             inactive -----           60    6G
   ...
   DISK
      NAME       VOLUME               TOUT ID DEVICE  SERVER  MPGROUP
      vdisk1     vol1@primary-vds0
      vdisk_iso  iso_vol@primary-vds0
   ....

4. Bind and start the guest domain (ldg1).

   primary# ldm bind ldg1
   primary# ldm start ldg1
   LDom ldg1 started
   primary# telnet localhost 5000
   Trying 127.0.0.1...
   Connected to localhost.
   Escape character is '^]'.
    
   Connecting to console "ldg1" in group "ldg1" ....
   Press ~? for control options ..

5. Show the device aliases in the client OpenBoot PROM.

   In this example, see the device aliases for vdisk_iso, which is the Oracle Solaris ISO image, and vdisk_install, which is the disk space.

   ok devalias
   vdisk_iso       /virtual-devices@100/channel-devices@200/disk@1
   vdisk1          /virtual-devices@100/channel-devices@200/disk@0
   vnet1           /virtual-devices@100/channel-devices@200/network@0
   virtual-console /virtual-devices/console@1
   name            aliases

6. On the guest domain's console, boot from vdisk_iso (disk@1) on slice f.

   ok boot vdisk_iso:f
   Boot device: /virtual-devices@100/channel-devices@200/disk@1:f  File and args: -s
   SunOS Release 5.10 Version Generic_139555-08 64-bit
   Copyright (c) 1983-2010, Oracle and/or its affiliates.  All rights reserved.

7. Continue with the Oracle Solaris OS installation menu.

How to Install the Oracle Solaris OS on a Guest Domain From a DVD

1. Insert the Oracle Solaris 10 OS or Oracle Solaris 11 OS DVD into the DVD drive.
2. Stop the volume management daemon, vold(1M), on the primary domain.

   primary# svcadm disable volfs

3. Stop and unbind the guest domain (ldg1).

   primary# ldm stop ldg1
   primary# ldm unbind ldg1

4. Add the DVD with the DVD-ROM media as a secondary volume and virtual disk.

   The following uses c0t0d0s2 as the DVD drive in which the Oracle Solaris media resides, dvd_vol@primary-vds0 as a secondary volume, and vdisk_cd_media as a virtual disk.

   primary# ldm add-vdsdev options=ro /dev/dsk/c0t0d0s2 dvd_vol@primary-vds0
   primary# ldm add-vdisk vdisk_cd_media dvd_vol@primary-vds0 ldg1

5. Check to see that the DVD is added as a secondary volume and virtual disk.

   primary# ldm list-bindings
   NAME             STATE    FLAGS   CONS    VCPU  MEMORY   UTIL  UPTIME 
   primary          active   -n-cv   SP      4     4G       0.2%  22h 45m
   ...
   VDS 
      NAME             VOLUME         OPTIONS          DEVICE
      primary-vds0     vol1                            /dev/dsk/c2t1d0s2
      dvd_vol                                          /dev/dsk/c0t0d0s2
   ....
   ------------------------------------------------------------------------------
   NAME             STATE    FLAGS   CONS    VCPU  MEMORY   UTIL  UPTIME
   ldg1             inactive -----           60    6G
   ...
   DISK
      NAME             VOLUME                      TOUT DEVICE  SERVER
      vdisk1           vol1@primary-vds0
      vdisk_cd_media   dvd_vol@primary-vds0
   ....

6. Bind and start the guest domain (ldg1).

   primary# ldm bind ldg1
   primary# ldm start ldg1
   LDom ldg1 started
   primary# telnet localhost 5000
   Trying 127.0.0.1...
   Connected to localhost.
   Escape character is '^]'.
    
   Connecting to console "ldg1" in group "ldg1" ....
   Press ~? for control options ..

7. Show the device aliases in the client OpenBoot PROM.

   In this example, see the device aliases for vdisk_cd_media, which is the Oracle Solaris DVD, and vdisk1, which is a virtual disk on which you can install the Oracle Solaris OS.

   ok devalias
   vdisk_cd_media  /virtual-devices@100/channel-devices@200/disk@1
   vdisk1          /virtual-devices@100/channel-devices@200/disk@0
   vnet1           /virtual-devices@100/channel-devices@200/network@0
   virtual-console /virtual-devices/console@1
   name            aliases

8. On the guest domain's console, boot from vdisk_cd_media (disk@1) on slice f.

   ok boot vdisk_cd_media:f
   Boot device: /virtual-devices@100/channel-devices@200/disk@1:f  File and args: -s
   SunOS Release 5.10 Version Generic_139555-08 64-bit
   Copyright (c), 1983-2010, Oracle and/or its affiliates.  All rights reserved.

9. Continue with the Oracle Solaris OS installation menu.

Creating and Starting a Guest Domain

The guest domain must run an operating system that understands both the sun4v platform and the virtual devices presented by the hypervisor. Currently, this means that you must run at least the Oracle Solaris 10 11/06 OS. Running the Oracle Solaris 10 8/11 OS provides you with all the Oracle VM Server for SPARC 3.0 features. See the Oracle VM Server for SPARC 3.0 Release Notes for any specific patches that might be necessary. Once you have created default services and reallocated resources from the control domain, you can create and start a guest domain.

How to Create and Start a Guest Domain

1. Create a logical domain.

   For example, the following command would create a guest domain named ldg1.

   primary# ldm add-domain ldg1

2. Add CPUs to the guest domain.

   For example, the following command would add eight virtual CPUs to guest domain ldg1.

   primary# ldm add-vcpu 8 ldg1

3. Add memory to the guest domain.

   For example, the following command would add 2 gigabytes of memory to guest domain ldg1.

   primary# ldm add-memory 2G ldg1

4. Add a virtual network device to the guest domain.

   For example, the following command would add a virtual network device with these specifics to the guest domain ldg1.

   primary# ldm add-vnet vnet1 primary-vsw0 ldg1

   Where:

   • vnet1 is a unique interface name to the logical domain, assigned to this virtual network device instance for reference on subsequent set-vnet or remove-vnet subcommands.

   • primary-vsw0 is the name of an existing network service (virtual switch) to which to connect.

   ---

   Note - Steps 5 and 6 are simplified instructions for adding a virtual disk server device (vdsdev) to the primary domain and a virtual disk (vdisk) to the guest domain. To learn how ZFS volumes and file systems can be used as virtual disks, see How to Export a ZFS Volume as a Single-Slice Disk and Using ZFS With Virtual Disks.

   ---

5. Specify the device to be exported by the virtual disk server as a virtual disk to the guest domain.

   You can export a physical disk, disk slice, volumes, or file as a block device. The following examples show a physical disk and a file.

   • Physical Disk Example. The first example adds a physical disk with these specifics.

     primary# ldm add-vdsdev /dev/dsk/c2t1d0s2 vol1@primary-vds0

     Where:

     • /dev/dsk/c2t1d0s2 is the path name of the actual physical device. When adding a device, the path name must be paired with the device name.

     • vol1 is a unique name you must specify for the device being added to the virtual disk server. The volume name must be unique to this virtual disk server instance, because this name is exported by this virtual disk server to the clients for adding. When adding a device, the volume name must be paired with the path name of the actual device.

     • primary-vds0 is the name of the virtual disk server to which to add this device.

   • File Example. This second example is exporting a file as a block device.

     primary# ldm add-vdsdev backend vol1@primary-vds0

     Where:

     • backend is the path name of the actual file exported as a block device. When adding a device, the back end must be paired with the device name.

     • vol1 is a unique name you must specify for the device being added to the virtual disk server. The volume name must be unique to this virtual disk server instance, because this name is exported by this virtual disk server to the clients for adding. When adding a device, the volume name must be paired with the path name of the actual device.

     • primary-vds0 is the name of the virtual disk server to which to add this device.

6. Add a virtual disk to the guest domain.

   The following example adds a virtual disk to the guest domain ldg1.

   primary# ldm add-vdisk vdisk1 vol1@primary-vds0 ldg1

   Where:

   • vdisk1 is the name of the virtual disk.

   • vol1 is the name of the existing volume to which to connect.

   • primary-vds0 is the name of the existing virtual disk server to which to connect.

   ---

   Note - The virtual disks are generic block devices that are associated with different types of physical devices, volumes, or files. A virtual disk is not synonymous with a SCSI disk and, therefore, excludes the target ID in the disk label. Virtual disks in a logical domain have the following format: cNdNsN, where cN is the virtual controller, dN is the virtual disk number, and sN is the slice.

   ---

7. Set the auto-boot? and boot-device variables for the guest domain.

   The first example command sets auto-boot? to true for guest domain ldg1.

   primary# ldm set-var auto-boot\?=true ldg1

   The second example command sets boot-device to vdisk1 for guest domain ldg1.

   primary# ldm set-var boot-device=vdisk1 ldg1

8. Bind resources to the guest domain ldg1 and then list the domain to verify that it is bound.

   primary# ldm bind-domain ldg1
   primary# ldm list-domain ldg1
   NAME          STATE    FLAGS  CONS   VCPU MEMORY   UTIL  UPTIME
   ldg1          bound    -----  5000   8    2G

9. To find the console port of the guest domain, you can look at the output of the preceding list-domain subcommand.

   You can see under the heading CONS that logical domain guest 1 (ldg1) has its console output bound to port 5000.

10. Connect to the console of a guest domain from another terminal by logging into the control domain and connecting directly to the console port on the local host.

    $ ssh hostname.domain-name
    $ telnet localhost 5000

11. Start the guest domain ldg1.

    primary# ldm start-domain ldg1

How to Enable the Virtual Network Terminal Server Daemon

Enabling the Virtual Network Terminal Server Daemon

You must enable the virtual network terminal server daemon (vntsd) to provide access to the virtual console of each logical domain. Refer to the vntsd(1M) man page for information about how to use this daemon.

---

Note - Be sure that you have created the default service vconscon (vcc) on the control domain before you enable vntsd. See Creating Default Services for more information.

---

1. Use the svcadm command to enable the virtual network terminal server daemon, vntsd.

   primary# svcadm enable vntsd

2. Use the svcs command to verify that the vntsd daemon is enabled.

   primary# svcs vntsd
   STATE          STIME    FMRI
   online         Oct_08   svc:/ldoms/vntsd:default

Rebooting to Use Logical Domains

You must reboot the control domain for the configuration changes to take effect and for the resources to be released for other logical domains to use.

How to Reboot

• Shut down and reboot the control domain.

  primary# shutdown -y -g0 -i6

  ---

  Note - Either a reboot or power cycle instantiates the new configuration. Only a power cycle actually boots the configuration saved to the service processor (SP), which is then reflected in the list-config output.

  ---

How to Set Up the Control Domain

---

Note - This procedure contains examples of resources to set for your control domain. These numbers are examples only, and the values used might not be appropriate for your control domain.

---

1. Determine whether you have cryptographic devices in the control domain.

   Note that only UltraSPARC T2, UltraSPARC T2 Plus, and SPARC T3 platforms have cryptographic devices (MAUs). Because newer platforms, such as SPARC T4 systems and Fujitsu M10 systems, do not have separate cryptographic units, there is no need to assign a cryptographic accelerator on these platforms.

   primary# ldm list -o crypto primary

2. Assign cryptographic resources to the control domain, if applicable.

   The following example would assign one cryptographic resource to the control domain, primary. This leaves the remainder of the cryptographic resources available to a guest domain.

   primary# ldm set-mau 1 primary

3. Assign virtual CPUs to the control domain.

   For example, the following command would assign 8 virtual CPUs to the control domain, primary. This leaves the remainder of the virtual CPUs available to a guest domain.

   primary# ldm set-vcpu 8 primary

4.  

   Initiate a delayed reconfiguration on the control domain.

   primary# ldm start-reconf primary

5. Assign memory to the control domain.

   For example, the following command would assign 4 gigabytes of memory to the control domain, primary. This leaves the remainder of the memory available to a guest domain.

   primary# ldm set-memory 4G primary

6. Add a logical domain machine configuration to the service processor (SP).

   For example, the following command would add a configuration called initial.

   primary# ldm add-config initial

7. Verify that the configuration is ready to be used at the next reboot.

   primary# ldm list-config
   factory-default
   initial [current]

   This ldm list-config command shows that the initial configuration set will be used after you perform a power cycle.

Creating virtual device services to use in the control domain as a service domain

The following virtual device services must be created to use the control domain as a service domain and to create virtual devices for other domains:

• vcc – Virtual console concentrator service

• vds – Virtual disk server

• vsw – Virtual switch service

How to Create Default Services

1. Create a virtual console concentrator (vcc) service for use by the virtual network terminal server daemon (vntsd) and as a concentrator for all logical domain consoles.

   For example, the following command would add a virtual console concentrator service (primary-vcc0) with a port range from 5000 to 5100 to the control domain (primary).

   primary# ldm add-vcc port-range=5000-5100 primary-vcc0 primary

2. Create a virtual disk server (vds) to allow importing virtual disks into a logical domain.

   For example, the following command adds a virtual disk server (primary-vds0) to the control domain (primary).

   primary# ldm add-vds primary-vds0 primary

3. Create a virtual switch service (vsw) to enable networking between virtual network (vnet) devices in logical domains.

   Assign a GLDv3-compliant network adapter to the virtual switch if each logical domain must communicate outside the box through the virtual switch.

   • In Oracle Solaris 10, add a virtual switch service on network adapter driver to the control domain.

     primary# ldm add-vsw net-dev=net-driver vsw-service primary

     For example, the following command adds a virtual switch service (primary-vsw0) on network adapter driver nxge0 to the control domain (primary):

     primary# ldm add-vsw net-dev=nxge0 primary-vsw0 primary

   • In Oracle Solaris 11, add a virtual switch service (primary-vsw0) on network adapter driver net0 to the control domain (primary):

     primary# ldm add-vsw net-dev=net-driver vsw-service primary

     For example, the following command adds a virtual switch service (primary-vsw0) on network adapter driver net0 to the control domain (primary):

     primary# ldm add-vsw net-dev=net0 primary-vsw0 primary

   • The following applies to the Oracle Solaris 10 OS only and should not be performed on an Oracle Solaris 11 system.

     This command automatically allocates a MAC address to the virtual switch. You can specify your own MAC address as an option to the ldm add-vsw command. However, in that case, it is your responsibility to ensure that the MAC address specified does not conflict with an already existing MAC address.

     If the virtual switch being added replaces the underlying physical adapter as the primary network interface, it must be assigned the MAC address of the physical adapter, so that the Dynamic Host Configuration Protocol (DHCP) server assigns the domain the same IP address. See Enabling Networking Between the Control/Service Domain and Other Domains.

     primary# ldm add-vsw mac-addr=2:04:4f:fb:9f:0d net-dev=nxge0 primary-vsw0 primary

4. Verify the services have been created by using the list-services subcommand.

   Your output should look similar to the following:

   primary# ldm list-services primary
   VDS
       NAME             VOLUME         OPTIONS          DEVICE
       primary-vds0
    
   VCC
       NAME             PORT-RANGE
       primary-vcc0     5000-5100
    
   VSW
       NAME             MAC               NET-DEV   DEVICE     MODE
       primary-vsw0     02:04:4f:fb:9f:0d nxge0     switch@0   prog,promisc

How to Restore the Factory Default Configuration From the Service Processor

If you remove the Logical Domains Manager before restoring the factory default configuration, you can restore the factory default configuration from the service processor.

1. Restore the factory default configuration from the service processor.

   -> set /HOST/bootmode config=factory-default

2. Perform a power cycle of the system to load the factory default configuration.

   -> reset /SYS

How to Remove the Logical Domains Manager

After restoring the factory default configuration and disabling the Logical Domains Manager, you can remove the Logical Domains Manager software.

---

Note - If you remove the Logical Domains Manager before restoring the factory default configuration, you can restore the factory default configuration from the service processor as shown in the following procedure.

---

• Remove the Logical Domains Manager software.
  • Remove the Oracle Solaris 10 SUNWldm and SUNWldmp2v packages.

    primary# pkgrm SUNWldm SUNWldmp2v

  • Remove the Oracle Solaris 11 ldomsmanager package.

    primary# pkg uninstall ldomsmanager

Factory Default Configuration and Disabling Logical Domains

How to Remove All Guest Domains

1. Stop all domains by using the -a option.

   primary# ldm stop-domain -a

2. Unbind all domains except for the primary domain.

   primary# ldm unbind-domain ldom

   ---

   Note - You might be unable to unbind an I/O domain if it is providing services required by the control domain. In this situation, skip this step.

   ---

3. Destroy all domains except for the primary domain.

   primary# ldm remove-domain -a

How to Remove All Logical Domains Configurations

1. List all the logical domain configurations that are stored on the service processor (SP).

   primary# ldm list-config

2. Remove all configurations (config-name) previously saved to the SP except for the factory-default configuration.

   Use the following command for each such configuration:

   primary# ldm rm-config config-name

   After you remove all the configurations previously saved to the SP, the factory-default domain is the next domain to use when the control domain (primary) is rebooted.

How to Restore the Factory Default Configuration

1. Select the factory default configuration.

   primary# ldm set-config factory-default

2. Stop the control domain.

   primary# shutdown -i1 -g0 -y

3. Perform a power cycle of the system to load the factory default configuration.

   -> stop /SYS
   -> start /SYS

How to Disable the Logical Domains Manager

• Disable the Logical Domains Manager from the control domain.

  primary# svcadm disable ldmd

  ---

  Note - Disabling the Logical Domains Manager does not stop any running domains, but does disable the ability to create a new domains, change the configuration of existing domains, or monitor the state of the domains.

How to Enable the Logical Domains Manager Daemon

Use this procedure to enable the ldmd daemon if it has been disabled.

1. Use the svcadm command to enable the Logical Domains Manager daemon, ldmd.

   For more information about the svcadm command, see the svcadm(1M) man page.

   # svcadm enable ldmd

2. Use the ldm list command to verify that the Logical Domains Manager is running.

   The ldm list command should list all domains that are currently defined on the system. In particular, the primary domain should be listed and be in the active state. The following sample output shows that only the primary domain is defined on the system.

   # /opt/SUNWldm/bin/ldm list
   NAME             STATE    FLAGS   CONS    VCPU  MEMORY   UTIL  UPTIME
   primary          active   ---c-   SP      64    3264M    0.3%  19d 9m

Installing Oracle VM Server for SPARC Software on a New System

SPARC platforms that support the Oracle VM Server for SPARC software come preinstalled with the Oracle Solaris 10 OS or the Oracle Solaris 11 OS. Initially, the platform appears as a single system hosting only one operating system. After the Oracle Solaris OS, system firmware, and Logical Domains Manager have been installed, the original system and instance of the Oracle Solaris OS become the control domain. That first domain of the platform is named primary, and you cannot change that name or destroy that domain. From there, the platform can be reconfigured to have multiple domains hosting different instances of the Oracle Solaris OS.

Downloading the Logical Domains Manager

You can obtain the latest packages for both the Oracle Solaris 10 OS and the Oracle Solaris 11 OS. Note that the Oracle VM Server for SPARC software is included by default with the Oracle Solaris 11 OS.

• Oracle Solaris 10 OS. Download the OVM_Server_SPARC-3_0.zip package from My Oracle Support. See How to Download the Logical Domains Manager Software (Oracle Solaris 10).

• Oracle Solaris 11 OS. Obtain the ldomsmanager package from the Oracle Solaris 11 Support Repository. See How to Upgrade to the Oracle VM Server for SPARC 3.0 Software (Oracle Solaris 11).

How to Download the Logical Domains Manager Software (Oracle Solaris 10)

1. Download the zip file (OVM_Server_SPARC-3_0.zip).

   You can find the software at http://www.oracle.com/virtualization/index.html.

2. Unzip the zip file.

   $ unzip OVM_Server_SPARC-3_0.zip

Automatically Installing the Logical Domains Manager Software

If you use the install-ldm installation script, you have several choices to specify how you want the script to run. Each choice is described in the procedures that follow.

• Using the install-ldm script with no options does the following automatically:

  • Checks that the Oracle Solaris OS release is the Oracle Solaris 10 OS

  • Verifies that the package subdirectories SUNWldm/ and SUNWldmp2v/ are present

  • Verifies that the prerequisite Logical Domains driver packages, SUNWldomr and SUNWldomu, are present

  • Verifies that the SUNWldm and SUNWldmp2v packages have not been installed

  • Installs the Oracle VM Server for SPARC 3.0 software

  • Verifies that all packages are installed

  • If the SST (SUNWjass) is already installed, you are prompted to harden the Oracle Solaris OS on the control domain.

  • Determine whether to use the Oracle VM Server for SPARC Configuration Assistant (ldmconfig) to perform the installation.

• Using the install-ldm script with the -c option automatically runs the Oracle VM Server for SPARC Configuration Assistant after the software is installed.

• Using the install-ldm script with the -s option skips the running of the Oracle VM Server for SPARC Configuration Assistant.

• Using the install-ldm script and the following options with the SST software enables you to do the following:

  • install-ldm -d. Allows you to specify a SST driver other than a driver ending with -secure.driver. This option automatically performs all the functions listed in the preceding choice and hardens the Oracle Solaris OS on the control domain with the SST customized driver that you specify; for example, the server-secure-myname.driver.

  • install-ldm -d none. Specifies that you do not want to harden the Oracle Solaris OS running on your control domain by using the SST. This option automatically performs all the functions except hardening listed in the preceding choices. Bypassing the use of the SST is not suggested and should only be done when you intend to harden your control domain using an alternate process.

  • install-ldm -p. Specifies that you only want to perform the post-installation actions of enabling the Logical Domains Manager daemon (ldmd) and running the SST. For example, you would use this option if the SUNWldm and SUNWjass packages are preinstalled on your server.

Manually Installing the Logical Domains Manager Software

The following procedure guides you through manually installing the Oracle VM Server for SPARC 3.0 software on the Oracle Solaris 10 OS.

When you install the Oracle Solaris 11 OS, the Oracle VM Server for SPARC 2.1 software is installed by default. If you want to install the Oracle VM Server for SPARC 3.0 software, see How to Upgrade to the Oracle VM Server for SPARC 3.0 Software (Oracle Solaris 11)

ownload the Oracle VM Server for SPARC 3.0 software (the SUNWldm and SUNWldmp2v packages). For instructions, see How to Download the Logical Domains Manager Software (Oracle Solaris 10).

1. (Optional) Save your configuration to the service processor (SP), if necessary.

   Perform this step only is you are already running an earlier version of the Oracle VM Server for SPARC software.

   primary# ldm add-config config-name

2. Install the SUNWldm.v and SUNWldmp2v packages.

   # pkgadd -Gd . SUNWldm.v SUNWldmp2v

   Answer y for yes to all questions in the interactive prompts.

   The -G option installs the package in the global zone only. The -d option specifies the path to the directory that contains the SUNWldm.vand SUNWldmp2v packages.

   For more information about the pkgadd command, see the pkgadd(1M) man page.

3. Verify that the SUNWldm and SUNWldmp2v packages are installed.

   The following revision (REV) information is an example:

   # pkginfo -l SUNWldm | grep VERSION
   VERSION=3.0,REV=2012.11.01.10.20

   For more information about the pkginfo command, see the pkginfo(1) man page.