Sunday, July 26, 2020

Question 2 Explanation

You can move a compartment to a different parent compartment within the same tenancy.When you move a compartment, all its contents (subcompartments and resources) are moved with it.
After you move a compartment to a new parent compartment, the access policies of the new parent take effect and the policies of the previous parent no longer apply. Before you move a compartment, ensure that:
- You are aware of the policies that govern access to the compartment in its current position.
- You are aware of the polices in the new parent compartment that will take effect when you move the compartment.

1- Policy  that defined in root compartment: Allow group admins to read subnets in compartment Finance:A:X
you move compartment X from Finance:A to HR:C. The policy that governs compartment X is attached to the shared parent, root compartment. When the compartment X is moved, the policy statement is automatically updated by the IAM service to specify the new compartment location.
The policy
Allow group admins to read subnets in compartment Finance:A:X
is updated to
Allow group admins to read subnets in compartment HR:C:X
so the admins group will have the same access after the compartment X is moved
2- Policy that defined in compartment A: Allow group networkadmins to manage subnets in compartment X
you move compartment X from Finance:A  to HR:C. However, the policy that governs compartment X here is attached directly to the A compartment. When the compartment is moved, the policy is not automatically updated. The policy that specifies compartment X is no longer valid and must be manually removed. Group networkadmins  no longer has access to compartment X in its new location under HR:C. Unless another existing policy grants access to group networkadmins  , you must create a new policy to allow networkadmins   to continue to manage buckets in compartment X.

Question 1 Explanation

The Oracle Cloud Infrastructure Compute service provides console connections that enable you to remotely troubleshoot malfunctioning instances, such as:
An imported or customized image that does not complete a successful boot.
A previously working instance that stops responding.
the steps to connect to console and troubleshoot the OS Issue 
1- Before you can connect to the serial console you need to create the instance console connection.
Open the navigation menu. Under Core Infrastructure, go to Compute and click Instances.
Click the instance that you're interested in.
Under Resources, click Console Connections.
Click Create Console Connection.
Upload the public key (.pub) portion for the SSH key. You can browse to a public key file on your computer or paste your public key into the text box.
Click Create Console Connection.
When the console connection has been created and is available, the status changes to ACTIVE.

2- Connecting to the Serial Console
you can connect to the serial console by using a Secure Shell (SSH) connection to the service endpoint of the console connection service
Open the navigation menu. Under Core Infrastructure, go to Compute and click Instances.
Click the instance that you're interested in.
Under Resources, click Console Connections.
Click the Actions icon (three dots), and then click Copy Serial Console Connection for Linux/Mac.
Paste the connection string copied from the previous step to a terminal window on a Mac OS X or Linux system, and then press Enter to connect to the console.
If you are not using the default SSH key or ssh-agent, you can modify the serial console connection string to include the identity file flag, -i, to specify the SSH key to use. You must specify this for both the SSH connection and the SSH ProxyCommand, as shown in the following line:
ssh -i /<path>/<ssh_key> -o ProxyCommand='ssh -i /<path>/<ssh_key> -W %h:%p -p 443...
Press Enter again to activate the console.
3- Troubleshooting Instances from Instance Console Connections
When the reboot process starts, switch back to the terminal window, and you see Console messages start to appear in the window. As soon as you see the GRUB boot menu appear, use the up/down arrow key to stop the automatic boot process, enabling you to use the boot menu.
In the boot menu, highlight the top item in the menu, and type e to edit the boot entry.
In edit mode, use the down arrow key to scroll down through the entries until you reach the line that starts with either linuxefi for instances running Oracle Autonomous Linux 7.x or Oracle Linux 7.x, or kernel for instances running Oracle Linux 6.x.
At the end of that line, add the following:

init=/bin/bash

Reboot the instance from the terminal window by entering the keyboard shortcut CTRL+X.

Wednesday, June 3, 2020

How to Install the Oracle Solaris OS on a Guest Domain From an Oracle Solaris ISO File


  1. Stop and unbind the guest domain (ldg1).
    primary# ldm stop ldg1
    primary# ldm unbind ldg1
  2. Add the Oracle Solaris ISO file as a secondary volume and virtual disk.

    The following uses solarisdvd.iso as the Oracle Solaris ISO file, iso_vol@primary-vds0 as a secondary volume, and vdisk_iso as a virtual disk:

    primary# ldm add-vdsdev /export/solarisdvd.iso  iso_vol@primary-vds0
    primary# ldm add-vdisk vdisk_iso iso_vol@primary-vds0 ldg1

    The following uses solarisdvd.iso as the Oracle Solaris ISO file, which is stored on the server1 server. iso_vol@primary-vds0 is a secondary volume, and vdisk_isois a virtual disk. The lofiadm command attaches a block device to the ISO image.

    primary# lofiadm -a /net/server1/solarisdvd.iso
    primary# ldm add-vdsdev /dev/lofi/1 iso_vol@primary-vds0
    primary# ldm add-vdisk vdisk_iso iso_vol@primary-vds0 ldg1
  3. Check to see that the Oracle Solaris ISO file is added as a secondary volume and virtual disk.
    primary# ldm list-bindings
    NAME STATE FLAGS CONS VCPU MEMORY UTIL UPTIME
    primary active -n-cv SP 4 4G 0.2% 22h 45m
    ...
    VDS
      NAME VOLUME OPTIONS DEVICE
      primary-vds0     vol1                            /dev/dsk/c2t1d0s2
      iso_vol                                          /export/solarisdvd.iso
    ....
    ------------------------------------------------------------------------------
    NAME STATE FLAGS CONS VCPU MEMORY UTIL UPTIME
    ldg1 inactive ----- 60 6G
    ...
    DISK
      NAME VOLUME TOUT ID DEVICE SERVER MPGROUP
      vdisk1 vol1@primary-vds0
      vdisk_iso iso_vol@primary-vds0
    ....
  4. Bind and start the guest domain (ldg1).
    primary# ldm bind ldg1
    primary# ldm start ldg1
    LDom ldg1 started
    primary# telnet localhost 5000
    Trying 127.0.0.1...
    Connected to localhost.
    Escape character is '^]'.
     
    Connecting to console "ldg1" in group "ldg1" ....
    Press ~? for control options ..
  5. Show the device aliases in the client OpenBoot PROM.

    In this example, see the device aliases for vdisk_iso, which is the Oracle Solaris ISO image, and vdisk_install, which is the disk space.

    ok devalias
    vdisk_iso       /virtual-devices@100/channel-devices@200/disk@1
    vdisk1          /virtual-devices@100/channel-devices@200/disk@0
    vnet1           /virtual-devices@100/channel-devices@200/network@0
    virtual-console /virtual-devices/console@1
    name            aliases
  6. On the guest domain's console, boot from vdisk_iso (disk@1) on slice f.
    ok boot vdisk_iso:f
    Boot device: /virtual-devices@100/channel-devices@200/disk@1:f File and args: -s
    SunOS Release 5.10 Version Generic_139555-08 64-bit
    Copyright (c) 1983-2010, Oracle and/or its affiliates. All rights reserved.
  7. Continue with the Oracle Solaris OS installation menu.

How to Install the Oracle Solaris OS on a Guest Domain From a DVD


  1. Insert the Oracle Solaris 10 OS or Oracle Solaris 11 OS DVD into the DVD drive.
  2. Stop the volume management daemon, vold(1M), on the primary domain.
    primary# svcadm disable volfs
  3. Stop and unbind the guest domain (ldg1).
    primary# ldm stop ldg1
    primary# ldm unbind ldg1
  4. Add the DVD with the DVD-ROM media as a secondary volume and virtual disk.

    The following uses c0t0d0s2 as the DVD drive in which the Oracle Solaris media resides, dvd_vol@primary-vds0 as a secondary volume, and vdisk_cd_media as a virtual disk.

    primary# ldm add-vdsdev options=ro /dev/dsk/c0t0d0s2 dvd_vol@primary-vds0
    primary# ldm add-vdisk vdisk_cd_media dvd_vol@primary-vds0 ldg1
  5. Check to see that the DVD is added as a secondary volume and virtual disk.
    primary# ldm list-bindings
    NAME STATE FLAGS CONS VCPU MEMORY UTIL UPTIME
    primary active -n-cv SP 4 4G 0.2% 22h 45m
    ...
    VDS
      NAME VOLUME OPTIONS DEVICE
      primary-vds0     vol1                            /dev/dsk/c2t1d0s2
      dvd_vol                                          /dev/dsk/c0t0d0s2
    ....
    ------------------------------------------------------------------------------
    NAME STATE FLAGS CONS VCPU MEMORY UTIL UPTIME
    ldg1 inactive ----- 60 6G
    ...
    DISK
      NAME VOLUME TOUT DEVICE SERVER
      vdisk1 vol1@primary-vds0
      vdisk_cd_media dvd_vol@primary-vds0
    ....
  6. Bind and start the guest domain (ldg1).
    primary# ldm bind ldg1
    primary# ldm start ldg1
    LDom ldg1 started
    primary# telnet localhost 5000
    Trying 127.0.0.1...
    Connected to localhost.
    Escape character is '^]'.
     
    Connecting to console "ldg1" in group "ldg1" ....
    Press ~? for control options ..
  7. Show the device aliases in the client OpenBoot PROM.

    In this example, see the device aliases for vdisk_cd_media, which is the Oracle Solaris DVD, and vdisk1, which is a virtual disk on which you can install the Oracle Solaris OS.

    ok devalias
    vdisk_cd_media  /virtual-devices@100/channel-devices@200/disk@1
    vdisk1          /virtual-devices@100/channel-devices@200/disk@0
    vnet1           /virtual-devices@100/channel-devices@200/network@0
    virtual-console /virtual-devices/console@1
    name            aliases
  8. On the guest domain's console, boot from vdisk_cd_media (disk@1) on slice f.
    ok boot vdisk_cd_media:f
    Boot device: /virtual-devices@100/channel-devices@200/disk@1:f File and args: -s
    SunOS Release 5.10 Version Generic_139555-08 64-bit
    Copyright (c), 1983-2010, Oracle and/or its affiliates. All rights reserved.
  9. Continue with the Oracle Solaris OS installation menu.

Creating and Starting a Guest Domain

The guest domain must run an operating system that understands both the sun4v platform and the virtual devices presented by the hypervisor. Currently, this means that you must run at least the Oracle Solaris 10 11/06 OS. Running the Oracle Solaris 10 8/11 OS provides you with all the Oracle VM Server for SPARC 3.0 features. See the Oracle VM Server for SPARC 3.0 Release Notes for any specific patches that might be necessary. Once you have created default services and reallocated resources from the control domain, you can create and start a guest domain.

How to Create and Start a Guest Domain

  1. Create a logical domain.

    For example, the following command would create a guest domain named ldg1.

    primary# ldm add-domain ldg1
  2. Add CPUs to the guest domain.

    For example, the following command would add eight virtual CPUs to guest domain ldg1.

    primary# ldm add-vcpu 8 ldg1
  3. Add memory to the guest domain.

    For example, the following command would add 2 gigabytes of memory to guest domain ldg1.

    primary# ldm add-memory 2G ldg1
  4. Add a virtual network device to the guest domain.

    For example, the following command would add a virtual network device with these specifics to the guest domain ldg1.

    primary# ldm add-vnet vnet1 primary-vsw0 ldg1

    Where:

    • vnet1 is a unique interface name to the logical domain, assigned to this virtual network device instance for reference on subsequent set-vnet or remove-vnet subcommands.

    • primary-vsw0 is the name of an existing network service (virtual switch) to which to connect.


    Note - Steps 5 and 6 are simplified instructions for adding a virtual disk server device (vdsdev) to the primary domain and a virtual disk (vdisk) to the guest domain. To learn how ZFS volumes and file systems can be used as virtual disks, see How to Export a ZFS Volume as a Single-Slice Disk and Using ZFS With Virtual Disks.


  5. Specify the device to be exported by the virtual disk server as a virtual disk to the guest domain.

    You can export a physical disk, disk slice, volumes, or file as a block device. The following examples show a physical disk and a file.

    • Physical Disk Example. The first example adds a physical disk with these specifics.

      primary# ldm add-vdsdev /dev/dsk/c2t1d0s2 vol1@primary-vds0

      Where:

      • /dev/dsk/c2t1d0s2 is the path name of the actual physical device. When adding a device, the path name must be paired with the device name.

      • vol1 is a unique name you must specify for the device being added to the virtual disk server. The volume name must be unique to this virtual disk server instance, because this name is exported by this virtual disk server to the clients for adding. When adding a device, the volume name must be paired with the path name of the actual device.

      • primary-vds0 is the name of the virtual disk server to which to add this device.

    • File Example. This second example is exporting a file as a block device.

      primary# ldm add-vdsdev backend vol1@primary-vds0

      Where:

      • backend is the path name of the actual file exported as a block device. When adding a device, the back end must be paired with the device name.

      • vol1 is a unique name you must specify for the device being added to the virtual disk server. The volume name must be unique to this virtual disk server instance, because this name is exported by this virtual disk server to the clients for adding. When adding a device, the volume name must be paired with the path name of the actual device.

      • primary-vds0 is the name of the virtual disk server to which to add this device.

  6. Add a virtual disk to the guest domain.

    The following example adds a virtual disk to the guest domain ldg1.

    primary# ldm add-vdisk vdisk1 vol1@primary-vds0 ldg1

    Where:

    • vdisk1 is the name of the virtual disk.

    • vol1 is the name of the existing volume to which to connect.

    • primary-vds0 is the name of the existing virtual disk server to which to connect.


    Note - The virtual disks are generic block devices that are associated with different types of physical devices, volumes, or files. A virtual disk is not synonymous with a SCSI disk and, therefore, excludes the target ID in the disk label. Virtual disks in a logical domain have the following format: cNdNsN, where cN is the virtual controller, dN is the virtual disk number, and sN is the slice.


  7. Set the auto-boot? and boot-device variables for the guest domain.

    The first example command sets auto-boot? to true for guest domain ldg1.

    primary# ldm set-var auto-boot\?=true ldg1

    The second example command sets boot-device to vdisk1 for guest domain ldg1.

    primary# ldm set-var boot-device=vdisk1 ldg1
  8. Bind resources to the guest domain ldg1 and then list the domain to verify that it is bound.
    primary# ldm bind-domain ldg1
    primary# ldm list-domain ldg1
    NAME          STATE    FLAGS  CONS   VCPU MEMORY UTIL UPTIME
    ldg1          bound    -----  5000   8    2G
  9. To find the console port of the guest domain, you can look at the output of the preceding list-domain subcommand.

    You can see under the heading CONS that logical domain guest 1 (ldg1) has its console output bound to port 5000.

  10. Connect to the console of a guest domain from another terminal by logging into the control domain and connecting directly to the console port on the local host.
    $ ssh hostname.domain-name
    $ telnet localhost 5000
  11. Start the guest domain ldg1.
    primary# ldm start-domain ldg1

How to Enable the Virtual Network Terminal Server Daemon

Enabling the Virtual Network Terminal Server Daemon

You must enable the virtual network terminal server daemon (vntsd) to provide access to the virtual console of each logical domain. Refer to the vntsd(1M) man page for information about how to use this daemon.


Note - Be sure that you have created the default service vconscon (vcc) on the control domain before you enable vntsd. See Creating Default Services for more information.


  1. Use the svcadm command to enable the virtual network terminal server daemon, vntsd.
    primary# svcadm enable vntsd
  2. Use the svcs command to verify that the vntsd daemon is enabled.
    primary# svcs vntsd
    STATE STIME FMRI
    online Oct_08 svc:/ldoms/vntsd:default

Rebooting to Use Logical Domains

You must reboot the control domain for the configuration changes to take effect and for the resources to be released for other logical domains to use.

How to Reboot

  • Shut down and reboot the control domain.
    primary# shutdown -y -g0 -i6

    Note - Either a reboot or power cycle instantiates the new configuration. Only a power cycle actually boots the configuration saved to the service processor (SP), which is then reflected in the list-config output.


Question 8 Explanation

Compartments are the primary building blocks you use to organize your cloud resources. You use compartments to organize and isolate your res...