Less Known Solaris features: Jumpstart Enterprise Toolkit - Part 4: Jumpstart FLASH

Sometimes you don´t to do a new install of a system. You just want to clone a system. For example think about a webserver farm. Let´s assume you have thirty of them. You´ve configured one and now you want to distribute this config to all of your system. You´ve tuned the system extensivly, you changed configurations throughout all components. And you don´t want to do this 29 times again.

Full Flash Archives

Solaris Jumpstart knows a special mode of operation for this task: It´s called Jumpstart FLASH. The trick of Jumpstart flash is quite easy. At first a normal Jumpstart install and the FLASH install are identical. But when it comes to the installation of the Don´t install the packages one by one. Instead jumpstart flash unpacks a archive of a running system on a new system. This archive is called FLASH archive. Technically speaking it´s not much more than cpio archive of a runing system.

Differential Flash Archives

There is an interesting mode of operation for flash archives. You can create differential flash archives. Let´s assume you created a basic flash archive and installed all your systems with it: your webserver, your mailserver, your database server. Most parts of the system are identical. Just a few addtional binaries and configuration files differentiate your server from each other. Let´s assume you want to create flash archives from all systems. Of course you could create a full flash archive for each system, but this would be waste of disk space. The differential flash archive creation works relatively simple. It compares the content of a flash archive with the actual state of an installed system and just archives the changed parts. The next time you want to install the system, you use both archives. At first the full archive will be installed on the system, after this you use one or more differential flash archives to complete your installation.

</table> </center>
flar creation is just a big wrapper around cpio, thus it´s possible to some nifty tricks with it. The current states of the system doesn´t have be the active one, and the old states doesn´t have to be flar archives. It´s possible to compare an old boot environment and the actual boot environment from Liveupgrade to generate a differential flash archive. This differential can be used to update other servers. You could even compare a remote system via NFS, when don´t squash root. I know this has some security implications, but hey ... you should limit the access for such stunts to your admin networks and you can deactivate it afterwards.

Challenges of Jumpstart Flash for System Recovery

Flash was designed with the task of system cloning in mind. So it removes the identity of the system after the installation by using the sysidunconfig command. The need for such a stepat system cloning is obvious: One part of the systems identity is the networking configuration. You can´t clone the network configuration as TCP/IP hate duplicate adresses sysunconfig deletes the entire configuration, that makes the installation an unique instance of Solaris:
  • saves a copy of /etc/hosts and substitute it with a default one.</li>
  • removes any NFS mount from /etc/vfstab
  • deletes NIS, NIS+,LDAP and DNS name service configuration
  • removes the interface configuration of alle configured interfaces.
  • removes the root password
  • removes /etc/sysidcfg
  • removes /etc/defaultrouter
  • removes /etc/ined/netmasks
  • regenerates the ssh-keys
  • sets the timezones in /etc/timezone to PST8PDT
  • </ul> Albeit it´s not designed for system recovery, there is a trick you can use to recover the removed information. The knowledge about the removed part is important for the trick, thus i´ve included a list of them in this tutorial. You will find a script at the end of this tutorial.
old new Action
exists not exists File is included in archive
exists exists but different The file from the new state is included in archive
exists exists not File will be deleted, when the diff archive is used on a server