Hetzner - DokuWiki

SmartOS

Installing and configuring SmartOS on a Hetzner server (with a /29)

Adapted from https://gist.github.com/4492300 with permission (2012-01-09)

Inhaltsverzeichnis

Installation

Log in to the Linux Rescue System.

Download the latest SmartOS USB image

wget https://download.joyent.com/pub/iso/latest-USB.img.bz2
bunzip2 latest-USB.img.bz2

Note: SmartOS requires a USB key on your server

Find out its device name using:

fdisk -l

On my system it is /dev/sdd

Write the image to the USB key (/dev/sdd)

IMPORTANT: /dev/sdd WILL BE ERASED

dd if=latest-USB.img of=/dev/sdd bs=1024

Now make the USB drive bootable

fdisk /dev/sdd

Command (m for help): a

Partition number (1-4): 1

Command (m for help): w

reboot

Now request a KVM Console remote console from Hetzner, and log in via the Java applet.

Use the Robot to request a reboot of the server, and press DEL when the POST shows to enter the BIOS.

Your BIOS is set to boot from the network - do not change that, you need it to gain access to the Rescue System in the future. Instead, change the order of the fallback local boot options. These are labelled "Hard Drive BBS Priorities" on my motherboard - you want to set this to boot from the USB key.

(OPTIONAL) If you want your zpool to only use some (but not all) of the available drives, then make a note of the order in which they are displayed on the POST screen, so that you know which drives are which during SmartOS install - the will be in the same order.

Save the settings and exit the BIOS.

The server will try network boot and fail, then try a local boot from the USB key. You should see the SmartOS GRUB screen now. Let it boot the SmartOS installer.

Follow the SmartOS install wizard, using "dhcp" as the IP address. Reboot, and you're finished with the KVM Console.

Basic Configuration (OPTIONAL)

(OPTIONAL) set a hostname: http://wiki.smartos.org/display/DOC/Setting+a+static+hostname+at+boot+time

(OPTIONAL) upload a root SSH key: http://www.perkin.org.uk/posts/smartos-global-zone-tweaks.html

Configuring a /29 subnet

Hetzner will give you a /29 (or indeed a /28) subnet which is *statically routed* to your server's main IP. In the subnet x.x.x.200/29 the first address (x.x.x.200) is used to identify the network, and the last address (x.x.x.207) is used for broadcast, leaving six usable IP addresses (but we have to use one for the gateway, so we only get FIVE usable IPs).

Hetzner route the subnet traffic to the main IP of your server, and expect you to provide your own gateway for the subnet. Threfore we have to set up a vnic in the global zone to act as a router for the subnet. This uses up the the first available ip of our /29.

dladm create-vnic -l rge0 vnic0 # rge0 = physical nic (from ifconfig)

ifconfig vnic0 plumb x.x.x.201 netmask 255.255.255.248 up # x.x.x.201 = first usable ip

svcadm enable route # turn on ipv4 routing

Check that you can now ping x.x.x.201 from the internet.

Now we can launch zones using the five remaining ips, for example x.x.x.202.

The gateway is set to x.x.x.201 which is the router we just set up in the global zone.

cat > /tmp/zonedef << EOF
{
  "brand": "joyent",
  "autoboot": true,
  "dataset_uuid": "fdea06b0-3f24-11e2-ac50-0b645575ce9d",
  "nics": [
    {
      "nic_tag": "admin",
      "ip": "x.x.x.202",
      "netmask": "255.255.255.248",
      "gateway": "x.x.x.201"
    }
  ]
}
EOF
vmadm create -f /tmp/zonedef

Check that you can now ping x.x.x.202 from the internet and that the zone can reach the internet:

zlogin <Zone UUID>
ping google.com
exit

Persistance

If everything works, then we need to persist the configuration of the global zone so that it survives a reboot:

First create an SMF service to run a script on boot (you don't need to customise any of this XML):

mkdir -p /opt/custom/smf
cat >> /opt/custom/smf/subnet-routing-setup.xml << EOF
<!DOCTYPE service_bundle SYSTEM '/usr/share/lib/xml/dtd/service_bundle.dtd.1'>
<service_bundle type='manifest' name='export'>
  <service name='site/subnet-routing-setup' type='service' version='0'>
    <create_default_instance enabled='true'/>
    <single_instance/>
    <dependency name='network' grouping='require_all' restart_on='error' type='service'>
      <service_fmri value='svc:/milestone/network:default'/>
    </dependency>
    <dependency name='filesystem' grouping='require_all' restart_on='error' type='service'>
      <service_fmri value='svc:/system/filesystem/local'/>
    </dependency>
    <exec_method name='start' type='method' exec='/opt/custom/scripts/subnet-routing-setup' timeout_seconds='60'>
      <method_context>
        <method_credential user='root' group='staff'/>
        <method_environment>
          <envvar name='PATH' value='/usr/bin:/usr/sbin:/bin'/>
        </method_environment>
      </method_context>
    </exec_method>
    <exec_method name='restart' type='method' exec=':kill' timeout_seconds='60'>
      <method_context>
        <method_credential user='root' group='staff'/>
      </method_context>
    </exec_method>
    <exec_method name='stop' type='method' exec=':kill' timeout_seconds='60'>
      <method_context>
        <method_credential user='root' group='staff'/>
      </method_context>
    </exec_method>
    <property_group name='startd' type='framework'>
      <propval name='duration' type='astring' value='transient'/>
      <propval name='ignore_error' type='astring' value='core,signal'/>
    </property_group>
    <property_group name='application' type='application'/>
    <stability value='Evolving'/>
    <template>
      <common_name>
        <loctext xml:lang='C'>subnet-routing-setup</loctext>
      </common_name>
    </template>
  </service>
</service_bundle>
EOF

Then create the actual script

You need to customise this as shown previously

mkdir -p /opt/custom/scripts/
cat >> /opt/custom/scripts/subnet-routing-setup <<
#!/bin/sh

. /lib/svc/share/smf_include.sh



dladm create-vnic -l rge0 vnic0 # <-- customise

ifconfig vnic0 plumb x.x.x.201 netmask 255.255.255.248 up # <-- customise

svcadm enable route



exit $SMF_EXIT_OK
chmod +x /opt/custom/scripts/subnet-routing-setup

Now, reboot and check that everything works.

You can use ifconfig, svcs, and routeadm to debug things.

reboot


© 2019. Hetzner Online GmbH. Alle Rechte vorbehalten.