Installing N1SPS in a Zone
By John Clingan on Jul 07, 2006
Following up on yesterday's post, I thought I would share the steps I took to get the N1 Service Provisioning System up and running in a local zone.
The following steps should be run from the global zone.
- Create a whole zone. I've called mine "sps".
- Run "modload /kernel/sys/semsys"
The following steps should be run from the local (sps) zone.
You may or may not have to do this depending on your setup, but N1 SPS requires a minimum amount of IPC resources. I think this is primarily due to the bundled Postgres database. FYI, these steps are documented in the installation guide. No special sauce applied.
- Install guide steps
- projmod -a -K "project.max-shm-memory(priv,512mb,deny) default
- projmod -a -K "project.max-sem-ids=(priv,32,deny)" default
- projmod -a -K "process.max-sem-nsems=(priv,17,deny)" default
- prctl -n project.max-shm-memory -v 536870912 -r -i project 1
- prctl -n project.max-sem-ids -v 32 -r -i project 1
- prctl -n process.max-sem-nsems -v 17 -r -i process $$
Here's the other (abstract) steps I followed:
- I created a Solaris user/group: n1sps/n1sps
- ran installer (cr_ms_solaris_x86_pkg_5.2.sh)
- I chose ssh, SSL/HTTPS, create keystore later
- Because I chose https, I had to create a keystore
- /usr/jdk/j2sdk1.4.2_06/bin/keytool -genkey -alias tomcat -keyalg RSA
-keystore SPS_HOME/server/tomcat/keystore -storepass [YOUR_KEYSTORE_PASSWORD]
- Your JDK path may vary
- chmod 600 keystore
- chown n1sps:n1sps keystore
- SPS_HOME/server/bin/crkeys -epass -password [YOUR_KEYSTORE_PASSWORD]
- copy the resulting text and paste into tomcat's server.xml (search for "keystore" in server.xml)
- Started the server: su - n1sps SPS_HOME/server/bin/cr_server start