June 2009
Make sure the machine is connected to power and network.
Get yourself a PGP key and a secure machine. A secure machine is one that has no more services listening to SSH, with passwords and keys not used on any less secure machine, and either locked away physically or with data encryption on all sensitive information. You may use one of our SSH gateways.
Talk to the ServerInfrastructure guys. Present them with your PGP key (so they can mail you securely) and the IP number of your secure machine. Receive a certificate to connect via VPN to the unrouted subnet they connect the blades' ILOM to. Also ask which IP number the blade(s) in question have got. They will give you a VPN config snippet as well, and the root password for the blades' ILOM.
We're going to start the machine using DHCP and PXE. You can use the PXE of Osis and the DHCP of lwp22. The DHCP has to be fired up first. Make sure to either agree with NetInfra on the matter or thoroughly distract them while operating the DHCP server. Portscanning their machines is a good distraction.
On your secure machine, connect with OpenVPN to the ILOM network. From there, test whether you can connect to the blade's ILOM:
ssh
10.0.43.21
-l root
Password:
Sun(TM) Integrated Lights Out Manager
Version 2.0.3.16
Copyright 2008 Sun Microsystems, Inc. All rights reserved.
Use is subject to license terms.
Note | |
---|---|
In this step, it is assumed that the remote console we use is the only one open on the machine. If the machines' console is also redirected through other parts, whether via ssh to the ILOM or via the Java-based graphic console obtainable by connecting to the ILOM's HTTPS port, the rest of this procedure will not work. |
If it is still running, stop the machine:
-> stop -f /SYS
Are you sure you want to immediately stop /SYS (y/n)? y
Stopping /SYS immediately
-> start /SYS
Are you sure you want to start /SYS (y/n)? y
Starting /SYS
-> start
Are you sure you want to start /SP/console (y/n)? y
Serial console started. To stop, type ESC (
You may have to wait a couple of seconds before anything actually happens.
When prompted, enter the BIOS and adjust settings to your preferences. At least take a look at the boot order.
Save BIOS settings. The machine will reboot. The blade modules have a hardware RAID controller, so when prompted, adjust the RAID settings. The default seems to be “IME”, which is RAID-10. We 've got two disks for most of our machines, and three for some, so most of the time, you will want “IM”: RAID-1 (mirroring), possibly with a hot spare.
After adjusting the RAID configuration ,the machine will reboot again. This time, press <CTRL><N> to boot from the network. If there is a DHCP server present with proper settings, the machine will boot into a PXE menu and you will be able to choose an unattended install.
Warning | |
---|---|
You can only use menu entries that have console=ttyS0 in the kernel parameter list. Without that, the console redirection will stop showing anyting as soon as the kernel boots, and the installation will never finish, not even with all questions answered in a preseed file. |