Before I go on writing about my experiences with the SunFire T2000, let me explain why I choose to apply for the Try&Buy program in a bit more detail. If you’ve read my previous posts you’ll know that my background is being a freelance editor and a Linux admin. As the latter I’m used to manage x86-based machines locally and remotely. Many of said machines share a common problem: as the workload increases tweaking the systems to cope with the load becomes more and more difficult. The easy solution would be to throw more hardware at the problem. But as my wife uses to say: “If there’s a reoccuring problem it’s no good to try more of the same old solution. Do something different.”
So what’s out there that’s different from a Linux box but would at the same time allow you to run the services you learned to use and love – well, and sometimes hate? Switching to Windows doesn’t even come to mind as a last resort. That basically leaves only Sun and their Solaris Operating System. By the looks, Solaris is not too different from Linux, thus one could expect the learning curve not being too steep. Also Sun claims their hardware would outperform general PCs on integer performance. Now, to be honest, is there much else a web server does than shuffling around integer type content? Even in case you’re using a database and do perform some backend calculations: the major part of the day the server will spend reading 0s and 1s from the disks and sending them to the user. Script processing also is mostly integer based. So why not give a Sun machine a spin? See how it behaves in both respects, performance and usability for the Solaris novice but Linux nerd?
Enters stage Sun Try&Buy. Instead of blindly buying a machine or going into the sometimes (I haven’t tested this with Sun but got enough experience with other manufacturers) tedious process of ordering an eval machine, for an admin this really looks like a great opportunity. Especially so because Sun got some things right others tend to overlook. Setting the eval period to 60 days in my opinion is the most important of those. In general, you’ll get an eval machine for two to four weeks. That’s definitely not enough for any admin to test and play with new hardware and software and to make a well founded decision. Having a fast and easy web application is another pro, add to that that at least I wasn’t bothered with any “What exactly do you plan to do with the machine?” calls or emails. The price point for the T2000 series also is quite attractive, provided that they live up to the expectations ;)
To sum it up, I considered the Try&Buy program to be very attractive, especially for the Linux admin looking for alternatives to his x86-machines. So I decided to have a look at it from exactly that angle. Now on with the story.
First users – first roadblocks
After I had configured the ALOM network management port and got access to the console of “my” Sun, I decided that I first wanted to add some user accounts. On Linux, you’d normally do this on the command line or using a tool provided by your distribution. On Solaris, the tool of choice would be the Solaris Management Console 2.1 (SMC) – or at least, that’s what the Solaris Basic Administration Guide suggests. Now, that would be fine except for one small problem: SMC is a graphical application and thus requires an X-Window system to run.
Generally, this wouldn’t be a problem save for the fact that on the T2000 you don’t have a local screen. Ok, I thought, I could just use ssh -X root@sun to login to the machine and redirect the X output to my local system. However, Sun has disabled the login for root via telnet and ssh per default, which is a good thing from a security point of view. For me that meant I was stuck with either terminal or telnet access to the ALOM and accessing the console from there. No chance of routing any X-Window data over that connection.
So that left me in a kind of catch 22. To login using SSH I needed an user account but to create an user account I needed to login via SSH first. At that point, the otherwise great documentation failed me. It does mention to edit /etc/default/login to be able to login as root. But even if you find out that you have to comment out the line CONSOLE=/dev/console by reading the comments in that very file you’ll later find out that this change is for telnet only. So it wouldn’t help me to use SCM.
That meant I had two options left: create a user account using the command line tools or enable root-login via SSH by editing /etc/ssh/sshd_config and restarting the SSH service. I initially opted for the latter one. Although that’s somewhat of a security risk I decided that I could safely try it because the T2000 is running in my private network and thus the risk of any intrusion would be minimal.
What I didn’t take into account was that I did know zilch about how to restart a service on Solaris. So I reverted back to using the command line tools to create an user account. Here, the documentation was very helpful again, giving the complete command lines I (although this time they’re exactly like those you’d use on Linux). Using groupadd and useradd I managed to create an account in no time. Still, it left me with an uneasy feeling for I wasn’t able to automatically create the directory structure below /export/home as suggested by the manual. The reason is that I would have had to create the /home part manually. Not knowing the right permissions so that I could later on use SCM safely I decided to create a temporary user with a home directory directly below export, use SCM to create a real user account, use that one to login and start SCM again, then delete the temporary user I manually created.
This worked like a charm and I was finally able to run the SCM. The functionality provided by this utility is great, compared to what’s offered on most Linux distributions. However, I was a bit disappointed to learn that you couldn’t use it to restart services (but maybe I just haven’t found the option yet). Anyway, creating the user accounts and the corresponding groups was easy enough. It just took me a second to realize that I had to right-click into a populated area of the display to get a menu. At first I clicked at the empty space and wondered why nothing happened.
Later on, by reading the Basic Administration Guide further, I found that the command to restart a service is svcadm restart <service>. So I could have saved me some (but not much) time by just editing /etc/ssh/sshd_config and restarting the SSH daemon using svcadm restart ssh.
While this will actually work, it’s not really safe to do so. Thus, had I been a novice user, I would have been happy had the documentation taken into account that I didn’t have any screen directly connected to the machine, didn’t know anything about how to start and restart a service and told me the suggested steps I had to take to access the SCM in that case (create a user manually, login using SSH with the -X parameter given, start SCM). The section about editing /etc/default/login I found to be completely misleading, a short explanation of SSH would be a lot more helpful there.
Lessons learned:
[ All posts about my experiences with the SunFire T2000 >>> ]
