Solaris OracleClusterware: Difference between revisions
From Lolly's Wiki
Jump to navigationJump to search
(→Groups) |
|||
Line 45: | Line 45: | ||
-K project.max-shm-memory="(privileged,274877906944,deny)" \ | -K project.max-shm-memory="(privileged,274877906944,deny)" \ | ||
group.oinstall | group.oinstall | ||
</source> | |||
===Check project settings=== | |||
<source lang=bash> | |||
# su - oracle | |||
$ for name in process.{max-file-descriptor,max-sem-nsems} ; do prctl -t privileged -i process -n ${name} $$ ; done | |||
process: 14822: -bash | |||
NAME PRIVILEGE VALUE FLAG ACTION RECIPIENT | |||
process.max-file-descriptor | |||
privileged 65.5K - deny - | |||
process: 14822: -bash | |||
NAME PRIVILEGE VALUE FLAG ACTION RECIPIENT | |||
process.max-sem-nsems | |||
privileged 2.05K - deny - | |||
$ for name in project.{max-sem-ids,max-shm-ids,max-shm-memory} ; do prctl -t privileged -n ${name} $$ ; done | |||
process: 14822: -bash | |||
NAME PRIVILEGE VALUE FLAG ACTION RECIPIENT | |||
project.max-sem-ids | |||
privileged 2.05K - deny - | |||
process: 14822: -bash | |||
NAME PRIVILEGE VALUE FLAG ACTION RECIPIENT | |||
project.max-shm-ids | |||
privileged 200 - deny - | |||
process: 14822: -bash | |||
NAME PRIVILEGE VALUE FLAG ACTION RECIPIENT | |||
project.max-shm-memory | |||
usage 0B | |||
privileged 256GB - deny - | |||
</source> | </source> | ||
Revision as of 11:53, 8 February 2016
Get release information
# pkg info kernel | nawl -F '.' '/Build Release:/{solaris=$NF;}/Branch:/{subrel=$3;update=$4;}END{printf "Solaris %d.%d Update %d\n",solaris,subrel,update;}'
Check pkg dependencies
# pkg list developer/assembler developer/build/make
User / group settings
Groups
# groupadd -g 186 oinstall
# groupadd -g 187 asmadmin
# groupadd -g 188 asmdba
# groupadd -g 200 dba
User
# useradd \
-u 102 \
-g oinstall \
-G asmdba,dba \
-c "Oracle DB" \
-m -d /export/home/oracle \
oracle
# useradd \
-u 406 \
-g oinstall \
-G asmdba,asmadmin,dba \
-c "Oracle Grid" \
-m -d /export/home/grid \
grid
Projects
# projadd -p 186 -G oinstall \
-K process.max-file-descriptor="(privileged,65536,deny)" \
-K process.max-sem-nsems="(privileged,2048,deny)" \
-K project.max-sem-ids="(privileged,2048,deny)" \
-K project.max-shm-ids="(privileged,200,deny)" \
-K project.max-shm-memory="(privileged,274877906944,deny)" \
group.oinstall
Check project settings
# su - oracle
$ for name in process.{max-file-descriptor,max-sem-nsems} ; do prctl -t privileged -i process -n ${name} $$ ; done
process: 14822: -bash
NAME PRIVILEGE VALUE FLAG ACTION RECIPIENT
process.max-file-descriptor
privileged 65.5K - deny -
process: 14822: -bash
NAME PRIVILEGE VALUE FLAG ACTION RECIPIENT
process.max-sem-nsems
privileged 2.05K - deny -
$ for name in project.{max-sem-ids,max-shm-ids,max-shm-memory} ; do prctl -t privileged -n ${name} $$ ; done
process: 14822: -bash
NAME PRIVILEGE VALUE FLAG ACTION RECIPIENT
project.max-sem-ids
privileged 2.05K - deny -
process: 14822: -bash
NAME PRIVILEGE VALUE FLAG ACTION RECIPIENT
project.max-shm-ids
privileged 200 - deny -
process: 14822: -bash
NAME PRIVILEGE VALUE FLAG ACTION RECIPIENT
project.max-shm-memory
usage 0B
privileged 256GB - deny -
Network
Check port ranges
# for protocol in tcp udp ; do ipadm show-prop ${protocol} -p smallest_anon_port,largest_anon_port ; done
PROTO PROPERTY PERM CURRENT PERSISTENT DEFAULT POSSIBLE
tcp smallest_anon_port rw 9000 9000 32768 1024-65500
tcp largest_anon_port rw 65500 65500 65535 9000-65535
PROTO PROPERTY PERM CURRENT PERSISTENT DEFAULT POSSIBLE
udp smallest_anon_port rw 9000 9000 32768 1024-65500
udp largest_anon_port rw 65500 65500 65535 9000-65535
Set swap to physical RAM
# export RAM=256G
# swap -d /dev/zvol/dsk/rpool/swap
# zfs destroy rpool/swap
# zfs create \
-V ${RAM} \
-b 8k \
-o primarycache=metadata \
-o chksum=on \
-o dedup=off \
-o encryption=off \
-o compression=off \
rpool/swap
# swap -a /dev/zvol/dsk/rpool/swap
Set slew always for ntp
After configuring ntp set slew always to avoid time warps!
# svccfg -s svc:/network/ntp:default setprop config/slew_always = true
# svcadm refresh svc:/network/ntp:default
# svccfg -s svc:/network/ntp:default listprop config/slew_always
config/slew_always boolean true