[TriLUG] Sun Jumpstart experts?

Vestal, Roy L. rvestal at rti.org
Mon Aug 19 09:35:32 EDT 2002 

Also, check out JASS, Jumpstart tool. It's in the presentation from NC*SA.
(www.ncsysadmin.org)

-----Original Message-----
From: Michael Alan Dorman [mailto:mdorman at debian.org] 
Sent: Friday, August 16, 2002 10:55 AM
To: trilug at trilug.org
Subject: Re: [TriLUG] Sun Jumpstart experts?


"Ben Pitzer" <uncleben at mindspring.com> writes:

> Actually, they do have to be on the same subnet.

That is not a real requirement at all.  period.

Really, a jumpstart is nothing but a net-boot, plus an nfs-root.

Sun provides a couple of tools to perform a couple of tasks that are
peculiar to setup (partitioning and the like), and seems to go to great
lengths to establish this mystique around jumpstart, but there is really
*no* magic involved.  I wrote *all* my own scripts for things, and didn't
use any of the standard sun scaffolding.

Heck, there's a guy who's implemented a tool called FAI for Debian that
bears a painful resemblance to jumpstart.  I felt all too at home when I
started using it.

In fact, for reasons that escape me, he's looking to extend it to doing
Solaris installs as well!  I suspect it's just perversity.

So, anyway, the only requirement is that you be able to net-boot and mount
an nfs-root.  Because of the requirements of net-booting---that every
net-booting method in the universe (at least that I am aware of) relies on
broadcasts, which *are* segment-specific---it is often believed that
Jumpstart requires boxes to be on their own segments, but that really isn't
the case; you just have to work around your net-boothing requirements.  DHCP
is an effective solution, and, in my experiments, a little faster.

> We use them here at RR, and must build all boxes on one subnet, then 
> reconfigure the network info to put it on another.  I prefer it that 
> way, because we can segregate that subnet from the world so that if 
> for some odd reason we have to leave a box unpatched to go work on 
> another issue or emergency, it isn't out where the world could 
> potentially see it and crack it.

Now these are some good reasons for having a special jumpstart
segment---though I always just patched boxes as start of my jumpstarts.
Also related is the issue of jumpstart requiring NFS, which is to network
security what leaving your fly down is to being suave and debonaire...

Mike.
_______________________________________________
TriLUG mailing list
    http://www.trilug.org/mailman/listinfo/trilug
TriLUG Organizational FAQ:
    http://www.trilug.org/~lovelace/faq/TriLUG-faq.html

More information about the TriLUG mailing list