Install/Configure Sun Ray Server 1.2 on a Public LAN
(revised 12/20/2000)
Comments & corrections to rel@mtu.edu or mtdolan@mtu.edu

This document explains how to setup a basic Sun Ray Server on a public network.

NOTE: This configuration information herein is not supported by Sun Microsystems
See the "DON'T" section in INFODOC: 21168

Preparation:
Solaris Installation: We suggested to install the entire OS distribution, including OEM. If you are using jumpstart methods, use "cluster SUNWCXall" in the appropriate profile.

OS Patching: Although not necessary, it is highly recommended to patch the Sun Ray server with all relevant OS patches before installing the software. Particularly kernel, X and CDE patches.

Partition Layout: Large swap and /var partitions. Below is an output from 'df -k -F ufs' on a production Sun Ray server hosting 50 Sun Ray clients. 
	Filesystem            kbytes    used   avail capacity  Mounted on
	/dev/dsk/c0t0d0s0     144172   43130   86625    34%    /
	/dev/dsk/c0t0d0s6    1124452  762469  305761    72%    /usr
	/dev/dsk/c0t0d0s3     963869   19102  886935     3%    /var
	/dev/dsk/c0t0d0s5    1986439  193065 1733781    11%    /cache
	/dev/dsk/c0t0d0s4     241403   40839  176424    19%    /opt
In our model, no software, applications or data are stored on the Sun Ray server. Application shares are mounted cachefs and home/data shares mounted via nfs.

/, /opt, and /usr could probably be trimmed down, but hey.. we got the space

a large /var is important for all those nasty little temp files that are left in /var/tmp by printing, Acrobat, StarOffice, etc... /var/opt/SUNWut/, /var/log and /var/adm have the potential to grow quite large, and you probably want to leave plenty of room in /var/sadm/patch for patch backout directories.

/cache is where we mount various application directories using cachefs. If you have a lot of applications, 2048 meg is a good number. Ideally you will cache all used application, improving application loading and performance while decreasing network traffic to the application server.

swap: typically four times the ram. But with the ability to have disconnected sessions via the smart card you might consider more. If possible, split the swap device onto multiple spindles/controllers.

CDE/dtlogin considerations: If your department/organization has a symbolic link in place for "/etc/dt", remove it and create the /etc/dt directory. Put all CDE/dtlogin config files local to the Sun Ray server in the /etc/dt hierarchy. The Sun Ray server software installs files and builds templates in /etc/dt/config. If the /etc/dt directory is symlinked or shared to other workstations/servers using CDE, bad things will happen.

swap considerations: For medium to large server configurations, you would benefit from having multiple disks to use for swap space. In our environment, we average 400MB/session. Use dual interal drives, s1 = same size, or multipack, use whole disks, can split across multiple controllers for even more improved swap performance. swap sizes can vary, but a good rule of thumb for multi-user servers is swap = 4x ram, maybe 8x ram if you intend to allow users to have dormant sessions. 200 users, 50 active any one time. 150 inactive need swap space.

/var/tmp: Ensure your server is build with adaquate space in /var/tmp. It should be configured to have enough space to allow log files to adequately grow and store temporary user files. 1-2GB partition for /var should be adequate for a system that has 50-100 simultaneous users. Use of nightly or weekly scripts run from crontab can aid in cleansing /var/tmp of unnecessary user files.

/tmp and tmpfs: Ensure your server is build with adaquate space in /tmp and /var/tmp. /tmp can mount on swap for a tmpfs file system. If /tmp is mounted on swap, see swap considerations for sizing. If /tmp is to be its own ufs partition, see /var/tmp considerations for sizing. There exist three very important directories in /tmp that are essential for Sun Ray functionality. If you use cron jobs to cleanse /tmp, avoid altering the contents of these directories: /tmp/.X11-unix, /tmp/.X11-pipe, /tmp/SUNWut. Modifications to these directories by programs other than Sun Ray server will result in erratic behaviour or service failure.

Documentation:
Sun Ray Server Install Guide (html).
Sun Ray Server Install Guide (pdf).
Sun Ray Server Administration Guide (html).
Sun Ray Server Administration Guide (pdf).
Sun Ray Server Advanced Administrator Guide (html).
Sun Ray Server Advanced Administrator Guide (pdf).
On-line Answerbook documentation can be found on sundocs.mtusysadm.mtu.edu
Setting up a Sun Ray Server:
  1. Install the Sun Ray software.

    Change to the directory that contains the Sun Ray server software media, typically /cdrom/sun_ray_12/ or the NFS share that might contain the media. As root enter the following command: 

    	# ./utinstall

    For all defaults and full server install, try: 

    	# ./utinstall -f
  2. Apply relevant patches to the Sun Ray, Web or LDAP software. As of 12-20-2000, there are no patches.

  3. Configure software for the LDAP/WEB Admin services.

    The following command will setup the LDAP/WEB information along with the web admin passwords. Its ok to use the defaults. Don't forget your passwors that you set :) 

    	# /opt/SUNWut/sbin/utconfig
  4. Set some system parameters in /etc/system

    • Increase kernel tablespace and system resources for more concurrent users
    • Limit number of process by a single user
    • Example below for a Sun Ray server with 20-50 clients. 

      	set maxusers=2048
	set maxuprc=150
    • If you are configuring on Solaris 7 or older, add more System5 and BSD pty to system. 
      	set pt_cnt=1024
	set npty=512
  5. Configure the default framework on the Sun Ray server

    NOTE: be sure to only specify the -c. This will setup only the framework and not configure any private networks.

    # /opt/SUNWut/sbin/utadm -c

  6. The previous step creates a skeleton dhcptap in /var/dhcp/dhcptab.
    /var/dhcp/dhcptab will initially contain: 
    	SunRay  m       :LeaseTim=86400:LeaseNeg:
	AuthSrvr        s       Vendor=SUNW.NewT.SUNW,21,IP,1,1
	AuthPort        s       Vendor=SUNW.NewT.SUNW,22,NUMBER,2,1
	NewTVer s       Vendor=SUNW.NewT.SUNW,23,ASCII,1,0
	LogHost s       Vendor=SUNW.NewT.SUNW,24,IP,1,1
	LogKern s       Vendor=SUNW.NewT.SUNW,25,NUMBER,1,1
	LogNet  s       Vendor=SUNW.NewT.SUNW,26,NUMBER,1,1
	LogUSB  s       Vendor=SUNW.NewT.SUNW,27,NUMBER,1,1
	LogVid  s       Vendor=SUNW.NewT.SUNW,28,NUMBER,1,1
	LogAppl s       Vendor=SUNW.NewT.SUNW,29,NUMBER,1,1
	FWSrvr  s       Vendor=SUNW.NewT.SUNW,31,IP,1,1
	Intf    s       Vendor=SUNW.NewT.SUNW,33,ASCII,1,0

    NOTE: Always stop in.dhcpd before hand editing any files in /var/dhcp 

    	# /etc/init.d/dhcp stop

    You will need to add two more entries. Change fields in blue to reflect your configuration. 

    
     mylab   m       :Include=SunRay:AuthSrvr=141.219.59.150:AuthPort=7009:LogHost=141.219.59.150:LogKern=6:LogNet=6:LogUSB=6:LogVid=6:LogAppl=6:

    
     141.219.56.0  m       :Broadcst=141.219.59.255:Subnet=255.255.252.0:MTU=1500:Router=141.219.56.1:FWSrvr=141.219.59.150:Intf=hme0:NewTVer=1.2_16.a,REV=2000.10.31.16.19:
    mylab the name of the macro referenced from /var/dhcp/XXX_XXX_XXX_XXX (Step 7)
    AuthSrvr=141.219.59.150 Change to Sun Ray Server IP Address.
    LogHost=141.219.59.150 Change to syslog server IP Address.
    141.219.56.0 Change to the name of the subnet network macro
    Broadcst=141.219.59.255 Change to subnet broadcast address.
    Subnet=255.255.252.0 Change to subnet netmask.
    Router=141.219.56.1 Change to subnet router IP address.
    FWSrvr=141.219.59.150 Change to Sun Ray firmware server IP address.
    Intf=hme1 Change to network interface serving the Sun Rays.

  7. Create subnet file (XXX_XXX_XXX_XXX) in the /var/dhcp directory.

    The filename is derived from the subnet where the Sun Ray server resides, replacing "_" for ".". For example, Sun Rays in .cee.mtu.edu are on subnet 56. The filename we use would be 141_219_56_0. If you have two different Sun Ray servers on the same network they would have the same name for this file.

    Entries in this file contain dhcp information for hosts requesting dhcp packets from that network. In our setting, we do not use pools of available addresses, so we hardcode each Sun Ray client to an IP address.
    For example: 

    Fields		1	2	 3	       4	 5	  6

	01080020B584F8 03 141.219.59.52 141.219.59.150  -1      mylab
	01080020B56D06 03 141.219.59.53 141.219.59.150  -1      mylab
	01080020B5A7B8 02 141.219.59.54 141.219.59.150   0      mylab
	01080020B5449F 02 141.219.59.55 141.219.59.150   0      mylab

    Field 1 The ethernet address prepended with a "01". NOTE: all UPPER case for the ether address; mix the case and it won't work!
    Field 2 Lease definition. ('man pntadm' for more info on lease types)
    Field 3 IP address of the Sun Ray client requesting the lease
    Field 4 IP address of the DHCP server
    Field 5 When the lease assignment of the IP address expires. (-1 is never)
    Field 6 Macro assigment for rest of DHCP parameters, see /var/dhcp/dhcptab (Step 6)

    When finished with /var/dhcp/{dhcptab|141_219_x_x}, restart DHCP services. 

    	# /etc/init.d/dhcp start

  8. If you have applied any Sun Ray server patches, be sure to update the firmware download options in /var/dhcp/dhcptab with utfwadm (see man page for more details): 
    	# /opt/SUNWut/sbin/utfwadm -a -A -n intf
    • Be sure to read the patch readme. There are specific considerations for Sun Ray's that have older Sun and VGA monitors.
    • By default, Sun Ray units will download new firmware at power-on or reset if their firmware revision differs from what is denoted in network macro in /var/dhcp/dhcptab.

  9. Copy system default /usr/dt/config/Xservers to /etc/dt/config/Xservers.SUNWut.prototype and make site specific changes.

  10. If Sun Ray server does not have a graphics console (ie. /dev/fb), comment out the :0 entry in /etc/dt/config/Xservers.SUNWut.prototype: 
    	#   :0  Local local_uid@console root /usr/openwin/bin/Xsun :0 -nobanner
  11. Append Begin and End comments (with #) to /etc/dt/config/Xservers.SUNWut.prototype 
    	# BEGIN SUNRAY CONFIGURATION
	# END SUNRAY CONFIGURATION
  12. Copy system default /usr/dt/config/Xconfig to /etc/dt/config/Xconfig.SUNWut.prototype and make site specific changes.

  13. Append Begin and End comments (with #) to /etc/dt/config/Xconfig.SUNWut.prototype 
    	# BEGIN SUNRAY CONFIGURATION
	# END SUNRAY CONFIGURATION

  14. Enable connections from public networks.

    By default the Sun Ray server will not allow connections from a public network. This behavior can be altered by making a change in the file /etc/opt/SUNWut/auth.props

    Change the parameter "allowLANConnections" to true. Be sure to uncomment the line for the paramter. 

      allowLANConnections = true

  15. Perform a reconfigure reboot. 
    	# /usr/sbin/reboot -- -r