I see the (Sun)light!

Building a Sparc64 server with OpenBSD 3.8 - Part One

Like a big kid, I just had to tell you about the latest addition to the family of machines on my network. I'd been reading around and found an article on OSnews, about various BSDs on a Sun Ultra 5. The test subject had a 333MHz UltraSPARC-IIi processor, an 8.5Gig hard disk and 256MB RAM, which seemed like a pretty reasonable setup to my mind. I'd read enough to realise that these were decent and very reliable computers and that they enjoyed more than reasonable support from the various BSD flavours. I looked around on the web for a supplier of well priced, used Sun hardware and Googled up the Unix-Nerd's Domain, where I put together a diskless Ultra 5, with a 400MHz processor and 256MB RAM. By diskless, I mean no hard disk, as the Ultra 5 has onboard IDE controllers it wasn't a problem to find my own drives for it. I may end up trying a SCSI setup, as I have an Adaptec SCSI card and can free up a 10,000rpm SCSI drive from my PowerEdge. See, the onboard IDEs are a bit on the slow side and I worry about running servers on IDE drives anyway, especially when the means exist to make the drive chain all SCSI.

For now, I've put a 40Gig 7,200rpm IDE drive in and allowed more than ample partitions for all the major mount points. This is just to set up various BSDs, in more of a desktop guise, before blanking it all off and building the OpenBSD web server. After first installing Solaris 10, to see what it was all about, I quickly decided that I didn't really like it much and that setting the machine up to dual boot Solaris and the chosen BSD wouldn't be worth my while. FreeBSD6 was first on, I'd read that earlier versions didn't support framebuffers for X as yet, but was hoping that this had been rectified for this release. Alas, no. Although FreeBSD6 performed pretty slickly, as ever, on the machine, I couldn't get X going and so couldn't expect to use it as a workstation. Shame, but we move on.

Next in line was OpenBSD3.8 I currently run OpenBSD 3.7 on a server for the LAN and to be honest, I really like it. It would have been first choice for the PowerEdge server, if it weren't for the flaky SMP support. So, I installed 3.8 on the Sun, again partitioned with a desktop/workstation in mind. Now I usually like to have Gnome as a desktop manager, but just for the hell of it, I decided to just use X and fvwm, rather than bloat things out too badly. I installed firefox-1.0.6 from the OpenBSD packages collection and got on the net. All cool so far, a bit slow to load, but with an IDE controller running on UDMA2, when I'm used to ATA133, it's hardly surprising. It will obviously be a lot faster with UltraWide SCSI in place and something I will have to seriously consider, depending on how much of a difference it's likely to make, when it's only running a web server and SMTP relay for this domain in both it's forms, slashboot.info and slashboot.org

Firefox in plain X is pretty quick and in my experience very stable. I'll have to see what it's like with mplayer, the mozilla mplayer-plugin and the win32codecs packages on there. I see no reason why it won't cope admirably, at least for audio streams and will attempt some video, just for the fun of it. I won't expect anything amazing from it though, as I have only the on-board PGX24 video, which is an ATi Rage Pro Mach64, with 4MB SGRAM. I do have a Matrox G200 which I might put in and see how much better it makes it. See, I had initially bought the machine, hoping to have it in the bedroom for developing, whilst sat in bed. Unfortunately, with the 12v fans that are stuck in the front and the power supply, it's too noisy to have running at night, with the wife asleep. I am toying with the idea of changing the fans for Sharkoon Silent Eagle 2000's, but I think it won't make enough of a difference to warrant it. If anybody has any tips on 'silencing' the cooling side of an Ultra 5, please contact me here

So seeing as it's destined for serverdom and my LAN server needs are already catered for, I thought I'd give myself a second world-facing web server. I already have FreeBSD on the PowerEdge and it's running very nicely and ready for configuration for my various domains, so the Sun box will get OpenBSD. Seeing as I need to point a domain name at it, I've chosen slashboot for various reasons. First slashboot.org (and .info) is intended as a purely tech specific site and for that alone, it more or less demands to get the juicier of the two servers. Some might argue that the PowerEdge, being a genuine bona-fide server and running the blistering FreeBSD is the juicier of the two. Personally, I think that the Sun just shades it, even with it's IDE drive chain. The Sparc64 processor, the legendary Sun reliability and probably most importantly in a geeky, egotistical way, the Sun badge elevate it above the Dell, with it's dual Intel PII-266's, double the Sun's memory and it's nippy 10,000rpm UltraWide SCSI drives. Yes, the Dell is a real server and it's suitably decked out with FreeBSD to make the most of the hardware. However, OpenBSD is renowned for it's security focus and the quality of it's code, which is not to say that FreeBSD is poor in that respect, it's just that speed wins the 50/50's, over security. FreeBSD is pretty damned secure, too, just not quite so, when compared to a well configured OpenBSD server. Back on the hardware, although the Ultra 5's haven't been made for half a decade, they are still sexy little machines. They were once a thorn in Sun's side, as they were sufficing in roles, where Sun would normally have provided a more powerful and more expensive piece of kit. The IDE interface and the base unit's casing are a little too close to making it a PC for the liking of many die-hard Sun users, but this was done to make it more affordable to the masses. Well, you know what I mean, the geeks with more than a giro.

This machine has proven it's mettle on OpenBSD 3.8, so far and it's very, very usable. With a 40Gig drive, way beyond the standard 8.5Gig that they started life with, it would make an excellent desktop machine, as long as the day to day tasks aren't too intensive. The 400MHz processor has a generous 2MB of second level cache memory, check out the various processor models when picking a used Ultra 5. Some models have only 256KB of L2 cache, whilst the others have 2MB. This can make a huge difference on certain tasks, so it's worth looking into further and ensuring you get a good one. 256MB is probably the entry level on memory, although 128MB will do well enough for a light desktop environment, anything heavy or a busy server load will benefit greatly from the extra memory. It'll never make a great video transcoder. but as a web server, it'll do just fine.

This machine was priced as follows:

• Ultra 5 No hard disk, UltraSPARC-IIi@270MHz, 128MB RAM, floppy, CDROM, onboard 10/100, onboard audio and video, Sun keyboard and mouse - £ 59+vat
• Upgrade processor to UltraSPARC-IIi@400MHz - £ 30+vat
• 128MB RAM upgrade to total 256MB - £ 25+vat

It all adds up to £ 114 + V.A.T, which is £ 133.95 and mainland carriage is free. Not bad for a rock solid stable 64bit machine running at a respectable clockspeed and with a reasonable smattering of RAM. Seeing as I had the 40Gig drive hanging around anyway, that's all I ended up paying. Hopefully this will serve me well for some time to come yet. It's got a really low power consumption, compared to the Dell and just about every PC in the building, so it's a green buy all round.

I'm going to play around with OpenBSD 3.8 in an X/fvwm environment for a bit, before I blank the drive once more, re-partition it to better suit a server environment and then set it up as an all singing, all dancing web server and SMTP relay. That will be the next part of this particular article, unless that is, I find something really wrong with the setup, but I doubt that. FreeBSD6 would have been an equally appropriate choice for the exotic box, but as I said, I already have one of those, as well as a Debian server, which is currently serving this page to you. I don't do anything I'm not 200% certain of, hence why I haven't unleashed the beast (the Dell) on the web as yet. It's been set up for around a fortnight now, but I'm still not utterly certain of it's security as yet. Rather than assume that it's secure, I'm proving that it is, before I fully open it up to the net.

I've now re-installed OpenBSD 3.8, with more appropriate partitioning and no X. As always with a fresh OpenBSD installation, the system is remarkably clean, both in filesystem layout and in the default set of loaded processes. After tiring of switching monitors I eventually got a null modem cable and set the Sun to revert to a serial console for input and output, rather than the keyboard and monitor. This is just one of the beauties of this kind of machine. With the onboard PROM, you can set things like this and because you communicate with it in a command line fashion, you can achieve anything that you could if you were physically at the machine's keyboard. As an example, I connect into the sun box, over a null modem cable running between the Sun's serial port and the serial port on my AthlonXP, FreeBSD based machine. In a FreeBSD terminal, I run # cu -l /dev/cuad1 -s 9600 (From an OpenBSD terminal, you would run # cu -l /dev/cua00 -s 9600, if you are connecting out through COM1) I'm connected into the machine. Well, there's a physical connection, I'm not logged in yet. OpenBSD is running, so I log in as root and confirm the terminal type as sun

Next, I type # halt Now what would you normally expect to happen here? Your connection will normally have been severed, unless the other end has serial console support in the bios, which few x86 machines do. You may find it on higher end servers, but not always. Do this to a Sun box and you are informed that the program terminated (ie the OS/kernel) and you are greeted with an ok The closest thing to describe where we're at at this point, from the perspective of an x86 based Microsoft user, needs some creative writing. Imagine you have say a Windows 98, Pentium PC. At boot, you press, is it F5, or Shift + F5, to stop the boot process and bring you to an immediate C:> prompt. That's a little like the ok prompt, only on our Windows 98 machine, Microsoft DOS is actually loaded at this point. On our Sun machine, nothing that is loaded from any kind of disk, is present in memory. It's completely clean. Now, at your C:> prompt, imagine that you didn't need to load a real-mode driver, from a config.sys file, or poked into memory using a small(ish) program, followed by the loading of Microsoft's MSCDEX.EXE, to make your CD-ROM drive available to you. It hasn't mattered what CD drive I have in my Ultra, standard 32/48x readers, PlexWriter 10/12/32A, I can tell the Sun box, even over the wire, to boot from the CD in that drive, from the ok prompt. Or I could just tell it to boot from the hard disk, or from a net boot image server. Now our Windows readers, need to imagine that on their imaginary computer, from their C:> prompt, they can display and alter their BIOS/CMOS settings. Again, this is something that you might find on a higher end x86 server machine, but very little else. Impressed yet? You should be. If you can understand just what this allows you to do to the machine, over a serial connection, then you will be impressed and as I was, eager to lay your hands on one of these little beauties.

This would allow you to, say, leave a CDROM disk in the machine, or have a boot image server running on your network, with the startup for your OS of choice. If the machine ever goes massively tits up, to the extent that you need to " format it and re-install the OS " a phrase the Windows users will be familiar with, then you can do so, over your serial connection. The advantage of boot image servers, is that you can serve different images, so you can have a host of OS installers at your immediate disposal and change them without visiting the server. Even with a whole stack of available CD-ROM drives connected to your Sun box, you'd still have to visit it, eventually, to change a CD.

Back to our Ultra, I boot the hard disk, back up into OpenBSD and watch the text flow by as the boot process goes on. Scroll back through a bit to make sure that everything is as it should be, then log in. Nice clean, efficient OpenBSD. I really like the sparseness of a fresh OpenBSD install, which keeps things simple, making you consciously enable things which, hopefully, will encourage you to check that everything is as you want it, before you do actually enable a service. Here's what you generally get:

# ps -ax
  PID TT   STAT      TIME COMMAND
    1 ??  Is      0:00.02 /sbin/init
25369 ??  Is      0:00.02 syslogd: [priv] (syslogd)
 9962 ??  I       0:00.02 syslogd -a /var/empty/dev/log
13889 ??  Is      0:00.02 inetd
21664 ??  Is      0:01.54 /usr/sbin/sshd
25113 ??  Is      0:00.30 sendmail: accepting connections (sendmail)
11883 ??  Is      0:00.14 cron
30717 h1  Is      0:00.20 -ksh (ksh)
20036 h1  R+      0:00.00 ps -ax
#  

Continued in Installing the daemons

Post a comment:

Like this page? | |