Determining Resource Requirements
Before proceeding with any installation procedure, you must first ensure that the servers supporting FNS have sufficient memory and disk storage. Space for FNS is in addition to the space needed for your enterprise-level name service (NIS+, NIS, or files).
As a general rule-of-thumb, you will need approximately 17 Kbytes of disk storage for each user and host, plus adequate swap space. Where this disk storage space is located and how it is calculated varies according to your underlying enterprise-level naming service:
NIS+. The disk storage must be mounted on the machine that will function as the FNS server for the domain or subdomain. In an NIS+ environment, a server hosting the FNS ctx_dir directory does not have to be the same server hosting the standard NIS+ directories, such as org_dir. In order to more evenly distribute server load, many large installations choose to use separate machines for NIS+ and FNS servers. The amount of space needed on an FNS server in an NIS+ environment is determined by the number of users and hosts in the domain, or subdomain, for which the server provides naming.
NIS. The disk storage must be mounted on the machine that will function as the FNS server for the domain. In an NIS environment, a server hosting FNS does not have to be the same server hosting NIS. In order to more evenly distribute server load, many large installations choose to use separate machines for NIS and FNS servers. The amount of space needed on an FNS server in an NIS environment is determined by the number of users and hosts in the domain.
Files-based. When your enterprise-level name service is files-based, the amount of disk storage needed by FNS is determined by the number of users and hosts in /etc/users and /etc/hosts files of the machine mounting /var/fn. If every machine has its own /var/fn directory, then the amount of space needed is determined by each machine's user and host files. If /var/fn is mounted on one machine and exported to the rest of the machines on the network by NFS, the space needed by the machine hosting /var/fn is determined by the number of users and hosts in that machine's /etc/users and /etc/hosts files.
For example, to support an FNS environment in an NIS+ domain with 1200 users and hosts, you will need:
A minimum of 20 Mbytes of disk space beyond the space needed by your underlying enterprise namespace (NIS+, NIS, or files-based).
An additional 40 Mbytes of swap space.
Preparing the Namespace for FNS
This section describes the preparations you need to make before running fncreate to set up your FNS contexts. The preparations vary according to your enterprise-level naming service.
Preparing the Namespace for FNS -- Task Map
Table 25-10 Preparing the Namespace for FNS
Task | Description | For Instructions, Go To | |
|---|---|---|---|
Preparing the Namespace for FNS | Convert files to NIS maps | "Working With NIS Maps" in System Administration Guide: Naming and Directory Services (DNS, NIS, and LDAP) | |
Preparing the Namespace for FNS | Prepare NIS service | ||
Preparing the Namespace for FNS | Prepare files-based naming | ||
How to Prepare NIS+ Service for FNS
Before setting up the FNS namespace, do the following:
Make sure that the NIS+ domain is properly set up.
The NIS+ domain and associated subdomains must already be set up before configuring FNS. In other words, NIS+ standard tables, such as hosts and passwd, must already exist and be populated.
Make sure that the domain's hosts.org_dir and passwd.org_dir tables are fully populated with the names of every host and user.
You can use the niscat or nismatch commands to check the contents of these tables.
Set the NIS_GROUP environment variable to the name of the group that will be administering the FNS objects.
The fncreate command will not let you complete the FNS setup without setting this variable first. When fncreate creates user and host contexts, they are owned by those hosts and users, and not by the administrator who executed the command. Setting NIS_GROUP allows the administrators who are members of the group to subsequently modify these contexts, even though they do not own the objects.
Assuming a C-Shell, the example below sets NIS_GROUP to fns_admins.doc.com.
rootmaster# setenv NIS_GROUP fns_admins.doc.com
[Optional] Specify that FNS run on a machine other than the NIS+ master server.
All NIS+ objects used by FNS are kept under the ctx_dir directory of an NIS+ domain, at the same level as the domain's org_dir directory. For large domains, such as those with more than 5000 users and hosts, it is recommended (though not required) that the ctx_dir used by FNS be supported by a server different from the one supporting the standard NIS+ directories, such as groups_dir. Using separate servers avoids placing too much load on one server. It also allows you to keep separate the administration of FNS's use of NIS+ and the administration of NIS+ itself.
To specify that FNS be hosted by a machine that is not the NIS+ master server for the domain, you must manually create a ctx_dir directory object on the machine that will serve as the FNS host for the domain. (If you omit this step, FNS will be installed on the domain's NIS+ root master server.)
To specify the machine that will become the FNS master server:
Create the ctx_dir directory for the NIS+ domain.
For example, to create a ctx_dir directory on a machine named fns_server in the doc.com domain, run the following command on the domain's master server (note the trailing dot at the end of the domain name, as shown):
nismaster# nismkdir -m fns_server ctx_dir.doc.com.
(See "The nismkdir Command" for more information on creating NIS+ directory objects with the nismkdir command.)
Note - If you are creating an FNS ctx_dir directory for a subdomain, the machine you specify as the FNS server hosting ctx_dir must reside in the subdomain, it cannot be a machine in the parent domain. (By contrast, a subdomain's NIS+ master server always resides in the domain above the one it serves.) In other words, when configuring FNS for an NIS+ subdomain, if you use the same server for both NIS+ and FNS, that server resides in the domain above the subdomain; but if you use different servers for NIS+ and FNS, the NIS+ master server resides in the domain above and the FNS server resides in the subdomain that it serves.
Use the nisls command to verify that the ctx_dir directory has been created.
rootmaster # nisls doc.com.ctx_dir
Run nisping to checkpoint the directory
# /usr/lib/nis/nisping -C ctx_dir.doc.com.
How to Prepare NIS Service for FNS
Before setting up the FNS namespace, do the following:
Make sure that the hosts.byname, user.byname, and printer.conf.byname maps are complete, correct, and up to date.
Note - You can assign a different master server for FNS maps, using the same procedure that you would to assign a different master for any other NIS map.
Preparing Files-Based Naming for FNS
Files-based naming refers to name services that obtain their data from /etc files rather than NIS+ or NIS.
If you are going to install a /var/fn directory on each machine, as is normally the case, the steps below must be performed on each machine. If you decide to mount and export the /var/fn directory from one machine, the steps below need to be performed on the machine that exports /var/fn.
Make sure that the /etc/hosts and /etc/passwd files are complete and contain the names of all users and hosts.
Creating Global FNS Namespace Contexts
This section describes how to create your namespace globally for a given enterprise or NIS+ domain.
The FNS namespace is created by the fncreate command.
# fncreate -t org org// |
Or, alternatively:
# fncreate -t org org/domain/ |
Where domain is the name of an NIS+ domain or subdomain.
The fncreate command creates the default contexts for the specified organization and all its subcontexts, including contexts and subcontexts for users and hosts in the organization.