TASTING ZONES IN SOLARIS 10
TASTING ZONES IN SOLARIS 10
Many of us have heard about zones, a zone is/are a piece of software that is bundle with Solaris 10 that allows the root user of the global zone to have the capacity to dedicate system resources to individual zones. You might be asking “what are you talking about?”, well simple. Each zone maintains its own root password and user information, separate from other zones and the global system. Each zone exists as a separate Solaris environment with separate processes in file system space and can only monitor and interact with its local processes. Enough terminology, think of zones as using separate machines in the same box, the concept is very similar to that one.
To my understanding Zones go through a 5 step process: Undefined, configured, installed, running, and ready. I will explain this in more detail as I go down the road further.
Let’s get our hand dirty and create a basic zone:
# zoneadm list –cv
ID NAME STATUS PATH
0 global running /
The first command is giving you a picture of your global zone which is the only zone that should be in your system using the default install. For the sake of this example we will called our basic zone testzone (off course, in your end you can call it whatever you want).
# zonecfg –z testzone
testzone: No such zone configured
Use 'create' to begin configuring a new zone.
zonecfg:testzone> create
zonecfg:testzone> set zonepath=/export/home/testzone
Save your settings by issues the commit command as follow:
zonecfg:testzone> commit
The next step will allow us to verify our settings:
zonecfg:testzone> export
create -b
set zonepath=/export/home/testzone
set autoboot=false
add inherit-pkg-dir
set dir=/lib
end
add inherit-pkg-dir
set dir=/platform
end
add inherit-pkg-dir
set dir=/sbin
end
add inherit-pkg-dir
set dir=/usr
end
Great, the above is showing us that the zone is ready to be used. Just type exit to exit the zone using the following command:
zonecfg:testzone> exit
Now that we have our zone ready, somehow we need to assign system resource and provision the zone and we will do that by performing the following steps:
# zoneadm -z testzone install
Preparing to install zone <testzone>.
Creating list of files to copy from the global zone.
Copying <2369> files to the zone.
Initializing zone product registry.
Determining zone package initialization order.
Preparing to initialize <782> packages on the zone.
Initializing package <98> of <782>: percent complete: 43%
Initialized <782> packages on zone.
Successfully initialized zone <testzone>.
When the zone finish installing the structure of itself you can check if the zone has been installed by issuing the following command.
# zoneadm list -cv
D NAME STATUS PATH
0 global running /
- testzone installed /export/home/testzone
Now that the zone is installed as we can see in the output above we need to get it ready and boot to it and we do those steps with the following commands:
# zoneadm -z testzone ready# zoneadm list -cv# zoneadm -z testzone boot
To check that everything is ready issue again zoneadm list –cv which will become your best friend in regards to zones to check their status.
# zoneadm list -cv
ID NAME STATUS PATH
0 global running /
1 testzone ready /export/home/testzone
Be aware that you are playing with a new zone and this one will need to contain a new hostname. You may want to see what is your current hostname in your global zone by issuing the hostname command in your shell, now we are ready to deploy the zone and we do this by using the zlogin command.
# zlogin -C testzone
Try pressing the return key again to display a terminal selection if you are logging into the zone for the first time. When you login into the zone make sure you read the 3 screen carefully as they will define the initial parameters for your zone.
After all the above is done, you can always add resources to make the zone more accessible. Like in the bellow example I’ll add an IP to the network interface card, the resource is not yet configurable by the zone root user, although some network configuration privileges can be handed down. Setting resource you can only set the interface and IP address; other parameters are pick up from the initial configuration of the zone.
# zonecfg -z testzone
zonecfg:testzone> add net
zonecfg:testzone:net> set address=192.168.30.62
zonecfg:testzone:net> set physical=hme0
zonecfg:testzone:net> end
zonecfg:testzone> export
create -b
set zonepath=/export/home/testzone
set autoboot=false
add inherit-pkg-dir
set dir=/lib
end
add inherit-pkg-dir
set dir=/platform
end
add inherit-pkg-dir
set dir=/sbin
end
add inherit-pkg-dir
set dir=/usr
end
add net
set address=192.168.30.62
set physical=hme0
end
zonecfg:testzone> exit
#
Keep in mind that when you exit the zonecfg command, you will still unable to plumb or configure the network card. Rebooting the zone as root, configure the resource.
# reboot
Jun 22 22:25:28 twilight reboot: rebooted by root
Jun 22 22:25:28 twilight syslogd: going down on signal 15
[NOTICE: Zone rebooting]
SunOS Release 5.10 Version s10_61 64-bit
Copyright 1983-2004 Sun Microsystems, Inc. All rights reserved.
Use is subject to license terms.
Hostname: Zonebox2
The system is coming up. Please wait.
starting rpc services: rpcbind done.
syslog service starting.
The system is ready.
Zonebox2 console login: root
Password:
Aug 18 15:37:38 Zonebox2 login: ROOT LOGIN /dev/console
Last login: Wed Aug 18 15:31:09 on console
#
# ifconfig -a
lo0:1: flags=1000849 mtu 8232 index 1
inet 127.0.0.1 netmask ff000000
hme0:1: flags=1000863 mtu 1500 index 2
inet 192.168.30.62 netmask ffffff00 broadcast 192.168.30.255
#
# hostname
Zonebox2
# exit
Zonebox2 console login: ~.
[Connection to zone 'testzone' console closed]
#
Enter zonecfg for the zone testzone when configuring or unconfiguring resources for the zone. Inthis case you will be unconfiguring the testzone network resources before deleting the zone.
# zonecfg -z testzone
zonecfg:testzone> remove net physical=hme0
zonecfg:testzone> commit
zonecfg:testzone> exit
Great!, now that we have our zone configure and we have learn the in’s and out of the topic I want to show you how to delete them from your box. Is a very simple process and I will show you using the following:
# zoneadm –z testzone halt
The above command will halt Solaris 10 and free up system resources.
# zoneadm –z testzone uninstall
The second step is Uninstalling the zone to remove the zone file usage. IN this particular step you will be ask if you are sure you want to uninstall the zone, to which off course you will type Y. Be aware that the default answer will be N.
# zonecfg -z testzone delete
The above command will take charge of deleting the configuration of the zone from the global system and we can see that by issuing zoneadm list –cv. Again that command will ask you if you are sure you want to get rid of the testzone to which you will answer Y. Lastly we want to verify that the zone was delete and we will use the following to double check:
# zoneadm list –cp
I hope that this small HOW-TO gives you an idea about zones using Solaris 10. It is a broad topic and if you really want to get your hand dirty using it I encourage you to read the docs.sun.com, at least this will give you an idea of what the world of zones is all about. I want to thank the people from opensolaris at IRC especially Jamesd, Boyd, Tsoome and the many others that have encourage me continue learning. If it wasn’t for them this little HOW-TO would have never made it online.
Many of us have heard about zones, a zone is/are a piece of software that is bundle with Solaris 10 that allows the root user of the global zone to have the capacity to dedicate system resources to individual zones. You might be asking “what are you talking about?”, well simple. Each zone maintains its own root password and user information, separate from other zones and the global system. Each zone exists as a separate Solaris environment with separate processes in file system space and can only monitor and interact with its local processes. Enough terminology, think of zones as using separate machines in the same box, the concept is very similar to that one.
To my understanding Zones go through a 5 step process: Undefined, configured, installed, running, and ready. I will explain this in more detail as I go down the road further.
Let’s get our hand dirty and create a basic zone:
# zoneadm list –cv
ID NAME STATUS PATH
0 global running /
The first command is giving you a picture of your global zone which is the only zone that should be in your system using the default install. For the sake of this example we will called our basic zone testzone (off course, in your end you can call it whatever you want).
# zonecfg –z testzone
testzone: No such zone configured
Use 'create' to begin configuring a new zone.
zonecfg:testzone> create
zonecfg:testzone> set zonepath=/export/home/testzone
Save your settings by issues the commit command as follow:
zonecfg:testzone> commit
The next step will allow us to verify our settings:
zonecfg:testzone> export
create -b
set zonepath=/export/home/testzone
set autoboot=false
add inherit-pkg-dir
set dir=/lib
end
add inherit-pkg-dir
set dir=/platform
end
add inherit-pkg-dir
set dir=/sbin
end
add inherit-pkg-dir
set dir=/usr
end
Great, the above is showing us that the zone is ready to be used. Just type exit to exit the zone using the following command:
zonecfg:testzone> exit
Now that we have our zone ready, somehow we need to assign system resource and provision the zone and we will do that by performing the following steps:
# zoneadm -z testzone install
Preparing to install zone <testzone>.
Creating list of files to copy from the global zone.
Copying <2369> files to the zone.
Initializing zone product registry.
Determining zone package initialization order.
Preparing to initialize <782> packages on the zone.
Initializing package <98> of <782>: percent complete: 43%
Initialized <782> packages on zone.
Successfully initialized zone <testzone>.
When the zone finish installing the structure of itself you can check if the zone has been installed by issuing the following command.
# zoneadm list -cv
D NAME STATUS PATH
0 global running /
- testzone installed /export/home/testzone
Now that the zone is installed as we can see in the output above we need to get it ready and boot to it and we do those steps with the following commands:
# zoneadm -z testzone ready# zoneadm list -cv# zoneadm -z testzone boot
To check that everything is ready issue again zoneadm list –cv which will become your best friend in regards to zones to check their status.
# zoneadm list -cv
ID NAME STATUS PATH
0 global running /
1 testzone ready /export/home/testzone
Be aware that you are playing with a new zone and this one will need to contain a new hostname. You may want to see what is your current hostname in your global zone by issuing the hostname command in your shell, now we are ready to deploy the zone and we do this by using the zlogin command.
# zlogin -C testzone
Try pressing the return key again to display a terminal selection if you are logging into the zone for the first time. When you login into the zone make sure you read the 3 screen carefully as they will define the initial parameters for your zone.
After all the above is done, you can always add resources to make the zone more accessible. Like in the bellow example I’ll add an IP to the network interface card, the resource is not yet configurable by the zone root user, although some network configuration privileges can be handed down. Setting resource you can only set the interface and IP address; other parameters are pick up from the initial configuration of the zone.
# zonecfg -z testzone
zonecfg:testzone> add net
zonecfg:testzone:net> set address=192.168.30.62
zonecfg:testzone:net> set physical=hme0
zonecfg:testzone:net> end
zonecfg:testzone> export
create -b
set zonepath=/export/home/testzone
set autoboot=false
add inherit-pkg-dir
set dir=/lib
end
add inherit-pkg-dir
set dir=/platform
end
add inherit-pkg-dir
set dir=/sbin
end
add inherit-pkg-dir
set dir=/usr
end
add net
set address=192.168.30.62
set physical=hme0
end
zonecfg:testzone> exit
#
Keep in mind that when you exit the zonecfg command, you will still unable to plumb or configure the network card. Rebooting the zone as root, configure the resource.
# reboot
Jun 22 22:25:28 twilight reboot: rebooted by root
Jun 22 22:25:28 twilight syslogd: going down on signal 15
[NOTICE: Zone rebooting]
SunOS Release 5.10 Version s10_61 64-bit
Copyright 1983-2004 Sun Microsystems, Inc. All rights reserved.
Use is subject to license terms.
Hostname: Zonebox2
The system is coming up. Please wait.
starting rpc services: rpcbind done.
syslog service starting.
The system is ready.
Zonebox2 console login: root
Password:
Aug 18 15:37:38 Zonebox2 login: ROOT LOGIN /dev/console
Last login: Wed Aug 18 15:31:09 on console
#
# ifconfig -a
lo0:1: flags=1000849 mtu 8232 index 1
inet 127.0.0.1 netmask ff000000
hme0:1: flags=1000863 mtu 1500 index 2
inet 192.168.30.62 netmask ffffff00 broadcast 192.168.30.255
#
# hostname
Zonebox2
# exit
Zonebox2 console login: ~.
[Connection to zone 'testzone' console closed]
#
Enter zonecfg for the zone testzone when configuring or unconfiguring resources for the zone. Inthis case you will be unconfiguring the testzone network resources before deleting the zone.
# zonecfg -z testzone
zonecfg:testzone> remove net physical=hme0
zonecfg:testzone> commit
zonecfg:testzone> exit
Great!, now that we have our zone configure and we have learn the in’s and out of the topic I want to show you how to delete them from your box. Is a very simple process and I will show you using the following:
# zoneadm –z testzone halt
The above command will halt Solaris 10 and free up system resources.
# zoneadm –z testzone uninstall
The second step is Uninstalling the zone to remove the zone file usage. IN this particular step you will be ask if you are sure you want to uninstall the zone, to which off course you will type Y. Be aware that the default answer will be N.
# zonecfg -z testzone delete
The above command will take charge of deleting the configuration of the zone from the global system and we can see that by issuing zoneadm list –cv. Again that command will ask you if you are sure you want to get rid of the testzone to which you will answer Y. Lastly we want to verify that the zone was delete and we will use the following to double check:
# zoneadm list –cp
I hope that this small HOW-TO gives you an idea about zones using Solaris 10. It is a broad topic and if you really want to get your hand dirty using it I encourage you to read the docs.sun.com, at least this will give you an idea of what the world of zones is all about. I want to thank the people from opensolaris at IRC especially Jamesd, Boyd, Tsoome and the many others that have encourage me continue learning. If it wasn’t for them this little HOW-TO would have never made it online.
posted by Solaris10 at
6:45 AM
0 Comments:
Post a Comment
<< Home