|
Solaris Zones
The Solaris Zones partitioning technology is used to virtualize operating system services and provide an isolated and secure environment for running applications. A zone is a virtualized operating system environment created within a single instance of the Solaris Operating System. When you create a zone, you produce an application execution environment in which processes are isolated from the rest of the system. This isolation prevents processes that are running in one zone from monitoring or affecting processes that are running in other zones.Zones can be used on any machine that is running the Solaris 10 release. The upper limit for the number of zones on a system is 8192. The number of zones that can be effectively hosted on a single system is determined by the total resource requirements of the application software running in all of the zones.
Global Zones
Every Solaris system contains a global zone.The global zone is both the default zone for the system and the zone used for system-wide administrative control. The global zone is the only zone from which a non-global zone can be configured, installed, managed, or uninstalled. Only the global zone is bootable from the system hardware. Administration of the system infrastructure, such as physical devices, routing in a shared-IP zone, or dynamic reconfiguration (DR), is only possible in the global zone. Each zone, including the global zone, is assigned a zone name. The global zone always has the name global. Each zone is also given a unique numeric identifier, which is assigned by the system when the zone is booted. The global zone is always mapped to ID 0
Non-Global Zones
A non-global zone is a guest domain instance created from global zone.Non-global zones can be created and configured using the commands zonecfg,zoneadm.
There are two types of non-global zones as follows, Sparse root Sparse root model optimizes the sharing of resources with global zone.It uses the parameter inherit-pkg-dir to inherit resources from global zone.
Whole root
Whole root modle provides the maximum configurability. This model do not inherit any resource from global zone.All of the required and any selected optional Solaris packages are installed into the private file systems of the zone
We will see the procedure to configure and install sparse and whole root zones.
Configuring Zones
Create a zonepath directory where the zone specific files will be installed and modify the zonepath directory permission to 700.
# mkdir -p /zones/testzone #chmod 700 /zones/testzone
Create the zone using zonecfg -z command,
# zonecfg -z testzone
testzone: No such zone configured
Use 'create' to begin configuring a new zone.
To configure sparse root use "create" subcommand without any arguments zonecfg:testzone> create
zonecfg:testzone> info
zonename: testzone
zonepath:
brand: native
autoboot: false
bootargs:
pool:
limitpriv:
scheduling-class:
ip-type: shared
inherit-pkg-dir: - non-global zone inherit resources from global zone
dir: /lib
inherit-pkg-dir:
dir: /platform
inherit-pkg-dir:
dir: /sbin
inherit-pkg-dir:
dir: /usr
zonecfg:testzone>
To configure whole root use "create -b" subcommand zonecfg:testzone> create -b
zonecfg:testzone> info
zonename: testzone
zonepath:
brand: native
autoboot: false
bootargs:
pool:
limitpriv:
scheduling-class:
ip-type: shared
zonecfg:testzone>
zonecfg:testzone> set zonepath=/zones/testzone
zonecfg:testzone> set autoboot=true
zonecfg:testzone> add net
zonecfg:testzone:net> set address=[provide ip here]
zonecfg:testzone:net> set physical=[provide interface name here]
zonecfg:testzone:net> end
zonecfg:testzone> commit
zonecfg:testzone> info
zonename: testzone
zonepath: /zones/testzone
brand: native
autoboot: true
bootargs:
pool:
limitpriv:
scheduling-class:
ip-type: shared
inherit-pkg-dir:
dir: /lib
inherit-pkg-dir:
dir: /platform
inherit-pkg-dir:
dir: /sbin
inherit-pkg-dir:
dir: /usr
net:
address: IP ADDRESS
physical: INTERFACE
zonecfg:testzone>
zonecfg:testzone> exit
Installing zone Use zoneadm -z install command to install the zones.Sparse root installation takes less time than whole root as the complete global file system will not be copied.
# zoneadm -z testzone install
Preparing to install zone .
Creating list of files to copy from the global zone.
Copying files to the zone.
Initializing zone product registry.
Determining zone package initialization order.
Preparing to initialize packages on the zone.
Initializing package of : percent complete: 84%
Dec 30 18:55:03 unknown last message repeated 79 times
Initializing package of : percent complete: 84%
Initialized packages on zone.
Zone is initialized.
Installation of packages was skipped.
Installation of these packages generated warnings:
The file contains a log of the zone installation.
#
Zone Booting
# zoneadm -z testzone boot Connect to the zone console using zlogin command and do the initial system configurations like locale,hostname,etc # zlogin -C testzone
Select a Language 0. English
1. French
2. German
3. Italian
4. Japanese
5. Korean
6. Simplified Chinese
7. Spanish
8. Swedish
9. Traditional Chinese Please make a choice (0 - 9), or press h or ? for help: 0
... User "~." key press to come out of the zone console.
Zone status
zoneadm list command can be used to view the zone status. # zoneadm list -cv
ID NAME STATUS PATH BRAND IP
0 global running / native shared
1 testzone running /zones/testzone native shared
#
Zone Administration
Halting the zone
#zoneadm -z testzone halt
Booting the zone #zoneadm -z testzone boot Rebooting the zone #zoneadm -z testzone reboot
Zone Uninstall To completly remove a zone, you need to uninstall the zone first using zoneadm command and then remove the zone configuration using zonecfg. # zoneadm -z testzone uninstall
Are you sure you want to uninstall zone testzone (y/[n])? y
#
zone status will be changed as "Configured" after uninstalling the zone using zoneadm command # zoneadm list -cv
ID NAME STATUS PATH BRAND IP
0 global running / native shared
- testzone configured /zones/testzone native shared
#
Use zonecfg delete to remove the zone configuration # zonecfg -z testzone delete
Are you sure you want to delete zone testzone (y/[n])? y
#
|
