Solaris Zones

por | 19 marzo, 2008
0 comentarios

#### Solaris Zones #####

Features:
1. Virtualization
2. Solaris Zones can host only instances of Solaris. Not other OSs.
3. Limit of 8192 zones per Solaris hosts.
4. Primary zone (global) has access to All zones
5. Non-global zones, do NOT have access to other non-global zones.
6. Default non-global zones derive packages from global zones.
7. Program isolation – zone 1 ( Apache ), zone 2 ( MySQL ), zone 3 ( DNS )
8. Provides ‘z’ commands to manage zones: zlogin, zonename, zoneadm, zonecfg

bash-3.00# which zonename
/usr/bin/zonename

bash-3.00# zonename
global

#### Features of GLOBAL zone #####
1. Solaris ALWAYS boots (cold/warm) to the global zone
2. Knows about ALL hardware devices attached to the system
3. Knows about ALL non-global zones

#### Features of NON-GLOBAL zones #####
1. Installed at a location on the filesystem of the Global Zone ‘zone root path’ /export/home/zones/{zone1, zone2,zone3…}
2. Share packages with GLOBAL zone
3. Manage distinct hostname and tables files
4. Cannot communicate with other non-global zones by default. NIC must be used, which means, use standard network API ( TCP )
5. GLOBAL zone admin. can delegate non-global zone administration

#####Zone Configuration##############
Use: zonecfg – to configure zones
Note: zonecfg can be run: interactive, non-interactively, command-file modes.

Requirements for non.global zones:
1. hostname
2. zone root path. i.e. /export/home/zones/testzone1
3. IP address – bound to logical or physical interface
( 100 MB minimum configuration )

Zone types:
1. Sparse Root Zones – share key files with global zone
2. Whole Root Zones ( Totally independed, require more storage)

Steps for configuring non-global zone:

1. mkdir

bash-3.00# mkdir /export/home/zones
bash-3.00# mkdir /export/home/zones/testzone1 && chmod 700 /export/home/zones/testzone1

2. zonecfg -z  testzone1
3. create
4. set zonepath=/export/home/zones/testzone1 – sets roots zone
5. add net 
6. set address=192.168.1.60 
7. set physical=pcn0  
8. end
9. (optional) set autoboot=true – testzone1 will be started when the system boots
10. (optional ) add attr ; set name=comment; set type=string; set value=”TestZone1”
11. verify – verifies zone for erros.
12. commit – commit changes
13. Zone installation – zoneadm -z testzone1 install
‘testzone1’ into ‘installed’ state NOT ready for production.
14. zoneadm -z testzone1 boot – boot zone

bash-3.00# zonecfg -z  testzone1
testzone1: No such zone configured
Use ‘create’ to begin configuring a new zone.
zonecfg:testzone1>
zonecfg:testzone1> create
zonecfg:testzone1> set zonepath=/export/home/zones/testzone1
zonecfg:testzone1> set address=192.168.1.60
zonecfg:testzone1> add net
zonecfg:testzone1:net> set address=192.168.1.60
zonecfg:testzone1:net> set physical=pcn0
zonecfg:testzone1:net> end
zonecfg:testzone1> info
zonename: testzone1
zonepath: /export/home/zones/testzone1
brand: native
autoboot: false
bootargs:
pool:
limitpriv:
scheduling-class:
ip-type: shared
inherit-pkg-dir:
        dir: /lib
inherit-pkg-dir:
        dir: /platform
inherit-pkg-dir:
        dir: /sbin
inherit-pkg-dir:
        dir: /usr
net:
        address: 192.168.1.60
        physical: pcn0
zonecfg:testzone1> set autoboot=true
zonecfg:testzone1>

 zonecfg:testzone1> add attr
zonecfg:testzone1:attr> set name=comment
zonecfg:testzone1:attr> set type=string
zonecfg:testzone1:attr> set value=»TestZone1″
zonecfg:testzone1:attr> end
zonecfg:testzone1> info
zonename: testzone1
zonepath: /export/home/zones/testzone1
brand: native
autoboot: true
bootargs:
pool:
limitpriv:
scheduling-class:
ip-type: shared
inherit-pkg-dir:
        dir: /lib
inherit-pkg-dir:
        dir: /platform
inherit-pkg-dir:
        dir: /sbin
inherit-pkg-dir:
        dir: /usr
net:
        address: 192.168.1.60
        physical: pcn0
attr:
        name: comment
        type: string
        value: TestZone1
zonecfg:testzone1> end
The end command only makes sense in the resource scope.
zonecfg:testzone1> verify
zonecfg:testzone1>

 bash-3.00# zoneadm list -iv
  ID NAME             STATUS     PATH                           BRAND    IP   
   0 global           running    /                              native   shared

bash-3.00# zonecfg -z testzone1 info
zonename: testzone1
zonepath: /export/home/zones/testzone1
brand: native
autoboot: true
bootargs:
pool:
limitpriv:
scheduling-class:
ip-type: shared
inherit-pkg-dir:
        dir: /lib
inherit-pkg-dir:
        dir: /platform
inherit-pkg-dir:
        dir: /sbin
inherit-pkg-dir:
        dir: /usr
net:
        address: 192.168.1.60
        physical: pcn0
attr:
        name: comment
        type: string
        value: TestZone1

bash-3.00# zoneadm -z testzone1 install
Preparing to install zone <testzone1>.
Creating list of files to copy from the global zone.
Copying <7644> files to the zone.
Initializing zone product registry.
Determining zone package initialization order.
Preparing to initialize <1045> packages on the zone.
Initialized <1045> packages on zone.                                
Zone <testzone1> is initialized.
The file </export/home/zones/testzone1/root/var/sadm/system/logs/install_log> contains a log of the zone installation.

bash-3.00# zoneadm list -iv
  ID NAME             STATUS     PATH                               BRAND    IP   
   0 global           running    /                                         native   shared
 – testzone1        installed  /export/home/zones/testzone1   native   shared

bash-3.00# zoneadm -z testzone1 boot
zoneadm: zone ‘testzone1’: WARNING: pcn0:1: no matching subnet found in netmasks(4) for 192.168.1.60; using default of 255.255.255.0.
bash-3.00# echo $?
0