Unixchips : Solaris Zones

Solaris zones are a type of virtualization , where we can create isolated and secured environments for applications (for example if you want to configure a solaris 10 server as a DB server and web server you can create separate zones for each of them) . For end user's these zones are look like separate machines . All these changes are in software level and default each solaris 10 machine is installing with global zone. We can access all other zones from the global zones .

Each zones has its own node name virtual network interfaces and storage assigned to it. The other benefits of the zones are it does not require dedicated memory,cpu and physical interface associated with it. It has a security boundary which will prevents interaction of processes associated with one zone with another, also you can configure separate user list for each zones.

A zone can be in one of the following states

1. Configured - configuration was completed and saved
2. Incomplete - State between install or uninstall
3. Installed-The packages are successfully installed.
4. Ready- The virtual platform has been installed.
5. Running- The zone is booted successfully and running
6.Shutting down - The zone is in the progress of shutting down.
7 Down- The zone has completed the shutdown process and down.

Here i am giving detailed steps for zone configuration for your reference

1. First we need to create a zone called testzone (this is an example , you can give any name)

bash-3.00# zonecfg -z testzone
testzone: No such zone configured
Use 'create' to begin configuring a new zone.
zonecfg:testzone> create
zonecfg:testzone> set zonepath=/zones/testzone
zonecfg:testzone> set autoboot=true
(where zonepath is the path where all the configuration files are installed and autoboot indicates zone need to be booted automatically with global or not)

2. You can see the configuration details using below command

onecfg:testzone> info
zonename: testzone
zonepath: /zones/testzone
brand: native
autoboot: true
bootargs:
pool:
limitpriv:
scheduling-class:
ip-type: shared
hostid:
inherit-pkg-dir:
dir: /lib
inherit-pkg-dir:
dir: /platform
inherit-pkg-dir:
dir: /sbin
inherit-pkg-dir:
dir: /usr
zonecfg:testzone> verify
zonecfg:testzone> commit
zonecfg:testzone>

3. Now we can see the zone is in configured status

bash-3.00# zoneadm list -cv
ID NAME STATUS PATH BRAND IP
0 global running / native shared
- testzone configured /zones/testzone native shared

4. Here i am installing the new zone

bash-3.00# zoneadm -z testzone install
Preparing to install zone <testzone>.
Creating list of files to copy from the global zone.
Copying <3022> files to the zone.
Initializing zone product registry.
Determining zone package initialization order.
Preparing to initialize <1459> packages on the zone.
Initialized <1459> packages on zone.
Zone <testzone> is initialized.
The file </zones/testzone/root/var/sadm/system/logs/install_log> contains a log of the zone installation.

5. Now if we check the status we can see the zone is in installed status

bash-3.00# zoneadm list -cv
ID NAME STATUS PATH BRAND IP
0 global running / native shared
- testzone installed /zones/testzone native shared

6. Now we can make the zone as ready status

bash-3.00# zoneadm -z testzone ready

bash-3.00# zoneadm list -cv

ID NAME STATUS PATH BRAND IP

0 global running / native shared

1 testzone ready /zones/testzone native shared

7. You can login to the zone using below command and during the initial login you have select the options as language/terminal etc

bash-3.00# zlogin -C testzone

[Connected to zone 'testzone' console] 157/157

Reading ZFS config: done.

...............................................

Select a Language

0. English

1. Japanese

2. Korean

3. Simplified Chinese

4. Traditional Chinese

Please make a choice (0 - 4), or press h or ? for help: 0

..........................................

select a Locale

0. English (C - 7-bit ASCII)

1. Bengali, India (UTF-8)

2. Chinese, Singapore (UTF-8)

3. English, India (UTF-8)

4. English, Singapore (UTF-8)

5. Gujarati, India (UTF-8)

6. Hindi UTF-8

7. Indonesian (UTF-8)

8. Kannada, India (UTF-8)

9. Malay, Malaysia (UTF-8)

10. Marathi, India (UTF-8)

11. Tamil, India (UTF-8)

12. Telugu, India (UTF-8)

13. Thai TIS620

14. Thai UTF-8

15. Go Back to Previous Screen

Please make a choice (0 - 15), or press h or ? for help: 0

..........................................................

What type of terminal are you using?

1) ANSI Standard CRT

2) DEC VT52

3) DEC VT100

4) Heathkit 19

5) Lear Siegler ADM31

6) PC Console

7) Sun Command Tool

8) Sun Workstation

9) Televideo 910

10) Televideo 925

11) Wyse Model 50

12) X Terminal Emulator (xterms)

13) CDE Terminal Emulator (dtterm)

14) Other

Type the number of your choice and press Return:

You did not enter a selection.

What type of terminal are you using?

1) ANSI Standard CRT

2) DEC VT52

3) DEC VT100

4) Heathkit 19

5) Lear Siegler ADM31

6) PC Console

7) Sun Command Tool

8) Sun Workstation

9) Televideo 910

10) Televideo 925

11) Wyse Model 50

12) X Terminal Emulator (xterms)

13) CDE Terminal Emulator (dtterm)

14) Other

Type the number of your choice and press Return: 1

Creating new rsa public/private host key pair

Creating new dsa public/private host key pair

Configuring network interface addresses:.

- Host Name --------------------------------------------------------------------

Enter the host name which identifies this system on the network. The name

must be unique within your domain; creating a duplicate host name will cause

problems on the network after you install Solaris.

A host name must have at least one character; it can contain letters,

digits, and minus signs (-).

Host name

vm-testzone

........................................................................

-------------------------------------------------------------------------------- Esc-2_Continue Esc-6_Help

Esc-2_Continue Esc-6_Help

- Confirm Information ----------------------------------------------------------

> Confirm the following information. If it is correct, press F2;

to change any information, press F4.

Host name: vm-testzone

Esc-2_Continue Esc-4_Change Esc-6_Help

- Time Zone --------------------------------------------------------------------

On this screen you must specify your default time zone. You can specify a

time zone in three ways: select one of the continents or oceans from the

list, select other - offset from GMT, or other - specify time zone file.

> To make a selection, use the arrow keys to highlight the option and

press Return to mark it [X].

Continents and Oceans

----------------------------------

- [ ] Africa

| [ ] Americas

| [ ] Antarctica

| [ ] Arctic Ocean

| [X] Asia

| [ ] Atlantic Ocean

| [ ] Australia

| [ ] Europe

v [ ] Indian Ocean

-------------------------------------------------------------------------------- Esc-2_Continue Esc-6_Help

Esc-2_Continue Esc-6_Help

- Country or Region ------------------------------------------------------------

> To make a selection, use the arrow keys to highlight the option and

press Return to mark it [X].

Countries and Regions

------------------------

^ [ ] Armenia

| [ ] Azerbaijan

| [ ] Bahrain

| [ ] Bangladesh

| [ ] Bhutan

| [ ] Brunei

| [ ] Cambodia

| [ ] China

| [ ] Cyprus

| [ ] East Timor

| [ ] Georgia

| [ ] Hong Kong

v [X] India

-------------------------------------------------------------------------------- Esc-2_Continue Esc-6_Help

Esc-2_Continue Esc-6_Help

- Confirm Information ----------------------------------------------------------

> Confirm the following information. If it is correct, press F2;

to change any information, press F4.

Time zone: Asia/Calcutta

..............................................

Esc-2_Continue Esc-4_Change Esc-6_Help

- Root Password ----------------------------------------------------------------

Please enter the root password for this system.

The root password may contain alphanumeric and special characters. For

security, the password will not be displayed on the screen as you type it.

> If you do not want a root password, leave both entries blank.

Root password: ********

-------------------------------------------------------------------------------- Esc-2_Continue Esc-6_Help

Esc-2_Continue Esc-6_Help

rebooting system due to change(s) in /etc/default/init

[NOTICE: Zone rebooting]

SunOS Release 5.10 Version Generic_142910-17 32-bit

Hostname: vm-testzone

Reading ZFS config: done.

8. Now we have to assign the IP to the particular zone

bash-3.00# zonecfg -z testzone

zonecfg:testzone> add net

zonecfg:testzone:net> set address=192.168.1.12

zonecfg:testzone:net> set physical=e1000g0

zonecfg:testzone:net> export

zonecfg:testzone:net> end

zonecfg:testzone> export

create -b

set zonepath=/zones/testzone

set autoboot=true

set ip-type=shared

add inherit-pkg-dir

set dir=/lib

end

add inherit-pkg-dir

set dir=/platform

end

add inherit-pkg-dir

set dir=/sbin

end

add inherit-pkg-dir

set dir=/usr

end

add net

set address=192.168.1.12

set physical=e1000g0

end

Now we can see the ip details from global zone

bash-3.00# ifconfig -a

lo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1

inet 127.0.0.1 netmask ff000000

lo0:1: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1

zone testzone

inet 127.0.0.1 netmask ff000000

e1000g0: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2

inet 192.168.1.11 netmask ffffff00 broadcast 192.168.1.255

ether 8:0:27:fd:ad:b8

e1000g0:1: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2

zone testzone

inet 192.168.1.12 netmask ffffff00 broadcast 192.168.1.255

Hope you got a brief idea about zones..

Thank you..

Unixchips

Wednesday, January 7, 2015

Solaris Zones

1 comment: