Thursday, July 23, 2009

Solaris Zones configuration and set up

Solaris Zones

Features :-

1.Virtualization like VMware
2.Solaris Zones can hosts only instances of solaris. Not other Os's
3.Limit of 8192 Zones per solaris Host
4.Primary Zone(Global) has access to all zones
5.non-global zones, do not have access to other non-global zones
6.Default non global zones derive oackages from global Zone
7.Program Isolation like zone1 for apache zone2 for mysql zone3 for databases.
8.Provides 'Z' commands to manage Zones : Zlogin zonecfg zoneadm zonename

Features of Global Zone
1.Solaris Always boots(cold/warm) to the global zone.
2.Knows about All Hardware devices attach to system
3.Knows about all non global Zones

Features of Non-Global Zones.
1.Installed at a location on the filesystem of the Global Zone
'Zone root path' /export/home/zones/zones1 {Zone2,Zone3----} this is as root directory for this zones.
2.Share Packages with Global Zone.
3.Manage distinct hostname and table files.
4.cannot communicate with other non-global zones by default.NIC must be used, which means use standard network API(TCP)
5.Global Zone admin can delegatenon-global zone administration

Zones Commands example :-

#which zonename - to check if you os has zonename commands
/usr/bin/zonename

#zonename - by default will show global zonename.
global

#z - "z' commands

Zone Configuration.

#zonecfg - to configure zones

note - zonecfg can run interactively , non -interactively, command-file modes

Requirements for non-global zones;

1.Hostname of
2.Zone root path ie /export/home/zones/testzone1
3.IP Adress - bound to logical or physical interfaces.

Zones Types:-

1.sparse Root Zones - share key fileswith global zones.
2.Whole Root Zones - require more storage

#df -k and select a slice which has more space lets example /export/home has 5GB

Steps for Configuring non-global-zone:

1.mkdir /export/home/zones/testzone1
2.chmod 700 /export/home/zones/testzone1 - for user restriction of global zone users.
3.ls -ltr /export/homes/zones

4#zonecfg -z testzone1
no such zone configured create one This error will pop when you first create a zone
>create - to create a zone
>set zonepath=/export/home/zones/testzone1 - This is the Root path for zone
>add net
>set address=192.168.1.0 - ip address
>set physocal=el000g0 - physical name of network card check with 'ifconfig -a'
> - If you are ready with you parameters press end before you can exit
>info- to see what we have set
>set autoboot=true - test zone will started automatically when system start
>info
>add attr - to add some extra parameters
attr>set name=commnet
attr>set type=string
attr>value =TestZone1
>end
>verify - verify if any error check the parameter again.
>commit - commit changes
>exit.

#list -iv - to list zones

#zoneadmin -z testzone1 install

Zone testzone1 in to installed in not ready for production so we have to get it in ready state now

#zoneadm list -iv - still u can see testzone1 has not got any id assigned like global one so now

#zoneadm -z testzone1 boot - boots the zone , changing its state from installed to ready

Simple is we are restarting the Testzone1

#zoneadm list -iv - now you can see an id is assigned and status is running.

#ps -ef | grep z
zoneadmd -z testzone1 - this process is responsible for this zone to run.

zlogin - is used to login to zones
Note - each non - global maintain a console, use 'zlogin -C testzone1' to acces that zone.

Note - zlogin permits login to non - global zone via the following messages
1.Interactive - i.e zlogin -l username zonename
2.Non -Interactive - zlogin options command
3.Console Mode - zlogin -C zonename
4.Safe Mode - zlogin -S

#zoneadm list -iv

#zlogin -C testzone1
select a laguage - 0 English
Vt100 - terminal
testzone1 press F2
Configure Kerbose - yes
name service - nis

Enter from this procure its same like installation of solaris so specify all details as required.
like dns names, nis services location places etc etc

#enter with root user and passwd
#zonename
testzone1

#zoneadm list -iv - shows all zones global and non - global

# once u r in testzone1 check /etc/passwd file u can see the system user but not users of the main system

#netstat -anp tcp

#Zoneadm -z testzone1 reboot - reboots the zone

#zlogin testzone1 shutdown - to shutdown the zone

Once Zones are created you can ssh or telnet from remote machine to connect that zone

Subscribe with a valid E-mail id so that you can get the latest updates posted in this site in your e-mails.

Enter your email address:

Delivered by FeedBurner

1 comment:

madhav4g said...

Hi vivaan,
THis site is very useful for me

Custom Search

Feeds from my other blog

Samsung S2 Brand new for 25900 White piece sealed box

For Sale, Mobile Phones - Accessories in India, Andhra Pradesh, Hyderabad. Date September 17

For Sale in Hyderabad