Vic/containers

From Summerseas

Sun introduced zones/containers with the first release of Solaris 10. Solaris Zones, simply put, is a virtualization technology which may be used to provide an isolated application environment for applications needing such an environment. In addition to zones/containers Sun has provided server consolidation technology via Dynamic Domains for quite a while and more recently via Logical Domains which are available only with chip multithreading architecture i.e. Sparc T1 and T2.

Contents 1 A Couple of Notes Before Creating Zones 2 Example configuration 3 Example of Zone Creation Using Command Files 4 Adding a ZFS dataset 5 Mounting a loopback filesystem in the zone 6 Installing and Booting the newly Created Zone 7 Zone Management Tips

A Couple of Notes Before Creating Zones

• If your zone will be running any application needing to write to /usr or /sbin then you need to create a whole root zone otherwise creating the default sparse root zone will save space and time.
• A whole root zone (create -b) requires about 5 GB of space. Add a few more GB for /var so a typical whole root zone should have maybe 8GB of disk space. A sparse root zone requires about 700MB. It would be a good idea to make sparse root zones maybe 3gb total to allow for log growth etc.
• Simple perl script to create several containers
• Zone Manager Script from OpenSolaris
• Good HowTo Doc...

Example configuration

• This example shows a zone being created in interactive mode and then installed.

[root@sunx4200-shu02--->]zonecfg -z newzone
newzone: No such zone configured
Use 'create' to begin configuring a new zone.
zonecfg:newzone> create
zonecfg:newzone>  set zonepath=/zones/sunx4200-shu02-zone1
zonecfg:newzone> set autoboot=true
zonecfg:newzone> add net
zonecfg:newzone:net> set address=10.60.181.229
zonecfg:newzone:net> set physical=e1000g1
zonecfg:newzone:net> end
zonecfg:newzone> verify
zonecfg:newzone> exit

[root@sunx4200-shu02--->]zoneadm -z sunx4200-shu02-zone1 install

• Commands
  • zlogin -C zonename (Connect to the zone console)
  • zlogin zonename (Login to a zone)
  • zoneadm -z zonename boot|halt (Start/Stop a zone)
  • zoneadm list -cv (List all the zones and their states)
  • zonecfg -z newzone -f /var/zone-templates/apache_template

Example of Zone Creation Using Command Files

• Zones may be created with command files.
  • zonecfg -z newzone -f /var/zone-templates/apache_template
  • The apache_template file might look like this...

create
set zonepath=/zones/newzone
set autoboot=true
add net
set address=10.60.181.230
set physical=e1000g1
end
commit

Adding a ZFS dataset

add dataset
set name=apache/docs
end
commit

Mounting a loopback filesystem in the zone

• If you have a filesystems in the global zone and you want to make it available to all the local zones, consider mounting it as a loopback filesystem in the local zone.
• Example:
  • In the global zone you have a filesystem mounted as /webdocs and you want it available to several zones whose zone paths are /zonepool/zone1, /zonepool/zone2 etc.
  • Do the following from the global zone.
    • mkdir /zonepool/zone1/root/zoneshare
    • mount -F lofs /webdocs/zoneshare /zonepool/zone1/root/zoneshare
  • Now login to zone 1 and verify the loopback mount.

[root@ldom2--->]zlogin zone1
[Connected to zone 'zone1' pts/4]
Last login: Thu Jan  3 16:11:06 from 192.168.100.21
Sun Microsystems Inc.   SunOS 5.10      Generic January 2005
[root@ldom1-z1--->]df -k
Filesystem            kbytes    used   avail capacity  Mounted on
/                    82095318 4579448 77515870     6%    /
/dev                 82095318 4579448 77515870     6%    /dev
/lib                 11952412 4309874 7523014    37%    /lib
/platform            11952412 4309874 7523014    37%    /platform
/sbin                11952412 4309874 7523014    37%    /sbin
/usr                 11952412 4309874 7523014    37%    /usr
proc                       0       0       0     0%    /proc
ctfs                       0       0       0     0%    /system/contract
mnttab                     0       0       0     0%    /etc/mnttab
objfs                      0       0       0     0%    /system/object
swap                 7379472     296 7379176     1%    /etc/svc/volatile
fd                         0       0       0     0%    /dev/fd
swap                 7379208      32 7379176     1%    /tmp
swap                 7379208      32 7379176     1%    /var/run
/zoneshare           30691974      36 30691937     1%    /zoneshare

• • We can see that /zoneshare is in fact mounted. Success!
  • Now repeat the steps for the other zones needing access to /zoneshare

Installing and Booting the newly Created Zone

• Now the zone is created. Next install it and boot it then connect to the console.
  • zoneadm -z newzone install
  • zoneadm -z newzone boot
  • zlogin -C newzone

Zone Management Tips

• After the zone is installed copy a sysidcfg file to the zone's /etc directory. The sysidcfg file will be used by the zone during boot to set the initial root password, configure the hostname and IP address among other things.
• Create generic.xml files to automatically configure services which will run in the zone.
  • Example - Suppose you have created a zone where you intend to run an Apache web server. After enabling and disabling services as desired, extract the service configuration to a generic.xml file...
    • svccfg extract > generic.xml
  • Now move generic.xml to /zonepath/root/var/svc/profile/generic.xml of zone prior to first boot. This would be typically done by a jumpstart finish script or by a zone creation script or even manually.
• With a little planning zone creation and configuration can be fully automated.