Thursday, May 10, 2012

Bare Minimal Solaris 11 Zone

Creation and administration of local zones on Solaris 11 has become simpler since its public release in Solaris 10. This short article demonstrates the minimal steps required to create your own zone(s) in a global-zone.

1 Create the zone
First what you need is a running Solaris 11 installation, either on VMware, VirtualBox or running on native hardware. I used Oracle VirtualBox in this demonstration.

Log in with the id you created during the Solaris 11 installation. su to root as you may need more than a root role to complete the creation of a zone.

In its simplest form, a zone can be had with the following command:

# zonecfg -z webzone01 "create;set zonepath=/zones/webzone01;exit"

1.1 sub-commands explained

create: This creates a Solaris 11 zone called 'webzone01'

set zonepath=/zones/webzone01: This specifies the storage of the zone in a ZFS pool visible to the global zone.

exit: Exits the zonecfg configuration mode (and finishes up).

There are other configurations involved during zone creation. See man zonecfg (1M).

1.2 List the newly created zone

# zoneadm list -cv


  ID NAME             STATUS     PATH                           BRAND    IP   
   0 global           running    /                              solaris  shared
   - webzone01        configured /zones/webzone01               solaris  excl
See man zoneadm (1M) for more infomation.

1.2 The resultant 'webzone01' zone
Use the following command to inpect the configuration of the newly created zone.

# zonecfg -z webzone01 info

zonename: webzone01
zonepath: /zones/webzone01
brand: solaris
autoboot: false
bootargs:
file-mac-profile:
pool:
limitpriv:
scheduling-class:
ip-type: exclusive
hostid:
fs-allowed:
anet:
 linkname: net0
 lower-link: auto
 allowed-address not specified
 configure-allowed-address: true
 defrouter not specified
 allowed-dhcp-cids not specified
 link-protection: mac-nospoof
 mac-address: random
 mac-prefix not specified
 mac-slot not specified
 vlan-id not specified
 priority not specified
 rxrings not specified
 txrings not specified
 mtu not specified
 maxbw not specified
 rxfanout not specified
The highlighted fields are those we specified during creation, the rest are default values. The 'anet' and 'ip-type' resource types deserve another article of explanation. I will write about it later.

Now you should have a zone in the 'configured' state. In summary, the typical state transition for a zone from its creation to its deletion can be depicted as follow. See man zoneadm (1M) for more information.

configured --> installed --> running
     |             |
incomplete        down
     |             |
configured        installed

2 Install the zone
Before install a zone, make sure that you have the IPS repository is configured. The zoneadm requires package from the IPS for zone installation. See this article for setting up a local IPS repository. Alternatively, you can mount the ISO image sol-11-1111-repo-full.iso directly and set-up the publisher to point directly to the file location.

# zoneadm -z webzone01 install

A ZFS file system has been created for this zone.
Progress being logged to /var/log/zones/zoneadm.20120509T131933Z.webzone01.install
       Image: Preparing at /zones/webzone01/root.

 Install Log: /system/volatile/install.3582/install_log
 AI Manifest: /tmp/manifest.xml.LCaG.g
  SC Profile: /usr/share/auto_install/sc_profiles/enable_sci.xml
    Zonename: webzone01
Installation: Starting ...

              Creating IPS image
              Installing packages from:
                  solaris
                      origin:  http://localhost:1008/solaris/5253829a2447d746e843a409669e9ab0ad8bf9f0/
DOWNLOAD                                  PKGS       FILES    XFER (MB)
Completed                              167/167 32062/32062  175.8/175.8

PHASE                                        ACTIONS
Install Phase                            44313/44313 

PHASE                                          ITEMS
Package State Update Phase                   167/167 
Image State Update Phase                         2/2 
Installation: Succeeded

        Note: Man pages can be obtained by installing pkg:/system/manual

 done.

        Done: Installation completed in 229.231 seconds.


  Next Steps: Boot the zone, then log into the zone console (zlogin -C)

              to complete the configuration process.

Log saved in non-global zone as /zones/webzone01/root/var/log/zones/zoneadm.20120509T131933Z.webzone01.install

Read the stdout carefully to ensure no error has occurred. Proceed with booting up the zone and complete the configuration as instructed.

3 Booting up
This step is accomplished with the following command

# zoneadm -z webzone01 boot

The boot process should be quick. I have not researched how a booting process can fail, if you don't see anything in stderr then your booting process has probably gone well.

A non-persistent vnic (most likely to be named after the name and interface name of your zone; example: webzone01/net0) will be created for you when the system booted so you don't need to worry about that for now. The vnic will be delete after the zone shuts down. We will explore the relationship between vnic's and zone in another article.

4 Configure the zone
Login to the zone by using this command

# zlogin -C webzone01
[Connected to zone 'webzone01' console]

You will be presented with the configuration screen as you would the global zone. Follow the steps and complete the configuration. It is a normal production practice to assign an IP address to the zone so it resides in the same subnet as the global zone. This reduces the network administration chore.



Configure the network manually. A static IP address for a web server is good for you. Don't worry about the /29 subnet, use anything you like.



No DNS for now, will be covered in another article when we hook this machine up to a Windows 2008 R2 DNS server.



Hit F2 to apply the configuration!

Upon completing the steps above, you will be presented with a login screen.

Exiting System Configuration Tool. Log is available at:

/var/tmp/install/sysconfig.log

Hostname: websvr01

May 10 00:03:27 websvr01 sendmail[7721]: My unqualified host name (websvr01) unknown; sleeping for retry
May 10 00:03:27 websvr01 sendmail[7724]: My unqualified host name (websvr01) unknown; sleeping for retry



Login using the id you supplied in one of the configuration step, perform a 'uname -a' you should see this

websvr01 console login: admin
Password:
Oracle Corporation      SunOS 5.11      11.0    November 2011
admin@websvr01:~$ uname -a
SunOS websvr01 5.11 11.0 i86pc i386 i86pc
admin@websvr01:~$





Try the ipadm and dladm command and you shall see the plumbing all done for you.



Alright, that's all for now, in the next article we will install iPlanet web server into this brand new zone.



Cheers,












at



























Labels:
,


















No comments:















Post a Comment


















        

      









Subscribe to:
Post Comments (Atom)