Documente Academic
Documente Profesional
Documente Cultură
Solaris Zones
• Introduction to Zones
• Types of zones
• Zone States
• Zone Features
• Configuring a Zone
• Installing a Zone
Introduction to Zones
• New feature of Solaris 10
• Provide a virtual operating system
environment within a physical instance of
Solaris 10
• Applications can run in an isolated, and
secure environment.
• Even a privileged user in a zone can’t
monitor or access process running in a
different zone.
Types of Zones
• Global
• Default zone – used for system wide configuration
and control – Every system contains a global zone
and there can be only one Global zone on a
physical Solaris Server.
• Non-Global
• Created from Global zone & managed by it – 8192
non-Global zones on a single physical system
Zone States
• Configured
• When the configuration is completed & the storage is committed.
• Incomplete
• A zone is set to this state during an install or uninstall operation.
Upon completion of the operation, it changes to the correct state.
• Installed
• Confirmed configuration-packages are installed under zone’s root
path-but no virtual platform associated with it.
• Ready
• Virtual platform is established. The kernel creates the zsched
process-network interfaces are plumbed & file system are mounted-
The system assigns a zone ID-but no processes associated with
this zone.
• Running
• A zone enters this state when the first user process is created. This
is the normal state for an operational zone.
• Shutting Down + Down
• Transitional states that are only visible while a zone is in the
process of being halted. If a zone can’t shutdown for any reason,
then it will lso display this state.
Global Zone Features
• Assigned zone ID 0 (zero) by the system.
• Provides the single bootable instance of the Solaris
Operating Environment that runs on the system
• Contains a full installation of Solaris system packages.
• Contains a complete product database of all installed
software components
• Holds configuration information specific to the global
zone, such as global zone hostname and the file system
table
• Only zone aware of all file systems, devices on the
system, non-global zones, configuration of non-global
zones.
• From this zone, non-global zone can be configured,
installed, managed and uninstalled.
Non-Global Zone Features
• Assigned a zone ID by the system when it is booted.
• Shares the Solaris kernel that is booted from the global
zone.
• Contains a subset of the installed Solaris system packages
• Can contain additional software packages, shared or not
shared from the global zone.
• Includes software that was installed independently of the
global zone as well as software shared from the global
zone.
• Not aware of the existence of other zones
• Can’t install, manage or uninstall other zones, including
itself.
• Contains configuration information specific to itself, the
non-global zone, such as non-global zone hostname and
file system table.
Zone Daemons
• Two daemon processes, zoneadmd & zsched
• Zoneadmd
• Starts when a zone needs to be managed – an instance of
zoneadmd will be started for each zone – started
automatically by SMF and is also shutdown automatically
when no longer required – allocates zone ID – sets system-
wide resource controls – prepares the zone’s devices –
plumbs the virtual network interface – mounts any loop back
or conventional file systems
• Zsched
• Started by zoneadmd – exists for each active zone – used to
keep track of kernel threads running within the zone – aka
zone scheduler
Configuring a Zone using zonecfg command
or
vi /etc/zones/<zonename>.xml
Creating whole root zone
• 1. mkdir –p /export/zones/zone1
chmod 700 /export/zones/zone1
2. Zonecfg –z zone1
>create
>set zonepath=/export/zones/zone1
>set autoboot=true
>add net
>set address=100.10.20.40
>set physical=hme0
>end
>add rctl
>set name=zone.cpu-shares
>add value (priv=privileged,limit=20,action=none)
>end
>add attr
>set name=comment
>set type=string
>set value=“Whole root zone”
>end
>remove inherit-pkg-dir dir=/lib
>remove inherit-pkg-dir dir=/platform
>remove inherit-pkg-dir dir=/sbin
>remove inherit-pkg-dir dir=/usr
>verify
>commit
>exit
3. #zoneadm –z zone1 list –v
4. #zoneadm –z zone1 verify
5. #zoneadm –z zone1 install
6. #zoneadm –z zone1 ready
#zoneadm –z zone1 boot
7. #zlogin –C zone1
DEMO