Introduction
Zones are virtual process environments in Solaris 10 that allows system administrator to isolate process in one zone from processes in another zone. Zones have their own (chroot) storage environment which again separates data between zones.
This post is an introduction into Solaris zones. Kindly read the Solaris zones commands quick reference for actual commands involved in managing zones.
This post is an introduction into Solaris zones. Kindly read the Solaris zones commands quick reference for actual commands involved in managing zones.
Zone Types
| Type | Abbr. | Definition | |
| Container | | Zone with resource management controls | |
| Global zone | GZ | The base OS installation. Is always present. | |
| Local zone | LZ | Any zone created manually by the administrator. Aka. non-global zone | |
| Non-global zone | NGZ | Any zone created manually by the administrator. Aka. local zone |
Zone Storage Models
- Sparse root model :- Any zone that shares any of the /lib, /platform, /sbin or /usr directories with the GZ is called a sparse root model zone.
- Whole root model :- Any zone not sharing directories with the GZ is called a whole root model zone.
Zone Features
- Granularity :- Zones can run on any number of available CPUs and amount of available memory
- Isolate :- Run the same application with different configurations
- Security :- Hacking one zone does not compromise applications running in other zones
- Transparency :- Applications do not need to be recompiled to run in zones (except for some privileged operations)
- Virtualization :- Hide configuration information from applications
- Memory capping :- Manage the memory usage of zones
- Dynamic resource pools :- Assign CPUs to zones
- Fair share scheduler :- Grant a zone minimal CPU usage
Zone states
- A running zone cannot be brought back to the ready state. A halt on a running zone will bring the zone back to the installed state.
- A zone doesn't have to be booted into the ready state before it can enter the running state. Issuing the zoneadm -z zone boot command on a zone in the installed state will have the zone be booted into the running state
Directories
/etc/zones - Zone configuration files
Zone daemons and software package parameters
Daemons
Commands
/etc/zones - Zone configuration files
Zone daemons and software package parameters
Daemons
- zoneadmd : Responsible for booting and shutting down zones
- zsched : Keeps track of kernel threads belonging to zones
- SUNW_PKG_ALLZONES - Determines the type of zone in which a package can be installed
- SUNW_PKG_HOLLOW - Determines the visibility of the package in a zone
- SUNW_PKG_THISZONE - Determines if the package must be installed in the current zone only
Commands
/usr/sbin/zlogin : Log in to zones
/usr/sbin/zoneadm : Administer zones
/usr/sbin/zonecfg : (re)Configure zones
/usr/bin/zonename : Print current zonename
/usr/sbin/zoneadm : Administer zones
/usr/sbin/zonecfg : (re)Configure zones
/usr/bin/zonename : Print current zonename
Zone Configuration
- Basic zone configuration
root@srv# zonecfg -z zone
zonecfg:zone>create
zonecfg:zone>set zonepath=/zones/zone
zonecfg:zone>set autoboot=true
zonecfg:zone>set pool=zone_pool - Storage Configuration
UFS
zonecfg:zone>add fs
zonecfg:zone:fs>set dir=/ufs
zonecfg:zone:fs>set special=/dev/dsk/c1t1d0s5
zonecfg:zone:fs>set raw=/dev/rdsk/c1t1d0s5
zonecfg:zone:fs>set type=ufs
zonecfg:zone:fs>set options=rw
zonecfg:zone:fs>end
LOFS
zonecfg:zone>add fs
zonecfg:zone:fs>set dir=/lofs
zonecfg:zone:fs>set special=/global/dir
zonecfg:zone:fs>set type=lofs
zonecfg:zone:fs>end
ZFS file system
zonecfg:zone>add fs
zonecfg:zone:fs>set dir=/zfs
zonecfg:zone:fs>set special=pool/data
zonecfg:zone:fs>set type=zfs
zonecfg:zone:fs>end
ZFS dataset
zonecfg:zone>add dataset
zonecfg:zone:dataset>set name=pool/dataset
zonecfg:zone:dataset>end
ZFS volume
zonecfg:zone>add device
zonecfg:zone:device>set match=/dev/zvol/dsk/pool/volume
zonecfg:zone:device>end
zonecfg:zone>add device
zonecfg:zone:device>set match=/dev/zvol/rdsk/pool/volume
zonecfg:zone:device>end
Inherit-pkg-dir
zonecfg:zone>add inherit-pkg-dir
zonecfg:zone:inherit-pkg-dir>set dir=/opt
zonecfg:zone:inherit-pkg-dir>end - Network configuration
zonecfg:zone>add net
zonecfg:zone:net>set physical=e1000g0
zonecfg:zone:net>set address=172.16.20.12/24
zonecfg:zone:net>end - Device configuration
zonecfg:zone>add device
zonecfg:zone:device>set match=/dev/rmt/*
zonecfg:zone:device>end - Resource configuration
Fair Share Scheduler (FSS)
zonecfg:zone>add rctl
zonecfg:zone:rctl>set name=zone.cpu-shares
zonecfg:zone:rctl>add value (priv=privileged,limit=20,action=none)
zonecfg:zone:rctl>end - Extra attributes
zonecfg:zone>add attr
zonecfg:zone:attr>set name=creator
zonecfg:zone:attr>set type=string
zonecfg:zone:attr>set value="Sys Admin"
zonecfg:zone:attr>end - Save configuration
zonecfg:zone>info
zonecfg:zone>verify
zonecfg:zone>commit
zonecfg:zone>exit
After this check directory or filesystem with /zones/zone is available with 700 permissions and check and start installation
#zoneadm -z zone verify
#zoneadm -z zone install
#zoneadm -z zone boot
#zlogin -C zone --> For Console of Zone
#zoneadm -z zone verify
#zoneadm -z zone install
#zoneadm -z zone boot
#zlogin -C zone --> For Console of Zone
