Basics
Whats the difference between a whole root zone and a sparse root zone ?
Whole root zone
– Gets its own writable copy of all file systems. Thus installation takes longer time than the sparse root zone.
whole root zone (big zone)
– Also called as big zone.
– Bigger disk footprint, thus consumes more disk space
– To create a Whole root zone we use the option -b with create sub-command :
# zonecfg -z zone01
zonecfg:zone01> create -b
Sparse root zone
– critical file systems like /usr, /lib, /etc, /platform etc are inherited from the global zone to the non-global zone as a read-only loopback file system. Thus installation is quick compared to a whole root zone.
sparse root zone (small zone)
– Also called as small zone
– The default zone type.
– small disk footprint, thus consumes less disk space.
What’s a branded zone ?
BrandZ framework extends the Solaris zones infrastructure, by creating brands. Brands enable creation of non-native operating environments in the zones. For example having a Solaris 8 or Solaris 9 zone on a Solaris 10 global zone. Or having Solaris 10 zone on Solaris 11.
What are the zone daemons/processes and their functions ?
zoneadmd – It is responsible for zone booting and shutting down.There is one zoneadmd process running for each active (ready, running or shutting down) zone on the system.
zsched – Every active zone has an associated kernel process, zsched. Kernel threads doing work on behalf of the zone are owned by zsched.
How to login to a non-global zone ?
To login to a non-global zone :
To login into the console of non-global zone :
To login into a zone in safe mode :
How to identify whether the zone is global zone or non-global zone ?
pkgcond command comes handy to identify the global or non-global zone. On a global zone when you run the commands :
global # pkgcond is_nonglobal_zone
global # echo $?
1
global # pkgcond is_global_zone
global # echo $?
0
Here the exit code for pkgcond is_global_zone command is 0 (successful) implying that it is a global zone.
Similarly, on a non-global zone :
# pkgcond is_nonglobal_zone
non-global # echo $?
0
non-global # pkgcond is_global_zone
non-global # echo $?
1
Here the exit code status 0 (success) for the command pkgcond is_global_zone implies that it is a non-global zone.
How to identify whether the zone is whole root or sparse root zone ?
Similar to the question above we can find whether the zone is whole root zone or a sparse root zone using the pkgcond command.
# pkgcond is_whole_root_nonglobal_zone
# echo $?
0 -----> (implies that it is a whole root zone)
# pkgcond is_sparse_root_nonglobal_zone
# echo $?
0 -----> (implies that it is a sparse root zone)
How to boot/reboot and halt a non-global zone ?
To boot a zone :
global # zoneadm -z [zone] boot
To reboot a zone :
global # zoneadm -z [zone] reboot
To halt a zone :
global # zoneadm -z [zone] halt
To boot a zone in single-user mode :
global # zoneadm -z [zone] boot -s
How to get a non-global zone’s configuration ?
To get a non-global zone’s configuration details :
global # zonecfg -z [zone] info
How to get performance statistics on zone ?
To get performance statistics on all the zones :
To get performance statistics on a specific zone :
global # prstat -Z [zone]
How to uninstall and delete a non-global zone ?
To uninstall a halted zone :
global # zoneadm -z zone uninstall -F
To delete an uninstalled zone :
global # zoneadm -z zone delete -F
What are the various zone states and their meaning ?
Zone state | Description |
undefined | zone’s configuration is not complete and committed. This also occurs when zone’s configuration is deleted |
configured | zone’s configuration is completed and committed. |
incomplete | Translational state. state during install or uninstall operation. |
installed | The zone configuration is completed and required packages are installed under zone’s root path |
ready | Kernel creates the zsched process, network interfaces are plumbed and file systems are mounted and devices configured. A zone ID is assigned. But no process other than zsched is started at this stage. |
running | user process associated with zone application environment are running. |
shutting down and down | Transitional states while zones are shutting down. |
Where is zone’s configuration saved ?
The zone’s configuration is saved under /etc/zones as a XML file with zone’s name. For example zone01 would have a configuration saved as :
Resource management in zones
How to add VxVM file system or raw volume to a non-global zone ?
To add a VxVM file system to a non-global zone :
global # zonecfg -z zone01
zonecfg:zone01> add fs
zonecfg:zone01:fs> set type=vxfs
zonecfg:zone01:fs> set special=/dev/vx/dsk/datadg/datavol
zonecfg:zone01:fs> set raw=/dev/vx/rdsk/datadg/datavol
zonecfg:zone01:fs> set dir=/data
zonecfg:zone01:fs> end
zonecfg:zone01> commit
zonecfg:zone01> verify
zonecfg:zone01> exit
To add a VxVM raw volume to a non-global zone :
global# zonecfg -z zone01
zonecfg:zone01> add device
zonecfg:zone01:device> set match=/dev/vx/rdsk/dg1/vol1
zonecfg:zone01:device> end
zonecfg:zone01> commit
zonecfg:zone01> verify
zonecfg:zone01> exit
How to delegate ZFS dataset to a non-global zone ?
When we delegate a dataset to a non-global zone we can do any operation on that dataset inside of the zone without requiring global zone to configure it all the time.
zonecfg:zone01> add dataset
zonecfg:zone01> set name=tank/sales
zonecfg:zone01> end
How to assign a ZFS volume to zone ?
To assign a ZFS volume to non-global zone :
global # zonecfg -z zone01
zonecfg:zone1> add device
zonecfg:zone1:device> set match=/dev/zvol/dsk/rpool/datavol
zonecfg:zone1:device> end
zonecfg:zone1> verify
zonecfg:zone1> commit
zonecfg:zone1> exit
How to configure shared/exclusive IP address to a zone ?
We can either give an exclusive IP using a dedicated interface to a non-global zone or use an existing interface in the global zone to share it with the non-global zone. When we configure an exclusive IP we have to configure IP address inside of the non-global zone and not during the configuration.
a. Exclusive IP
zonecfg:my-zone> set ip-type=exclusive
zonecfg:zone01> add net
zonecfg:zone01:net> set physical=hme0
NOTE: No need to specify IP here you can control everything from inside of the non-global zone
b. Shared IP
In this case zone uses a shared interface which is already plumbed and being used in the global zone.
zonecfg:zone01> add net
zonecfg:zone01:net> set address=192.168.1.2
zonecfg:zone01:net> set physical=hme0
zonecfg:zone01:net> set defrouter=10.0.0.1 [optional]
zonecfg:zone01:net> end
How to assign a physical disk to a non-global zone ?
We can assign an entire disk to a non-global zone :
zonecfg:zone01> add device
zonecfg:zone01:device> set match=/dev/rdsk/c0t1d0
zonecfg:zone01:device> end
How to add a loopback filesystem to zone ?
To assign a loopback filesystem to the non-global zone :
zonecfg:zone01> add fs
zonecfg:zone01:fs> set dir=/usr/local
zonecfg:zone01:fs> set special=/opt/zones/my-zone/local
zonecfg:zone01:fs> set type=lofs
zonecfg:zone01:fs> end
How to assign a UFS file system to a non-global zone ?
To assign a UFS filesystem to the non-global zone :
zonecfg:zone01> add fs
zonecfg:zone01:fs> set dir=/data01
zonecfg:my-zone01:fs> set special=/dev/dsk/c1t1d0s0
zonecfg:my-zone01:fs> set raw=/dev/rdsk/c1t1d0s0
zonecfg:my-zone01:fs> add options [logging, nosuid] (optional)
zonecfg:my-zone01:fs> end
What are the different ways to assign CPU and memory resources to zones ?
Refere the below posts for detailed steps on allocating CPU/memory resources :
Advanced
Can we move zones between systems ?
Yes, we can move zones between systems. For this we halt the zone, detach it, and then reattach it to another system.
How to change hostname/zone-name or IP address in Non-global zone ?
1. Login into the zone and edit the below files :
/etc/inet/ipnodes
/etc/inet/hosts
2. From the Global zone change the zone’s configuration :
root@global # zonecfg -z my-zone
root@global # zonecfg:my-zone> set zonename=new_name
root@global # zonecfg:newzone> commit
root@global # zonecfg:newzone> set address=x.x.x.x (where x.x.x.x is the new address)
root@global # zonecfg:newzone> end
root@global # zonecfg:newzone> verify
root@global # zonecfg:newzone> commit
root@global # zonecfg:newzone> exit
3. Reboot the zone
root@global # zoneadm -z my-zone reboot
What are the general guidelines to do live upgrade on system with non-global zones ?
1. Make sure when lucreate is running, there is no patch or packaging operation running within any non-global zone on the system. This may cause the non-global zone in Alternate Boot environment (ABE) to have files out of sync.
2. No change of state for all non-global zones during the live upgrade process. For example a halted zone can not be booted or a active zone can not be halted until the lucreate is complete.
3. Similarly if a ABE is mounted via lumount, you can not change the zone state for any non-global zone.
4. All non-global zones must be booted at least once prior to running lucreate. Running lucreate on a system where there are non-global zones in the “installed” state that have never been booted will result in various warning messages such as the following:
Making boot environment bootable.
login: login allowed only to running zones (test_sparse_oyster is 'installed').
5. All branded solaris 8 and solaris 9 zones must be halted before the lucreate command is executed.