TOTD #68: Installing Zones in Open Solaris 2008/11 on Virtual Box

The TOTD #64 describes how to install Open Solaris 2008/11 using Virtual Box. This Tip Of The Day (TOTD) is going to explain how to install non-global zones (aka Solaris Containers) on this Open Solaris image. Containers provide an operating-system level virtualization technology.

Thanks for the extensive discussion at zones-discuss forums, Bill Walker for lots of off-line support, and last but not the least Marcelo Arbore's nice blog showing how to install GlassFish in an Open Solaris zone.

This blog is going to focus on installing couple of non-global containers/zones in the Virtual Box image with all gory details. A later blog will show how to leverage these zones to demonstrate GlassFish High Availability.

Lets get started!

To begin with, there is one global zone always installed as shown below (user inputs highligted in bold):

arun@opensolaris:~# zoneadm list -vi
  ID NAME             STATUS     PATH                           BRAND    IP
   0 global           running    /                              native   shared

Lets install the zone. The IP address is specified in 192.168.0.XXX range ...

arun@opensolaris:~# zonecfg -z zone1
zone1: No such zone configured
Use 'create' to begin configuring a new zone.
zonecfg:zone1> create
zonecfg:zone1> set zonepath=/export/home/zone1
zonecfg:zone1> set autoboot=true
zonecfg:zone1> add net
zonecfg:zone1:net> set address=192.168.0.99/24
zonecfg:zone1:net> set physical=e1000g0
zonecfg:zone1:net> end
zonecfg:zone1> commit
zonecfg:zone1> exit
arun@opensolaris:~# zoneadm -z zone1 install
A ZFS file system has been created for this zone.
  Authority: Using http://pkg.opensolaris.org/release/.
      Image: Preparing at /export/home/zone1/root ... done.
      Cache: Using /var/pkg/download.
 Installing: (output follows)
DOWNLOAD                                    PKGS       FILES     XFER (MB)
Completed                                  52/52   7862/7862   72.41/72.41

PHASE                                        ACTIONS
Install Phase                            12939/12939
PHASE                                          ITEMS
Reading Existing Index                           9/9
Indexing Packages                              52/52

       Note: Man pages can be obtained by installing SUNWman
Postinstall: Copying SMF seed repository ... done.
Postinstall: Working around http://defect.opensolaris.org/bz/show_bug.cgi?id=741
       Done: Installation completed in 165.652 seconds.

 Next Steps: Boot the zone, then log into the zone console
             (zlogin -C) to complete the configuration process
arun@opensolaris:~# zoneadm -z zone1 boot
arun@opensolaris:~# zlogin -C zone1
[Connected to zone 'zone1' console]
68/68
Reading ZFS config: done.
Mounting ZFS filesystems: (6/6)

Specify the type of terminal ...

What type of terminal are you using?
 1) ANSI Standard CRT
 2) DEC VT100
 3) PC Console
 4) Sun Command Tool
 5) Sun Workstation
 6) X Terminal Emulator (xterms)
 7) Other
Type the number of your choice and press Return: 1
Creating new rsa public/private host key pair
Creating new dsa public/private host key pair
Configuring network interface addresses: e1000g0.

Configure NIC ...

- Host Name for e1000g0:1 ------------------------------------------------------
  Enter the host name which identifies this system on the network.  The name
  must be unique within your domain; creating a duplicate host name will cause
  problems on the network after you install Solaris.

  A host name must have at least one character; it can contain letters,
  digits, and minus signs (-).


    Host name for e1000g0:1 zone1






- Confirm Information for e1000g0:1 --------------------------------------------
  > Confirm the following information.  If it is correct, press F2;
    to change any information, press F4.


    Host name: zone1

No Kerberos ...

- Configure Security Policy: ---------------------------------------------------
  Specify Yes if the system will use the Kerberos security mechanism.

  Specify No if this system will use standard UNIX security.

      Configure Kerberos Security
      ---------------------------
      [ ] Yes
      [X] No



- Confirm Information ----------------------------------------------------------
  > Confirm the following information.  If it is correct, press F2;
    to change any information, press F4.


    Configure Kerberos Security: No

Specify the name service, domain, and domain resolver ...

- Name Service -----------------------------------------------------------------
  On this screen you must provide name service information.  Select the name
  service that will be used by this system, or None if your system will either
  not use a name service at all, or if it will use a name service not listed
  here.

  > To make a selection, use the arrow keys to highlight the option
    and press Return to mark it [X].


      Name service
      ------------
      [ ] NIS+
      [ ] NIS
      [X] DNS
      [ ] LDAP
      [ ] None



- Domain Name ------------------------------------------------------------------
  On this screen you must specify the domain where this system resides.  Make
  sure you enter the name correctly including capitalization and punctuation.


    Domain name: sfbay.sun.com





- DNS Server Addresses ---------------------------------------------------------
  On this screen you must enter the IP address of your DNS server(s).  You
  must enter at least one address.  IP addresses must contain four sets of
  numbers separated by periods (for example 129.200.9.1).



    Server's IP address: 10.0.2.3
    Server's IP address:
    Server's IP address:

The value of IP address for your DNS server is copied from "/etc/resolv.conf" in the global zone. Specify DNS search list and confirm the information ...

- DNS Search List --------------------------------------------------------------
  On this screen you can enter a list of domains that will be searched when a
  DNS query is made.  If you do not enter any domains, DNS will only search
  the DNS domain chosen for this system.  The domains entered, when
  concatenated, may not be longer than 250 characters.



    Search domain:
    Search domain:
    Search domain:
    Search domain:
    Search domain:
    Search domain:




- Confirm Information ----------------------------------------------------------
  > Confirm the following information.  If it is correct, press F2;
    to change any information, press F4.


          Name service: DNS
           Domain name: sfbay.sun.com
    Server address(es): 10.0.2.3

No need to create an address entry for the zone ...

- Name Service Error -----------------------------------------------------------
  Unable to find an address entry for zone1 with the specified DNS
  configuration.


      Enter new name service information?
      -----------------------------------
      [ ] Yes
      [X] No

Specify and confirm NFSv4 domain name ...

- NFSv4 Domain Name ------------------------------------------------------------
  NFS version 4 uses a domain name that is automatically derived from the
  system's naming services. The derived domain name is sufficient for most
  configurations. In a few cases, mounts that cross domain boundaries might
  cause files to appear to be owned by "nobody" due to the lack of a common
  domain name.

  The current NFSv4 default domain is: "sfbay.sun.com"


      NFSv4 Domain Configuration
      ----------------------------------------------
      [X] Use the NFSv4 domain derived by the system
      [ ] Specify a different NFSv4 domain



- Confirm Information for NFSv4 Domain -----------------------------------------
  > Confirm the following information.  If it is correct, press F2;
    to change any information, press F4.


    NFSv4 Domain Name:  << Value to be derived dynamically >>

Timezone ...

- Confirm Information ----------------------------------------------------------
  > Confirm the following information.  If it is correct, press F2;
    to change any information, press F4.


    Time zone: Pacific Time
               (US/Pacific)

Specify the root password and then see the comment as:

System identification is completed.

This comment indicates successful creation of the zone.

Login to "zone1" as:

zone1 console login: root
Password:
Feb  8 16:12:10 zone1 login: ROOT LOGIN /dev/console
Sun Microsystems Inc.   SunOS 5.11      snv_101b        November 2008

Check the network configuration ...

root@zone1:~# ifconfig -a
lo0:1: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL>
mtu 8232 index 1
        inet 127.0.0.1 netmask ff000000
e1000g0:1: flags=201000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4,CoS>
mtu 1500 index 2
        inet 192.168.0.99 netmask ffffff00 broadcast 192.168.0.255
root@zone1:~#

After "zone1" is completely installed, then it can be viewed as:

arun@opensolaris:~$ zoneadm list -vi
  ID NAME             STATUS     PATH                           BRAND    IP
   0 global           running    /                              native   shared
   1 zone1            running    /export/home/zone1             ipkg     shared

And then install "zone2" using the steps described above and check it's network configuration as:

root@zone2:~# ifconfig -a
lo0:2: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL>
mtu 8232 index 1
        inet 127.0.0.1 netmask ff000000
e1000g0:2: flags=201000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4,CoS>
mtu 1500 index 2
        inet 192.168.0.98 netmask ffffff00 broadcast 192.168.0.255
root@zone2:~#

And it's shown in the list of zones as:

arun@opensolaris:~# zoneadm list -vi
  ID NAME             STATUS     PATH                           BRAND    IP
   0 global           running    /                              native   shared
   1 zone1            running    /export/home/zone1             ipkg     shared
   2 zone2            running    /export/home/zone2             ipkg     shared

OK, so we installed 2 non-global zones in an Open Solaris image running as guest in Virtual Box.

Typing "~." takes you back to the global zone.

Please leave suggestions on other TOTD (Tip Of The Day) that you'd like to see. A complete archive of all tips is available here.

Technorati: totd opensolaris zones containers solaris virtualbox glassfish
Comments:

Post a Comment:
Comments are closed for this entry.
About

profile image
Arun Gupta is a technology enthusiast, a passionate runner, author, and a community guy who works for Oracle Corp.


Java EE 7 Samples

Stay Connected

Search

Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today