Wednesday Dec 10, 2008

OpenSolaris 2008.11: How to create a new zone for an Apache web server

For those of you that want to install a web server in an OpenSolaris 2008.11 zone (e.g. for separating a web server from a file server while using the same hardware), here's a short howto. The procedure is a bit different from previous OpenSolaris releases as the zone files are not immediately available after the zone is installed - might have something to do with the new ipkg zone brand. The zone installation is now much faster than before. Here's how I got it installed:

  1. Create a parent zfs filesystem for the zone's root, if it does not yet exist:
    $ zfs create -o mountpoint=/zones rpool/zones

  2. Create a zone configuration file:
    $ cat > /var/tmp/webserv-z.cfg
    create
    set zonepath=/zones/webserv-z
    set autoboot=true
    add net
    set address=192.168.0.20/24
    set physical=ADAPTER
    set defrouter=192.168.0.1
    end
    verify
    commit
    exit
    
    Please replace ADAPTER by the name of your network adapter (can be seen in the output of ifconfig -a | nawk '!/\^[\\t]/&&!/lo/{gsub (":", "");print $1}' or just ifconfig -a, for example). In my case, it was sfe0 on one system and bge0 on another.
    Then, configure the new zone:
    $ zonecfg -z webserv-z -f /var/tmp/webserv-z.cfg
  3. Install the new zone:
    $ zoneadm -z webserv-z install
    A ZFS file system has been created for this zone.
      Authority: Using http://pkg.opensolaris.org/release/.
          Image: Preparing at /zones/webserv-z/root ...
          Cache: Using /var/pkg/download.
     Installing: (output follows)
    Refreshing Catalog 1/1 opensolaris.org
    Creating Plan /                        
    DOWNLOAD                                    PKGS       FILES     XFER (MB)
    SUNWPython                                  6/52    213/7862    1.71/72.41 
    Completed                                  52/52   7862/7862   72.41/72.41 
    
    PHASE                                        ACTIONS
    Install Phase                             3637/12939 
    
    
  4. Wait! Before booting the zone, mount it first:
    zoneadm -z webserv-z mount

  5. Create a configuration file with the name sysidcfg (for sample files and a detailed explanation on the syntax, see: this link on http://docs.sun.com) in directory /zones/webserv-z/root/etc so you don't have to go through all the configuration screens after connecting to the new zone the first time:
    $ cat > /zones/webserv-z/root/etc/sysidcfg
    system_locale=C
    timezone=Europe/Berlin
    terminal=xterms
    security_policy=NONE
    timeserver=localhost
    root_password=PASSWD_STRING
    name_service=dns {domain_name=DOMAIN.TLD
       name_server=DNS_IP_ADDR_1,DNS_IP_ADDR_2
       search=DOMAIN.TLD
    }
    network_interface=primary {hostname=webserv-z
       ip_address=192.168.0.20
       netmask=255.255.255.0
       protocol_ipv6=yes
       default_route=192.168.0.1
    }
    nfs4_domain=dynamic
    

    Before proceeding, please replace the placeholders DOMAIN.TLD, DNS_IP_ADDR_1, and DNS_IP_ADDR_2 by the names or addresses of your choice! For PASSWD_STRING (root_password parameter), you may use the old (short) password string from a Solaris 10 /etc/shadow file. If you do not use the root_password parameter in the sysidcfg file, you will be asked for the root password during initial zone boot.

  6. Wait! Before booting the zone, unmount it first:
    zoneadm -z webserv-z unmount

  7. Now you can boot the zone:
    $ zoneadm -z webserv-z boot

  8. Log in to the zone:
    root@soly:/# zlogin -C webserv-z
    [Connected to zone 'webserv-z' console]
    Loading smf(5) service descriptions: 27/68
    ...
    68/68
    Reading ZFS config: done.
    Mounting ZFS filesystems: (5/5)
    Creating new rsa public/private host key pair
    Creating new dsa public/private host key pair
    Configuring network interface addresses: sfe0.
    
    After a while, a series of screens will be displayed which ask you to select missing system configuration information. Use the <F2> key or <esc> 2 to go from one screen to the next. After that, a login prompt will be displayed, and you can login to the newly created zone:
    webserv-z console login: root
    Password: 
    Dec  8 10:12:14 webserv-z login: ROOT LOGIN /dev/console
    Sun Microsystems Inc.   SunOS 5.11      snv_101b        November 2008
    
    The output of the df -k command should display the following file systems (probably with slightly different values in the "used" column and totally different values in the "avail" column (depends on your disk and swap space size):

    root@webserv-z:~# df -k
    Filesystem            kbytes    used   avail capacity  Mounted on
    /                          0  240451 186876163     1%    /
    /dev                       0       0       0     0%    /dev
    proc                       0       0       0     0%    /proc
    ctfs                       0       0       0     0%    /system/contract
    mnttab                     0       0       0     0%    /etc/mnttab
    objfs                      0       0       0     0%    /system/object
    swap                  775608     196  775412     1%    /etc/svc/volatile
    /usr/lib/libc/libc_hwcap1.so.1
                         187116614  240451 186876163     1%    /lib/libc.so.1
    fd                         0       0       0     0%    /dev/fd
    swap                  775412       0  775412     0%    /tmp
    swap                  775420       8  775412     1%    /var/run
    root@webserv-z:~# 
    
  9. Install Apache and prerequisites in the local zone:
    $ pkg install SUNWapch22
    root@webserv-z:~# pkg install SUNWapch22
    Refreshing Catalog 1/1 opensolaris.org
    Creating Plan \\                        
    DOWNLOAD                                    PKGS       FILES     XFER (MB)
    SUNWapch22                                   0/4      0/1342     0.00/5.85
    SUNWperl584core                              3/4    913/1342     4.21/5.85 
    
  10. Start the web server:
    root@webserv-z:~# svcadm enable apache22

  11. Point your browser to http://webserv-z or http://192.168.0.20 and see the first web page!
    Now you can change the file /var/apache2/2.2/htdocs/index.html according to your needs and watch the web page changing after reloading it in the browser!

Note: If you need to clean up the configuration, I suggest using the following commands:
$ zoneadm -z webserv-z uninstall -F
$ zonecfg -z webserv-z delete -F
$ zfs destroy -r rpool/zones

Be careful! These commands perform uninstall, delete or destroy actions without confirmation!. The zfs destroy command shown will also destroy all other zfs file systems that were created for other zones with zone root path starting with /zones!

About

blogfinger

Search

Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today