What's New Pussycat?
By comay on Aug 06, 2004
Support for Zones was initially released in the Software Express for Solaris 2/04 release. Since then, we have been working on adding a number of enhancements as well as fixing a number of bugs that have been reported. Of course, the definitive source for what has changed in each of the Solaris releases can be found in that release's Solaris What's New document. However, I thought it might be useful to summarize the Zones enhancements that have been released since February and what is coming in the upcoming Software Express for Solaris release.
In the Software Express for Solaris 7/04 release, support for Zones being NFSv4 clients was added. In that particular build, the default NFS version was still three (3) but this can be changed by editing the file /etc/default/nfs and uncommenting and changing the NFS_CLIENT_VERSMAX parameter to 4. For more information, please see the nfs(4) manual page. Note that in the upcoming Software Express for Solaris release, the default NFS version will be four (4) although the system will negotiate a lower version as necessary.
On a similar note, the statistics reported by nfsstat(1M) have been virtualized on a per-zone basis.
With the power of the Tecla command-line editing library, the zonecfg(1M) command now supports command line editing, command history and tab completion within interactive mode. This new functionality can make it far easier to enter or edit a zone's configuration. In addition, each user can customize their own particular set of key bindings through the file .teclarc in their home directory.
One of the other new features in this release is the ability to specify a richer set of file systems through zonecfg(1M) Previously, the administrator could specify a restricted set of file systems such as lofs(7FS) or tmpfs(7FS). This restriction to a large degree is lifted in this release, allowing the administrator to specify file systems like ufs(7FS).
For example, consider this update to the configuration of the zone myzone:
global# zonecfg -z myzone zonecfg:myzone> add fs zonecfg:myzone:fs> set dir=/source zonecfg:myzone:fs> set special=/dev/md/dsk/d4 zonecfg:myzone:fs> set raw=/dev/md/rdsk/d4 zonecfg:myzone:fs> set type=ufs zonecfg:myzone:fs> end zonecfg:myzone> commit zonecfg:myzone> exit global#
What we have added to the configuration is a UFS file system that will
automatically be mounted as /source when the zone is booted.
The partition used is a
Solaris Volume Manager
metadevice that was created and initialized from within the global
Finally, the Software Express for Solaris 7/04 release includes two enhancements to the ps(1) command to add zone information to any current command output and to filter information based on one or more zones. The new -Z option adds a ZONE column to any report generated by ps(1) while the -z zidlist option prints only those processes belong to the zones specified in the comma-separated zidlist (zones can be listed either by name or by their ID number.)
In the upcoming Software Express for Solaris release, there are three additional enhancements being introduced for Zones. As a teaser, I will briefly describe them now and cover them later in more depth when the release is made available.
When resource pools have been enabled, the first enhancement more accurately reports the processor resources available to a zone and their statistics as reported by commands such as iostat(1M) , mpstat(1M) , vmstat(1M) , psrinfo(1M) and sar(1). In a similar manner, library routines such as getloadavg(3C) and sysconf(3C) (the latter when invoked for _SC_NPROCESSORS_CONF or _SC_NPROCESSORS_ONLN) only return information for the processors in the set a particular zone is bound to.
In addition, a new resource control has been introduced, zone.max-lwps, which allows a global zone administrator to limit the number of lightweight processes or LWPs that can be created inside a zone. From within the zone itself, another new resource control, project.max-lwps, can be used to further divide the total number of LWPs amongst the projects defined in the zone.
Finally, Solaris Auditing can now be configured for zones in a number of different ways. The global zone administrator can specify whether the whole system should be audited as a whole or whether each zone can be audited separately. In the latter case, each zone has its own audit configuration and that zone's administrator can configure and process their audit trails independently from the other zones on the system.
We welcome hearing about your experiences or problems with using Zones and of any feature enhancements you would like to see.