Zones in OpenSolaris LiveCD inside VirtualBox under OpenSolaris!

I've been working with several Sun virtualization techniques - Solaris Containers, Logical Domains, and the upcoming Sun xVM Server, and recently started using VirtualBox as one of my primary tools. As my colleague Bob Netherton says "It rawks!". It's free, runs on Solaris, Linux, Mac OS X, and Windows - and has been downloaded 5 million times. With a little effort, described in Jim Laurent's blog, you can even import virtual machine VMDK images from VMware.

We all live in a virtual machine, virtual machine, virtual machine (to the tune of "Yellow Submarine")

I've used VirtualBox to bring up Windows and Ubuntu Linux under Solaris for fun:

Three's a crowd
Three's a crowd: Windows XP, Solaris 10, and OpenSolaris all booted at the same time underneath OpenSolaris

However, my usual purpose is to practice using Solaris features and gain experience with ones that are new to me. Now I have a desktop (an Acer M3100) and laptop (Toshiba Tecra M9) with enough CPU power and (especially important) RAM to run multiple guest operating systems. VirtualBox makes it really easy. Safe, non-destructive to my normal work environments, and something I can do while multitasking with normal desktop activity (web, e-mail, presentations, occasionally hack at a program, listen to music through tinny speakers). And the operating system I boot on the bare iron is OpenSolaris. Life is good.

Can you use this with OpenSolaris live CD?

In this case, I was inspired by another colleague, Jeff Victor who wondered in an e-mail whether the OpenSolaris' Live CD feature could be used to demonstrate Solaris Containers, aka zones. You can boot off the OpenSolaris CD (you can even boot OpenSolaris off a USB stick) and use it as an OS (eg: fire up a browser and do other work) rather than just as an installer. That would be helpful, because you could then demonstrate and test zones, or gain experience with them, without having to fully install Solaris - either on a spare real machine or in a guest. Just boot off the OpenSolaris CD, and play with some of its features. Afterwards, either boot the real computer back into your standard environment, or shut the virtual machine down.

But would it work? Only one way to find out. I already installed OpenSolaris in a VirtualBox guest machine, and the guest even has the CD image .iso file attached to it, so let's fire it up

list of guests
VirtualBox list of guests

I let it boot off the virtual CD image to load the Live CD. Soon it gives me a Grub screen that asks me what to do.

OpenSolaris Live CD Grub screen
OpenSolaris Live CD Grub screen

I don't want to boot up the already-installed OpenSolaris image, so I select the first entry instead of the last. After a little while I have the graphical desktop up, and I can open a terminal window, and look around.

OpenSolaris graphical desktop

At this point I can add a zone interactively. For convenience, I use pfexec to put myself into my preferred shell and work as root (it's my OS instance and I'll do what I like!), and then start a zone install. Oops, at first, I tried to add it to a /zones directory but that failed right away due to running out of space. Duh. So, let's try that again in a reasonable place - there's space under /jack, the home directory for the default live CD user login.

jack@opensolaris:~$ pfexec bash
jack@opensolaris:~# zoneadm list -civ
  ID NAME             STATUS     PATH                           BRAND    IP    
   0 global           running    /                              native   shared
jack@opensolaris:~# mkdir /jack/zones
jack@opensolaris:~# zonecfg -z live
live: No such zone configured
Use 'create' to begin configuring a new zone.
zonecfg:live> create
zonecfg:live> set zonepath=/jack/zones/live
zonecfg:live> add net
zonecfg:live:net> set physical=pcn0
zonecfg:live:net> set address=
zonecfg:live:net> end
zonecfg:live> verify
zonecfg:live> commit
zonecfg:live> exit
jack@opensolaris:~# zoneadm list -civ
  ID NAME             STATUS     PATH                           BRAND    IP    
   0 global           running    /                              native   shared
   - live             configured /jack/zones/live               ipkg     shared

That seems okay - with an interesting new type of brand. Dan Price describes this in his blog. At this time, zones in OpenSolaris are a little different from those in regular Solaris 10. Specifically, zones have a new ipkg brand, because the zone commands have behavior based on native zones using SysV packaging, instead of the new Image Packaging System. OpenSolaris zones are not sparse root, and their contents are obtained from a network repository.

jack@opensolaris:~# zoneadm -z live install
WARNING: /jack/zones/live is on a temporary file system.

      Image: Preparing at /jack/zones/live/root ... done.
    Catalog: Retrieving from ... done.
 Installing: (output follows)
DOWNLOAD                                    PKGS       FILES     XFER (MB)
Completed                                  49/49   7634/7634 206.85/206.85 

PHASE                                        ACTIONS
Install Phase                            12602/12602 

       Note: Man pages can be obtained by installing SUNWman
Postinstall: Copying SMF seed repository ... done.
Postinstall: Working around
Postinstall: Working around
       Done: Installation completed in 337.728 seconds.

 Next Steps: Boot the zone, then log into the zone console
             (zlogin -C) to complete the configuration process

I like the warning message - little does it know that any writeable file system mounted to the live CD is transient! Despite having to fetch its contents from a repository out on the 'net (and while running in a virtual machine), the whole process took about 5 minutes. Dan also mentions working to keep the default zone image rather small - and it only took up about 230MB.

A zone, inside a VirtualBox virtual machine, under OpenSolaris

Now let's boot it up and prove the whole thing works. I do that, answer the usual configuration questions, and here I have:

live console login: root
Jun  1 12:43:55 live login: ROOT LOGIN /dev/console
Sun Microsystems Inc.   SunOS 5.11      snv_86  January 2008
-bash-3.2# zonename
-bash-3.2# ifconfig -a
lo0:1: flags=2001000849 mtu 8232 index 1
        inet netmask ff000000 
pcn0:1: flags=201000843 mtu 1500 index 2
        inet netmask ff000000 broadcast

All seems normal, and after a few minutes I shut the zone down.

Clone that, will ya?

Just for fun I cloned that zone: I configured a new zone zonecfg -z liveclone and then populated it via zoneadm -z liveclone clone live. Interestingly was that the zone clone took only a moment, despite having to copy the file system. The ram disk file image is UFS, not ZFS, so it can't use a ZFS clone, but I imagine copying ramdisk based filesystems must be fast!


The answer is yes: you can demo or learn Solaris Containers, as well as other OpenSolaris features, while running the live CD, and you can do that from within a VirtualBox virtual machine (or under VMware, I imagine). With the new packaging concept, in which the install media is kept smaller and new bits are obtained from a repository, you're dependent on having access to the Internet in order to download the software needed to create the zone. It all happens transparently - I didn't have to issue any commands to do that - but you won't get far without it. If that's not a problem, you can easily bring up OpenSolaris and play - whether in a virtual machine or a real one.

One other note: for a long time in my prior life I was spoiled by the ability to test out the OS I was working on by bringing it up in a virtual machine. Too many of the things I did in my work life involved changing the behavior of the OS I was working on - and I liked working with a net (and while my users were doing their mission critical work instead of on weekends and late night shifts). Having a safe sandbox to try things out, add and test software, and even crash things on purpose was a great aide to productivity and safe computing. It's really great to have that again.


Post a Comment:
Comments are closed for this entry.



« June 2016