Thursday Mar 10, 2011

Solaris 10 Branded Zones

One of the powerful features of Solaris 11 is the ability to run a Solaris 10 environment in a zone. Solaris 10 allows you to run Solaris 8 and 9 environments in zones, but only on SPARC. 

Unfortunately, you can't just create a Solaris 10 zone from scratch - you have to have an existing Solaris 10 environment. That environment can be either a Solaris 10 instance or a Solaris 10 zone. 

Step 1: Pick a Solaris 10 Instance to Migrate

For this exercise, I'm going to migrate a complete Solaris 10 installation (not a Solaris 10 zone). The Solaris 10 9/10 VirtualBox VM is a great candidate, so that's what I'm going to use. If you're interested in migrating a Solaris 10 zone, see: Migrating an Oracle Solaris 10 native Non-Global Zone Into an Oracle Solaris 10 Container.

Step 2: Set Up Common Storage

We need to create an archive of the Solaris 10 system. Ideally, that archive would be written to and read from the same location. Since we're using VirtualBox, the host system makes a great common storage location. So, on the host system, set up an NFS share if you don't already have one.

Step 3: Create the Archive

As documented in Assessing an Oracle Solaris 10 System and Creating an Archive, note the Solaris 10 system's hostid:

bash-3.00# hostid

Then create the image, writing the archive to the NFS share on the host system:

bash-3.00# flarcreate -S -n s10-system -L cpio /net/ Archive format requested is cpio
This archiver format is NOT VALID for flash installation of ZFS root pool.
This format is useful for installing the system image into a zone.
Reissue command without -L option to produce an archive for root pool install.
Full Flash
Checking integrity...
Integrity OK.
Running precreation scripts...
Precreation scripts done.
Creating the archive...
6917057 blocks
Archive creation complete.
Running postcreation scripts...
Postcreation scripts done.

Running pre-exit scripts...
Pre-exit scripts done.

The 3.3G file takes about 30 minutes to create.

Step 4: Install the s10 Package

The s10 package provides support for the Solaris 10 Branded Zone. Just click Install to install it.

Step 5: Create a ZFS File System for the Zones

If you already have a ZFS file system for your zones, you can skip this step:

bleonard@solaris:~$ sudo zfs create -o mountpoint=/zones rpool/zones

Step 6: Create a VNIC for the Zone

This is optional as you could elect to use shared networking, but why not take advantage of network virtualization?

bleonard@solaris:~$ sudo dladm create-vnic -l e1000g0 s10zone0

Step 7: Configure the Zone

The key difference here from creating a standard zone is the zone type is set to SUNWsolaris10:

bleonard@solaris:~$ sudo zonecfg -z s10-zone
s10-zone: No such zone configured
Use 'create' to begin configuring a new zone.
zonecfg:s10-zone> create -t SUNWsolaris10
zonecfg:s10-zone> set zonepath=/zones/s10-zone
zonecfg:s10-zone> set ip-type=exclusive
zonecfg:s10-zone> add net
zonecfg:s10-zone:net> set physical=s10zone0
zonecfg:s10-zone:net> end
zonecfg:s10-zone> set hostid=<solaris 10 host id>
zonecfg:s10-zone> verify
zonecfg:s10-zone> commit
zonecfg:s10-zone> exit

Step 8: Install the Zone

You'll be installing the zone from the flash archive that was created in step 3. I'll be installing the zone unconfigured (If you wish to preserve the zone configuration, replace the -u with -p, but I've had mixed luck with this approach):

bleonard@solaris:~$ sudo zoneadm -z s10-zone install -a /export/home/bleonard/share/s10-system.flar -u
A ZFS file system has been created for this zone.
      Log File: /var/tmp/s10-zone.install_log.fUa4Lh
    Installing: This may take several minutes...
Postprocessing: This may take a while...
   Postprocess: Updating the image to run within a zone

        Result: Installation completed successfully.
      Log File: /zones/s10-zone/root/var/log/s10-zone.install3809.log

The installation should take about 25 minutes to complete.

Step 9: Configure Solaris 10

This step can be done interactively when the zone is first booted, but I like to automate it by providing a sysidcfg file. See How to Use an /etc/sysidcfg for more information:

bleonard@solaris:~$ sudo cat /zones/s10-zone/root/etc/sysidcfg
network_interface=s10zone0 {

The above root password is "solaris".

Step 10: Boot the Zone

bleonard@solaris:~$ sudo zoneadm -z s10-zone boot

Step 11: Log Into the Zone

If you attempt to log in immediately after the boot command, you'll need to wait a couple of minutes for the Solaris 10 system configuration to complete before the login prompt appears. Don't fear the message about s10zone0 not being a valid network interface - it configures just fine:

bleonard@solaris:~$ sudo zlogin -C s10-zone bleonard@solaris:~$ sudo zlogin -C s10-zone
[Connected to zone 's10-zone' console]
Hostname: s10-zone
Loading smf(5) service descriptions: 1/1
 network_interface=s10zone0 {
s10zone0 is not a valid network interface  line 3 position 19
Creating new rsa public/private host key pair
Creating new dsa public/private host key pair
Configuring network interface addresses: s10zone0.
Mar 10 13:32:14 s10-zone sendmail[7277]: My unqualified host name (s10-zone) unknown; sleeping for retry

s10-zone console login: root
Password: solaris
Mar 10 13:32:32 s10-zone login: ROOT LOGIN /dev/console
Last login: Thu Feb 24 13:50:44 on console
Oracle Corporation      SunOS 5.10      Generic Patch   January 2005
-bash-3.00# cat /etc/release 
                    Oracle Solaris 10 9/10 s10x_u9wos_14a X86
     Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved.
                            Assembled 11 August 2010

To get rid of the "unqualified host name" messages from sendmail, add s10-zone.local to /etc/inet/hosts as follows:

-bash-3.00# cat /etc/hosts
# Internet host table
#       localhost       
::1     localhost       s10-zone        loghost s10-zone.local

Step 12: Use

Now that you have a Solaris 10 zone, it's up to you to decide what to do with it. If you migrated over a Solaris 10 system with applications, then you should be able to quickly get them up and running in the zone. One of the nice benefits of running a Solaris 10 zone in Solaris 11 is the ability to take advantage of new features like network virtualization and zonestat:

bleonard@solaris:~$ zonestat 5
Collecting data for first interval...
Interval: 1, Duration: 0:00:05
SUMMARY                    Cpus/Online: 1/1   Physical: 1535M    Virtual: 2512M
                    ----------CPU---------- ----PHYSICAL----- -----VIRTUAL-----
               ZONE  USED %PART  %CAP %SHRU  USED   PCT  %CAP  USED   PCT  %CAP
            [total]  0.22 22.8%     -     - 1113M 72.4%     - 1338M 53.2%     -
           [system]  0.08 8.73%     -     -  423M 27.5%     -  728M 29.0%     -
             global  0.12 12.8%     -     -  543M 35.3%     -  453M 18.0%     -
           s10-zone  0.01 1.22%     -     -  146M 9.55%     -  156M 6.22%     -

For a great introdution to zonestat, check out Jeff Victor's blog entries: All New Zonestat!, and All New Zonestat - Part 2.


The Observatory is a blog for users of Oracle Solaris. Tune in here for tips, tricks and more as we explore the Solaris operating system from Oracle.


« July 2016