Tuesday Apr 29, 2014

Need another disk in your zone? No problem!

Solaris 11.2 allows you to modify your zone configuration and apply those changes without a reboot.  Check this out:

First, I want to show that there are no disk devices present in the zone.

root@vzl-212:~# zlogin z1 'find /dev/*dsk'
/dev/dsk
/dev/rdsk

Next, I modify the static zone configuration to add a access to all partitions of a particular disk.  This has no effect on the running zone.

root@vzl-212:~# zonecfg -z z1
zonecfg:z1> add device
zonecfg:z1:device> set match=/dev/*dsk/c0t600144F0DBF8AF19000052EC175B0004d0*
zonecfg:z1:device> end
zonecfg:z1> exit

I then use zoneadm to apply the changes in the zone configuration to the running zone.

root@vzl-212:~# zoneadm -z z1 apply
zone 'z1': Checking: Adding device match=/dev/*dsk/c0t600144F0DBF8AF19000052EC175B0004d0*
zone 'z1': Applying the changes

And now, the zone can see the devices. 

root@vzl-212:~# zlogin z1 'find /dev/*dsk'
/dev/dsk
/dev/dsk/c0t600144F0DBF8AF19000052EC175B0004d0
/dev/dsk/c0t600144F0DBF8AF19000052EC175B0004d0s0
/dev/dsk/c0t600144F0DBF8AF19000052EC175B0004d0s1
/dev/dsk/c0t600144F0DBF8AF19000052EC175B0004d0s2
/dev/dsk/c0t600144F0DBF8AF19000052EC175B0004d0s3
/dev/dsk/c0t600144F0DBF8AF19000052EC175B0004d0s4
/dev/dsk/c0t600144F0DBF8AF19000052EC175B0004d0s5
/dev/dsk/c0t600144F0DBF8AF19000052EC175B0004d0s6
/dev/rdsk
/dev/rdsk/c0t600144F0DBF8AF19000052EC175B0004d0
/dev/rdsk/c0t600144F0DBF8AF19000052EC175B0004d0s0
/dev/rdsk/c0t600144F0DBF8AF19000052EC175B0004d0s1
/dev/rdsk/c0t600144F0DBF8AF19000052EC175B0004d0s2
/dev/rdsk/c0t600144F0DBF8AF19000052EC175B0004d0s3
/dev/rdsk/c0t600144F0DBF8AF19000052EC175B0004d0s4
/dev/rdsk/c0t600144F0DBF8AF19000052EC175B0004d0s5
/dev/rdsk/c0t600144F0DBF8AF19000052EC175B0004d0s6

If I wanted to just temporarily modify the configuration, there's an option to just modify the running configuration. For example, if I plan on doing some maintenance on my ZFS Storage Appliance that hosts the LUN I allocated above, I may want to be sure that the zone can't see it for a bit.  That's easy enough.

Here I use zonecfg's -r option to modify the running configuration.

root@vzl-212:~# zonecfg -z z1 -r
zonecfg:z1> info device
device:
    match: /dev/*dsk/c0t600144F0DBF8AF19000052EC175B0004d0*
    storage not specified
    allow-partition not specified
    allow-raw-io not specified
zonecfg:z1> remove device
zonecfg:z1> info device
zonecfg:z1> commit
zone 'z1': Checking: Removing device match=/dev/*dsk/c0t600144F0DBF8AF19000052EC175B0004d0*
zone 'z1': Applying the changes
zonecfg:z1> exit

Without the -r option, zonecfg displays the on-disk configuration.

root@vzl-212:~# zonecfg -z z1 info device
device:
    match: /dev/*dsk/c0t600144F0DBF8AF19000052EC175B0004d0*
    storage not specified
    allow-partition not specified
    allow-raw-io not specified

root@vzl-212:~# zonecfg -z z1 -r info device
root@vzl-212:~#

The running configuration reflects the contents of /dev/dsk and /dev/rdsk inside the zone.

root@vzl-212:~# zlogin z1 'find /dev/*dsk'
/dev/dsk
/dev/rdsk

When it is time to revert back to the on-disk configuration, simply apply the on-disk configuration and the device tree inside the zone reverts to the on-disk configuration.

root@vzl-212:~# zoneadm -z z1 apply
zone 'z1': Checking: Adding device match=/dev/*dsk/c0t600144F0DBF8AF19000052EC175B0004d0*
zone 'z1': Applying the changes

root@vzl-212:~# zlogin z1 'find /dev/*dsk'
/dev/dsk
/dev/dsk/c0t600144F0DBF8AF19000052EC175B0004d0
/dev/dsk/c0t600144F0DBF8AF19000052EC175B0004d0s0
/dev/dsk/c0t600144F0DBF8AF19000052EC175B0004d0s1
/dev/dsk/c0t600144F0DBF8AF19000052EC175B0004d0s2
/dev/dsk/c0t600144F0DBF8AF19000052EC175B0004d0s3
/dev/dsk/c0t600144F0DBF8AF19000052EC175B0004d0s4
/dev/dsk/c0t600144F0DBF8AF19000052EC175B0004d0s5
/dev/dsk/c0t600144F0DBF8AF19000052EC175B0004d0s6
/dev/rdsk
/dev/rdsk/c0t600144F0DBF8AF19000052EC175B0004d0
/dev/rdsk/c0t600144F0DBF8AF19000052EC175B0004d0s0
/dev/rdsk/c0t600144F0DBF8AF19000052EC175B0004d0s1
/dev/rdsk/c0t600144F0DBF8AF19000052EC175B0004d0s2
/dev/rdsk/c0t600144F0DBF8AF19000052EC175B0004d0s3
/dev/rdsk/c0t600144F0DBF8AF19000052EC175B0004d0s4
/dev/rdsk/c0t600144F0DBF8AF19000052EC175B0004d0s5
/dev/rdsk/c0t600144F0DBF8AF19000052EC175B0004d0s6

Live Zone Reconfiguration is not limited to just device resources, it works with most other resources as well.  See the Live Zones Reconfiguration section in zones(5).

Solaris 11.2 Beta zones man pages

For those of you trying out the latest zones features, beware that many of the man page updates did not make it into the beta build, so man(1) will not tell you the full story.  The man page updates are in the beta documentation, linked below for your convenience.

The zones book has been split apart and a new book has been introduced for kernel zones:


Install a kernel zone in 3 steps

One of the shiniest new features in Oracle Solaris 11.2 is Kernel Zones.  Kernel Zones provide the familiarity of zones while providing independent kernels.  This means that it's now possible to have zones that run different patch levels, act as CIFS servers, load kernel modules, etc.  So, let's get to installing a kernel zone.

If you have installed any other zone on Solaris before, this will look quite familiar.  After all, it is  just another zone, right?

For this procedure to work, there are some prerequisites that shouldn't be much of a problem in a production environment, but are a bit of a problem if your normal playground is VirtualBox or the 6 year old server you found on the loading dock.

Step 1: Configure

root@vzl-212:~# zonecfg -z myfirstkz create -t SYSsolaris-kz

Step 2: Install

root@vzl-212:~# zoneadm -z myfirstkz install
Progress being logged to /var/log/zones/zoneadm.20140419T032707Z.myfirstkz.install
pkg cache: Using /var/pkg/publisher.
 Install Log: /system/volatile/install.5368/install_log
 AI Manifest: /tmp/zoneadm4798.dAaO7j/devel-ai-manifest.xml
  SC Profile: /usr/share/auto_install/sc_profiles/enable_sci.xml
Installation: Starting ...

        Creating IPS image
        Installing packages from:
            solaris
                origin:  http://ipkg/solaris11/dev/
        The following licenses have been accepted and not displayed.
        Please review the licenses for the following packages post-install:
          consolidation/osnet/osnet-incorporation                     
        Package licenses may be viewed using the command:
          pkg info --license <pkg_fmri>

DOWNLOAD                                PKGS         FILES    XFER (MB)   SPEED
Completed                            549/549   76929/76929  680.9/680.9  8.4M/s

PHASE                                          ITEMS
Installing new actions                   104278/104278
Updating package state database                 Done 
Updating package cache                           0/0 
Updating image state                            Done 
Creating fast lookup database                   Done 
Installation: Succeeded
        Done: Installation completed in 438.132 seconds.

Step 3: Celebrate!

At this point the kernel zone is installed and ready for boot. 

root@vzl-212:~# zoneadm -z myfirstkz boot
root@vzl-212:~# zlogin -C myfirstkz
[Connected to zone 'myfirstkz' console]
Loading smf(5) service descriptions: 220/220
...

Because a sysconfig profile was not provided during installation, sysconfig(1M) will ask a few things on first boot.

                           System Configuration Tool
 
     System Configuration Tool enables you to specify the following            
     configuration parameters for your newly-installed Oracle Solaris 11       
     system:
     - system hostname, network, time zone and locale, date and time, user     
       and root accounts, name services, keyboard layout, support
 
     System Configuration Tool produces an SMF profile file in
     /etc/svc/profile/sysconfig/sysconfig-20140419-034040.
 
     How to navigate through this tool:
     - Use the function keys listed at the bottom of each screen to move       
       from screen to screen and to perform other operations.
     - Use the up/down arrow keys to change the selection or to move           
       between input fields.
     - If your keyboard does not have function keys, or they do not            
       respond, press ESC; the legend at the bottom of the screen will         
       change to show the ESC keys for navigation and other functions.         
 
 
 
  F2_Continue  F6_Help  F9_Quit

If you've read this far into this entry, you know how to take it from here.

Solaris 11.2 Beta Opens Today

The Oracle Solaris 11.2 Open Beta has begun.  Please grab the bits and let us know what you think.

As I mentioned a while back, I've spent a lot of my time over the last couple of years on Kernel Zones and Unified Archives.  This has had overlap with other prominent projects like integration of OpenStack in Solaris and lesser known ones such as zonecfg template properties, and zone console logging.  In the coming days, watch this space for blog entries that should help you explore some of advances that Solaris 11.2 offers.

About

I'm a Principal Software Engineer in the Solaris Zones team. In this blog, I'll talk about zones, how they interact with other parts of Solaris, and related topics.

Search

Categories
Archives
« April 2014 »
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
30
   
       
Today