Chapter 6 Managing Zones
This chapter contains procedures for creating, using, and managing zones
on Solaris 10 systems.
The following topics are discussed:
Zones Overview
A Solaris 10 feature, zones provide an isolated and secure environment
for running applications. Zones give you a way to create virtualized operating
system environments within an instance of Solaris. Zones allow one or more
processes to run in isolation from other processes on the system. For example,
a process that runs in a zone can send signals only to other processes in
the same zone, regardless of user ID and other credential information. If
an error occurs, it affects only the processes that run within the zone.
Each zone can have its own IP address, file system, unique root user
name and password file, and name server.
Every Solaris 10 system contains a global zone. The global zone is the
default zone for the system and is used for system-wide administration. The
global zone cannot be configured, installed, or uninstalled.
The upper limit for the number of zones on a system is 8192. The number
of zones that can be effectively hosted on a single system is determined by
the total resource requirements of the application software running in all
of the zones.
Container Manager enables you to create, delete, modify, copy, halt and reboot
non-global zones. Container Manager also can discover existing zones, detect
zone changes, monitor and archive a zone's CPU, memory and network utilization,
and generate zone up or zone down alarms.
Note –
You must be a zone administrator to manage (create, modify, copy,
delete, boot, shut down) non-global zones. The zone administrators are specified
while setting up the Solaris Container Manager software.
For more information about zones, see Chapter 16, Introduction to Solaris Zones, in System Administration Guide: Solaris Containers-Resource Management
and Solaris Zones.
Non-Global Zone States
You can use Container Manager to create non-global zones.
A non-global zone can be in one of the following states:
-
Configured
-
Incomplete
-
Installed
-
Ready
-
Running
-
Shutting down
-
Down
For more information about zone states, see Non-Global
Zone State Model in System Administration
Guide: Solaris Containers-Resource Management and Solaris Zones.
Note –
A global zone is always in “running” state.
Creating Non-Global Zones
You can create a non-global zone to keep the applications running
inside this zone isolated from other applications.
Before You Begin
You must have a resource pool with available CPU shares. For instructions
about creating a new resource pool, see Creating New Resource Pools.
To Create a Non-Global Zone
Steps
-
If the Container Manager GUI is not already open, access it as described
in To Start the Container Manager GUI.
-
Select the Hosts view by selecting the Hosts
tab in the navigation window.
A list of hosts is displayed in
the navigation window.
-
Select a Solaris 10 host.
-
Select the Zones tab.
-
Click the New Zone button.
The
New Zone wizard appears.
Figure 6–1 Zone Creation Parameters Window
-
Type the appropriate values for the fields:
zone name, zone host name, zone path, IP address, and network interface.
The zone host name is the unique name for the zone as a virtual host.
It is not the host name or the machine name.
The
zone path is an absolute path and starts from the root (/) directory.
Note –
If the directory given in the zone path field exists, the permission
for the root directory must be 700. Otherwise, the zone is not created.
If the directory given in the zone path field does not exist, the Solaris Container Manager creates
a directory with this name and assigns 700 permission to the root directory.
Each zone can have network interfaces that should be configured when
the zone transitions from the “installed” state to the “ready”
state.
-
(Optional) Select the Enabled check box, if you want the zone
to automatically reboot when the system reboots.
-
Type the root user name.
-
(Optional) Select the appropriate values in the Locale, Terminal
Type, Naming Service, and Time Zone lists.
Locale specifies the
language that will be used for this zone.
Terminal type specifies
the type of the terminal.
Naming service translates host names
to IP addresses and IP addresses to host names.
Time zone specifies
the time zone for the zone.
-
Type the appropriate values in the Domain Name and Name Server
fields.
In the Name Server field, type the name server value followed
by IP address. For example, the value in the Name Server field
could be ns1.sun.com (10.255.255.255).
-
Select a resource pool for the zone.
-
Type the appropriate values in the CPU Shares and Project CPU
Shares fields.
Figure 6–2 CPU Shares Window
The CPU Shares field specifies the number of CPU shares that is allocated
to this zone from the resource pool. This number must be less than or equal
to the CPU shares that are available for the resource pool.
The
Project CPU Shares field specifies the number of CPU shares that is allocated
to the projects in the zone.
-
(Optional) Type the minimum input bandwidth and output bandwidth
for the IP quality of service feature.
Figure 6–3 IPQoS Attributes Window
-
Choose whether to configure additional attributes for the zone.
-
If you want to configure additional attributes for the zone, select
the Yes option and click Next.
Type the additional IP addresses
for this zone and select the appropriate network interfaces.
Type
the device directories that are to be configured for this zone.
Type
the details of the additional file systems that are to be mounted in this
zone.
Type the directories that contain packaged software that
this zone shares with the global zone.
For more information about
these additional zone attributes, see Zone Configuration
Data in System Administration Guide: Solaris
Containers-Resource Management and Solaris Zones.
Review
the selections that you made for the zone and Click Finish to save your changes.
-
If you do not want to configure additional attributes for the
zone, select the No option and click Next.
Review the selections
that you made for the zone and Click Finish to save your changes.
The information in the zones table is updated with the new zone. When
a zone is created, it will be in an “incomplete” state. After
inheriting certain packages from the global zone, the zone will be changed
to the “running” state.
Copying Non-Global Zones
You can create multiple copies of a non-global zone on a single host
or a copy of a non-global zone on multiple hosts.
When a non-global zone is copied, all its properties are inherited to
the new zones.
To Copy a Non-Global Zone
Steps
-
If the Container Manager GUI is not already open, access it as described
in To Start the Container Manager GUI.
-
Select the Hosts view by selecting the Hosts tab in
the navigation window.
A list of hosts is displayed in the navigation
window.
-
Select a Solaris 10 host.
-
Select the Zones tab.
-
Select the option button next to a non-global
zone.
-
Click the Zone Copy button.
The Zone Copy wizard is
started.
-
Choose whether to create multiple copies of a zone on the same
host or to create a copy of a zone on multiple hosts.
-
If you want to create multiple copies of a zone on the same host,
select the Same host option and click Next.
Type the number of
zone copies to be created and click Next.
Type the appropriate
parameters for the target zones.
Provide a prefix for the zone
name. Numbers starting from 1 will be added to create zones with name and
zone host name <prefix>_1 to <prefix>_n.
The starting IP
address is incremented by 1 to assign the IP addresses for the zones.
The number of shares in the resource pool must be greater than 0 after
calculating the following.
(CPU shares of the current zone) —
(CPU shares of the new zones * n), where n is the number of zone copies.
Review the selections
that you made for the zone and click Finish.
-
If you want to create a copy of a zone on multiple hosts, select
the Multiple hosts option and click Next.
Search for hosts using
the search criteria to display a list of possible target hosts.
Select
the hosts from the Available host list.
Type the appropriate parameters
for the target zones.
The starting IP address is incremented by
1 to assign the IP addresses for the zones.
The resource pool
is set to pool_default as the target hosts might not have
a pool with the same name and available shares as that of the source zone's
pool.
Review the selections that you made for the zone and click
Finish.
Deleting, Booting, or Shutting Down Non-Global
Zones
You can change the state of a zone according to your needs.
To Delete, Boot, or Shut Down a Non-Global
Zone
Steps
-
If the Container Manager GUI is not already open, access it as described
in To Start the Container Manager GUI.
-
Select the Hosts view by selecting the Hosts
tab in the navigation window.
A list of hosts is displayed in
the navigation window.
-
Select a Solaris 10 host.
-
Select the Zones tab.
-
Select the option button next to the non-global
zone name.
-
Click the Delete, Boot, or Shutdown button.
When a
zone is booted, it will be changed to the “running” state from
the ”installed” state. When a zone is shut down, it will be changed
to the “installed” state from the ”running” state.
Viewing the Log Files of Zones
To View the Log File of a Zone
Steps
-
If the Container Manager GUI is not already open, access it as described
in To Start the Container Manager GUI.
-
Select the Hosts view by selecting the Hosts tab in
the navigation window.
A list of hosts is displayed in the navigation
window.
-
Select a Solaris 10 host.
-
Select the Zones tab.
-
Type the name of the zone in the field (located beneath the Zones
table.)
-
Click the Zone Log button.
The log file for this zone
appears.
Download this book in PDF (1430 KB)