Home

Solaris-Zones: Linux IT Marbles Get a New Bag

Issue 180

From Issue #180
April 2009

Apr 01, 2009  By Victor Burns
 in
Solaris-Zones provides the ability to run Linux and Solaris on the same machine without all the overhead of full virtualization.

Listing 2. Changing Properties of a Defined Zone

# We determined the network address is incorrect and that it
# needs to be updated and we want a different storage location
g-zone# zonecfg -z red-zone
zonecfg:red-zone> set zonepath=/zpool01/zone/red-zone-x
zonecfg:red-zone> select net address=192.168.1.10
zonecfg:red-zone:net> set address=192.168.2.10
zonecfg:red-zone:net> end
zonecfg:red-zone> exit

# Use zonecfg's "info" sub-command to list the zone's definition
g-zone# zonecfg -z red-zone info
zonename: red-zone
zonepath: /zpool01/zone/red-zone-x
brand: lx
autoboot: false
bootargs:
pool:
limitpriv:
scheduling-class:
ip-type: shared
net:
        address: 192.168.2.10
        physical: e1000g0

# The zone definition can be deleted
g-zone# zoncfg -z red-zone delete -F
Install a Defined Zone

We now have a defined zone. Use the zoneadm command to complete the OS installation into the zone named red-zone. The sub functions of zoneadm are related to the execution status of a zone. The install process of an lx branded zone requires Linux media. The media can be provided in a physical form and loaded into the system's CD-ROM drive, or you can use the “green” method and provide the image as one or more ISO files.

Listing 3. Install a Zone

# List the zone definition (from Listing 1)
g-zone# zonecfg -z red-zone info
zonename: red-zone
zonepath: /zpool01/zones/red-zone
brand: lx
autoboot: false
bootargs:
pool:
limitpriv:
scheduling-class:
ip-type: shared
net:
        address: 192.168.1.10
        physical: e1000g0

# The ISO files:
g-zone# ls /zpool01/rh-media/rhel30-AS-U6/
rhel-3-u6-i386-as-disc1.iso  rhel-3-u6-i386-as-disc3.iso
rhel-3-u6-i386-as-disc2.iso  rhel-3-u6-i386-as-disc4.iso

# Install linux "desktop" distribution
g-zone# zoneadm -z red-zone install -d 
 ↪/zpool01/rh-media/rhel30-AS-U6 desktop
Installing distribution 'Red Hat Enterprise Linux 3 Update 6'...
Installing cluster 'desktop'
Installing miniroot for zone 'red-zone'.
Attempting to locate 30 packages...

Installing 1 miniroot package...

Attempting to locate 29 packages...

Installing 29 miniroot packages...
...
Installation of zone 'red-zone' completed successfully.

Details saved to log file:
    "/zpool01/zones/red-zone/root/var/log/red-zone.install.1119.log"

# Query the zones status (changed to installed)
g-zone# zoneadm list -cv
  ID NAME       STATUS     PATH                     BRAND    IP
   0 global     running    /                        native   shared
   - red-zone   installed  /zpool01/zones/red-zone  lx       shared
Boot the Zone

Once the zone installation is complete, it's time to boot it. Create two shells, and run the commands shown in Listing 4. Connect to the zone console first, then boot the zone in the second shell to get the full console experience (it's very fast, you'll not want to miss it). The example zlogin connects to the zone's console device and configures the escape (exit the zlogin) as the “#.” (pound sign then period) key sequence. This key sequence should be unique and avoid issues that the default sequence of “~.” (tilde then period) can cause when connectivity to the global zone is remote.

Listing 4. Boot a Zone

# Connect to the red-zone console and watch it boot
g-zone(1)# zlogin C -e '#' red-zone

# Boot the red-zone in a second window
g-zone(2)# zoneadm -z red-zone boot

# **** example console output from first window ****
[Connected to zone 'red-zone' console]

[NOTICE: Zone booting up]
INIT: version 2.85 booting
                Welcome to Red Hat Enterprise Linux AS
                Press 'I' to enter interactive startup.
Configuring kernel parameters:  [  OK  ]
Setting clock : Mon Sep 29 20:20:56 EDT 2008 [  OK  ]
Setting hostname red-zone:  [  OK  ]
...
Starting atd: [  OK  ]
Starting firstboot:  [  OK  ]
Rotating KDC list [  OK  ]

Red Hat Enterprise Linux AS release 3 (Taroon Update 6)
Kernel 2.4.21 on an i686

red-zone login:
Login

A non-global zone has nearly the same abilities as the global zone to provide services: login connections are not limited to text or console logins. The use of zlogin with no options (only the zone name) connects to the zone without a console, which creates a tty and invokes login. Any active zone service also can be used, such as XDM, SSH and FTP, to allow other forms of login.

______________________

White Paper
More Resources
Fabric-Based Computing Enables Optimized Hyperscale Data Centers

Today’s modular x86 servers are compute-centric, designed as a least common denominator to support a wide range of IT workloads. Those generic, virtualized IT workloads have much different resource optimization requirements than hyperscale and cloud applications. They have resulted in a “one size fits all” enterprise IT architecture that is not optimized for a specific set of IT workloads, and especially not emerging hyperscale workloads, such as web applications, big data, and object storage. In this report, you will learn how shifting the focus from traditional compute-centric IT architectures to an innovative disaggregated fabric-based architecture can optimize and scale your data center.

Learn More

Sponsored by AMD

White Paper
More Resources
Red Hat White Paper: Using an Open Source Framework to Catch the Bad Guy

Built-in forensics, incident response, and security with Red Hat Enterprise Linux 6

Every security policy provides guidance and requirements for ensuring adequate protection of information and data, as well as high-level technical and administrative security requirements for a system in a given environment. Traditionally, providing security for a system focuses on the confidentiality of the information on it. However, protecting the data integrity and system and data availability is just as important. For example, when processing United States intelligence information, there are three attributes that require protection: confidentiality, integrity, and availability.

Learn more about catching the bad guy in this free white paper.

Learn More

Sponsored by DLT Solutions