Zones
From AdminWiki
Contents |
ZONES - Solaris application containers
Solaris provides isolated environments with the zone facility. Other processes, network interfaces, file systems, devices, and inter-process communications are restricted to prevent interaction for the non-global zones. Containers are zones with an enabled Resource Management.
A very common way to build a zone is a full installation, with own binaries and libraries, and so the possibility for several patch levels. That would need about 3GB free space in your filesystem.
simple zone configuration
# zonecfg -z <zonename> zonecfg:zonename> create -b zonecfg:zonename> set zonepath=<location/directory> zonecfg:zonename> set autoboot=[true|false] zonecfg:zonename> add net zonecfg:zonename:net> set address=<IP[/SM]> zonecfg:zonename:net> set physical=<network device> zonecfg:zonename:net> end zonecfg:zonename> commit zonecfg:zonename> exit # zoneadm -z <zonename> verify # zoneadm -z <zonename> install Preparing to install zone zonename. Creating list of files to copy from the global zone. Copying <118457> files to the zone. ... .. . # zoneadm list -cv ID NAME STATUS PATH 0 global running / - zonename installed /directory # zoneadm -z <zonename> boot # zlogin -C <zonename>
some useful optional settings
inherit directory
during the initial configuration you can add inherit system directories to reduced the size of zones, like /lib /platform /sbin /usr /opt. This directory will be mounted in the zone read only from the global zone.
zonecfg:zonename> add inherit-pkg-dir zonecfg:zonename:inherit-pkg-dir> set dir=<directory> zonecfg:zonename:inherit-pkg-dir> end
zonecfg:zonename> add fs zonecfg:zonename:fs> set dir=<which directory> zonecfg:zonename:fs> set special=<where to?> zonecfg:zonename:fs> set type=lofs zonecfg:zonename:fs> add options [rw,nodevices] zonecfg:zonename:fs> end
own filesystem
zonecfg:zonename> add fs zonecfg:zonename:fs> set dir=<mount point> zonecfg:zonename:fs> set special=<block device> zonecfg:zonename:fs> set raw=<raw device> zonecfg:zonename:fs> set type=<filesystem type> zonecfg:zonename:fs> add options [fs mount option] zonecfg:zonename:fs> end
add a comment
zonecfg:zonename> add attr zonecfg:zonename:attr> set name=comment zonecfg:zonename:attr> set type=string zonecfg:zonename:attr> set value="My comment for this zone" zonecfg:zonename:attr> end
add a resource control
zonecfg:zonename> add rctl zonecfg:zonename:rctl> set name=zone.cpu-shares zonecfg:zonename:rctl> add value (priv=privileged,limit=5,action=none) zonecfg:zonename:rctl> end
associating the zone with a resource pool
zonecfg:zonename> set pool=<poolname>