[zones-discuss] zone create on sol10u6
Hello, I try to install zone on zfs file system using solaris 10 update 6. I have separate storage pool which is names zone. (mount in /zone). So I type: #zonecfg -z new zonecfg:new create zonecfg:new set zonepath=/zone/new zonecfg:new exit #zoneadm -z new install After that I don't see zone/new filesystems. On Nevada systems I always have separate zfs. In man documentation from zoneadm I read that option -x means that don't use zfs filesystem. Why is this don't working with solaris10u6 ? Regards -- Maciej Browarski ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] zone create on sol10u6
On 12/01/08 13:36, Maciej Browarski wrote: Hello, I try to install zone on zfs file system using solaris 10 update 6. I have separate storage pool which is names zone. (mount in /zone). So I type: #zonecfg -z new zonecfg:new create zonecfg:new set zonepath=/zone/new zonecfg:new exit #zoneadm -z new install After that I don't see zone/new filesystems. On Nevada systems I always have separate zfs. In man documentation from zoneadm I read that option -x means that don't use zfs filesystem. Why is this don't working with solaris10u6 ? Regards Hi Could you clarify what you mean by I don't see zone/new filesystems is it that it's not in zfs list, i.e. how did you create /zone/new to start with. Enda -- Enda O'Connor x19781 Software Product Engineering Patch System Test : Ireland : x19781/353-1-8199718 ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] zone create on sol10u6
No Solaris 10u6 does support zones on zfs, but not as cleanly as nevada, there are some differences, as new features are integrated into nevada, then later they might get backported to soalris updates. Reminds me of the car commercial - the suggested price is blah, nicely appointed for blah + $$. As Enda says, zfs and zones are available, but will be nicely appointed in a future release. the automatic creation of the datasets does not work. use of zfs snapshot and clones when cloning a zone do not work.for LU the zoneroots must be datasets (file systems). On s10u6 you have to create the zonepath yourself, either mkdir or zfs create, setting appropriate permissions too, If the zoneroot is no present, a mkdir will be done for you. and the permissions will be set correctly. this has been that way since u1 or u2 (u1 IIRC). A zfs dataset will not be automatically created like it does in nevada. and if you do create the zoneroot, make sure and set the permissions to 700 like Enda says - this is only done automatically when we mkdir on your behalf. if you do it then you must do it right. zone1 is on ufs. zone2 will be a similar zone on zfs. /dune/zones/s10u6 is already a dataset (file system). this will (should) be live upgradable. # zonecfg -z zone2 create -t zone1 # zonecfg -z zone2 set zonepath=/dune/zones/s10u6/zone2 # zfs create dune/zones/s10u6/zone2 # chmod 700 /dune/zones/s10u6/zone2 # zoneadm -z zone2 install Preparing to install zone zone2. Creating list of files to copy from the global zone. time passes, stuff happens. bob ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] zone create on sol10u6
On 12/01/08 14:09, bob netherton wrote: No Solaris 10u6 does support zones on zfs, but not as cleanly as nevada, there are some differences, as new features are integrated into nevada, then later they might get backported to soalris updates. Reminds me of the car commercial - the suggested price is blah, nicely appointed for blah + $$. As Enda says, zfs and zones are available, but will be nicely appointed in a future release. the automatic creation of the datasets does not work. use of zfs snapshot and clones when cloning a zone do not work.for LU the zoneroots must be datasets (file systems). So just to clarify, the next Lu patch to release ( 121430-30/121431-31, saprc/x86 ) that releases will relax that restriction in terms of upgrade of zones on zfs, basically allowing zones on zfs to live anywhere, ie top level dataset, lower level dataset, or a directory ina dataset ie zfs create zones/zonehome zonecfg : set path=/zones/zonehome/myzone-01 Now the only caveat is that you must also apply this patch to the ABE, prior to booting it, ie apply LU patch 121430-30 to live system run lucreate run luupgrade ( if upgrading from pre u6 ) apply 121430-30 to the new BE using luupgrade -t ( or patchadd -R ) The last step MUST be done prior to luactivate, so even if you are creating a BE for patching ie skipping the luupgrade step, you still need to apply the patch after lucreate and before luactivate. Not doign so can result in not being able to boot back to original BE once new BE is activated. Enda On s10u6 you have to create the zonepath yourself, either mkdir or zfs create, setting appropriate permissions too, If the zoneroot is no present, a mkdir will be done for you. and the permissions will be set correctly. this has been that way since u1 or u2 (u1 IIRC). A zfs dataset will not be automatically created like it does in nevada. and if you do create the zoneroot, make sure and set the permissions to 700 like Enda says - this is only done automatically when we mkdir on your behalf. if you do it then you must do it right. zone1 is on ufs. zone2 will be a similar zone on zfs. /dune/zones/s10u6 is already a dataset (file system). this will (should) be live upgradable. # zonecfg -z zone2 create -t zone1 # zonecfg -z zone2 set zonepath=/dune/zones/s10u6/zone2 # zfs create dune/zones/s10u6/zone2 # chmod 700 /dune/zones/s10u6/zone2 # zoneadm -z zone2 install Preparing to install zone zone2. Creating list of files to copy from the global zone. time passes, stuff happens. bob ___ zones-discuss mailing list zones-discuss@opensolaris.org -- Enda O'Connor x19781 Software Product Engineering Patch System Test : Ireland : x19781/353-1-8199718 ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] zone create on sol10u6
Moin! On 01.12.2008, at 17:36, Enda O'Connor wrote: So just to clarify, the next Lu patch to release ( 121430-30/121431-31, saprc/x86 ) that releases will relax that restriction in terms of upgrade of zones on zfs, basically allowing zones on zfs to live anywhere, ie top level dataset, lower level dataset, or a directory ina dataset ie zfs create zones/zonehome zonecfg : set path=/zones/zonehome/myzone-01 So what are the restrictions? I thought you where able to use zones and LU in update 6. Now creating my own zfs pool or file system in the root pool isn't a problem. But what is the required setup to use in 10u6 to get it live upgradable without the patch? So long -Ralf --- Ralf Weber ___ zones-discuss mailing list zones-discuss@opensolaris.org
[zones-discuss] Any solaris native UI tool/WEB interface available to manage Solaris Containers/Zones?
Hi, Could anybody please let me know whether there are any solaris native tools or web interface available to manage solaris containers? Regards, -Narsimha ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] Any solaris native UI tool/WEB interface available to manage Solaris Containers/Zones?
Hi, Le 1 déc. 08 à 18:24, Challa, Narsimha Reddy (STSD-HYD) a écrit : Could anybody please let me know whether there are any solaris native tools zonecfg and zoneadm ? There's also zonemgr to help. or web interface available to manage solaris containers? Sun xVM something. ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] zone create on sol10u6
Steve Lawrence wrote: Now the only caveat is that you must also apply this patch to the ABE, prior to booting it, ie apply LU patch 121430-30 to live system run lucreate run luupgrade ( if upgrading from pre u6 ) apply 121430-30 to the new BE using luupgrade -t ( or patchadd -R ) The last step MUST be done prior to luactivate, so even if you are creating a BE for patching ie skipping the luupgrade step, you still need to apply the patch after lucreate and before luactivate. Not doign so can result in not being able to boot back to original BE once new BE is activated. Hey Enda, For clarity, once I'm up and running on a BE with u6 + 121430-30, if I create another ABE for the purpose of patching or upgradeing, do I need to re-apply the latest LU patch to it again? Example: (running u5, the decribed scenerio): patchadd 121430-30 lucreate ABE luupgrade ABE u6 (or perhaps patch up to some u6 KU) luupgrade ABE -t 121430-30 luactivate ABE reboot yes above is necessary Now I want to patch to th next KU, or upgrade to U7) (running u6 or some equivalent ku) patchadd latest u6 lu patch lucreate BBE luupgrade BBE to next KU patch (or maybe update to u7) (do I need to add latest lu patch to BBE??) if you upgrade to u7, you would be ok, if you creating an ABE to patch, id would be ok too, as you'd get the patched LU bits. Just upgrading to u6 is the problem, as you'd end up with the old u6 lu bits. Enda luactivate BBE reboot Comments? -Steve L. ___ zones-discuss mailing list zones-discuss@opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] zone create on sol10u6
On Mon, Dec 01, 2008 at 02:36:08PM +0100, Maciej Browarski wrote: Hello, I try to install zone on zfs file system using solaris 10 update 6. I have separate storage pool which is names zone. (mount in /zone). So I type: #zonecfg -z new zonecfg:new create zonecfg:new set zonepath=/zone/new zonecfg:new exit #zoneadm -z new install After that I don't see zone/new filesystems. On Nevada systems I always have separate zfs. In man documentation from zoneadm I read that option -x means that don't use zfs filesystem. Why is this don't working with solaris10u6 ? currently only nevada creates a new zfs filesystem for zones (assuming that the parent directory is a zfs filesystem). this functionality is currently planned to be included in s10u7. (it's covered via the following bugids: 6383119 and 6716853.) ed ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] Any solaris native UI tool/WEB interface available to manage Solaris Containers/Zones?
Currently Sun Management Center 4.0's Container Manager module is what Sun has in terms of a web UI interface for zones. I believe there are webadmin plugins out in the outsource land as well. SunMC allows you to discover, build, destroy, allocate resources, trend utilization, move, migration over HTTP, etc. Anyone can download and use SunMC 4.0 for free in production or elsewhere for as long as they want. Should you require support or assistance from Sun we asked they you purchase a support license and right to use license at that time. http://www.sun.com/software/products/sunmanagementcenter/get.html Sun will re-instrument these features and add more in xVM Ops Center 2.x during the first half of 2009. Thanks, Mike Challa, Narsimha Reddy (STSD-HYD) wrote: Hi, Could anybody please let me know whether there are any solaris native tools or web interface available to manage solaris containers? Regards, -Narsimha ___ zones-discuss mailing list zones-discuss@opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] DVD/CD burning in a Non Global Zone
thanks for the info. i've saved a copy of this discussion in 4964815. ed On Fri, Nov 28, 2008 at 01:29:27PM +0100, Joerg Schilling wrote: Edward Pilatowicz [EMAIL PROTECTED] wrote: i don't know how linus differentiates between good and bad scsi commands, but from a zones perspective, if a zone has access to a cdrom device on a SCSI bus, then cdrecord should be able to send any SCSI command that it wants to that device (including vendor specific commands). but cdrecord should be prevented from sending any SCSI commands that access other devices on the same bus. ideally, it should also be prevented from abusing commands that could reset or hang the entire bus, but this needs more investigation. This sounds reasonable. As you are able to delegate drives, you should be able to delegate the permission to send any SCSI command to them as well. Any SCSI command _may_ hang the SCSI bus under some conditions. But similar things may happen with the whole machine. You should know that A program that is able to send random SCSI commands to a target usually is able to replace the firmware. If you like to prevent this, you just should not give this permission into a zone. BTW: There are target device resets and there are bus device resets. i'm not familiar enough with SCSI commands to know how feasible it would be to implement such a filter. if it's not technically possible, then the second option is to require that a zone be given access to all the devices on a scsi bus before we allow it to issue SCSI commands to that bus. Sending a bus device reset is not a SCSI command. There is a reset line in the bus. Sending a taarget reset is done via a SCSI message that is usually not directly sendable from user space. Jörg -- EMail:[EMAIL PROTECTED] (home) Jörg Schilling D-13353 Berlin [EMAIL PROTECTED](uni) [EMAIL PROTECTED] (work) Blog: http://schily.blogspot.com/ URL: http://cdrecord.berlios.de/private/ ftp://ftp.berlios.de/pub/schily ___ zones-discuss mailing list zones-discuss@opensolaris.org
