Re: [zones-discuss] Re: Where is the nice tool.

2006-09-01 Thread Brad Diggs
This message posted from opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org -- - _/_/_/ _/_/ _/ _/ Brad Diggs

[zones-discuss] New Project: The Zone Manager

2006-12-06 Thread Brad Diggs
Hello all, There is a new OpenSolaris project for your enjoyment and contribution called the Zone Manager. The purpose of this project is to simplify Solaris zones creation and management down to a single non-interactive command line tool. The Zone Manager (zonemgr) should enable

Re: [zones-discuss] Mounting /var and /opt as filesystem in container

2006-12-20 Thread Brad Diggs
Detlef, To be specific, do you mean that within the global zone, you have to do the following: 1. Add the zfs filesystem as legacy filesystem. 2. Manually add entry into /etc/vfstab (please provide example as I don't see one anywhere). 3. Mount the zfs filesystem in the global zone. 4.

Re: [zones-discuss] Mounting /var and /opt as filesystem in container

2006-12-21 Thread Brad Diggs
in a zone as local-zone:/zoneshare in zonecfg: add fs set type=lofs set dir=/zoneshare set special=/zoneshare set options=rw I assume you mean 1., but 2. also works. Detlef On 12/20/06 17:25, Brad Diggs wrote: Detlef, To be specific, do you mean that within the global zone, you

Re: [zones-discuss] Unable to create a whole-root zone

2007-01-10 Thread Brad Diggs
Whole root implies that you removed the inherited directories. The default configuration is a sparse root zone. If you want whole root, you need to add the following to your config: remove inherit-pkg-dir dir=/lib remove inherit-pkg-dir dir=/usr remove inherit-pkg-dir dir=/sbin remove

Re: [zones-discuss] Unable to create a whole-root zone

2007-01-11 Thread Brad Diggs
Durga, After reading through the original note, I agree with Neil that there is an inconsistency between zone-one and zone-1. Did you try creating a zone with the zonemgr script that I mentioned? Also, I read through the output of the install log that you sent in your original post. It appears

Re: [zones-discuss] Re: [osol-announce] Zone Manager v1.8 Released...

2007-01-23 Thread Brad Diggs
To mitigate barriers to adoption. Brad On Tue, 2007-01-23 at 11:48 +, Darren J Moffat wrote: Brad Diggs wrote: * Switched from CDDL license to GPLv2. I'm curious why did the license switch to GPLv2 ? ___ zones-discuss mailing list zones

Re: [zones-discuss] Re: [osol-announce] Zone Manager v1.8 Released...

2007-01-23 Thread Brad Diggs
Mostly sun contributors but have also had outside contribution as well. Brad On Tue, 2007-01-23 at 12:53 +0100, [EMAIL PROTECTED] wrote: Brad Diggs wrote: * Switched from CDDL license to GPLv2. I'm curious why did the license switch to GPLv2 ? And noone has contributed any code

Re: [zones-discuss] zonemgr -s syntax

2007-01-23 Thread Brad Diggs
That would be a bug. ;-( Thank you for catching it! I made a change for compatibility and neglected to add back the hardening_args cases for lock and unlock. While addressing that bug I noticed that the compatibility mode with version 1.7 was still not complete for service hardening as well.

Re: [zones-discuss] Re: [osol-announce] Zone Manager v1.8 Released...

2007-01-23 Thread Brad Diggs
I am really glad that you both bring this issue up. I frankly would rather that there be no license at all. After all there is nothing new under the Sun in the Zone Manager. Its just a script that I hope helps make zones management much easier. However I can't open source the Zone Manager

Re: [zones-discuss] Re: zonemgr -s syntax

2007-01-23 Thread Brad Diggs
Jean-Louis, Please find responses in line below... It works now. Thanks, that was fast :-) Glad it is working for you. Sorry that I overlooked it in my QA cycles. A side question. Why are you using bash instead of ksh ? Are there specific bashisms in your script ? FWIW, I changed the

Re: [Fwd: Re: [zones-discuss] Re: zonemgr -s syntax]

2007-01-24 Thread Brad Diggs
That is true. However I usually install the minimized meta cluster with network support and then add zones and requisite packages. That way zone creation is much shorter. I add bash because I like it. ;-) Brad On Wed, 2007-01-24 at 18:34 -0300, Christian Candia wrote: The Real Warren Belfer

Re: [zones-discuss] Netmask conversion fix

2007-01-25 Thread Brad Diggs
James, Honestly when I initially wrote these conversions I had hoped that someone would provide a much simpler way of doing them. I was surprised that there wasn't a standard OS command to do the conversions for you. That being said, your method is absolutely brilliant. Thanks! With respect

Re: [zones-discuss] Netmask conversion fix

2007-01-25 Thread Brad Diggs
.txt Thanks again! Brad On Thu, 2007-01-25 at 22:01 -0600, Brad Diggs wrote: James, Honestly when I initially wrote these conversions I had hoped that someone would provide a much simpler way of doing them. I was surprised that there wasn't a standard OS command to do the conversions

Re: [zones-discuss] New zone, sysidtool:net isn't starting

2007-01-29 Thread Brad Diggs
When using the zone manager you just tack on a -t w to zonemgr to create a whole root zone. The default is a sparse zone or if you want to specify it from the command line its -t s. http://opensolaris.org/os/project/zonemgr/ Brad On Mon, 2007-01-29 at 16:50 -0800, [EMAIL PROTECTED] wrote:

Re: [zones-discuss] New zone, sysidtool:net isn't starting

2007-01-31 Thread Brad Diggs
I recommend that you restrict blastwave bits to the non-global zone. That way you cannot end up with package conflicts between the global zone and non-global zones or between non-global zones. I have made installing Blastwave packages really easy for you via the zonemgr with the -G blastwave_pkg

RE: [zones-discuss] New zone, sysidtool:net isn't starting

2007-02-01 Thread Brad Diggs
That is correct. With the parms you specified, zonemgr will ask you if you are sure yes|no. To automatically answer yes, add a -F. Brad On Wed, 2007-01-31 at 17:04 -0600, Tim Cook wrote: Nice. So to clarify, after a zone is already added, from the global zone I can do: zonemgr -a modify

Re: [zones-discuss] New zone, sysidtool:net isn't starting

2007-02-01 Thread Brad Diggs
Blastwave is fine for installing in the global zone. However, this implies that packages added or updated in the global zone would get applied to ALL non-global zones as well. The only issue comes when say you want to install just mysql in one zone and apache2 in another zone. For this you

Re: [zones-discuss] SSH disconnections during zone creation

2007-02-05 Thread Brad Diggs
Manish, Wee Yeh is correct. The zonemgr doesn't do anything that would cause your ssh to the global zone to disconnect. I test with ssh sessions to my global zone all the time and never encounter that problem. Brad On Tue, 2007-01-30 at 11:25 +0800, Wee Yeh Tan wrote: Manish, I have not

Re: [zones-discuss] Re: guidance for beginner

2007-02-05 Thread Brad Diggs
Hello Tony, The usage that you specified below will place your zone root in /zones/m1. At this point in time there is no storage containment management within zonemgr for the non-global root mount point. (e.g. /zones/m1) If you wish to limit the storage of that mount point to 5GB then you

Re: [zones-discuss] Re: guidance for beginner

2007-02-05 Thread Brad Diggs
in ZFS. Brad Diggs wrote: Hello Tony, The usage that you specified below will place your zone root in /zones/m1. At this point in time there is no storage containment management within zonemgr for the non-global root mount point. (e.g. /zones/m1) If you wish to limit

Re: [zones-discuss] DNS configuration problem in zonemgr

2007-02-06 Thread Brad Diggs
Manish, The problem is that I don't have a bullet proof test yet to determine if the networking parameters provided prior to zone creation will enable netidcfg to be able to talk to the specified name server. The problem is that if you don't get a working network config, netidcfg will require

Re: [zones-discuss] Re: DNS configuration problem in zonemgr

2007-02-06 Thread Brad Diggs
You could also use the source destination copy method -C src_in_global|dst_in_non-global. For example: -C /etc/nsswitch.dns|/etc/nsswitch.conf \ -C /somedir/resolv.conf.myzone|/etc/resolv.conf Brad On Tue, 2007-02-06 at 08:04 -0800, Manish Agrawal wrote: The solution that worked for me

Re: [zones-discuss] Re: Re: guidance for beginner

2007-02-12 Thread Brad Diggs
Hello Tony, The zone type by default is sparse. Thus /usr and other filesystems will be inherited in read-only mode from the global zone. I suspect that all of the SMC* packages that gave errors included pre or post processing scripts that attempted to change permissions of files or directories

Re: [zones-discuss] Recommendations for utilizing global zones

2007-02-14 Thread Brad Diggs
The biggest problem with running a service in the global zone is that if compromised, it may be used to get privileged access to the non-global zones as well. IMHO if you plan to deploy non-global zones you are best off (from a security perspective) to run only the minimum necessary services

Re: [zones-discuss] simple way to limit resources

2007-02-23 Thread Brad Diggs
The current version of the Zone Manager supports CPU processor sets via the -p flag. Here is the usage: -p resource|resource_arg resource can be either cpu or ram. resource_arg is either number of processors or Mb of RAM depending on the resource specified.

Re: [zones-discuss] simple way to limit resources

2007-02-23 Thread Brad Diggs
Ooops, my dyslexia produced a fat finger mistake. I meant build 56 and not build 65. Sorry for that typo. Brad On Fri, 2007-02-23 at 16:04 -0600, Brad Diggs wrote: The current version of the Zone Manager supports CPU processor sets via the -p flag. Here is the usage: -p resource

Re: [zones-discuss] Containers in practice – please advice

2007-03-23 Thread Brad Diggs
If you aren't familiar with zones, you can use the Zone Manager to dive in quickly without having to ramp up on the semantics of zone config syntax. Download, examples, and great overview preso available here: http://opensolaris.org/os/project/zonemgr/ To add a sparse root zone with a single

Re: [zones-discuss] zonemgr1.8.1: /opt/csw/bin/zonemgr: line 3484: [: too many arguments

2007-05-23 Thread Brad Diggs
Manish, Thanks for finding that bug. I have now resolved that bug and a few others. The fixed version is available in v1.8.1 Beta2: http://opensolaris.org/os/project/zonemgr/files/zonemgr-1.8.1.txt Try it out and let me know if you have further issues. Brad On Tue, 2007-05-15 at 20:25

Re: [zones-discuss] netmask notation with zonemgr

2007-10-30 Thread Brad Diggs
Hi, This is a known bug that is fixed in the updated version that I am currently working on. I will forward you a copy separately. Brad On Fri, 2007-10-26 at 08:36 -0400, James Carlson wrote: Kamlakar Patil writes: While creating zones using zonemgr, I specified netmask as 255.255.255.240

Re: [zones-discuss] sysidcfg problem with zones

2007-10-30 Thread Brad Diggs
Sorry for not replying sooner. Are you running Solaris 10 Update 1 by chance? Thanks in advance, Brad On Tue, 2007-10-23 at 19:43 +0530, Kamlakar Patil wrote: Hi All, I am using zonemgr for creating zones on T2000 systems. It is getting stuck at Waiting for first boot tasks to complete

Re: [zones-discuss] Non-interactive zone creation

2007-11-06 Thread Brad Diggs
Thanks Shawn for mentioning the Zone Manager! Just for everyone's info, I have been working a long time now on the next version which I hope to release in beta form soon. The new version incorporates many contributions from ideas of and contributions from the community including resource

Re: [zones-discuss] Want to run same command on all zones

2007-11-10 Thread Brad Diggs
If the action that you want to perform against all zones is to boot or halt, you can use the Zone Manager like so... To halt all zones: zonemgr -a only -n haltall To boot all zones: zonemgr -a only -n bootall Or if you just want to run a command on all non-global zones, you can use the

Re: [zones-discuss] Want to run same command on all zones

2007-11-10 Thread Brad Diggs
uname -a Run uname -a in specific zones: # zonemgr -a runcmd -n zone1 zone3 -X uname -a Run a series of commands in all zones: # zonemgr -a runcmd -n all -X uname; ps -ef | grep syslog Regards, Brad http://opensolaris.org/os/project/zonemgr On Sat, 2007-11-10 at 11:45 -0600, Brad Diggs wrote

Re: [zones-discuss] How can i update mount point en solaris 10 without reboot

2007-11-24 Thread Brad Diggs
Hello Tony, In general for integrity reasons, I believe your are best off to make the change while the zone is offline. In the Zone Manager, I capture the current zone run state, then gracefully shutdown the zone, apply the change and then return the zone to its former zone state. e.g.

Re: [zones-discuss] pool.importance?

2007-12-01 Thread Brad Diggs
Hey Bill, The pool.importance property constraint is a 64-bit integer that designates the relative importance of a pool as defined by the administrator. Think of it as a nice setting for the resource scheduler where values increasingly greater than the default of 1 increase the relative

[zones-discuss] The Zone Manager Blog...

2008-01-08 Thread Brad Diggs
Hello All and Happy New Year, For your benefit I started up a new blog titled (what else but) The Zone Manager. The focus of the blog will be my personal pilgrimage through zones and The Zone Manager open source project. Over the last couple of weeks I have already submitted a couple posts for

[zones-discuss] Zones Automation In The Real World

2008-01-13 Thread Brad Diggs
Hello friends, I am writing you today to seek your help. Please read through my blog by the same subject found at the link below and share with my your real world or even desirable automated provisioning examples using zones.

Re: [zones-discuss] Zones Automation In The Real World

2008-01-16 Thread Brad Diggs
-mail me. If anyone wants to work on any of these use cases, please feel free to get after it and mail me your writeup. ;-) Thanks in advance, Brad On Sun, 2008-01-13 at 09:51 -0600, Brad Diggs wrote: Hello friends, I am writing you today to seek your help. Please read through my blog

[zones-discuss] Zoned MySQL With Secure phpMyAdmin

2008-01-17 Thread Brad Diggs
Hello all, In light of Sun's announcement regarding acquiring MySQL AB, I threw together a simple but powerful use case for implementing a MySQL instance with a secure phpMyAdmin setup using The Zone Manager. You can read all about it in my blog entry below...

[zones-discuss] More Zoned MySQL Fun!!!

2008-01-18 Thread Brad Diggs
Hello again, Here is another working example of how easy it can be to setup and use MySQL for any application in a Solaris zone. In this case, MySQL is the caching and configuration store for RoundCube WebMail. The best part is that you can setup MySQL and RoundCube WebMail in one liner with

[zones-discuss] Boot state completion?

2008-01-23 Thread Brad Diggs
What is the best method to determine when a zone has fully completed booting? In the Zone Manager, I do a process listing waiting until syslogd is running. This can be problematic if syslogd isn't installed in the global zone or is configured by default to not start. zoneadm list -cv is good

[zones-discuss] Usings zones to QA test your software...

2008-02-20 Thread Brad Diggs
Hello all, I just posted a blog on how you can use zones and The Zone Manager to QA test your software. Here is the blog URL: http://www.thezonemanager.com/2008/02/qa-testing-with-zone-manager.html I hope you find it useful. Blessings to you! Brad -- The Zone Manager

[zones-discuss] How to enable a service of a zone that is not running...

2009-09-27 Thread Brad Diggs
I would like to svcadm enable a service of a non-global zone who's state is not 'running'. Is that possible? If so, how? Thanks in advance, Brad Brad Diggs Principal Field Technologist Sun Microsystems, Inc. Phone x52957/+1 972-992-0002 Mail bradley.di...@sun.com Blog http

Re: [zones-discuss] How to enable a service of a zone that is not running...

2009-09-27 Thread Brad Diggs
enable say the smb service which is disabled by default. Brad Brad Diggs Principal Field Technologist Sun Microsystems, Inc. Phone x52957/+1 972-992-0002 Mail bradley.di...@sun.com Blog http://TheZoneManager.com Blog http://BradDiggs.com On Sep 27, 2009, at 6:01 PM, Trevor Pretty wrote

Re: [zones-discuss] How to enable a service of a zone that is not running...

2009-09-29 Thread Brad Diggs
executing the svcadm command. - Bernd Schemmer Thanks again! Brad Brad Diggs Principal Field Technologist Sun Microsystems, Inc. Phone x52957/+1 972-992-0002 Mail bradley.di...@sun.com Blog http://TheZoneManager.com Blog http://BradDiggs.com On Sep 28, 2009, at 1:41 PM, Renaud Manus wrote

[zones-discuss] Zone Manager 2.0.6 Now Available!

2009-10-04 Thread Brad Diggs
://www.thezonemanager.com/2009/10/zonemanager-206-released.html Enjoy! Brad Brad Diggs Principal Field Technologist Sun Microsystems, Inc. Phone x52957/+1 972-992-0002 Mail bradley.di...@sun.com Tech Blog http://TheZoneManager.com Personal Blog http://BradDiggs.com http://www.linkedin.com

Re: [zones-discuss] Zonemgr 2.0.6 docs corrections

2009-10-05 Thread Brad Diggs
Thanks for the update Dennis. All the docs pertain to 1.8.1 from 2-3 years ago. I am in the process of refreshing all of the docs for 2.0.6 and will get those out their as soon as I can. Brad Brad Diggs Principal Field Technologist Sun Microsystems, Inc. Phone x52957/+1 972-992

[zones-discuss] BetaTest: ZoneMgr 2.0.7 Release Candidate 2

2010-06-02 Thread Brad Diggs
Hello,I just released zonemgr 2.0.7 Release Candidate 2. You can download it athttp://dl.thezonemanager.com.Three new features deliver a powerful punch.* Addedmulti-zone support.* Enabled default zone naming in order to remove the requirement of specifying the zone name.* Enabled default

[zones-discuss] ZoneMgr 2.0.7 Released...

2010-06-04 Thread Brad Diggs
Hello All,Thanks again to all of the folks that have contributed bugs, fixes, new code and great ideas for the Zone Managerproject. Today, the final version 2.0.7 is now available atdl.thezonemanager.com. With the release of this version,I have officially deprecated and removed version 1.8.1.

[zones-discuss] ZoneMgr 2.0.7 Released...

2010-06-05 Thread Brad Diggs
Hello All,Thanks again to all of the folks that have contributed bugs, fixes, new code and great ideas for the Zone Managerproject. Today, the final version 2.0.7 is now available atdl.thezonemanager.com. With the release of this version,I have officially deprecated and removed version 1.8.1.

Re: [zones-discuss] ZFS ARC cache issue

2010-06-06 Thread Brad Diggs
ARC andrespective applications to use set amounts such that there is no overlap between them. See the relevantsections from myblog post on filesystem caching strategiesfor more information.Brad Brad Diggs | Principal Security Sales Consultant | +1.972.814.3698OracleNorth America Technology

[zones-discuss] Zone Manager University...

2010-06-11 Thread Brad Diggs
Hello,I apologize in advance those of you that are way past the basics of zones, but this information will hopefully bea useful tool to help your friends and colleagues to more quickly realize the power of Solaris, OpenSolaris andzones.I am putting together a Zone Manager University (a.k.a. ZMU)

Re: [zones-discuss] OHAC :Apache failover between zones

2010-06-27 Thread Brad Diggs
together a howto onmy blogsome time this week.Brad Brad Diggs | Principal Security Sales Consultant | +1.972.814.3698OracleNorth America Technology Organization16000 Dallas Parkway, Dallas, TX 75248eMail:brad.di...@oracle.comTech Blog:http://TheZoneManager.comLinkedIn:http://www.linkedin.com

Re: [zones-discuss] vncserver in a zone?

2010-07-08 Thread Brad Diggs
You can create a non-global zone with vnc server with the following using theZone Manager 2.0.7.1.# echo "your_vncsvr_ip zone0001" /etc/hosts# zonemgr -F -a add -o 'dCount|1' -I "ns|e1000g0|24|all" -G vncserverBe sure to replace e1000g0 with your network interface.BradBrad Diggs | Principal

[zones-discuss] Hard vs. Soft Partitioned Zones

2010-07-30 Thread Brad Diggs
One of the semi-frequent topics that I have dealt with since joining Oracle is how to deal withsoftware licensing in a virtual context. I summarized my findings in the following blog postthat provides pointers to the appropriate Oracle resources on this matter as well as providesa few examples of