[zones-discuss] question about zones

2007-02-05 Thread Krzys 

hello, I just got into zones and I have few questions:

is there any way to create zone with some additional customizations?

here is what I did:
# zonecfg -z titan1
titan1: No such zone configured
Use 'create' to begin configuring a new zone.
zonecfg:titan1 create
zonecfg:titan1 set zonepath=/zones/titan1
zonecfg:titan1 set autoboot=true
zonecfg:titan1 add net
zonecfg:titan1:net set address=192.168.1.82
zonecfg:titan1:net set physical=bge0
zonecfg:titan1:net end
zonecfg:titan1 info
zonecfg:titan1 verify
zonecfg:titan1 commit
zonecfg:titan1 exit


Ok, so that created my zone. Now I have to login and changethe following:
passwd file to point to new root home directory: /root/
add users.
change syslog.conf settings
make appriopriate changes in /etc/hosts file.
make changes to /etc/mail/sendmail.cf

is there any way to automate it? I did create only 10 zones and its not to crazy 
to login to each of them and do all those different config changes etc, but I 
was wondering if there was any easier way of doing all of them at the creation 
time by scripts. I did setup scripts to do most of the stuff with zone creation, 
to allocate resources per zones, and to zreate zfs for each zone with all the 
settings that I needed but I was wondering if I can automate it even more.


Thanks for any help or pointers that you could give to me...

Chris

___
zones-discuss mailing list
zones-discuss@opensolaris.org

Re: [zones-discuss] question about zones

2007-02-05 Thread Steffen Weiberle 

Hi Krzys,

Krzys wrote On 02/05/07 12:39,:

hello, I just got into zones and I have few questions:

is there any way to create zone with some additional customizations?

here is what I did:
# zonecfg -z titan1
titan1: No such zone configured
Use 'create' to begin configuring a new zone.
zonecfg:titan1 create
zonecfg:titan1 set zonepath=/zones/titan1
zonecfg:titan1 set autoboot=true
zonecfg:titan1 add net
zonecfg:titan1:net set address=192.168.1.82
zonecfg:titan1:net set physical=bge0
zonecfg:titan1:net end
zonecfg:titan1 info
zonecfg:titan1 verify
zonecfg:titan1 commit
zonecfg:titan1 exit


Ok, so that created my zone. Now I have to login and changethe following:
passwd file to point to new root home directory: /root/
add users.
change syslog.conf settings
make appriopriate changes in /etc/hosts file.
make changes to /etc/mail/sendmail.cf

is there any way to automate it? I did create only 10 zones and its not 
to crazy to login to each of them and do all those different config 
changes etc, but I was wondering if there was any easier way of doing 
all of them at the creation time by scripts. I did setup scripts to do 
most of the stuff with zone creation, to allocate resources per zones, 
and to zreate zfs for each zone with all the settings that I needed but 
I was wondering if I can automate it even more.


Cloning in 11/06 and NV copies over a lot of things, including SMF repository, from what I 
experienced. Your /etc/inet/hosts file will probably still be unique and need to be customized after 
install/clone, and possibly before first boot. I have a script that does a lot of the sysidcfg 
stuff, in addition to the sysidcfg file.


# cat zoneXcreate.sh
#!/bin/sh

. ./zoneXlocal.include

while [ $I -le $M ]
do
   echo $I \c

   HOST=`expr ${HOSTBASE} + ${I}`

   # Configure the zone
   sed -e s%X%${HOST}%g zoneX${ZONETYPE}.cfg | \
  sed -e s%ZONEPATH%${ZONEROOT}%g  /tmp/zone${HOST}
   zonecfg -z zone${HOST} -f /tmp/zone${HOST}
   rm /tmp/zone${HOST}

   # Install the zone from a master, if it exists
   S=`zoneadm -z ${ZONEMASTER} list  /dev/null 21`
   if [ $? -eq 0 ]
   then
  zoneadm -z zone${HOST} clone ${ZONEMASTER}
   else
  zoneadm -z zone${HOST} install
   fi

   # Set configuration information prior to initial boot
   sed -e s/X/${HOST}/g zoneX.sysidcfg  
$ZONEROOT/zone${HOST}/root/etc/sysidcfg
   echo ${NETBASE}.${HOST}/${NETMASKSIZE}  \
  ${ZONEROOT}/zone${HOST}/root/etc/hostname.vnic${HOST}
   echo \n${NETBASE}.${HOST}   zone${HOST}  
${ZONEROOT}/zone${HOST}/root/etc/hosts
   echo \n${NETBASE}.0 ${NETMASK}  ${ZONEROOT}/zone${HOST}/root/etc/netmasks
   echo $DEFROUTER  ${ZONEROOT}/zone${HOST}/root/etc/defaultrouter
   echo zone${HOST}  ${ZONEROOT}/zone${HOST}/root/etc/nodename

   zoneadm -z zone${HOST} boot

   I=`expr $I + 1`

done
echo

# cat zoneXlocal.include
### To be customized per host

M=4 ; I=1

NETBASE=10.1.14
NETMASK=255.255.255.192
NETMASKSIZE=26
HOSTBASE=150
INTERFACE=e1000g2
MAC=0:3:ba:d8:50
DEFROUTER=10.1.14.129

ZONEROOT=/export/zones
ZONEMASTER=zoneX
ZONETYPE=exclusive
#ZONETYPE=shared


Steffen

reply-to set to: zones-discuss@opensolaris.org



Thanks for any help or pointers that you could give to me...

Chris

___
zones-discuss mailing list
zones-discuss@opensolaris.org

___
zones-discuss mailing list
zones-discuss@opensolaris.org

Re: [zones-discuss] question about zones

2007-02-05 Thread Jeff Victor 

Krzys wrote:

hello, I just got into zones and I have few questions:

is there any way to create zone with some additional customizations?

here is what I did:
# zonecfg -z titan1
titan1: No such zone configured
Use 'create' to begin configuring a new zone.
zonecfg:titan1 create
zonecfg:titan1 set zonepath=/zones/titan1
zonecfg:titan1 set autoboot=true
zonecfg:titan1 add net
zonecfg:titan1:net set address=192.168.1.82
zonecfg:titan1:net set physical=bge0
zonecfg:titan1:net end
zonecfg:titan1 info
zonecfg:titan1 verify
zonecfg:titan1 commit
zonecfg:titan1 exit


Ok, so that created my zone. Now I have to login and changethe following:
passwd file to point to new root home directory: /root/
add users.
change syslog.conf settings
make appriopriate changes in /etc/hosts file.
make changes to /etc/mail/sendmail.cf


Because the global zone has access to the files under zonepath, a script can 
be run in the global zone which manipulates files in the non-global zone.


For example, titan1 has a file called /etc/inet/hosts. The same file can be 
accessed from the global zone with a different name: 
/zones/titan1/root/etc/inet/hosts.


One precaution: after a zone has been booted for the first time, do not trust 
the contents of its files.  A sufficiently-privileged user of a non-global 
zone may, accidentally or deceptively, modify a file in the non-global zone.



is there any way to automate it? I did create only 10 zones and its not 
to crazy to login to each of them and do all those different config 
changes etc, but I was wondering if there was any easier way of doing 
all of them at the creation time by scripts. I did setup scripts to do 
most of the stuff with zone creation, to allocate resources per zones, 
and to zreate zfs for each zone with all the settings that I needed but 
I was wondering if I can automate it even more.


Thanks for any help or pointers that you could give to me...

Chris

___
zones-discuss mailing list
zones-discuss@opensolaris.org


--
--
Jeff VICTOR  Sun Microsystemsjeff.victor @ sun.com
OS AmbassadorSr. Technical Specialist
Solaris 10 Zones FAQ:http://www.opensolaris.org/os/community/zones/faq
--
___
zones-discuss mailing list
zones-discuss@opensolaris.org

[zones-discuss] question about zones status check. thanks

2006-08-17 Thread Chun-Huan Freesia Shen 
Hi experts,

This is chunhuan from SC.
I have a question to consult you.
How can I confirm that the zones (global/non-global) status is ok or not
through explorer file gathered by version 5.5 ?

The explorer file is at the following site:

.../net/cores.central/cores/dir4/10893903 134 % ls -al
...
drwxrwxrwx  20 cs162424 staff512  8月 17日  10:21
explorer.842d2e7e.T2000TEST01-2006.08.17.02.16/

Thank you very much.
Best Regards
chunhuan
___
zones-discuss mailing list
zones-discuss@opensolaris.org

Re: [zones-discuss] question about zones status check. thanks

2006-08-17 Thread Jerry Jelinek 
Chun-Huan Freesia Shen wrote:
 Hi experts,
 
 This is chunhuan from SC.
 I have a question to consult you.
 How can I confirm that the zones (global/non-global) status is ok or not
 through explorer file gathered by version 5.5 ?
 
 The explorer file is at the following site:
 
 .../net/cores.central/cores/dir4/10893903 134 % ls -al
 ...
 drwxrwxrwx  20 cs162424 staff512  8月 17日  10:21
 explorer.842d2e7e.T2000TEST01-2006.08.17.02.16/

First, there is no ok status for a zone.  A zone can be
in one of the following states:
configured,
incomplete
installed
ready
running
shutting down
down
mounted

I am not familiar with explorer but I poked around in the
directory you specified and I found some zone output under
the 'sysconfig' directory.  This output shows that there is
one non-global zone named 'T2000Z01' and it is in the 'running'
state.

Jerry
___
zones-discuss mailing list
zones-discuss@opensolaris.org

Re: [zones-discuss] question about zones status check. thanks

2006-08-17 Thread Mike Gerdts 

On 8/17/06, Chun-Huan Freesia Shen [EMAIL PROTECTED] wrote:

Hi experts,

This is chunhuan from SC.
I have a question to consult you.
How can I confirm that the zones (global/non-global) status is ok or not
through explorer file gathered by version 5.5 ?


I would expect that the answer to whether a zone is ok is just as
subjective as whether a Solaris 9 installation is ok.  Even though
its official state of a zone may be running (or a S9 box is in
run-level 3) that doesn't mean that someone hasn't removed /dev/null,
put in a trojan libc, had file systems that failed to mount, or had
services that didn't start.

As such, I would argue that (almost) all of the checks that would be
done to determine if the global zone on Solaris 10 is ok should also
be done in a local zone.  That is, look for missing patches, be sure
that svcs -x is clean, be sure that ~root/.rhosts doesn't say + +,
etc.

Mike

--
Mike Gerdts
http://mgerdts.blogspot.com/
___
zones-discuss mailing list
zones-discuss@opensolaris.org