[zones-discuss] question about zones
hello, I just got into zones and I have few questions: is there any way to create zone with some additional customizations? here is what I did: # zonecfg -z titan1 titan1: No such zone configured Use 'create' to begin configuring a new zone. zonecfg:titan1 create zonecfg:titan1 set zonepath=/zones/titan1 zonecfg:titan1 set autoboot=true zonecfg:titan1 add net zonecfg:titan1:net set address=192.168.1.82 zonecfg:titan1:net set physical=bge0 zonecfg:titan1:net end zonecfg:titan1 info zonecfg:titan1 verify zonecfg:titan1 commit zonecfg:titan1 exit Ok, so that created my zone. Now I have to login and changethe following: passwd file to point to new root home directory: /root/ add users. change syslog.conf settings make appriopriate changes in /etc/hosts file. make changes to /etc/mail/sendmail.cf is there any way to automate it? I did create only 10 zones and its not to crazy to login to each of them and do all those different config changes etc, but I was wondering if there was any easier way of doing all of them at the creation time by scripts. I did setup scripts to do most of the stuff with zone creation, to allocate resources per zones, and to zreate zfs for each zone with all the settings that I needed but I was wondering if I can automate it even more. Thanks for any help or pointers that you could give to me... Chris ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] question about zones
Hi Krzys, Krzys wrote On 02/05/07 12:39,: hello, I just got into zones and I have few questions: is there any way to create zone with some additional customizations? here is what I did: # zonecfg -z titan1 titan1: No such zone configured Use 'create' to begin configuring a new zone. zonecfg:titan1 create zonecfg:titan1 set zonepath=/zones/titan1 zonecfg:titan1 set autoboot=true zonecfg:titan1 add net zonecfg:titan1:net set address=192.168.1.82 zonecfg:titan1:net set physical=bge0 zonecfg:titan1:net end zonecfg:titan1 info zonecfg:titan1 verify zonecfg:titan1 commit zonecfg:titan1 exit Ok, so that created my zone. Now I have to login and changethe following: passwd file to point to new root home directory: /root/ add users. change syslog.conf settings make appriopriate changes in /etc/hosts file. make changes to /etc/mail/sendmail.cf is there any way to automate it? I did create only 10 zones and its not to crazy to login to each of them and do all those different config changes etc, but I was wondering if there was any easier way of doing all of them at the creation time by scripts. I did setup scripts to do most of the stuff with zone creation, to allocate resources per zones, and to zreate zfs for each zone with all the settings that I needed but I was wondering if I can automate it even more. Cloning in 11/06 and NV copies over a lot of things, including SMF repository, from what I experienced. Your /etc/inet/hosts file will probably still be unique and need to be customized after install/clone, and possibly before first boot. I have a script that does a lot of the sysidcfg stuff, in addition to the sysidcfg file. # cat zoneXcreate.sh #!/bin/sh . ./zoneXlocal.include while [ $I -le $M ] do echo $I \c HOST=`expr ${HOSTBASE} + ${I}` # Configure the zone sed -e s%X%${HOST}%g zoneX${ZONETYPE}.cfg | \ sed -e s%ZONEPATH%${ZONEROOT}%g /tmp/zone${HOST} zonecfg -z zone${HOST} -f /tmp/zone${HOST} rm /tmp/zone${HOST} # Install the zone from a master, if it exists S=`zoneadm -z ${ZONEMASTER} list /dev/null 21` if [ $? -eq 0 ] then zoneadm -z zone${HOST} clone ${ZONEMASTER} else zoneadm -z zone${HOST} install fi # Set configuration information prior to initial boot sed -e s/X/${HOST}/g zoneX.sysidcfg $ZONEROOT/zone${HOST}/root/etc/sysidcfg echo ${NETBASE}.${HOST}/${NETMASKSIZE} \ ${ZONEROOT}/zone${HOST}/root/etc/hostname.vnic${HOST} echo \n${NETBASE}.${HOST} zone${HOST} ${ZONEROOT}/zone${HOST}/root/etc/hosts echo \n${NETBASE}.0 ${NETMASK} ${ZONEROOT}/zone${HOST}/root/etc/netmasks echo $DEFROUTER ${ZONEROOT}/zone${HOST}/root/etc/defaultrouter echo zone${HOST} ${ZONEROOT}/zone${HOST}/root/etc/nodename zoneadm -z zone${HOST} boot I=`expr $I + 1` done echo # cat zoneXlocal.include ### To be customized per host M=4 ; I=1 NETBASE=10.1.14 NETMASK=255.255.255.192 NETMASKSIZE=26 HOSTBASE=150 INTERFACE=e1000g2 MAC=0:3:ba:d8:50 DEFROUTER=10.1.14.129 ZONEROOT=/export/zones ZONEMASTER=zoneX ZONETYPE=exclusive #ZONETYPE=shared Steffen reply-to set to: zones-discuss@opensolaris.org Thanks for any help or pointers that you could give to me... Chris ___ zones-discuss mailing list zones-discuss@opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] question about zones
Krzys wrote: hello, I just got into zones and I have few questions: is there any way to create zone with some additional customizations? here is what I did: # zonecfg -z titan1 titan1: No such zone configured Use 'create' to begin configuring a new zone. zonecfg:titan1 create zonecfg:titan1 set zonepath=/zones/titan1 zonecfg:titan1 set autoboot=true zonecfg:titan1 add net zonecfg:titan1:net set address=192.168.1.82 zonecfg:titan1:net set physical=bge0 zonecfg:titan1:net end zonecfg:titan1 info zonecfg:titan1 verify zonecfg:titan1 commit zonecfg:titan1 exit Ok, so that created my zone. Now I have to login and changethe following: passwd file to point to new root home directory: /root/ add users. change syslog.conf settings make appriopriate changes in /etc/hosts file. make changes to /etc/mail/sendmail.cf Because the global zone has access to the files under zonepath, a script can be run in the global zone which manipulates files in the non-global zone. For example, titan1 has a file called /etc/inet/hosts. The same file can be accessed from the global zone with a different name: /zones/titan1/root/etc/inet/hosts. One precaution: after a zone has been booted for the first time, do not trust the contents of its files. A sufficiently-privileged user of a non-global zone may, accidentally or deceptively, modify a file in the non-global zone. is there any way to automate it? I did create only 10 zones and its not to crazy to login to each of them and do all those different config changes etc, but I was wondering if there was any easier way of doing all of them at the creation time by scripts. I did setup scripts to do most of the stuff with zone creation, to allocate resources per zones, and to zreate zfs for each zone with all the settings that I needed but I was wondering if I can automate it even more. Thanks for any help or pointers that you could give to me... Chris ___ zones-discuss mailing list zones-discuss@opensolaris.org -- -- Jeff VICTOR Sun Microsystemsjeff.victor @ sun.com OS AmbassadorSr. Technical Specialist Solaris 10 Zones FAQ:http://www.opensolaris.org/os/community/zones/faq -- ___ zones-discuss mailing list zones-discuss@opensolaris.org
[zones-discuss] question about zones status check. thanks
Hi experts, This is chunhuan from SC. I have a question to consult you. How can I confirm that the zones (global/non-global) status is ok or not through explorer file gathered by version 5.5 ? The explorer file is at the following site: .../net/cores.central/cores/dir4/10893903 134 % ls -al ... drwxrwxrwx 20 cs162424 staff512 8月 17日 10:21 explorer.842d2e7e.T2000TEST01-2006.08.17.02.16/ Thank you very much. Best Regards chunhuan ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] question about zones status check. thanks
Chun-Huan Freesia Shen wrote: Hi experts, This is chunhuan from SC. I have a question to consult you. How can I confirm that the zones (global/non-global) status is ok or not through explorer file gathered by version 5.5 ? The explorer file is at the following site: .../net/cores.central/cores/dir4/10893903 134 % ls -al ... drwxrwxrwx 20 cs162424 staff512 8月 17日 10:21 explorer.842d2e7e.T2000TEST01-2006.08.17.02.16/ First, there is no ok status for a zone. A zone can be in one of the following states: configured, incomplete installed ready running shutting down down mounted I am not familiar with explorer but I poked around in the directory you specified and I found some zone output under the 'sysconfig' directory. This output shows that there is one non-global zone named 'T2000Z01' and it is in the 'running' state. Jerry ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] question about zones status check. thanks
On 8/17/06, Chun-Huan Freesia Shen [EMAIL PROTECTED] wrote: Hi experts, This is chunhuan from SC. I have a question to consult you. How can I confirm that the zones (global/non-global) status is ok or not through explorer file gathered by version 5.5 ? I would expect that the answer to whether a zone is ok is just as subjective as whether a Solaris 9 installation is ok. Even though its official state of a zone may be running (or a S9 box is in run-level 3) that doesn't mean that someone hasn't removed /dev/null, put in a trojan libc, had file systems that failed to mount, or had services that didn't start. As such, I would argue that (almost) all of the checks that would be done to determine if the global zone on Solaris 10 is ok should also be done in a local zone. That is, look for missing patches, be sure that svcs -x is clean, be sure that ~root/.rhosts doesn't say + +, etc. Mike -- Mike Gerdts http://mgerdts.blogspot.com/ ___ zones-discuss mailing list zones-discuss@opensolaris.org