I've been spending some time researching ideas for how we could upgrade
Solaris 10 once its installed in a solaris10 branded zone on S.next.
We won't need this capability until S10u9 is released, but I want to make
sure we do whatever we need to do now in order to enable this for the future.

I have two possibilities in mind.  Each of these is project level in its
own right, so I assume we will only actually be able to do one of the

1) Make live-upgrade work inside the solaris10 branded zone

    I've been looking at the LU code to try to see what might be involved.
    There is no way we can emulate for this.  We would have to do a project
    in the S10u9 LU code to make it solaris10 branded zone aware and enhance
    the code to make it work for upgrade inside the zone.  There are various
    issues, such as ZFS pool awareness, mnttab parsing, file system mounting,
    grub awareness, etc. which would have to be coded around or changed.  To
    enable this for the future I think we would have to set up the solaris10
    zone now using a ZFS root dataset model similar to what we're doing today
    with the ipkg brand on OpenSolaris.

    a) The zone sysadmin would be in control of the upgrade.
    b) The user would be using a S10 tool to upgrade the zone (even
       though that tool will have been enhanced to be solaris10 zone aware).
    c) The zone admin could use LU ABEs to apply patches to their zone.

    a) We don't know this code.
    b) This is S10-only code that would have be enhanced.
    c) This is closed source so no community involvement.
    d) This is complex, legacy code which is a hairball.
    e) This code is fragile and there might be strong pushback for changing
       it further in S10.
    f) There is no re-use or other benefit to this work.

2) Enhance the zones "update on attach" code to do a real upgrade

    The idea here is that we improve the 'update on attach' code so it can
    use a Solaris 10 CD image as the source of the pkgs instead of the
    global zone.  We would also enhance the code so it uses the full pkg
    list from the CD image instead of just the system software pkgs that
    have to be updated to sync the zone.  The global zone admin would run
    this new code to upgrade specific solaris10 branded zones.  They could
    either upgrade the zone in place or clone the zone and upgrade the clone,
    providing similar functionality to LU.

    a) I think this would be a simpler project.
    b) This code could be easily re-used to provide a true single zone
       "upgrade on attach" feature for a S10 native zone backport - lots of
       people want that.
    c) We know this code.
    d) This code is open source and readily re-usable.

    a) Upgrade would be done by the global zone admin, not the zone admin,
       so the zone admin is no longer the one in control.
    b) Because LU wouldn't work this might cause a perception of
       incompatibility between the solaris10 branded zone and a bare
       metal system.
    c) This doesn't solve the problem of using LU to apply patches to
       an ABE within the zone.

Please send me any comments on preferences for one solution or
the other, as well as any other thoughts on this topic.

zones-discuss mailing list

Reply via email to