Sun MicrosystemsメーカーSOLARIS 10の使用説明書/サービス説明書
ページ先へ移動 of 121
Functio nalitie s Use Cases Best Practices Cookbooks Solari s 10 Container Guide - Funct iona lity status up to Solar is 10 10/ 09 and OpenS ola ris 20 09.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 Effect ive: 3 0/11/ 200 9 Table of content s Disclaimer ................................................................................................................................. ... ... .... .
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 Effect ive: 3 0/11/ 200 9 4.1.5. 1. Softw are install ati on by the glob al zone – u sage in all zones ............. ....................... ...................... .............36 4.1.5. 2. Softw are install ati on by the glob al zone – us age in a loc al zone .
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 Effect ive: 3 0/11/ 200 9 4.5. Management and monitoring .................................................................................................... .... ... .55 4.5.1. Using boot arguments in zones .
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 Effect ive: 3 0/11/ 200 9 5.2. Network .......................................................................................................................... .... ... ... .... ... .81 5.2.1. Change network configuration for shared IP instan ces .
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 Disclai mer Effect ive: 3 0/11/ 200 9 Disclaimer Sun Microsyst ems GmbH does not o ffer any guarantee regarding the completeness and accuracy of the information and examples contained in this document.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 Disclai mer Effect ive: 3 0/11/ 200 9 Versio n Conten ts Who Drawin gs 1 - 6 a s an imag e Detlef Drew anz 1.2 06/1 1/20 06 Gene ral chapt er vir tualiz ation Addi tio nal netw ork exam ples Detlef Drew anz, Ul rich Gräf 1.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 1. Introd ucti on Effect ive: 3 0/11/ 200 9 1. Intr oductio n [dd/ug] This guide is about Solaris Containers, h ow the y work and how to use them. Although the original guide was developed in german [ 25 ], starting with version 3.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 2. Functi onal ity Effec tive: 30/ 11/ 2009 2. F unctiona lity 2.1. Solaris Conta iners a nd Solaris Zones 2.1.1. Overview [ug] Solaris Zones is the term for a virtuali zed execution environment – a virtualization at the operating system level (in contrast to HW virtualization).
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 2. Functi onal ity Effec tive: 30/ 11/ 2009 Thus, a local zone is a Solaris environment that is separated from other zones and can be used indepen dently.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 2. Functi onal ity Effec tive: 30/ 11/ 2009 2.1.2. Zones and softwar e instal lation [dd] The respective requirements on local zones determine the manner in which softwa re is installe d in zones. There are two ways of supplying sof tware in zones: 1.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 2. Functi onal ity Effec tive: 30/ 11/ 2009 2.1.5. Zones and resource ma nagement [ug] In S olaris 9 , resource management was introduced on the b asis of projects, ta sks and resource pools. In Solaris 10, resource management can be appli ed to zones a s well.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 2. Functi onal ity Effec tive: 30/ 11/ 2009 2.1.5.2. Memory resource management [ug] In Solaris 10 (in an update of Solaris 9 as well), main memory consumption can be limited at the level of zones, projects and processes.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 2. Functi onal ity Effec tive: 30/ 11/ 2009 2.1.7. Zones and hig h availabil ity [tf/du /hs] In the presence of all RAS capabilities, a zone has only the availabil ity of a computer and it decreases with the number of components o f the machine (MTBF).
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 2. Functi onal ity Effec tive: 30/ 11/ 2009 2.1.9. Solaris contai ner cl uster (aka "zone c luster") [hs] In autumn 2008, within the scope o f the O pen HA Cluster Project, zone clusters were announced.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 2. Functi onal ity Effec tive: 30/ 11/ 2009 2.2. Virtualiza tion tech nolog ies compare d [ug] Conve ntional data center technologies inclu de • A.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 2. Functi onal ity Effec tive: 30/ 11/ 2009 2.2.1. Domains/p hysica l partiti ons [ug] A computer can be partitioned by configuration into sub-computers (domain, partition). Domains are almost completely physically separated since electrical connections are turn ed off .
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 2. Functi onal ity Effec tive: 30/ 11/ 2009 2.2.2. Logic al partition s [ug] A minimal ope rating syste m cal led t he hypervisor, that virtualiz es the interface b etween the hardware and the OS o f a computer, runs on the computer's hardware.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 2. Functi onal ity Effec tive: 30/ 11/ 2009 2.2.3. Container s (Sola ris zone s) in an OS [ug] In an operating system installation, execution environments for applic ations and services are created that are independent o f each other.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 2. Functi onal ity Effec tive: 30/ 11/ 2009 2.2.4. Consoli dati on i n o ne comp uter [ug] The applications are installed on a computer and used under different userid. This is the type of consolid ation feasible with modern operating systems.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 2. Functi onal ity Effec tive: 30/ 11/ 2009 2.2.5. Summary of virtual izatio n technol ogie s [ug] The virtualization technologies discussed above can be summarized in the following table – compared to installation on a separate computer.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 2. Functi onal ity Effec tive: 30/ 11/ 2009 15 Figur e 6 : [dd] Com pari son of vi rtuali zat ion techno logi es HW OS App Lo gical virtuali sation .
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 3. Use Cases Effect ive: 3 0/11/ 200 9 3. Use C ases The following chapter discusses a variety of use cases for Solaris Containers and evaluates the m.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 3. Use Cases Effect ive: 3 0/11/ 200 9 3.2. Small web servers Requirement [ug] One of the following situations exists: • An I nternet Service Provider (ISP) would like to have the option to set up web servers automatically, without additional costs.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 3. Use Cases Effect ive: 3 0/11/ 200 9 3.3. Mu lti- network consolid atio n Requirement [dd] A company uses several different networks that are separated either by f irewalls or by routers. Applications are run in th e individ ual networks.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 3. Use Cases Effect ive: 3 0/11/ 200 9 3.4. Mu lti- network monitoring Requirement [dd] A company has several different networks that are separated into several levels either by firewalls or by routers.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 3. Use Cases Effect ive: 3 0/11/ 200 9 3.5. Mu lti- network backup Requirement [dd] A company has several different networks that are separated in different stages either by firewalls or by route rs.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 3. Use Cases Effect ive: 3 0/11/ 200 9 3.6. Con solidat ion dev elopment/ test/i nte gration /pro ducti on Requirement [ug] Usually, further systems.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 3. Use Cases Effect ive: 3 0/11/ 200 9 3.7. Con solidat ion of test systems Requirement [ug] To t est software and applications, there are many test systems in the data center environment that are only ever used for tests.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 3. Use Cases Effect ive: 3 0/11/ 200 9 3.8. Train ing systems Requirements [ug] In training departments, computers t hat are provi ded for training participants (i ncluding pupils/students) must frequently be reset.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 3. Use Cases Effect ive: 3 0/11/ 200 9 3.9. Server conso lidati on Requirement [ug] In a data center, several applications run whose workload is to o low (oft en much less than 50%). The computers themselves usually require a lot of electricity, cooling and space.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 3. Use Cases Effect ive: 3 0/11/ 200 9 3.10. Confide ntial ity of da ta an d pr ocesses Requirement [ug] In the data center, applicat ions are running on different computers because • Certain d epartments want to be certain that data and processes are not seen by other departments.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 3. Use Cases Effect ive: 3 0/11/ 200 9 3.11. Test systems f or develop ers Requirement [ug] Developers need test systems to test their application. Frequently, the interaction of several computers must be tested as well.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 3. Use Cases Effect ive: 3 0/11/ 200 9 3.12. Solaris 8 a nd Solaris 9 cont ainers for deve lopment Requirement [ug] There are still system s running.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 3. Use Cases Effect ive: 3 0/11/ 200 9 3.13. Solaris 8 a nd Solaris 9 cont ainers as revision sys tems Requirement [ug] For legal reasons or due to revision requests, it is necessary to have certain sys tems available for years under Solaris 8 or Solaris 9 .
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 3. Use Cases Effect ive: 3 0/11/ 200 9 3.14. Hosting f or several compa nies on one computer Requirement [ug] An application service provider operates systems for a variety of companies. The systems are underutilize d.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 3. Use Cases Effect ive: 3 0/11/ 200 9 3.15. SAP portals i n Solaris c ontaine rs Requirement [da] The operation of SA P syste m environments is becoming more complex.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 3. Use Cases Effect ive: 3 0/11/ 200 9 3.16. Upgrade- and Patch- managemen t in a virtual environme nt Requirement [da] Virtualization by means of Solaris Containers allows the application to be disengaged fro m the hardware.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 3. Use Cases Effect ive: 3 0/11/ 200 9 3.17. "Flying zo nes" – Service-oriented Solaris server infrastructure Requirement [os] A highl y.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 3. Use Cases Effect ive: 3 0/11/ 200 9 3.18. Solaris Con tainer Cluster (aka "zone clus ter") Requirement [hs] • In a virtualized environment b ased on Solaris containers, the administrator of a zone should also be able to administer t he cluster part of the application in the zone.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 4. Best Prac tices Effec tive: 30/ 11/ 2009 4. Best P ractices The f ollowi ng c hapter d escribes concepts for the implementation of arc hitectures with Solaris containers.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 4. Best Prac tices Effec tive: 30/ 11/ 2009 4.1.3. Comparison between sparse-root zones and whol e-ro ot zones [dd] From the considerations listed above, a comparison can be drawn between sparse-root zones and whole-ro ot zones.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 4. Best Prac tices Effec tive: 30/ 11/ 2009 4.1.5. Software installa tions in Solaris and zones [dd] Th e zones' directory structure is determined mainly f rom the need to install softwa re with special needs in this area.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 4. Best Prac tices Effec tive: 30/ 11/ 2009 4.1.5.3. Software instal lation by the glo bal zon e – usage in the glo bal zone • non-pkg software − Software A is installed by the global zone e .g.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 4. Best Prac tices Effec tive: 30/ 11/ 2009 4.1.6. Storage concepts 4.1.6.1. Storage for the ro ot fil e system of the local zones [ug] It is usually sufficient fo r several zones to share a file sys tem.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 4. Best Prac tices Effec tive: 30/ 11/ 2009 4.1.6.4. Root disk layout [dd] Depending on availabil ity requirements, root disks within a syst em a re mirrored via internal disks or made available through a variety of controllers and external storage devices.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 4. Best Prac tices Effec tive: 30/ 11/ 2009 4.1.6.6. Opti ons for using ZFS in loca l zo nes [hes] Dependi ng on t he manner of configuration o f ZF S in zones, the re are different application options for ZFS in zones.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 4. Best Prac tices Effec tive: 30/ 11/ 2009 4.1.7. Network concepts 4.1.7.1. Intro ducti on i nto network s and zones [dd] A network address is not mandatory when configuring a zone. However, services within a zone can only be reached from the outside th rough t he network.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 4. Best Prac tices Effec tive: 30/ 11/ 2009 4.1.7.4. Exclusive IP instance [dd] With exclusive IP instances, an almost co mplete separation of t he network stacks between zones is achieved (from Solaris 10 8/07).
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 4. Best Prac tices Effec tive: 30/ 11/ 2009 4.1.7.6. Zones an d lim itation s in the net work [dd] Zones have different limitations related to network configurations. The following table shows the differences separated by zone type and IP inst ance type.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 4. Best Prac tices Effec tive: 30/ 11/ 2009 4.1.8. Additi onal de vices in zones 4.1.8.1. Config urati on of devices [ug] In principle, a loc al zone uses no physical devices. To use network interfaces exclusively in one zone, the zone has to be configured as an exclusive IP zone ( 4.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 4. Best Prac tices Effec tive: 30/ 11/ 2009 4.1.9. Separate name s ervices in zones [ug] Name services i nclude among other things the hosts database and the userids ( passwd , shadow ) and are configured with the file /etc/nsswitch.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 4. Best Prac tices Effec tive: 30/ 11/ 2009 4.2. Paradigms Paradigms are design rules for the construction of zones. Dependin g on the a pplic ation, a decision must be made which one of them should be applied.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 4. Best Prac tices Effec tive: 30/ 11/ 2009 4.2.3. One appli cation per zone [ug] Another paradigm is to always install one applicati on per zone.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 4. Best Prac tices Effec tive: 30/ 11/ 2009 administrator. With the software products described her e, the r equirements with r espect to visualiz ation and flexibiliz ation of containers right up to disaster recovery concepts can be covered completely.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 4. Best Prac tices Effec tive: 30/ 11/ 2009 4.2.5. Solaris Contai ner Clus ter [hs] One of the essential properties of containers is the possibil ity to delegate ad mini strative ta sks to the administrator or the user of one or more containers.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 4. Best Prac tices Effec tive: 30/ 11/ 2009 4.3. Con figurati on and administrat ion 4.3.1. Manual con figurat ion o f zone s wi th zonecf g [ug] The command zonecfg is used to configure a zone; see the example in the Cookbook.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 4. Best Prac tices Effec tive: 30/ 11/ 2009 As a g ener al rule, so me guidelin es are specified locally, for example: • Which file syste ms a re to be inherited from the global zone ( in herit- pkg-dir ).
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 4. Best Prac tices Effec tive: 30/ 11/ 2009 4.4. Lifec ycle management 4.4.1. Patching a system with l ocal zones [dd/ug] In a Solaris system with native zones, the local zones always have the same patch status as in the global zone.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 4. Best Prac tices Effec tive: 30/ 11/ 2009 4.4.3. Patching with up grade server [ug] A zone is transported from the production computer to a so-called upgrade server ( zoneadm detach and zoneadm attach ) that has the same ve rsion as the p roducti on server.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 4. Best Prac tices Effec tive: 30/ 11/ 2009 4.4.6. Re-installa tion a nd service prov isioni ng instead of patching [dd] Patching of zones can fo rce zones into single user mode, when syst em patches are applied .
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 4. Best Prac tices Effec tive: 30/ 11/ 2009 4.4.8. Backup of zo nes w ith ZFS [ug] Starting with Solaris 10 10/08, zones o n ZFS are off icially supported. This considerably simplifies the backup of zones.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 4. Best Prac tices Effec tive: 30/ 11/ 2009 4.5.2. Consoli dati ng l og informa tion of zones [dd] The use of zones as a runtime enviro nment for services leads to an increase in the number of operating system environments that are part of an architecture.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 4. Best Prac tices Effec tive: 30/ 11/ 2009 4.5.6. DTrace of processes with in a zone [dd/ug] DTrace can be used t o examine processes in zones. To do so, DTrace scripts can be extended by the variable zonename in order to e .
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 4. Best Prac tices Effec tive: 30/ 11/ 2009 4.6. Resour ce manageme nt 4.6.1. Types of resource management [dd] There are 3 differen t types of resource management in all: • Fair resources: Here, all resources are distributed fairly among all requesters and according to the defined rules.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 4. Best Prac tices Effec tive: 30/ 11/ 2009 4.6.2.3. Fair share schedule r (FSS ) [ug] When multiple zones are running in one resource pool, then the distribution of CPU time among these zones is configurable.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 4. Best Prac tices Effec tive: 30/ 11/ 2009 4.6.3. Limiti ng memory resources [ug] Memory usage by zones is calculated almost exactly (since Solaris 1 0 8/07). This is done in the followi ng way: First , th e set of all memory segments o f the processes in the zone is dete rmined.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 4. Best Prac tices Effec tive: 30/ 11/ 2009 4.6.3.4. Limit ing locked memory [ug] Real time programs and databases can establish the locking of virtual memory pages in the ma in memory. To d o so, the programs require the privile ge ( proc_lock_memory ) which must be configured for the zone.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 4. Best Prac tices Effec tive: 30/ 11/ 2009 4.7. Solaris contain er navi gator [dd] The followin g segment n avigates t hrough the considerations required prior to the application o f Solaris containers.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 4. Best Prac tices Effec tive: 30/ 11/ 2009 63 Figur e 2 9: [dd] Self- qual ificat ion of an applic atio n i n a contai ner A-3: Self-qualification .
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 4. Best Prac tices Effec tive: 30/ 11/ 2009 64 Figur e 3 0: [dd] Determ ini ng the config urat ion of a co ntaine r B: Determining the c onfiguratio.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 5. Cookboo ks Effect ive: 3 0/11/ 200 9 5. Coo kbooks The Cookbooks chapter demonstrates t he implementation of conceptional Best Practice s with concrete examples. 5.1. Ins tallatio n and configu ratio n 5.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 5. Cookboo ks Effect ive: 3 0/11/ 200 9 5.1.2. Special commands for zones [dd/ug] The creation and usage of zones in Solaris 10 is done by the follo.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 5. Cookboo ks Effect ive: 3 0/11/ 200 9 The following commands allow information to be displayed dependi ng on the zones: Command Descriptio n df(1M.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 5. Cookboo ks Effect ive: 3 0/11/ 200 9 5.1.3. Root disk layout [dd] Th e following table gives an example for a root disk la yout of a system with a local zone.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 5. Cookboo ks Effect ive: 3 0/11/ 200 9 5.1.4. Config urin g a sparse roo t zone: required Actions [dd] To change a sparse root zone into a whole root zone it is necessary to re-install th e zone a fter change of the configuration.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 5. Cookboo ks Effect ive: 3 0/11/ 200 9 5.1.5. Config urin g a wh ole root zone : req uired Actions [dd] Wh ole root zones do not contai n inherit-pkg-dir a nd are generated with zonecfg create from the default file /etc/zone/SUNWdefault.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 5. Cookboo ks Effect ive: 3 0/11/ 200 9 5.1.6. Zone instal latio n [dd] Before using a zone for the first time it must be installed according to your configuration. Th e installation time varies depending on whether a sparse-root zone or a whole-ro ot zone is installed.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 5. Cookboo ks Effect ive: 3 0/11/ 200 9 5.1.8. Uninstal ling a zone [dd] Insta lled zones a re u ninstall ed by zoneadm -z <zone> uninstall .
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 5. Cookboo ks Effect ive: 3 0/11/ 200 9 5.1.10. Configu ration and installa tion o f a Solaris 8/Solaris 9 c ontainer [ug] Solaris 8 containers and Solaris 9 containers can be created using 4 simple steps.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 5. Cookboo ks Effect ive: 3 0/11/ 200 9 5.1.12. Storage withi n a zone [dd] Storage can be used in different ways in local zones.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 5. Cookboo ks Effect ive: 3 0/11/ 200 9 5.1.12.3. The glo bal zone mount s a file system when the local zone is booted [dd] File systems can be provided to a local zone by the global zone not only as loopback filesystems.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 5. Cookboo ks Effect ive: 3 0/11/ 200 9 5.1.12.5. User level NFS server in a local zone [ug] The native NFS in the Solaris kernel can currently not be used as a server within a local zone.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 5. Cookboo ks Effect ive: 3 0/11/ 200 9 For dynamic configuration, the device's major and minor number mu st b e determined. Th is information can be obtained with the ls command in the g lobal zone.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 5. Cookboo ks Effect ive: 3 0/11/ 200 9 5.1.12.8. Several zones share a fi le system [dd] The zone model makes it very easy fo r several zones to share a writable file system.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 5. Cookboo ks Effect ive: 3 0/11/ 200 9 5.1.13. Configu ring a zone by command file or template [dd] Zones can be configured by using command files fo r zonecfg or by the use of templates. This allows quick and automatic configuration of many zones avoiding errors.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 5. Cookboo ks Effect ive: 3 0/11/ 200 9 5.1.15. Accelerat ed automatic creation of zones on a ZF S file system [bf/ug] If a zone is configured on a ZFS f ile system, it can be dupli cated very quickly by using ZFS snapshots.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 5. Cookboo ks Effect ive: 3 0/11/ 200 9 5.2. Network 5.2.1. Change netwo rk co nfigura tion f or shared IP instances [dd] For an already configured zone with a shared IP instance, it may be necessary to change the physical interface or t he network address.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 5. Cookboo ks Effect ive: 3 0/11/ 200 9 5.2.4. Change netwo rk co nfigura tion from shared IP instance to exclusive IP insta nce [dd] Zones that are already configured are run with shared IP instances up to Solaris 10 11/06.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 5. Cookboo ks Effect ive: 3 0/11/ 200 9 5.2.6. IP filter be tween exclusive I P zones on a system [dd] The usual configuration rules for IP f ilters must be followed for the use of IP filters in exclusive IP zones.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 5. Cookboo ks Effect ive: 3 0/11/ 200 9 5.2.7.2. Zones i n separate net work segments usi ng the shared IP i nstance [dd/ug] Two local zones, zone1 and zone2, are located in separated network segments and provide services for these network segments.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 5. Cookboo ks Effect ive: 3 0/11/ 200 9 5.2.7.3. Zones i n separate net work segments usi ng exclusiv e IP instances [dd/ug] Two local zones, zone1 and zone2, are located in separated network segments and provide services for these network segments.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 5. Cookboo ks Effect ive: 3 0/11/ 200 9 5.2.7.4. Zones i n separate net works using the shared IP i nstance [dd/ug] Two local zones, zone1 and zone2, are located in separated networks and provide services for other networks.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 5. Cookboo ks Effect ive: 3 0/11/ 200 9 5.2.7.5. Zones i n separate net works using exclusiv e IP insta nces [dd] Two local zones, zone1 and zone2, are located in separated networks and provide services for other networks.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 5. Cookboo ks Effect ive: 3 0/11/ 200 9 5.2.7.6. Zones co nnected to inde pendent customer netw orks usi ng the shared IP i nstance [dd/ug] Two local zones, zone1 and zone2, are located in separated networks and provide services for a va riety of customers in their own networks.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 5. Cookboo ks Effect ive: 3 0/11/ 200 9 89 Figur e 36: [dd] Zones connect ed to i ndepe nde nt custom er networ ks using the share d I P instan ce bge0 - 192.168.1.1 bge1 - 0.0.0. 0 bge2 - 0.0.0. 0 reject route 192.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 5. Cookboo ks Effect ive: 3 0/11/ 200 9 5.2.7.7. Zones co nnected to inde pendent customer netw orks usi ng exclusiv e IP instances [dd/ug] Two local zones, zone1 and zone2, are located in separated networks and provide services for a va riety of customers in their own networks.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 5. Cookboo ks Effect ive: 3 0/11/ 200 9 5.2.7.8. Connect ion o f zone s v ia external routers usin g the shared IP instanc e [dd/ug] A web server in zone1 is contacted fro m the internet and needs the application server in zone2 to fulfill t he orders.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 5. Cookboo ks Effect ive: 3 0/11/ 200 9 • In order to avoid communication between the local zones through the shared TCP /IP stack, reject routes must be set in th e global zone t hat prevent communication between the IP addresses of the two zones (or the use o f ipfilter).
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 5. Cookboo ks Effect ive: 3 0/11/ 200 9 5.2.7.9. Connect ion o f zone s thr ough an external load bala ncing router usin g exclusive IP instances [dd/ug] A web server in zone1 is contacted fro m the internet and needs the application server in zone2 to fulfill t he orders.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 5. Cookboo ks Effect ive: 3 0/11/ 200 9 94 bge0 - 192.168.1.1 ip ty pe: s hared Global Zone bge3 - 192.168.201.1 bge1 - 192.168.200.1 Def router - 192. 168.200.2 ip ty pe: ex clusi ve Zone 1 192.168.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 5. Cookboo ks Effect ive: 3 0/11/ 200 9 5.3. Lifec ycle management 5.3.1. Bootin g a zone [dd] zoneadm -z <zone> boot sta rts up a zone, mounts the f ile systems, initializes the network interfaces, sets the resource controls and start s the service manager of the zone.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 5. Cookboo ks Effect ive: 3 0/11/ 200 9 Alternatively, se t the b oot arguments permanently in a zone configuration: global# zonecfg -z keetonga zon.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 5. Cookboo ks Effect ive: 3 0/11/ 200 9 5.3.4. Software installa tion w ith prov isioni ng system [ug] The N1 SPS software can provision software in zones as well. The requirements are: • A writable directly where th e software can be installed.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 5. Cookboo ks Effect ive: 3 0/11/ 200 9 5.3.6. Zone migrati on wi thin a system [ug] Let us assume that a zone named "t est" is to be moved to another directory. Currently, this zone is located on /export /home/zone/test (zonepath).
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 5. Cookboo ks Effect ive: 3 0/11/ 200 9 5.3.7. Duplic ating zones w ith zone adm c lone [ug] Zone installation can be accelerated with zoneadm ... clone . In this exa mple, a zone named test is already configured and installe d.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 5. Cookboo ks Effect ive: 3 0/11/ 200 9 Now, zone test1 is configured in exactly the same way as zone test but has its own zonepath .
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 5. Cookboo ks Effect ive: 3 0/11/ 200 9 5.3.8. Duplic ating zones w ith zone adm de tach/attach and zfs c lone [ug] First , the zone " test" is moved t o its own ZFS file system. The file system must only be available from root otherwise an error message will appear.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 5. Cookboo ks Effect ive: 3 0/11/ 200 9 5.3.9. Moving a zone betwee n a sun4u and a su n4v system [ug] Currently, two architectures with SPARC- processors are avail able from Sun Microsystems that are b oth supported by Solaris 10.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 5. Cookboo ks Effect ive: 3 0/11/ 200 9 Next, the zone is to be transported to a sun4v system named bashful . To do so, the contents and the configuration are saved: root@tiger [23] # cd /zone root@tiger [23] # tar cEvf u0.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 5. Cookboo ks Effect ive: 3 0/11/ 200 9 5.3.10. Shuttin g dow n a zone [dd] Zones can be shut down from the local zone itself or from the global zone. Depending on whic h option is used, running services a re either completed or simply stopped.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 5. Cookboo ks Effect ive: 3 0/11/ 200 9 The BE is n ow available e.g. under /.alt.s10-807+1 . Ne xt, the boot archive of this B E is updated a nd the BE is unmounted again. bootadm update-archive -R /.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 5. Cookboo ks Effect ive: 3 0/11/ 200 9 5.4. Man agement and monit oring 5.4.1. DTrace in a local zo ne [dd] Since Solaris 10 11/06, DTrace can be applied within local zones to processes of this zone.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 5. Cookboo ks Effect ive: 3 0/11/ 200 9 5.5. Resour ce manageme nt 5.5.1. Limiti ng the /tmp- size w ithin a zone [dd] In many cases, /tmp is used as tmpfs in swap. This leads to the swap area being sha red by all zones by /tmp in e ach zone.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 5. Cookboo ks Effect ive: 3 0/11/ 200 9 5.5.4. Fair sha re scheduler [ug] The ratio of CPU usage between zones or projects can be set. This is implemented b y he so-called fair share scheduler. CPU shares are allocated as follows: • For zones, by using add rctl and the attribute zone.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 5. Cookboo ks Effect ive: 3 0/11/ 200 9 created with poolcfg and pooladm . 5.5.9. Dynamic resource pool s f or zones [dd] As already described in 4.6.2.5 Dynamic resource pools , dynamic resource pools can very easily be used for zones since Solaris 10 8/07.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 5. Cookboo ks Effect ive: 3 0/11/ 200 9 5.5.10. Limitin g the physica l main memory co nsumpti on of a pro ject [dd] To limit the physical main memory of a project, the resource capping daemon rcapd(1M) can be used.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 5. Cookboo ks Effect ive: 3 0/11/ 200 9 Settings for swap (= virtual memory), locked memory and other resource controls of a zone can be queried at runtime with prctl -i zone <zone> . global # prctl -i zone zone1 zone: 22: zone1 NAME PRIVILEGE VALUE FLAG ACTION RECIPIENT zone.
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 Sup plem ent Effective: 30/1 1/20 09 Supp lement A. Solaris Containe r in OpenSolaris A.1. OpenS olaris – ge neral [dd] In 2005, Sun Microsystems star ted OpenSolaris as an OpenSource project in o rder to support and advance the developer community a round Solaris ( http:// www .
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 A. S olaris Conta iner i n Ope nSola ris Effec tive: 30/ 11/ 2009 A.1. Cookbo ok: Confi guri ng an ipkg zo ne The configuration of the zone is done as usual with zonecfg(1M) .
Version 3.1-e n S olaris 10 Contai ner Guid e - 3.1 B. R eferen ces Effect ive: 30/1 1/200 9 B. Reference s [1] Jeff Vict or, "So laris Co ntain ers T echnol ogy Archite cture Guide ", Sun B lueprin t, May 2006, http:/ /www .sun.com/blueprints/0506/819-6186.
デバイスSun Microsystems SOLARIS 10の購入後に(又は購入する前であっても)重要なポイントは、説明書をよく読むことです。その単純な理由はいくつかあります:
Sun Microsystems SOLARIS 10をまだ購入していないなら、この製品の基本情報を理解する良い機会です。まずは上にある説明書の最初のページをご覧ください。そこにはSun Microsystems SOLARIS 10の技術情報の概要が記載されているはずです。デバイスがあなたのニーズを満たすかどうかは、ここで確認しましょう。Sun Microsystems SOLARIS 10の取扱説明書の次のページをよく読むことにより、製品の全機能やその取り扱いに関する情報を知ることができます。Sun Microsystems SOLARIS 10で得られた情報は、きっとあなたの購入の決断を手助けしてくれることでしょう。
Sun Microsystems SOLARIS 10を既にお持ちだが、まだ読んでいない場合は、上記の理由によりそれを行うべきです。そうすることにより機能を適切に使用しているか、又はSun Microsystems SOLARIS 10の不適切な取り扱いによりその寿命を短くする危険を犯していないかどうかを知ることができます。
ですが、ユーザガイドが果たす重要な役割の一つは、Sun Microsystems SOLARIS 10に関する問題の解決を支援することです。そこにはほとんどの場合、トラブルシューティング、すなわちSun Microsystems SOLARIS 10デバイスで最もよく起こりうる故障・不良とそれらの対処法についてのアドバイスを見つけることができるはずです。たとえ問題を解決できなかった場合でも、説明書にはカスタマー・サービスセンター又は最寄りのサービスセンターへの問い合わせ先等、次の対処法についての指示があるはずです。