With the announcement of OpenSolaris 2009.06 I thought it would be appropriate to blog a little about a tool I had been writing to help myself play with Zones a bit easier.
My overall goals were the following:
- Have each zone configured with its own virtual NIC (Crossbow)
- Allow easy creation of zones without having to type zonecfg crap over and over again
- Make it a stepping stone to automatically creating zones
- See how well ipkg branded Zones work
- Allow a Zone to get its IP and DNS configuration from DHCP
I had tried going through tutorials that I found on the web (See references below) for setting up Zones but sadly none of them worked to my frustration. After a lot of experimentation I finally pieced together a way to create zones quickly and (almost) automatically for simple configurations.
Howto
- Create a template zone that will be used as the main clone Zone
- Download setup-zone-exclusive.sh and modify lines 34-35 to match the name of your template zone and the real interface you want the zones to bind to
- Download the DHCP event hook script from here and name it dhcp-client-event.sh if you want DHCP configuration
- Run setup-zone-exclusive with the zonename and the virtual nic interface that you want
In more detail here are the steps below
First create a template zone (I call it barebones here)
# Create /zones as its own ZFS filesystem
$ pfexec zfs create rpool/zones
$ pfexec zfs set mountpoint=/zones rpool/zones
$ pfexec zfs create rpool/zones/barebones
$ pfexec chmod 0700 /zones/barebones
$ pfexec dladm create-vnic -l $REAL_IF vnic0
$ pfexec zonecfg -z barebones
barebones: No such zone configured
Use ‘create’ to begin configuring a new zone.
zonecfg:barebones> create
zonecfg:barebones> set zonepath=/zones/barebones
zonecfg:barebones> set ip-type=exclusive
zonecfg:barebones> add net
zonecfg:barebones:net> set physical=vnic0
zonecfg:barebones:net> end
zonecfg:barebones> exit$ pfexec zoneadm -z barebones install
Get the script
I would suggest you create a project directory to hold things such as zonecreations.
Download from Github gists here. Name it setup-zone-exclusive.sh. Don’t forget to chmod +x the file so you can execute it
Download the DHCP event hook script
You can get that here. Make sure this script is in the same directory as wherever you saved setup-zone-exclusive.sh
Create a zone
You can now create zones like this:
cd zonecreations
pfexec ./setup-zone-exclusive.sh mycoolnewzone virtualnic1
Have fun!
Update: Fixed an error in the example for using dladm. It should be correct now. Thanks!
References
Downloads
http://gist.github.com/122220 (setup-zone-exclusive.sh)
A DHCP event script to make sure DNS is configured when DHCP acquires an IP
Older docs on setting up Zones on Solaris
How to use sysidcfg file in OpenSolaris 2008.11
Internal Zone Configuration docs
Performing the Initial Zone configuration
Preconfiguring with sysidcfg file
OpenSolaris FAQ on sysidcfg
Ben Rockwood’s blogpost on Zone creation
About /etc/.UNCONFIGURED
Helpful for understanding Zones and Crossbow
Finding out that there is a change in policy for setting root_password in sysidcfg files
PASSREQ is enforced
zlogin failure after zone setup
The following helped in understanding the role of IPS and ipkg inside a non-global Zone
Updating Zones in OpenSolaris 2008.x
A field guide to Zones in OpenSolaris 2008.05
OpenSolaris forum on sysidcfg and Zones
