From Interlock Rochester Wiki

Revision as of 19:23, 17 December 2009 (view source) Cmd3187 (Talk | contribs) (Created a page on making solaris zones) ← Older edit		Latest revision as of 18:16, 8 February 2012 (view source) Antitree (Talk | contribs) (cool but relevant?)
Line 45:		Line 45:
	[[category:knowledge]]		[[category:knowledge]]
		+
		+	[[category:cleanup]]

---

Latest revision as of 18:16, 8 February 2012

These commands have been tested on OpenSolaris 2009.6 amd64. Your mileage may vary depending on the version of Solaris.

Contents 1 General commands 2 Create a ZFS pool to use 3 Create a zone directory 4 Create a new zone 5 Install the zone's base system 6 Boot the zone 7 Login to the zone

General commands

• zone adm list -vc = list current zone containers
• isainfo = processor extension support, Like /proc/cpuinfo on Linux

Create a ZFS pool to use

In order for any zone to be created in OpenSolaris, a ZFS resource pool must be created explicitly for the purpose of zones. This ZFS pool cannot be the / of the machine. The steps below simply create a new pool under /export/zones, but remounts it under /zones, for easier access.

# zfs create rpool/export/zones
# zfs set mountpoint=/zones rpool/export/zones

Create a zone directory

Change the permissions on the directory, so that only the root can gain access to it. I think this is so that internal proccess to the zone cannot be chrooted out by accident, or via a buffer overflow attack.

# mkdir /zones/zoneName
# chmod 700 /zones/zoneName

Create a new zone

Here the zone's basic configuration is created. These commands can also be shortened into a single command-line call.

# zonecfg -z zoneName
 > create
 > set zonepath=/zones/zoneName
 > set autoboot=true
 > add net
 net> set address x.x.x.x/nn
 net> set physical e1000g0
 net> set defrouter x.x.x.254
 net> end
 > info
 > verify
 > commit
 > exit

Install the zone's base system

Essentially copies a minimal installation of OpenSolaris into the root of the zone, which in this example is /zones/zoneName. NOTE: This part takes about 10 - 20 minutes to complete

# zoneadm -z zoneName install

Boot the zone

Tells the kernel to start up all virtual devices paired to this zone, and creates a console connection to the zone.

# zoneadm -z zoneName boot

Login to the zone

This is the same as using a dumb terminal to connect into the device.

# zlogin -c zoneName