Child pages
  • Building in zones

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migrated to Confluence 4.0

Creating a zone for building software

We recommend building all software inside zones, so you can set up a clean development environment.

This guide below assumes you are on a LAN with DHCP. We will create a crossbow VNIC on your primary network interface (assumed to be e1000g0 here, adapt as necessary), which will operate as if the vnic was plugged directly into your local LAN.

titleDistro Constructor

Distribution Constructor (the software that produces the final ISO Image) does not work inside a Zone.

Create a zfs filesystem

Here, we are disabling atime and sync to speed up builds. Note that setting sync=disabled may result in dataloss in a power loss/system crash scenario, so only enable it for your build environment if you don't mind losing data. (necessary to separate the options into -o property=value blocks):

Code Block
pfexec zfs create -o compression=on -o sync=disabled -o atime=off -o mountpoint=/zones rpool/zones 
Create a crossbow VNIC

If your primary interface is not e1000g0, please substitute for the one that is in use. You can normally find this via "dladm show-phys" or "ifconfig -a".

Code Block
pfexec dladm create-vnic -l e1000g0 vnic0
Create the zone:
Code Block
pfexec zonecfg -z zone1
set autoboot=true
set zonepath=/zones/zone1
set ip-type=exclusive
add net
set physical=vnic0
Install the zone:

This step will install the zone by downloading packages from the internet.

Code Block
pfexec zoneadm -z zone1 install
Create a sysidcfg file:

This step answers questions you would otherwise have to answer manually via a console-based wizard.

Mount the zone's ZFS dataset so we can access it by running:

Code Block
sudo zoneadm -z zone1 ready

Now create the sysidcfg file:

Code Block
pfexec cat <<EOF > /zones/zone1/root/etc/sysidcfg
network_interface=PRIMARY {dhcp protocol_ipv6=no}

Remark: the encrypted root password shown here is: abc123

Boot your zone
Code Block
pfexec zoneadm -z zone1 boot

You will now want to attach to the zone's console and watch it boot, and answer any questions if prompted:

Code Block
pfexec zlogin -C zone1

You can detach from the console by issuing "." without quotes (or "~." over ssh).

DNS configuration in the zone:

Once the Zone has booted, you can copy the DNS resolution settings into the zone:

Code Block
pfexec cp /etc/resolv.conf /etc/nsswitch.dns /zones/zone1/root/etc/
Final checks

You can now zlogin into the zone with "zlogin zone1".

Try pinging some hosts on the internet. Remember to update the root password.