Child pages
  • Building in zones

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: fixing Confluence RTE's bugs

...

Code Block
### Review defined zones
$ pfexec zoneadm list -cv
  ID NAME             STATUS     PATH                           BRAND    IP    
   0 global           running    /                              ipkg     shared
   - zone1            installed  /zones/build/zone1             ipkg     excl 

### Review zone config in the way good for cloning
$ pfexec zonecfg -z zone1 export 
create -b
set zonepath=/zones/build/zone1
set brand=ipkg
set autoboot=true
set ip-type=exclusive
add net
set physical=vnic0
end


###
### UNSUPPORTED methods follow
###
$ pfexec grep zone1 /etc/zones/index 
zone1:installed:/zones/build/zone1:4a79102b-8029-67e7-b394-c8d4000d5950

$ pfexec cat /etc/zones/zone1.xml 
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE zone PUBLIC "-//Sun Microsystems Inc//DTD Zones//EN" "file:///usr/share/lib/xml/dtd/zonecfg.dtd.1">
<!--
    DO NOT EDIT THIS FILE.  Use zonecfg(1M) instead.
-->
<zone name="zone1" zonepath="/zones/build/zone1" autoboot="true" brand="ipkg" ip-type="exclusive">
  <network physical="vnic0"/>
</zone>
Snapshot the zone

 

You might want to clone another zone later with these basic packages, or roll back to current conditions:

 

Code Block
$ pfexec zfs snapshot -r rpool/zones/build/zone1@initialPackages

 

 

Set up the local zone operating environment

...

Once the zone has booted, you can copy the DNS resolution settings from GZ into the local zone (if networking is the same, and if your sysidcfg or DHCP setups did not take care of that successfully):

Code Block
$ pfexec cp /etc/resolv.conf /etc/nsswitch.conf /zones/zone1/root/etc/

...

Try pinging some hosts on the internet. Remember to update the root password.

Note that the zone's internetworking is possibly subject to external firewalls on your LAN, and/or access to a proxy server, etc.

Snapshot the zone

You might want to clone another zone from these presets along with working networking:

...

You might want to delegate access to common source-code workspaces (i.e. by lofs-mounting them from GZ into LZs), to your private package depots, etc.

 

Snapshot the zone

 

You might want to clone another zone from these presets now, so as to instantly start working in the clone:

 

Code Block
$ pfexec zlogin init 5
$ pfexec zfs snapshot -r rpool/zones/build/zone1@initialDevelSetup
$ pfexec zoneadm -z zone1 boot

 

Creating the zone's clones now would involve cloning of the prepared zoneroot's snapshot, copying of the zone configuration (with zoneadm, or by copying and modifying zone-description XML files and modifying the index file in /etc/zones for the time being), and possibly updating the static networking configuration inside the zone root – such as /etc/hosts/etc/nodename files at least (also maybe /etc/hostname.vnicN for exclusive VNICs and /etc/motd to describe this zone's purpose).

Note that there are other ways to clone zones, and unlike the hacks in previous paragraph they are "supported", but those would usually clone a zone's current state instead of using a "golden image" as you can do with the snapshots above.

 

This step answers questions you would otherwise have to answer manually via a console-based wizardAlternately, you can hold the unused preconfigured "dummy" zone as a golden image, and properly clone it with the supported system tools and methods (making the first clone now for your actual development work).