Creating a Solaris Zone on ZFS

Updated   Read time 3 min(s) 46 sec(s)   (1700 views).  Solaris  

This article is a simple example of creating a ZFS filesystem and using it to hold a new Solaris Zone. ZFS the new Zetabyte file system, created for OpenSolaris but now integrated into mainstream Solaris, and the use of Zones (formerly Solaris Containers)

ZFS allows for large, more reliable filesystems. The key advantages being:

  • Simple administration
  • Data integrity (64-bit checksums on data)
  • Large capacity format for future growth (2\*\*128 512-byte block files). That's 256 quadrillion zettabytes.

Other notable features of ZFS are:

  • Filesystems built on virtual storage "pools"
  • Copy-on-write removes need for recovery (no fsck)
  • Dynamic striping and multiple block sizes optimizes throughput (512 to 128K)
  • Optional compression
  • No modifications needed for apps

The ZFS software is installed via the packages SUNWzfsr and SUNWzfsu.

Create the ZFS pool

We firstly, need to create a virtual device for ZFS. In an idela situation this would be a raw device (or disk slice), but for the purpose of this article we will create a regular file to hold the filesystem.

# mkfile 5g /example/zfs5g

Now create the ZFS storage pool on the virtual device:

# zpool create VirtZones /example/zfs5g
# zpool list
NAME                SIZE    USED    AVAIL    CAP    HEALTH    ALTROOT
VirtZones          4.97G    32.5K    4.97G    0%    ONLINE

NOTE: If you wish to create a mirrored-pool, simple use the keyword pool and specify two virtual devices.

Create a ZFS file system

Now we create a ZFS file system using the new ZFS pool:

# zfs create VirtZones/newzone
# zfs set mountpoint=/newzone VirtZones/newzone
# zpool status -z
  pool: VirtZones
 state: ONLINE
 scrub: none requested
config:

        NAME           STATE       READ WRITE CKSUM
        VirtZones      ONLINE         0     0     0
          /newzone     ONLINE         0     0     0

# mount | grep newzone
/newzone on VirtZones/newzone read/write/setuid/devices/exec/atime/dev=3f50004 on Mon Nov 14 12:34:
# df -k /newzone
Filesystem        kbytes    used   avail capacity Mounted on
VirtZones/newzone
                  5169408      8 5169341       1% /newzone
# ls -l /newzone
total 0

NOTE: At this stage /newzone is not listed in /etc/vfstab. Mounting is done automatically at boot tine by ZFS.

#  grep newzone /etc/vfstab
#

If you want to allow the file system to be managed inside the zone, we must use the zfs zoned=on option when creating or modifying the file system.

Creating the Solaris Zone

Use zonecfg to setup the zone:

# zonecfg -z newzone
newzone: No such zone configured
Use 'create' to begin configuring a new zone.
zonecfg:newzone> create
zonecfg:newzone> set zonepath=/newzone
zonecfg:newzone> set autoboot=true
zonecfg:newzone> add net
zonecfg:newzone:net> set address=10.1.1.21
zonecfg:newzone:net> set physical=ce0
zonecfg:newzone:net> end
zonecfg:newzone> verify
zonecfg:newzone> commit
zonecfg:newzone> exit

Install the Solaris Zone

Now we need to install packages on the newly created Soalris zone:

Firstly set the proper permissions on the directory, which must moy be world or group read, write or execute:

# chmod go-rwx /newzone

Now we can install the zone using the zoneadm command. This may take several minutes to complete

# zoneadm -z newzone install
Preparing to install zone <newzone>.
Creating list of files to copy from the global zone.
Copying <2048> files to the zone.
Initializing zone product registry.
Determining zone package initialization order.
Preparing to initialize <946> packages on the zone.
Initializing package <252> of <956>: percent complete: 26%
. . .
Initialized <946> packages on zone.
Zone <newzone> is initialized.
The file </newzone/root/var/sadm/system/logs/install_log> contains a log of the zone installation.

NOTE: If you decide to halt, uninstall or delete the zone, we can use these commands, respectively:

# zoneadm -z newzone halt
# zoneadm -z newzone uninstall
# zonecfg -z newzone delete

NOTE: By default zonecfg creates a "sparse" zone--that is read-only files are shared from the "global" zone. This saves a lot of space.

NOTE: If a "sparse" zone is not desired, simply use "create -b" instead of "create" in the zonecfg as in the above example. This prevents the new zone from "inheriting" packages from the global zone. This is called a "whole root" configuration.

The zone has been created, but it won't show up until after the initial boot:

# zoneadm list -v
  ID NAME                 STATUS       PATH
   0 global               running      /

Boot and Configure the Solaris Zone

Now boot the zone and login to the console with zoneadm and zlogin. The initial boot prompts for basic configuration information (language, locale, terminal, hostname, name service, time zone, and root password):

# zoneadm -z newzone boot
# zlogin -C newzone
[Connected to zone 'newzone' console]
Loading smf(5) service descriptions:
1/108
. . .
newzone console login: root
. . .
~.

NOTE: Use "~." to disconnect from the console.