System Administration Guide: Oracle Solaris Containers-Resource Management and Oracle Solaris Zones

How to Configure the lx Branded Zone

You use the zonecfg command described in the zonecfg(1M) man page to perform the following actions.


Tip –

If you know you will be using CDs or DVDs to install applications in an lx branded zone, use add fs to add read-only access to CD or DVD media in the global zone when you initially configure the branded zone. A CD or DVD can then be used to install a product in the branded zone.


While configuring a zone with the zonecfg utility, you can use the revert subcommand to undo the setting for a resource. See How to Revert a Zone Configuration.

A script to configure multiple zones on your system is provided in Script to Configure Multiple lx Branded Zones.

To display a non-global zone's configuration, see How to Display the Configuration of a Branded Zone.


Tip –

After you have configured the branded zone, it is a good idea to make a copy of the zone's configuration. You can use this backup to restore the zone in the future. As superuser or Primary Administrator, print the configuration for the zone lx-zone to a file. This example uses a file named lx-zone.config.


global# zonecfg -z lx-zone export > lx-zone.config

See How to Restore an Individual Non-Global Zone for more information.


ProcedureHow to Configure, Verify, and Commit the lx Branded Zone

Note that you cannot use lx branded zones on a Trusted Solaris system where labels are enabled. The zoneadm command will not verify the configuration.

You must be the global administrator in the global zone to perform this procedure.

  1. Become superuser, or assume the Primary Administrator role.

    To create the role and assign the role to a user, see Using the Solaris Management Tools With RBAC (Task Map) in System Administration Guide: Basic Administration.

  2. Set up a zone configuration with the zone name you have chosen.

    The name lx-zone is used in this example procedure.


    global# zonecfg -z lx-zone
    

    If this is the first time you have configured this zone, you will see the following system message:


    lx-zone: No such zone configured
    Use 'create' to begin configuring a new zone.
  3. Create the new lx zone configuration by using the SUNWlx template.


    zonecfg:lx-zone> create -t SUNWlx
    

    Alternatively, you can create a blank zone and explicitly set the brand:


    zonecfg:lx-zone> create -b
    zonecfg:lx-zone> set brand=lx
    
  4. Set the zone path, /export/home/lx-zone in this procedure.


    zonecfg:lx-zone> set zonepath=/export/home/lx-zone
    
  5. Set the autoboot value.

    If set to true, the zone is automatically booted when the global zone is booted. Note that for the zones to autoboot, the zones service svc:/system/zones:default must also be enabled. The default value is false.


    zonecfg:lx-zone> set autoboot=true
    
  6. Set persistent boot arguments for a zone.


    zonecfg:lx-zone> set bootargs="-i=altinit"
    
  7. If resource pools are enabled on your system, associate a pool with the zone.

    This example uses the default pool, named pool_default.


    zonecfg:lx-zone> set pool=pool_default
    

    Because a resource pool can have an optional scheduling class assignment, you can use the pools facility to set a default scheduler other than the system default for a non-global zone. For instructions, see How to Associate a Pool With a Scheduling Class and Creating the Configuration.

  8. Revise the default set of privileges.


    zonecfg:lx-zone> set limitpriv="default,proc_priocntl"
    

    The proc_priocntl privilege is used to run processes in the real-time class.

  9. Set five CPU shares.


    zonecfg:lx-zone> set cpu-shares=5
    
  10. Add a memory cap.


    zonecfg:lx-zone> add capped-memory
    
    1. Set the memory cap.


      zonecfg:lx-zone:capped-memory> set physical=50m
      
    2. Set the swap memory cap.


      zonecfg:lx-zone:capped-memory> set swap=100m
      
    3. Set the locked memory cap.


      zonecfg:lx-zone:capped-memory> set locked=30m
      
    4. End the specification.


      zonecfg:lx-zone:capped-memory> end
      
  11. Add a file system.


    zonecfg:lx-zone> add fs
    
    1. Set the mount point for the file system, /export/linux/local in this procedure.


      zonecfg:lx-zone:fs> set dir=/export/linux/local
      
    2. Specify that /opt/local in the global zone is to be mounted as /export/linux/local in the zone being configured.


      zonecfg:lx-zone:fs> set special=/opt/local
      

      In the non-global zone, the /export/linux/local file system will be readable and writable.

    3. Specify the file system type, lofs in this procedure.


      zonecfg:lx-zone:fs> set type=lofs
      

      The type indicates how the kernel interacts with the file system.

    4. End the file system specification.


      zonecfg:lx-zone:fs> end
      

    This step can be performed more than once to add more than one file system.

  12. Add a network virtual interface.


    zonecfg:lx-zone> add net
    
    1. Set the IP address in the form ip address of zone/netmask. In this procedure, 10.6.10.233/24 is used.


      zonecfg:lx-zone:net> set address=10.6.10.233/24
      
    2. Set the physical device type for the network interface, the bge device in this procedure.


      zonecfg:lx-zone:net> set physical=bge0
      
    3. End the specification.


      zonecfg:lx-zone:net> end
      

    This step can be performed more than once to add more than one network interface.

  13. Enable an audio device present in the global zone in this zone by using the attr resource type.


    zonecfg:lx-zone> add attr
    
    1. Set the name to audio.


      zonecfg:lx-zone:attr> set name=audio
      
    2. Set the type to boolean.


      zonecfg:lx-zone:attr> set type=boolean
      
    3. Set the value to true.


      zonecfg:lx-zone:attr> set value=true
      
    4. End the attr resource type specification.


      zonecfg:lx-zone:attr> end
      
  14. Verify the zone configuration for the zone.


    zonecfg:lx-zone> verify
    
  15. Commit the zone configuration for the zone.


    zonecfg:lx-zone> commit
    
  16. Exit the zonecfg command.


    zonecfg:lx-zone> exit
    

    Note that even if you did not explicitly type commit at the prompt, a commit is automatically attempted when you type exit or an EOF occurs.

Using Multiple Subcommands From the Command Line

Tip –

The zonecfg command also supports multiple subcommands, quoted and separated by semicolons, from the same shell invocation.


global# zonecfg -z lx-zone "create -t SUNWlx; set zonepath=/export/home/lx-zone"

Where to Go From Here

See Installing and Booting lx Branded Zones to install your committed zone configuration.

Script to Configure Multiple lx Branded Zones

You can use this script to configure and boot multiple zones on your system. The script takes the following parameters:

You must be the global administrator in the global zone to execute the script. The global administrator has superuser privileges in the global zone or assumes the Primary Administrator role.


#!/bin/ksh
#
# Copyright 2006 Sun Microsystems, Inc. All rights reserved.
# Use is subject to license terms.
#
#ident	"%Z%%M%   %I%    %E% SMI"
if [[ -z "$1" || -z "$2" || -z "$3" || -z "$4" ]]; then
    echo "usage: $0 <#-of-zones> <zonename-prefix> <basedir> <template zone>"
    exit 2
fi
if [[ ! -d $3 ]]; then
    echo "$3 is not a directory"
    exit 1
fi
state=`zoneadm -z $4 list -p 2>/dev/null | cut -f 3 -d ":"`
if [[ -z "$state" || $state != "installed" ]]; then
    echo "$4 must be an installed, halted zone"
    exit 1
fi

template_zone=$4

nprocs=`psrinfo | wc -l`
nzones=$1
prefix=$2
dir=$3

ip_addrs_per_if=`ndd /dev/ip ip_addrs_per_if`
if [ $ip_addrs_per_if -lt $nzones ]; then
	    echo "ndd parameter ip_addrs_per_if is too low ($ip_addrs_per_if)"
	    echo "set it higher with 'ndd -set /dev/ip ip_addrs_per_if <num>"
	    exit 1
fi

i=1
while [ $i -le $nzones ]; do
	zoneadm -z $prefix$i clone $template_zone > /dev/null 2>&1
	if [ $? != 0 ]; then
		echo configuring $prefix$i
		F=$dir/$prefix$i.config
		rm -f $F
		echo "create -t SUNWlx" > $F
		echo "set zonepath=$dir/$prefix$i" >> $F
		zonecfg -z $prefix$i -f $dir/$prefix$i.config 2>&1 | \
		    sed 's/^/    /g' 
	else
		echo "skipping $prefix$i, already configured"
	fi
	i=`expr $i + 1`
done

i=1
while [ $i -le $nzones ]; do
	j=1
	while [ $j -le $nprocs ]; do
		if [ $i -le $nzones ]; then
			if [ `zoneadm -z $prefix$i list -p | \
			    cut -d':' -f 3` != "configured" ]; then
				echo "skipping $prefix$i, already installed"
			else
				echo installing $prefix$i
				mkdir -pm 0700 $dir/$prefix$i
				chmod 700 $dir/$prefix$i
				zoneadm -z $prefix$i install -s -d /path/to/ISOs > /dev/null 2>&1 &
				sleep 1	# spread things out just a tad
			fi
		fi
		i=`expr $i + 1`
		j=`expr $j + 1`
	done
	wait
done

i=1
para=`expr $nprocs \* 2`
while [ $i -le $nzones ]; do
	date
	j=1
	while [ $j -le $para ]; do
		if [ $i -le $nzones ]; then
			echo booting $prefix$i
			zoneadm -z $prefix$i boot &
		fi
		j=`expr $j + 1`
		i=`expr $i + 1`
	done
	wait
done

ProcedureHow to Display the Configuration of a Branded Zone

You must be the global administrator in the global zone to perform this procedure.

  1. Become superuser, or assume the Primary Administrator role.

    To create the role and assign the role to a user, see Using the Solaris Management Tools With RBAC (Task Map) in System Administration Guide: Basic Administration.

  2. Display the configuration of a zone.


    global# zonecfg -z zonename info