14 Oracle Solaris Zones

The following information is included:

Introduction to Oracle Solaris Zones
Roles for Zone Management
Zone Management Functions
Preparing Your Global Zone
Discovering and Managing Existing Zones
Outline of Zone Creation
Determining Zone Requirements
Zone Configuration Parameters
Creating a Zone Profile
Creating and Deploying Zone Plans
Managing Zones
Migrating Zones
Recovering Zones
Zones Server Pool
Updating Zones
Related Zone Operations
Related Resources

14.1 Introduction to Oracle Solaris Zones

Oracle Solaris Zones, also known as Oracle Solaris Containers, are used to virtualize operating systems and provide an isolated and secure environment for running software applications. A zone is a virtualized operating system environment created within a single instance of the Oracle Solaris operating system.

Think of a zone as a box with flexible, software-defined walls. One or more applications can run in this box without interacting with the rest of the system. Because zones isolate software applications or services, applications that are running in the same instance of the Oracle Solaris OS can are managed independently of each other. For example, you can run different versions of the same application in separate zones.

Zones require a machine that is running an Oracle Solaris 10 or later release.

14.1.1 Global and Non-global Zones

The global zone is the default operating system and has control over all of the processes and has system-wide administrative control. A global zone always exists, even when no other zones are configured.

Non-global zones, or simply zones, are configured inside the global zone. Zones are isolated from the physical hardware by the virtual platform layer. A zone cannot detect the existence of other zones.

14.1.2 Types of Non-Global Zones

You can create different types of non-global zones for different purposes:

Sparse Root Zone: Contains a read/write copy of a portion of the file system that exists on an Oracle Solaris 10 global zone. Other file systems are mounted read-only from the global zone as loop-back virtual file systems. As part of creating a sparse root zone, the global administrator selects which file systems to share with the sparse root zone and the default read-only file systems: /usr, /lib, /sbin, and /platform. All packages that are installed on the global zone are available to the sparse root zone; a package database is created and all files in the mounted file system are shared with the zone.

Note:
Sparse root zones are not available beginning with Oracle Solaris 11. You can create sparse root zones only in Oracle Solaris 10.
Whole Root Zone: Contains a read/write copy of the entire file system that exists on the global zone. When a whole root zone is created, all packages that are installed on the global zone are available to the whole root zone; a package database is created and all files are copied onto the whole root zone for the dedicated and independent use of the zone.
Branded Zone: The non-global zone runs the same operating system software on the global zone. The branded zone facility is used to create non-global branded zones that contain operating environments different from that of the global zone. For example, you can install Oracle Solaris 8, 9, or 10 in a branded zone.

14.2 Roles for Zone Management

The following table lists the tasks and the role required to complete the task. Contact your administrator if you do not have the necessary role or privilege to complete a task. See Oracle Enterprise Manager Ops Center Administration Guide for information about the different roles and the permissions they grant.

Table 14-1 Oracle Solaris Zones Roles and Permissions

Task	Role
Create, manage, update, and delete zones	Virtualization admin
Provision and manage virtualization host	Virtualization admin
Discover and manage virtualization hosts	Asset admin
Create and manage zone profiles and plans	Profile and plan admin
Create and manage IPMP groups	Network admin
Create and manage Link Aggregation	Network admin
Set monitor thresholds	Asset admin

14.3 Zone Management Functions

Oracle Enterprise Manager Ops Center provides the following solution for managing your zones environment in a data center:

Create zones using profiles and deployment plan.
Discover and manage existing zone environments.
Perform zones functions such as booting, rebooting, shutting down, cloning, migrating and delete zones from the software UI.
Manage zone configuration such as file systems, storage, and networks from the UI.
Aggregate your NICs or create IP Multipathing (IPMP) groups.
Create zones server pool for balancing available resources and provide the infrastructure support for virtual datacenter creation.
Use UI and native CLI interchangeably to create and manage zones.
Complete support for managing Oracle Solaris 11 zones.
Options to upload scripts to manage the unmanaged file system and zone dependencies.

14.4 Preparing Your Global Zone

The global zone is the default Oracle Solaris 10 or 11 operating system installed on a system. When you provision systems, you can use the Add Assets or Find Assets option in Oracle Enterprise Manager Ops Center to discover the global zone. See Chapter 12, "Operating Systems" for information on provisioning a system with an Oracle Solaris operating system.

You must prepare your global zone with the network and storage resources that the non-global zones will use, including associating the required storage libraries with the global zone and attaching networks to the global zone. You can also aggregate the interfaces or create IPMP groups in the global zone before you connect them to the zones. The use of IPMP and link aggregated interfaces results in enhanced network availability for the zones.

This section covers the following topics:

Associating Storage Libraries
Managing Global Zone Networks
Creating IPMP Groups
Creating Link Aggregation
Modifying and Detaching a Network from the Global Zone

14.4.1 Associating Storage Libraries

You can associate or disassociate libraries from a global zone. When you associate a library with the global zone, the libraries are available to all the zones in the hierarchy of the global zone.

You can associate the following types of storage libraries to a global zone:

Filesystem storage: NAS libraries
Block storage: SAN and Dynamic storage libraries

All the libraries associated with the global zone are available for association with the zones.

When you disassociate a library from the global zone:

The libraries are not available to new zones.
The libraries remain associated to existing non-global zones in that global zone.

To Associate a Library With the Global Zone

Select the global zone in the Assets section.
Click Associate Libraries in the Actions pane.

The Associate Library window lists the libraries that are not associated with the global zone.
Select one or more libraries to add.
Click Associate Libraries.

A job is submitted to associate the libraries with the global zone.

To Disassociate Libraries From Global Zone

Select the global zone in the Assets section.
Click the Libraries tab in the center pane.

The associated libraries with the global zone are listed.
Select a library from the list.

The Disassociate Library icon is enabled.
Click the Disassociate Library icon to display the Disassociate Library window.
Click Disassociate Library to confirm unmounting the library.

14.4.2 Managing Global Zone Networks

You can attach one or more networks to global zone using the Attach Networks option. When your networks are grouped as network domains in Oracle Enterprise Manager Ops Center, select the domain and choose the corresponding networks to be attached.

When you assign a network to a stand-alone global zone, you must define the mode of the network, either Shared IP or Exclusive IP:

In Shared IP mode, the global zone shares its network interface with one or more zone. You must define the network interface when you assign the network to the global zone.
In Exclusive IP mode, a dedicated network interface is allocated to the zone. You can choose the network interface when you assign the network to a zone.

A network that is assigned as shared on a global zone can be assigned as exclusive on another global zone. For a global zone, a network has only one mode. For non-global zones, a network that is used in a shared mode for one zone cannot be used in exclusive mode for another zone.

While you attach networks to a global zone, you can deploy IP Multipathing (IPMP) to obtain better network performance or link aggregation to provide increased reliability, availability, and network performance for systems with multiple physical interfaces.

For stand-alone global zones with Oracle Solaris 10 OS, network can be attached in shared or exclusive IP mode. Whereas with Oracle Solaris 11 OS, the network is always attached in exclusive IP mode. This is because a virtual NIC or VNIC is created when the zone boots and deleted when the zone is halted.

This scenario is different for attaching networks to global zones that are in a server pool. See Attaching Networks for more information about attaching networks in a zones server pool.

IPMP Groups

IPMP groups provide network failover for your global and non-global zones. You can configure one or more physical interfaces into an IPMP group in the global zone and extend that functionality to the non-global zones. After configuring the IPMP group, the system monitors the interfaces in the IPMP group for failure. If an interface in the group fails or is removed for maintenance, IPMP migrates, or fails over, the failed interface's IP addresses. The failover feature of IPMP preserves connectivity and prevents disruption of any existing connections. The network access changes from the failed interface to the standby interface in the IPMP group and the data address of the failed interface migrates to the standby interface. See IP Multipathing Groups and Creating IPMP Groups for more information about IPMP groups.

Note:

You can create IPMP groups when you attach network in exclusive IP mode on Oracle Solaris 10 and 11 operating systems or you can create an IPMP group without using the attach network option. IPMP groups are not available for shared IP mode networks.

When you attach networks to a global zone in a shared IP mode, you can create an IPMP group and configure the following characteristics:

Define the number of members for the IPMP group.
Select the NICs that are part of the IPMP group. The NICs selected are placed in the IPMP group.
Select the type of interface:
- Active interface enables you to provide the data address and choose whether failover must be enabled for the interface for uninterrupted access to the network. This is applicable for Oracle Solaris 10 OS and is inherent in Oracle Solaris 11 OS.
- Standby interface enables you to provide a test address when you want probe-based detection.

Multiple shared IP zones can use the IPMP group. When you create a zone or connect a network to a zone, the IPMP group appears in the NIC list. Select the IPMP group from the list to connect to the selected network.

Link Aggregation

Several interfaces in a system can be aggregated into a single logical link. The aggregation is done as per the standard defined in IEEE802.3ad. When interfaces have been aggregated, they are treated as a single network interface. Oracle Enterprise Manager Ops Center displays the link aggregation in the list of available NICs as if it were an individual interface. You can assign a network with a link aggregation to a non-global zone, and select the link aggregation from the NIC list.

When you attach a network to a global zone, you can aggregate the physical interfaces and attach to the network. Link aggregation is available for both shared and exclusive IP network stack.

To Attach a Network to a Global Zone

When you attach a network to a global zone, you can choose to create an IPMP group or aggregate link. See Creating IPMP Groups to create IPMP groups on the global zone without using the attach network option.

The following network options are available:

Exclusive network: For zones that use an exclusive IP network, each zone has a dedicated network interface. You can configure the interfaces when you connect a zone to the exclusive network. An IPMP group requires an exclusive network.
Shared network: The global zone shares the network interface with the zones that use a shared IP network. You must configure the network interfaces of the global zone.

Perform the following steps to attach a network to a stand-alone global zone:

Select the global zone in the Assets section.
Click Attach Network in the Actions pane.

The Attach Network Wizard is displayed.
Select the network domain and the corresponding networks that are not yet connected to the asset are displayed in the network list. Select a network from the list.

You can attach one or more networks to the global zone. Click Next to configure the networks.
For each selected network, select the following information:
- Select the IP stack as shared or exclusive.
- Select the network configuration as IPMP, Link Aggregation, or None. For an exclusive IP stack, only the Link Aggregation network configuration is available.
  - When you select IPMP network configuration, you are taken through the steps for IPMP configuration.
  - When you select Link Aggregation configuration, you are taken through the steps to configure the aggregation.
  - When you select None, you are taken to Step 8 to configure the network interfaces for shared IP stack or to the Summary step.
- Enter the number of connections for each network.
  
  The number of connections depends on the Oracle Solaris OS version. For Oracle Solaris 10 OS, you cannot make multiple connections. For Oracle Solaris 11 OS, you can make multiple network connections.
Click Next to specify the link aggregation.
Provide the following information for link aggregation:
- The link aggregation name.
- Select the load balancing policy.
Click Next to configure the link aggregation.
Specify the following information for link aggregation:
- LACP mode and timer
- MAC address policy and the MAC address if required.
Specify the IPMP group details.
- IPMP group name
- Number of members of the IPMP group
- Select whether the probe-based failure detection must be enabled.
Click Next to configure the interfaces.
For IPMP group, provide the following information:
- The NICs that are member of the group.
- Select the interface for the standby interface. You must have at least one active interface.
  
  Click Next to specify the data addresses.
Configure the interfaces for networks that do not have network configuration:
- Specify the NIC and the IP address for the network connection.
- You can select System Allocated for the NIC and Assign by DHCP for the system to take care of the NIC and IP address allocation.
- Select Do Not Allocate IP for the IP address, when you do not want to allocate IP address for the network connection.
Enter the data addresses that must be used for the active network interfaces. Also, specify whether failover must be enabled for the interface. You must have more than one interface to enable failover.
Review the information provided for attaching a network to the global zone and click Finish to attach the network.

To prevent a failure of the attach network job, ensure that you enter the correct information for different versions of Oracle Solaris OS.

14.4.3 Creating IPMP Groups

You can directly create IPMP groups on the global zone without using the attach network option. From the network tabs, you have the option to create and manage the IPMP groups in the selected Oracle Solaris OS.

Figure 14-1 shows the options that are available to create and manage IPMP groups.

Figure 14-1 IPMP Group Option

Description of "Figure 14-1 IPMP Group Option"

IPMP provides physical interface failure detection, transparent network access failover, and packet load spreading for systems with multiple interfaces. Oracle Enterprise Manager Ops Center provides option to create IPMP groups. You can configure one or more interfaces into an IPMP group. The group functions like an IP interface with data addresses to send and receive network traffic. When an underlying interface in the group fails, the data addresses are redistributed among the remaining underlying active interfaces in the group. Thus, the group maintains network connectivity despite an interface failure. With IPMP, network connectivity is always available, provided that a minimum of one interface is usable for the group. IPMP also provides load spreading for the outbound network traffic across the network interfaces in the group.

To create an IPMP group, you must the define the following parameters for the group:

The active and the standby interfaces of the group. By default, an interface added to an IPMP group is active. You can configure as many standby interfaces as you want for the group.
The link-based failure detection is enabled by default. You must select whether you want to enable Probe-Based failure detection. For probe-based failure detection, you must provide the test address to track the interface status.
You must assign the data addresses for the physical interfaces in the IPMP group. Data traffic flow use the data addresses that are hosted on the IPMP interface and flow through the active interfaces of that group.

To Create an IPMP Group

Select the Oracle Solaris OS in the Assets section.
Click the Network tab in the center pane.
Click the IPMP Groups subtab in the pane.

Existing IPMP groups in the OS are listed.
Click the Create IPMP Group icon to create an IPMP group.

The Create IPMP Group Wizard is displayed.
Enter the following details for the IPMP group:
- Provide a name for the IPMP group.
- Select a network from the list.
  
  The list of available network interfaces in the global zone are displayed.
- The Link-Based failure detection is always enabled by default. Select whether you want to enable Probe-Based failure detection.
- Select the interfaces that are part of the IPMP group.
Figure 14-2 shows the Specify IPMP Group Wizard step.

Figure 14-2 Specify IPMP Group Details

Description of "Figure 14-2 Specify IPMP Group Details"

Click Next to specify the NIC settings.
When you have enabled probe-based failure detection, then enter the test address for the NICs in the group.
Select the interfaces that are in standby mode.

You must have at least one active interface in the group. Click Next to specify the data address.
Enter the data address for the active interfaces of the group and select whether the interface has a failover.

Click Next to view the summary.
Review the information and click Finish to create the IPMP group.

Note:

For Oracle Solaris 11 OS, you cannot create IPMP groups. Instead, you can aggregate the links.

14.4.4 Creating Link Aggregation

You can also create link aggregation directly on the Oracle Solaris OS. to create link aggregation, you must define the following details:

Load balancing policy
LACP mode and timer
MAC address policy and if required, the MAC address

To Create a Link Aggregation

Select the global zone in the Assets section.
Click the Network tab.
Click the Link Aggregation subtab.
Click the Create Link Aggregation icon.

The Create Link Aggregation Wizard is displayed.
Enter the name of the link aggregation.

The name starts with "aggr" by default. Append a number to make the name unique.
Select the NICS for the link aggregation.

Click Next to configure the link aggregation.
Specify the following information for link aggregation:
- Select the load balancing policy.
- LACP mode and timer.
- MAC address policy and MAC address if required.
Click Next to view the summary.
Review the information and click Finish to create the link aggregation.

14.4.5 Modifying and Detaching a Network from the Global Zone

You can modify the network connection that are attached to the network except for the management network. The modify and unbind network options are available in the Network tab.

Figure 14-3 shows the options that are available to manage networks of a global zone.

Figure 14-3 Network Options

Description of "Figure 14-3 Network Options"

To Modify Physical Connectivity

Click the Network tab of the selected global zone in the Assets section.
.Click the Modify Physical Connectivity icon

Figure 14-4 shows the Modify Physical Connectivity window that displays the network details that can be modified.

Figure 14-4 Modify Physical Connectivity

Description of "Figure 14-4 Modify Physical Connectivity"

You can change the permanent IP address or change the allocation method.

Note:

When the network interface is an IPMP group, you cannot modify the network interface.

Unbind Network connection

When you unbind a network from a global zone, the global zone's non-global zones are also disconnected from the network. Select the global zone and click the Unbind Network icon to remove the network.

14.5 Discovering and Managing Existing Zones

When you discover a global zone that has existing zones, these zones are also automatically discovered and displayed on the UI. The option to deploy the agent on the global zone is inherited to the zones.

The following steps provide an outline of the procedure to discover and manage existing zones:

Use the option Add Assets to discover a global zone.
In the Add Assets Wizard, select whether you want to deploy the agent on the global zone or you want agentless management.
All the non-global zones in the selected global zone are automatically discovered.
When you want to deploy the agent on the global zone, the agent is installed on all the zones that are in running state. When you want to deploy the agent for the zones in shutdown state, boot them and use the option Switch Management Access. Using this option you can change the state from agentless management to managed by agent mode.
You can always use the option Switch Management Access to switch between managed by agent and agentless management mode.

You cannot create zones on a global zone that is managed agentless. For an agentless managed zone, you can boot, shutdown, halt and delete the zone. Agent is required on the zone when you want to use the full range of OS update actions on the OS.

When you use the native CLI to create a zone, the new zone is automatically reflected in the UI. You can interchangeably use the CLI and the UI to perform zone functions. The UI reflects the change in the zone configuration and state.

You can also use the Find Asset to discover an asset with Service Tags. See Chapter 2, "Asset Management" for more information about discovering and managing an asset in Oracle Enterprise Manager Ops Center.

As shown in Figure 14-5, the discovered zones appear in the UI and the following actions are enabled for the zone: Shutdown Zone, Halt Zone, Reboot, Edit Attributes, Edit Tags, Edit Configuration, Replicate Zone, Move Storage, and Delete Zone.

Figure 14-5 Enabled Actions

Description of "Figure 14-5 Enabled Actions"

In Figure 14-5 the Migrate Zone and Add Storage options are not enabled because the zone storage source is unmanaged. To enable these actions, you must move the storage source to managed using the option Move Storage.

See Zone Management Functions for more information about performing zone management operations.

14.5.1 Deleting or Unmanaging a Global Zone

When you delete or unmanage the global zone, all the non-global zones under it are also automatically unmanaged.

You do not need to unmanage the non-global zones before unmanaging the global zone. See Chapter 2, "Asset Management" for more information about deleting an asset.

14.5.2 Unmanaged Zone Storage Information

When you discover and manage existing zones, Oracle Enterprise Manager Ops Center handles the zone metadata and networks except for the zone storage. The metadata of the existing zones is stored in the local storage of the global zone. Whereas, the zone's storage is considered to be unmanaged storage source.

Even for the zones that are created using Oracle Enterprise Manager Ops Center, when you add a storage or file system manually using the native CLI, the storage becomes an unmanaged storage or file system.

See Moving Zone Storage for more information about how to move the unmanaged storage to managed storage.

14.6 Outline of Zone Creation

Using Oracle Enterprise Manager Ops Center, you create a zone profile that captures the zone configuration. Use the profile in a deployment plan to create one or more zones simultaneously. The benefit of using a profile is that you can create multiple zones with consistent configuration.

Note:

When you create or migrate a zone using Oracle Enterprise Manager Ops Center, you cannot use Oracle Solaris Live Upgrade and an alternate boot environment (ABE) to update the zone.

Create a zone profile that captures all the zone configurations. Then, create a deployment plan with the zone profile. The deployment plan is a single step plan which covers only the zone profile. During the application of the deployment plan, select the number of zones to create. In the plan deployment, you can correct the storage and network details as required.

Figure 14-6 Zone Creation Process

Description of "Figure 14-6 Zone Creation Process"

14.7 Determining Zone Requirements

Before you create a zone profile, determine the requirements for the zone. The requirements varies according to the Oracle Solaris OS version and the type of zone. Refer to the following section according to the Oracle Solaris OS version on which you create the zones:

Requirements for Zones on Oracle Solaris 10 OS
Requirements for Zones on Oracle Solaris 11 OS

14.7.1 Requirements for Zones on Oracle Solaris 10 OS

You can create sparse root, whole root, and branded zones on Oracle Solaris 10 OS. While creating the zone profile, select the appropriate options and provide the required resources for a successful zone creation.

Requirements for a Whole Root Zone

A whole root zone contains a read/write copy of the global zone's file system and has the following requirements:

Minimum size of the file system is 5 GB.
Minimum size of the virtual disk for the storage library is 6 GB.

Requirements for a Sparse Root Zone

A sparse root zone contains a read/write copy of a portion of the global zone's file system and shares the global zone's/usr, /lib, /sbin, and /platform directories in read-only mode. A sparse root zone has the following requirements:

Minimum size of the file system is 1 GB.
Minimum size of the virtual disk for the storage library is 1 GB.

Requirements for a Branded Zone

A branded zone emulates the user environment of earlier versions of Oracle Solaris. For example, you can create a branded zone to run Oracle Solaris 8 applications on your Oracle Solaris 10 system. Use the following procedure to prepare to create a branded zone:

Download the images for the operating system, as shown in Table 14-2.
Import the images into one of the software libraries associated with the global zone.

During the process of creating a branded zone, you install the images in the global zone. For instructions, see the README files in the Oracle Solaris 8 or 9 Containers bundle.

Table 14-2 Packages for Branded Zones

Global Zone OS	Branded Non-Global Zone
Oracle Solaris 10 10/08 OS or later	For Oracle Solaris 8, install SUNWs8brandk from Oracle Solaris 8 Containers 1.0.1. For Oracle Solaris 9, install SUNWs9brandk from Oracle Solaris 9 Containers 1.0.1.
A version of Oracle Solaris before Oracle Solaris 10 10/08 OS	For Oracle Solaris 8, install SUNWs8brandr and SUNWs8brandu from Oracle Solaris 8 Containers 1.0.1. For Oracle Solaris 9, install SUNWs9brandr, SUNWs9brandu, and SUNWs9brandk from Oracle Solaris 9 Containers 1.0.1.

Global Zone OS

Branded Non-Global Zone

Oracle Solaris 10 10/08 OS or later

For Oracle Solaris 8, install SUNWs8brandk from Oracle Solaris 8 Containers 1.0.1.

For Oracle Solaris 9, install SUNWs9brandk from Oracle Solaris 9 Containers 1.0.1.

A version of Oracle Solaris before Oracle Solaris 10 10/08 OS

For Oracle Solaris 8, install SUNWs8brandr and SUNWs8brandu from Oracle Solaris 8 Containers 1.0.1.

For Oracle Solaris 9, install SUNWs9brandr, SUNWs9brandu, and SUNWs9brandk from Oracle Solaris 9 Containers 1.0.1.

14.7.2 Requirements for Zones on Oracle Solaris 11 OS

You can install zones in Oracle Solaris 11 OS either using the IPS packages in the default Oracle Solaris 11 Package Repository or using an image of an installed system running the Oracle Solaris release.

To install zones using images, you must have an Oracle Solaris 10 image in flash archive format or from an existing Oracle Solaris 11 OS image in gzip format. See http://www.oracle.com/technetwork/documentation/solaris-11-192991.html for how to prepare your installed Oracle Solaris 10 or 11 systems, and create the flar or gzip image. Upload these images to the storage libraries and install branded zones in Oracle Solaris 11 OS.

Requirements for Installing Zones Using Repository

To install zones from the repository, configure your Oracle Solaris 11 Software Update Library in the Enterprise Controller to synchronize with the Oracle Solaris 11 Package Repository. When you install from repository, the default software group, solaris-small-server group is used. This occupies less space. The zones are whole root type only.

Requirements for Oracle Solaris 10 Branded Zone

You can migrate an Oracle Solaris 10 OS into an Oracle Solaris 11 environment. Create an archive of the Oracle Solaris 10 instance that you would like to migrate. In the Enterprise Controller software library, import an ISO image of Oracle Solaris 10 OS that has the same architecture of the instance to be migrated, for example, SPARC or x86 architecture. Then, import the flar archive with the parent as the ISO image imported previously.

For Oracle Solaris 11 OS, create an archive in the format of gzip file using cpio command. Import the archive into Enterprise Controller software library with the reference to the parent ISO image.

You can migrate only systems that have Oracle Solaris 10 10/09 or later versions. To migrate earlier versions, install the kernel patch 141444-09 (SPARC) or 141445-09 (x86/x64), or later version, on the original system.

Since zones do not nest, existing zones in the original system is detected and a warning is issued that nested zones are not usable and that the disk space can be recovered.

To use the Oracle Solaris 10 package and patch tools in your Oracle Solaris 10 Container, install patches 119254-75 (SPARC) and 119255-75 (x86/x64) on your source system before the image is created. The P2V process works without the patches, but the package and patch tools do not work properly within the solaris10 branded zone.

To use Oracle Solaris 10 zones on your system, the system/zones/brand/s10 package must be installed on the system running Oracle Solaris 11 OS.

14.8 Zone Configuration Parameters

When you create a zone profile, you can provide zone configuration details such as CPU model, memory caps, priority value, network mode, and storage resources for the zone.

Zone name: Specify a unique name for the zone. Do not use names that start with global or SUNW.
Autoboot: Specify whether the zone must boot immediately after you create it and whenever the global zone boots.
Shared CPU: A zone with a shared CPU gets its CPU resources by the number of shares you allocate to it from the resource pool, which is also used by other zones. The new zone is added to the Fair Share Scheduling automatically. You have the option to set a maximum value for the CPU resources. The CPU cap limits the amount of CPU resources that can be used by one zone. For example, a CPU cap value of 1 means 100% of a CPU.
Dedicated CPU: A zone with a dedicated CPU gets exclusive use of the available CPU resources. You specify the minimum and maximum number of CPUs available to the new zone. A temporary resource pool is created and dedicated to the zone.

Note:
This parameter is available when you select dedicated CPU. Set the priority of the zone. Assign an importance value for the zone so that when there are not enough CPU resources to satisfy all zones, the zone with the greater importance value receives a larger share of the available CPU resources.
Priority of recovery: When you enable automatic recovery for the zone, the priority of recovery value decides which zone must be migrated first during a global zone failure in a server pool. Set the priority of recovery between 0 to 100.
Memory Caps: Set the maximum value for physical, swap and lock memory resources.
Naming Service: Specify the name service that the zone uses to communicate with network objects. You can select the DNS, NIS, NIS+ or LDAP naming service. To specify the name service, you require the domain name and the IP address of the name server.
Shared IP Address or Exclusive IP Address
- A zone with a shared IP address uses its global zone's IP layer configuration and state. The zone has a logical network interface to the IP address.
- A zone with an exclusive IP has its own dedicated IP layer configuration and state. The zone has its own set of network interfaces. You must configure the network interfaces using the same network configuration methods applied to all Oracle Solaris OS configurations.
  
  For Oracle Solaris 11 OS, only exclusive IP mode is supported for the network.

14.9 Creating a Zone Profile

Oracle Enterprise Manager Ops Center provides option to create profile that captures the zone configuration. Use the zone profile in a deployment plan and apply to create one or more zones simultaneously.

To Create a Zone Profile

Expand the Plan Management section in the Navigation pane.
Expand Profiles and Policies and click Oracle Solaris Zone.
Click Create Profile in the Actions pane.

The Create Profile – Oracle Solaris Zone Wizard is displayed.
Enter a name and description for the profile identification.

Select whether you want to create a deployment plan automatically using this profile.

Select the OS version of the zone.

Ensure that you apply the plan on correct target to create the zone. See Table 14-3 for more information.

Table 14-3 Oracle Solaris Zones Targets

Zone OS Version	As	On Target
Oracle Solaris 10	Whole root zone Sparse root zone	Oracle Solaris 10
Oracle Solaris 10	Branded zone	Oracle Solaris 11
Oracle Solaris 11	Whole root zone	Oracle Solaris 11
Oracle Solaris 8	Branded zone	Oracle Solaris 10
Oracle Solaris 9	Branded zone	Oracle Solaris 10

Click Next to specify the zone identity.

You can create one or more zones using the profile. To identify the zones, provide a zone prefix name and a number to start the series.

Each zone created uses the prefix name appended with the number that is incremented. For example, if the prefix name is Myzone and the number to start from is 1, then the zones are created with names Myzone1, Myzone2, and Myzone3.

Enter the description and tags for the zones. This is common for all the zones created using this profile.

Click Next to specify the zone installation source.
According to the OS version selected, the page displays the following information:
- Oracle Solaris 10
  
  Select whether you want to create whole root, sparse root, or branded zone. For branded zone, provide the following information:
  - Select the architecture as x86 or SPARC
  - Select the branded zone image. You must have created a flash archive image of an installed Oracle Solaris 10 OS and uploaded to the software library in Oracle Enterprise Manager Ops Center. These images are listed in the Branded Zone Image list.
  - Enter the prefix for the Host ID and the starting number.
  - Select the machine type as sun4u or sun4v.
- Oracle Solaris 11
  
  You must select the installation source for installing Oracle Solaris 11 zones. You have the following options to select:
  - Install from repository. You must have configured your Oracle Solaris 11 Software Update Library in Oracle Enterprise Manager Ops Center in synchronization with the Oracle Solaris 11 Package Repository. This option installs the solaris-small-server software group by default. This is also referred to as the whole root zone for Oracle Solaris 11 OS.
  - Install from selected image. You must have created gzip archive image of an installed Oracle Solaris 11 OS and uploaded to software libraries in Oracle Enterprise Manager Ops Center. Select an image from the list. You can create the gzip archive formats using cpio or zfs command options.
- Oracle Solaris 8 and 9
  
  You can install Oracle Solaris 8 and 9 as branded zones on Oracle Solaris 10 OS only.
  
  Download the images of Oracle Solaris 8 or 9 a and upload them to a software library. Refer to Requirements for Zones on Oracle Solaris 10 OS for more information about requirements for branded zones.
Click Next to specify the zone configuration details.
Specify the CPU type, either Shared or Dedicated. Set the memory thresholds and verify that the locked memory threshold value is less than or equal to the physical memory threshold.

You can enable automatic recovery option for the zone. Set the priority of recovery value between 0 to 100. This value decides which zone is recovered first when the global zone fails.

Click Next to specify the zone file system.
The zone is created with a default root file system which is the zone path. You cannot delete this file system or change its read and write access. You can add more file systems from original zone's list of file systems. Set the size and access to the file system.

For each file system added, specify whether it is managed or unmanaged. When it is unmanaged, enter the mount point for the file system.

The Reserved size is the size of the file system that the user can reserve. The Quota size is the maximum size that the file system can utilize.

Click Next to configure the zone's storage.
Select the storage library for the zone and its metadata.

You can store the zone metatdata in the local or NAS library only. To migrate a zone, it is required that you store the zone metadata in a NAS storage library.

All the libraries that are available in the Oracle Enterprise Manager Ops Center are listed. Select the library type and the corresponding libraries are listed. Select the library and the virtual disk for the zone. You can select library types such as NAS, SAN, Local, Local Devices, and Dynamic Storage.

Note:
When you specify a local storage library, you cannot migrate the zone in the future.

Caution:
An Oracle Solaris Zone running with a zone path on a NFS share is not a supported configuration. When you specify this type of storage, do not use the zone for production or non-experimental workload.
When the library is local or NAS storage, specify the virtual disk name and size of the disk. For SAN library, select a LUN from the available list. You cannot change the size of the LUN and the size of the local devices.

For Dynamic Storage, select the Dynamic library that is available for the discovered storage servers in Oracle Enterprise Manager Ops Center. You can select the existing LUNs or create new LUN. Select Create LUN in the drop-down list of the column LUN/Virtual Disk Name and select the volume group. The size of the volume group is automatically displayed.

Click Next to specify the zone networks.
Select the networks that you want to connect to the zone. Also, specify the number of connections to the zone for each network. The actual binding of the networks takes place during deployment of a plan with this profile.

Click Next to specify the zone setup parameters.
Specify the following setup parameters:
- Language, time zone, terminal-type and root password for the zone.
- Provide a domain name for the NFSv4 Domain Name or accept the default value dynamic to allow the naming service that you specify in Step 14 to determine the NFSv4 domain at run time.
- Set the boot properties for the zone. You can set the zone to boot after it is created or whenever the global zone boots.
- For Oracle Solaris 10 version, you can select whether to install the agent on the zone or not. When the agent is not installed, the global zone access the zone through zlogin.
Click Next to specify the naming services.
Specify the naming service for the zone: DNS, NIS, NIS+ or LDAP naming service. You can also choose not to specify a naming service.
- DNS: Enter the domain name of the DNS server and the IP address of the DNS server You can enter up to three IP addresses in the Name Server field. To specify additional domains to search, enter up to six domain names for the Domain Name Search List. The total length of each entry cannot exceed 250 characters.
- NIS and NIS+: Enter the domain name of the NIS or NIS+ server. When you know the NIS server details, choose the Specify an NIS Server option to provide the NIS server host name and its IP address. When you do not have the NIS server information, select the Find an NIS Server option.
- LDAP: Enter the domain name of the LDAP server. Specify the name of the LDAP Profile. Enter the IP address of the LDAP Profile Server. You can also provide the Proxy Bind Distinguished Name and Password.
- NONE: Select this option so that no name server is configured.
Click Next to view the summary of the selected parameters for creating a zone profile.
Review the information and click Finish to create the zone profile.

The zone profile is created with version 1 and a corresponding deployment plan also with version 1. Apply the deployment plan to create one or more zones of consistent configuration.

14.10 Creating and Deploying Zone Plans

Apply the zone deployment plans on the required number of targets. When you apply the deployment plan, you are required to provide the resource assignments for storage and network. When there are resources that are provided from the profile are not available or not accessible, it is flagged in red and you must re-assign the resources to continue further.

Use zone deployment plans to modify the parameters such as storage, networks, and zone name. The zone deployment plan is a single step plan which collects details of the number of zones to be created. You can also create your own zone deployment plans.

To Create a Zone Deployment Plan

In the Plan Management section, expand Deployment Plans and click Oracle Solaris Zone.
Click Create Plan from Template in the Actions pane.
Enter a name and description for the plan.
Select the failure policy.
In the Deployment Plan Steps, select the Oracle Solaris Zone profile.
Enter the number of zones to create.
Click Save to save the deployment plan.

When you modify the zone profile, you can choose to update the deployment plan with the correct version of the zone profile.

Zone deployment allows you modify the parameters such as storage, networks, and zone name. When you apply the zone deployment plan, resource assignments that are not available is marked in red and it must be corrected.

To Apply Zone Deployment Plan

Select the zone deployment plan and click Apply Deployment Plan in the Actions pane.
Select the target asset from the list and click Add to Target List.

You can add more than one asset to the list.
Select how to apply the plan.

You can either apply the plan with minimal interaction or override the profile values. When you select to override the profile values, you are taken through each step of the profile. Otherwise, you are directed to provide only the required resource assignments. In this procedure the minimal interaction is taken into consideration. Click Next.
In the Specify Storage Step, correct the storage resources defined in the profile if required.

For example, when the selected storage libraries in the profile are not associated with the target global zone., then you must modify the storage resources accordingly.

Click Next to specify the zone networks.
Designate the IP stack for the zone as Shared or Exclusive. Select the IP stack and the network list is updated accordingly.

For Shared IP network:
- Select a network from the list.
- The address allocation method is Use Static IP only. This is fixed for shared IP networks.
- Enter the IP address. When you create more than one zone, enter the IP addresses either in the form of range, separated by comma or both. For example, 192.168.1.2 - 192.168.1.5, or 192.168.1.10, 192.168.1.210, 192.168.1.167.
For Exclusive IP network:
- Select a network from the list.
- Enter the number of times the zone connects to the network. This is applicable only for exclusive IP networks.
  
  Note:
  For Oracle Solaris 11 OS, you can connect to networks configured as exclusive IP stack only.
- Select the type of address allocation as Use static IP or DHCP allocated.
- When the allocation is static, then the IP range for the zones is proposed. The range depends on the number of zone and number of connections for each zone. You can modify the IP range as required.
Click Next to define the network resource assignment.
Modify zone host name and network assignment as required. You can also add or remove the network assignment to a zone.

For each network connection of the zone, the NIC and the individual IP address is displayed. Each zone's host name is also editable. Modify the zone resource assignment as required.

Click Next to schedule the job.
Select to run the zone creation job now or schedule to a later time.

Click Next to view the summary.
Review the information provided for creating zones. Click Apply to start the zone creation tasks.

14.10.1 Zpool and File System of Zones

Creating zones with Oracle Enterprise Manager Ops Center results in the following operations which run automatically in the background:

The file systems of the zones are implemented as ZFS file systems.
A zpool is created for each zone with the name of the zone metadata.
The storage that is allocated to the zone is pooled in a zpool and used by all the file systems.

For each deployed zone you can view the following information: file systems, zpools with reservations and quotas, the storage library used, and the file system usage. The Storage tab for a zone shows the zpools with reservations and quotas. The Analytics tab for a zone contains information on file system usage. Use the Move Storage action to change the reservation and quotas.

To View the File System and Storage Added to a Zone

Select the zone in the Navigation pane.
Click the Storage tab.

As shown in Figure 14-7, the Storage tab has two tables: a File Systems table and a ZPool and Storage table. The file system table displays the file system, the real path of the file system on the global zone, the amount of Reserved GB, the quota in GB, and the Access permissions for the zone.

Figure 14-7 Storage Tab for a Zone

Description of "Figure 14-7 Storage Tab for a Zone"

To Change the Default Reservation and Quota

Select the zone in the Navigation pane.
Click the Storage tab.
Click Move Storage in the Actions pane.

To View the File System Usage for a Zone

Select the zone in the Navigation pane.
Click the Analytics tab, then click the Metrics subtab.
Click File Systems in the Navigation pane.

Figure 14-8 Zone File System Metrics

Description of "Figure 14-8 Zone File System Metrics"

14.10.2 Modify Zone Configuration

You can modify the configuration of a zone to change the CPU or memory resources, scheduler, and the identity of the zone. When you modify the CPU and memory configuration, you must reboot the zone for the changes to take effect.

You can modify the following properties of a zone:

CPU Model: The CPU model can be shared or dedicated. For a shared CPU, you can modify the number of CPU shares allocated to the zone. For a dedicated CPU, you can edit the minimum and maximum dedicated CPU numbers. You can also set the relative importance of the zone compared to other zones when contending for CPUs.
Memory Caps: You can specify caps on various aspects of memory used by the zone. You can modify the caps set for physical, swap, and locked memory.
Scheduler: For shared CPU model, the scheduler is assigned to Fair Share Scheduler (FSS). For a dedicated CPU model, you can set the following scheduler attributes:
- Fair Share Scheduler (FSS)
- Fixed Priority (FX)
- Interactive (IA)
- Real-time (RT)
- Timer Sharing (TS)
LightWeight Processes (LWP): You can set the maximum number of LWPs simultaneously available to a zone.
- Message IDs: Set the maximum number of message queue IDs.
- Semaphore IDs: Set the maximum number of semaphore IDs.
- Shared Memory IDs: Set the maximum number of shared memory IDs.
- Shared Memory: Set the maximum amount of shared memory.
Automatic Recovery: Set the value of priority of recovery. When the server fails, the zone with highest priority is recovered first.

Modify Zone Attributes

Use the option Edit Attributes to modify the description and tags of the zone. You can also add new tags to the zone.

14.11 Managing Zones

After creating the zones, you can perform various operations such as boot, reboot, shut down, and halt on the zone. Oracle Enterprise Manager Ops Center provides all these options to be performed from the UI. The UI updates the status of the zone when you perform these operations from the CLI.

Select the global zone Summary tab in the center pane. The actions available for the zone are displayed as in Figure 14-9.

Figure 14-9 Zone Management Functions

Description of "Figure 14-9 Zone Management Functions"

The same actions are available in the Actions pane when you select the zone.

Figure 14-10 Zone Actions Pane View

Description of "Figure 14-10 Zone Actions Pane View"

Simple zone operations that can be performed from the UI are as follows:

Boot Zone

Booting a zone places the zone in the running state, using the current configuration. This option is enabled only when the zone is in the ready or installed state. The zone boots whenever the global zone boots depending on the autoboot properties set during zone creation.

Reboot Zone

You can reboot a zone that is in the running state. The zone is shut down and then booted. This is different from the zoneadm reboot command in which the zone is first halted and then booted.

Halt Zone

When you halt a zone, it removes both the application environment and the virtual platform of the zone. Halting a zone changes the zone's state to Installed, all processes are killed, devices are unconfigured, network interfaces are unplumbed, file systems are unmounted, and the kernel data structures are destroyed.

Shutdown Zone

Shut a zone down in a graceful manner so that it is in a state that can be restarted.

Delete Zone

When you delete a running zone, the zone is halted, uninstalled, then deleted from the global zone. The following changes are also made:

Zone root file system is deleted.
Other file systems that were added to the zone are deleted.
Zone metadata is deleted from the storage library.
The zpool for the zone is deleted and the storage is made available.
Exclusive IPs that were assigned to the zone are available for re-use.

14.11.1 Replicating Zones

Use this option to copy an existing zone so that you can provision a new zone on the same system efficiently. The process of cloning a zone is similar to the process of creating a zone because you can accept each of the original zone's specification or change it before you create the copied zone.

To Clone a Zone

Select the zone that you want to clone in the Assets section.
Click Replicate Zone in the Actions pane.

The Replicate Zone Wizard is displayed.
Enter a different zone name and description for the zone.
Select a library from the list of libraries that are associated with the global zone to store the cloned zone's image and metadata. Click Next.
The CPU shares that are allocated in the original zone are displayed. You can edit the changes for the cloned zone. Click Next.
Accept or change the attributes of the original zone: language, timezone, terminal type, host name and root password. Click Next.
Set the boot properties for the cloned zone. You can set the properties so that the new zone boots after it is created and whenever the global zone boots. Click Next.
Configure the file systems for the cloned zone. The new zone has a default root file system which is the zone path. You cannot delete this file system or change its read and write access. You can add more file systems from original zone's list of file systems. Accept or change the size and access to the file system. The Reserved size is the size of the file system that the user can reserve. The Quota size is the maximum size that the file system can utilize. Click Next.

Note:
Make sure that the cloned zone has the same or more size for its file system than the size of the original zone's file system. When the cloned zone's file system is smaller than the original zone's file system, the clone operation cannot complete and the job fails. Do not modify the root file system of the new zone to a size less than the source zone root file system. Do not modify the system file system if it is defined in the source zone.
Accept or change the storage library. The library can be either a NAS storage or Fibre Channel library. When the library is NAS storage, specify the virtual disk name and size of the disk. For SAN library, select a LUN from the available list of LUNs in the library. The size of the selected LUN is displayed. You cannot change the size of the LUN.
The accumulated size of the storage is displayed as Currently Accumulated Storage. The required storage is displayed as Recommended Storage Size. Click the Add icon to configure more storage resources to the zone if the Currently Accumulated Storage is less than the Recommended Storage Size. When you have defined the Currently Accumulated Storage size as at least equal to the Recommended Storage size, click Next.
Assign at least one network to the zone. Select the zone IP type as Shared or Exclusive.
- For Shared IP networks:
  1. Select a network from the list of networks that use the Shared IP mode and are assigned to the global zone.
  2. Select a NIC from the list of shared Network Interface Cards (NIC).
  3. Specify the management interface for the N IC. When the network has a defined IP range, the Auto Allocate IP option is displayed with the zone's IP address from the range. When the network does not have a defined IP range, the Use Static IP option is displayed. Enter an IP address for the zone in the Zone IP field.
  4. Click Next.
- For Exclusive IP networks
  1. Select a network from the list of networks that are assigned to the global zone and are not used by other zones.
  2. Select a NIC from the list of the selected network's NICs that are not bound or assigned to other networks.
  3. Specify the management interface for the NIC. When the selected network has a defined IP range, the Auto Allocate IP option is displayed in the Management Interface and the zone's IP address is populated with an IP address from the defined range.
    
    When the network does not have a defined IP range, you must either provide the IP address or specify a DHCP server to provide one. To provide an IP address, select the Static IP option and enter the IP address in the Zone IP field. To designate a DHCP server, select the Assigned by ext. DHCP option. The Zone IP field contains the Automatically Allocated value.
- Click Next.
Click Finish to launch the job for replicating a zone.

14.11.2 Adding Storage to Zones

You can add storage to zones dynamically. The storage is added to the zpool that is created for the zone. You cannot delete the storage from the zpool.

The storage libraries that are associated with the global zone are available for the zone. You can assign the following types of libraries to a zone:

File system storage: Use NAS libraries
Block storage: Use SAN or Dynamic storage libraries
Local storage: Add the local storage on the global zone and local devices that are attached to the system

See Chapter 6, "Storage Libraries" and Chapter 5, "Software Libraries" for more information about setting up your storage servers and software libraries.

To Add Storage to Zones

Select the zone in the Assets section.
Click Add Storage in the Actions pane. As an alternative, click the Storage tab and click the Add Storage to Zone icon under Zpool and Storage.

The Add Storage to the Zone window is displayed.
Click the Add icon to add storage.

The storage libraries associated with the global zone are displayed in the Library list. The library can be a local storage, NAS, local device, Dynamic Storage, or SAN library.
Select a library from the list.
The selection of virtual disks varies according to the library selected.
- Local and NAS library: Enter a virtual disk name and specify the size of the disk.
- For SAN and iSCSI libraries: Select a LUN from the list. The size of the LUN displays automatically.
- For Dynamic Storage Library: Either select a LUN from the list or create new LUN. When you create a new LUN, select the volume group from the list and specify the size of the new LUN.
The Additional Storage Specified shows the additional storage added to the zone.
Click Add Storage to add the specified storage to the zone.

14.11.3 Moving Zone Storage

Some management and monitoring functions of the zone might be disabled depending on the managed resources of the zone. For example, the zone migration option is disabled when the zone file system is not on a shared storage.

To enable the storage management and monitoring functions of the zone, you must move the zone's existing storage to a shared storage. This provides the following options to you to manage the storage and zpools:

Convert the local storage to shared storage so that you can migrate zones.
Convert the experimental NFS file systems into local or shared storage.
Combine small ZFS pools per zone into a single ZFS pool.
Split a single ZFS pool hosting zones into ZFS pools dedicated to each zone.

Oracle Enterprise Manager Ops Center provides the Move Storage option to convert the storage of the zones. You can use this option to manage your unmanaged storage resources of the zone.

Note:

You cannot move managed storage to unmanaged storage and you cannot alter the root file system of the zone.

When you discover and manage existing zone environments in Oracle Enterprise Manager Ops Center, the storage is considered to be unmanaged. You can move this storage from unmanaged state to managed using this option.

To Move Zone Storage

Select the zone for which you want to move the storage.
Click Move Storage in the Actions pane.

A warning message is displayed that the zone is shutdown during this process. You can use this option to relocate the zone metadata to a shared storage and copy the selected unmanaged file system to the dedicated zpool of the zone.

Figure 14-11 Warning Message for Move Storage

Description of "Figure 14-11 Warning Message for Move Storage"
Click Continue Move to proceed with the continue the process.

The Move Storage Wizard is displayed. The zone details are displayed.
You can edit the description and tags of the zone.
If required, you can change the library in which you have stored the zone metadata. All the libraries associated with the global zone are listed. Select the library from the list. Click Next.
Select the file systems that you want to be managed.
- When there are unmanaged file systems in the zone, you can select the option Managed and provide the Reserved and Quota size of the file system. These are added as new ZFS file systems on the existing zpool for the zone.
- When you want to relocate the root file system to a managed storage, a dedicated zpool is created for the zone and you must configure the virtual disks for the file systems.
- You can also modify the size of the file systems except for the root file system.
- You can keep some unmanaged file systems and relocate only those you require.
- You cannot relocate managed storage to unmanaged storage.
Click Next to configure the virtual disk storage when you move the root file system from unmanaged to managed state.
Select the library and the virtual disk for the zone's storage.

The libraries associated with the global zone are listed. Select NAS, SAN or Dynamic Storage library from the list.

For NAS library, provide a virtual disk name and enter the size of the disk.

For SAN library, select a LUN from the list.

For Dynamic Storage library, either select a LUN or create new LUN from the list. When you create a new LUN, select the volume group and enter the size of the LUN.

Click Next to view the summary.
Review the information and click Finish to change the zone storage from unmanaged to managed.

14.11.4 Adding File Systems to Zones

You can add file systems to zones. The zone must be in a shut down state to add file systems. The storage source for the file system can be managed or unmanaged storage source. For unmanaged storage source, you must provide the mount point of the storage.

Provide the Reserved and Quota size for the file system. Boot the zone for the changes to take effect. The file system is added to the existing zpool of the zone.

To Add a File System to a Zone

Select the zone in the Assets section.
Click Add File Systems in the Actions pane.

The Add File Systems window is displayed.
Click the Add icon to add file system.
Enter the file system.
Select whether the storage is managed or unmanaged.

When it is not managed, enter the mount point of the storage source.
Enter the Reserved and Quota size for the new file system.
Click Add File Systems.
Boot the zone for the changes to take effect.

14.11.5 Connect and Disconnect Networks

You can connect and disconnect networks from non-global zones. The networks attached to the corresponding global zone are available for the zones. The shared IP zones can connect to only networks that are specified for shared IP mode. The exclusive IP zones can connect to only exclusive IP networks.

Select the network and click the connect or disconnect icon as required.

14.11.6 Automatic Recovery

Use the options Enable Automatic Recovery and Disable Automatic Recovery to set the recovery option of created zones. To set automatic recovery for the zone, select the option Enable Automatic Recover. Edit the zone configuration to set the priority of recovery. The zone with highest value is recovered first. See Recovering Zones to manually recover the zones.

14.12 Migrating Zones

In Oracle Enterprise Manager Ops Center, zone migration is a cold migration because the zone is shut down, all applications are stopped, the migration occurs, and then the zone is restarted.

To enable migration action for a zone, the zone storage must be on a shared storage. When a zone uses local storage, use the Moving Zone Storage option to change the storage from local to shared.

This section describes the procedure for the following types of migration:

Migrating an Oracle Solaris system into a new non-global zone. This is referred to as physical to virtual (P2V) conversion. See Migrating a Physical Oracle Solaris System into a Zone.
Migrating a non-global zone from one global zone to another global zone, when all components are managed by Oracle Enterprise Manager Ops Center. See Migrating Zones to a Different Machine.
Migrating a non-global zone that has dependencies that are not managed by Oracle Enterprise Manager Ops Center. This process uses a script to perform the migration. To migrate unmanaged file systems, see Script to Migrate a Zone With Dependencies.

Note:

When you migrate a zone, the Alternate Boot Environment (ABE) is not supported.

14.12.1 Migrating a Physical Oracle Solaris System into a Zone

A "physical to virtual" (P2V) conversion moves an existing Oracle Solaris system into a new non-global zone on the target system's global zone.

Figure 14-12 shows the steps for a P2V conversion.

Figure 14-12 Workflow for Migrating an Existing Oracle Solaris System Into a Zone

Description of "Figure 14-12 Workflow for Migrating an Existing Oracle Solaris System Into a Zone"

Ensure the following before migrating the zone:

Assess the system to be migrated and collect information.

See http://docs.oracle.com/cd/E19683-01/817-1592/ for information about collecting information about the source system.
The system image to be installed in the non-global zone must not be newer than the target global zones's operating system release or the installation fails.
The destination global zone must be running at least Oracle Solaris 10 8/07 OS.
The supported branded zones are Oracle Solaris 8 and 9. For the branded zones to be supported on the destination global zone, remove the following brand packages from the global zone:
- SUNWs8brandu
- SUNWs8brandr
- SUNWs9brandu
- SUNWs9brandr

For instructions to download and install the correct brand packages, refer http://docs.oracle.com/cd/E22645_01/index.html

14.12.2 Migrating Zones to a Different Machine

Using Oracle Enterprise Manager Ops Center you can migrate one or more zones simultaneously. You can either migrate the zone to an individual global zone or to a zones server pool. When you migrate zones to a server pool, the target global zone depends on the server pool placement policy.

When you migrate a zone, perform a trial run before submitting the migration job to verify that the target global zone has the correct configuration to host the non-global zones.

The target global zone must have same or later versions of the following operating system packages and patches that are installed on the non-global zone.

Packages that deliver files under an inherit-pkg-dir resource
Packages where SUNW_PKG_ALLZONES=true

Other packages and patches, such as those for third-party products, can be different.

When the source and target global zone do not have the same patches and packages during migration, either update the zones patches and packages to match the target global zone or migrate without updating the zone patches and packages.

When the target global zone has later versions of the zone-dependent packages or patches, update those packages in the non-global zone before the migration to match the target global zone. When the target global zone supports the update on attach capability, it checks the non-global zone for packages that must be updated and only those packages are updated. The rest of the packages, and their associated patches, can vary from zone to zone.

You cannot downgrade the patches and packages of the zones to a lower version. In such cases, the update option fails.

The patches that must be backed out of the zone before the update are also listed. You must remove the patches manually and run the migration job again.

You can change the Name, Description, Tags, and NIC details of the non-global zone but, when you change other configuration, a warning message indicating that to change the zone configuration you must execute the sys-unconfigure command on the zone.

After you migrate a zone, you cannot use an alternate boot environment (ABE) to upgrade the zone.

Compatible Global Zones for Migration

When you click the Migrate Zone option in the Actions pane, Oracle Enterprise Manager Ops Center checks all global zones for compatibility with the source global zone. When there are compatible global zones, the Migrate Zone Wizard is displayed.

Otherwise, the following pop-up window is displayed.

Figure 14-13 Message Displayed When No Global Zones are Compatible

Description of "Figure 14-13 Message Displayed When No Global Zones are Compatible"

Table 14-4 shows the compatible global zones, depending on the operating system release.

Table 14-4 Compatible Global Zones

Source Global Zone	Compatible Target Global Zone
Oracle Solaris 10 8/07	Oracle Solaris 10 8/07 Oracle Solaris 10 10/08 Oracle Solaris 10 5/09 Oracle Solaris 10 10/09 Oracle Solaris 10 9/10 Oracle Solaris 10 8/11
Oracle Solaris 10 5/08	Oracle Solaris 10 5/08 Oracle Solaris 10 10/08 Oracle Solaris 10 5/09 Oracle Solaris 10 10/09 Oracle Solaris 10 9/10 Oracle Solaris 10 8/11
Oracle Solaris 10 10/08	Oracle Solaris 10 10/08 Oracle Solaris 10 5/09 Oracle Solaris 10 10/09 Oracle Solaris 10 9/10 Oracle Solaris 10 8/11
Oracle Solaris 10 5/09	Oracle Solaris 10 5/09 Oracle Solaris 10 10/09 Oracle Solaris 10 9/10 Oracle Solaris 10 8/11
Oracle Solaris 10 10/09	Oracle Solaris 10 10/09 Oracle Solaris 10 9/10 Oracle Solaris 10 8/11
Oracle Solaris 10 9/10	Oracle Solaris 10 9/10 Oracle Solaris 10 8/11
Oracle Solaris 10 8/11	Oracle Solaris 10 8/11
Oracle Solaris 11	Oracle Solaris 11 Oracle Solaris 11 Update 1
Oracle Solaris 11 Update 1	Oracle Solaris 11 Update 1

Verify the following conditions:

The source and target global zones are compatible.
The source and target global zones have access to all the libraries associated with the non-global zone.
The non-global zone's metadata is not stored in the source global zone's local library.
The non-global zone's data is not stored in the source global zone's local library. The zone must use a shared storage library.
The non-global zone is in the running state.
For a server pool, it must have at least one compatible global zone for migration.
When you migrate the zone, a warning message indicates that when you change the zone configuration except for Name, Description, Tags, and NIC details, you must execute the sys-unconfigure command on the zone. Also, when the NIC names are changed for a zone that uses exclusive IP mode, the /etc/hostname.itf and /etc/dhcp.itf file are renamed accordingly.

When the target global zone does not support backout on attach capability, you must remove or downgrade the patches and packages manually before continuing with the migration. Create an update profile that includes the patches that must be removed. Run an update job with this update profile. Repeat the migration job on the zone after the removal of the patches and packages.

To Migrate a Zone

Select the zone in the Assets section.
Click Migrate Zone in the Actions pane.

A warning message indicating that when you change the zone configuration except for Name, Description, Tags, and NIC details, you must execute the sys-unconfigure command on the zone. Also, when the NIC names are changed for a zone that uses exclusive IP mode, the /etc/hostname.itf and /etc/dhcp.itf file are renamed accordingly.
Click Continue Migration.

The Migrate Zone Wizard is displayed.
Select an individual global zone or server pool as the target.

The compatible global zones list the number of zones that are running, total CPUs, and available dedicated CPUs. The server pools list the average usage of CPU and memory.

Click Next. The zone migration test starts.
Review the migration test result. Select an update option to continue the migration on the target global zone or server pool:
- Update the patches and packages of the zone to match the target and then migrate the zone.
- Migrate the zone without updating its patches and packages.
Click Save Test Result As to save the migration test result. When you want to change the target, click Previous and select another target to run the migration test.

Click Next to review the zone identification.
If the zone name exists in the target global zone, you must change the zone name.

Click Next to specify the zone setup.
Select the language, time zone, and terminal type for the zone. The host name is the zone name as defined.

The dynamic value for NFSv4 domain name enables the domain name to be derived dynamically from the naming service configuration. To hard code the value for NFSv4 domain, provide a domain name.

Leave the password fields empty to use the existing password. Click Next to define the network interfaces.
You must have at least one network interface for the migration to continue. The network interfaces that are not accessible to the target global zone are displayed in yellow. Specify a new network interface for the inaccessible networks or click Do Not Connect to that network.
1. Select the network which is marked in yellow color. The network interface details are displayed under Network Interface.
2. Select a new network interface from the Network list or click Do Not Connect. The selected network can be either shared or dedicated. Enter the required network interface information for the selected network.
Click Next to specify the naming service.
Specify the naming service for the zone: DNS, NIS, NIS+ or LDAP naming service, or choose to not specify a naming service. Click Next.
- DNS: Enter the domain name of the DNS server and the IP address of the DNS server You can enter up to three IP addresses in the Name Server field. To specify additional domains to search, enter up to six domain names for the Domain Name Search List. The total length of each entry cannot exceed 250 characters.
- NIS and NIS+: Enter the domain name of the NIS or NIS+ server. When you know the NIS server details, choose the Specify an NIS Server option to provide the NIS server host name and its IP address. When you do not have the NIS server information, click Find an NIS Server.
- LDAP: Enter the domain name of the LDAP server. Specify the name of the LDAP Profile. Enter the IP address of the LDAP Profile Server. You can also provide the Proxy Bind Distinguished Name and Password.
- NONE: Select this option when you do not want to configure a naming service.
Review the summary of the migration job. When there are no patches and packages to be backed out, continue with the migration. When there are patches or patches that must be removed, a warning is displayed.
- When the target global zone supports backout on attach capability, a warning is displayed that the list of patches have been removed or downgraded.
- When the target global zone does not support backout on attach, the patches and packages on the zone must be removed or downgraded manually so that the source zone matches the destination global zone. Cancel the migration or select a new target global zone.
Click Finish to submit the migration job.

To Migrate Multiple Zones

Select the global zone from which you want to migrate the zones.
Click Migrate Zones in the Actions pane.

The Migrate Zones Wizard appears. The list includes the zones running in the global zone.
Select one or more zones from the list. Click Next.
Select an individual global zone or server pool to be the destination for the zone migration.

The table displays the list of eligible global zones and server pool to which you can migrate the zones. The target global zone in the server pool depends on the server pool placement policy.
Select an update option to continue with migration.

The source and the target global zones might not be in the same patch level. Either select to update the patches and packages of zone to match the target global zone or continue migration without updating the zone.
Review the details and click Finish to migrate the zones.

14.12.3 Script to Migrate a Zone With Dependencies

You can migrate zones even when the zone has dependencies that are not managed by Oracle Enterprise Manager Ops Center, such as when the zone uses storage that is not part of the zpool.

Scripts enable you to extend the zone migration feature to include the migration of dependencies, such as storage or other resources that are not managed by Oracle Enterprise Manager Ops Center. For example, unmanaged file systems are lost when you migrate a zone. To avoid this, use a script to migrate the file systems. See Example 14-1 for a sample script.

Develop your own scripts to migrate the dependencies and place them on the source and target global zone before migration.

The script for migrating the dependencies is executed in the following way:

The migration job checks for a script placed on both the source and target global zones. The migration job is aborted when the script is found only on one of the global zones.
When you create zones server pool, ensure that you upload the script to handle the unmanaged storage. The script is placed in all the global zones in the server pool and thus the migration of zone dependencies are taken care.
The job checks whether the script has zero on exit. A non-zero exit is a failure and the migration job fails.
The script is called on the global zone eight times when the migration job is executed.

Table 14-5 Script Call to Environmental Variables

Call to the Script	Environmental Variables
On the source global zone, to verify the script existence and user dependencies	OEMOC_ZONENAME=source zonename OEMOC_PHASE=VERIFY OEMOC_OPERATION=MIGRATION
On the target global zone, to verify the script existence and user dependencies	OEMOC_ZONENAME=destination zonename OEMOC_PHASE=VERIFY OEMOC_OPERATION=MIGRATION
On the source global zone, before the zone is shutdown	OEMOC_ZONENAME=source zonename OEMOC_PHASE=PREOPERATION_RUNNING OEMOC_OPERATION=MIGRATION
On the source global zone, after the zone is shutdown.	OEMOC_ZONENAME=source zonename OEMOC_PHASE=PREOPERATION_NOTRUNNING OEMOC_OPERATION=MIGRATION
On the source global zone, after the zone is detached	OEMOC_ZONENAME=source zonename OEMOC_PHASE=PREOPERATION_SHUTDOWN_DETACHED OEMOC_OPERATION=MIGRATION
On the target global zone, before the zone is attached	OEMOC_ZONENAME=destination zonename OEMOC_PHASE=POSTOPERATION_SHUTDOWN_DETACHED OEMOC_OPERATION=MIGRATION
On the target global zone, before the zone is started.	OEMOC_ZONENAME=destination zonename OEMOC_PHASE=POSTOPERATION_NOTRUNNING OEMOC_OPERATION=MIGRATION
On the target global zone, after the zone is started	OEMOC_ZONENAME=destination zonename OEMOC_PHASE=POSTOPERATION_RUNNING OEMOC_OPERATION=MIGRATION

During rollback phase, the same sequence is executed in reverse order. The environment variables values change accordingly:

PREOPERATION becomes POSTROLLBACK
POSTOPERATION becomes PREROLLBACK

14.12.4 Script Requirements

The script must be executable and follow these conventions:

Good error checking and clean-up within the script
Standard exit code conventions
Non-zero exit indicates that an error has occurred
Informational messages are in stdout
Error messages are in stderr
The script must be named as guest-operations and placed in the /var/opt/sun/oc/public directory on both the source and target global zone.

See the Sample Script for migrating the additional inherited file systems of an adopted zone. The sample script is based on the assumption that /opt/ file system is the additional inherited file system. The script re-configures /opt/ file system on the target global zone before rebooting the zone. The script reconfigures the user-inherited file systems during POSTOPERATION_NOTRUNNING phase

Example 14-1 Sample Script

#!/bin/sh

do_migration_action() {

 echo "executing migration action for zone ${OEMOC_ZONENAME}"

 if [ ${OEMOC_PHASE} != "POSTOPERATION_NOTRUNNING" ]; then
       exit 0
 fi

 #
 # for migration action, before starting the zone on the target GZ
 # add to /opt inherited filesystem.

 /usr/sbin/zoneadm -z ${OEMOC_ZONENAME} detach >/dev/null 2>&1
 if [ $? -ne 0 ] ;then
       echo "unable to detach ${OEMOC_ZONENAME}"
       exit 1
 fi

 echo "add inherit-pkg-dir" >/tmp/tmp-$$.txt
 echo "set dir=/opt" >>/tmp/tmp-$$.txt
 echo "end" >>/tmp/tmp-$$.txt

 /usr/sbin/zonecfg -z ${OEMOC_ZONENAME} -f /tmp/tmp-$$.txt >/dev/null 2>&1
 if [ $? -ne 0 ] ;then
       echo "unable to add inherit filesystem for ${OEMOC_ZONENAME}"
       exit 1
 fi

 /usr/sbin/zoneadm -z ${OEMOC_ZONENAME} attach -u >/dev/null 2>&1
 if [ $? -ne 0 ] ;then
       echo "unable to attach ${OEMOC_ZONENAME}"
       exit 1
 fi
}

echo ${OEMOC_ZONENAME}
echo ${OEMOC_PHASE}
echo ${OEMOC_OPERATION}

if [ ${OEMOC_OPERATION} = "MIGRATION" ] ;then
       do_migration_action
fi
exit 0

14.13 Recovering Zones

When the global zone crashes or must be halted, its non-global zones can be migrated to another global zone. However, this zone recovery procedure is not the same as zone migration because Oracle Enterprise Manager Ops Center cannot get access to the information in the global zone and therefore cannot perform compatibility checks. The procedure to relocate non-global zones from the source global zone to the target global zone is a forced attachment of the non-global zone.

The zone recovery procedure uses the command-line interface for the Oracle Enterprise Manager Ops Center.

See the Chapter 19, "Command Line Interface" for instructions on getting access to the CLI and the available CLI commands.

Before You Begin

Verify that the zone metadata is on the NAS storage library.
Verify that both the source and target global zones have the same network connectivity.
Verify that the source and the target global zones have the shared storage.
Verify that the target global zone has access to t he same libraries associated with the non-global zone.
Verify that the non-global zone's metadata and operational data is not stored in a local library.
Verify that JDK version 6 is used. In the Enterprise Controller command prompt, enter the following command:
```
export JAVA_HOME=/usr/jdk/latest
```

To Recover Zones

Connect to the Oracle Enterprise Manager Ops Center CLI using the following command:
```
/opt/SUNWoccli/bin/oc
```
Connect to the local Enterprise Controller.
```
xvmSh > connect

localhost >
```

Enter the virtualization mode.

localhost > virtualization
localhost [virtualization] >

List the available global zones.

localhost [virtualization] >list_hosts

Name                  Type                  Health        Reachable     ObjectName             
---------------------------------------------------------------------------------------------------------------------------------------------
gzhost36              zone                  OK            False         com.sun.hss.domain:type=xVMServer,name=NORM-NORM-localhost
gzhost44              zone                  OK            True          com.sun.hss.domain:type=xVMServer,name=NORM-NORM-localhost-4

List the zones that are running in the source global zone. For example, when the source global zone is gzhost36, then enter the following command.

Note:

Do not use the user-friendly name of the zone in the commands.

localhost [virtualization] >list_hosts -C com.sun.hss.domain:type=xVMServer,name=NORM-NORM-localhost

Name                  Type                  State         Migratable    ObjectName             
----------------------------------------------------------------------------------------------------------------------------
test                  ZONE                  RUNNING       True          com.sun.hss.domain:type=Server,name=NORM-07e91405-8313-43ec-9671-dc320989866e

Select the destination global zone and start the zone on it. For example, when the destination global zone is gzhost44, execute then execute the following command to start the test zone on it.

localhost [virtualization] >startup -Z <source global zone> -D <target global zone>

localhost [virtualization] >startup -Z com.sun.hss.domain:type=Server,name=NORM-07e91405-8313-43ec-9671-dc320989866e -D com.sun.hss.domain:type=xVMServer,name=NORM-NORM-localhost-4

submitted job : <Ecname>-1.17

A job is submitted. You can view the status of the job in the Jobs pane.

After the zone is migrated to the target global zone, the zone is a managed zone of the target global zone. The zone might continue to be displayed under source global zone. This is because the status of the source global zone is not updated. After the source global zone is rebooted, the zone does not appear as one of its managed zones.

14.14 Zones Server Pool

You can create server pools for zones in Oracle Enterprise Manager Ops Center. Pooling your virtualization hosts provides the capability for load balancing the virtualization servers, high availability and minimize power consumption.

See Chapter 17, "Server Pools" for information about creating and managing zones server pools.

14.15 Updating Zones

Oracle Enterprise Manager Ops Center enables you to update the global and non-global zones. You can also patch zones that are running on a supported configuration. The installation of the patches on the zones depend on the package parameters and the attribute set for the patch commands. This section describes the parameters for installation of the packages and patches. The concepts involved in updating global and non-global zones, and the procedures to update the zones are described in this section.

Note:

When you use Oracle Solaris Live Upgrade to update the OS in a zone, you cannot use Oracle Enterprise Manager Ops Center to manage the zone. Alternate Boot Environment (ABE) is not supported for zones that were created using Oracle Enterprise Manager Ops Center.

14.15.1 Install Packages and Patches on Zones

A patch is a collection of files and directories that replace existing files and directories that are preventing proper execution of the software.

You can install packages and patches on a zone. The patchadd and pkgadd commands operate in the background to install a patch and package respectively. However, the installation of packages on zones also depends on the parameters SUNW_PKG_ALLZONES, SUNW_PKG_HOLLOW, and SUNW_PKG_THISZONE. These parameters control whether a package can be installed on global zones or non-global zones. The actions for the parameters are as follows:

SUNW_PKG_ALLZONES: If the value is true, the package is installed on all zones, both global and non-global.
SUNW_PKG_HOLLOW: If the value is true, the package information is propagated to the non-global zones, but the package is not installed.
SUNW_PKG_THISZONE: If the value is true, the package is installed only in that zone.

14.15.2 Configure patchadd and pkgadd Commands

In Oracle Enterprise Manager Ops Center, the patchadd, pkgadd, patchrm, and pkgrm commands are implemented without the -G switch by default. To install updates or packages only on the current zone, enable the -G switch by editing the .uce.rc file.

Note:

Two files in the /SUNWuce/agent/bin directory have similar names. Verify that you are editing the .uce.rc file. Do not edit the uce.rc file.

14.15.3 Editing the .uce.rc File

Open the .uce.rc file in the /SUNWuce/agent/bin directory in the managed system.

Add the following lines to the .uce.rc file:

( all ) (invisible.__is_patchadd_g_specified, false)
( all ) (invisible.__is_patchremove_g_specified, false)
( all ) ( invisible.__is_pkgadd_g_specified, false)

Set the -G parameter to true for the action that you want to perform.
Save and close the file.
For this change to take effect, restart the services using the following commands:
```
svcadm disable -s update-agent
svcadm enable -s update-agent
```

14.15.4 Updating a Global Zone

In Oracle Enterprise Manager Ops Center, when a package or patch is installed, the patchadd and pkgadd commands are implemented in the background as shown in the following example:

patchadd <patchid>
pkgadd <pkgname>

Change the way that these commands are implemented by enabling the -G switch. You can enable the -G switch to cause the patch or package to be installed to the target zone only if the package parameter SUNW_PKG_THISZONE is set to true. See Install Packages and Patches on Zones for information about configuring the patchadd and pkgadd commands on the managed systems.

See the following scenarios when you are updating a global zone. The result for each scenario determines whether the update job is successful, depending on the package information.

Table 14-6 Updating a Global Zone Scenarios

SUNW_PKG_ALLZONES	SUNW_PKG_THISZONE	SUNW_PKG_HOLLOW	Impact	Impact with -G Configuration
False	False	False	The package is installed on the global zone, and all the non-global zones	The package is installed only on the global zone.
True	False	False	The package is installed on the global zone and all the non-global zones.	The `-G` switch cannot override the SUNW_PKG_ALLZONES parameter, and the package is installed on all the zones.
True	False	True	The package is installed on the global zone and the package information is made available on all the non-global zones.	The `-G` switch cannot override the SUNW_PKG_ALLZONES parameter, and the package is installed on all the zones.
False	True	False	The package is installed only on the global zone.	The package is installed only on the global zone.

Patches are sets of updates to packages. When you install a patch, the patch is installed on the global zone and the non-global zones, depending on the package parameters as shown in the previous table.

Note:

Use caution while enabling the -G option on a host with sparse zones. Packages that are inherited from the global zone that are not SUNW_ALL_ZONES cannot be patched within a sparse zone.

14.15.5 Updating a Non-Global Zones

A user with the virtualization administrator role can install packages and patches on non-global zones. The patchadd and pkgadd command must be used without options. Do not configure the -G switch to the commands while updating the non-global zones.

See the following scenarios when you are updating a non-global zone. The results of each scenario determine whether the update job is successful, depending on the package information.

Note:

The -G switch does not have an effect on installing packages or patches in a non-global zone.

Table 14-7 Updating Non-Global Zones Scenarios

SUNW_PKG_ALLZONES	SUNW_PKG_THISZONE	SUNW_PKG_HOLLOW	Impact
False	False	False	The package is installed only on the target non-global zone.
True	False	False	The package installation fails.
True	False	True	The package installation fails.
False	True	False	The package is installed only on the target non-global zone.

Note:

When the patch is installed only on the non-global zone, ensure that autoboot property is set to true for the zone. Otherwise, single user mode patches fail to apply as the zone does not come up after the reboot.

Patches are sets of packages that must be installed. When one of the packages has the SUNW_PKG_ALLZONES parameter set to true, then the patch installation fails. For a successful patch installation, ensure that none of the packages have SUNW_PKG_ALLZONES parameter set to true.

Note:

Packages that deliver to read-only inherit directories do not install on sparse root zones. These packages must be installed from the global zone with the -G switch disabled. When a package has the parameter SUNW_PKG_THISZONE=true, it does not appear as installed from the sparse zone and the software might not function correctly. In this case, a whole root zone must be used. Packages with SUNW_PKG_THISZONE=true must not deliver to read-only inherit directories.

14.15.6 Zone Parallel Patching

To view the number of zones that you can patch in parallel when you update the global zone, go to the global zone's Summary page. When the agent is installed on the Oracle Solaris OS, the number of zones that you can patch in parallel is calculated as 1.5 times the number of CPU cores in the server. For example, if you have a 2 CPU core machine, then you can patch three (3) zones in parallel. This is set and displayed on the UI.

Oracle Solaris 10 and 11 OS version displays this information in the Summary page. When the update capability is not enabled on the OS, then the zone parallel patching is also not enabled.

14.16 Related Zone Operations

Refer to the following chapters in this guide for operations that are common for many resources:

See Chapter 6, "Storage Libraries" for setting up your storage resources.
See Chapter 7, "Networks" for setting up your network infrastructure.
See Chapter 8, "Plans and Profiles" for managing your zone profiles and deployment plans.
See Chapter 12, "Operating Systems" for monitoring your resources and setting up boot environments.
See Chapter 2, "Asset Management" for discovering and registering your assets.
See Chapter 17, "Server Pools" for creating and managing zones server pools.

14.17 Related Resources

For instructions in performing actions or to learn more about the role of this feature, go to one of the following resources:

See Chapter 17, "Server Pools" for information about creating and managing zones server pools.
See Chapter 7, "Networks" for information about setting up your network infrastructure.
See Chapter 6, "Storage Libraries" for information about setting up your storage resources.
For end-to-end examples, see the How To library at http://docs.oracle.com/cd/E27363_01/nav/howto.htm. See the following example workflows for deploying and using zones:
- Deploy Oracle Solaris 10 Zones Workflow
- Deploy Oracle Solaris 11 Zones Workflow
- Operate Zones Workflow
See the Oracle Enterprise Manager Ops Center Administration Guide for information about how to manage the software, including user and role management.
See http://docs.oracle.com/cd/E19044-01/sol.containers/817-1592/ for Oracle Solaris Resource Management and Oracle Solaris Zones documentation.
The complete Oracle Solaris 10 documentation set is located at http://docs.oracle.com/cd/E19253-01/index.html.
See http://docs.oracle.com/cd/E23824_01/html/E24456/transzone-1.html for information about creating Solaris Flash archive images of an Oracle Solaris 10 operating system.
See http://docs.oracle.com/cd/E19082-01/819-6990/index.html for information about network interfaces and virtualization, and administration of your network interfaces.