4 Oracle Solaris Zones

This chapter includes the following sections:

• Introduction to Oracle Solaris Zones

• Roles for Oracle Solaris Zones

• Actions Available for Oracle Solaris Zones

• Location of Oracle Solaris Zones Information in the User Interface

• Preparing Your Global Zone

• Discovering and Managing Existing Zones

• Outline of Zone Creation

• Determining Zone Requirements

• Zone Configuration Parameters

• Creating a Zone Profile

• Creating a Kernel Zone Profile

• Creating and Deploying Zone Plans

• Creating and Deploying Zones on a Logical Domain

• Creating and Deploying Zones on a Kernel Zone

• Managing Zones

• Migrating Zones

• Recovering Zones

• Zones Server Pool

• Updating Zones

• Related Zone Operations

• Related Resources for Oracle Solaris Zones

4.1 Introduction to Oracle Solaris Zones

Oracle Solaris Zones, also known as Oracle Solaris Containers, are used to virtualize operating systems and provide an isolated and secure environment for running software applications. A zone is a virtualized operating system environment created within a single instance of the Oracle Solaris operating system.

Think of a zone as a box with flexible, software-defined walls. One or more applications can run in this box without interacting with the rest of the system. Because zones isolate software applications or services, applications that are running in the same instance of the Oracle Solaris OS are managed independently of each other. For example, you can run different versions of the same application in separate zones.

Zones require a machine that is running an Oracle Solaris 10 or later release.

4.1.1 Global and Non-global Zones

The global zone is the default operating system and has control over all of the processes and has system-wide administrative control. The global zone oversees the CPU, memory, and network resource allocation of all of the non-global zones. A global zone always exists, even when no other zones are configured.

Non-global zones, or simply zones, are configured inside the global zone. Zones are isolated from the physical hardware by the virtual platform layer. A zone cannot detect the existence of other zones.

4.1.2 Types of Non-Global Zones

You can create different types of non-global zones for different purposes. The zones can be broadly classified as native zones and kernel zones. The native zone can be a sparse, whole root, or branded zone.

Each of the zones is described as follows:

• Sparse Root Zone: Contains a read/write copy of a portion of the file system that exists on an Oracle Solaris 10 global zone. Other file systems are mounted read-only from the global zone as loop-back virtual file systems. As part of creating a sparse root zone, the global administrator selects which file systems to share with the sparse root zone and the default read-only file systems: /usr, /lib, /sbin, and /platform. All packages that are installed on the global zone are available to the sparse root zone; a package database is created and all files in the mounted file system are shared with the zone.

  Note:

  Sparse root zones are not available beginning with Oracle Solaris 11. You can create sparse root zones only in Oracle Solaris 10.

• Whole Root Zone: Contains a read/write copy of the entire file system that exists on the global zone. When a whole root zone is created, all packages that are installed on the global zone are available to the whole root zone; a package database is created and all files are copied onto the whole root zone for the dedicated and independent use of the zone.

• Branded Zone: The non-global zone runs the same operating system software on the global zone. The branded zone facility is used to create non-global branded zones that contain operating environments different from that of the global zone. For example, you can install Oracle Solaris 8, 9, or 10 in a branded zone.

• Kernel Zone: A kernel zone is a zone which runs its own dedicated kernel. A kernel zone's operating system can be at a different update level from the global zone. Kernel zones can also support nested zones, which can be discovered and managed.

Note:

Oracle Solaris 11 Immutable Zones and Zones on Shared Storage (ZOSS) are not supported.

Oracle Solaris 11 shared IP zones support is limited to basic monitoring.

4.1.3 Zones and Virtual Machines

Oracle Enterprise Manager Ops Center supports three types of virtualization:

• Oracle Solaris Zones: operating system virtualization

• Oracle VM Server for SPARC: hardware virtualization on a SPARC platform

• Oracle VM Server for x86: hardware virtualization on an x86 platform

You can create and manage zones within virtualized hardware on both SPARC and x86 platforms, including managed zones in Control Domains and I/O Domains.

4.2 Roles for Oracle Solaris Zones

The following table lists the tasks and the role required to complete the task. Contact your administrator if you do not have the necessary role or privilege to complete a task.

See the Related Resources for Oracle Solaris Zones section for information about the different roles and the permissions they grant.

Table 4-1 Oracle Solaris Zones Tasks and Roles

Task	Role
Create, manage, update, and delete zones	Virtualization admin
Provision and manage virtualization host	Virtualization admin
Discover and manage virtualization hosts	Asset admin
Create and manage zone profiles and plans	Profile and plan admin
Create and manage IPMP groups	Network admin
Create and manage Link Aggregation	Network admin
Set monitor thresholds	Asset admin

4.3 Actions Available for Oracle Solaris Zones

Oracle Enterprise Manager Ops Center provides the following solution for managing your zones environment in a data center:

• Create zones using profiles and deployment plan.

• Discover and manage existing zone environments.

• Perform zones functions such as booting, rebooting, shutting down, cloning, migrating and delete zones from the software UI.

• Manage zone configuration such as file systems, storage, and networks from the UI.

• Aggregate your NICs or create IP Multipathing (IPMP) groups.

• Create zones server pool for balancing available resources and provide the infrastructure support for virtual datacenter creation.

• Use UI and native CLI interchangeably to create and manage zones.

• Complete support for managing Oracle Solaris 11 zones.

• Options to upload scripts to manage the unmanaged file system and zone dependencies.

4.4 Location of Oracle Solaris Zones Information in the User Interface

This figure shows how zones appear beneath the global zone in the Assets section of the user interface.

The zones appear with a different icon. Badges on the icon indicate the status of the zone. The green triangle badge indicates that the zone is running. The black circle with a white vertical line indicates that the zone is shut down.

Figure 4-1 Zone Display in the UI

Description of "Figure 4-1 Zone Display in the UI"

This table lists where to find the different information about zone in the UI.

Table 4-2 Location of Zone Information in the UI

To See	Location
Zones	Expand Assets in the Navigation pane. The operating system under which the zones are created are listed with the icons representing it.
Zone resources	Expand Assets in the Navigation pane, then select Oracle Solaris OS. Select a zone listed under it. The center pane lists the zone information such as Storage, Networks, Analytics, and Summary.
Zone actions	Expand Assets in the Navigation pane, then select Oracle Solaris OS. Select a zone listed under it. The Actions pane lists the various zone actions such as Add Storage, Migrate Zone, Replicate Zone, Connect Network, Add File System, Move Storage, Boot, Halt, Shutdown, and Reboot Zone.
Kernel zone resources	Expand Assets in the Navigation pane, then select Servers. Select a kernel zone listed under it. The center pane lists the zone information such as Storage, Incidents, Configuration, and Summary.

4.5 Preparing Your Global Zone

The global zone is the default Oracle Solaris 10 or 11 operating system installed on a system. When you provision systems, you can use the Add Assets or Find Assets option in Oracle Enterprise Manager Ops Center to discover the global zone.

See the Related Resources for Oracle Solaris Zones section for information on provisioning a system with an Oracle Solaris operating system.

Each global zone has an /etc/patch/pdo.conf file that specifies the number of processes that are forked to execute the patch utilities in parallel on a zoned system. The file contains a num_proc= entry indicating the number of processes to be forked. Oracle Enterprise Manager Ops Center requires the number of CPUs on the system to be *1.5.

Beginning with Oracle Enterprise Manager Ops Center 12.2.2.0.0, the software checks this file every 12 hours, during an agent refresh, and makes the following adjustments:

• If the file does not exist, the software creates the file with the following entry: num_proc=Number of CPUs on the system*1.5.

• If the file exists, but the value in the entry is incorrect, where num_proc=Value is not equal to Number of CPUs on the system*1.5, the software removes this entry and appends to the contents of the file an entry: num_proc=Number of CPUs on the system*1.5.

If the file exists with a correct entry: num_proc=Number of CPUs on the system*1.5, the file is not changed or updated. For more information about this file, see the Oracle Solaris Zones pdo.conf man page.

You must prepare your global zone with the network and storage resources that the non-global zones will use, including associating the required storage libraries with the global zone and attaching networks to the global zone. You can also aggregate the interfaces or create IPMP groups in the global zone before you connect them to the zones. The use of IPMP and link aggregated interfaces results in enhanced network availability for the zones.

This section covers the following topics:

• Associating a Storage Library with a Global Zone

• Managing Global Zone Networks

• Creating IPMP Groups

• Creating Link Aggregation

• Modifying and Detaching a Network from the Global Zone

4.5.1 Associating a Storage Library with a Global Zone

Global and non-global zone metadata and the data that is the output of operations is saved in a SAN or NAS storage library.

You can associate the following types of storage libraries to a global zone:

• Filesystem storage: NAS libraries

• Block storage: SAN and Dynamic storage libraries

Libraries associated with the global zone are available to all of the zones in the hierarchy of the global zone. A list of available LUNs appears when you create a new zone. When you associate a storage library with the global zone, discovers the available LUNs. A list of available LUNs appears in the wizard when you create a new zone in the global zone. When you select the LUN for the zone, the LUN is reserved for that zone and is not available for other zones. When the SAN storage library is associated with a zones server pool, the LUNs are available to all global zones in the pool.

When using a SAN storage library, the metadata and data are stored on LUNs that are managed by the SAN storage library that is associated with the global zone. The number of LUNs determines the number of zones that the library can support. SAN LUNs are associated with Fibre Channel or iSCSI target groups. Fibre Channel targets use a dedicated optical network and iSCSI targets use the IP network. In both cases, the targets in the target group expose the LUNs as a storage resource for the zones.

When you use LUNs backed by Fibre Channel disks, the block storage is static. You cannot change the size of the LUNs, create LUNs, or delete LUNs in the UI. When the LUNs are not in use, you can add LUNs to the library or remove LUNs.

For information about how to create SAN and NAS storage libraries, see theRelated Resources for Oracle Solaris Zones section.

4.5.1.1 To Associate a Library With the Global Zone

You can associate a library with a global zone.

1. Select the global zone in the Assets section.
2. Click Associate Libraries in the Actions pane.

   The Associate Library window lists the libraries that are not associated with the global zone.

3. Select one or more libraries to add.
4. Click Associate Libraries.

   A job is submitted to associate the libraries with the global zone.

4.5.1.2 To Disassociate Libraries From the Global Zone

When you disassociate a library from the global zone:

• The libraries are not available to new zones.

• The libraries remain associated to existing non-global zones in that global zone.

1. Select the global zone in the Assets section.
2. Click the Libraries tab in the center pane.

   The associated libraries with the global zone are listed.

3. Select a library from the list.

   The Disassociate Library icon is enabled.

4. Click the Disassociate Library icon to display the Disassociate Library window.
5. Click Disassociate Library to confirm unmounting the library.

4.5.2 Managing Global Zone Networks

You can attach one or more networks to global zone using the Attach Networks option. When your networks are grouped as network domains in Oracle Enterprise Manager Ops Center, select the domain and choose the corresponding networks to be attached.

When you assign a network to a stand-alone global zone, you must define the mode of the network, either Shared IP or Exclusive IP:

• In Shared IP mode, the global zone shares its network interface with one or more zone. You must define the network interface when you assign the network to the global zone.

• In Exclusive IP mode, a dedicated network interface is allocated to the zone. You can choose the network interface when you assign the network to a zone.

Beginning with Oracle Enterprise Manager Ops Center 12.2.2.0.0, the type of IP (Shared or Exclusive) that is assigned appears in the non-global zone's Summary tab.

A network that is assigned as shared on a global zone can be assigned as exclusive on another global zone. For a global zone, a network has only one mode. For non-global zones, a network that is used in a shared mode for one zone cannot be used in exclusive mode for another zone.

You can attach networks that are configured with VLAN ID or P-key. When you use networks with VLAN ID, you can select to attach the network in tagged or untagged mode.

While you attach networks to a global zone, you can deploy IP Multipathing (IPMP) to obtain better network performance or link aggregation to provide increased reliability, availability, and network performance for systems with multiple physical interfaces.

For stand-alone global zones with Oracle Solaris 10 OS, network can be attached in shared or exclusive IP mode. Whereas with Oracle Solaris 11 OS, the network is always attached in exclusive IP mode. This is because a virtual NIC or VNIC is created when the zone boots and deleted when the zone is halted.

This scenario is different for attaching networks to global zones that are in a server pool. See Attaching Networks for more information about attaching networks in a zones server pool.

Some of the networking conditions that must be followed while attaching the network in tagged or untagged mode:

• You can select networks without VLAN ID. The UI does not provide the option to select Tagged or Untagged mode.

• You can select to associate and configure the networks with VLAN ID in Tagged mode.

• You can select to associate and configure the networks with VLAN ID in Untagged mode.

• You can select to configure the networks in mixed tagging mode in the server pool. For example, you can attach the network N1 with VLAN ID = 100 in tagged mode with the server S1 and in untagged mode for server S2. Refer to Mixed Network Tagging Mode Configuration for more detailed information.

• You can attach networks whose VLAN ID is similar to another network already connected to the servers. For example, a server S1 is already connected to network N1 with VLAN ID = 100, then while creating the server pool with S1 as the member of the pool, you can attach a network N2 with VLAN ID =100.

• You can edit the VLAN ID of a network when you are attaching the network in Tagged mode for the first time.

• When you can edit the VLAN ID of the network, you cannot enter -1 as the value for the VLAN ID.

• If the selected network with a VLAN ID is already connected to the selected assets in Tagged mode, then you cannot edit the VLAN ID and make another connection.

• You cannot make multiple network connections to the global zone over the same network in both tagged and untagged modes. The mode can be either in tagged or untagged mode only. For example, if you attach network N1 with VLAN ID =100 for the first time to server S1 in Tagged mode, then you cannot make another connection to the same network N1 in Untagged mode. Every other connection with network N1 must always be in Tagged mode for server S1.

• If the selected members of the pool are already connected to network N1 with VLAN ID =100, then you cannot select the same network with different VLAN ID to be connected for the server pool.

4.5.2.1 IPMP Groups

IPMP groups provide network failover for your global and non-global zones. You can configure one or more physical interfaces into an IPMP group in the global zone and extend that functionality to the non-global zones.

After configuring the IPMP group, the system monitors the interfaces in the IPMP group for failure. If an interface in the group fails or is removed for maintenance, IPMP migrates, or fails over, the failed interface's IP addresses. The failover feature of IPMP preserves connectivity and prevents disruption of any existing connections. The network access changes from the failed interface to the standby interface in the IPMP group and the data address of the failed interface migrates to the standby interface. See IP Multipathing Groups and Creating IPMP Groups for more information about IPMP groups.

Note:

You can create IPMP groups when you attach network in exclusive IP mode on Oracle Solaris 10 and 11 operating systems or you can create an IPMP group without using the attach network option. IPMP groups are not available for shared IP mode networks.

When you attach networks to a global zone in a shared IP mode, you can create an IPMP group and configure the following characteristics:

• Define the number of members for the IPMP group.

• Select the NICs that are part of the IPMP group. The NICs selected are placed in the IPMP group.

• Select the type of interface:

  • Active interface enables you to provide the data address and choose whether failover must be enabled for the interface for uninterrupted access to the network. This is applicable for Oracle Solaris 10 OS and is inherent in Oracle Solaris 11 OS.

  • Standby interface enables you to provide a test address when you want probe-based detection.

• Select the data addresses for each NIC.

Multiple shared IP zones can use the IPMP group. When you create a zone or connect a network to a zone, the IPMP group appears in the NIC list. Select the IPMP group from the list to connect to the selected network.

4.5.2.2 Link Aggregation

Several interfaces in a system can be aggregated into a single logical link. The aggregation is done as per the standard defined in IEEE802.3ad. When interfaces have been aggregated, they are treated as a single network interface.

Oracle Enterprise Manager Ops Center displays the link aggregation in the list of available NICs as if it were an individual interface. You can assign a network with a link aggregation to a non-global zone, and select the link aggregation from the NIC list.

When you attach a network to a global zone, you can aggregate the physical interfaces and attach to the network. Link aggregation is available for both shared and exclusive IP network stack.

4.5.2.3 To Attach a Network to a Global Zone

When you attach a network to a global zone, you can choose to create an IPMP group or aggregate link.

See Creating IPMP Groups to create IPMP groups on the global zone without using the attach network option.

The following network options are available:

• Exclusive network: For zones that use an exclusive IP network, each zone has a dedicated network interface. You can configure the interfaces when you connect a zone to the exclusive network. An IPMP group requires an exclusive network.

• Shared network: The global zone shares the network interface with the zones that use a shared IP network. You must configure the network interfaces of the global zone.

Perform the following steps to attach a network to a stand-alone global zone:

1. Select the global zone in the Assets section.
2. Click Attach Network in the Actions pane.

   The Attach Network Wizard is displayed.

3. Select the network domain and the corresponding networks that are not yet connected to the asset are displayed in the network list. Select a network from the list.

   You can attach one or more networks to the global zone. Click Next to configure the networks.

4. For each selected network, select the following information:

   • Select the IP stack as shared or exclusive.

   • Select the Mode as Tagged or Untagged for networks configured with VLAN ID. If you are attaching the network in Tagged mode for the first time, then you can edit the VLAN ID of the network, provided the VLAN ID is not used by any of the networks attached to the asset.

   • Select the network configuration as IPMP, Link Aggregation, or None. For an exclusive IP stack, only the Link Aggregation network configuration is available.

     • When you select IPMP network configuration, you are taken to Step 6 for IPMP configuration.

     • When you select Link Aggregation configuration, you are taken to Step 5 to configure the aggregation.

     • When you select None, you are taken to Step 7 to configure the network interfaces for shared IP stack or to the Summary step.

   • Enter the number of connections for each network.

     The number of connections depends on the Oracle Solaris OS version. For Oracle Solaris 10 OS, you cannot make multiple connections. For Oracle Solaris 11 OS, you can make multiple network connections.

   Click Next.

5. Provide the following information for link aggregation:

   • The link aggregation name.

   • Select the load balancing policy.

   Click Next to configure the link aggregation. Specify the following information for link aggregation:

   • LACP mode and timer

   • MAC address policy and the MAC address if required.

   Click Next to go to the Step 7 to configure the interfaces.

6. Specify the IPMP group details.

   • IPMP group name

   • Number of members of the IPMP group

   • Select whether the probe-based failure detection must be enabled.

   Click Next to configure the interfaces.

7. Configure the interfaces for networks that do not have network configuration:

   • Specify the NIC and the IP address for the network connection.

   • If required, modify the network tagging mode specified for the network connection.

   • You can select System Allocated for the NIC and Assign by DHCP for the system to take care of the NIC and IP address allocation.

   • Select Do Not Allocate IP for the IP address, when you do not want to allocate IP address for the network connection.

   For IPMP group, select the interface that will act as Standby interface. You must have at least one active interface.

   Click Next to specify the data addresses for IPMP group, otherwise go to Step 9.

8. Enter the data addresses that must be used for the active network interfaces. Also, specify whether failover must be enabled for the interface. You must have more than one interface to enable failover.
9. Review the information provided for attaching a network to the global zone and click Finish to attach the network.

To prevent a failure of the attach network job, ensure that you enter the correct information for different versions of Oracle Solaris OS.

4.5.3 Creating IPMP Groups

You can directly create IPMP groups on the global zone without using the attach network option. From the network tabs, you have the option to create and manage the IPMP groups in the selected Oracle Solaris OS.

Figure 4-2 shows the options that are available to create and manage IPMP groups.

Figure 4-2 IPMP Group Option

Description of "Figure 4-2 IPMP Group Option"

IPMP provides physical interface failure detection, transparent network access failover, and packet load spreading for systems with multiple interfaces. Oracle Enterprise Manager Ops Center provides option to create IPMP groups. You can configure one or more interfaces into an IPMP group. The group functions like an IP interface with data addresses to send and receive network traffic. When an underlying interface in the group fails, the data addresses are redistributed among the remaining underlying active interfaces in the group. Thus, the group maintains network connectivity despite an interface failure. With IPMP, network connectivity is always available, provided that a minimum of one interface is usable for the group. IPMP also provides load spreading for the outbound network traffic across the network interfaces in the group.

To create an IPMP group, you must the define the following parameters for the group:

• The active and the standby interfaces of the group. By default, an interface added to an IPMP group is active. You can configure as many standby interfaces as you want for the group.

• The gateway. You can specify a default route for the gateway.

• The link-based failure detection is enabled by default. You must select whether you want to enable Probe-Based failure detection. For probe-based failure detection, you must provide the test address to track the interface status.

• You must assign the data addresses for the physical interfaces in the IPMP group. Data traffic flow use the data addresses that are hosted on the IPMP interface and flow through the active interfaces of that group.

See the Related Resources for Oracle Solaris Zones section for information about using the tagged and untagged mode for the networks that are configured using different media type. The tagging mode also varies for different Oracle Solaris OS versions.

4.5.4 Creating Link Aggregation

You can also create link aggregation directly on the Oracle Solaris OS. To create link aggregation, you must define the following details:

• Load balancing policy

• LACP mode and timer

• MAC address policy and if required, the MAC address

See the Related Resources for Oracle Solaris Zones section for more information about creating a link aggregation.

4.5.5 Modifying and Detaching a Network from the Global Zone

You can modify the network connection that are attached to the network except for the management network. The modify and unbind network options are available in the Network tab.

Figure 4-3 shows the icons the represent the following options that are available to manage networks of a global zone: Connect Networks, Disconnect Networks, and Modify Physical Connectivity.

Figure 4-3 Network Options

Description of "Figure 4-3 Network Options"

4.5.5.1 To Modify Physical Connectivity

You can modify the physical connectivity for a global zone.

1. Click the Network tab of the selected global zone in the Assets section.
2. Click the Modify Physical Connectivity icon.

Figure 4-4 shows the Modify Physical Connectivity window that displays the network details that can be modified.

Figure 4-4 Modify Physical Connectivity

Description of "Figure 4-4 Modify Physical Connectivity"

You can change the permanent IP address or change the allocation method.

Note:

When the network interface is an IPMP group, you cannot modify the network interface.

4.5.5.2 Unbind Network Connection

When you unbind a network from a global zone, the global zone's non-global zones are also disconnected from the network. Select the global zone and click the Unbind Network icon to remove the network.

4.6 Discovering and Managing Existing Zones

When you discover a global zone that has existing zones, these zones are also automatically discovered and displayed on the UI. The option to deploy the agent on the global zone is inherited to the zones.

The following steps provide an outline of the procedure to discover and manage existing zones:

1. Use the option Add Assets to discover a global zone.

2. In the Add Assets Wizard, select whether you want to deploy the agent on the global zone or you want agentless management.

3. All the non-global zones in the selected global zone are automatically discovered. The virtualization portion of a kernel zone is also discovered when its global zone is discovered, but the kernel zone operating system and any nested zones can only be discovered if the discovery includes the kernel zone IP address as a target.

4. Agents are installed based on your selections in the discovery wizard and the system being discovered:

   • If you choose agentless management, the global zone and all non-global zones are managed agentlessly.

   • If you choose a Zone VC agent, an agent is deployed on the global zone and the non-global zones are managed using this agent. The OS of a kernel zone must be managed separately.

   • If you check the Deploy Agent Controller on Oracle Solaris 10 Zones option, an agent is deployed on the global zone and Oracle Solaris 10 non-global zones.

   • If you check the Enable Oracle VM for SPARC management option, the global zone is managed with an Oracle VM Server for SPARC agent and the non-global zones are managed agentlessly.

   When you want to deploy the agent for the zones in shutdown state, boot them and use the option Switch Management Access. Using this option you can change the state from agentless management to managed by agent mode.

5. You can always use the option Switch Management Access to switch between managed by agent and agentless management mode.

You cannot create zones on a global zone that is managed agentlessly. For an agentless managed zone, you can boot, shutdown, halt and delete the zone. The Zones Virtualization Controller Agent is required on the zone when you want to use the full range of OS update actions on the OS. See the Related Resources for Oracle Solaris Zones section for information about what functions are supported for agent and agentlessly managed zones and operating systems. See Virtualization Agent Controllers and Agent Management Options for more information about agents.

When you use the native Oracle Solaris CLI to create a zone, select the global zone in the UI and then click the Refresh icon to display the new zone in the UI. You can interchangeably use the CLI and the UI to perform zone functions. To display the changes in the zone configuration and state, select the zone in the UI and click the Refresh icon. If you do not refresh, the software will refresh the state in 12 hours.

As shown in Figure 4-5, the discovered zones appear in the UI and the following actions are enabled for the zone: Shutdown Zone, Halt Zone, Reboot, Edit Attributes, Edit Tags, Edit Configuration, Replicate Zone, Move Storage, and Delete Zone.

The Oracle Enterprise Manager Ops Center UI fully supports Oracle Solaris 11 zones configured with an exclusive IP mode for the network. You can discover and monitor Oracle Solaris 11 zones that are configured with shared IP, but zone support is similar to a zone without an agent. The zones appear in the UI, but active management is not supported and advanced network configurations are not monitored.

Note:

For Oracle Solaris 11 zones that are configured with shared IP, you cannot perform migration, connect networks or add storage resources to the zone and this zone should not be part of a server pool.

Figure 4-5 Enabled Actions

Description of "Figure 4-5 Enabled Actions"

In Figure 4-5 the Migrate Zone and Add Storage options are not enabled because the zone storage source is unmanaged. To enable these actions, you must move the storage source to managed using the option Move Storage.

See Actions Available for Oracle Solaris Zones for more information about performing zone management operations.

4.6.1 Deleting or Unmanaging a Global Zone

When you delete or unmanage the global zone, all the non-global zones under it are also automatically unmanaged.

You do not need to unmanage the non-global zones before unmanaging the global zone. See the Related Resources for Oracle Solaris Zones section for more information about deleting an asset.

4.6.2 Unmanaged Zone Storage Information

When you discover and manage existing zones, Oracle Enterprise Manager Ops Center handles the zone metadata and networks except for the zone storage. The metadata of the existing zones is stored in the local storage of the global zone. Whereas, the zone's storage is considered to be unmanaged storage source.

Even for the zones that are created using Oracle Enterprise Manager Ops Center, when you add a storage or file system manually using the native CLI, the storage becomes an unmanaged storage or file system.

See Moving Zone Storage for more information about how to move the unmanaged storage to managed storage.

4.7 Outline of Zone Creation

Using Oracle Enterprise Manager Ops Center, you create a zone profile that captures the zone configuration. Use the profile in a deployment plan to create one or more zones simultaneously. The benefit of using a profile is that you can create multiple zones with consistent configuration.

Note:

When you create or migrate a zone using Oracle Enterprise Manager Ops Center, you cannot use Oracle Solaris Live Upgrade and an alternate boot environment (ABE) to update the zone.

Note:

When you use OpenStack software to create a zone, do not use Oracle Enterprise Manager Ops Center to modify the zone. OpenStack cannot handle the modifications. A warning is displayed in the center pane if OpenStack services are running on the selected zone.

Create a zone profile that captures all the zone configurations. Then, create a deployment plan with the zone profile. The deployment plan is a single step plan which covers only the zone profile. During the application of the deployment plan, select the number of zones to create. In the plan deployment, you can correct the storage and network details as required.

Figure 4-6 Zone Creation Process

Description of "Figure 4-6 Zone Creation Process"

4.8 Determining Zone Requirements

Before you create a zone profile, determine the requirements for the zone.

Note:

When you use MAC addresses, you must have free alternate MAC addresses on available on the global zone before you can create zones. The addresses must be available before you apply the deployment plan to create the zones.

The requirements vary according to the Oracle Solaris OS version and the type of zone. See the following sections for os-specific zone requirements:

• Requirements for Zones on Oracle Solaris 10 OS

• Requirements for Zones on Oracle Solaris 11 OS

4.8.1 Requirements for Zones on Oracle Solaris 10 OS

You can create sparse root, whole root, and branded zones on Oracle Solaris 10 OS. While creating the zone profile, select the appropriate options and provide the required resources for a successful zone creation.

4.8.1.1 Requirements for a Whole Root Zone

A whole root zone contains a read/write copy of the global zone's file system and has the following requirements:

• Minimum size of the file system is 5 GB.

• Minimum size of the virtual disk for the storage library is 6 GB.

4.8.1.2 Requirements for a Sparse Root Zone

A sparse root zone contains a read/write copy of a portion of the global zone's file system and shares the global zone's/usr, /lib, /sbin, and /platform directories in read-only mode.

A sparse root zone has the following requirements:

• Minimum size of the file system is 1 GB.

• Minimum size of the virtual disk for the storage library is 1 GB.

4.8.1.3 Requirements for a Branded Zone

A branded zone emulates the user environment of earlier versions of Oracle Solaris. For example, you can create a branded zone to run Oracle Solaris 8 applications on your Oracle Solaris 10 system.

Use the following procedure to prepare to create a branded zone:

1. Download the images for the operating system, as shown in Table 4-3.

2. Import the images into one of the software libraries associated with the global zone.

During the process of creating a branded zone, you install the images in the global zone. For instructions, see the README files in the Oracle Solaris 8 or 9 Containers bundle.

Table 4-3 Packages for Branded Zones

Global Zone OS	Branded Non-Global Zone
Oracle Solaris 10 10/08 OS or later	For Oracle Solaris 8, install SUNWs8brandk from Oracle Solaris 8 Containers 1.0.1. For Oracle Solaris 9, install SUNWs9brandk from Oracle Solaris 9 Containers 1.0.1. The Oracle Solaris 10 installation automatically installs the following required packages for branded zones: Oracle Solaris 9 branded zones: SUNWs9brandr and SUNWsbrandu packages Oracle Solaris 8 branded zones: SUNWs8brandr and SUNWs8brandu packages
Releases prior to Oracle Solaris 10 10/08 OS	For Oracle Solaris 8, install SUNWs8brandr and SUNWs8brandu from Oracle Solaris 8 Containers 1.0.1. For Oracle Solaris 9, install SUNWs9brandr, SUNWs9brandu, and SUNWs9brandk from Oracle Solaris 9 Containers 1.0.1.

4.8.2 Requirements for Zones on Oracle Solaris 11 OS

You can install zones in Oracle Solaris 11 OS either using the IPS packages in the default Oracle Solaris 11 Package Repository or using an image of an installed system running the Oracle Solaris release.

To install zones using images, you must have an Oracle Solaris 10 image in flash archive format or from an existing Oracle Solaris 11 OS image in gzip format. See http://www.oracle.com/technetwork/documentation/solaris-11-192991.html for how to prepare your installed Oracle Solaris 10 or 11 systems, and create the flar or gzip image. Upload these images to the storage libraries and install branded zones in Oracle Solaris 11 OS.

4.8.2.1 Requirements for Installing Zones Using the Repository

To install zones from the repository, configure your Oracle Solaris 11 Software Update Library in the Enterprise Controller to synchronize with the Oracle Solaris 11 Package Repository.

When you install from repository, the default software group, solaris-small-server group is used. This occupies less space. The zones are whole root type only.

Note:

To provision Oracle Solaris 11 and Oracle Solaris 11 zones, the Enterprise Controller and Proxy Controller must be installed on an Oracle Solaris 11 operating system.

4.8.2.2 Requirements for Oracle Solaris 10 Branded Zone

You can migrate an Oracle Solaris 10 OS into an Oracle Solaris 11 environment. Create an archive of the Oracle Solaris 10 instance that you would like to migrate. In the Enterprise Controller software library, import an ISO image of Oracle Solaris 10 OS that has the same architecture (SPARC or x86) of the instance to be migrated. Then, import the flar archive with the parent as the ISO image imported previously.

You can migrate only systems that have Oracle Solaris 10 10/09 or later versions. To migrate earlier versions, install the kernel patch 141444-09 (SPARC) or 141445-09 (x86/x64), or later version, on the original system.

Since branded zones do not nest, existing zones in the original system are detected and a warning is issued that nested zones are not usable and that the disk space can be recovered.

To use the Oracle Solaris 10 package and patch tools in your Oracle Solaris 10 Container, install patches 119254-75 (SPARC) and 119255-75 (x86/x64) on your source system before the image is created. The P2V process works without the patches, but the package and patch tools do not work properly within the solaris10 branded zone.

To use Oracle Solaris 10 zones on your system, the system/zones/brand/brand-solaris10 package must be installed on the system running Oracle Solaris 11 OS.

4.9 Zone Configuration Parameters

When you create a zone profile, you can provide zone configuration details such as CPU model, memory caps, priority value, network mode, and storage resources for the zone.

• Zone name: Specify a unique name for the zone. Do not use names that start with global or SUNW.

• Autoboot: Specify whether the zone must boot immediately after you create it and whenever the global zone boots.

• Shared CPU: A zone with a shared CPU gets its CPU resources by the number of shares you allocate to it from the resource pool, which is also used by other zones. The new zone is added to the Fair Share Scheduling automatically. You have the option to set a maximum value for the CPU resources. The CPU cap limits the amount of CPU resources that can be used by one zone. For example, a CPU cap value of 1 means 100% of a CPU.

• Dedicated CPU: A zone with a dedicated CPU gets exclusive use of the available CPU resources. You specify the minimum and maximum number of CPUs available to the new zone. A temporary resource pool is created and dedicated to the zone.

  Note:

  This parameter is available when you select dedicated CPU. Set the priority of the zone. Assign an importance value for the zone so that when there are not enough CPU resources to satisfy all zones, the zone with the greater importance value receives a larger share of the available CPU resources.

• Priority of recovery: When you enable automatic recovery for the zone, the priority of recovery value decides which zone must be migrated first during a global zone failure in a server pool. Set the priority of recovery between 0 to 100.

• Memory Caps: Set the maximum value for physical, swap and lock memory resources.

• Naming Service: Specify the name service that the zone uses to communicate with network objects. You can select the DNS, NIS, NIS+ or LDAP naming service. To specify the name service, you require the domain name and the IP address of the name server.

• Shared IP Address or Exclusive IP Address

  • A zone with a shared IP address uses its global zone's IP layer configuration and state. The zone has a logical network interface to the IP address.

  • A zone with an exclusive IP has its own dedicated IP layer configuration and state. The zone has its own set of network interfaces. You must configure the network interfaces using the same network configuration methods applied to all Oracle Solaris OS configurations.

    For Oracle Solaris 11 OS, only exclusive IP mode is supported for the network in the Oracle Enterprise Manager Ops Center UI.

4.10 Creating a Zone Profile

Oracle Enterprise Manager Ops Center provides option to create profile that captures the zone configuration. Use the zone profile in a deployment plan and apply to create one or more zones simultaneously.

1. Expand the Plan Management section in the Navigation pane.
2. Expand Profiles and Policies and click Oracle Solaris Zone.
3. Click Create Profile in the Actions pane.

   The Create Profile – Oracle Solaris Zone Wizard is displayed.

4. Enter a name and description for the profile identification.

   Select whether you want to create a deployment plan automatically using this profile.

5. Select the OS version of the zone.

   Ensure that you apply the plan on correct target to create the zone. See Table 4-4 for more information.

   Table 4-4 Oracle Solaris Zones Targets

   Zone OS Version	As	On Target
   Oracle Solaris 10	Whole root zone Sparse root zone	Oracle Solaris 10
   Oracle Solaris 10	Branded zone	Oracle Solaris 11
   Oracle Solaris 11	Whole root zone	Oracle Solaris 11
   Oracle Solaris 8	Branded zone	Oracle Solaris 10
   Oracle Solaris 9	Branded zone	Oracle Solaris 10

   Click Next to specify the zone identity.

6. You can create one or more zones using the profile. To identify the zones, provide a zone prefix name and a number to start the series.

   Each zone created uses the prefix name appended with the number that is incremented. For example, if the prefix name is Myzone and the number to start from is 1, then the zones are created with names Myzone1, Myzone2, and Myzone3.

   Enter the description and tags for the zones. This is common for all the zones created using this profile.

   Click Next to specify the zone installation source.

7. According to the OS version selected, the page displays the following information:

   • Oracle Solaris 10

     Select whether you want to create whole root, sparse root, or branded zone. For branded zone, provide the following information:

     • Select the architecture as x86 or SPARC

     • Select the branded zone image. You must have created a flash archive image of an installed Oracle Solaris 10 OS and uploaded to the software library in Oracle Enterprise Manager Ops Center. These images are listed in the Branded Zone Image list.

     • Enter the prefix for the Host ID and the starting number.

     • Select the machine type as sun4u or sun4v.

   • Oracle Solaris 11

     You must select the installation source for installing Oracle Solaris 11 zones. You have the following options to select:

     • Install from repository. You must have configured your Oracle Solaris 11 Software Update Library in Oracle Enterprise Manager Ops Center in synchronization with the Oracle Solaris 11 Package Repository. This option installs the solaris-small-server software group by default. This is also referred to as the whole root zone for Oracle Solaris 11 OS.

     • Install from selected image. You must have created gzip archive image of an installed Oracle Solaris 11 OS and uploaded to software libraries in Oracle Enterprise Manager Ops Center. Select an image from the list. You can create the gzip archive formats using cpio or zfs command options.

   • Oracle Solaris 8 and 9

     You can install Oracle Solaris 8 and 9 as branded zones on Oracle Solaris 10 OS only.

     Download the images of Oracle Solaris 8 or 9 a and upload them to a software library. Refer to Requirements for Zones on Oracle Solaris 10 OS for more information about requirements for branded zones.

   Click Next to specify the zone configuration details.

8. Specify the CPU type, either Shared or Dedicated. Set the memory thresholds and verify that the locked memory threshold value is less than or equal to the physical memory threshold.

   You can enable automatic recovery option for the zone. Set the priority of recovery value between 0 to 100. This value decides which zone is recovered first when the global zone fails.

   Click Next to specify the zone file system.

9. The zone is created with a default root file system which is the zone path. You cannot delete this file system or change its read and write access. You can add more file systems from original zone's list of file systems. Set the size and access to the file system.

   For each file system added, specify whether it is managed or unmanaged. When it is unmanaged, enter the mount point for the file system.

   The Reserved size is the size of the file system that the user can reserve. The Quota size is the maximum size that the file system can utilize.

   Click Next to configure the zone's storage.

10. Select the storage library for the zone and its metadata.

    You can store the zone metadata in the local or NAS library only. To migrate a zone, you must store the zone metadata in a NAS storage library.

    All the libraries that are available in the Oracle Enterprise Manager Ops Center are listed. Select the library type and the corresponding libraries are listed. Select the library and the virtual disk for the zone. You can select library types such as NAS, SAN, Local, Local Devices, and Dynamic Storage.

    Note:

    When you specify a local storage library, you cannot migrate the zone in the future.

    Caution:

    An Oracle Solaris Zone running with a zone path on a NFS share is not a supported configuration. When you specify this type of storage, do not use the zone for production or non-experimental workload.

11. When the library is local or NAS storage, specify the virtual disk name and size of the disk. For SAN library, select a LUN from the available list. You cannot change the size of the LUN and the size of the local devices.

    For Dynamic Storage, select the Dynamic library that is available for the discovered storage servers in Oracle Enterprise Manager Ops Center. You can select the existing LUNs or create new LUN. Select Create LUN in the drop-down list of the column LUN/Virtual Disk Name and select the volume group. The size of the volume group is automatically displayed.

    Click Next to specify the zone networks.

12. Select the networks that you want to connect to the zone. Also, specify the number of connections to the zone for each network. The actual binding of the networks takes place during deployment of a plan with this profile.

    You can create an Oracle Solaris 11 zone with no networks, but an Oracle Solaris 10 zone must have at least one network.

    Click Next.

13. Specify the following setup parameters:

    • Language, time zone, terminal-type and root password for the zone.

    • Provide a domain name for the NFSv4 Domain Name or accept the default value dynamic to allow the naming service that you specify in Step 14 to determine the NFSv4 domain at run time.

    • Set the boot properties for the zone. You can set the zone to boot after it is created or whenever the global zone boots.

    • For Oracle Solaris 10 version, you can select whether to install the agent on the zone or not. When the agent is not installed, the global zone access the zone through zlogin.

    Click Next to specify the naming services.

14. Specify the naming service for the zone: DNS, NIS, NIS+ or LDAP naming service. You can also choose not to specify a naming service.

    • DNS: Enter the domain name of the DNS server and the IP address of the DNS server You can enter up to three IP addresses in the Name Server field. To specify additional domains to search, enter up to six domain names for the Domain Name Search List. The total length of each entry cannot exceed 250 characters.

    • NIS and NIS+: Enter the domain name of the NIS or NIS+ server. When you know the NIS server details, choose the Specify an NIS Server option to provide the NIS server host name and its IP address. When you do not have the NIS server information, select the Find an NIS Server option.

    • LDAP: Enter the domain name of the LDAP server. Specify the name of the LDAP Profile. Enter the IP address of the LDAP Profile Server. You can also provide the Proxy Bind Distinguished Name and Password.

    • NONE: Select this option so that no name server is configured.

    Click Next to view the summary of the selected parameters for creating a zone profile.

15. Review the information and click Finish to create the zone profile.

The zone profile is created with version 1 and a corresponding deployment plan also with version 1. Apply the deployment plan to create one or more zones of consistent configuration.

4.11 Creating a Kernel Zone Profile

Oracle Enterprise Manager Ops Center provides the option to create a profile that captures the kernel zone configuration. Use the zone profile in a deployment plan and apply to create one or more kernel zones simultaneously.

1. Expand the Plan Management section in the Navigation pane.
2. Expand Profiles and Policies and click Oracle Solaris Kernel Zone.
3. Click Create Profile in the Actions pane.

   The Create Profile – Oracle Solaris Kernel Zone wizard is displayed.

4. Enter a name and description for the profile identification.

   Select whether you want to create a deployment plan automatically using this profile.

   Click Next to specify the zone identity.

5. You can create one or more zones using the profile. To identify the zones, provide a zone prefix name and a number to start the series.

   Each zone created uses the prefix name appended with the number that is incremented. For example, if the prefix name is Myzone and the number to start from is 1, then the zones are created with names Myzone1, Myzone2, and Myzone3.

   Enter the description and tags for the zones. This is common for all the zones created using this profile.

   Click Next to specify the zone installation source.

6. You must select the installation source for installing Oracle Solaris 11 zones. You have the following options to select:

   • Install from repository. You must have configured your Oracle Solaris 11 Software Update Library in Oracle Enterprise Manager Ops Center in synchronization with the Oracle Solaris 11 Package Repository. This option installs the solaris-small-server software group by default. This is also referred to as the whole root zone for Oracle Solaris 11 OS.

   • Install from selected image. You must have created a gzip archive image of an installed Oracle Solaris 11 OS and uploaded to software libraries in Oracle Enterprise Manager Ops Center. Select an image from the list. You can create the gzip archive formats using cpio or zfs command options.

   Click Next to specify the zone configuration details.

7. Specify the CPU model, either Shared or Dedicated, and a number of CPU shares.

   Specify whether the CPU should be capped, and if so, at what value.

   Set the physical memory threshold. The minimum allowed value is 2 GB, and the minimum recommended value is 8 GB.

   Click Next to configure the zone's storage.

8. Select the storage library for the zone and its metadata.

   You can store the zone metadata in the local or NAS library only. To migrate a zone, you must store the zone metadata in a NAS storage library.

   Check the Force the re-use of Zpool checkbox to release the kernel zone’s storage if it is deleted.

   All the libraries that are available in the Oracle Enterprise Manager Ops Center are listed. Select the library type and the corresponding libraries are listed. Select the library and the virtual disk for the zone. You can select library types such as NAS, SAN, Local, Local Devices, and Dynamic Storage.

   One storage disk is listed by default. You can add or delete storage disks using the add and delete icons. For each storage disk, provide the following information:

   • Library Type: Select a library type.

   • Library Name: Select a library name from the available libraries.

   • Virtual Disk Name: Specify the virtual disk name. You can specify the virtual disk name for local and NAS libraries only.

   • Volume Group: Specify the volume group.

   • Required Size (GB): Specify the disk size in GB.

   Note:

   When you specify a local storage library, you cannot migrate the zone in the future.

   Caution:

   An Oracle Solaris Zone running with a zone path on a NFS share is not a supported configuration. When you specify this type of storage, do not use the zone for production or non-experimental workload.

   Click Next to specify the zone networks.

9. Select the networks that you want to connect to the zone. Also, specify the network domain and number of connections to the zone for each network. The actual binding of the networks takes place during deployment of a plan with this profile.

   Click Next to specify the zone setup parameters.

10. Specify the following setup parameters:

    • Language, time zone, terminal-type and root password for the zone.

    • Provide a domain name for the NFSv4 Domain Name or accept the default value dynamic to allow the naming service that you specify in Step 14 to determine the NFSv4 domain at run time.

    • Set the boot properties for the zone. You can set the zone to boot after it is created or whenever the global zone boots.

    Click Next to specify the zone user account.

11. Create a user account for the zone. Enter a name, username, and password.

    Click Next to specify the naming services.

12. Specify the naming service for the zone: DNS, NIS, NIS+ or LDAP naming service. You can also choose not to specify a naming service.

    • DNS: Enter the domain name of the DNS server and the IP address of the DNS server You can enter up to three IP addresses in the Name Server field. To specify additional domains to search, enter up to six domain names for the Domain Name Search List. The total length of each entry cannot exceed 250 characters.

    • NIS and NIS+: Enter the domain name of the NIS or NIS+ server. When you know the NIS server details, choose the Specify an NIS Server option to provide the NIS server host name and its IP address. When you do not have the NIS server information, select the Find an NIS Server option.

    • LDAP: Enter the domain name of the LDAP server. Specify the name of the LDAP Profile. Enter the IP address of the LDAP Profile Server. You can also provide the Proxy Bind Distinguished Name and Password.

    • NONE: Select this option so that no name server is configured.

    Click Next to view the summary of the selected parameters for creating a zone profile.

13. Review the information and click Finish to create the zone profile.

The zone profile is created with version 1 and a corresponding deployment plan also with version 1. Apply the deployment plan to create one or more zones of consistent configuration.

4.12 Creating and Deploying Zone Plans

Apply the zone deployment plans on the required number of targets. When you apply the deployment plan, you must provide the resource assignments for storage and network. When there are resources that are provided from the profile are not available or not accessible, it is flagged in red and you must re-assign the resources to continue further.

Use zone deployment plans to modify the parameters such as storage, networks, and zone name. The zone deployment plan is a single step plan which collects details of the number of zones to be created. You can also create your own zone deployment plans.

4.12.1 To Create a Zone Deployment Plan

You can create a deployment plan to deploy zones.

1. In the Plan Management section, expand Deployment Plans and click Create Oracle Solaris Zones.
2. Click Create Plan from Template in the Actions pane.
3. Enter a name and description for the plan.
4. Select the failure policy.
5. In the Deployment Plan Steps, select the Oracle Solaris Zone profile.
6. Enter the number of zones to create.
7. Click Save to save the deployment plan.

When you modify the zone profile, you can choose to update the deployment plan with the correct version of the zone profile.

Zone deployment allows you modify the parameters such as storage, networks, and zone name. When you apply the zone deployment plan, resource assignments that are not available is marked in red and it must be corrected.

4.12.2 To Apply a Zone Deployment Plan

1. Select the zone deployment plan and click Apply Deployment Plan in the Actions pane.
2. Select the target asset from the list and click Add to Target List.

   You can add more than one asset to the list.

3. Select how to apply the plan.

   You can either apply the plan with minimal interaction or override the profile values. When you select to override the profile values, you are taken through each step of the profile. Otherwise, you are directed to provide only the required resource assignments. In this procedure the minimal interaction is taken into consideration. Click Next.

4. In the Specify Storage Step, correct the storage resources defined in the profile if required.

   For example, when the selected storage libraries in the profile are not associated with the target global zone., then you must modify the storage resources accordingly.

   Click Next to specify the zone networks.

5. Designate the IP stack for the zone as Shared or Exclusive. Select the IP stack and the network list is updated accordingly.

   For Shared IP network:

   • Select a network from the list.

   • The address allocation method is Use Static IP only. This is fixed for shared IP networks.

   • Enter the IP address. When you create more than one zone, enter the IP addresses either in the form of range, separated by comma or both. For example, 192.0.2.1 - 192.0.2.3, or 192.0.2.1,192.0.2.2, 192.0.2.3.

   For Exclusive IP network:

   • Select a network from the list.

   • Enter the number of times the zone connects to the network. This is applicable only for exclusive IP networks.

     Note:

     For Oracle Solaris 11 OS, you can connect to networks configured as exclusive IP stack only.

   • Select the type of address allocation as Use static IP, DHCP allocated, or Do Not Plumb.

   • When the allocation is static, then the IP range for the zones is proposed. The range depends on the number of zone and number of connections for each zone. You can modify the IP range as required.

   Click Next to define the network resource assignment.

6. Modify zone host name and network assignment as required. You can also add or remove the network assignment to a zone.

   For each network connection of the zone, the P-Key or VLAN ID, the NIC, the address allocation method, and the individual IP address are displayed. Each zone's host name is also editable. Modify the zone resource assignment as required.

   You can create an Oracle Solaris 11 zone with no networks, but an Oracle Solaris 10 zone must have at least one network.

   Click Next to schedule the job.

7. Select to run the zone creation job now or schedule to a later time.

   Click Next to view the summary.

8. Review the information provided for creating zones. Click Apply to start the zone creation tasks.

   Note:

   If a zone creation job successfully creates a zone but the zone fails to boot, the zone is not deleted by the job rollback to enable manual troubleshooting.

4.12.3 Zpool and File System of Zones

Creating zones with Oracle Enterprise Manager Ops Center results in the following operations which run automatically in the background:

• The file systems of the zones are implemented as ZFS file systems.

• A zpool is created for each zone with the name of the zone metadata.

• The storage that is allocated to the zone is pooled in a zpool and used by all the file systems.

For each deployed zone you can view the following information: file systems, zpools with reservations and quotas, the storage library used, and the file system usage. The Storage tab for a zone shows the zpools with reservations and quotas. The Analytics tab for a zone contains information on file system usage. Use the Move Storage action to change the reservation and quotas.

4.12.3.1 To View the File System and Storage Added to a Zone

1. Select the zone in the Navigation pane.
2. Click the Storage tab.

   As shown in Figure 4-7, the Storage tab has two tables: a File Systems table and a ZPool and Storage table. The file system table displays the file system, the real path of the file system on the global zone, the amount of Reserved GB, the quota in GB, and the Access permissions for the zone.

   Figure 4-7 Storage Tab for a Zone

   
   Description of "Figure 4-7 Storage Tab for a Zone"

4.12.3.2 To Change the Default Reservation and Quota

You can change the default reservation and quota for zones.

1. Select the zone in the Navigation pane.
2. Click the Storage tab.
3. Click Move Storage in the Actions pane.

4.12.3.3 To View the File System Usage for a Zone

You can view the file system usage for a zone.

1. Select the zone in the Navigation pane.
2. Click the Analytics tab, then click the Metrics subtab.
3. Click File Systems in the Navigation pane.

   Figure 4-8 Zone File System Metrics

   
   Description of "Figure 4-8 Zone File System Metrics"

4.12.4 Modify Zone Configuration

You can modify the configuration of a zone to change the CPU or memory resources, scheduler, and the identity of the zone. When you modify the CPU model, you must reboot the zone for the changes to take effect unless the zone is using Oracle Solaris 11.2 or later.

Use the Edit Attributes option to modify the description and tags of the zone. You can also add new tags to the zone.

You can modify the following properties of a zone using the Edit Configuration option:

• Host ID Prefix: You can define or modify the host ID for the zone.

• CPU Model: The CPU model can be shared or dedicated. For a shared CPU, you can modify the number of CPU shares allocated to the zone. For a dedicated CPU, you can edit the minimum and maximum dedicated CPU numbers. You can also set the relative importance of the zone compared to other zones when contending for CPUs.

• Memory Caps: You can specify caps on various aspects of memory used by the zone. You can modify the caps set for physical, swap, locked, and virtual memory.

• Scheduler: For shared CPU model, the scheduler is assigned to Fair Share Scheduler (FSS). For a dedicated CPU model, you can set the following scheduler attributes:

  • Fair Share Scheduler (FSS)

  • Fixed Priority (FX)

  • Interactive (IA)

  • Real-time (RT)

  • Timer Sharing (TS)

• LightWeight Processes (LWP): You can set the maximum number of LWPs simultaneously available to a zone.

  • Message IDs: Set the maximum number of message queue IDs.

  • Semaphore IDs: Set the maximum number of semaphore IDs.

  • Shared Memory IDs: Set the maximum number of shared memory IDs.

  • Shared Memory: Set the maximum amount of shared memory.

• Automatic Recovery: Set the value of priority of recovery. When the server fails, the zone with highest priority is recovered first. See Automatic Recovery for more information on how automatic recovery works.

• Lofi Devices: Set the maximum number of lofi devices.

• Processes: Set the maximum number of processes.

Note:

For Oracle Solaris 11 kernel zones, only a subset of applicable configuration properties can be edited.

4.13 Creating and Deploying Zones on a Logical Domain

Oracle Enterprise Manager Ops Center has a consolidated view of a managed Oracle VM Server for SPARC Control Domain and associated logical domains and I/O resources. You can create zones on the domain using the domain's I/O resources that are not already in use by other assets. You can use the Oracle Enterprise Manager Ops Center UI to manage, update, and delete the zones.

Note:

When you create a zone on a logical domain, the logical domain cannot be a root domain that is dedicated to provide I/O resources exclusively to an Oracle VM Server for SPARC Server Pool.

To manage zones on an Oracle VM Server for SPARC logical domain, you must deploy the Zone VC Agent on the logical domain and the Oracle VM Server for SPARC VC Agent on the associated Control Domain. See Virtualization Agent Controllers in Get Started With Virtualization for information about Zone VC and Oracle VM Server VC Agents.

When you create a zone on logical domain, storage resources are assigned to the zone and are no longer available to use. The storage resource is not available to create other zones or to create a virtual server in exclusive mode. The zone's alternate MAC address cannot be assigned to a new VNIC or used to create a new zone.

Note:

A logical domain with a kernel zone installed on it cannot be migrated.

When you delete the zone, the storage resources that are assigned to the zone are put back into the available storage resources and the alternate MAC address is available.

4.14 Creating and Deploying Zones on a Kernel Zone

You can create nested zones on an existing kernel zone. You can use the Oracle Enterprise Manager Ops Center UI to manage, update, and delete these zones.

To create and manage zones on a kernel zone, you must deploy an Agent on the kernel zone operating system. In addition, to create nested zones on a kernel zone, there must be free MAC addresses in the kernel zone.

4.15 Managing Zones

After creating the zones, you can perform various operations such as boot, reboot, shut down, and halt on the zone. Oracle Enterprise Manager Ops Center provides all these options to be performed from the UI. The UI updates the status of the zone when you perform these operations from the CLI.

Select the global zone Summary tab in the center pane. The actions available for the zone are displayed as in Figure 4-9.

Figure 4-9 Zone Management Functions

Description of "Figure 4-9 Zone Management Functions"

The same actions are available in the Actions pane when you select the zone.

Figure 4-10 Zone Actions Pane View

Description of "Figure 4-10 Zone Actions Pane View"

Simple zone operations that can be performed from the UI are as follows:

• Boot Zone – Booting a zone places the zone in the running state, using the current configuration. This option is enabled only when the zone is in the ready or installed state. The zone boots whenever the global zone boots depending on the autoboot properties set during zone creation.

• Shutdown Zone – Shut a zone down in a graceful manner so that it is in a state that can be restarted.

• Halt Zone – When you halt a zone, it removes both the application environment and the virtual platform of the zone. Halting a zone changes the zone's state to Installed, all processes are killed, devices are unconfigured, network interfaces are unplumbed, file systems are unmounted, and the kernel data structures are destroyed.

• Reboot Zone – You can reboot a zone that is in the running state. The zone is shut down and then booted. This is different from the zoneadm reboot command in which the zone is first halted and then booted.

• Delete Zone – When you delete a running zone, the zone is halted, uninstalled, then deleted from the global zone. The following changes are also made:

  • Zone root file system is deleted.

  • Other file systems that were added to the zone are deleted.

  • Zone metadata is deleted from the storage library.

  • The zpool for the zone is deleted and the storage is made available.

  • Exclusive IPs that were assigned to the zone are available for re-use.

  You can delete multiple zones by selecting them in a user-defined group, in the global zone summary tab, or in a server pool summary tab.

4.15.1 Replicating Zones

Use this option to copy an existing zone so that you can provision a new zone on the same system efficiently. The process of cloning a zone is similar to the process of creating a zone because you can accept each of the original zone's specification or change it before you create the copied zone.

1. Select the zone that you want to clone in the Assets section.

2. Click Replicate Zone in the Actions pane.

   The Replicate Zone Wizard is displayed.

3. Enter a different zone name and description for the zone.

4. Select a library from the list of libraries that are associated with the global zone to store the cloned zone's image and metadata. Click Next.

5. The CPU shares that are allocated in the original zone are displayed. You can edit the changes for the cloned zone. Click Next.

6. Accept or change the attributes of the original zone: language, time zone, terminal type, host name and root password. Click Next.

7. Set the boot properties for the cloned zone. You can set the properties so that the new zone boots after it is created and whenever the global zone boots. Click Next.

8. Configure the file systems for the cloned zone. The new zone has a default root file system which is the zone path. You cannot delete this file system or change its read and write access. You can add more file systems from original zone's list of file systems. Accept or change the size and access to the file system. The Reserved size is the size of the file system that the user can reserve. The Quota size is the maximum size that the file system can utilize. Click Next.

   Note:

   Make sure that the cloned zone has the same or more size for its file system than the size of the original zone's file system. When the cloned zone's file system is smaller than the original zone's file system, the clone operation cannot complete and the job fails. Do not modify the root file system of the new zone to a size less than the source zone root file system. Do not modify the system file system if it is defined in the source zone.

9. Accept or change the storage library. The library can be either a NAS storage or Fibre Channel library. When the library is NAS storage, specify the virtual disk name and size of the disk. For SAN library, select a LUN from the available list of LUNs in the library. The size of the selected LUN is displayed. You cannot change the size of the LUN.

10. The accumulated size of the storage is displayed as Currently Accumulated Storage. The required storage is displayed as Recommended Storage Size. Click the Add icon to configure more storage resources to the zone if the Currently Accumulated Storage is less than the Recommended Storage Size. When you have defined the Currently Accumulated Storage size as at least equal to the Recommended Storage size, click Next.

11. Assign at least one network to the zone. Select the zone IP type as Shared or Exclusive.

    • For Shared IP networks:

      1. Select a network from the list of networks that use the Shared IP mode and are assigned to the global zone.

      2. Select a NIC from the list of shared Network Interface Cards (NIC).

      3. Specify the management interface for the N IC. When the network has a defined IP range, the Auto Allocate IP option is displayed with the zone's IP address from the range. When the network does not have a defined IP range, the Use Static IP option is displayed. Enter an IP address for the zone in the Zone IP field.

      4. Click Next.

    • For Exclusive IP networks

      1. Select a network from the list of networks that are assigned to the global zone and are not used by other zones.

      2. Select a NIC from the list of the selected network's NICs that are not bound or assigned to other networks.

      3. Specify the management interface for the NIC. When the selected network has a defined IP range, the Auto Allocate IP option is displayed in the Management Interface and the zone's IP address is populated with an IP address from the defined range.

         When the network does not have a defined IP range, you must either provide the IP address or specify a DHCP server to provide one. To provide an IP address, select the Static IP option and enter the IP address in the Zone IP field. To designate a DHCP server, select the Assigned by ext. DHCP option. The Zone IP field contains the Automatically Allocated value.

    • Click Next.

12. Click Finish to launch the job for replicating a zone.

4.15.2 Adding Storage to Zones

You can add storage to zones dynamically. The storage is added to the zpool that is created for the zone. You cannot delete the storage from the zpool.

The storage libraries that are associated with the global zone are available for the zone. You can assign the following types of libraries to a zone:

• File system storage: Use NAS libraries

• Block storage: Use SAN or Dynamic storage libraries

• Local storage: Add the local storage on the global zone and local devices that are attached to the system

See Storage Libraries for Virtualization and the Related Resources for Oracle Solaris Zones section for more information about setting up your storage servers and software libraries.

1. Select the zone in the Assets section.
2. Click Add Storage in the Actions pane. As an alternative, click the Storage tab and click the Add Storage to Zone icon under Zpool and Storage.

   The Add Storage to the Zone window is displayed.

3. Click the Add icon to add storage.

   The storage libraries associated with the global zone are displayed in the Library list. The library can be a local storage, NAS, local device, Dynamic Storage, or SAN library.

4. Select a library from the list.
5. The selection of virtual disks varies according to the library selected.

   • Local and NAS library: Enter a virtual disk name and specify the size of the disk.

   • For SAN and iSCSI libraries: Select a LUN from the list. The size of the LUN displays automatically.

   • For Dynamic Storage Library: Either select a LUN from the list or create new LUN. When you create a new LUN, select the volume group from the list and specify the size of the new LUN.

   The Additional Storage Specified shows the additional storage added to the zone.

6. Click Add Storage to add the specified storage to the zone.

4.15.3 Moving Zone Storage

Some management and monitoring functions of the zone might be disabled depending on the managed resources of the zone. For example, the zone migration option is disabled when the zone file system is not on a shared storage library in .

Note:

A shared storage library in is one that is accessible by the server and operating system. It is not related to Zones on Shared Storage in Oracle Solaris 11.1.

To enable the storage management and monitoring functions of the zone, you must move the zone's existing storage to a shared storage library. This provides the following options to you to manage the storage and zpools:

• Convert the local storage to a shared storage library so that you can migrate zones.

• Convert the experimental NFS file systems into a local or a shared storage library.

• Combine small ZFS pools per zone into a single ZFS pool.

• Split a single ZFS pool hosting zones into ZFS pools dedicated to each zone.

provides the Move Storage option to convert the storage of the zones. You can use this option to manage your unmanaged storage resources of the zone.

Note:

You cannot move managed storage to unmanaged storage and you cannot alter the root file system of the zone.

When you discover and manage existing zone environments in Oracle Enterprise Manager Ops Center, the storage is considered to be unmanaged. You can move this storage from unmanaged state to managed using this option.

1. Select the zone for which you want to move the storage.
2. Click Move Storage in the Actions pane.

   A warning message is displayed that the zone is shutdown during this process. You can use this option to relocate the zone metadata to a shared storage library and copy the selected unmanaged file system to the dedicated zpool of the zone.

   Figure 4-11 Warning Message for Move Storage

   
   Description of "Figure 4-11 Warning Message for Move Storage"
3. Click Continue Move to proceed with the continue the process.

   The Move Storage Wizard is displayed. The zone details are displayed.

4. You can edit the description and tags of the zone.
5. If required, you can change the library in which you have stored the zone metadata. All the libraries associated with the global zone are listed. Select the library from the list. Click Next.
6. Select the file systems that you want to be managed.

   • When there are unmanaged file systems in the zone, you can select the option Managed and provide the Reserved and Quota size of the file system. These are added as new ZFS file systems on the existing zpool for the zone.

   • When you want to relocate the root file system to a managed storage, a dedicated zpool is created for the zone and you must configure the virtual disks for the file systems.

   • You can also modify the size of the file systems except for the root file system.

   • You can keep some unmanaged file systems and relocate only those you require.

   • You cannot relocate managed storage to unmanaged storage.

   Click Next to configure the virtual disk storage when you move the root file system from unmanaged to managed state.

7. Select the library and the virtual disk for the zone's storage.

   The libraries associated with the global zone are listed. Select NAS, SAN or Dynamic Storage library from the list.

   For NAS library, provide a virtual disk name and enter the size of the disk.

   For SAN library, select a LUN from the list.

   For Dynamic Storage library, either select a LUN or create new LUN from the list. When you create a new LUN, select the volume group and enter the size of the LUN.

   Click Next to view the summary.

8. Review the information and click Finish to change the zone storage from unmanaged to managed.

4.15.4 Managing Kernel Zone Storage

The storage tab for a kernel zone displays all of the current storage disks. You can view this storage and enable or disable sharing.

To view the storage for a kernel zone, select the Storage tab. A table is displayed, showing the storage disks. You can use the Enable Sharing and Disable Sharing actions to enable or disable sharing for the selected disk. The On Shared Storage column indicates whether the disk is shared.

4.15.5 Moving Kernel Zone Metadata to Another Library

Metadata for a kernel zone is saved in either a local library or a shared library. When you install a kernel zone on a system without using Oracle Enterprise Manager Ops Center, the metadata is saved in a default local library. When you install a kernel zone with Oracle Enterprise Manager Ops Center, you define either a local library or a shared storage location for metadata.

Before you can move the kernel zone metadata to another library, the zone that hosts the kernel zone must be managed with a zone virtualization controller.

4.15.5.1 To Move Kernel Zone Metadata to Another Library

You can move a kernel zone’s metadata to another library.

1. Expand Assets, then select the kernel zone in the Assets tree.
2. Click Move Metadata in the Actions pane.
3. Select the new library from the list of available libraries to store the logical domain metadata. Optionally, add a description and add tags. Click Next.
4. Review the Summary, then click Submit.

When the job completes, the kernel zone's metadata is located on the new library.

4.15.6 Adding File Systems to Zones

You can add file systems to zones. You can add file systems dynamically if the global zone is using Oracle Solaris 11.2 or later.

The storage source for the file system can be managed or unmanaged storage source. For unmanaged storage source, you must provide the mount point of the storage.

Provide the Reserved and Quota size for the file system. The file system is added to the existing zpool of the zone.

1. Shut down the zone if it is using Oracle Solaris 11.1 or earlier.
2. Select the zone in the Assets section.
3. Click Add File Systems in the Actions pane.

   The Add File Systems window is displayed.

4. Click the Add icon to add file system.
5. Enter the file system.
6. Select whether the storage is managed or unmanaged.

   When it is not managed, enter the mount point of the storage source.

7. Enter the Reserved and Quota size for the new file system.
8. Click Add File Systems.
9. Boot the zone for the changes to take effect if the zone is using Oracle Solaris 11.1 or earlier.

4.15.7 Connect and Disconnect Networks

You can connect and disconnect networks from non-global zones and kernel zones. You can connect and disconnect networks dynamically if the global zone is using Oracle Solaris 11.2 or later, or Oracle Solaris 11.3 for kernel zones. If the global zone is using Oracle Solaris 11.1 or earlier, or Oracle Solaris 11.2 or earlier for kernel zones, you must shut down the zone before you can connect or disconnect a network.

The networks attached to the corresponding global zone are available for the zones. The shared IP zones can connect to only networks that are specified for shared IP mode. The exclusive IP zones can connect to only exclusive IP networks.

Select the network and click the connect or disconnect icon, or select the zone and click Connect Network, as required.

You can select an IP address allocation method for the zone. The following options are available:

• Use Static IP: Uses an IP address that you provide.

• Do Not Plumb: Does not set an IP address.

• Assigned by External DHCP: Uses an IP address assigned by external DHCP.

4.15.8 Enabling Automatic Recovery for Zones

Use the options Enable Automatic Recovery and Disable Automatic Recovery to set the recovery option of created zones.

To set automatic recovery for the zone, select the option Enable Automatic Recover. Edit the zone configuration to set the priority of recovery. The zone with highest value is recovered first. See Recovering Zones to manually recover the zones. See Automatic Recovery for more information about how automatic recovery works.

Note:

Automatic recovery is not supported for kernel zones.

4.15.9 Connect to Zone Console

You can attach to the zone console within the Oracle Enterprise Manager Ops Center UI. You enable the console connection and then you connect to the console.

Note:

When the logical domain is not in view in the Assets tree, the console is logged out automatically but the connection exists until the connection time expires. You must log in again.

4.15.10 View the Console Logs

You can view the console logs for a zone through the Oracle Enterprise Manager Ops Center UI. Select the Console tab for the guest, then select the Console Logs tab. You can export these logs as a zip file.

By default, the maximum log size is 400 KB.

A system must meet these prerequisites for the console logs to be visible through the UI:

• The global zone must be managed with an Oracle Solaris Zones agent.

• The global zone must be running Oracle Solaris 11.2 or later.

4.16 Migrating Zones

In Oracle Enterprise Manager Ops Center, zone migration is a cold migration because the zone is shut down, all applications are stopped, the migration occurs, and then the zone is restarted.

To enable migration action for a zone, the zone storage must be on a shared storage library in Oracle Enterprise Manager Ops Center that is accessible by the server and operating system. When a zone uses local storage, use the Moving Zone Storage option to change the storage from local to shared.

Beginning with Oracle Solaris 10 10/08, the zoneadm attach command updates the zone to match the destination global zone during migration. This option is not available for branded zones. To migrate branded zones, both the source and destination global zones must have the same patch level.

When you migrate a non-global zone with a network attached to the global zone, the software adds a router entry for the network on the destination zone. If the non-global zone has several different types of networks (such as management, public, and private) attached to the global zone, the software adds a router entry on the destination zone for each network. You can edit a system property to disable this feature. When you disable the feature, a default router is not configured when creating or migrating a zone.

You must have Ops Center Admin permissions to disable the property. To disable the system property, go Administration->Configuration->Virtualization' in the UI. Set the property 'ZoneDefaultAddRouter' to false.

This section describes the procedure for the following types of migration:

• Migrating an Oracle Solaris system into a new non-global zone. This is referred to as physical to virtual (P2V) conversion. See Migrating a Physical Oracle Solaris System into a Zone.

• Migrating a non-global zone from one global zone to another global zone, when all components are managed by Oracle Enterprise Manager Ops Center. See Migrating Zones to a Different Machine.

• Migrating a non-global zone that has dependencies that are not managed by Oracle Enterprise Manager Ops Center. This process uses a script to perform the migration. To migrate unmanaged file systems, see Script to Migrate a Zone With Dependencies.

Note:

When you migrate a zone, the Alternate Boot Environment (ABE) is not supported.

Note:

Kernel zones cannot be migrated through Oracle Enterprise Manager Ops Center.

4.16.1 Disabling the Automatic Router Assignment

When you migrate a non-global zone with a network attached to the global zone, the software adds a router entry for the network on the destination zone. If the non-global zone has several different types of networks (such as management, public, and private) attached to the global zone, the software adds a router entry on the destination zone for each network. You can edit a system property to disable this feature. When you disable the feature, a default router is not configured when creating or migrating a zone.

1. Log in to the software as an Ops Center Admin.

2. Expand Administration in the left navigation.

3. Click the Configuration tab.

4. Select Virtualization from the Subsystem menu.

5. Set the ZoneDefaultAddRouter property to false.

4.16.2 Migrating a Physical Oracle Solaris System into a Zone

A physical to virtual (P2V) conversion moves an existing Oracle Solaris system into a new non-global zone on the target system's global zone.

Figure 4-12 shows the steps for a P2V conversion.

Figure 4-12 Workflow for Migrating an Existing Oracle Solaris System Into a Zone

Description of "Figure 4-12 Workflow for Migrating an Existing Oracle Solaris System Into a Zone"

Ensure the following before migrating the zone:

• Assess the system to be migrated and collect information.

  See http://docs.oracle.com/cd/E19683-01/817-1592/ for information about collecting information about the source system.

• The system image to be installed in the non-global zone must not be newer than the target global zones's operating system release or the installation fails.

• The destination global zone must be running at least Oracle Solaris 10 8/07 OS.

• The supported branded zones are Oracle Solaris 8 and 9. For the branded zones to be supported on the destination global zone, remove the following brand packages from the global zone:

  • SUNWs8brandu

  • SUNWs8brandr

  • SUNWs9brandu

  • SUNWs9brandr

• For branded zone migration, the target and source global zones must have the same patch levels. The zoneadm attach option to update the branded zone to match the target global zone patches and packages is not available.

• When migrating a branded zone, you must provide an Address Allocation Method when you specify the network interface.

For instructions to download and install the correct brand packages, see the Related Resources for Oracle Solaris Zones section.

4.16.3 Migrating Zones to a Different Machine

Using Oracle Enterprise Manager Ops Center you can migrate one or more zones simultaneously. You can either migrate the zone to an individual global zone or to a zones server pool. When you migrate zones to a server pool, the target global zone depends on the server pool placement policy.

When you migrate a zone, perform a trial run before submitting the migration job to verify that the target global zone has the correct configuration to host the non-global zones.

The target global zone must have same or later versions of the following operating system packages and patches that are installed on the non-global zone.

• Packages that deliver files under an inherit-pkg-dir resource

• Packages where SUNW_PKG_ALLZONES=true

Other packages and patches, such as those for third-party products, can be different.

When the source and target global zone do not have the same patches and packages during migration, either update the zones patches and packages to match the target global zone or migrate without updating the zone patches and packages.

Note:

You cannot migrate branded zones if the source and target global zones have different patch levels. The option to update on attach capability is also not available for branded zones migration.

When the target global zone has later versions of the zone-dependent packages or patches, update those packages in the non-global zone before the migration to match the target global zone. When the target global zone supports the update on attach capability, it checks the non-global zone for packages that must be updated and only those packages are updated. The rest of the packages, and their associated patches, can vary from zone to zone.

You cannot downgrade the patches and packages of the zones to a lower version. In such cases, the update option fails.

The patches that must be backed out of the zone before the update are also listed. You must remove the patches manually and run the migration job again.

You can change the Name, Description, Tags, and NIC details of the non-global zone but, when you change other configuration, a warning message indicating that to change the zone configuration you must execute the sys-unconfigure command on the zone.

After you migrate a zone, you cannot use an alternate boot environment (ABE) to upgrade the zone.

4.16.3.1 Compatible Global Zones for Migration

When you click the Migrate Zone option in the Actions pane, Oracle Enterprise Manager Ops Center checks all global zones for compatibility with the source global zone. When there are compatible global zones, the Migrate Zone Wizard is displayed.

Otherwise, the following pop-up window is displayed.

Figure 4-13 Message Displayed When No Global Zones are Compatible

Description of "Figure 4-13 Message Displayed When No Global Zones are Compatible"

Table 4-5 shows the compatible global zones, depending on the operating system release.

Table 4-5 Compatible Global Zones

Source Global Zone	Compatible Target Global Zone
Oracle Solaris 10 8/07	Oracle Solaris 10 8/07 Oracle Solaris 10 10/08 Oracle Solaris 10 5/09 Oracle Solaris 10 10/09 Oracle Solaris 10 9/10 Oracle Solaris 10 8/11
Oracle Solaris 10 5/08	Oracle Solaris 10 5/08 Oracle Solaris 10 10/08 Oracle Solaris 10 5/09 Oracle Solaris 10 10/09 Oracle Solaris 10 9/10 Oracle Solaris 10 8/11
Oracle Solaris 10 10/08	Oracle Solaris 10 10/08 Oracle Solaris 10 5/09 Oracle Solaris 10 10/09 Oracle Solaris 10 9/10 Oracle Solaris 10 8/11
Oracle Solaris 10 5/09	Oracle Solaris 10 5/09 Oracle Solaris 10 10/09 Oracle Solaris 10 9/10 Oracle Solaris 10 8/11
Oracle Solaris 10 10/09	Oracle Solaris 10 10/09 Oracle Solaris 10 9/10 Oracle Solaris 10 8/11
Oracle Solaris 10 9/10	Oracle Solaris 10 9/10 Oracle Solaris 10 8/11
Oracle Solaris 10 8/11	Oracle Solaris 10 8/11
Oracle Solaris 11	Oracle Solaris 11 Oracle Solaris 11 Update 1
Oracle Solaris 11 Update 1	Oracle Solaris 11 Update 1
Oracle Solaris 11 Update 2	Oracle Solaris 11 Update 2

Verify the following conditions:

• The source and target global zones are compatible.

• The source and target global zones have access to all the libraries associated with the non-global zone.

• The non-global zone's metadata is not stored in the source global zone's local library.

• The non-global zone's data is not stored in the source global zone's local library. The zone must use a shared storage library.

• The non-global zone is in the running state.

• For a server pool, it must have at least one compatible global zone for migration.

• When you migrate the zone, a warning message indicates that when you change the zone configuration except for Name, Description, Tags, and NIC details, you must execute the sys-unconfigure command on the zone. Also, when the NIC names are changed for a zone that uses exclusive IP mode, the /etc/hostname. itf and /etc/dhcp.itf file are renamed accordingly.

When the target global zone does not support backout on attach capability, you must remove or downgrade the patches and packages manually before continuing with the migration. Create an update profile that includes the patches that must be removed. Run an update job with this update profile. Repeat the migration job on the zone after the removal of the patches and packages.

4.16.3.2 To Migrate a Zone

You can migrate a zone to a new global zone.

1. Select the zone in the Assets section.

2. Click Migrate Zone in the Actions pane.

   A warning message indicating that when you change the zone configuration except for Name, Description, Tags, and NIC details, you must execute the sys-unconfigure command on the zone. Also, when the NIC names are changed for a zone that uses exclusive IP mode, the /etc/hostname.itf and /etc/dhcp.itf file are renamed accordingly.

3. Click Continue Migration.

   The Migrate Zone Wizard is displayed.

4. Select an individual global zone or server pool as the target.

   The compatible global zones list the number of zones that are running, total CPUs, and available dedicated CPUs. The server pools list the average usage of CPU and memory.

   Click Next. The zone migration test starts.

5. Review the migration test result. Select an update option to continue the migration on the target global zone or server pool:

   • Update the patches and packages of the zone to match the target and then migrate the zone.

   • Migrate the zone without updating its patches and packages.

   Click Save Test Result As to save the migration test result. When you want to change the target, click Previous and select another target to run the migration test.

   Click Next to review the zone identification.

6. If the zone name exists in the target global zone, you must change the zone name.

   Click Next to specify the zone setup.

7. Select the language, time zone, and terminal type for the zone. The host name is the zone name as defined.

   The dynamic value for NFSv4 domain name enables the domain name to be derived dynamically from the naming service configuration. To hard code the value for NFSv4 domain, provide a domain name.

   Leave the password fields empty to use the existing password. Click Next to define the network interfaces.

8. You must have at least one network interface for the migration to continue. The network interfaces that are not accessible to the target global zone are displayed in yellow. Specify a new network interface for the inaccessible networks or click Do Not Connect to that network.

   1. Select the network which is marked in yellow color. The network interface details are displayed under Network Interface.

   2. Select a new network interface from the Network list or click Do Not Connect. The selected network can be either shared or dedicated. Enter the required network interface information for the selected network.

   Click Next to specify the naming service.

9. Specify the naming service for the zone: DNS, NIS, NIS+ or LDAP naming service, or choose to not specify a naming service. Click Next.

   • DNS: Enter the domain name of the DNS server and the IP address of the DNS server You can enter up to three IP addresses in the Name Server field. To specify additional domains to search, enter up to six domain names for the Domain Name Search List. The total length of each entry cannot exceed 250 characters.

   • NIS and NIS+: Enter the domain name of the NIS or NIS+ server. When you know the NIS server details, choose the Specify an NIS Server option to provide the NIS server host name and its IP address. When you do not have the NIS server information, click Find an NIS Server.

   • LDAP: Enter the domain name of the LDAP server. Specify the name of the LDAP Profile. Enter the IP address of the LDAP Profile Server. You can also provide the Proxy Bind Distinguished Name and Password.

   • NONE: Select this option when you do not want to configure a naming service.

10. Review the summary of the migration job. When there are no patches and packages to be backed out, continue with the migration. When there are patches or patches that must be removed, a warning is displayed.

    • When the target global zone supports backout on attach capability, a warning is displayed that the list of patches have been removed or downgraded.

    • When the target global zone does not support backout on attach, the patches and packages on the zone must be removed or downgraded manually so that the source zone matches the destination global zone. Cancel the migration or select a new target global zone.

11. Click Finish to submit the migration job.

4.16.3.3 To Migrate Multiple Zones

You can migrate multiple zones to a new global zone.

1. Select the global zone from which you want to migrate the zones.
2. Click Migrate Zones in the Actions pane.

   The Migrate Zones Wizard appears. The migratable zones running in the global zone are listed. If there are no migratable zones, an error message appears.

3. Select one or more zones from the list. Click Next.
4. Select an individual global zone or server pool to be the destination for the zone migration.

   The table displays the list of eligible global zones and server pool to which you can migrate the zones. The target global zone in the server pool depends on the server pool placement policy.

5. Select an update option to continue with migration.

   The source and the target global zones might not be in the same patch level. Either select to update the patches and packages of zone to match the target global zone or continue migration without updating the zone.

6. Review the details and click Finish to migrate the zones.

4.16.4 Script to Migrate a Zone With Dependencies

You can migrate zones even when the zone has dependencies that are not managed by Oracle Enterprise Manager Ops Center, such as when the zone uses storage that is not part of the zpool.

Scripts enable you to extend the zone migration feature to include the migration of dependencies, such as storage or other resources that are not managed by Oracle Enterprise Manager Ops Center. For example, unmanaged file systems are lost when you migrate a zone. To avoid this, use a script to migrate the file systems. See Example 4-1 for a sample script.

Develop your own scripts to migrate the dependencies and place them on the source and target global zone before migration.

The script for migrating the dependencies is executed in the following way:

• The migration job checks for a script placed on both the source and target global zones. The migration job is aborted when the script is found only on one of the global zones.

• When you create zones server pool, ensure that you upload the script to handle the unmanaged storage. The script is placed in all the global zones in the server pool and thus the migration of zone dependencies are taken care.

• The job checks whether the script has zero on exit. A non-zero exit is a failure and the migration job fails.

• The script is called on the global zone eight times when the migration job is executed.

Note:

You can use the OEMOC_AUTOMATIC_RECOVERY variable to determine if a script runs in the context of a migration or automatic recovery. Set the variable as follows:

• For migration, set the variable to false.

• For automatic recovery, set the variable to true.

Table 4-6 Script Call to Environment Variables

Call to the Script	Environment Variables
On the source global zone, to verify the script existence and user dependencies	OEMOC_ZONENAME=source zonename OEMOC_PHASE=VERIFY OEMOC_OPERATION=MIGRATION OEMOC_JOBID=ID of the job running the script OEMOC_TARGET=SOURCE
On the target global zone, to verify the script existence and user dependencies	OEMOC_ZONENAME=destination zonename OEMOC_PHASE=VERIFY OEMOC_OPERATION=MIGRATION OEMOC_JOBID=ID of the job running the script OEMOC_TARGET=DESTINATION
On the source global zone, before the zone is shutdown	OEMOC_ZONENAME=source zonename OEMOC_PHASE=PREOPERATION_RUNNING OEMOC_OPERATION=MIGRATION OEMOC_JOBID=ID of the job running the script OEMOC_TARGET=SOURCE
On the source global zone, after the zone is shutdown.	OEMOC_ZONENAME=source zonename OEMOC_PHASE=PREOPERATION_NOTRUNNING OEMOC_OPERATION=MIGRATION OEMOC_JOBID=ID of the job running the script OEMOC_TARGET=SOURCE
On the source global zone, after the zone is detached	OEMOC_ZONENAME=source zonename OEMOC_PHASE=PREOPERATION_SHUTDOWN_DETACHED OEMOC_OPERATION=MIGRATION OEMOC_JOBID=ID of the job running the script OEMOC_TARGET=SOURCE
On the target global zone, before the zone is attached	OEMOC_ZONENAME=destination zonename OEMOC_PHASE=POSTOPERATION_SHUTDOWN_DETACHED OEMOC_OPERATION=MIGRATION OEMOC_JOBID=ID of the job running the script OEMOC_TARGET=DESTINATION
On the target global zone, before the zone is started.	OEMOC_ZONENAME=destination zonename OEMOC_PHASE=POSTOPERATION_NOTRUNNING OEMOC_OPERATION=MIGRATION OEMOC_JOBID=ID of the job running the script OEMOC_TARGET=DESTINATION
On the target global zone, after the zone is started	OEMOC_ZONENAME=destination zonename OEMOC_PHASE=POSTOPERATION_RUNNING OEMOC_OPERATION=MIGRATION OEMOC_JOBID=ID of the job running the script OEMOC_TARGET=DESTINATION

During rollback phase, the same sequence is executed in reverse order. The environment variables values change accordingly:

• PREOPERATION becomes POSTROLLBACK

• POSTOPERATION becomes PREROLLBACK

4.16.5 Script Requirements

The script must be executable and follow these conventions:

• Good error checking and clean-up within the script

• Standard exit code conventions

• Non-zero exit indicates that an error has occurred

• Informational messages are in stdout

• Error messages are in stderr

• The script must be named as guest-operations and placed in the /var/opt/sun/oc/public directory on both the source and target global zone.

See the Example 4-1 for migrating the additional inherited file systems of an adopted zone. The sample script is based on the assumption that /opt/ file system is the additional inherited file system. The script re-configures /opt/ file system on the target global zone before rebooting the zone. The script reconfigures the user-inherited file systems during POSTOPERATION_NOTRUNNING phase

Example 4-1 Sample Script

#!/bin/sh

do_migration_action() {

 echo "executing migration action for zone ${OEMOC_ZONENAME}"

 if [ ${OEMOC_PHASE} != "POSTOPERATION_NOTRUNNING" ]; then
       exit 0
 fi

 #
 # for migration action, before starting the zone on the target GZ
 # add to /opt inherited filesystem.

 /usr/sbin/zoneadm -z ${OEMOC_ZONENAME} detach >/dev/null 2>&1
 if [ $? -ne 0 ] ;then
       echo "unable to detach ${OEMOC_ZONENAME}"
       exit 1
 fi

 echo "add inherit-pkg-dir" >/tmp/tmp-$$.txt
 echo "set dir=/opt" >>/tmp/tmp-$$.txt
 echo "end" >>/tmp/tmp-$$.txt

 /usr/sbin/zonecfg -z ${OEMOC_ZONENAME} -f /tmp/tmp-$$.txt >/dev/null 2>&1
 if [ $? -ne 0 ] ;then
       echo "unable to add inherit filesystem for ${OEMOC_ZONENAME}"
       exit 1
 fi

 /usr/sbin/zoneadm -z ${OEMOC_ZONENAME} attach -u >/dev/null 2>&1
 if [ $? -ne 0 ] ;then
       echo "unable to attach ${OEMOC_ZONENAME}"
       exit 1
 fi
}

echo ${OEMOC_ZONENAME}
echo ${OEMOC_PHASE}
echo ${OEMOC_OPERATION}

if [ ${OEMOC_OPERATION} = "MIGRATION" ] ;then
       do_migration_action
fi
exit 0

4.17 Recovering Zones

When the global zone crashes or must be halted, its non-global zones can be migrated to another global zone. However, this zone recovery procedure is not the same as zone migration because Oracle Enterprise Manager Ops Center cannot get access to the information in the global zone and therefore cannot perform compatibility checks. The procedure to relocate non-global zones from the source global zone to the target global zone is a forced attachment of the non-global zone.

The zone recovery procedure uses the command-line interface for the Oracle Enterprise Manager Ops Center.

See the Related Resources for Oracle Solaris Zones section for instructions on getting access to the CLI and the available CLI commands.

4.17.1 Before You Begin Recovering Zones

• Verify that the zone metadata is on the NAS storage library.

• Verify that both the source and target global zones have the same network connectivity.

• Verify that the source and the target global zones have the shared storage library.

• Verify that the target global zone has access to the same libraries associated with the non-global zone.

• Verify that the non-global zone's metadata and operational data is not stored in a local library.

• Verify that JDK version 6 or 7 is used. In the Enterprise Controller command prompt, enter the following command:

  export JAVA_HOME=/usr/jdk/latest
  

4.17.2 To Recover Zones

You can recover a zone using the command line interface.

1. Connect to the Oracle Enterprise Manager Ops Center CLI using the following command:

   /opt/SUNWoccli/bin/oc
   

2. Connect to the local Enterprise Controller.

   xvmSh > connect
   
   localhost >
   

3. Enter the virtualization mode.

   localhost > virtualization
   localhost [virtualization] >
   

4. List the available global zones.

   localhost [virtualization] > list_hosts
   
       Name        |     Type    |    Health   |  Reachable  |                                   ObjectName                              |                       UUID        |           
   --------------------------------------------------------------------------------------------------------------------------------------------------------
     gzhost36    |     zone    |      OK     |    False    |           com.sun.hss.domain:type=xVMServer,name=NORM-NORM-localhost           |       2b7c71ac-70ab-48a2-a2f2-ac291e580c39
     gzhost44    |     zone    |      OK     |    True    |           com.sun.hss.domain:type=xVMServer,name=NORM-NORM-localhost-4           |       3b6c61ab-50ab-34a1-b2d2-bd253e632c45
   

5. List the zones that are running in the source global zone. For example, when the source global zone is gzhost36, then enter the following command.

   Note:

   Do not use the user-friendly name of the zone in the commands.

   localhost [virtualization] > list_guests -C com.sun.hss.domain:type=xVMServer,name=NORM-NORM-localhost
   
            Name        |         Type        |    State    |  Migratable |                                   ObjectName                                   |             
   ----------------------------------------------------------------------------------------------------------------------------
    test      |         ZONE        |   RUNNING   |    True    | com.sun.hss.domain:type=Server,name=NORM-07e91405-8313-43ec-9671-dc320989866e
            
   

6. Select the destination global zone and start the zone on it. For example, when the destination global zone is gzhost44, execute then execute the following command to start the test zone on it.

   localhost [virtualization] >startup -Z <source global zone ObjecName> -D <target global zone ObjectName>
   
   localhost [virtualization] >startup -Z com.sun.hss.domain:type=Server,name=NORM-07e91405-8313-43ec-9671-dc320989866e -D com.sun.hss.domain:type=xVMServer,name=NORM-NORM-localhost-4
   
   submitted job : <Ecname>-1.17
   

A job is submitted. You can view the status of the job in the Jobs pane.

After the zone is migrated to the target global zone, the zone is a managed zone of the target global zone. The zone might continue to be displayed under source global zone. This is because the status of the source global zone is not updated. After the source global zone is rebooted, the zone does not appear as one of its managed zones.

4.18 Zones Server Pool

You can create server pools for zones in Oracle Enterprise Manager Ops Center. Pooling your virtualization hosts provides the capability for load balancing the virtualization servers, high availability and minimize power consumption.

See Server Pools for information about creating and managing zones server pools.

4.19 Updating Zones

Oracle Enterprise Manager Ops Center enables you to update the global and non-global zones. You can also patch zones that are running on a supported configuration. The installation of the patches on the zones depend on the package parameters and the attribute set for the patch commands.

This section describes the parameters for installation of the packages and patches. The concepts involved in updating global and non-global zones, and the procedures to update the zones are described in this section.

Note:

When you use Oracle Solaris Live Upgrade to update the OS in a zone, you cannot use Oracle Enterprise Manager Ops Center to manage the zone. Alternate Boot Environment (ABE) is not supported for zones that were created using Oracle Enterprise Manager Ops Center.

4.19.1 Install Packages and Patches on Zones

A patch is a collection of files and directories that replace existing files and directories that are preventing proper execution of the software.

You can install packages and patches on a zone. The patchadd and pkgadd commands operate in the background to install a patch and package respectively. However, the installation of packages on zones also depends on the parameters SUNW_PKG_ALLZONES, SUNW_PKG_HOLLOW, and SUNW_PKG_THISZONE. These parameters control whether a package can be installed on global zones or non-global zones. The actions for the parameters are as follows:

• SUNW_PKG_ALLZONES: If the value is true, the package is installed on all zones, both global and non-global.

• SUNW_PKG_HOLLOW: If the value is true, the package information is propagated to the non-global zones, but the package is not installed.

• SUNW_PKG_THISZONE: If the value is true, the package is installed only in that zone.

4.19.2 Configure patchadd and pkgadd Commands

In Oracle Enterprise Manager Ops Center, the patchadd, pkgadd, patchrm, and pkgrm commands are implemented without the -G switch by default. To install updates or packages only on the current zone, enable the -G switch by editing the .uce.rc file.

Note:

Two files in the /SUNWuce/agent/bin directory have similar names. Verify that you are editing the .uce.rc file. Do not edit the uce.rc file.

1. Open the .uce.rc file in the /SUNWuce/agent/bin directory in the managed system.
2. Add the following lines to the .uce.rc file:

   ( all ) (invisible.__is_patchadd_g_specified, false)
   ( all ) (invisible.__is_patchremove_g_specified, false)
   ( all ) ( invisible.__is_pkgadd_g_specified, false)
   

3. Set the -G parameter to true for the action that you want to perform.
4. Save and close the file.
5. For this change to take effect, restart the services using the following commands:

   svcadm disable -s update-agent
   svcadm enable -s update-agent
   

4.19.3 Updating a Global Zone

In Oracle Enterprise Manager Ops Center, when a package or patch is installed, the patchadd and pkgadd commands are implemented in the background as shown in the following example:

patchadd <patchid>
pkgadd <pkgname>

Change the way that these commands are implemented by enabling the -G switch. You can enable the -G switch to cause the patch or package to be installed to the target zone only if the package parameter SUNW_PKG_THISZONE is set to true. See Install Packages and Patches on Zones for information about configuring the patchadd and pkgadd commands on the managed systems.

See the following scenarios when you are updating a global zone. The result for each scenario determines whether the update job is successful, depending on the package information.

Table 4-7 Updating a Global Zone Scenarios

SUNW_PKG_ALLZONES	SUNW_PKG_THISZONE	SUNW_PKG_HOLLOW	Impact	Impact with -G Configuration
False	False	False	The package is installed on the global zone, and all the non-global zones	The package is installed only on the global zone.
True	False	False	The package is installed on the global zone and all the non-global zones.	The -G switch cannot override the SUNW_PKG_ALLZONES parameter, and the package is installed on all the zones.
True	False	True	The package is installed on the global zone and the package information is made available on all the non-global zones.	The -G switch cannot override the SUNW_PKG_ALLZONES parameter, and the package is installed on all the zones.
False	True	False	The package is installed only on the global zone.	The package is installed only on the global zone.

Patches are sets of updates to packages. When you install a patch, the patch is installed on the global zone and the non-global zones, depending on the package parameters as shown in the previous table.

Note:

Use caution while enabling the -G option on a host with sparse zones. Packages that are inherited from the global zone that are not SUNW_ALL_ZONES cannot be patched within a sparse zone.

4.19.4 Updating a Non-Global Zone

A user with the virtualization administrator role can install packages and patches on non-global zones. The patchadd and pkgadd command must be used without options. Do not configure the -G switch to the commands while updating the non-global zones.

See the following scenarios when you are updating a non-global zone. The results of each scenario determine whether the update job is successful, depending on the package information.

Note:

The -G switch does not have an effect on installing packages or patches in a non-global zone.

Table 4-8 Updating Non-Global Zones Scenarios

SUNW_PKG_ALLZONES	SUNW_PKG_THISZONE	SUNW_PKG_HOLLOW	Impact
False	False	False	The package is installed only on the target non-global zone.
True	False	False	The package installation fails.
True	False	True	The package installation fails.
False	True	False	The package is installed only on the target non-global zone.

Note:

When the patch is installed only on the non-global zone, ensure that autoboot property is set to true for the zone. Otherwise, single user mode patches fail to apply as the zone does not come up after the reboot.

Patches are sets of packages that must be installed. When one of the packages has the SUNW_PKG_ALLZONES parameter set to true, then the patch installation fails. For a successful patch installation, ensure that none of the packages have SUNW_PKG_ALLZONES parameter set to true.

Note:

Packages that deliver to read-only inherit directories do not install on sparse root zones. These packages must be installed from the global zone with the -G switch disabled. When a package has the parameter SUNW_PKG_THISZONE=true, it does not appear as installed from the sparse zone and the software might not function correctly. In this case, a whole root zone must be used. Packages with SUNW_PKG_THISZONE=true must not deliver to read-only inherit directories.

4.19.5 Zone Parallel Patching

To view the number of zones that you can patch in parallel when you update the global zone, go to the global zone's Summary page.

When the agent is installed on the Oracle Solaris OS, the number of zones that you can patch in parallel is calculated as 1.5 times the number of CPU cores in the server. For example, if you have a 2 CPU core machine, then you can patch three (3) zones in parallel. This is set and displayed on the UI.

Oracle Solaris 10 and 11 OS version displays this information in the Summary page. When the update capability is not enabled on the OS, then the zone parallel patching is also not enabled.

4.20 Related Zone Operations

Refer to the following chapters in this guide for operations that are common for many resources:

• See Storage Libraries for Virtualization for setting up your storage resources.

• See Networks for Virtualization for setting up your network infrastructure.

• See the Plans and Profiles chapter of the Oracle Enterprise Manager Ops Center Configure Reference for information about managing your zone profiles and deployment plans.

• See Server Pools for information about creating and managing zones server pools.

• See the Operating System Management chapter of the Oracle Enterprise Manager Ops Center Operations Guide for information about monitoring your resources, setting up boot environments, and Agent Controllers.

• See the Asset Management chapter of the Oracle Enterprise Manager Ops Center Configuration Guide for discovering and registering your assets.

4.21 Related Resources for Oracle Solaris Zones

For instructions in performing actions or to learn more about the role of this feature, go to one of the following resources:

• For end-to-end examples, see the workflows and how to documentation in the Deploy How To library at http://docs.oracle.com/cd/E59957_01/nav/deploy.htm and the Operate How To library at http://docs.oracle.com/cd/E59957_01/nav/operate.htm.

  See the following example workflows for preparing for, deploying, and using zones:

  • Deploy Software Libraries Workflow

  • Deploy Storage Libraries Workflow

  • Deploy Networks Workflow

  • Deploy Hardware Workflow

  • Deploy Operating System Workflow

  • Deploy Oracle Solaris 10 Zones Workflow

  • Deploy Oracle Solaris 11 Zones Workflow

  • Operate Zones Workflow

• See the following chapters in the Oracle Enterprise Manager Ops Center Configure Reference for more information:

  • See the Configure Networks chapter for information about using the tagged and untagged mode for the networks, and for information about link aggregation.

  • See the Manage Assets chapter for information about discovering, managing, and deleting assets.

  • See the Configure Software Libraries chapter for more information about configuring software libraries.

• See the Oracle Enterprise Manager Ops Center Administration Guide for information about how to manage the software, including user and role management.

• See the following chapters in the Oracle Enterprise Manager Ops Center Operations Reference for more information:

  • See the Operating System Provisioning chapter for information on provisioning a system with an Oracle Solaris operating system.

  • See the Operating System Management chapter for information about what functions are supported for agent and agentlessly managed zones and operating systems.

• See the Oracle Enterprise Manager Ops Center Command Line Interface Guide for instructions on getting access to the CLI and the available CLI commands.

• For instructions to download and install the correct brand packages to migrate a physical system onto a zone, see http://docs.oracle.com/cd/E22645_01/index.html.

• For current discussions, see the product blog at https://blogs.oracle.com/opscenter.

• For a list of the Oracle Solaris 11 documentation available in HTML and PDF formats, including the Oracle Solaris 11.1 Administration: Oracle Solaris Zones, Oracle Solaris 10 Zones, and Resource Management and Oracle Solaris Administration: Oracle Solaris Zones, Oracle Solaris 10 Zones, and Resource Management documentation, visit the Oracle Solaris 11 Documentation website at http://www.oracle.com/technetwork/documentation/solaris-11-192991.html.

• For a list of the Oracle Solaris 10 documentation available in HTML and PDF formats, visit the Oracle Solaris 10 Documentation website at http://www.oracle.com/technetwork/documentation/solaris-10-192992.html.

• The complete Oracle Solaris 10 documentation set is located at http://docs.oracle.com/cd/E19253-01/index.html.

• See http://docs.oracle.com/cd/E23824_01/html/E24456/transzone-1.html for information about creating Solaris Flash archive images of an Oracle Solaris 10 operating system.

• See http://docs.oracle.com/cd/E19082-01/819-6990/index.html for information about network interfaces and virtualization, and administration of your network interfaces.

• For a list of the Oracle Solaris 8 and 9 documentation, visit the Legacy Solaris Documentation website at http://www.oracle.com/technetwork/documentation/legacy-solaris-192993.html.