man pages section 5: Standards, Environments, and Macros

Exit Print View

Updated: July 2014
 
 

solaris10(5)

Name

solaris10 - Solaris 10 branded zone

Description

The solaris10 brand uses the branded zones framework described in brands(5) to enable Solaris 10 binary applications to run unmodified on a machine with the latest Solaris Operating System kernel.

Oracle Solaris 10 Zones are solaris10 branded zones that host x86 and SPARC Solaris 10 9/10 (or later released Oracle Solaris 10 update) user environments running on the Oracle Solaris 11 kernel.

Note that it is possible to use an earlier Oracle Solaris 10 release if you first install the kernel patch 142909-17 (SPARC) or 142910-17 (x86/x64), or later version, on the original system.

The solaris10 brand includes the tools necessary to install a Solaris 10 system image into a non-global zone. It also supports the tools necessary to migrate a Solaris 10 native zone to a solaris10 branded zone. The brand supports the execution of 32-bit and 64-bit Solaris 10 applications on either SPARC or x86 machines running the latest Solaris operating system.

Configuration and Administration

The solaris10 brand supports the whole root non-global zone model. All of the required Solaris 10 software and any additional packages are installed into the private file systems of the zone.

The zone must reside on its own zfs (1M) dataset and only ZFS is supported. The ZFS dataset created automatically when the zone is installed or attached. If a ZFS dataset cannot be created, the zone is not installed or attached.

The zonecfg(1M) utility is used to configure a solaris10 branded zone. The SYSsolaris10 template can be used when creating the zone or the configuration can be set up manually. Once a branded zone has been installed, that zone's brand cannot be changed or removed. The zoneadm (1M) utility is used to report the zone's brand type and administer the zone. The zlogin(1) utility is used to log in to the zone.

The support for delegated ZFS dataset configurations is currently experimental and has not yet been tested.The /dev/sound device cannot be configured into the branded zone. In addition, mdb(1) and dtrace(1M) are not fully functional when used in the global zone to examine processes executing within a solaris10 branded zone.

The following zonecfg(1M) resources and properties are supported by the live zone reconfiguration for this brand:

anet (with exceptions stated below)
capped-memory
dedicated-cpu
device
fs
net (with exceptions stated below)
pool
scheduling-class
zone.* rctls

The following zonecfg(1M) resources and properties are not supported by the live zone reconfiguration for this brand:

admin
anet:allowed-address
anet:configure-allowed-address
anet:defrouter
dataset
file-mac-profile
fs-allowed
limitpriv
net:allowed-address
net:configure-allowed-address
net:defrouter
zpool

Any changes made to the listed unsupported resources and properties in the persistent configuration will be ignored by the live zone reconfiguration if they are applied to the running zone.

Any attempts to directly modify listed unsupported resources and properties in the live configuration will be refused.

The following zoneadm(1M) resources and properties are not supported for this brand:

autoshutdown=suspend
anet:id
device:id
net:id
virtual-cpu
anet:mac

The following zoneadm (1M) resources and properties are supported by the live zone reconfiguration for solaris brand:

anet (with exceptions stated below)
capped-memory
dedicated-cpu
device
fs
net (with exceptions stated below)
pool
scheduling-class
zone.* rctls
zpool

The following zoneadm (1M) resources and properties are not supported by the live zone reconfiguration for solaris brand:

admin
anet:allowed-address
anet:configure-allowed-address
anet:defrouter
dataset
file-mac-profile
fs-allowed
limitpriv
net:allowed-address
net:configure-allowed-address
net:defrouter
anet:mac

Any changes made to the listed unsupported resources and properties in the persistent configuration will be ignored by the live zone reconfiguration if they are applied to the running zone.

Any attempts to modify the listed unsupported resources and properties in the live configuration will be refused.

The solaris10 brand installer supports installing the zone from an image of an installed Solaris 10 system. This can be a full cpio (1) , or pax (1) xustar archive. The cpio archive can be compressed with gzip(1) or bzip2(1). The image can also be a level 0 ufsdump(1M), or a path to the top-level of a Solaris 10 system's root directory tree. The zone cannot be installed from standard Solaris 10 distribution media.

When migrating from Solaris 10, it is possible that the zone is configured as a sparseroot zone. In this case, the zone should be readied on the host before the archive is made. This ensures that the inherited directories are included in the archive.

The following zonecfg(1M) resources and properties are not supported for this brand:

autoshutdown
anet:evs
anet:vport
device:id
file-mac-profile
net:id
tenant
virtual-cpu
anet:mac

There are specific defaults for properties supported for solaris10 brand as listed below:

Resource                Property                    Default Value
global                  zonepath                    /system/zones/%{zonename}
                        autoboot                    false
                        ip-type                     exclusive
                        auto-shutdown               shutdown
net                     configure-allowed-address   true
anet                    mac-address                 auto
                        lower-link                  auto
                        link-protection             mac-nospoof

The ZFS dataset com.oracle.zones.solaris10:activebe user property exists to support multiple boot environments for Solaris 10 branded zones. To activate a boot environment, the user has to set the com.oracle.zones.solaris10:activebe property on the zone's ROOT dataset as shown below.

# zfs set com.oracle.zones.solaris10:activebe=\
boot environment name zone's ROOT dataset

An installed Solaris 10 zone with more than one boot environment is required to have the activebe property set. If the property is not set, or is set to a missing or invalid boot environment name, the zone will transition to unavailable state on next zone or system boot. To resolve this, the activebe property must be corrected, and the zone must be attached with zoneadm attach. For more information, see examples 4 and 5.

Sub Commands

The following arguments of zoneadm (1M) brand-specific subcommand are supported:

attach [–c sysidcfg]

Attach the specified Solaris 10 native zone image into the branded zone.

clone [–c sysidcfg]

Install a zone by copying an existing installed zone. This subcommand is an alternative way to install the zone.

–c sysidcfg

Provides a sysidcfg file to apply after unconfiguration of the cloned zone.

install [–a archive] [–d path] [–p] [–s] [–u] [–v ] \
[–c sysidcfg]

Install the specified Solaris 10 system image into the zone. Either the –u or –p option is required and either the –a or – d option is required.

–a archive

The path to a Unified Archive, cpio (1) , pax (1) xustar, zfs archive, or a level 0 ufsdump (1M) of an installed Solaris 10 system, an installed Solaris 10 native zone, or a solaris10 branded zone. The cpio and zfs archives can be compressed using gzip or bzip2.

archiveadm(1M) does not exist on Solaris 10. A Unified Archive that contains a solaris10 branded zone must be created from the global zone. Unified Archives may exist at a path, or a file, http, or https URI. If https is used, the –x option may be used to specify https security parameters.

–c sysidcfg

Provides a sysidcfg file to apply after installation.

–d path

The path to the root directory of an installed Solaris 10 system.

–p

Preserve the system configuration after installing the zone. If installing from a Unified Archive and the archive is a recovery archive, –p is implied but can be overridden with –u.


-x cert=/path/cert.pem
-x cacert=/path/cacert.pem
-x key=/path/key.pem

Use the specified certificate, CA certificate, and/or key for https access to the Unified Archive.

–s

Install silently.

–u

Run sys-unconfig on the zone after installing it. If installing from a Unified Archive and the archive is not a recovery archive, –u is implied.

–v

Verbose output from the install process.

Application Support

The solaris10 zone only supports user-level Solaris 10 applications. You cannot use Solaris 10 device drivers or Solaris 10 kernel modules from inside a solaris10 zone. However, depending on the kernel module, you might be able to use the latest Solaris kernel module version with the Solaris 10 user-level application.

Examples

Example 1 Creating a ZFS Flash Archive for Install

The following example shows how to create an archive for a physical to virtual (P2V) migration. This is performed in the global zone of a system that is running Solaris 10. The Solaris 10 system must not have any non-global zones configured, installed, or running. The Solaris 10 system can use ZFS or UFS as its root file system.

# flarcreate -n s10box -c /net/somehost/p2v/s10box.flar

Example 2 Installing a solaris10 Branded Zone Using a Flash Archive

The following example installs a zone using the archive from Example 1. It assumes the zone has already been configured withzonecfg(1M) and has the brand property set to solaris10.

# zoneadm -z s10p2v install -a /net/somehost/p2v/s10box.flar -p

Example 3 Creating a ZFS Archive for Install

The following example shows how to create an archive for a virtual to virtual (V2V) migration. It assumes that the zonepath for the solaris10 branded zone is /zones/v2vzone .

First, determine the name of zonepath dataset.

# dataset=$(zfs list -H -o name /zones/v2vzone)

Next, create a snapshot of the zone's datasets.

# zfs snapshot -r $dataset@v2v

Finally, generate a ZFS self-contained recursive stream that is compressed with bzip2.

# zfs send -rc $dataset@v2v | bzip2 > /net/somehost/v2v/v2v.zfs.bz2

Example 4 Installing a Zone Using a ZFS Archive

The following example installs a zone using a ZFS archive. It assumes that the zone has already been configured using zonecfg(1M) and that the brand property is set to solaris10.

# zoneadm -z v2vzone install -a /net/somehost/v2v/v2v.zfs.bz2
Example 5 Setting the Zone's Active Boot Environment From the Global Zone
# zfs set com.oracle.zones.solaris10:activebe=zbe-1 \
    rpool/export/zones/branded_zones/S10_zone/rpool/ROOT
Example 6 Creating a New Boot Environment From a Solaris10 Branded Zone

The following example creates a new boot environment From a Solaris10 branded zone. The example also shows how to patch, activate, and boot to the new boot environment.

  1. Create a new boot environment.

    # zfs snapshot rpool/ROOT/zbe-0@snap
    # zfs clone -o mountpoint=/ -o canmount=noauto \
        rpool/ROOT/zbe-0@snap rpool/ROOT/zbe-1
    # zfs promote rpool/ROOT/zbe-1
  2. Patch the boot environment.

    # zfs mount -o mountpoint=/mnt rpool/ROOT/zbe-1
    # patchadd -R /mnt -d /var/tmp/999999-01
    # zfs unmount rpool/ROOT/zbe-1
  3. Activate the new boot environment and boot to it.

    # zfs set com.oracle.zones.solaris10:activebe=zbe-1 rpool/ROOT
    
    # shutdown -y -g 0 -r

Attributes

See attributes(5) for a description of the following attributes:

ATTRIBUTE TYPE
ATTRIBUTE VALUE
Availability
system/zones/brand/brand-solaris10
Interface Stability
Committed

See also

cpio (1) , mdb (1) , pax (1) , zlogin(1), dtrace (1M) , ufsdump (1M) , zfs (1M) , zoneadm(1M), zonecfg(1M), attributes(5), brands(5), zones(5)