Go to main content

Creating and Using Oracle® Solaris Kernel Zones

Exit Print View

Updated: DRAFT
 
 

Requirements for Kernel Zone Evacuation

    Observe the following requirements to perform kernel zone evacuations:

  • Migration requirements – The source and target hosts and their configured storage must meet the requirements described in Kernel Zone Migration Requirements.

  • Oracle Solaris version – For full support of all features, including evacuation and return of running kernel zones and non-running installed kernel zones and non-global zones, both source and target hosts must be running Oracle Solaris 11.4. Zones that are in the installed state are evacuated using cold migration.

    Evacuation and return of running kernel zones from systems running Oracle Solaris 11.4 to systems running Oracle Solaris 11.3 is also supported. However, because cold migration is not supported in Oracle Solaris 11.3, you cannot use the –a option to evacuate zones that are not running.

  • Live migration requirements – The evacuation process uses live migration, so the source and target hosts must also meet the requirements for live migration. See the Additional Requirements for Kernel Zone Warm Migration and Live Migration for more information.

  • Enabled services – You must enable services as described in Enabling Services for Warm or Live Migration.

  • User rights and authorizations – The user performing the evacuation must have rights profiles and authorizations as described in Assigning Rights to Users to Perform Kernel Zone Migrations. In addition, the user must have the Maintenance and Repair profile to run the sysadm maintain command.

  • Non-interactive authentication – You must configure non-interactive authentication through a RAD transport between the source host and each destination in both directions. That is, the user performing the evacuation must be able to connect from source host to target host and from target host to source host using a RAD URI without being prompted for a password or to confirm key fingerprints. You may need to ensure that you can connect non-interactively using both the simple host name and the fully qualified host name, which includes the domain name.

    SSH public key authentication between the source and target hosts is one way to perform non-interactive authentication. See How to Generate a Public/Private Key Pair for Use With Secure Shell in Managing Secure Shell Access in Oracle Solaris 11.4 for more information.