The following steps shows the configuration of the non-global zone network for Compute Node1 and it is assumed that the global zone network is already configured.
For more information, see Using Your Assigned Administrative Rights in Securing Users and Processes in Oracle Solaris 11.3.
# dladm create-vnic -l net0 ilb_vnic1 # dladm create-vnic -l net1 ilb_vnic2 # ipadm create-ip net1 # ipadm create-addr -T static -a 192.0.2.12 net1/v4static
# ipadm create-vni vipvni0 # ipadm create-addr -T static -a 203.0.113.3/27 vipvni0/v4
global# zonecfg -z ilbzone1 Use 'create' to begin configuring a new zone. zonecfg:ilbzone1> create zonecfg:ilbzone1> add net zonecfg:ilbzone1> set physical=ilb_vnic1 zonecfg:ilbzone1:anet> end zonecfg:ilbzone1> create zonecfg:ilbzone1> add net zonecfg:ilbzone1> set physical=ilb_vnic2 zonecfg:ilbzone1:anet> end zonecfg:ilbzone1> commit zonecfg:ilbzone1> exit
global# zoneadm -z ilbzone1 install global# zoneadm -z ilbzone1 boot
global# zlogin -C ilbzone1
ilbzone1# pkg install ilb ilbzone1# svcadm enable ilb ilbzone1# ilbadm create-healthcheck -h hc-timeout=3,hc-count=2,hc-interval=8,\ hc-test=tcp hc1 ilbadm create-servergroup -s server=192.0.2.12,192.0.2.15 swiftgroup ilbzone1# ilbadm create-rule -ep -i vip=203.0.113.3,port=8080,protocol=tcp \ -m lbalg=roundrobin,type=DSR,pmask=23 -h hc-name=hc1,hc-port=8080 -t conn-drain=70, \ nat-timeout=70,persist-timeout=70 -o servergroup=swiftgroup swiftrule ilbzone1# ilbadm create-rule -ep -i vip=203.0.113.3,port=22,protocol=tcp \ -m lbalg=roundrobin,type=DSR,pmask=23 -h hc-name=hc1,hc-port=22 \ -t conn-drain=70,nat-timeout=70,persist-timeout=70 -o servergroup=swiftgroup sshrule
ilbzone1# pkg install vrrp ilbzone1# svcadm enable vrrp ilbzone1# vrrpadm create-router -V 1 -I ilb_vnic1 -p 255 -A inet -T l3 \ -a 198.51.100.18/27 vrrp1 ilbzone1# vrrpadm create-router -V 2 -I ilb_vnic2 -p 255 -A inet -T l3 \ -a 192.0.2.1/27 vrrp2