Baixe o app para aproveitar ainda mais
Leia os materiais offline, sem usar a internet. Além de vários outros recursos!
D75929GC10_ag
Compartilhar
Prévia do material em texto
Oracle Solaris 11 Zones
Administration
Activity Guide
D75929GC10
Edition 1.0
October 2012
D78386
O
ra
cl
e
U
ni
ve
rs
ity
a
nd
(O
ra
cl
e
C
or
po
ra
tio
n)
u
se
o
nl
y.
Th
es
e
eK
it
m
at
er
ia
ls
a
re
to
b
e
us
ed
O
N
LY
b
y
yo
u
fo
r t
he
e
xp
re
ss
p
ur
po
se
S
EL
F
ST
U
D
Y.
S
H
AR
IN
G
T
H
E
FI
LE
IS
S
TR
IC
TL
Y
PR
O
H
IB
IT
ED
.
Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Disclaimer
This document contains proprietary information and is protected by copyright and
other intellectual property laws. You may copy and print this document solely for your
own use in an Oracle training course. The document may not be modified or altered
in any way. Except where your use constitutes "fair use" under copyright law, you
may not use, share, download, upload, copy, print, display, perform, reproduce,
publish, license, post, transmit, or distribute this document in whole or in part without
the express authorization of Oracle.
The information contained in this document is subject to change without notice. If you
find any problems in the document, please report them in writing to: Oracle University,
500 Oracle Parkway, Redwood Shores, California 94065 USA. This document is not
warranted to be error-free.
Restricted Rights Notice
If this documentation is delivered to the United States Government or anyone using
the documentation on behalf of the United States Government, the following notice is
applicable:
U.S. GOVERNMENT RIGHTS
The U.S. Government’s rights to use, modify, reproduce, release, perform, display, or
disclose these training materials are restricted by the terms of the applicable Oracle
license agreement and/or the applicable U.S. Government contract.
Trademark Notice
Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names
may be trademarks of their respective owners.
Author
Dave Giroux
Editors
Arijit Ghosh
Raj Kumar
Anwesha Ray
Graphic Designer
Maheshwari Krishnamurthy
Publishers
Pavithran Adka
Giri Venugopal
O
ra
cl
e
U
ni
ve
rs
ity
a
nd
(O
ra
cl
e
C
or
po
ra
tio
n)
u
se
o
nl
y.
Th
es
e
eK
it
m
at
er
ia
ls
a
re
to
b
e
us
ed
O
N
LY
b
y
yo
u
fo
r t
he
e
xp
re
ss
p
ur
po
se
S
EL
F
ST
U
D
Y.
S
H
AR
IN
G
T
H
E
FI
LE
IS
S
TR
IC
TL
Y
PR
O
H
IB
IT
ED
.
Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Oracle Solaris 11 Zones Administration Table of Contents
iii
Table of Contents
Practices for Lesson 1: Course Introduction ........................................................................................... 1-1
Practices for Lesson 1 ............................................................................................................................. 1-2
Practices for Lesson 2: Oracle Solaris 11 Virtualization Technologies ................................................... 2-1
Practices for Lesson 2 ............................................................................................................................. 2-2
Practices for Lesson 3: Introduction to Oracle Solaris Zones ................................................................. 3-1
Practices for Lesson 3 ............................................................................................................................. 3-2
Practices for Lesson 4: Configuring Oracle Solaris Zones ...................................................................... 4-1
Practices for Lesson 4 ............................................................................................................................. 4-2
Practice 4-1: Configuring a Nonglobal Zone ............................................................................................. 4-5
Practice 4-2: Test Your Skills and Knowledge .......................................................................................... 4-17
Practice 4-3: Configure an Immutable Zone ............................................................................................. 4-20
Practice 4-4: Test Your Skills and Knowledge .......................................................................................... 4-23
Practices for Lesson 5: Deploying Zones Using Automatic Installation ................................................. 5-1
Practices for Lesson 5 ............................................................................................................................. 5-2
Practice 5-1: Configuring a Zone Using Automatic Installation .................................................................. 5-4
Practice 5-2: Test Your Skills and Knowledge .......................................................................................... 5-21
Practices for Lesson 6: Migrating Oracle Solaris Systems and Zones .................................................... 6-1
Practices for Lesson 6 ............................................................................................................................. 6-2
Practice 6-1: Migrating an Oracle Solaris 10 Native Zone to Oracle Solaris 11 .......................................... 6-4
Practice 6-2: Migrating an Oracle Solaris 10 System to Oracle Solaris 11 (P2V) ........................................ 6-11
Practices for Lesson 7: Administering Oracle Solaris Zones .................................................................. 7-1
Practices for Lesson 7 ............................................................................................................................. 7-2
Practice 7-1: Cloning a Zone ................................................................................................................... 7-4
Practice 7-2: Test Your Skills and Knowledge .......................................................................................... 7-8
Practice 7-3: Configuring Network Virtualization ....................................................................................... 7-10
Practice 7-4: Test Your Skills and Knowledge .......................................................................................... 7-18
Practice 7-5: Adding Zones to the Secure Virtual Network ........................................................................ 7-20
Practice 7-6: Test Your Skills and Knowledge .......................................................................................... 7-25
Practice 7-7: Configuring IPMP in a Non-Global Zone .............................................................................. 7-27
Practice 7-8: Test Your Skills and Knowledge .......................................................................................... 7-36
Practice 7-9: Managing Storage in Non-Global Zones .............................................................................. 7-38
Practice 7-10: Test Your Skills and Knowledge ........................................................................................ 7-47
Practice 7-11: Backup and Restore a Non-Global Zone ............................................................................ 7-48
Practice 7-12: Test Your Skills and Knowledge ........................................................................................ 7-52
Practice 7-13: Managing the Zone Boot Environments ............................................................................. 7-53
Practice 7-14: Testing Your Skills and Knowledge .................................................................................... 7-57
Practices for Lesson 8: Managing Zone Resources ................................................................................ 8-1
Practices for Lesson 8 ............................................................................................................................. 8-2
Practice 8-1: Managing Resources ..........................................................................................................8-4
Practice 8-2: Test Your Skills and Knowledge .......................................................................................... 8-20
Practice 8-3: Managing Zone-Wide Resources and Controls .................................................................... 8-22
Practice 8-4: Test Your Skills and Knowledge .......................................................................................... 8-29
Practice 8-5: Resource Management: SPARC-Based Systems ................................................................ 8-30
Practices for Lesson 9: Monitoring and Troubleshooting Oracle Solaris Zones..................................... 9-1
Practices for Lesson 9 ............................................................................................................................. 9-2
O
ra
cl
e
U
ni
ve
rs
ity
a
nd
(O
ra
cl
e
C
or
po
ra
tio
n)
u
se
o
nl
y.
Th
es
e
eK
it
m
at
er
ia
ls
a
re
to
b
e
us
ed
O
N
LY
b
y
yo
u
fo
r t
he
e
xp
re
ss
p
ur
po
se
S
EL
F
ST
U
D
Y.
S
H
AR
IN
G
T
H
E
FI
LE
IS
S
TR
IC
TL
Y
PR
O
H
IB
IT
ED
.
Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Oracle Solaris 11 Zones Administration Table of Contents
iv
Practice 9-1: Configuring Extended Accounting ........................................................................................ 9-5
Practice 9-2: Assessing Zone Configurations on Sol11-Server1 ................................................................ 9-8
Practice 9-3: Assessing Zone Configuration on Sol11-Server2 ................................................................. 9-12
Practice 9-4: Assessing Zone Configuration on Sol11-Server3 ................................................................. 9-15
Practice 9-5: Monitoring Zone Resource Utilization .................................................................................. 9-18
Practice 9-6: Troubleshooting Zones........................................................................................................ 9-21
Appendix A: Oracle Solaris 11 Quick Reference Guide ........................................................................... 10-1
Table of Contents.................................................................................................................................... 10-2
User, Group, and Role Commands .......................................................................................................... 10-3
System Monitoring Commands ................................................................................................................ 10-4
Boot Environment (BE) Commands ......................................................................................................... 10-5
Zone Files and Directories ....................................................................................................................... 10-6
zonecfg Commands ................................................................................................................................ 10-7
Zone Resources ..................................................................................................................................... 10-8
Zone States and Associated Commands ................................................................................................. 10-10
zoneadm Commands .............................................................................................................................. 10-11
System Configuration Commands ........................................................................................................... 10-12
IPS Packaging Commands ...................................................................................................................... 10-13
Networking Commands ........................................................................................................................... 10-14
Automatic Installation (AI) Commands and Elements ............................................................................... 10-15
ZFS Commands ...................................................................................................................................... 10-16
Appendix B: Oracle Solaris 11 Zones Administration - Practice Solutions ............................................. 11-1
Practice 3 Solutions ................................................................................................................................ 11-2
Practice 4 Solutions ................................................................................................................................ 11-4
Practice 5 Solutions ................................................................................................................................ 11-11
Practice 6 Solutions ................................................................................................................................ 11-17
Practice 7 Solutions ................................................................................................................................ 11-18
Practice 8 Solutions ................................................................................................................................ 11-31
Practice 9 Solutions ................................................................................................................................ 11-35
Bugs and Fixes ....................................................................................................................................... 11-37
O
ra
cl
e
U
ni
ve
rs
ity
a
nd
(O
ra
cl
e
C
or
po
ra
tio
n)
u
se
o
nl
y.
Th
es
e
eK
it
m
at
er
ia
ls
a
re
to
b
e
us
ed
O
N
LY
b
y
yo
u
fo
r t
he
e
xp
re
ss
p
ur
po
se
S
EL
F
ST
U
D
Y.
S
H
AR
IN
G
T
H
E
FI
LE
IS
S
TR
IC
TL
Y
PR
O
H
IB
IT
ED
.
Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Practices for Lesson 1: Course Introduction
Chapter 1 - Page 1
Practices for Lesson 1:
Course Introduction
Chapter 1
O
ra
cl
e
U
ni
ve
rs
ity
a
nd
(O
ra
cl
e
C
or
po
ra
tio
n)
u
se
o
nl
y.
Th
es
e
eK
it
m
at
er
ia
ls
a
re
to
b
e
us
ed
O
N
LY
b
y
yo
u
fo
r t
he
e
xp
re
ss
p
ur
po
se
S
EL
F
ST
U
D
Y.
S
H
AR
IN
G
T
H
E
FI
LE
IS
S
TR
IC
TL
Y
PR
O
H
IB
IT
ED
.
Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Practices for Lesson 1: Course Introduction
Chapter 1 - Page 2
Practices for Lesson 1
Practices Overview
There is no practice for Lesson 1.
O
ra
cl
e
U
ni
ve
rs
ity
a
nd
(O
ra
cl
e
C
or
po
ra
tio
n)
u
se
o
nl
y.
Th
es
e
eK
it
m
at
er
ia
ls
a
re
to
b
e
us
ed
O
N
LY
b
y
yo
u
fo
r t
he
e
xp
re
ss
p
ur
po
se
S
EL
F
ST
U
D
Y.
S
H
AR
IN
G
T
H
E
FI
LE
IS
S
TR
IC
TL
Y
PR
O
H
IB
IT
ED
.
Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Practices for Lesson 2: Oracle Solaris 11 Virtualization Technologies
Chapter 2 - Page 1
Practices for Lesson 2:
Oracle Solaris 11
Virtualization Technologies
Chapter 2
O
ra
cl
e
U
ni
ve
rs
ity
a
nd
(O
ra
cl
e
C
or
po
ra
tio
n)
u
se
o
nl
y.
Th
es
e
eK
it
m
at
er
ia
ls
a
re
to
b
e
us
ed
O
N
LY
b
y
yo
u
fo
r t
he
e
xp
re
ss
p
ur
po
se
S
EL
F
ST
U
D
Y.
S
H
AR
IN
G
T
H
E
FI
LE
IS
S
TR
IC
TL
Y
PR
O
H
IB
IT
ED
.
Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Practices for Lesson 2: Oracle Solaris 11 Virtualization Technologies
Chapter 2 - Page 2
Practices for Lesson 2
Practices Overview
There is no practice for Lesson 2.
O
ra
cl
e
U
ni
ve
rs
ity
a
nd
(O
ra
cl
e
C
or
po
ra
tio
n)
u
se
o
nl
y.
Th
es
e
eK
it
m
at
er
ia
ls
a
re
to
b
e
used
O
N
LY
b
y
yo
u
fo
r t
he
e
xp
re
ss
p
ur
po
se
S
EL
F
ST
U
D
Y.
S
H
AR
IN
G
T
H
E
FI
LE
IS
S
TR
IC
TL
Y
PR
O
H
IB
IT
ED
.
Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Practices for Lesson 3: Introduction to Oracle Solaris Zones
Chapter 3 - Page 1
Practices for Lesson 3:
Introduction to Oracle Solaris
Zones
Chapter 3
O
ra
cl
e
U
ni
ve
rs
ity
a
nd
(O
ra
cl
e
C
or
po
ra
tio
n)
u
se
o
nl
y.
Th
es
e
eK
it
m
at
er
ia
ls
a
re
to
b
e
us
ed
O
N
LY
b
y
yo
u
fo
r t
he
e
xp
re
ss
p
ur
po
se
S
EL
F
ST
U
D
Y.
S
H
AR
IN
G
T
H
E
FI
LE
IS
S
TR
IC
TL
Y
PR
O
H
IB
IT
ED
.
Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Practices for Lesson 3: Introduction to Oracle Solaris Zones
Chapter 3 - Page 2
Practices for Lesson 3
Practices Overview
Welcome to the first practice in the Oracle Solaris 11 Zones Administration course!
One of the most important aspects of developing an effective and reliable Oracle Solaris Zone
infrastructure is the planning. Planning helps you identify the critical design goals, development
strategies, resource requirements, and possible barriers. The plan also helps you communicate
effectively with you colleagues and stakeholders.
In this practice you participate in a class exercise designed to help you establish an effective
plan for consolidating an IT environment consisting of numerous legacy hardware servers to a
new IT infrastructure consisting of Oracle Solaris Zones running on minimal server hardware.
The new IT infrastructure must meet (or exceed) the capabilities of the existing environment.
Important Note: All the subsequent practices performed in this course will be based on the
"Consolidation Plan" you establish in this practice. Have your instructor review your plan before
you proceed to the next practice.
Consolidation Plan Strategic Overview
Your consolidation plan strategy requires that you reduce the number of hardware servers from
nine legacy servers to three new Oracle enterprise servers.
The new Oracle enterprise servers are named: Sol11-Server1, Sol11-Server2, and
Sol11-Server3. The following illustration shows the new network topology.
O
ra
cl
e
U
ni
ve
rs
ity
a
nd
(O
ra
cl
e
C
or
po
ra
tio
n)
u
se
o
nl
y.
Th
es
e
eK
it
m
at
er
ia
ls
a
re
to
b
e
us
ed
O
N
LY
b
y
yo
u
fo
r t
he
e
xp
re
ss
p
ur
po
se
S
EL
F
ST
U
D
Y.
S
H
AR
IN
G
T
H
E
FI
LE
IS
S
TR
IC
TL
Y
PR
O
H
IB
IT
ED
.
Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Practices for Lesson 3: Introduction to Oracle Solaris Zones
Chapter 3 - Page 3
Task 1: Sol11-Server1 Platform Consolidation Strategy
In this task you work with the IT Architect (your instructor) to determine which legacy
platforms are to be consolidated on the Sol11-Server1 platform. Use the following
template to take notes.
What roles (or services) will the Sol11-Server1 platform fulfill?
______________________________________________________________________
_______________________________________________________________________
_______________________________________________________________________
_______________________________________________________________________
Legacy platform consolidation candidates:
_____________
_____________
_____________
Nonglobal zones needed to meet platform role responsibilities:
Name Purpose
_________________ ____________________________________________
_________________ ____________________________________________
_________________ ____________________________________________
_________________ ____________________________________________
Is there any software (Solaris 10 only) that requires migration?
______________________________________________________________________
_______________________________________________________________________
Note: Specific details needed for your “Consolidation Plan” will be provided in later practices as
you explore various aspects of zone configuration and deployment.
Task 2: Sol11-Server2 Platform Consolidation Strategy
In this task you work with the IT Architect (your instructor) to determine which legacy
platforms are to be consolidated on the Sol11-Server2 platform. Use the following
template to take notes.
What roles (or services) will the Sol11-Server2 platform fulfill?
______________________________________________________________________
_______________________________________________________________________
_______________________________________________________________________
_______________________________________________________________________
Legacy platform consolidation candidates:
_____________
_____________
_____________
O
ra
cl
e
U
ni
ve
rs
ity
a
nd
(O
ra
cl
e
C
or
po
ra
tio
n)
u
se
o
nl
y.
Th
es
e
eK
it
m
at
er
ia
ls
a
re
to
b
e
us
ed
O
N
LY
b
y
yo
u
fo
r t
he
e
xp
re
ss
p
ur
po
se
S
EL
F
ST
U
D
Y.
S
H
AR
IN
G
T
H
E
FI
LE
IS
S
TR
IC
TL
Y
PR
O
H
IB
IT
ED
.
Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Practices for Lesson 3: Introduction to Oracle Solaris Zones
Chapter 3 - Page 4
Nonglobal zones needed to meet platform role responsibilities:
Name Purpose
_________________ ____________________________________________
_________________ ____________________________________________
_________________ ____________________________________________
_________________ ____________________________________________
Is there any software (Solaris 10 only) that requires migration?
______________________________________________________________________
_______________________________________________________________________
Note: Specific details needed for your “Consolidation Plan” will be provided in later practices as
you explore various aspects of zone configuration and deployment.
Task 3: Sol11-Server3 Platform Consolidation Strategy
In this task you work with the IT Architect (your instructor) to determine which legacy
platforms are to be consolidated on the Sol11-Server3 platform. Use the following
template to take notes.
What roles (or services) will the Sol11-Server3 platform fulfill?
______________________________________________________________________
_______________________________________________________________________
_______________________________________________________________________
_______________________________________________________________________
Legacy platform consolidation candidates:
_____________
_____________
_____________
Nonglobal zones needed to meet platform role responsibilities:
Name Purpose
_________________ ____________________________________________
_________________ ____________________________________________
_________________ ____________________________________________
_________________ ____________________________________________
Is there any software (Solaris 10 only) that requires migration?
______________________________________________________________________
_______________________________________________________________________
Note: Specific details needed for your “Consolidation Plan” will be provided in later practices as
you explore various aspects of zone configuration and deployment.
O
ra
cl
e
U
ni
ve
rs
ity
a
nd
(O
ra
cl
e
C
or
po
ra
tio
n)
u
se
o
nl
y.
Th
es
e
eK
it
m
at
er
ia
ls
a
re
to
b
e
us
ed
O
N
LY
b
y
yo
u
fo
r t
he
e
xp
re
ss
p
ur
po
se
S
EL
F
ST
U
D
Y.
S
H
AR
IN
G
T
H
E
FI
LE
IS
S
TR
IC
TL
Y
PR
O
H
IB
IT
ED
.
Copyright © 2012, Oracle and/or its affiliates. All rights reserved.Practices for Lesson 4: Configuring Oracle Solaris Zones
Chapter 4 - Page 1
Practices for Lesson 4:
Configuring Oracle Solaris
Zones
Chapter 4
O
ra
cl
e
U
ni
ve
rs
ity
a
nd
(O
ra
cl
e
C
or
po
ra
tio
n)
u
se
o
nl
y.
Th
es
e
eK
it
m
at
er
ia
ls
a
re
to
b
e
us
ed
O
N
LY
b
y
yo
u
fo
r t
he
e
xp
re
ss
p
ur
po
se
S
EL
F
ST
U
D
Y.
S
H
AR
IN
G
T
H
E
FI
LE
IS
S
TR
IC
TL
Y
PR
O
H
IB
IT
ED
.
Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Practices for Lesson 4: Configuring Oracle Solaris Zones
Chapter 4 - Page 2
Practices for Lesson 4
Practices Overview
The practices for the lesson titled “Configuring Oracle Solaris Zones” introduce you to the
fundamentals of zone configuration. They provide guided and unguided hands-on experience
with nonglobal zone configuration and installation. During the practices, you apply Oracle
Solaris Zone configuration best practices.
The key areas explored in these practices are:
• Assessing the Oracle Solaris Zones environment
• Configuring a nonglobal zone
• Configuring an Immutable Zone
Assumptions
Your Consolidation Plan
O
ra
cl
e
U
ni
ve
rs
ity
a
nd
(O
ra
cl
e
C
or
po
ra
tio
n)
u
se
o
nl
y.
Th
es
e
eK
it
m
at
er
ia
ls
a
re
to
b
e
us
ed
O
N
LY
b
y
yo
u
fo
r t
he
e
xp
re
ss
p
ur
po
se
S
EL
F
ST
U
D
Y.
S
H
AR
IN
G
T
H
E
FI
LE
IS
S
TR
IC
TL
Y
PR
O
H
IB
IT
ED
.
Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Practices for Lesson 4: Configuring Oracle Solaris Zones
Chapter 4 - Page 3
Your practice environment is based on the Oracle VM VirtualBox virtualization software.
The virtual machines (VMs) are configured on a private internal network (192.168.0). Each VM
can communicate with other VMs on the same private network but cannot communicate with the
local host machine or other machines on the same network as the local host machine.
The virtual machines (VM) you use in the practices are as follows:
• Sol11-SuperServer: This VM provides network services such as IPS and DNS used by the
VMs in the practice.
• Sol11-Server1: The Sol11-Server1 platform will host zones that supported the
organization’s cloud services environment.
Note: The responses to the commands shown in these practices are examples only. The values
you see during your practices might vary slightly.
Note: When launching a virtual machine for the first time, you might see the First Run Wizard
appear. Click the Cancel button to continue.
O
ra
cl
e
U
ni
ve
rs
ity
a
nd
(O
ra
cl
e
C
or
po
ra
tio
n)
u
se
o
nl
y.
Th
es
e
eK
it
m
at
er
ia
ls
a
re
to
b
e
us
ed
O
N
LY
b
y
yo
u
fo
r t
he
e
xp
re
ss
p
ur
po
se
S
EL
F
ST
U
D
Y.
S
H
AR
IN
G
T
H
E
FI
LE
IS
S
TR
IC
TL
Y
PR
O
H
IB
IT
ED
.
Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Practices for Lesson 4: Configuring Oracle Solaris Zones
Chapter 4 - Page 4
Managing Course Start States
This course comes equipped with multiple start states. Start states allow you to configure the
system so that it is ready to run a specific practice.
You can manage start states in two ways:
1. You can boot the Course_Start_State image from the GRUB (startup) menu and run the
/var/tmp/startadm utility. startadm provides a wizard that allows you to define a new
default start state for the course. This is particularly useful when you have fallen behind in lab
and want to catch up quickly.
2. You can choose a new start state directly from the GRUB menu. This is useful when you
want to rerun a practice that you have already completed in the default start state (normally
Course_Start_State). The following illustration shows the GRUB menu with additional start
states.
Note: Course_Start_State is the default start state for the course unless you change the default
using the /var/tmp/startadm utility.
O
ra
cl
e
U
ni
ve
rs
ity
a
nd
(O
ra
cl
e
C
or
po
ra
tio
n)
u
se
o
nl
y.
Th
es
e
eK
it
m
at
er
ia
ls
a
re
to
b
e
us
ed
O
N
LY
b
y
yo
u
fo
r t
he
e
xp
re
ss
p
ur
po
se
S
EL
F
ST
U
D
Y.
S
H
AR
IN
G
T
H
E
FI
LE
IS
S
TR
IC
TL
Y
PR
O
H
IB
IT
ED
.
Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Practices for Lesson 4: Configuring Oracle Solaris Zones
Chapter 4 - Page 5
Practice 4-1: Configuring a Nonglobal Zone
Overview
You use the zonecfg utility to create the nonglobal zone configuration and to determine
whether the specified resources and properties are valid on a hypothetical system. The check
performed by zonecfg for a given configuration verifies the following:
• Ensures that a zone path is specified
• Ensures that all of the required properties for each resource are specified
• Ensures that the configuration is free from conflicts
In this practice you use the zonecfg utility to configure the web zone using the parameters
shown "Consolidation Plan Details" (below). This practice involves:
• Assessing the Oracle Solaris Zones installation environment
• Configuring the web Zone
Consolidation Plan Details
• Zone application (role): Apache 2.2 Web Server
• Installation method: Command-line
o IPS server: Sol11-SuperServer (192.168.0.100)
• OS: Oracle Solaris 11 11/11
o Users: root, oracle
• Zone configuration:
o Zone name: web
o Zonepath: /zones/web
o Zone brand: solaris
o Zone autoboot: true
o Zone networking:
IP type: shared
Zone resource: net
IP address: 192.168.0.118/24
Network interface: net0
O
ra
cl
e
U
ni
ve
rs
ity
a
nd
(O
ra
cl
e
C
or
po
ra
tio
n)
u
se
o
nl
y.
Th
es
e
eK
it
m
at
er
ia
ls
a
re
to
b
e
us
ed
O
N
LY
b
y
yo
u
fo
r t
he
e
xp
re
ss
p
ur
po
se
S
EL
F
ST
U
D
Y.
S
H
AR
IN
G
T
H
E
FI
LE
IS
S
TR
IC
TL
Y
PR
O
H
IB
IT
ED
.
Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Practices for Lesson 4: Configuring Oracle Solaris Zones
Chapter 4 - Page 6
DNS server: 192.168.0.100
Domain: mydomain.com
Task 1: Assess the Oracle Solaris Zones Installation Environment
Before you begin constructing your zone environment, it is important to determine what
resources you have available in the host machine. These resources will become the building
blocks with which you will create your zones.
In this task you use various Solaris utilities to assess the host machine configuration.
Perform these steps to assess the host machine resources:
1. Log in to the host machine and launch the Oracle VM VirtualBox Manager.
2. In the Oracle VM VirtualBox Manager window, select the Sol11-SuperServer virtual
machine (VM) icon and click the Start button.
3. After the Sol11-SuperServer VM is booted, select the Sol11-Server1 virtual machine and
click the Start button.
4. Log in to the Sol11-Server1 VM as the user oracle with the password oracle1.
5. In the terminal window, run the su command to assume primary administrator privileges.
root@s11-serv1:~$ su –
Password: oracle1
root@s11-serv1:~#
6. Determine the build number of the installed operating system.
root@s11-serv1:~# cat /etc/release
Oracle Solaris 11 11/11 X86
Copyright(c) 1983, 2011, Oracle and/or its affiliates. All
rights reserved.
Assembled 18 October 2011
7. Determine the hard disk storage capacity.
root@s11-serv1:~# format
Searching for disks...done
AVAILABLE DISK SELECTIONS:
0. c3t0d0 <ATA-VBOX HARDDISK-1.0 cyl 4182 alt 2 hd 255 sec 63>
/pci@0,0/pci8086,2829@d/disk@0,0
1. c3t2d0 <ATA-VBOX HARDDISK-1.0-32.07GB>
/pci@0,0/pci8086,2829@d/disk@2,0
2. c3t3d0 <ATA-VBOX HARDDISK-1.0-32.07GB>
/pci@0,0/pci8086,2829@d/disk@3,0
3. c3t4d0 <ATA-VBOX HARDDISK-1.0-32.07GB>
/pci@0,0/pci8086,2829@d/disk@4,04. c3t5d0 <ATA-VBOX HARDDISK-1.0-32.07GB>
/pci@0,0/pci8086,2829@d/disk@5,0
5. c3t6d0 <ATA-VBOX HARDDISK-1.0-32.07GB>
/pci@0,0/pci8086,2829@d/disk@6,0
Specify disk (enter its number): ^D
O
ra
cl
e
U
ni
ve
rs
ity
a
nd
(O
ra
cl
e
C
or
po
ra
tio
n)
u
se
o
nl
y.
Th
es
e
eK
it
m
at
er
ia
ls
a
re
to
b
e
us
ed
O
N
LY
b
y
yo
u
fo
r t
he
e
xp
re
ss
p
ur
po
se
S
EL
F
ST
U
D
Y.
S
H
AR
IN
G
T
H
E
FI
LE
IS
S
TR
IC
TL
Y
PR
O
H
IB
IT
ED
.
Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Practices for Lesson 4: Configuring Oracle Solaris Zones
Chapter 4 - Page 7
8. Determine which hard disks are currently being used.
root@s11-serv1:~# zpool status
pool: rpool
state: ONLINE
scan: none requested
config:
NAME STATE READ WRITE CKSUM
rpool ONLINE 0 0 0
c3t0d0s0 ONLINE 0 0 0
errors: No known data errors
9. Determine the file system layout.
root@s11-serv1:~# zfs list
NAME USED AVAIL REFER MOUNTPOINT
rpool 6.37G 25.1G 39.5K /rpool
rpool/ROOT 4.55G 25.1G 31K legacy
rpool/ROOT/solaris 4.55G 25.1G 3.41G /
rpool/ROOT/solaris-backup-1 64K 25.1G 1.51G /
rpool/ROOT/solaris-backup-1/var 1K 25.1G 730M /var
rpool/ROOT/solaris/var 1.01G 25.1G 280M /var
rpool/dump 792M 25.2G 768M -
rpool/export 8.15M 25.1G 33K /export
rpool/export/home 8.12M 25.1G 32K /export/home
rpool/export/home/oracle 8.09M 25.1G 8.09M
/export/home/oracle
rpool/swap 1.03G 25.2G 1.00G -
10. Determine the size of physical memory.
root@s11-serv1:~# prtconf | grep Memory
Memory size: 4096 Megabytes
11. Determine the number of CPUs.
root@s11-serv1:~# psrinfo
0 on-line since 03/30/2012 04:12:17
1 on-line since 03/30/2012 04:12:18
12. Determine the number of data links.
root@s11-serv1:~# dladm show-link
LINK CLASS MTU STATE OVER
net0 phys 1500 up --
net1 phys 1500 unknown --
net2 phys 1500 unknown --
net3 phys 1500 unknown --
13. Determine the current IP addresses configuration.
O
ra
cl
e
U
ni
ve
rs
ity
a
nd
(O
ra
cl
e
C
or
po
ra
tio
n)
u
se
o
nl
y.
Th
es
e
eK
it
m
at
er
ia
ls
a
re
to
b
e
us
ed
O
N
LY
b
y
yo
u
fo
r t
he
e
xp
re
ss
p
ur
po
se
S
EL
F
ST
U
D
Y.
S
H
AR
IN
G
T
H
E
FI
LE
IS
S
TR
IC
TL
Y
PR
O
H
IB
IT
ED
.
Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Practices for Lesson 4: Configuring Oracle Solaris Zones
Chapter 4 - Page 8
root@s11-serv1:~# ipadm show-addr
ADDROBJ TYPE STATE ADDR
lo0/v4 static ok 127.0.0.1/8
net0/v4 static ok 192.168.0.112/24
lo0/v6 static ok ::1/128
net0/v6 addrconf ok
fe80::a00:27ff:fe00:428f/10
14. Determine the current zone configuration.
root@s11-serv1:~# zoneadm list -cv
ID NAME STATUS PATH BRAND IP
0 global running / solaris shared
15. Verify that an IPS service is available.
root@s11-serv1:~# pkg publisher
PUBLISHER TYPE STATUS URI
solaris origin online http://s11-ss.mydomain.com/
root@s11-serv1:~# pkg search solaris-small-server
INDEX ACTION VALUE PACKAGE
pkg.fmri set solaris/group/system/solaris-small-server
pkg:/group/system/solaris-small-server@0.5.11-0.175.0.0.0.2.2576
Task 2: Configure the web Zone
In this task you configure the web zone using the zonecfg utility.
Perform these steps to configure the web zone with the resources necessary for deploying the
Apache Web Server:
1. Create the web zone configuration using the attributes provided in the “Consolidation Plan
Details” (above).
root@s11-serv1:~# zonecfg -z web
web: No such zone configured
Use 'create' to begin configuring a new zone.
zonecfg:web> create
create: Using system default template 'SYSdefault'
zonecfg:web> set zonepath=/zones/web
zonecfg:web> set autoboot=true
zonecfg:web> set ip-type=shared
zonecfg:web> add net
zonecfg:web:net> set address=192.168.0.118/24
zonecfg:web:net> set physical=net0
zonecfg:web:net> end
zonecfg:web:> remove anet
zonecfg:web> info
zonename: web
zonepath: /zones/web
brand: solaris
O
ra
cl
e
U
ni
ve
rs
ity
a
nd
(O
ra
cl
e
C
or
po
ra
tio
n)
u
se
o
nl
y.
Th
es
e
eK
it
m
at
er
ia
ls
a
re
to
b
e
us
ed
O
N
LY
b
y
yo
u
fo
r t
he
e
xp
re
ss
p
ur
po
se
S
EL
F
ST
U
D
Y.
S
H
AR
IN
G
T
H
E
FI
LE
IS
S
TR
IC
TL
Y
PR
O
H
IB
IT
ED
.
Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Practices for Lesson 4: Configuring Oracle Solaris Zones
Chapter 4 - Page 9
autoboot: true
bootargs:
file-mac-profile:
pool:
limitpriv:
scheduling-class:
ip-type: shared
hostid:
fs-allowed:
net:
address: 192.168.0.118/24
allowed-address not specified
configure-allowed-address: true
physical: net0
defrouter not specified
zonecfg:web> verify
zonecfg:web> commit
zonecfg:web> exit
Note that the anet resource is being removed due to the limitations of the lab
environment.
2. Install the web zone.
root@s11-serv1:~# zoneadm -z web install
A ZFS file system has been created for this zone.
Progress being logged to
/var/log/zones/zoneadm.20120320T181349Z.web.install
Image: Preparing at /export/zones/web/root.
Install Log: /system/volatile/install.2534/install_log
AI Manifest: /tmp/manifest.xml.uXai7e
SC Profile: /usr/share/auto_install/sc_profiles/enable_sci.xml
Zonename: web
Installation: Starting ...
Creating IPS image
Installing packages from:
solaris
origin: http://s11-ss.mydomain.com/
DOWNLOAD PKGS FILES XFER
(MB)
Completed 167/167 32062/32062
175.8/175.8
PHASE ACTIONS
O
ra
cl
e
U
ni
ve
rs
ity
a
nd
(O
ra
cl
e
C
or
po
ra
tio
n)
u
se
o
nl
y.
Th
es
e
eK
it
m
at
er
ia
ls
a
re
to
b
e
us
ed
O
N
LY
b
y
yo
u
fo
r t
he
e
xp
re
ss
p
ur
po
se
S
EL
F
ST
U
D
Y.
S
H
AR
IN
G
T
H
E
FI
LE
IS
S
TR
IC
TL
Y
PR
O
H
IB
IT
ED
.
Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Practices for Lesson 4: Configuring Oracle Solaris Zones
Chapter 4 - Page 10
Install Phase 44313/44313
PHASE ITEMS
Package State Update Phase 167/167
Image State Update Phase 2/2
Installation: Succeeded
Note: Man pages can be obtained by installing pkg:/system/manual done.
Done: Installation completed in 166.551 seconds.
Next Steps: Boot the zone, then log into the zone console (zlogin -C)
to complete the configuration process.
Log saved in non-global zone as
/export/zones/web/root/var/log/zones/zoneadm.20120320T181349Z.web.inst
all
root@s11-serv1:~# zoneadm list -cv
ID NAME STATUS PATH BRAND IP
0 global running / solaris shared
- web installed /zones/web solaris shared
Note: This normally takes several minutes to complete.
3. Boot the web zone.
root@s11-serv1:~# zoneadm -z web boot
root@s11-serv1:~# zoneadm list -cv
ID NAMESTATUS PATH BRAND IP
0 global running / solaris shared
1 web running /zones/web solaris shared
4. Log in to the web zone console.
root@s11-serv1:~# zlogin -C web
112/112
Use these parameters when performing the initial system configuration:
• Hostname: web
• DNS: Configure DNS
• Name server address: 192.168.0.100
• DNS search: mydomain.com
• Alternate Name Service: None
• Time zone: your local time zone
• Root password: oracle1
• Your real name: oracle
• User login: oracle
• User password: oracle1
O
ra
cl
e
U
ni
ve
rs
ity
a
nd
(O
ra
cl
e
C
or
po
ra
tio
n)
u
se
o
nl
y.
Th
es
e
eK
it
m
at
er
ia
ls
a
re
to
b
e
us
ed
O
N
LY
b
y
yo
u
fo
r t
he
e
xp
re
ss
p
ur
po
se
S
EL
F
ST
U
D
Y.
S
H
AR
IN
G
T
H
E
FI
LE
IS
S
TR
IC
TL
Y
PR
O
H
IB
IT
ED
.
Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Practices for Lesson 4: Configuring Oracle Solaris Zones
Chapter 4 - Page 11
O
ra
cl
e
U
ni
ve
rs
ity
a
nd
(O
ra
cl
e
C
or
po
ra
tio
n)
u
se
o
nl
y.
Th
es
e
eK
it
m
at
er
ia
ls
a
re
to
b
e
us
ed
O
N
LY
b
y
yo
u
fo
r t
he
e
xp
re
ss
p
ur
po
se
S
EL
F
ST
U
D
Y.
S
H
AR
IN
G
T
H
E
FI
LE
IS
S
TR
IC
TL
Y
PR
O
H
IB
IT
ED
.
Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Practices for Lesson 4: Configuring Oracle Solaris Zones
Chapter 4 - Page 12
O
ra
cl
e
U
ni
ve
rs
ity
a
nd
(O
ra
cl
e
C
or
po
ra
tio
n)
u
se
o
nl
y.
Th
es
e
eK
it
m
at
er
ia
ls
a
re
to
b
e
us
ed
O
N
LY
b
y
yo
u
fo
r t
he
e
xp
re
ss
p
ur
po
se
S
EL
F
ST
U
D
Y.
S
H
AR
IN
G
T
H
E
FI
LE
IS
S
TR
IC
TL
Y
PR
O
H
IB
IT
ED
.
Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Practices for Lesson 4: Configuring Oracle Solaris Zones
Chapter 4 - Page 13
O
ra
cl
e
U
ni
ve
rs
ity
a
nd
(O
ra
cl
e
C
or
po
ra
tio
n)
u
se
o
nl
y.
Th
es
e
eK
it
m
at
er
ia
ls
a
re
to
b
e
us
ed
O
N
LY
b
y
yo
u
fo
r t
he
e
xp
re
ss
p
ur
po
se
S
EL
F
ST
U
D
Y.
S
H
AR
IN
G
T
H
E
FI
LE
IS
S
TR
IC
TL
Y
PR
O
H
IB
IT
ED
.
Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Practices for Lesson 4: Configuring Oracle Solaris Zones
Chapter 4 - Page 14
web console login: oracle
Password: oracle1
Oracle Corporation SunOS 5.11 11.0 November 2011
oracle1@web:~$ su -
Password: oracle1
Mar 30 11:53:00 web su: 'su root' succeeded for oracle1 on
/dev/console
O
ra
cl
e
U
ni
ve
rs
ity
a
nd
(O
ra
cl
e
C
or
po
ra
tio
n)
u
se
o
nl
y.
Th
es
e
eK
it
m
at
er
ia
ls
a
re
to
b
e
us
ed
O
N
LY
b
y
yo
u
fo
r t
he
e
xp
re
ss
p
ur
po
se
S
EL
F
ST
U
D
Y.
S
H
AR
IN
G
T
H
E
FI
LE
IS
S
TR
IC
TL
Y
PR
O
H
IB
IT
ED
.
Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Practices for Lesson 4: Configuring Oracle Solaris Zones
Chapter 4 - Page 15
Oracle Corporation SunOS 5.11 11.0 November 2011
root@web:~#
5. Install the Apache 2.2 packages.
root@web:~# pkg search apache-22
INDEX ACTION VALUE PACKAGE
pkg.fmri set solaris/web/server/apache-22
pkg:/web/server/apache-22@2.2.20-0.175.0.0.0.2.537
root@web:~# pkg install apache-22
Packages to install: 3
Create boot environment: No
Create backup boot environment: No
Services to change: 1
DOWNLOAD PKGS FILES XFER (MB)
Completed 3/3 636/636 4.2/4.2$<3>
PHASE ACTIONS
Install Phase 800/800
PHASE ITEMS
Package State Update Phase 3/3
Image State Update Phase 2/2
Loading smf(5) service descriptions: 1/1
6. Start the Apache service.
root@web:~# svcs svc:/network/http:apache22
STATE STIME FMRI
disabled 14:14:33 svc:/network/http:apache22
root@web:~# svcadm enable svc:/network/http:apache22
root@web:~# svcs svc:/network/http:apache22
STATE STIME FMRI
online 14:17:20 svc:/network/http:apache22
7. Move back to the global zone.
root@web:~# ~.
root@s11-serv1:~#
O
ra
cl
e
U
ni
ve
rs
ity
a
nd
(O
ra
cl
e
C
or
po
ra
tio
n)
u
se
o
nl
y.
Th
es
e
eK
it
m
at
er
ia
ls
a
re
to
b
e
us
ed
O
N
LY
b
y
yo
u
fo
r t
he
e
xp
re
ss
p
ur
po
se
S
EL
F
ST
U
D
Y.
S
H
AR
IN
G
T
H
E
FI
LE
IS
S
TR
IC
TL
Y
PR
O
H
IB
IT
ED
.
Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Practices for Lesson 4: Configuring Oracle Solaris Zones
Chapter 4 - Page 16
8. Use your web browser to verify that the Apache web service is operational.
O
ra
cl
e
U
ni
ve
rs
ity
a
nd
(O
ra
cl
e
C
or
po
ra
tio
n)
u
se
o
nl
y.
Th
es
e
eK
it
m
at
er
ia
ls
a
re
to
b
e
us
ed
O
N
LY
b
y
yo
u
fo
r t
he
e
xp
re
ss
p
ur
po
se
S
EL
F
ST
U
D
Y.
S
H
AR
IN
G
T
H
E
FI
LE
IS
S
TR
IC
TL
Y
PR
O
H
IB
IT
ED
.
Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Practices for Lesson 4: Configuring Oracle Solaris Zones
Chapter 4 - Page 17
Practice 4-2: Test Your Skills and Knowledge
Overview
In this practice, you get to apply the skills and knowledge you gained from the lecture and
guided practices. You are faced with the challenge of completing the following task(s) without
the benefit of a step-by-step guide.
Hint: Use all the available resources, such as man pages, student guide, activity guide, and
your instructor, to successfully complete each task.
In this practice you use the zonecfg utility to configure the storage zone using the
“Consolidation Plan Details” (below).
Consolidation Plan Details
• Zone application (role): NFS server
• Installation method: Command-line
o IPS server: Sol11-SuperServer (192.168.0.100)
• OS: Oracle Solaris 11 11/11
o Users: root, oracle
• Zone configuration:
o Zone name: storage
o Zonepath: /zones/storage
o Zone brand: solaris
o Zone autoboot: true
o Remove the anet resource
o Zone networking:
IP type: shared
Zone resource: net
IP address: 192.168.0.117/24
Network interface: net0
o Add a ZFS dataset resource for the NFS server storage.
add dataset
• set name=data1
O
ra
cl
e
U
ni
ve
rs
ity
a
nd
(O
ra
cl
e
C
or
po
ra
tio
n)
u
se
o
nl
y.
Th
es
e
eK
it
m
at
er
ia
ls
a
re
to
b
e
us
ed
O
N
LY
b
y
yo
u
fo
r t
he
e
xp
re
ss
p
ur
po
se
S
EL
F
ST
U
D
Y.
S
H
AR
IN
G
T
H
E
FI
LE
IS
S
TR
IC
TL
Y
PR
O
H
IB
IT
ED
.
Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Practices for Lesson 4: Configuring Oracle Solaris Zones
Chapter 4 - Page 18
Task: Configure the storage Zone
Perform this task on the Sol11-Server1 VM.
• Verify that hard disk c3t3d0 is not currently being used by the system.
• In the global zone, create the data1 dataset.
root@s11-serv1:~# zpool create –f data1 c3t3d0
root@s11-serv1:~# zfs list data1
NAME USED AVAIL REFER MOUNTPOINT
data1 85K 31.5G 31K /data1
• Use the zonecfg utility to configure the storage zone using these parameters for the
Consolidation Plan (above):
• Install the storage zone.
• Boot the storage zone and perform system configuration using these parameters:
o Hostname: storage
o DNS: Configure DNS
o Name server address: 192.168.0.100
o DNS search: mydomain.com
o Alternate Name Service: None
o Time zone: your local time zoneo Root password: oracle1
o Your real name: oracle
o User login: oracle
o User password: oracle1
• Log in to the storage zone as oracle and su to root. Verify that the NFS storage
resource is configured.
root@storage:~# zfs list data1
NAME USED AVAIL REFER MOUNTPOINT
data1 85K 31.5G 31K /data1
• Configure the NFS server using these commands.
root@storage:~# pkg info service/file-system/nfs
Name: service/file-system/nfs
Summary: NFS server
Description: Network File System (NFS) server kernel
module, utilities and
daemons
Category: System/File System
State: Installed
Publisher: solaris
Version: 0.5.11
Build Release: 5.11
Branch: 0.175.0.0.0.2.1
Packaging Date: Wed Oct 19 06:24:23 2011
O
ra
cl
e
U
ni
ve
rs
ity
a
nd
(O
ra
cl
e
C
or
po
ra
tio
n)
u
se
o
nl
y.
Th
es
e
eK
it
m
at
er
ia
ls
a
re
to
b
e
us
ed
O
N
LY
b
y
yo
u
fo
r t
he
e
xp
re
ss
p
ur
po
se
S
EL
F
ST
U
D
Y.
S
H
AR
IN
G
T
H
E
FI
LE
IS
S
TR
IC
TL
Y
PR
O
H
IB
IT
ED
.
Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Practices for Lesson 4: Configuring Oracle Solaris Zones
Chapter 4 - Page 19
Size: 522.53 kB
FMRI: pkg://solaris/service/file-
system/nfs@0.5.11,5.11-0.175.0.0.0.2.1:20111019T062423Z
root@storage:~# svcs network/shares
STATE STIME FMRI
online 16:03:09 svc:/network/shares:fault
root@storage:~# zfs create data1/share
root@storage:~# zfs set \
share=name=shares,path=/data1/share,prot=nfs data1/share
name=shares,path=/data1/share,prot=nfs
root@storage:~# zfs set sharenfs=on data1/share
root@storage:~# zfs set compression=on data1/share
root@storage:~# showmount -e
export list for storage:
/data1/share (everyone)
root@storage:~# ~.
root@s11-serv1:~#
O
ra
cl
e
U
ni
ve
rs
ity
a
nd
(O
ra
cl
e
C
or
po
ra
tio
n)
u
se
o
nl
y.
Th
es
e
eK
it
m
at
er
ia
ls
a
re
to
b
e
us
ed
O
N
LY
b
y
yo
u
fo
r t
he
e
xp
re
ss
p
ur
po
se
S
EL
F
ST
U
D
Y.
S
H
AR
IN
G
T
H
E
FI
LE
IS
S
TR
IC
TL
Y
PR
O
H
IB
IT
ED
.
Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Practices for Lesson 4: Configuring Oracle Solaris Zones
Chapter 4 - Page 20
Practice 4-3: Configure an Immutable Zone
Overview
You can configure a zone to have a read-only root. Zones with a read-only root are called
Immutable Zones. A Solaris Immutable Zone protects the zone’s configuration by implementing
read-only root file systems for nonglobal zones. This zone extends the zone’s secure runtime
boundary by adding additional restrictions to the runtime environment. Unless performed as
specific maintenance operations, modifications to system binaries or system configurations are
blocked. The exception to this rule is that the global zone can write to a nonglobal zone’s file
system for installation, image updates, and maintenance.
You use the zonecfg utility to configure Immutable Zones. The value of the file-mac-
profile property determines the zone’s read-only policy. By default, the zonecfg file-
mac-profile property is not set in a nonglobal zone allowing a writable root dataset.
Here are the possible values for the file-mac-profile property:
• none: Standard, read-write, nonglobal zone, with no additional protection beyond the
existing zones boundaries. Setting the value to none is equivalent to not setting the
file-mac-profile property.
• strict: Read-only file system, no exceptions
o IPS packages cannot be installed.
o Persistently enabled SMF services are fixed.
o SMF manifests cannot be added from the default locations.
o Logging and auditing configuration files fixed. Data can only be logged remotely.
• fixed-configuration: Permits updates to /var/* directories, with the exception of
directories that contain system configuration components
o IPS packages, including new packages, cannot be installed.
o Persistently enabled SMF services are fixed.
o SMF manifests cannot be added from the default locations.
o Logging and auditing configuration files can be local. syslog and audit
configuration are fixed.
• flexible-configuration: Permits modification of files in /etc/* directories,
changes to root’s home directory, and updates to /var/* directories
o IPS packages, including new packages, cannot be installed.
o Persistently enabled SMF services are fixed.
o SMF manifests cannot be added from the default locations.
o Logging and auditing configuration files can be local. syslog and audit
configuration can be changed.
Task: Configure an Immutable Zone
In this task you make the web zone immutable.
Perform these steps to configure an Immutable Zone:
1. Verify that the Sol11-SuperServer and Sol11-Server1 virtual machines are running. This
can be determined by viewing the Oracle VM VirtualBox Manager window and checking the
run status for each virtual machine. If the virtual machines are not running, start them at this
time. If any other VMs are running, shut them down now.
2. Log in to virtual machine Sol11-Server1 system as user oracle and su to root.
3. Determine the status of the zones currently configured in the system.
O
ra
cl
e
U
ni
ve
rs
ity
a
nd
(O
ra
cl
e
C
or
po
ra
tio
n)
u
se
o
nl
y.
Th
es
e
eK
it
m
at
er
ia
ls
a
re
to
b
e
us
ed
O
N
LY
b
y
yo
u
fo
r t
he
e
xp
re
ss
p
ur
po
se
S
EL
F
ST
U
D
Y.
S
H
AR
IN
G
T
H
E
FI
LE
IS
S
TR
IC
TL
Y
PR
O
H
IB
IT
ED
.
Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Practices for Lesson 4: Configuring Oracle Solaris Zones
Chapter 4 - Page 21
root@s11-serv1:~# zoneadm list -cv
ID NAME STATUS PATH BRAND IP
0 global running / solaris shared
1 storage running /zones/storage solaris shared
2 web running /zones/web solaris shared
4. Edit the web zone configuration. Set the file-mac-profile property to
flexible-configuration.
root@s11-serv1:~# zonecfg -z web
zonecfg:web> set file-mac-profile=flexible-configuration
zonecfg:web> info
zonename: web
zonepath: /zones/web
brand: solaris
autoboot: true
bootargs:
file-mac-profile: flexible-configuration
pool:
limitpriv:
scheduling-class:
ip-type: shared
hostid:
fs-allowed:
net:
address: 192.168.0.118/24
allowed-address not specified
configure-allowed-address: true
physical: net0
defrouter not specified
zonecfg:web> verify
zonecfg:web> commit
zonecfg:web> exit
5. Reboot the web zone.
root@s11-serv1:~# zoneadm -z web reboot
6. Log in to the web zone.
root@s11-serv1:~# zlogin web
Oracle Corporation SunOS 5.11 11.0 November 2011
root@web:~#
7. Use the zoneadm list -p command to display the value of the web zone
file-mac-profile property.
root@s11-serv1:~# zoneadm list -p | grep web
3:web:running:/zones/web:eb950edf-c0f4-4d7e-a47f-
ff45f4191493:solaris:shared:R: flexible-configuration
O
ra
cl
e
U
ni
ve
rs
ity
a
nd
(O
ra
cl
e
C
or
po
ra
tio
n)
u
se
o
nl
y.
Th
es
e
eK
it
m
at
er
ia
ls
a
re
to
b
e
us
ed
O
N
LY
b
y
yo
u
fo
r t
he
e
xp
re
ss
p
ur
po
se
S
EL
F
ST
U
D
Y.
S
H
AR
IN
G
T
H
E
FI
LE
IS
S
TR
IC
TL
Y
PR
O
H
IB
IT
ED
.
Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Practices for Lesson 4: Configuring Oracle Solaris Zones
Chapter 4 - Page 22
Note that the R field indicates that the web zone is read-only.
8. Verify that the web zone is immutable. Try installing a software package and try to write to
/var.
root@web:~# pkg search apptrace
INDEX ACTION VALUE PACKAGE
pkg.description setApptrace utility for application tracing,
including shared objects pkg:/developer/apptrace@0.5.11-
0.175.0.0.0.2.1
pkg.summary set Apptrace Utility
pkg:/developer/apptrace@0.5.11-0.175.0.0.0.2.1
basename file usr/bin/apptrace
pkg:/developer/apptrace@0.5.11-0.175.0.0.0.2.1
pkg.fmri set solaris/developer/apptrace
pkg:/developer/apptrace@0.5.11-0.175.0.0.0.2.1
root@web:~# pkg install apptrace
pkg install: Could not complete the operation on /var/pkg/lock:
read-only filesystem.
root@web:~# mkdir /var/data
root@web:~# ls /var/data
/var/data
root@web:~#
9. Move back to the global zone.
10. Reboot the web zone with write-enabled root in effect for this boot-cycle only.
root@s11-serv1:~# zoneadm –z web reboot -w
11. Log in to the web zone and install the apptrace package.
root@s11-serv1:~# zlogin web
root@web:~# pkg install apptrace
12. Reboot the web zone.
root@web:~# init 6
13. Log back in to the web zone and attempt to remove the installed apptrace package.
root@s11-serv1:~# zlogin web
root@web:~# pkg uninstall apptrace
pkg install: Could not complete the operation on /var/pkg/lock:
read-only filesystem.
14. Move back to the global zone.
15. Set the web zone file-mac-profile property to none and reboot the zone.
root@s11-serv1:~# zonecfg -z web set file-mac-profile=none
root@s11-serv1:~# zoneadm -z web reboot
O
ra
cl
e
U
ni
ve
rs
ity
a
nd
(O
ra
cl
e
C
or
po
ra
tio
n)
u
se
o
nl
y.
Th
es
e
eK
it
m
at
er
ia
ls
a
re
to
b
e
us
ed
O
N
LY
b
y
yo
u
fo
r t
he
e
xp
re
ss
p
ur
po
se
S
EL
F
ST
U
D
Y.
S
H
AR
IN
G
T
H
E
FI
LE
IS
S
TR
IC
TL
Y
PR
O
H
IB
IT
ED
.
Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Practices for Lesson 4: Configuring Oracle Solaris Zones
Chapter 4 - Page 23
Practice 4-4: Test Your Skills and Knowledge
Overview
In this practice, you get to apply the skills and knowledge you gained from the lecture and
guided practices. You are challenged with completing the following task(s) without the benefit of
a step-by-step guide.
Hint: Use all the available resources, such as man pages, student guide, activity guide, and
your instructor, to successfully complete each task.
Task: Configure a Nonglobal Zone
In this task you make the storage zone immutable.
Perform this task on the Sol11-Server1 VM.
• Set the storage zone file-mac-profile property to flexible-configuration.
• Verify that the storage zone meets the read-only policy set by the
flexible-configuration property:
o Try to install the apptrace software package.
o Try to write to the /var directory.
• Set the storage zone file-mac-profile property to none and reboot the zone.
Important: After you have completed this practice, shut down and power-off the Sol11-Server1
server.
O
ra
cl
e
U
ni
ve
rs
ity
a
nd
(O
ra
cl
e
C
or
po
ra
tio
n)
u
se
o
nl
y.
Th
es
e
eK
it
m
at
er
ia
ls
a
re
to
b
e
us
ed
O
N
LY
b
y
yo
u
fo
r t
he
e
xp
re
ss
p
ur
po
se
S
EL
F
ST
U
D
Y.
S
H
AR
IN
G
T
H
E
FI
LE
IS
S
TR
IC
TL
Y
PR
O
H
IB
IT
ED
.
Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Practices for Lesson 4: Configuring Oracle Solaris Zones
Chapter 4 - Page 24
O
ra
cl
e
U
ni
ve
rs
ity
a
nd
(O
ra
cl
e
C
or
po
ra
tio
n)
u
se
o
nl
y.
Th
es
e
eK
it
m
at
er
ia
ls
a
re
to
b
e
us
ed
O
N
LY
b
y
yo
u
fo
r t
he
e
xp
re
ss
p
ur
po
se
S
EL
F
ST
U
D
Y.
S
H
AR
IN
G
T
H
E
FI
LE
IS
S
TR
IC
TL
Y
PR
O
H
IB
IT
ED
.
Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Practices for Lesson 5: Deploying Zones Using Automatic Installation
Chapter 5 - Page 1
Practices for Lesson 5:
Deploying Zones Using
Automatic Installation
Chapter 5
O
ra
cl
e
U
ni
ve
rs
ity
a
nd
(O
ra
cl
e
C
or
po
ra
tio
n)
u
se
o
nl
y.
Th
es
e
eK
it
m
at
er
ia
ls
a
re
to
b
e
us
ed
O
N
LY
b
y
yo
u
fo
r t
he
e
xp
re
ss
p
ur
po
se
S
EL
F
ST
U
D
Y.
S
H
AR
IN
G
T
H
E
FI
LE
IS
S
TR
IC
TL
Y
PR
O
H
IB
IT
ED
.
Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Practices for Lesson 5: Deploying Zones Using Automatic Installation
Chapter 5 - Page 2
Practices for Lesson 5
Practices Overview
The practices for the lesson titled “Deploying Zones Using Automatic Installation” introduce you
to the automatic installation (AI) method for installing nonglobal zones. It provides guided and
unguided hands-on experience with using AI to configure and install zones. During the
practices, you apply Oracle Solaris Zone installation best practices.
The key areas explored in these practices are:
• Assessing the Automatic Installation server environment
• Configuring the AI server for zone installation
• Deploying the zone to the AI install client
Assumptions
Your Consolidation Plan
O
ra
cl
e
U
ni
ve
rs
ity
a
nd
(O
ra
cl
e
C
or
po
ra
tio
n)
u
se
o
nl
y.
Th
es
e
eK
it
m
at
er
ia
ls
a
re
to
b
e
us
ed
O
N
LY
b
y
yo
u
fo
r t
he
e
xp
re
ss
p
ur
po
se
S
EL
F
ST
U
D
Y.
S
H
AR
IN
G
T
H
E
FI
LE
IS
S
TR
IC
TL
Y
PR
O
H
IB
IT
ED
.
Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Practices for Lesson 5: Deploying Zones Using Automatic Installation
Chapter 5 - Page 3
Your practice environment is based on the Oracle VM VirtualBox virtualization software.
The virtual machines (VM) you use in the practices are as follows:
• Sol11-SuperServer: This VM provides network services such as DNS, DHCP, IPS, and AI
used by the VMs in the practice.
• Sol11-Server1: The Sol11-Server1 provides an HTTP service required for this practice.
• Sol11-Server2: The Sol11-Server2 platform will host zones that support the internal product
engineering organization.
• Sol11-Server3: The Sol11-Server3 platform will host zones that support the internal product
support organization.
Note: The responses to the commands shown in these practices are examples only. The values
you see during your practice might vary slightly.
O
ra
cl
e
U
ni
ve
rs
ity
a
nd
(O
ra
cl
e
C
or
po
ra
tio
n)
u
se
o
nl
y.
Th
es
e
eK
it
m
at
er
ia
ls
a
re
to
b
e
us
ed
O
N
LY
b
y
yo
u
fo
r t
he
e
xp
re
ss
p
ur
po
se
S
EL
F
ST
U
D
Y.
S
H
AR
IN
G
T
H
E
FI
LE
IS
S
TR
IC
TL
Y
PR
O
H
IB
IT
ED
.
Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Practices for Lesson 5: Deploying Zones Using Automatic Installation
Chapter 5 - Page 4
Practice 5-1: Configuring a Zone Using Automatic Installation
Overview
You can configure and install nonglobal zones using the Oracle Solaris 11 Automatic Installation
(AI) facility. AI automates the installation of the Oracle Solaris 11 OS and nonglobal zones on
SPARC and x86 clients over the network. The clients can be customized with installation
parameters such as disk layout and software selection and with system configuration
parameters such as host name, network configuration, and user accounts. Customizations can
be made on a client-by-client basis and can be scaled for large environments.
In this practice you configure the AI service to install the Sol11-Server2 server and the
engineering zone using the “Consolidation Plan Details” (below).
Consolidation Plan Details
• Installation method: AI
o AI server: Sol11-SuperServer (192.168.0.100)
o IPS server: Sol11-SuperServer (192.168.0.100)
• Remote client global zone:
o OS: Oracle Solaris 11 11/11
o Users: root, oracle
o Host name: s11-serv2
o IP address: 192.168.0.113
• Remote client nonglobal zone:
o Role: Used for engineering team home accounts
o OS: OracleSolaris 11 11/11
o Users: root, oracle
o Zone configuration:
o Zone name: engineering
o Zonepath: /zones/engineering
o Zone brand: solaris
o Zone autoboot: true
O
ra
cl
e
U
ni
ve
rs
ity
a
nd
(O
ra
cl
e
C
or
po
ra
tio
n)
u
se
o
nl
y.
Th
es
e
eK
it
m
at
er
ia
ls
a
re
to
b
e
us
ed
O
N
LY
b
y
yo
u
fo
r t
he
e
xp
re
ss
p
ur
po
se
S
EL
F
ST
U
D
Y.
S
H
AR
IN
G
T
H
E
FI
LE
IS
S
TR
IC
TL
Y
PR
O
H
IB
IT
ED
.
Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Practices for Lesson 5: Deploying Zones Using Automatic Installation
Chapter 5 - Page 5
o Zone net:
IP type: shared
IP address: 192.168.0.120/24
Network interface: net0
DNS server: 192.168.0.100
Domain: mydomain.com
• The Sol11-Server1 server web zone
o HTTP service
The engineering zone configuration file
Task 1: Assess the Automatic Installation Server Environment
Before you begin constructing your zone environment using AI, it is important to determine if the
AI server environment meets your installation requirements.
In this task you assess the AI server environment including:
• Current AI install services
• AI install client setup
• IPS service availability
• DHCP service availability
• HTTP service availability
Perform these steps to assess the AI environment:
1. Verify that the Sol11-SuperServer and Sol11-Server1 virtual machines are running. This
can be determined by viewing the Oracle VM VirtualBox Manager window and checking the
run status for each virtual machine. If the virtual machines are not running, start them at this
time. If any other VMs are running, shut them down and power them off now.
2. Log in to virtual machine Sol11-SuperServer system as user oracle and su to root.
s11-ss console login: oracle
Password: oracle1
oracle@s11-ss:~$ su -
Password: oracle1
root@s11-ss:~#
3. Determine the AI install client configuration (see the following notes).
Note: An AI install client VM is available in the VirtualBox Manager window. The VM name
is Sol11-Server2. This VM has the following configuration:
• Storage = 5 hard disks
• Memory = 1.5 GB
• Network interfaces = 4 (net0 - net3)
• Net0 MAC address = 08:00:27:85:C7:D6
Important Note: The MAC address might be different than the one shown here. If so, use
the VirtualBox Manager Settings tab to change the MAC address for the Sol11-Server2 VM
to 08002785C7D6. The MAC address on the VM network interface must match the MAC
address you specify when configuring the AI service for this client.
O
ra
cl
e
U
ni
ve
rs
ity
a
nd
(O
ra
cl
e
C
or
po
ra
tio
n)
u
se
o
nl
y.
Th
es
e
eK
it
m
at
er
ia
ls
a
re
to
b
e
us
ed
O
N
LY
b
y
yo
u
fo
r t
he
e
xp
re
ss
p
ur
po
se
S
EL
F
ST
U
D
Y.
S
H
AR
IN
G
T
H
E
FI
LE
IS
S
TR
IC
TL
Y
PR
O
H
IB
IT
ED
.
Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Practices for Lesson 5: Deploying Zones Using Automatic Installation
Chapter 5 - Page 6
4. Verify that an IPS service is available.
root@s11-ss:~# pkg publisher
PUBLISHER TYPE STATUS URI
solaris origin online http://s11-ss.mydomain.com/
root@s11-ss:~# svcs svc:/application/pkg/server:default
STATE STIME FMRI
online Mar_30 svc:/application/pkg/server:default
5. Verify that a DHCP service is available.
root@s11-ss:~# svcs svc:/network/dhcp/server
STATE STIME FMRI
disabled Mar_30 svc:/network/dhcp/server:ipv6
online 11:41:55 svc:/network/dhcp/server:ipv4
root@s11-ss:~# more /etc/inet/dhcpd4.conf
# dhcpd.conf
#
# Configuration file for ISC dhcpd
# (created by installadm(1M))
#
# global option definitions, common to all subnets
option domain-name "mydomain.com";
option domain-name-servers 192.168.0.100;
default-lease-time 900;
max-lease-time 86400;
# If this DHCP server is the official DHCP server for the local
# network, the authoritative directive should be uncommented.
authoritative;
# Set logging facility (accompanies setting in syslog.conf)
log-facility local7;
subnet 192.168.0.0 netmask 255.255.255.0 {
option broadcast-address 192.168.0.255
option routers 0.0.0.0
next-server 192.168.0.100
}
class "PXEBoot" {
match if (substring(option vendor-class-identifier, 0, 9) =
"PXEClient");
}
Note that the subnet entry currently does not have an IP range configured.
O
ra
cl
e
U
ni
ve
rs
ity
a
nd
(O
ra
cl
e
C
or
po
ra
tio
n)
u
se
o
nl
y.
Th
es
e
eK
it
m
at
er
ia
ls
a
re
to
b
e
us
ed
O
N
LY
b
y
yo
u
fo
r t
he
e
xp
re
ss
p
ur
po
se
S
EL
F
ST
U
D
Y.
S
H
AR
IN
G
T
H
E
FI
LE
IS
S
TR
IC
TL
Y
PR
O
H
IB
IT
ED
.
Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Practices for Lesson 5: Deploying Zones Using Automatic Installation
Chapter 5 - Page 7
6. Move to the web zone on the Sol11-Server1 platform and verify that the HTTP service is
available.
root@web:~# svcs svc:/network/http
STATE STIME FMRI
online 10:09:56 svc:/network/http:apache22
Task 2: Configure the AI Server for Zone Installation
In Task 1, you determined that no AI services were configured.
In this task you create and configure an AI server with the following:
• AI service for x86 machines
• AI install client (08:00:27:85:C7:D6)
• AI manifest (global zone)
• System configuration profile (global zone)
• Zone system configuration profile
Perform these steps to configure the AI service:
1. On the Sol11-SuperServer virtual machine, enable the svc:/network/dns/multicast
server in the AI server.
root@s11-ss:~# svcadm enable \
svc:/network/dns/multicast:default
root@s11-ss:~# svcs | grep dns
online 15:03:05 svc:/network/dns/client:default
online 15:03:05 svc:/network/dns/server:default
online 15:19:27 svc:/network/dns/multicast:default
2. Create a directory for your AI server.
root@s11-ss:~# mkdir –p /export/ai/x86_ai
3. Use the installadm create-service command to create an AI service based on the
following information:
• Service name: x86_ai
• DHCP base IP address: 192.168.0.130
• DHCP IP address range: 10
• AI ISO image location: /var/tmp/sol-11-1111-ai-x86.iso
• Target directory: /export/ai/x86_ai
root@s11-ss:~# installadm create-service -n x86_ai \
-s /var/tmp/sol-11-1111-ai-x86.iso \
-i 192.168.0.130 -c 10 -d /export/ai/x86_ai
Creating service from: /var/tmp/sol-11-1111-ai-x86.iso
Setting up the image ...
Creating service: x86_ai
Image path: /export/ai/x86_ai
Adding IP range to local DHCP configuration
Refreshing install services
Creating default-i386 alias.
O
ra
cl
e
U
ni
ve
rs
ity
a
nd
(O
ra
cl
e
C
or
po
ra
tio
n)
u
se
o
nl
y.
Th
es
e
eK
it
m
at
er
ia
ls
a
re
to
b
e
us
ed
O
N
LY
b
y
yo
u
fo
r t
he
e
xp
re
ss
p
ur
po
se
S
EL
F
ST
U
D
Y.
S
H
AR
IN
G
T
H
E
FI
LE
IS
S
TR
IC
TL
Y
PR
O
H
IB
IT
ED
.
Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Practices for Lesson 5: Deploying Zones Using Automatic Installation
Chapter 5 - Page 8
Setting the default PXE bootfile in the local DHCP configuration
to 'default-i386/boot/grub/pxegrub'
Refreshing install services
Note: You can remove an AI service and associated clients by using the command
installadm delete-service -r svcname.
4. Verify that the IP address range has been added to the DHCP service.
root@s11-ss:~# tail -12 /etc/inet/dhcpd4.conf
subnet 192.168.0.0 netmask 255.255.255.0 {
range 192.168.0.130 192.168.0.139;
option broadcast-address 192.168.0.255;
option routers 0.0.0.0;
next-server 192.168.0.100;
}
class "PXEBoot" {
match if (substring(option vendor-class-identifier, 0, 9) =
"PXEClient");filename "default-i386/boot/grub/pxegrub";
}
Note that the subnet entry now has an IP range configured.
5. Use the installadm list command to verify that your AI service is installed.
root@s11-ss:~# installadm list
Service Name Alias Of Status Arch Image Path
------------ -------- ------ ---- ----------
x86_ai - on x86 /export/ai/x86_ai
default-i386 x86_ai on x86 /export/ai/x86_ai
6. Add the AI install client to the x86_ai service.
root@s11-ss:~# installadm create-client -e 08:00:27:85:C7:D6 \
-n x86_ai
Adding host entry for 08:00:27:85:C7:D6 to local DHCP
configuration.
root@s11-ss:~# installadm list -c
Service Name Client Address Arch Image Path
------------ -------------- ---- ----------
x86_ai 08:00:27:85:C7:D6 i386 /export/ai/x86_ai
root@s11-ss:~# tail /etc/inet/dhcpd4.conf
class "PXEBoot" {
match if (substring(option vendor-class-identifier, 0, 9) =
"PXEClient");
filename "default-i386/boot/grub/pxegrub";
}
host 08002785C7D6 {
hardware ethernet 08:00:27:85:C7:D6;
filename "0108002785C7D6";
O
ra
cl
e
U
ni
ve
rs
ity
a
nd
(O
ra
cl
e
C
or
po
ra
tio
n)
u
se
o
nl
y.
Th
es
e
eK
it
m
at
er
ia
ls
a
re
to
b
e
us
ed
O
N
LY
b
y
yo
u
fo
r t
he
e
xp
re
ss
p
ur
po
se
S
EL
F
ST
U
D
Y.
S
H
AR
IN
G
T
H
E
FI
LE
IS
S
TR
IC
TL
Y
PR
O
H
IB
IT
ED
.
Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Practices for Lesson 5: Deploying Zones Using Automatic Installation
Chapter 5 - Page 9
}
7. Copy the /export/ai/x86_ai/auto_install/manifest/default.xml manifest
template file to /var/tmp/Sol11-Server2-manifest.xml.
root@s11-ss:~# cp
/export/ai/x86_ai/auto_install/manifest/default.xml \
/var/tmp/Sol11-Server2-manifest.xml
8. Edit the /var/tmp/Sol11-Server2-manifest.xml file. Make these changes:
• AI instance name: s11-serv2
• IPS origin name: http://s11-ss.mydomain.com
• Install software package group: solaris-small-server
• Add the configuration element:
<configuration type="zone" name="engineering" \
source="http://web.mydomain.com/zone_configs/engineering.cfg"/>
root@s11-ss:~# chmod 755 /var/tmp/Sol11-Server2-manifest.xml
root@s11-ss:~# vi /var/tmp/Sol11-Server2-manifest.xml
<?xml version="1.0" encoding="UTF-8"?>
<!--
Copyright (c) 2008, 2011, Oracle and/or its affiliates. All rights
reserved.
-->
<!DOCTYPE auto_install SYSTEM "file:///usr/share/install/ai.dtd.1">
<auto_install>
<ai_instance name="s11-serv2">
<target>
<logical>
<zpool name="rpool" is_root="true">
<filesystem name="export" mountpoint="/export"/>
<filesystem name="export/home"/>
<be name="solaris"/>
</zpool>
</logical>
</target>
<software type="IPS">
<destination>
<image>
<!-- Specify locales to install -->
<facet set="false">facet.locale.*</facet>
<facet set="true">facet.locale.de</facet>
<facet set="true">facet.locale.de_DE</facet>
<facet set="true">facet.locale.en</facet>
<facet set="true">facet.locale.en_US</facet>
<facet set="true">facet.locale.es</facet>
<facet set="true">facet.locale.es_ES</facet>
<facet set="true">facet.locale.fr</facet>
O
ra
cl
e
U
ni
ve
rs
ity
a
nd
(O
ra
cl
e
C
or
po
ra
tio
n)
u
se
o
nl
y.
Th
es
e
eK
it
m
at
er
ia
ls
a
re
to
b
e
us
ed
O
N
LY
b
y
yo
u
fo
r t
he
e
xp
re
ss
p
ur
po
se
S
EL
F
ST
U
D
Y.
S
H
AR
IN
G
T
H
E
FI
LE
IS
S
TR
IC
TL
Y
PR
O
H
IB
IT
ED
.
Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Practices for Lesson 5: Deploying Zones Using Automatic Installation
Chapter 5 - Page 10
<facet set="true">facet.locale.fr_FR</facet>
<facet set="true">facet.locale.it</facet>
<facet set="true">facet.locale.it_IT</facet>
<facet set="true">facet.locale.ja</facet>
<facet set="true">facet.locale.ja_*</facet>
<facet set="true">facet.locale.ko</facet>
<facet set="true">facet.locale.ko_*</facet>
<facet set="true">facet.locale.pt</facet>
<facet set="true">facet.locale.pt_BR</facet>
<facet set="true">facet.locale.zh</facet>
<facet set="true">facet.locale.zh_CN</facet>
<facet set="true">facet.locale.zh_TW</facet>
</image>
</destination>
<source>
<publisher name="solaris">
<origin name="http://s11-ss.mydomain.com"/>
</publisher>
</source>
<!--
By default the latest build available, in the specified IPS
repository, is installed. If another build is required, the
build number has to be appended to the 'entire' package in the
following form:
<name>pkg:/entire@0.5.11-0.build#</name>
-->
<software_data action="install">
<name>pkg:/entire@latest</name>
<name>pkg:/group/system/solaris-small-server</name>
</software_data>
</software>
<configuration type="zone" name="engineering"
source="http://web.mydomain.com/zone_configs/engineering.cfg"/>
</ai_instance>
</auto_install>
9. Use the diff command to view the differences between the Sol11-Server2-
manifest.xml file and the default.xml file.
root@s11-ss:~# diff \
/var/tmp/manifests/Sol11-Server2-manifest.xml \
/export/ai/x86_ai/auto_install/manifest/default.xml
10c10
< <ai_instance name="s11-serv2">
---
> <ai_instance name="default">
48c48
O
ra
cl
e
U
ni
ve
rs
ity
a
nd
(O
ra
cl
e
C
or
po
ra
tio
n)
u
se
o
nl
y.
Th
es
e
eK
it
m
at
er
ia
ls
a
re
to
b
e
us
ed
O
N
LY
b
y
yo
u
fo
r t
he
e
xp
re
ss
p
ur
po
se
S
EL
F
ST
U
D
Y.
S
H
AR
IN
G
T
H
E
FI
LE
IS
S
TR
IC
TL
Y
PR
O
H
IB
IT
ED
.
Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Practices for Lesson 5: Deploying Zones Using Automatic Installation
Chapter 5 - Page 11
< <origin name="http://s11-ss.mydomain.com"/>
---
> <origin name="http://pkg.oracle.com/solaris/release"/>
61c61
< <name>pkg:/group/system/solaris-small-server</name>
---
> <name>pkg:/group/system/solaris-large-server</name>
64d63
< <configuration type="zone" name="engineering"
source="http://web.mydomain.com/zone_configs/engineering.cfg"/>
10. Custom AI manifests need some criteria to associate a specific AI client or set of AI clients
with the manifest. Create a criteria file that specifies the MAC address (08:00:27:85:C7:D6)
of the AI client.
root@s11-ss:~# vi /var/tmp/Sol11-Server2-criteria.xml
<ai_criteria_manifest>
<ai_criteria name="mac">
<value>08:00:27:85:C7:D6</value>
</ai_criteria>
</ai_criteria_manifest>
11. Add the Sol11-Server2-manifest.xml manifest to the x86_ai service.
root@s11-ss:~# installadm create-manifest -n x86_ai \
-f /var/tmp/Sol11-Server2-manifest.xml \
-C /var/tmp/Sol11-Server2-criteria.xml
root@s11-ss:~# installadm list -c -m -n x86_ai
Service Name Client Address Arch Image Path
------------ -------------- ---- ----------
x86_ai 08:00:27:85:C7:D6 i386 /export/ai/x86_ai
Manifest Status Criteria
-------- ------ --------
s11-serv2 mac = 08:00:27:85:C7:D6
orig_default Default None
12. You can view details of a previously installed manifest configuration by running the
installadm export command.
root@s11-ss:~# installadm export -n x86_ai -m s11-serv2 | more
<!DOCTYPE auto_install SYSTEM "file:///usr/share/install/ai.dtd.1">
<auto_install>
<ai_instance name="s11-serv2">
<target>
<logical>
<zpool name="rpool" is_root="true">
Continue navegando
Perguntas relacionadas
Compartilhar