Make a new filesystem to hold your new zones. I prefer to use zfs as this filesystem has a lot of interesting attributes like snapshot/cloning/compression and much more.
For this demo we will use the zpool rpool to hold the new zones. If that pool does not exist on your system, use one you have, or create a new one with zpool create. (Basic and advanced zfs commands will be covered in an later blog post)
The new zone will be of the type sparse-zone. This zone will inherit /lib, /platform, /sbin and /usr from the global zone. The IP stack will be of the type shared.
Create the /zone filesystem using zfs:
- zfs create -o mountpoint=/zone -o compression=on pool/zone
This will create a new filesystem /zone with compression activated. We will use compression as we will save diskspace, and in most cases have better performance.
Update /etc/hosts, so it includes the ip and hostname for our new zone
- echo "10.0.1.10 testzone1.raghon.no testzone1" >> /etc/hosts
If you want a full tabulator stop between the ip and hostname, type <ctrl>+v+<tab> between ip and hostname, or use an editor like vi.
Configure your new zone
- zonecfg -z testzone1.raghon.no
Starts an interactive session to configure your new zone - create
Builds a zone config from the default template - set zonepath=/zone/testzone1.raghon.no
Instruct the system to build the new zone in a new filesystem under /zone - add net
Start configuring a new network interface (will be a virtual one, as we are running the shared ip-stack) - set physical=e1000g0
Define which interface to use for our new zone. Type ifconfig -a in the global zone to see whats available for you. PS : it has to be a configured interface when using the shared ip-stack. - set adresse=testzone1.raghon.no
Defines the ip address for our new interface. I'm using the hostname as it's much easier to change the ip in /etc/hosts, than editing the zone configuration. - set defrouter=10.0.1.1
Define a default route for the interface. Only needed if no default router are defined for this network in the global zone - end
Ends the configuration of the interface. Repeat the steps from add net to end if you need additional interfaces. - verify
Perform some checks to see if we have a valid configuration - commit
Commit all changes to the system - exit or <ctrl>+d
Exit the configuration, and return to the shell
The new zone is now configured, and ready to install :-)
Ok lets complete the installation of the new zone.
- zoneadm -z testzone1.raghon.no install
Copies all required files from the global zone to your new spars zone. This will take a few minutes, or seconds if you have a fast system. - zoneadm -z testzone1.raghon.no boot
Boot your new zone - zlogin -e \# testzone1.raghon.no
Execute this command as soon as poosible after the boot command, to connect to the zone console, and watch the zone boot up. The "-e \#" tells the system that you can use "#." to exit from the console. As the default exit command is the same as ssh has as default (~.). If you have been logged in to the global zone with ssh, and have not changed the default exit command, you will then have to type "~~.", and add an extra "~" for each ssh session on your way to the server.
Your new zone is now booting, please answer all questions after your liking on the console. In a later blog post, I'll explain how to automate the last step using sysidcfg. Wait for that post, or RTFM.
This is how I usually answer the question on the first boot up:
- Select a Language: 0 for English
- Select a Locale: 0 English
- What type of terminal are you using: 12 Xterms
- Hostname: default is usally what we expect (type <ESC>+2 to continue)
- Kerberos: no
- Name Service: I often choose none, and configure ldap and or dns manually afterwards
- NFSv4: Use the NFSv4 domain derived by the system
- Timezone: Choose the one you need, press space to select
- Root password: I'm not gonna tell what I'm using :-)
The zone will now reboot, and should be ready for your applications.
If you want to configure DNS and or ldap manually please have a look at /etc/nsswitch.conf, /etc/resolv.conf and ldapclient.