How to configure and install kernel zone on Solaris 11

In Oracle Solaris 11,we have new type of zone called kernel zone. This zone is a
lmost similar to SPARC VM (LDOM) guests which can run on its own patch level and
completely isolated from global zone. These kernel branded zones are support on
both SPARC & X86 hardwares. But processors should support
virtulization technology(VT).In X86 hardwares, you have to enable this option in
system BIOS,if your hardware is upported for VT.Let s see how we can configure
and install kernel zones on Solaris 11.2 .
1. Login to Solaris 11.2 global zone and check whether the system is supporting
kernel zones or not.
ATS_GLOBAL# zoneadm list -cv
ID NAME STATUS PATH BRAND IP
0 global running / solaris shared
ATS_GLOBAL#uname -a
SunOS SAN 5.11 11.2 i86pc i386 i86pc
ATS_GLOBAL#virtinfo
NAME CLASS
vmware current
non-global-zone supported
kernel-zone supported
As per the above command output,this hardware will support kernel-zone.
2.System should have atleast 8GB physical memory and 2 virtual processor(2 core
s) & 16GB free space for virtual disk.
ATS_GLOBAL#prtconf -v |head -4
System Configuration: Oracle Corporation i86pc
Memory size: 8780 Megabytes
System Peripherals (Software Nodes):
ATS_GLOBAL#psrinfo |wc -l
2
ATS_GLOBAL#
3.Create a new kernel zone and check the zones configuration.
ATS_GLOBAL#zonecfg -z ATSKLZ1 create -t SYSsolaris-kz
ATS_GLOBAL#zoneadm list -cv
ID NAME STATUS PATH BRAND IP
0 global running / solaris shared
- ATSKLZ1 configured - solaris-kz excl
ATS_GLOBAL#zonecfg -z ATSKLZ1 info
ATS_GLOBAL#
4.Here is the available zpool on my system. As per previous command output,kern
el zone is going to create virtual disk under rpool.
ATS_GLOBAL#zpool list
NAME SIZE ALLOC FREE CAP DEDUP HEALTH ALTROOT
cloudS 23.8G 0G 23.8G 0% 1.00x ONLINE -
rpool 15.6G 11.6G 4.06G 74% 1.00x ONLINE -
ATS_GLOBAL#
In rpool, we do not have 16GB free space. So let me modify the zone s configuratio
n to point cloudS zpool.
5.Invoke zonecfg command to modify the virtual disk.
ATS_GLOBAL#zonecfg -z ATSKLZ1
zonecfg:ATSKLZ1> select device id=0
zonecfg:ATSKLZ1:device> info
device:
match not specified
storage.template: dev:/dev/zvol/dsk/%{global-rootzpool}/VARSHARE/zones/%
{zonename}/disk%{id}
storage: dev:/dev/zvol/dsk/rpool/VARSHARE/zones/ATSKLZ1/disk0
id: 0
bootpri: 0
zonecfg:ATSKLZ1:device> set storage=dev:/dev/zvol/dsk/cloudS/zones/ATSKLZ1/disk0
zonecfg:ATSKLZ1:device> info
device:
match not specified
storage: dev:/dev/zvol/dsk/cloudS/zones/ATSKLZ1/disk0
id: 0
bootpri: 0
zonecfg:ATSKLZ1:device> end
zonecfg:ATSKLZ1> commit
zonecfg:ATSKLZ1> exit
ATS_GLOBAL#
6.You need IPS repository to install the kernel zone. If you do not have a local
repository, just set to oracle IPS repo.
ATS_GLOBAL# pkg publisher
PUBLISHER TYPE STATUS P LOCATION
solaris origin online F http://pkg.oracle.com/solaris/rele
ase/
ATS_GLOBAL#pkg set-publisher -O http://pkg.oracle.com/solaris/release solaris
7.Install the kernel zone using below command.
ATS_GLOBAL#zoneadm -z ATSKLZ1 install
ATS_GLOBAL#zoneadm list -cv
ID NAME STATUS PATH BRAND IP
0 global running / solaris shared
- ATSKLZ1 installed - solaris-kz excl
ATS_GLOBAL#
8.There may be chance that zone may failed to boot due to insufficient resources
.
ATS_GLOBAL#zoneadm -z ATSKLZ1 boot
zone 'ATSKLZ1': error: boot failed
zone 'ATSKLZ1': error: Failed to create VM: Not enough space
zone 'ATSKLZ1': error: allocation of guest RAM failed
zoneadm: zone ATSKLZ1: call to zoneadmd(1M) failed: zoneadmd(1M) returned an err
or 1 (unspecified error)
ATS_GLOBAL#
In this case, i just added one more CPU core and booted it.
9.Boot the kernel zone and login to zone s console for initial setup .
root@ATS-GLOBAL:~# zoneadm -z ATSKLZ1 boot
root@ATS-GLOBAL:~# zlogin -C ATSKLZ1
[Connected to zone 'ATSKLZ1' console]
SC profile successfully generated as:
/etc/svc/profile/sysconfig/sysconfig-20140806-203628/sc_profile.xml
Exiting System Configuration Tool. Log is available at:
/system/volatile/sysconfig/sysconfig.log.300
Hostname: ATSKLZ1
ATSKLZ1 console login: root
Password:
Aug 7 02:15:40 ATSKLZ1 login: ROOT LOGIN /dev/console
Oracle Corporation SunOS 5.11 11.2 June 2014
root@ATSKLZ1:~#
10.Here is the interesting output of kernel zones.
root@ATSKLZ1:~# zonename
global
root@ATSKLZ1:~# zoneadm list -cv
ID NAME STATUS PATH BRAND IP
0 global running / solaris shared
root@ATSKLZ1:~# virtinfo
NAME CLASS
kernel-zone current
non-global-zone supported
root@ATSKLZ1:~#
Kernel zone will be showing as global if you type zonename and you can install non-
global zone under the kernel zones.
11. You can login to the using zlogin from global without providing the username
/password like other non-global zones.
root@SAN:~# zlogin ATSKLZ1
[Connected to zone 'ATSKLZ1' pts/2]
Oracle Corporation SunOS 5.11 11.2 June 2014
root@ATSKLZ1:~# df -h
Filesystem Size Used Available Capacity Mounted on
rpool/ROOT/solaris 15G 2.1G 11G 16% /
/devices 0K 0K 0K 0% /devices
/dev 0K 0K 0K 0% /dev
ctfs 0K 0K 0K 0% /system/contract
proc 0K 0K 0K 0% /proc
mnttab 0K 0K 0K 0% /etc/mnttab
swap 1.7G 1.5M 1.7G 1% /system/volatile
objfs 0K 0K 0K 0% /system/object
sharefs 0K 0K 0K 0% /etc/dfs/sharetab
/dev/kz/sdir/shared@0
6.9G 1.7M 6.9G 1% /system/shared
/usr/lib/libc/libc_hwcap1.so.1
13G 2.1G 11G 16% /lib/libc.so.1
fd 0K 0K 0K 0% /dev/fd
rpool/ROOT/solaris/var
15G 122M 11G 2% /var
swap 1.7G 0K 1.7G 0% /tmp
rpool/VARSHARE 15G 2.4M 11G 1% /var/share
rpool/VARSHARE/zones 15G 31K 11G 1% /system/zones
rpool/export 15G 32K 11G 1% /export
rpool/export/home 15G 31K 11G 1% /export/home
rpool 15G 32K 11G 1% /rpool
rpool/VARSHARE/pkg 15G 32K 11G 1% /var/share/pkg
rpool/VARSHARE/pkg/repositories
15G 31K 11G 1% /var/share/pkg/repositor
ies
root@ATSKLZ1:~#
12.You mange the network using ipadm in kernel zone itself.
root@ATSKLZ1:~# ipadm
NAME CLASS/TYPE STATE UNDER ADDR
lo0 loopback ok -- --
lo0/v4 static ok -- 127.0.0.1/8
lo0/v6 static ok -- ::1/128
net0 ip ok -- --
net0/v4 static ok -- 192.168.2.59/24
net0/v6 addrconf ok -- fe80::8:20ff:fe24:543/10
13.You need to configure package repository for kernel zone like global for any
additional package installation and non-global zone installation.
root@ATSKLZ1:~# pkg publisher
PUBLISHER TYPE STATUS P LOCATION
solaris origin online F http://pkg.oracle.com/solaris/rele
ase/
root@ATSKLZ1:~#
14.In Solaris 11.2 , you can suspend the zone and resume it when you needed. Thi
s is similar to VMware s VM suspend and resume functionality.
You need to set the suspend file path .
root@SAN:~# zonecfg -z ATSKLZ1
zonecfg:ATSKLZ1> select suspend
zonecfg:ATSKLZ1:suspend> set path=/cloudS/ATSKLZ1_suspend
zonecfg:ATSKLZ1:suspend> end
zonecfg:ATSKLZ1> commit
zonecfg:ATSKLZ1> exit
root@ATS-GLOBAL:~# zonecfg -z ATSKLZ1 info suspend
suspend:
path: /cloudS/ATSKLZ1_suspend
storage not specified
root@ATS-GLOBAL:~# zoneadm -z ATSKLZ1 suspend
root@ATS-GLOBAL:~# zoneadm list -cv
ID NAME STATUS PATH BRAND IP
0 global running / solaris shared
- ATSKLZ1 installed - solaris-kz excl
root@SAN:~#
15.You can resume the zone using boot command .Once the zone s resumes, the suspen
d file will be removed.You can also migrate the suspended zone from one global z
one
to another global zone.
root@ATS-GLOBAL:~# cd /cloudS/
root@SAN:/cloudS# ls -lrt
total 507776
drwxr-xr-x 2 root root 2 Aug 7 02:25 other
-rw------- 1 root root 260046848 Aug 7 16:43 ATSKLZ1_suspend
root@ATS-GLOBAL:/cloudS# du -sh ATSKLZ1_suspend
248M ATSKLZ1_suspend
root@ATS-GLOBAL:/cloudS# zoneadm -z ATSKLZ1 boot
root@ATS-GLOBAL:/cloudS# ls -lrt
total 3
drwxr-xr-x 2 root root 2 Aug 7 02:25 other
root@ATS-GLOBAL:/cloudS#
root@ATS-GLOBAL:/cloudS# zoneadm list -cv
ID NAME STATUS PATH BRAND IP
0 global running / solaris shared
3 ATSKLZ1 running - solaris-kz excl
root@ATS-GLOBAL:/cloudS# zlogin ATSKLZ1 uptime
4:49pm up 14:21, 0 users, load average: 0.71, 0.82, 0.39
root@ATS-GLOBAL:/cloudS#
Hope now you got some idea about kernel zone s configuration, installation and oth
er features.