Solaris Container (zone). Creation and administration. Part 2
Solaris Container (zone). Creation and administration. Part 1
Good day,% username.
In the first part of the article, I tried to talk about what zones are in Solaris, their advantages as one of the virtualization approaches. Also, the usual zone was successfully established, without “buns” and other “frills”. In the same part, I want to show how you can indulge in buns and add frills to our zone.
To begin with, we will delete the zone we created in the previous article, and since I have a server installed on the ZFS file system, we will install our new zone in ZFS data. The advantages and features of this file system are worthy of a separate large article. But in short, ZFS features are:
')
And so I have 1 physical disk, c1t1d0, on which we will create a zfs pool and install a new zone there.
Create zfs datasets and set quota to 10G, dataset size:
We now have the following ZFS structure
This time we will install the “whole root” zone, the zone in which there are no inherited directories from the global zone. The zone will be able to manage the separate ZFS-dataset transferred to it (for example, for data), it will have its own separate network interface. Installing new add-on packages in “whole root” will be no different from the usual OS.
zonecfg: zone1> create –b - create an “empty” configuration. If you do not use the –b key, a structure is created with inherited directories.
zonecfg: zone1> set ip-type = exclusive - means that we will use a separate interface
zonecfg: zone1> add net
zonecfg: zone1: net> set physical = bge1 - add interface only
zonecfg: zone1: net> end
zonecfg: zone1> add dataset
zonecfg: zone1: dataset> set name = habrapool / test - we commit ZFS to a zone
zonecfg: zone1: dataset> end
After installing and configuring the zone inside it, a dataset appears in which the zone administrator can create his own datasets, assign quotas, compression, etc. to them. This allows you to achieve high flexibility and full use of ZFS in the zone.
Since zonecfg can work in the interactive mode (this mode was used before) and in the command file mode, we can export the command file from, for example, a ready-made zone, and then use it to create new zones.
You can also create a zone by cloning an existing one. To do this, you need to create a new zone, into which the data from the old one will be declined, and first we take the configuration of the zone from which we want to make a clone:
Now we need to edit the config, correcting the zonepath, the name of the zone and IP. After editing the config looks like this:
Next, start cloning:
Due to the fact that ZFS is used, the zone is deployed from zone1 snapshot, and the procedure takes about 5 seconds. In reality, the new zone after cloning is equal in size to 0 Mb, since This is the delta (the difference between zone1 and zon2). The more new data will appear in zone2, the more it will be different from zone1. In reality, such a solution is necessary for the rapid unfolding of new zones, which will be minimally different from each other. If there is a need to create a zone by copying, and not from a snapshot, then this can be done with the –m copy parameter, but it takes much more time, about 6 minutes, and zone2 will take exactly the same amount on the disk as zone1:
For example, there is a task to migrate one zone from one host to another host in order to unload one of them. First you need to “unhook” the migrating zone from the current host and prepare it for migration:
Now we need to copy the data to another host. We make a tar archive and copy it to another host in the path / export / data1 / by any convenient means. After copying to the target host, unpack the tarball to the / export / data1 / migrzone1 directory. Create a zone using zonecfg –z newzone and specify the path of the moved detached zone. After this, the zone configuration is created, we do the attachment of the zone and the boot:
In order to allocate a zone a separate memory, it is enough to add the following to the zone config and reload the zone:
zonecfg: zone1> add capped-memory - allocate our own memory for the zone
zonecfg: zone1: capped-memory> set physical = 512m is the amount of memory that will be issued to the zone from the pool of physical memory.
zonecfg: zone1: capped-memory> set swap = 1024m is not the swap we are used to. This indicates the maximum virtual memory that can be addressed within the zone.
To allocate a dedicated cpu, separate VCPU, which will be used only in this zone, and not in any other (even in the global). There is a more different way of allocating CPU resources for zones through a special resource manager, but this is a topic for a separate article.
Zone it looks like this:
In this article I tried to take into account the comments that were in the comments to the previous part, and to demonstrate and describe what I promised.
Thank you for your attention!
Good day,% username.
In the first part of the article, I tried to talk about what zones are in Solaris, their advantages as one of the virtualization approaches. Also, the usual zone was successfully established, without “buns” and other “frills”. In the same part, I want to show how you can indulge in buns and add frills to our zone.
To begin with, we will delete the zone we created in the previous article, and since I have a server installed on the ZFS file system, we will install our new zone in ZFS data. The advantages and features of this file system are worthy of a separate large article. But in short, ZFS features are:
')
- ZFS includes not only the file system itself, but also tools for partition management and administration
- supports capacious storages
- data backup, self-treatment of damaged parts of the FS (due to previously calculated checksums)
- transactional model of writing files to disk
- supports ZFS pool hot extension
- supports unlimited clones and snapshots
- open source and available on Solaris 10, MacOS X and FreeBSD
Install the "whole root" zone
And so I have 1 physical disk, c1t1d0, on which we will create a zfs pool and install a new zone there.
# zpool create -f habrapool c1t1d0Create zfs datasets and set quota to 10G, dataset size:
# zfs create habrapool/zone1
# zfs set quota=10G habrapool/zone1
# chown root:root /habrapool/zone1/
# chmod 700 /habrapool/zone1/We now have the following ZFS structure
# zfs list -H | grep habrapool
habrapool 107K 66.9G 23K /habrapool
habrapool/zone1 21K 10.0G 21K /habrapool/zone1This time we will install the “whole root” zone, the zone in which there are no inherited directories from the global zone. The zone will be able to manage the separate ZFS-dataset transferred to it (for example, for data), it will have its own separate network interface. Installing new add-on packages in “whole root” will be no different from the usual OS.
# zonecfg -z zone1
zonecfg:zone1> create -b
…
zonecfg:zone1> set ip-type=exclusive
zonecfg:zone1> add net
zonecfg:zone1:net> set physical=bge1
zonecfg:zone1:net> end
zonecfg:zone1> add dataset
zonecfg:zone1:dataset> set name=habrapool/test
zonecfg:zone1:dataset> end
…
zonecfg:zone1> verify
zonecfg:zone1> commit
zonecfg:zone1> exitzonecfg: zone1> create –b - create an “empty” configuration. If you do not use the –b key, a structure is created with inherited directories.
zonecfg: zone1> set ip-type = exclusive - means that we will use a separate interface
zonecfg: zone1> add net
zonecfg: zone1: net> set physical = bge1 - add interface only
zonecfg: zone1: net> end
zonecfg: zone1> add dataset
zonecfg: zone1: dataset> set name = habrapool / test - we commit ZFS to a zone
zonecfg: zone1: dataset> end
After installing and configuring the zone inside it, a dataset appears in which the zone administrator can create his own datasets, assign quotas, compression, etc. to them. This allows you to achieve high flexibility and full use of ZFS in the zone.
# zfs list
NAME USED AVAIL REFER MOUNTPOINT
habrapool 3.69G 63.2G 35K /habrapool
habrapool/test 44K 5.00G 23K /habrapool/test
habrapool/test/inzone 21K 1024M 21K /habrapool/test/inzoneSince zonecfg can work in the interactive mode (this mode was used before) and in the command file mode, we can export the command file from, for example, a ready-made zone, and then use it to create new zones.
# zonecfg -z zone1 export -f /zone1.cfg
# cat /zone1.cfg
…
add dataset
set name=habrapool/test
…
# zonecfg -z zone2 -f /zone1.cfgZone cloning
You can also create a zone by cloning an existing one. To do this, you need to create a new zone, into which the data from the old one will be declined, and first we take the configuration of the zone from which we want to make a clone:
# zonecfg -z zone1 export -f /zone1.cfgNow we need to edit the config, correcting the zonepath, the name of the zone and IP. After editing the config looks like this:
create -b
set zonepath=/habrapool/zone2
set autoboot=true
set ip-type=shared
add net
set address=10.44.3.90
set physical=bge1
end
add attr
set name=comment
set type=string
set value=zone2Next, start cloning:
# time zoneadm -z zone2 clone zone1
Cloning snapshot habrapool/zone1@SUNWzone1
Instead of copying, a ZFS clone has been created for this zone.
real 0m4.522s
user 0m2.342s
sys 0m0.388sDue to the fact that ZFS is used, the zone is deployed from zone1 snapshot, and the procedure takes about 5 seconds. In reality, the new zone after cloning is equal in size to 0 Mb, since This is the delta (the difference between zone1 and zon2). The more new data will appear in zone2, the more it will be different from zone1. In reality, such a solution is necessary for the rapid unfolding of new zones, which will be minimally different from each other. If there is a need to create a zone by copying, and not from a snapshot, then this can be done with the –m copy parameter, but it takes much more time, about 6 minutes, and zone2 will take exactly the same amount on the disk as zone1:
# time zoneadm -z zone2 clone -m copy zone1
A ZFS file system has been created for this zone.
Copying /habrapool/zone1...
real 6m2.939s
user 0m9.545s
sys 1m29.881sMigrate a zone to another host
For example, there is a task to migrate one zone from one host to another host in order to unload one of them. First you need to “unhook” the migrating zone from the current host and prepare it for migration:
# zoneadm -z zone2 halt
# zoneadm -z zone2 detachNow we need to copy the data to another host. We make a tar archive and copy it to another host in the path / export / data1 / by any convenient means. After copying to the target host, unpack the tarball to the / export / data1 / migrzone1 directory. Create a zone using zonecfg –z newzone and specify the path of the moved detached zone. After this, the zone configuration is created, we do the attachment of the zone and the boot:
# zonecfg -z newzone 'create -a /habrapool/zone2'
# zoneadm -z newzone attach
# zoneadm -z newzone bootPU and RAM for the zone
In order to allocate a zone a separate memory, it is enough to add the following to the zone config and reload the zone:
zonecfg:zone1> add capped-memory
zonecfg:zone1:capped-memory> set physical=512m
zonecfg:zone1:capped-memory> set swap=1024m
zonecfg:zone1:capped-memory> end
zonecfg: zone1> add capped-memory - allocate our own memory for the zone
zonecfg: zone1: capped-memory> set physical = 512m is the amount of memory that will be issued to the zone from the pool of physical memory.
zonecfg: zone1: capped-memory> set swap = 1024m is not the swap we are used to. This indicates the maximum virtual memory that can be addressed within the zone.
To allocate a dedicated cpu, separate VCPU, which will be used only in this zone, and not in any other (even in the global). There is a more different way of allocating CPU resources for zones through a special resource manager, but this is a topic for a separate article.
zonecfg:zone1> add dedicated-cpu - allocate 1 CPU for the zonezonecfg:zone1: dedicated-cpu > set ncpus=1
zonecfg:zone1: dedicated-cpu > end
Zone it looks like this:
bash-3.00# psrinfo -v
Status of virtual processor 0 as of: 07/07/2011 02:14:08
on-line since 07/01/2011 06:56:38.
The sparcv9 processor operates at 1504 MHz,
and has a sparcv9 floating point processor.
bash-3.00# prtconf | grep Memory
Memory size: 512 Megabytes
In this article I tried to take into account the comments that were in the comments to the previous part, and to demonstrate and describe what I promised.
Thank you for your attention!
Source: https://habr.com/ru/post/123621/
All Articles