Installing Zones on Nexenta
From Docupedia
| Revision as of 05:22, 26 March 2007 Jsmith (Talk | contribs) missed disabling power service. � Previous diff |
Revision as of 17:32, 26 March 2007 Tstewart (Talk | contribs) Detaching from a Zone Next diff → |
||
| Line 180: | Line 180: | ||
| Now that you've used zlogin to get a console on the zone. Your probably wondering how to get outta the console. This one took me a second or two to figure out. The key command you will need to exit is as follows: | Now that you've used zlogin to get a console on the zone. Your probably wondering how to get outta the console. This one took me a second or two to figure out. The key command you will need to exit is as follows: | ||
| - | ~. that is a tilda then a period. | + | ~. |
| - | Depending on how many ssh session you have gone through before connecting to the console. A good rule of thumb is keep pressing ~ until one appears on the shell. Then you need to use one less ~ then that. So if you press tilda twice and on the second press of SHIFT+` (which gives you ~) you will see the ~ appear. This would mean you'd only hit tilda once before giving the period. | + | (That is a tilda then a period.) |
| - | + | ||
| - | jsmith@sol01:~$ | + | |
| - | Please realize that nothing will show on the console when you do this. If you do see | + | This sequence assumes you are directly on the console of the system hosting the Zone. OpenSSH uses the same escape sequence for its connections, and typing this will disconnect your "outermost" OpenSSH connection. To get your OpenSSH client to send a `~.' to the remote end, you have to type `~~.' into your client. If you have two OpenSSH connections open to connect to your Zone, then you would type `[[User:Tstewart|Tstewart]].' to send the escape. You get the idea. |
| - | jsmith@sol01:~$ ~. | + | A good rule of thumb is keep pressing ~ until one appears on the shell. Your number of `escapes' will be equal to how many ~'s didn't appear. Type that many plus a period and you'll disconnect from the Zone. |
| - | + | ||
| - | Then you have hit tilda too many times. Just erase everything and hit tilda once followed by the period. Then hit enter and you should be dropped back to a prompt on the global zone. | + | |
| == Showing off your new Zones == | == Showing off your new Zones == | ||
Revision as of 17:32, 26 March 2007
A ZFS file system has been created for this zone.
__ _ _____
/\ \ \_____ _____ _ __ | |_ __ _ / _ / ___ _ __ ___ ___
/ \/ / _ \ \/ / _ \ '_ \| __/ _` | \// / / _ \| '_ \ / _ \/ __|
/ /\ / __/> < __/ | | | || (_| | / //\ (_) | | | | __/\__ \
\_\ \/ \___/_/\_\___|_| |_|\__\__,_| /____/\___/|_| |_|\___||___/
Written By: Jeff Smith
Date: 3/24/2007
Contents |
Introduction
This howto is designed to take you through installation of a zone into your new shinny nexenta server. The use for zones is vast. I tend to explain zones to people as light weight virtual machines. All the zones on the box share the same kernel. This helps keep overhead down and administration ease up. The basic process we are going to follow is: creating the zone, installing it, then doing some post configuration clean up to remove some errors. This howto also assumes that you have gotten yourself a working sudo install. If you haven't set that up just su - to root and give all the commands without the sudo preface.
Creating a Zone
Lets start by making the directory. Please notice that the permissions are required to be set at 700 on the directory. If you don't do this you will hear about it later during the zone install.
jsmith@sol01:~$ sudo mkdir -m 700 /data/zones/zone01
This creates a folder for the zone. This assumes that you have a folder named data. In this case both data and data/zones exist in a zfs pool.
jsmith@sol01:~$ zfs list NAME USED AVAIL REFER MOUNTPOINT data 993M 877G 38.2K /data data/zones 993M 877G 39.6K /data/zones data/zones/zone01 534M 877G 534M /data/zones/zone01
Please note the sizes here are from an already created and installed zone. So yours won't show that big of a size. This is really just included for you to realize what the underlying file system structure is. Now that we have all this done we can create the zone.
jsmith@sol01:~$ sudo zonecfg -z zone1 zone1: No such zone configured Use 'create' to begin configuring a new zone. zonecfg:zone1> create zonecfg:zone1> set zonepath=/data/zones/zone01 zonecfg:zone1> set autoboot=true zonecfg:zone1> add net zonecfg:zone1:net> set address=192.168.1.200 zonecfg:zone1:net> set physical=e1000g0 zonecfg:zone1:net> end zonecfg:zone1> add attr zonecfg:zone1:net> set name=comment zonecfg:zone1:net> set type=string zonecfg:zone1:net> set value="zone1.domain.com" zonecfg:zone1:net> end zonecfg:zone1> verify zonecfg:zone1> commit zonecfg:zone1> exit
Thats it for configuring the zone. I do at this point like to open the created xml file manually and just verify that all the contents are sane.
jsmith@sol01:~$ sudo vi /etc/zones/zone1.xml
Once you have opened the file the contents should be something like this:
<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE zone PUBLIC "-//Sun Microsystems Inc//DTD Zones//EN" "file:///usr/share/lib/xml/dtd/zonecfg.dtd.1"> <zone name="zone01" zonepath="/data/zones/zone01" autoboot="true"> <inherited-pkg-dir directory="/lib"/> <inherited-pkg-dir directory="/platform"/> <inherited-pkg-dir directory="/sbin"/> <inherited-pkg-dir directory="/usr"/> <network address="192.168.1.200" physical="e1000g0"/> <attr name="comment" type="string" value="zone01.alkaloid.net"/> </zone>
I prefer to remove the inherited-pkg-dir lines. These only need to be here if you don't want your zones to be able to install different packages then the global zone. I usually leave the platform folder as being inherited. If you have these set when you try and do a sudo apt-get install you will get a read-only permission denied error. This is because you are inheriting those directories from the global zone. So make it look something like this:
<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE zone PUBLIC "-//Sun Microsystems Inc//DTD Zones//EN" "file:///usr/share/lib/xml/dtd/zonecfg.dtd.1"> <zone name="zone01" zonepath="/data/zones/zone01" autoboot="true"> <inherited-pkg-dir directory="/platform"/> <network address="192.168.1.200" physical="e1000g0"/> <attr name="comment" type="string" value="zone01.alkaloid.net"/> </zone>
Installing the domain
This is basically the part where the new zone installs its operating system. Pretty easy just give the command
jsmith@sol01:~$ sudo zoneadm -z zone1 install
After running this command be prepared to wait a while. A base zone install is around 500mbs that needs to be downloaded. Once this is done you will be ready to boot your new zone.
Booting your new zone
Now that your install has completed you are ready to boot your zone. The initial boot takes a little while so be patient. Your computer is now running multiple little computers now so it can take a little more time.
jsmith@sol01:~$ sudo zoneadm -z zone1 boot
You can connect to the console to see how the boot process is going by doing
jsmith@sol01:~$ sudo zlogin -C zone01
You will be prompted for the root password which at this point is blank so just press enter. Now that your on the console you'll want to type passwd and set a root password.
Your first connection to the console after a system has installed could take a while. You should notice in the bottom right corner there is a counter starting up towards 80. Something like
[Connected to zone 'zone01' console]
39/80
When this number gets to 80 the zone will be booted.
Fixing all the errors
If your like me your anal about boot errors and when you first login to the console you will see a lot of them. Here is a list some of the alkaloid members came up with for getting ride of some of those errors. These must all be run from a root prompt or using sudo.
jsmith@sol01~$ sudo svcadm disable eeprom jsmith@sol01~$ sudo svcadm disable dumpadm jsmith@sol01~$ sudo svcadm disable fmd jsmith@sol01~$ sudo svcadm disable svc:/network/nfs/nlockmgr:default jsmith@sol01~$ sudo svcadm disable svc:/network/nfs/client:default jsmith@sol01~$ sudo svcadm disable svc:/system/filesystem/autofs:default jsmith@sol01~$ sudo svcadm disable svc:/network/nfs/server:default jsmith@sol01~$ sudo svcadm disable svc:/network/nfs/status:default jsmith@sol01~$ sudo svcadm disable svc:/network/nfs/cbd:default jsmith@sol01~$ sudo svcadm disable svc:/network/nfs/mapid:default
Then reboot your zone
jsmith@sol01~$ sudo reboot
After your reboot also disable these services
jsmith@sol01~$ sudo svcadm disable svc:/network/rpc/bind:default jsmith@sol01~$ sudo svcadm disable svc:/network/rpc-100235_1/rpc_ticotsord:default jsmith@sol01~$ sudo svcadm disable power
One more reboot and you should be left with only one set of errors. I haven't figured out this last set of errors. Only two of the three of us that were building systems say this last set of errors. We are not sure if that is because we are less leet then the guy who didn't see it or what?? For now you'll just have to live with it. It doesn't seem to effect system stability. The error I speak of might look something like this after a successful boot.
Mar 24 07:13:50 zone01 syseventd[9218]: unable to open channel to syseventconfd Mar 24 07:13:50 zone01 syseventd[9218]: Invalid ops vector for module 'sysevent_conf_mod.so' Mar 24 07:13:50 zone01 syseventd[9218]: sysevent_reg_mod: Can not open subscriber channel: Bad address Mar 24 07:13:50 zone01 syseventd[9218]: Unable to establish door name with kernel: 'Not owner' Mar 24 07:13:50 zone01 syseventd[9237]: Invalid ops vector for module 'devfsadmd_mod.so' Mar 24 07:13:50 zone01 syseventd[9237]: unable to open channel to syseventconfd Mar 24 07:13:50 zone01 syseventd[9237]: Invalid ops vector for module 'sysevent_conf_mod.so' Mar 24 07:13:50 zone01 syseventd[9237]: sysevent_reg_mod: Can not open subscriber channel: Bad address Mar 24 07:13:50 zone01 syseventd[9237]: Unable to establish door name with kernel: 'Not owner' Mar 24 07:13:50 zone01 syseventd[9247]: Invalid ops vector for module 'devfsadmd_mod.so' Mar 24 07:13:50 zone01 syseventd[9247]: unable to open channel to syseventconfd Mar 24 07:13:50 zone01 syseventd[9247]: Invalid ops vector for module 'sysevent_conf_mod.so' Mar 24 07:13:50 zone01 syseventd[9247]: sysevent_reg_mod: Can not open subscriber channel: Bad address Mar 24 07:13:50 zone01 syseventd[9247]: Unable to establish door name with kernel: 'Not owner' Mar 24 07:13:50 zone01 syseventd[9257]: Invalid ops vector for module 'devfsadmd_mod.so' Mar 24 07:13:50 zone01 syseventd[9257]: unable to open channel to syseventconfd Mar 24 07:13:50 zone01 syseventd[9257]: Invalid ops vector for module 'sysevent_conf_mod.so' Mar 24 07:13:50 zone01 syseventd[9257]: sysevent_reg_mod: Can not open subscriber channel: Bad address Mar 24 07:13:50 zone01 syseventd[9257]: Unable to establish door name with kernel: 'Not owner' Mar 24 07:13:51 zone01 syseventd[9267]: Invalid ops vector for module 'devfsadmd_mod.so' Mar 24 07:13:51 zone01 syseventd[9267]: unable to open channel to syseventconfd Mar 24 07:13:51 zone01 syseventd[9267]: Invalid ops vector for module 'sysevent_conf_mod.so' Mar 24 07:13:51 zone01 syseventd[9267]: sysevent_reg_mod: Can not open subscriber channel: Bad address Mar 24 07:13:51 zone01 syseventd[9267]: Unable to establish door name with kernel: 'Not owner' Mar 24 07:13:51 zone01 syseventd[9277]: Invalid ops vector for module 'devfsadmd_mod.so' Mar 24 07:13:51 zone01 syseventd[9277]: unable to open channel to syseventconfd Mar 24 07:13:51 zone01 syseventd[9277]: Invalid ops vector for module 'sysevent_conf_mod.so' Mar 24 07:13:51 zone01 syseventd[9277]: sysevent_reg_mod: Can not open subscriber channel: Bad address Mar 24 07:13:51 zone01 syseventd[9277]: Unable to establish door name with kernel: 'Not owner' Mar 24 07:13:51 zone01 syseventd[9287]: Invalid ops vector for module 'devfsadmd_mod.so' Mar 24 07:13:51 zone01 syseventd[9287]: unable to open channel to syseventconfd Mar 24 07:13:51 zone01 syseventd[9287]: Invalid ops vector for module 'sysevent_conf_mod.so' Mar 24 07:13:51 zone01 syseventd[9287]: sysevent_reg_mod: Can not open subscriber channel: Bad address Mar 24 07:13:51 zone01 syseventd[9287]: Unable to establish door name with kernel: 'Not owner' Mar 24 07:13:51 zone01 svc.startd[9071]: system/sysevent:default failed repeatedly: transitioned to maintenance (see 'svcs -xv' for details)
This appears very bad but doesn't seem to cause any problems. The smart ones in the group are going to try and disable the system/sysevent:default. This will then casue a whole bunch of other errors. I will post a fix once one of these other more smarterist alkaloid fellows figures it out. So just hit enter and you should be rewarded with the login screen for your new zone.
Detaching from a Zone
Now that you've used zlogin to get a console on the zone. Your probably wondering how to get outta the console. This one took me a second or two to figure out. The key command you will need to exit is as follows:
~.
(That is a tilda then a period.)
This sequence assumes you are directly on the console of the system hosting the Zone. OpenSSH uses the same escape sequence for its connections, and typing this will disconnect your "outermost" OpenSSH connection. To get your OpenSSH client to send a `~.' to the remote end, you have to type `~~.' into your client. If you have two OpenSSH connections open to connect to your Zone, then you would type `Tstewart.' to send the escape. You get the idea.
A good rule of thumb is keep pressing ~ until one appears on the shell. Your number of `escapes' will be equal to how many ~'s didn't appear. Type that many plus a period and you'll disconnect from the Zone.
Showing off your new Zones
Ok so now you have made you new zone. You probably are going to want to login in to IRC right away and show all your ub3r g33k buddies what you've just done. So I should probably give you some commands to checkout your zones.
jsmith@sol01:/data$ zoneadm list -vc ID NAME STATUS PATH BRAND 0 global running / native 1 zone01 running /data/zones/zone01 native
That should list your zones for you. Allow you to copy and paste into IRC and show off a little.
