openSolaris 2008 - How to Configure the <tt>lx</tt> Branded Zone - System Administration Guide: Virtualization Using the Solaris Operating System

How to Configure the `lx` Branded Zone

You use the zonecfg command described in the zonecfg(1M) man page to perform the following actions.

Create the zone configuration
Verify that all required information is present
Commit the non-global zone configuration

Tip - If you know you will be using CDs or DVDs to install applications in an lx branded zone, use add fs to add read-only access to CD or DVD media in the global zone when you initially configure the branded zone. A CD or DVD can then be used to install a product in the branded zone.

While configuring a zone with the zonecfg utility, you can use the revert subcommand to undo the setting for a resource. See How to Revert a Zone Configuration.

A script to configure multiple zones on your system is provided in Script to Configure Multiple lx Branded Zones.

To display a non-global zone's configuration, see How to Display the Configuration of a Branded Zone.

Tip - After you have configured the branded zone, it is a good idea to make a copy of the zone's configuration. You can use this backup to restore the zone in the future. As superuser or Primary Administrator, print the configuration for the zone lx-zone to a file. This example uses a file named lx-zone.config.

global# zonecfg -z lx-zone export > lx-zone.config

See How to Restore an Individual Non-Global Zone for more information.

How to Configure, Verify, and Commit the `lx` Branded Zone

Note that you cannot use lx branded zones on a Trusted Solaris system where labels are enabled. The zoneadm command will not verify the configuration.

You must be the global administrator in the global zone to perform this procedure.

Become superuser, or assume the Primary Administrator role.
To create the role and assign the role to a user, see Using the Solaris Management Tools With RBAC (Task Map) in System Administration Guide: Basic Administration.
Set up a zone configuration with the zone name you have chosen.
The name lx-zone is used in this example procedure.
```
global# zonecfg -z lx-zone
```
If this is the first time you have configured this zone, you will see the following system message:
```
lx-zone: No such zone configured
Use 'create' to begin configuring a new zone.
```
Create the new lx zone configuration by using the SUNWlx template.
```
zonecfg:lx-zone> create -t SUNWlx
```
Alternatively, you can create a blank zone and explicitly set the brand:
```
zonecfg:lx-zone> create -b
zonecfg:lx-zone> set brand=lx
```
Set the zone path, /export/home/lx-zone in this procedure.
```
zonecfg:lx-zone> set zonepath=/export/home/lx-zone
```
Set the autoboot value.
If set to true, the zone is automatically booted when the global zone is booted. Note that for the zones to autoboot, the zones service svc:/system/zones:default must also be enabled. The default value is false.
```
zonecfg:lx-zone> set autoboot=true
```

Set persistent boot arguments for a zone.

zonecfg:lx-zone> set bootargs="-i=altinit"

If resource pools are enabled on your system, associate a pool with the zone.
This example uses the default pool, named pool_default.
```
zonecfg:lx-zone> set pool=pool_default
```
Because a resource pool can have an optional scheduling class assignment, you can use the pools facility to set a default scheduler other than the system default for a non-global zone. For instructions, see How to Associate a Pool With a Scheduling Class and Creating the Configuration.
Revise the default set of privileges.
```
zonecfg:lx-zone> set limitpriv="default,proc_priocntl"
```
The proc_priocntl privilege is used to run processes in the real-time class.
Set five CPU shares.
```
zonecfg:lx-zone> set cpu-shares=5
```

Add a memory cap.

zonecfg:lx-zone> add capped-memory

Set the memory cap.
```
zonecfg:lx-zone:capped-memory> set =50m
```

Set the swap memory cap.

zonecfg:lx-zone:capped-memory> set swap=100m

Set the locked memory cap.

zonecfg:lx-zone:capped-memory> set locked=30m

End the specification.
```
zonecfg:lx-zone:capped-memory> end
```

Add a file system.
```
zonecfg:lx-zone> add fs
```
1. Set the mount point for the file system, /export/linux/local in this procedure.
```
zonecfg:lx-zone:fs> set dir=/export/linux/local
```
2. Specify that /opt/local in the global zone is to be mounted as /usr/local in the zone being configured.
```
zonecfg:lx-zone:fs> set special=/opt/local
```
  In the non-global zone, the /usr/local file system will be readable and writable.
3. Specify the file system type, lofs in this procedure.
```
zonecfg:lx-zone:fs> set type=lofs
```
  The type indicates how the kernel interacts with the file system.
4. End the file system specification.
```
zonecfg:lx-zone:fs> end
```
This step can be performed more than once to add more than one file system.
Add a network interface.
```
zonecfg:lx-zone> add net
```
1. Set the IP address in the form ip address of zone/netmask. In this procedure, 10.6.10.233/24 is used.
```
zonecfg:lx-zone:net> set address=10.6.10.233/24
```
2. Set the physical device type for the network interface, the bge device in this procedure.
```
zonecfg:lx-zone:net> set physical=bge0
```
3. (Optional) Set the default router for the network interface, in this procedure.
```
zonecfg:my-zone:net> set defrouter=10.0.0.1
```
4. End the specification.
```
zonecfg:lx-zone:net> end
```
This step can be performed more than once to add more than one network interface.
Enable an audio device present in the global zone in this zone by using the attr resource type.
```
zonecfg:lx-zone> add attr
```
1. Set the name to audio.
```
zonecfg:lx-zone:attr> set name=audio
```
2. Set the type to boolean.
```
zonecfg:lx-zone:attr> set type=boolean
```
3. Set the value to true.
```
zonecfg:lx-zone:attr> set value=true
```
4. End the attr resource type specification.
```
zonecfg:lx-zone:attr> end
```
Verify the zone configuration for the zone.
```
zonecfg:lx-zone> verify
```
Commit the zone configuration for the zone.
```
zonecfg:lx-zone> commit
```
Exit the zonecfg command.
```
zonecfg:lx-zone> exit
```
Note that even if you did not explicitly type commit at the prompt, a commit is automatically attempted when you type exit or an EOF occurs.

More Information

Using Multiple Subcommands From the Command Line

Tip - The zonecfg command also supports multiple subcommands, quoted and separated by semicolons, from the same shell invocation.

global# zonecfg -z lx-zone "create -t SUNWlx; set zonepath=/export/home/lx-zone"

Where to Go From Here

See Installing and Booting lx Branded ZonesInstalling and Booting Zones to install your committed zone configuration.

Script to Configure Multiple `lx` Branded Zones

You can use this script to configure and boot multiple zones on your system. The script takes the following parameters:

The number of zones to be created
The zonename prefix
The directory to use as the base directory

You must be the global administrator in the global zone to execute the script. The global administrator has superuser privileges in the global zone or assumes the Primary Administrator role.

#!/bin/ksh
#
# Copyright 2006 Sun Microsystems, Inc. All rights reserved.
# Use is subject to license terms.
#
#ident    "%Z%%M%   %I%    %E% SMI"
if [[ -z "$1" || -z "$2" || -z "$3" || -z "$4" ]]; then
    echo "usage: $0 <#-of-zones> <zonename-prefix> <basedir> <template zone>"
    exit 2
fi
if [[ ! -d $3 ]]; then
    echo "$3 is not a directory"
    exit 1
fi
state=`zoneadm -z $4 list -p 2>/dev/null | cut -f 3 -d ":"`
if [[ -z "$state" || $state != "installed" ]]; then
    echo "$4 must be an installed, halted zone"
    exit 1
fi

template_zone=$4

nprocs=`psrinfo | wc -l`
nzones=$1
prefix=$2
dir=$3

ip_addrs_per_if=`ndd /dev/ip ip_addrs_per_if`
if [ $ip_addrs_per_if -lt $nzones ]; then
        echo "ndd parameter ip_addrs_per_if is too low ($ip_addrs_per_if)"
        echo "set it higher with 'ndd -set /dev/ip ip_addrs_per_if <num>"
        exit 1
fi

i=1
while [ $i -le $nzones ]; do
    zoneadm -z $prefix$i clone $template_zone > /dev/null 2>&1
    if [ $? != 0 ]; then
        echo configuring $prefix$i
        F=$dir/$prefix$i.config
        rm -f $F
        echo "create -t SUNWlx" > $F
        echo "set zonepath=$dir/$prefix$i" >> $F
        zonecfg -z $prefix$i -f $dir/$prefix$i.config 2>&1 | \
            sed 's/^/    /g' 
    else
        echo "skipping $prefix$i, already configured"
    fi
    i=`expr $i + 1`
done

i=1
while [ $i -le $nzones ]; do
    j=1
    while [ $j -le $nprocs ]; do
        if [ $i -le $nzones ]; then
            if [ `zoneadm -z $prefix$i list -p | \
                cut -d':' -f 3` != "configured" ]; then
                echo "skipping $prefix$i, already installed"
            else
                echo installing $prefix$i
                mkdir -pm 0700 $dir/$prefix$i
                chmod 700 $dir/$prefix$i
                zoneadm -z $prefix$i install -s -d /path/to/ISOs > /dev/null 2>&1 &
                sleep 1    # spread things out just a tad
            fi
        fi
        i=`expr $i + 1`
        j=`expr $j + 1`
    done
    wait
done

i=1
para=`expr $nprocs \* 2`
while [ $i -le $nzones ]; do
    date
    j=1
    while [ $j -le $para ]; do
        if [ $i -le $nzones ]; then
            echo booting $prefix$i
            zoneadm -z $prefix$i boot &
        fi
        j=`expr $j + 1`
        i=`expr $i + 1`
    done
    wait
done

How to Display the Configuration of a Branded Zone