A Solaris Container is the combination of system resource controls and the boundary separation provided by zones. Zones act as completely isolated virtual servers within a single operating system instance. By consolidating multiple sets of application services onto one system and by placing each into isolated virtual server containers, system administrators can reduce cost and provide most of the same protections of separate machines on a single machine [Wikipedia].
Solaris zone is a powerfull virtual server with easy to create, easy to configure, and easy to maintain. In networking technology, we can construct the zone using virtual network intefaces and link aggregation.
Virtual network interface is virtual interface which create and running under datalink layer (layer 2 of OSI layer). VNIC has MAC address from automatic generated MAC address when it created. Using dladm facility to create the vnic.
Link aggregation is integrated of several network interface that are configured together as a single virtual interface. Inside the link aggregation there many network technology can be choosed to support the link availability.
Picture 0x1: Network configuration sample
0x0. Create VNIC and link aggregation at global zone
0x0a Create link aggregation
Check availability of physical interface :
root@global:~# /usr/sbin/dladm
LINK CLASS MTU STATE OVER
net0 phys 1500 up --
net3 phys 1500 unknown --
net2 phys 1500 unknown --
net1 phys 1500 unknown --
We will use the net2 and net3 to be integrated and constructed as single virtual interface as link aggregation :
root@global:~# /usr/sbin/dladm create-aggr -l net2 -l net3 aggr0
root@global:~# /usr/sbin/dladm show-link | grep aggr0
aggr0 aggr 1500 up net2 net3
root@global:~# /usr/sbin/dladm show-link
LINK CLASS MTU STATE OVER
net0 phys 1500 up --
net3 phys 1500 up --
net2 phys 1500 up --
net1 phys 1500 unknown --
aggr0 aggr 1500 up net2 net3
VNIC will be use for zone as dedicated NIC in zone. We create it in global zone. VNIC will be create and running over link aggregation. So the VNIC will run over link aggregation.
root@global:~# /usr/sbin/dladm create-vnic -l aggr0 vnic0
root@global:~# /usr/sbin/dladm show-vnic
LINK OVER SPEED MACADDRESS MACADDRTYPE IDS
vnic0 aggr0 1000 2:8:20:88:2c:fc random VID:0
0x1. Zone creation
root@global:~# /usr/sbin/zonecfg -z testzone
Use 'create' to begin configuring a new zone.
zonecfg:testzone> create
create: Using system default template 'SYSdefault'
ip-type is automatically set as 'exclusive'. And the linkname default set as net0. We will set the linkname using the virtual NIC as created previously. And lower-link set to aggr0.
zonecfg:testzone> select anet linkname=net0
zonecfg:testzone:anet> set linkname=vnic0
zonecfg:testzone:anet> set lower-link=aggr0
zonecfg:testzone:anet> end
zonecfg:testzone> verify
zonecfg:testzone> commit
zonecfg:testzone> exit
Check the configured zone :
root@global:~# /usr/sbin/zoneadm list -vc
ID NAME STATUS PATH BRAND IP
0 global running / solaris shared
- testzone configured /system/zones/testzone solaris excl
root@global:~# /usr/sbin/dladm show-link
LINK CLASS MTU STATE OVER
net0 phys 1500 up --
net3 phys 1500 up --
net2 phys 1500 up --
net1 phys 1500 unknown --
aggr0 aggr 1500 up net2 net3
vnic0 vnic 1500 up aggr0
root@global:~# /usr/sbin/zoneadm -z testzone install
The following ZFS file system(s) have been created:
rpool/VARSHARE/zones/testzone
Progress being logged to /var/log/zones/zoneadm.20180515T063803Z.testzone.install
Image: Preparing at /system/zones/testzone/root.
Install Log: /system/volatile/install.6061/install_log
AI Manifest: /tmp/manifest.xml.EGMV7d
SC Profile: /usr/share/auto_install/sc_profiles/enable_sci.xml
Zonename: testzone
Installation: Starting ...
Creating IPS image
Startup linked: 1/1 done
Installing packages from:
solaris
origin: http://localhost:1008/solaris/93bd496a04d214ef6a2ea344245d827e6f3c5781/
DOWNLOAD PKGS FILES XFER (MB) SPEED
Completed 266/266 53780/53780 477.6/477.6 828k/s
PHASE ITEMS
Installing new actions 71680/71680
Updating package state database Done
Updating package cache 0/0
Updating image state Done
Creating fast lookup database Done
Updating package cache 1/1
Installation: Succeeded
Note: Man pages can be obtained by installing pkg:/system/manual
done.
Done: Installation completed in 906.530 seconds.
Next Steps: Boot the zone, then log into the zone console (zlogin -C)
to complete the configuration process.
Log saved in non-global zone as /system/zones/testzone/root/var/log/zones/zoneadm.20180515T063803Z.testzone.install
root@global:~# /usr/sbin/zoneadm list -vc
ID NAME STATUS PATH BRAND IP
0 global running / solaris shared
- testzone installed /system/zones/testzone solaris excl
root@global:~# /usr/sbin/zoneadm -z testzone boot -m verbose
Choose [F2_Continue] with press F2
Press F2 to continue or type difference zone name
Press F2 to continue
Choose your Timezone, example
UTC->Asia->Indonesia->Java, Sumatra
Keyboard choose default language
Type root password for testzone
F2 to Apply and quit
SC profile successfully generated as:
/etc/svc/profile/sysconfig/sysconfig-20180515-071049/sc_profile.xml
Exiting System Configuration Tool. Log is available at:
/system/volatile/sysconfig/sysconfig.log.7712
Hostname: testzone
testzone console login: root
Password:
May 15 14:29:33 testzone login: ROOT LOGIN /dev/console
Oracle Corporation SunOS 5.11 11.3 November 2017
May 15 14:29:42 testzone sendmail[9068]: My unqualified host name (testzone) unknown; sleeping for retry
root@testzone:~#
root@testzone:~# dladm show-link
LINK CLASS MTU STATE OVER
vnic0 vnic 1500 up ?
By default, IP configured as dhcp. We can modify in running zone or at zonecfg.
root@testzone:~# ipadm
NAME CLASS/TYPE STATE UNDER ADDR
lo0 loopback ok -- --
lo0/v4 static ok -- 127.0.0.1/8
lo0/v6 static ok -- ::1/128
vnic0 ip ok -- --
vnic0/v4 dhcp ok -- 192.168.56.101/24
vnic0/v6 addrconf ok -- fe80::8:20ff:fe0a:2e31/10
Modify the vnic0 and assign static IP address
root@testzone:~# ipadm delete-addr vnic0/v6
root@testzone:~# ipadm delete-addr vnic0/v4
root@testzone:~# ipadm delete-ip vnic0
root@testzone:~# ipadm create-addr -T static -a 192.168.100.20/24 vnic0/zone
root@testzone:~# ipadm
NAME CLASS/TYPE STATE UNDER ADDR
lo0 loopback ok -- --
lo0/v4 static ok -- 127.0.0.1/8
lo0/v6 static ok -- ::1/128
vnic0 ip ok -- --
vnic0/zone static ok -- 192.168.100.20/24
Test ping to global zone :
root@testzone:~# ping 192.168.100.1
192.168.100.1 is alive
Go out to global zone with type ~.
Test ping to testzone from global zone :
root@global:~# ping 192.168.100.20
192.168.100.20 is alive
root@global:~# /usr/sbin/dladm show-link
LINK CLASS MTU STATE OVER
net0 phys 1500 up --
net3 phys 1500 up --
net2 phys 1500 up --
net1 phys 1500 unknown --
aggr0 aggr 1500 up net2 net3
vnic0 vnic 1500 up aggr0
testzone/vnic0 vnic 1500 up aggr0
root@global:~# /usr/sbin/dladm show-vnic
LINK OVER SPEED MACADDRESS MACADDRTYPE IDS
vnic0 aggr0 1000 2:8:20:88:2c:fc random VID:0
testzone/vnic0 aggr0 1000 2:8:20:a:2e:31 random VID:0
/* EOF */
Suwardi
0 comments:
Post a Comment