====== Solaris 10 設定 zone 編 ======
===== 準備 =====
* zone用の領域を作成済みである事。
作成するゾーン
^ ゾーン名 ^ 種類 ^ 格納場所 ^
|z01|疎ルートゾーン|/export/zone/z01|
|z02|完全ルートゾーン|/export/zone/z02|
===== ゾーンの作成 =====
==== 疎ルートゾーン ====
=== zonecfg ===
# zonecfg -z z01
z01: No such zone configured
Use 'create' to begin configuring a new zone.
zonecfg:z01> create
zonecfg:z01>
=== ゾーンパスの設定 ===
zonecfg:z01> setzonepath=/export/zone/z01
=== グローバルゾーン起動時に自動起動設定 ===
zonecfg:z01> set autoboot=true
=== ネットワーク設定 ===
zonecfg:z01> add net
zonecfg:z01:net> set address=192.168.194.201
zonecfg:z01:net> set physical=e1000g0
zonecfg:z01:net> set defrouter=192.168.194.2
zonecfg:z01:net> end
=== 設定確認 ===
zonecfg:z01> verify
zonecfg:z01> commit
zonecfg:z01> exit
#
=== インストール ===
# zoneadm -z z01 install
Preparing to install zone .
Creating list of files to copy from the global zone.
Copying <7555> files to the zone.
initializing zone product registry.
Determining zone package initialization order.
Preparing to initialize <1202> packages on the zone.
Initializing package <57> of <1202>: percent complete: 4%
(結構時間がかかる)
Initialized <1202> packages on zone.
Zone is initialized.
The file contains a log of the zone installation.
#
==== 完全ルートゾーン ====
=== zonecfg ===
# zonecfg -z z02
z02: No such zone configured
Use 'create' to begin configuring a new zone.
zonecfg:z02> create
zonecfg:z02>
=== ゾーンパスの設定 ===
zonecfg:z02> setzonepath=/export/zone/z02
=== グローバルゾーン起動時に自動起動無効設定 ===
zonecfg:z02> set autoboot=false
=== ネットワーク設定 ===
zonecfg:z02> add net
zonecfg:z02:net> set address=192.168.194.202
zonecfg:z02:net> set physical=e1000g0
zonecfg:z02:net> set defrouter=192.168.194.2
zonecfg:z02:net> end
=== 完全ルートゾーン化 ===
完全ルートゾーン化にするため、inherit-pkg-dirを削除する
zonecfg:z02> remove inherit-pkg-dir dir=/lib
zonecfg:z02> remove inherit-pkg-dir dir=/platform
zonecfg:z02> remove inherit-pkg-dir dir=/sbin
zonecfg:z02> remove inherit-pkg-dir dir=/usr
=== 設定確認 ===
zonecfg:z02> verify
zonecfg:z02> commit
zonecfg:z02> exit
#
=== インストール ===
# zoneadm -z z02 install
Preparing to install zone .
Creating list of files to copy from the global zone.
Copying <150283> files to the zone.
Initializing zone product registry.
Determining zone package initialization order.
Preparing to initialize <1202> packages on the zone.
Initializing package <126> of <1202>: percent complete: 10%
(疎ルートゾーンより更に結構時間がかかる)
Initialized <1202> packages on zone.
Zone is initialized.
The file contains a log of the zone installation.
#
===== 初回起動 =====
疎ルートゾーン、完全ルートゾーン共に通常のOS設定とほぼ同じ手順で初期設定を行う。ここでは、疎ルートゾーンのz01を例にする。
==== コンソール接続 ====
ゾーンに対してコンソール接続
# zlogin -C z01
[Connected to zone 'z01' console]
==== ゾーン起動 ====
別の端末からゾーンを起動する
# zoneadm -z z01 boot
# (プロントは戻る)
コンソール接続側の画面は下記の通り
SunOS Release 5.10 Version Generic_138889-08 64-bit
Copyright 1983-2009 Sun Microsystems, Inc. All rights reserved.
Use is subject to license terms.
Hostname: z01
Loading smf(5) service descriptions: 39/144
=== 言語設定 ===
Select a Language
0. English
1. Japanese
Please make a choice (0 - 1), or press h or ? for help: 0
=== ターミナル設定 ===
What type of terminal are you using?
1) ANSI Standard CRT
2) DEC VT52
3) DEC VT100
4) Heathkit 19
5) Lear Siegler ADM31
6) PC Console
7) Sun Command Tool
8) Sun Workstation
9) Televideo 910
10) Televideo 925
11) Wyse Model 50
12) X Terminal Emulator (xterms)
13) CDE Terminal Emulator (dtterm)
14) Other
Type the number of your choice and press Return: 3
=== ネットワーク設定(自動) ===
Creating new rsa public/private host key pair
Creating new dsa public/private host key pair
Configuring network interface addresses: e1000g0.
=== ホスト名設定 ===
- Host Name for e1000g0:1 -----------------------------------------------------
Enter the host name which identifies this system on the network. The name
must be unique within your domain; creating a duplicate host name will cause
problems on the network after you install Solaris.
A host name must have at least one character; it can contain letters,
digits, and minus signs (-).
Host name for e1000g0:1 z01
--------------------------------------------------------------------------------
F2_Continue F6_Help
=== Kerberos設定 ===
- Configure Security Policy: ---------------------------------------------------
Specify Yes if the system will use the Kerberos security mechanism.
Specify No if this system will use standard UNIX security.
Configure Kerberos Security
---------------------------
[ ] Yes
[X] No
-------------------------------------------------------------------------------
Esc-2_Continue Esc-6_Help
=== Name Service設定 ===
- Name Service -----------------------------------------------------------------
On this screen you must provide name service information. Select the name
service that will be used by this system, or None if your system will either
not use a name service at all, or if it will use a name service not listed
here.
> To make a selection, use the arrow keys to highlight the option
and press Return to mark it [X].
Name service
------------
[ ] NIS+
[ ] NIS
[ ] DNS
[ ] LDAP
[X] None
--------------------------------------------------------------------------------
Esc-2_Continue Esc-6_Help
=== NFS4設定 ===
- NFSv4 Domain Name ------------------------------------------------------------
NFS version 4 uses a domain name that is automatically derived from the
system's naming services. The derived domain name is sufficient for most
configurations. In a few cases, mounts that cross domain boundaries might
cause files to appear to be owned by "nobody" due to the lack of a common
domain name.
The current NFSv4 default domain is: ""
NFSv4 Domain Configuration
----------------------------------------------
[ ] Use the NFSv4 domain derived by the system
[X] Specify a different NFSv4 domain
--------------------------------------------------------------------------------
Esc-2_Continue Esc-6_Help
=== NFS4ドメイン設定 ===
- NFSv4 Domain Name ------------------------------------------------------------
Specify a different NFSv4 domain to override the domain derived by the
system. A valid domain name is composed of a combination of alphanumeric
characters, dots, underscores and dashes only.
NFSv4 Domain Name z01nfs
--------------------------------------------------------------------------------
Esc-2_Continue Esc-6_Help
=== タイムゾーン設定 ===
Asia -> Japanを選択
- Time Zone --------------------------------------------------------------------
On this screen you must specify your default time zone. You can specify a
time zone in three ways: select one of the continents or oceans from the
list, select other - offset from GMT, or other - specify time zone file.
> To make a selection, use the arrow keys to highlight the option and
press Return to mark it [X].
Continents and Oceans
----------------------------------
- [ ] Africa
x [ ] Americas
x [ ] Antarctica
x [ ] Arctic Ocean
x [ ] Asia
x [ ] Atlantic Ocean
x [ ] Australia
x [ ] Europe
v [ ] Indian Ocean
--------------------------------------------------------------------------------
Esc-2_Continue Esc-6_Help
=== rootパスワード設定 ===
- Root Password ----------------------------------------------------------------
Please enter the root password for this system.
The root password may contain alphanumeric and special characters. For
security, the password will not be displayed on the screen as you type it.
> If you do not want a root password, leave both entries blank.
Root password: ********
Root password: ********
--------------------------------------------------------------------------------
Esc-2_Continue Esc-6_Help
=== 設定終了 ===
自動でゾーンが再起動される。
System identification is completed.
rebooting system due to change(s) in /etc/default/init
===== システム情報 =====
==== 疎ルートゾーン ====
* 消費ディスク容量
* 約900Mbyte
* ゾーン格納先の状態
* /export/zone/z01
# ls -al
total 8
drwx------ 4 root root 512 May 4 20:54 .
drwxr-xr-x 4 root root 512 May 4 19:54 ..
drwxr-xr-x 12 root root 1024 May 4 21:39 dev
drwxr-xr-x 18 root root 512 May 4 21:12 root
#
* dev以下
# pwd
/export/zone/z01/dev
# ls
arp dtrace msglog rdsk syscon ticlts vt00
conslog dtremote null rmt sysevent ticots zconsole
console fb0 poll sad sysmsg ticotsord zero
cpu fd pool stderr systty tty zfs
crypto kstat ptmx stdin tcp udp
cryptoadm log pts stdout tcp6 udp6
dsk logindmux random swap term urandom
#
* root以下
# pwd
/export/zone/z01/root
# ls
bin etc home mnt opt proc system usr
dev export lib net platform sbin tmp var
#
* /etc/vfstab
#device device mount FS fsck mount mount
#to mount to fsck point type pass at boot options
#
/proc - /proc proc - no -
ctfs - /system/contract ctfs - no -
objfs - /system/object objfs - no -
sharefs - /etc/dfs/sharetab sharefs - no -
fd - /dev/fd fd - no -
swap - /tmp tmpfs - yes -
* /dev/(r)dsk
* エントリはない
* /etc/path_to_instもない
* ifconfig
# ifconfig -a
lo0:1: flags=2001000849 mtu 8232 index 1
inet 127.0.0.1 netmask ff000000
e1000g0:1: flags=201000843 mtu 1500 index 2
inet 192.168.194.201 netmask ffffff00 broadcast 192.168.194.255
#
==== 完全ルートゾーン ====
* 消費ディスク容量
* 約4Gbyte
* ゾーン格納先の状態
* /export/zone/z01
# ls -al
total 8
drwx------ 4 root root 512 May 5 22:18 .
drwxr-xr-x 5 root root 512 May 5 19:34 ..
drwxr-xr-x 12 root root 1024 May 5 22:18 dev
drwxr-xr-x 16 root root 512 May 5 21:28 root
#
* dev以下
# pwd
/export/zone/z02/dev
# ls
arp dtrace msglog rdsk syscon ticlts vt00
conslog dtremote null rmt sysevent ticots zconsole
console fb0 poll sad sysmsg ticotsord zero
cpu fd pool stderr systty tty zfs
crypto kstat ptmx stdin tcp udp
cryptoadm log pts stdout tcp6 udp6
dsk logindmux random swap term urandom
#
* root以下
# pwd
/export/zone/z02/root
# ls
bin etc home mnt platform sbin tmp var
dev export lib opt proc system usr
#
* /etc/vfstab
# cat /etc/vfstab
#device device mount FS fsck mount mount
#to mount to fsck point type pass at boot options
#
/proc - /proc proc - no -
ctfs - /system/contract ctfs - no -
objfs - /system/object objfs - no -
sharefs - /etc/dfs/sharetab sharefs - no -
fd - /dev/fd fd - no -
swap - /tmp tmpfs - yes
* /dev/(r)dsk
* エントリはない
* /etc/path_to_instもない
* ifconfig
# ifconfig -a
lo0:1: flags=2001000849 mtu 8232 index 1
inet 127.0.0.1 netmask ff000000
e1000g0:1: flags=201000843 mtu 1500 index 2
inet 192.168.194.202 netmask ffffff00 broadcast 192.168.194.255
===== ゾーンの操作 =====
==== 初回設定直後 ====
自動で再起動され、zlogin -Cを行った端末上でコンソールログイン画面が表示される。
[NOTICE: Zone rebooting]
SunOS Release 5.10 Version Generic_138889-08 64-bit
Copyright 1983-2009 Sun Microsystems, Inc. All rights reserved.
Use is subject to license terms.
Hostname: z01
Reading ZFS config: done.
z01 console login:
==== zlogin -Cの接続解除 ====
zlogin -Cを実行中の端末で以下の操作を行う。
~.
[Connection to zone 'z01' console closed]
#
==== ゾーンのシャットダウン ====
=== ゾーンにログインしている状態からの場合 ===
# uname -a
SunOS z01 5.10 Generic_138889-08 i86pc i386 i86pc
# sync
# sync
# init 5
# svc.startd: The system is coming down. Please wait.
svc.startd: 81 system services are now being stopped.
svc.startd: The system is down.
=== グローバルゾーンからの場合 ===
グローバルゾーンでコマンド実行でシャットダウンを行う。
# zlogin z01 init 5
グローバルゾーンからコマンド実行でシャットダウンを行った場合、ゾーンでは以下のように出力される。
svc.startd: The system is coming down. Please wait.
svc.startd: 81 system services are now being stopped.
svc.startd: The system is down.
[NOTICE: Zone halted]
==== ゾーンの起動 ====
=== グローバルゾーンでコマンド実行する場合 ===
# zoneadm -z z01 boot
#
グローバルゾーンでコマンド実行によるゾーンの起動を行った場合、ゾーンでは(zlogin -Cでコンソール接続している場合)は以下のように出力する。
[NOTICE: Zone booting up]
SunOS Release 5.10 Version Generic_138889-08 64-bit
Copyright 1983-2009 Sun Microsystems, Inc. All rights reserved.
Use is subject to license terms.
Hostname: z01
Reading ZFS config: done.
z01 console login:
==== ゾーンの一覧表示 ====
=== グローバルゾーンでコマンド実行 ===
# zoneadm list -c -i -v
ID NAME STATUS PATH BRAND IP
0 global running / native shared
- z01 installed /export/zone/z01 native shared
- z02 installed /export/zone/z02 native shared
#