Table of Contents

Solaris 10 設定 zone 編

準備

作成するゾーン

ゾーン名 種類 格納場所
z01疎ルートゾーン/export/zone/z01
z02完全ルートゾーン/export/zone/z02

ゾーンの作成

疎ルートゾーン

zonecfg

# zonecfg -z z01
z01: No such zone configured
Use 'create' to begin configuring a new zone.
zonecfg:z01> create
zonecfg:z01>

ゾーンパスの設定

zonecfg:z01> setzonepath=/export/zone/z01

グローバルゾーン起動時に自動起動設定

zonecfg:z01> set autoboot=true

ネットワーク設定

zonecfg:z01> add net
zonecfg:z01:net> set address=192.168.194.201
zonecfg:z01:net> set physical=e1000g0
zonecfg:z01:net> set defrouter=192.168.194.2
zonecfg:z01:net> end

設定確認

zonecfg:z01> verify
zonecfg:z01> commit
zonecfg:z01> exit
#

インストール

# zoneadm -z z01 install
Preparing to install zone <z01>.
Creating list of files to copy from the global zone.
Copying <7555> files to the zone.
initializing zone product registry.
Determining zone package initialization order.
Preparing to initialize <1202> packages on the zone.
Initializing package <57> of <1202>: percent complete: 4%
(結構時間がかかる)
Initialized <1202> packages on zone.
Zone <z01> is initialized.
The file </export/zone/z01/root/var/sadm/system/logs/install_log> contains a log of the zone installation.
#

完全ルートゾーン

zonecfg

# zonecfg -z z02
z02: No such zone configured
Use 'create' to begin configuring a new zone.
zonecfg:z02> create
zonecfg:z02>

ゾーンパスの設定

zonecfg:z02> setzonepath=/export/zone/z02

グローバルゾーン起動時に自動起動無効設定

zonecfg:z02> set autoboot=false

ネットワーク設定

zonecfg:z02> add net
zonecfg:z02:net> set address=192.168.194.202
zonecfg:z02:net> set physical=e1000g0
zonecfg:z02:net> set defrouter=192.168.194.2
zonecfg:z02:net> end

完全ルートゾーン化

完全ルートゾーン化にするため、inherit-pkg-dirを削除する

zonecfg:z02> remove inherit-pkg-dir dir=/lib
zonecfg:z02> remove inherit-pkg-dir dir=/platform
zonecfg:z02> remove inherit-pkg-dir dir=/sbin
zonecfg:z02> remove inherit-pkg-dir dir=/usr

設定確認

zonecfg:z02> verify
zonecfg:z02> commit
zonecfg:z02> exit
#

インストール

# zoneadm -z z02 install
Preparing to install zone <z02>.
Creating list of files to copy from the global zone.
Copying <150283> files to the zone.
Initializing zone product registry.
Determining zone package initialization order.
Preparing to initialize <1202> packages on the zone.
Initializing package <126> of <1202>: percent complete: 10%
(疎ルートゾーンより更に結構時間がかかる)
Initialized <1202> packages on zone.
Zone <z02> is initialized.
The file </export/zone/z02/root/var/sadm/system/logs/install_log> contains a log of the zone installation.
#

初回起動

疎ルートゾーン、完全ルートゾーン共に通常のOS設定とほぼ同じ手順で初期設定を行う。ここでは、疎ルートゾーンのz01を例にする。

コンソール接続

ゾーンに対してコンソール接続

# zlogin -C z01
[Connected to zone 'z01' console]

ゾーン起動

別の端末からゾーンを起動する

# zoneadm -z z01 boot
# (プロントは戻る)

コンソール接続側の画面は下記の通り

SunOS Release 5.10 Version Generic_138889-08 64-bit
Copyright 1983-2009 Sun Microsystems, Inc.  All rights reserved.
Use is subject to license terms.
Hostname: z01
Loading smf(5) service descriptions:  39/144

言語設定

Select a Language

  0. English
  1. Japanese

Please make a choice (0 - 1), or press h or ? for help: 0

ターミナル設定

What type of terminal are you using?
 1) ANSI Standard CRT
 2) DEC VT52
 3) DEC VT100
 4) Heathkit 19
 5) Lear Siegler ADM31
 6) PC Console
 7) Sun Command Tool
 8) Sun Workstation
 9) Televideo 910
 10) Televideo 925
 11) Wyse Model 50
 12) X Terminal Emulator (xterms)
 13) CDE Terminal Emulator (dtterm)
 14) Other
Type the number of your choice and press Return: 3

ネットワーク設定(自動)

Creating new rsa public/private host key pair
Creating new dsa public/private host key pair
Configuring network interface addresses: e1000g0.

ホスト名設定

- Host Name for e1000g0:1 -----------------------------------------------------

  Enter the host name which identifies this system on the network.  The name
  must be unique within your domain; creating a duplicate host name will cause
  problems on the network after you install Solaris.

  A host name must have at least one character; it can contain letters,
  digits, and minus signs (-).


    Host name for e1000g0:1 z01











--------------------------------------------------------------------------------
     F2_Continue    F6_Help 

Kerberos設定

- Configure Security Policy: --------------------------------------------------- 
  Specify Yes if the system will use the Kerberos security mechanism.

  Specify No if this system will use standard UNIX security.

      Configure Kerberos Security
      ---------------------------
      [ ] Yes
      [X] No












 -------------------------------------------------------------------------------
     Esc-2_Continue    Esc-6_Help

Name Service設定

- Name Service ----------------------------------------------------------------- 
  On this screen you must provide name service information.  Select the name
  service that will be used by this system, or None if your system will either
  not use a name service at all, or if it will use a name service not listed
  here.

  > To make a selection, use the arrow keys to highlight the option
    and press Return to mark it [X].


      Name service
      ------------
      [ ] NIS+
      [ ] NIS
      [ ] DNS
      [ ] LDAP
      [X] None




--------------------------------------------------------------------------------
     Esc-2_Continue    Esc-6_Help

NFS4設定

- NFSv4 Domain Name ------------------------------------------------------------ 
  NFS version 4 uses a domain name that is automatically derived from the
  system's naming services. The derived domain name is sufficient for most
  configurations. In a few cases, mounts that cross domain boundaries might
  cause files to appear to be owned by "nobody" due to the lack of a common
  domain name.

  The current NFSv4 default domain is: ""


      NFSv4 Domain Configuration
      ----------------------------------------------
      [ ] Use the NFSv4 domain derived by the system
      [X] Specify a different NFSv4 domain







--------------------------------------------------------------------------------
     Esc-2_Continue    Esc-6_Help

NFS4ドメイン設定

- NFSv4 Domain Name ------------------------------------------------------------ 
  Specify a different NFSv4 domain to override the domain derived by the
  system. A valid domain name is composed of a combination of alphanumeric
  characters, dots, underscores and dashes only.

    NFSv4 Domain Name z01nfs















--------------------------------------------------------------------------------
     Esc-2_Continue    Esc-6_Help

タイムゾーン設定

Asia → Japanを選択

- Time Zone -------------------------------------------------------------------- 
  On this screen you must specify your default time zone.  You can specify a
  time zone in three ways:  select one of the continents or oceans from the
  list, select other - offset from GMT, or other - specify time zone file.

  > To make a selection, use the arrow keys to highlight the option and
    press Return to mark it [X].


      Continents and Oceans
      ----------------------------------
  -   [ ] Africa
  x   [ ] Americas
  x   [ ] Antarctica
  x   [ ] Arctic Ocean
  x   [ ] Asia
  x   [ ] Atlantic Ocean
  x   [ ] Australia
  x   [ ] Europe
  v   [ ] Indian Ocean

--------------------------------------------------------------------------------
     Esc-2_Continue    Esc-6_Help

rootパスワード設定

- Root Password ---------------------------------------------------------------- 
  Please enter the root password for this system.

  The root password may contain alphanumeric and special characters.  For
  security, the password will not be displayed on the screen as you type it.

  > If you do not want a root password, leave both entries blank.


    Root password:  ********
    Root password:  ********










--------------------------------------------------------------------------------
     Esc-2_Continue    Esc-6_Help

設定終了

自動でゾーンが再起動される。

System identification is completed.

rebooting system due to change(s) in /etc/default/init

システム情報

疎ルートゾーン

# ls -al
total 8
drwx------   4 root     root         512 May  4 20:54 .
drwxr-xr-x   4 root     root         512 May  4 19:54 ..
drwxr-xr-x  12 root     root        1024 May  4 21:39 dev
drwxr-xr-x  18 root     root         512 May  4 21:12 root
#
# pwd
/export/zone/z01/dev
# ls
arp        dtrace     msglog     rdsk       syscon     ticlts     vt00
conslog    dtremote   null       rmt        sysevent   ticots     zconsole
console    fb0        poll       sad        sysmsg     ticotsord  zero
cpu        fd         pool       stderr     systty     tty        zfs
crypto     kstat      ptmx       stdin      tcp        udp
cryptoadm  log        pts        stdout     tcp6       udp6
dsk        logindmux  random     swap       term       urandom
#
# pwd
/export/zone/z01/root
# ls
bin       etc       home      mnt       opt       proc      system    usr
dev       export    lib       net       platform  sbin      tmp       var
#
#device         device          mount           FS      fsck    mount   mount
#to mount       to fsck         point           type    pass    at boot options
#
/proc           -               /proc           proc    -       no      -
ctfs            -       /system/contract        ctfs    -       no      -
objfs           -       /system/object  objfs   -       no      -
sharefs         -       /etc/dfs/sharetab       sharefs -       no      -
fd              -               /dev/fd         fd      -       no      -
swap            -               /tmp            tmpfs   -       yes     -
# ifconfig -a
lo0:1: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1
        inet 127.0.0.1 netmask ff000000
e1000g0:1: flags=201000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4,CoS> mtu 1500 index 2
        inet 192.168.194.201 netmask ffffff00 broadcast 192.168.194.255
#

完全ルートゾーン

# ls -al
total 8
drwx------   4 root     root         512 May  5 22:18 .
drwxr-xr-x   5 root     root         512 May  5 19:34 ..
drwxr-xr-x  12 root     root        1024 May  5 22:18 dev
drwxr-xr-x  16 root     root         512 May  5 21:28 root
#
# pwd
/export/zone/z02/dev
# ls
arp        dtrace     msglog     rdsk       syscon     ticlts     vt00
conslog    dtremote   null       rmt        sysevent   ticots     zconsole
console    fb0        poll       sad        sysmsg     ticotsord  zero
cpu        fd         pool       stderr     systty     tty        zfs
crypto     kstat      ptmx       stdin      tcp        udp
cryptoadm  log        pts        stdout     tcp6       udp6
dsk        logindmux  random     swap       term       urandom
#
# pwd
/export/zone/z02/root
# ls
bin       etc       home      mnt       platform  sbin      tmp       var
dev       export    lib       opt       proc      system    usr
#
# cat /etc/vfstab
#device         device          mount           FS      fsck    mount   mount
#to mount       to fsck         point           type    pass    at boot options
#
/proc           -               /proc           proc    -       no      -
ctfs            -       /system/contract        ctfs    -       no      -
objfs           -       /system/object  objfs   -       no      -
sharefs         -       /etc/dfs/sharetab       sharefs -       no      -
fd              -               /dev/fd         fd      -       no      -
swap            -               /tmp            tmpfs   -       yes     
# ifconfig -a
lo0:1: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1
        inet 127.0.0.1 netmask ff000000
e1000g0:1: flags=201000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4,CoS> mtu 1500 index 2
        inet 192.168.194.202 netmask ffffff00 broadcast 192.168.194.255

ゾーンの操作

初回設定直後

自動で再起動され、zlogin -Cを行った端末上でコンソールログイン画面が表示される。

[NOTICE: Zone rebooting]


SunOS Release 5.10 Version Generic_138889-08 64-bit
Copyright 1983-2009 Sun Microsystems, Inc.  All rights reserved.
Use is subject to license terms.
Hostname: z01
Reading ZFS config: done.

z01 console login:

zlogin -Cの接続解除

zlogin -Cを実行中の端末で以下の操作を行う。

~.
[Connection to zone 'z01' console closed]
#

ゾーンのシャットダウン

ゾーンにログインしている状態からの場合

# uname -a
SunOS z01 5.10 Generic_138889-08 i86pc i386 i86pc
# sync
# sync
# init 5
# svc.startd: The system is coming down.  Please wait.
svc.startd: 81 system services are now being stopped.
svc.startd: The system is down.

グローバルゾーンからの場合

グローバルゾーンでコマンド実行でシャットダウンを行う。

# zlogin z01 init 5

グローバルゾーンからコマンド実行でシャットダウンを行った場合、ゾーンでは以下のように出力される。

svc.startd: The system is coming down.  Please wait.
svc.startd: 81 system services are now being stopped.
svc.startd: The system is down.

[NOTICE: Zone halted]

ゾーンの起動

グローバルゾーンでコマンド実行する場合

# zoneadm -z z01 boot
#

グローバルゾーンでコマンド実行によるゾーンの起動を行った場合、ゾーンでは(zlogin -Cでコンソール接続している場合)は以下のように出力する。

[NOTICE: Zone booting up]


SunOS Release 5.10 Version Generic_138889-08 64-bit
Copyright 1983-2009 Sun Microsystems, Inc.  All rights reserved.
Use is subject to license terms.
Hostname: z01
Reading ZFS config: done.

z01 console login:

ゾーンの一覧表示

グローバルゾーンでコマンド実行

# zoneadm list -c -i -v
  ID NAME             STATUS     PATH                           BRAND    IP
   0 global           running    /                              native   shared
   - z01              installed  /export/zone/z01               native   shared
   - z02              installed  /export/zone/z02               native   shared
#