This shows you the differences between two versions of the page.
solaris:solaris10_06 [2019/06/16 15:16] |
solaris:solaris10_06 [2019/06/16 15:16] (current) |
||
---|---|---|---|
Line 1: | Line 1: | ||
+ | ====== Solaris 10 設定 zone 編 ====== | ||
+ | ===== 準備 ===== | ||
+ | * zone用の領域を作成済みである事。 | ||
+ | |||
+ | 作成するゾーン | ||
+ | ^ ゾーン名 ^ 種類 ^ 格納場所 ^ | ||
+ | |z01|疎ルートゾーン|/export/zone/z01| | ||
+ | |z02|完全ルートゾーン|/export/zone/z02| | ||
+ | |||
+ | ===== ゾーンの作成 ===== | ||
+ | ==== 疎ルートゾーン ==== | ||
+ | === zonecfg === | ||
+ | <code> | ||
+ | # zonecfg -z z01 | ||
+ | z01: No such zone configured | ||
+ | Use 'create' to begin configuring a new zone. | ||
+ | zonecfg:z01> create | ||
+ | zonecfg:z01> | ||
+ | </code> | ||
+ | |||
+ | === ゾーンパスの設定 === | ||
+ | <code> | ||
+ | zonecfg:z01> setzonepath=/export/zone/z01 | ||
+ | </code> | ||
+ | |||
+ | === グローバルゾーン起動時に自動起動設定 === | ||
+ | <code> | ||
+ | zonecfg:z01> set autoboot=true | ||
+ | </code> | ||
+ | |||
+ | === ネットワーク設定 === | ||
+ | <code> | ||
+ | zonecfg:z01> add net | ||
+ | zonecfg:z01:net> set address=192.168.194.201 | ||
+ | zonecfg:z01:net> set physical=e1000g0 | ||
+ | zonecfg:z01:net> set defrouter=192.168.194.2 | ||
+ | zonecfg:z01:net> end | ||
+ | </code> | ||
+ | |||
+ | === 設定確認 === | ||
+ | <code> | ||
+ | zonecfg:z01> verify | ||
+ | zonecfg:z01> commit | ||
+ | zonecfg:z01> exit | ||
+ | # | ||
+ | </code> | ||
+ | |||
+ | === インストール === | ||
+ | <code> | ||
+ | # zoneadm -z z01 install | ||
+ | Preparing to install zone <z01>. | ||
+ | Creating list of files to copy from the global zone. | ||
+ | Copying <7555> files to the zone. | ||
+ | initializing zone product registry. | ||
+ | Determining zone package initialization order. | ||
+ | Preparing to initialize <1202> packages on the zone. | ||
+ | Initializing package <57> of <1202>: percent complete: 4% | ||
+ | (結構時間がかかる) | ||
+ | Initialized <1202> packages on zone. | ||
+ | Zone <z01> is initialized. | ||
+ | The file </export/zone/z01/root/var/sadm/system/logs/install_log> contains a log of the zone installation. | ||
+ | # | ||
+ | </code> | ||
+ | |||
+ | ==== 完全ルートゾーン ==== | ||
+ | === zonecfg === | ||
+ | <code> | ||
+ | # zonecfg -z z02 | ||
+ | z02: No such zone configured | ||
+ | Use 'create' to begin configuring a new zone. | ||
+ | zonecfg:z02> create | ||
+ | zonecfg:z02> | ||
+ | </code> | ||
+ | |||
+ | === ゾーンパスの設定 === | ||
+ | <code> | ||
+ | zonecfg:z02> setzonepath=/export/zone/z02 | ||
+ | </code> | ||
+ | |||
+ | === グローバルゾーン起動時に自動起動無効設定 === | ||
+ | <code> | ||
+ | zonecfg:z02> set autoboot=false | ||
+ | </code> | ||
+ | |||
+ | === ネットワーク設定 === | ||
+ | <code> | ||
+ | zonecfg:z02> add net | ||
+ | zonecfg:z02:net> set address=192.168.194.202 | ||
+ | zonecfg:z02:net> set physical=e1000g0 | ||
+ | zonecfg:z02:net> set defrouter=192.168.194.2 | ||
+ | zonecfg:z02:net> end | ||
+ | </code> | ||
+ | |||
+ | === 完全ルートゾーン化 === | ||
+ | 完全ルートゾーン化にするため、inherit-pkg-dirを削除する | ||
+ | <code> | ||
+ | zonecfg:z02> remove inherit-pkg-dir dir=/lib | ||
+ | zonecfg:z02> remove inherit-pkg-dir dir=/platform | ||
+ | zonecfg:z02> remove inherit-pkg-dir dir=/sbin | ||
+ | zonecfg:z02> remove inherit-pkg-dir dir=/usr | ||
+ | </code> | ||
+ | |||
+ | === 設定確認 === | ||
+ | <code> | ||
+ | zonecfg:z02> verify | ||
+ | zonecfg:z02> commit | ||
+ | zonecfg:z02> exit | ||
+ | # | ||
+ | </code> | ||
+ | |||
+ | === インストール === | ||
+ | <code> | ||
+ | # zoneadm -z z02 install | ||
+ | Preparing to install zone <z02>. | ||
+ | Creating list of files to copy from the global zone. | ||
+ | Copying <150283> files to the zone. | ||
+ | Initializing zone product registry. | ||
+ | Determining zone package initialization order. | ||
+ | Preparing to initialize <1202> packages on the zone. | ||
+ | Initializing package <126> of <1202>: percent complete: 10% | ||
+ | (疎ルートゾーンより更に結構時間がかかる) | ||
+ | Initialized <1202> packages on zone. | ||
+ | Zone <z02> is initialized. | ||
+ | The file </export/zone/z02/root/var/sadm/system/logs/install_log> contains a log of the zone installation. | ||
+ | # | ||
+ | </code> | ||
+ | |||
+ | ===== 初回起動 ===== | ||
+ | 疎ルートゾーン、完全ルートゾーン共に通常のOS設定とほぼ同じ手順で初期設定を行う。ここでは、疎ルートゾーンのz01を例にする。 | ||
+ | |||
+ | ==== コンソール接続 ==== | ||
+ | ゾーンに対してコンソール接続 | ||
+ | <code> | ||
+ | # zlogin -C z01 | ||
+ | [Connected to zone 'z01' console] | ||
+ | </code> | ||
+ | |||
+ | ==== ゾーン起動 ==== | ||
+ | 別の端末からゾーンを起動する | ||
+ | <code> | ||
+ | # zoneadm -z z01 boot | ||
+ | # (プロントは戻る) | ||
+ | </code> | ||
+ | |||
+ | コンソール接続側の画面は下記の通り | ||
+ | <code> | ||
+ | SunOS Release 5.10 Version Generic_138889-08 64-bit | ||
+ | Copyright 1983-2009 Sun Microsystems, Inc. All rights reserved. | ||
+ | Use is subject to license terms. | ||
+ | Hostname: z01 | ||
+ | Loading smf(5) service descriptions: 39/144 | ||
+ | </code> | ||
+ | |||
+ | === 言語設定 === | ||
+ | <code> | ||
+ | Select a Language | ||
+ | |||
+ | 0. English | ||
+ | 1. Japanese | ||
+ | |||
+ | Please make a choice (0 - 1), or press h or ? for help: 0 | ||
+ | </code> | ||
+ | |||
+ | === ターミナル設定 === | ||
+ | <code> | ||
+ | What type of terminal are you using? | ||
+ | 1) ANSI Standard CRT | ||
+ | 2) DEC VT52 | ||
+ | 3) DEC VT100 | ||
+ | 4) Heathkit 19 | ||
+ | 5) Lear Siegler ADM31 | ||
+ | 6) PC Console | ||
+ | 7) Sun Command Tool | ||
+ | 8) Sun Workstation | ||
+ | 9) Televideo 910 | ||
+ | 10) Televideo 925 | ||
+ | 11) Wyse Model 50 | ||
+ | 12) X Terminal Emulator (xterms) | ||
+ | 13) CDE Terminal Emulator (dtterm) | ||
+ | 14) Other | ||
+ | Type the number of your choice and press Return: 3 | ||
+ | </code> | ||
+ | |||
+ | === ネットワーク設定(自動) === | ||
+ | <code> | ||
+ | Creating new rsa public/private host key pair | ||
+ | Creating new dsa public/private host key pair | ||
+ | Configuring network interface addresses: e1000g0. | ||
+ | </code> | ||
+ | |||
+ | === ホスト名設定 === | ||
+ | <code> | ||
+ | - Host Name for e1000g0:1 ----------------------------------------------------- | ||
+ | |||
+ | Enter the host name which identifies this system on the network. The name | ||
+ | must be unique within your domain; creating a duplicate host name will cause | ||
+ | problems on the network after you install Solaris. | ||
+ | |||
+ | A host name must have at least one character; it can contain letters, | ||
+ | digits, and minus signs (-). | ||
+ | |||
+ | |||
+ | Host name for e1000g0:1 z01 | ||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | -------------------------------------------------------------------------------- | ||
+ | F2_Continue F6_Help | ||
+ | </code> | ||
+ | |||
+ | === Kerberos設定 === | ||
+ | <code> | ||
+ | - Configure Security Policy: --------------------------------------------------- | ||
+ | Specify Yes if the system will use the Kerberos security mechanism. | ||
+ | |||
+ | Specify No if this system will use standard UNIX security. | ||
+ | |||
+ | Configure Kerberos Security | ||
+ | --------------------------- | ||
+ | [ ] Yes | ||
+ | [X] No | ||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | ------------------------------------------------------------------------------- | ||
+ | Esc-2_Continue Esc-6_Help | ||
+ | </code> | ||
+ | |||
+ | === Name Service設定 === | ||
+ | <code> | ||
+ | - Name Service ----------------------------------------------------------------- | ||
+ | On this screen you must provide name service information. Select the name | ||
+ | service that will be used by this system, or None if your system will either | ||
+ | not use a name service at all, or if it will use a name service not listed | ||
+ | here. | ||
+ | |||
+ | > To make a selection, use the arrow keys to highlight the option | ||
+ | and press Return to mark it [X]. | ||
+ | |||
+ | |||
+ | Name service | ||
+ | ------------ | ||
+ | [ ] NIS+ | ||
+ | [ ] NIS | ||
+ | [ ] DNS | ||
+ | [ ] LDAP | ||
+ | [X] None | ||
+ | |||
+ | |||
+ | |||
+ | |||
+ | -------------------------------------------------------------------------------- | ||
+ | Esc-2_Continue Esc-6_Help | ||
+ | </code> | ||
+ | |||
+ | === NFS4設定 === | ||
+ | <code> | ||
+ | - NFSv4 Domain Name ------------------------------------------------------------ | ||
+ | NFS version 4 uses a domain name that is automatically derived from the | ||
+ | system's naming services. The derived domain name is sufficient for most | ||
+ | configurations. In a few cases, mounts that cross domain boundaries might | ||
+ | cause files to appear to be owned by "nobody" due to the lack of a common | ||
+ | domain name. | ||
+ | |||
+ | The current NFSv4 default domain is: "" | ||
+ | |||
+ | |||
+ | NFSv4 Domain Configuration | ||
+ | ---------------------------------------------- | ||
+ | [ ] Use the NFSv4 domain derived by the system | ||
+ | [X] Specify a different NFSv4 domain | ||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | -------------------------------------------------------------------------------- | ||
+ | Esc-2_Continue Esc-6_Help | ||
+ | </code> | ||
+ | |||
+ | === NFS4ドメイン設定 === | ||
+ | <code> | ||
+ | - NFSv4 Domain Name ------------------------------------------------------------ | ||
+ | Specify a different NFSv4 domain to override the domain derived by the | ||
+ | system. A valid domain name is composed of a combination of alphanumeric | ||
+ | characters, dots, underscores and dashes only. | ||
+ | |||
+ | NFSv4 Domain Name z01nfs | ||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | -------------------------------------------------------------------------------- | ||
+ | Esc-2_Continue Esc-6_Help | ||
+ | </code> | ||
+ | |||
+ | === タイムゾーン設定 === | ||
+ | Asia -> Japanを選択 | ||
+ | <code> | ||
+ | - Time Zone -------------------------------------------------------------------- | ||
+ | On this screen you must specify your default time zone. You can specify a | ||
+ | time zone in three ways: select one of the continents or oceans from the | ||
+ | list, select other - offset from GMT, or other - specify time zone file. | ||
+ | |||
+ | > To make a selection, use the arrow keys to highlight the option and | ||
+ | press Return to mark it [X]. | ||
+ | |||
+ | |||
+ | Continents and Oceans | ||
+ | ---------------------------------- | ||
+ | - [ ] Africa | ||
+ | x [ ] Americas | ||
+ | x [ ] Antarctica | ||
+ | x [ ] Arctic Ocean | ||
+ | x [ ] Asia | ||
+ | x [ ] Atlantic Ocean | ||
+ | x [ ] Australia | ||
+ | x [ ] Europe | ||
+ | v [ ] Indian Ocean | ||
+ | |||
+ | -------------------------------------------------------------------------------- | ||
+ | Esc-2_Continue Esc-6_Help | ||
+ | </code> | ||
+ | |||
+ | === rootパスワード設定 === | ||
+ | <code> | ||
+ | - Root Password ---------------------------------------------------------------- | ||
+ | Please enter the root password for this system. | ||
+ | |||
+ | The root password may contain alphanumeric and special characters. For | ||
+ | security, the password will not be displayed on the screen as you type it. | ||
+ | |||
+ | > If you do not want a root password, leave both entries blank. | ||
+ | |||
+ | |||
+ | Root password: ******** | ||
+ | Root password: ******** | ||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | -------------------------------------------------------------------------------- | ||
+ | Esc-2_Continue Esc-6_Help | ||
+ | </code> | ||
+ | |||
+ | === 設定終了 === | ||
+ | 自動でゾーンが再起動される。 | ||
+ | <code> | ||
+ | System identification is completed. | ||
+ | |||
+ | rebooting system due to change(s) in /etc/default/init | ||
+ | </code> | ||
+ | |||
+ | ===== システム情報 ===== | ||
+ | ==== 疎ルートゾーン ==== | ||
+ | * 消費ディスク容量 | ||
+ | * 約900Mbyte | ||
+ | * ゾーン格納先の状態 | ||
+ | * /export/zone/z01 | ||
+ | <code> | ||
+ | # ls -al | ||
+ | total 8 | ||
+ | drwx------ 4 root root 512 May 4 20:54 . | ||
+ | drwxr-xr-x 4 root root 512 May 4 19:54 .. | ||
+ | drwxr-xr-x 12 root root 1024 May 4 21:39 dev | ||
+ | drwxr-xr-x 18 root root 512 May 4 21:12 root | ||
+ | # | ||
+ | </code> | ||
+ | |||
+ | * dev以下 | ||
+ | <code> | ||
+ | # pwd | ||
+ | /export/zone/z01/dev | ||
+ | # ls | ||
+ | arp dtrace msglog rdsk syscon ticlts vt00 | ||
+ | conslog dtremote null rmt sysevent ticots zconsole | ||
+ | console fb0 poll sad sysmsg ticotsord zero | ||
+ | cpu fd pool stderr systty tty zfs | ||
+ | crypto kstat ptmx stdin tcp udp | ||
+ | cryptoadm log pts stdout tcp6 udp6 | ||
+ | dsk logindmux random swap term urandom | ||
+ | # | ||
+ | </code> | ||
+ | |||
+ | * root以下 | ||
+ | <code> | ||
+ | # pwd | ||
+ | /export/zone/z01/root | ||
+ | # ls | ||
+ | bin etc home mnt opt proc system usr | ||
+ | dev export lib net platform sbin tmp var | ||
+ | # | ||
+ | </code> | ||
+ | |||
+ | * /etc/vfstab | ||
+ | <code> | ||
+ | #device device mount FS fsck mount mount | ||
+ | #to mount to fsck point type pass at boot options | ||
+ | # | ||
+ | /proc - /proc proc - no - | ||
+ | ctfs - /system/contract ctfs - no - | ||
+ | objfs - /system/object objfs - no - | ||
+ | sharefs - /etc/dfs/sharetab sharefs - no - | ||
+ | fd - /dev/fd fd - no - | ||
+ | swap - /tmp tmpfs - yes - | ||
+ | </code> | ||
+ | |||
+ | * /dev/(r)dsk | ||
+ | * エントリはない | ||
+ | * /etc/path_to_instもない | ||
+ | * ifconfig | ||
+ | <code> | ||
+ | # ifconfig -a | ||
+ | lo0:1: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1 | ||
+ | inet 127.0.0.1 netmask ff000000 | ||
+ | e1000g0:1: flags=201000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4,CoS> mtu 1500 index 2 | ||
+ | inet 192.168.194.201 netmask ffffff00 broadcast 192.168.194.255 | ||
+ | # | ||
+ | </code> | ||
+ | |||
+ | ==== 完全ルートゾーン ==== | ||
+ | * 消費ディスク容量 | ||
+ | * 約4Gbyte | ||
+ | * ゾーン格納先の状態 | ||
+ | * /export/zone/z01 | ||
+ | <code> | ||
+ | # ls -al | ||
+ | total 8 | ||
+ | drwx------ 4 root root 512 May 5 22:18 . | ||
+ | drwxr-xr-x 5 root root 512 May 5 19:34 .. | ||
+ | drwxr-xr-x 12 root root 1024 May 5 22:18 dev | ||
+ | drwxr-xr-x 16 root root 512 May 5 21:28 root | ||
+ | # | ||
+ | </code> | ||
+ | |||
+ | * dev以下 | ||
+ | <code> | ||
+ | # pwd | ||
+ | /export/zone/z02/dev | ||
+ | # ls | ||
+ | arp dtrace msglog rdsk syscon ticlts vt00 | ||
+ | conslog dtremote null rmt sysevent ticots zconsole | ||
+ | console fb0 poll sad sysmsg ticotsord zero | ||
+ | cpu fd pool stderr systty tty zfs | ||
+ | crypto kstat ptmx stdin tcp udp | ||
+ | cryptoadm log pts stdout tcp6 udp6 | ||
+ | dsk logindmux random swap term urandom | ||
+ | # | ||
+ | </code> | ||
+ | |||
+ | * root以下 | ||
+ | <code> | ||
+ | # pwd | ||
+ | /export/zone/z02/root | ||
+ | # ls | ||
+ | bin etc home mnt platform sbin tmp var | ||
+ | dev export lib opt proc system usr | ||
+ | # | ||
+ | </code> | ||
+ | |||
+ | * /etc/vfstab | ||
+ | <code> | ||
+ | # cat /etc/vfstab | ||
+ | #device device mount FS fsck mount mount | ||
+ | #to mount to fsck point type pass at boot options | ||
+ | # | ||
+ | /proc - /proc proc - no - | ||
+ | ctfs - /system/contract ctfs - no - | ||
+ | objfs - /system/object objfs - no - | ||
+ | sharefs - /etc/dfs/sharetab sharefs - no - | ||
+ | fd - /dev/fd fd - no - | ||
+ | swap - /tmp tmpfs - yes | ||
+ | </code> | ||
+ | |||
+ | * /dev/(r)dsk | ||
+ | * エントリはない | ||
+ | * /etc/path_to_instもない | ||
+ | * ifconfig | ||
+ | <code> | ||
+ | # ifconfig -a | ||
+ | lo0:1: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1 | ||
+ | inet 127.0.0.1 netmask ff000000 | ||
+ | e1000g0:1: flags=201000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4,CoS> mtu 1500 index 2 | ||
+ | inet 192.168.194.202 netmask ffffff00 broadcast 192.168.194.255 | ||
+ | </code> | ||
+ | |||
+ | ===== ゾーンの操作 ===== | ||
+ | ==== 初回設定直後 ==== | ||
+ | 自動で再起動され、zlogin -Cを行った端末上でコンソールログイン画面が表示される。 | ||
+ | <code> | ||
+ | [NOTICE: Zone rebooting] | ||
+ | |||
+ | |||
+ | SunOS Release 5.10 Version Generic_138889-08 64-bit | ||
+ | Copyright 1983-2009 Sun Microsystems, Inc. All rights reserved. | ||
+ | Use is subject to license terms. | ||
+ | Hostname: z01 | ||
+ | Reading ZFS config: done. | ||
+ | |||
+ | z01 console login: | ||
+ | </code> | ||
+ | |||
+ | ==== zlogin -Cの接続解除 ==== | ||
+ | zlogin -Cを実行中の端末で以下の操作を行う。 | ||
+ | <code> | ||
+ | ~. | ||
+ | [Connection to zone 'z01' console closed] | ||
+ | # | ||
+ | </code> | ||
+ | |||
+ | ==== ゾーンのシャットダウン ==== | ||
+ | === ゾーンにログインしている状態からの場合 === | ||
+ | <code> | ||
+ | # uname -a | ||
+ | SunOS z01 5.10 Generic_138889-08 i86pc i386 i86pc | ||
+ | # sync | ||
+ | # sync | ||
+ | # init 5 | ||
+ | # svc.startd: The system is coming down. Please wait. | ||
+ | svc.startd: 81 system services are now being stopped. | ||
+ | svc.startd: The system is down. | ||
+ | </code> | ||
+ | |||
+ | === グローバルゾーンからの場合 === | ||
+ | グローバルゾーンでコマンド実行でシャットダウンを行う。 | ||
+ | <code> | ||
+ | # zlogin z01 init 5 | ||
+ | </code> | ||
+ | |||
+ | グローバルゾーンからコマンド実行でシャットダウンを行った場合、ゾーンでは以下のように出力される。 | ||
+ | <code> | ||
+ | svc.startd: The system is coming down. Please wait. | ||
+ | svc.startd: 81 system services are now being stopped. | ||
+ | svc.startd: The system is down. | ||
+ | |||
+ | [NOTICE: Zone halted] | ||
+ | </code> | ||
+ | |||
+ | ==== ゾーンの起動 ==== | ||
+ | === グローバルゾーンでコマンド実行する場合 === | ||
+ | <code> | ||
+ | # zoneadm -z z01 boot | ||
+ | # | ||
+ | </code> | ||
+ | |||
+ | グローバルゾーンでコマンド実行によるゾーンの起動を行った場合、ゾーンでは(zlogin -Cでコンソール接続している場合)は以下のように出力する。 | ||
+ | <code> | ||
+ | [NOTICE: Zone booting up] | ||
+ | |||
+ | |||
+ | SunOS Release 5.10 Version Generic_138889-08 64-bit | ||
+ | Copyright 1983-2009 Sun Microsystems, Inc. All rights reserved. | ||
+ | Use is subject to license terms. | ||
+ | Hostname: z01 | ||
+ | Reading ZFS config: done. | ||
+ | |||
+ | z01 console login: | ||
+ | </code> | ||
+ | |||
+ | ==== ゾーンの一覧表示 ==== | ||
+ | === グローバルゾーンでコマンド実行 === | ||
+ | <code> | ||
+ | # zoneadm list -c -i -v | ||
+ | ID NAME STATUS PATH BRAND IP | ||
+ | 0 global running / native shared | ||
+ | - z01 installed /export/zone/z01 native shared | ||
+ | - z02 installed /export/zone/z02 native shared | ||
+ | # | ||
+ | </code> | ||