I entered the wonderful world of zones the other day.
I read the chapter in the "OpenSolaris Bible" about zones a while back, and
I've been thinking that setting up a couple of sparse-root zones, and one
whole-root zone would probably be best for our needs.
I wanted the whole-root zone because we have a couple of very old web apps that
require PHP4, and I thought putting them in a whole-root zone would be a good
way to reduce any possibility of an unintended PHP5 install messing things up
with it. Or maybe we might end up needing PHP5 for something, and I thought
this would be a way of being able have both, but in separate zones.
And I thought the sparse-root zones, using the global zone's /lib, /platform,
/sbin, and /usr directories would ease system updates.
I realize that the "OpenSolaris Bible" is old, and so I realize things might
have changed since then... I'm kind of wondering if that's my problem.
I didn't have any significant problems making a whole-root zone, but the
sparse-root zone doesn't seem to want to play out very much like it did in the
OSB.
In the OSB, it showed the Global zone having a "native" brand, and it talked
about how the non-global zones could be either native or ipkg. But in
OpenIndiana, it appears that my Global zone is even ipkg.
OpenIndiana doesn't seem to want to let me make a native branded zone. When I
"set brand=native" in zonecfg, it gives me "unknown brand".
I tried "add inherit-pkg-dir", thinking that would allow me to add the
directories, but it wouldn't let me do that either.
1) Has all this been changed? Are sparse-root zones no longer an option? Or
if they are an option, how do I go about making them?
2) When I boot the zone I have working, I get this:
zone 'webphp4': WARNING: bge0:1: no matching subnet found in netmasks(4):
192.168.0.17; using default of 255.255.255.0.
How do I set the subnet to 255.255.255.0 so I don't get that warning?
3) The OSB says not to edit the config files in the non-global zones from
within the global zone -- to log into the non-global zone, and modify it from
within itself. I'm not real GUI dependent, but I like to have a full desktop
system just for the ease of navigation (nautilus), text editing with gedit, and
things like that. If I have to have all of my zones as whole-root, that'd mean
setting up a lot of extra software in them. Is it really all that bad of a
practice editing the non-global zone config files from the global zone, and
copying files directly into the non-global zones from the global zone, or is
there a more reasonable way of going about it?
4) When I did a "zlogin -C webphp4" it asked me what kind of console I was
using. I selected the first item - I think it was ANSI. It had a real
miserable interface in the program that comes up to configure the new zone.
The fields and stuff didn't show up or navigate very well. I could send you
some screenshots, but if you've run into this, you know what I mean. I managed
to get through it, but does anyone have any suggestions which terminal type to
use from OpenIndiana's gnome-terminal that might look better?
5) Finally, below is the zone info for one of my zones. This would be running
on the least powerful machine we'll have OI running on. It has two processor
cores, and 2GB RAM. I was thinking to have the global zone having one
cpu-share, and three zones with one each. Is that reasonable? And do the rest
of the settings look reasonable? I was trying to take the advice from the OSB.
Any help or advice will be appreciated.
And, as I've told you all before, system admin work isn't my strong suit, so if
my thinking on all of this is messed up, I'd appreciate it if someone would
straighten me out!
Thanks.
Peter, hieromonk
====
myad...@baptist.ds:/# zonecfg -z webphp4 info
zonename: webphp4
zonepath: /zones/webphp4
brand: ipkg
autoboot: true
bootargs:
pool:
limitpriv:
scheduling-class:
ip-type: shared
hostid:
fs-allowed:
[max-lwps: 1000]
[cpu-shares: 1]
net:
address: 192.168.0.17
allowed-address not specified
physical: bge0
defrouter: 192.168.0.1
capped-memory:
physical: 1G
[swap: 1G]
[locked: 10M]
rctl:
name: zone.max-lwps
value: (priv=privileged,limit=1000,action=deny)
rctl:
name: zone.cpu-shares
value: (priv=privileged,limit=1,action=none)
rctl:
name: zone.max-swap
value: (priv=privileged,limit=1073741824,action=deny)
rctl:
name: zone.max-locked-memory
value: (priv=privileged,limit=10485760,action=deny)
myad...@baptist.ds:/#
_______________________________________________
OpenIndiana-discuss mailing list
OpenIndiana-discuss@openindiana.org
http://openindiana.org/mailman/listinfo/openindiana-discuss
