Non-LOFS Zone problem

When I try and create a "root" or non-LOFS zone, it goes through but gives a lot of warnings in the install log about files having changed. I'm creating it on a ZFS filesystem on Solaris 10 x86 06/06. When I log into it on the console, it doesn't ask any of the usual install questions, just drops me to a shell prompt. . No network functions seem to work. I'm using the instructions at http://users.tpg.com.au/adsln4yb/zones.html#zone2 basically.
Any advice would be appreciated
John Holland

You havent specified a netmask.
That might be causing it.
You can specifiy it as address=10.4.105.105/24 or by a separate netmask entry.

Similar Messages

PHP in Solaris 10 and Non-Global Zones: Problem of performance?

Hi friends
We are feeling a poor performance with applications developed with PHP in Solaris 10, with non-global and global zones, while Intel platform (Xeon and Pentium), performance is very good. Difference between both platforms is about 200% aprox, one second in Intel to 9, 12 or 20 seconds in Solaris depending of model.
Our tests were developed in:
1. SF T2000 server Solaris 10 global zone
2. SF T2000 server Solaris 10 non-global zone
3. SF280R server Solaris 10 non-global zone
4. V240 server with 1 GB memory, 1*US III-i 1.0 GHz and Solaris 9 (really this version for test and comparisons)
5. V240 server with 8GB memory, 2*US III-i 1.5Ghz and Solaris 9 (really this version for test and comparisons too)
Intel platforms were:
1. Intel Pentium 4 2GHz 2GB memory, Linux Fedora and PHP 4.4.4
2. Intel Xeon 2 core, 2.33GHz 2GB memory, Linux Fedora and PHP 4.4.3
Versions of products are:
1. Solaris 9 or Solaris 10
2. PHP 4.4.7 downloaded from http://www.php.net/downloads.php
3. Apache 2.0.59
4. MySQL 4.1.15-log
Our php compilation and installation were:
./configure --prefix=/usr/local/php-4.4.7 \
--with-pear \
--with-openssl=/usr/local/ssl \
--with-gettext \
--with-ldap=/usr/local \
--with-iconv \
--enable-ftp \
--with-dom \
--with-mime-magic \
--enable-mbstring \
--with-zlib \
--enable-track-vars \
--enable-sigchild \
--disable-ctype \
--disable-overload \
--disable-tokenizer \
--disable-posix \
--with-gd \
--with-apxs2=/usr/local/apache2.0.53/bin/apxs \
--with-mysql \
--with-pgsql \
--with-oci8=/oracle/product/9.2.0 \
--with-oracle=/oracle/product/9.2.0 \
--with-png-dir=/usr/local \
--with-zlib-dir=/usr/local \
--with-freetype-dir=/usr/local \
--with-jpeg-dir=/usr/local
make
make install
Questions:
Is there any problem of PHP with SunFire T2000 servers or 64-bits platforms?
Is there any flag of PHP would be use to compilarion PHP in 64-bits or multithread?
I wait for any comments or suggestions about our problem with PHP compilation and performance in Solaris 10. Thanks a lot.
Sergio.

I presume you compiled php on the Sun server, was this done using gcc or the Sun One C compiler.
If the latter then you can also use the flag: --enable-nonportable-atomics when you run configure

Problem with exporting devices to non-global zone

Hi,
I've problem with exporting devices to my solaris zones (i try do add support to mount /dev/lofi/* in my non-global zone).
A create cfg for my zone.
Here it is:
$ zonecfg -z sapdev info
zonename: sapdev
zonepath: /export/home/zones/sapdev
brand: native
autoboot: true
bootargs:
pool:
limitpriv: default,sys_time
scheduling-class:
ip-type: shared
fs:
dir: /sap
special: /dev/dsk/c1t44d0s0
raw: /dev/rdsk/c1t44d0s0
type: ufs
options: []
net:
address: 194.29.128.45
physical: ce0
device
match: /dev/lofi/1
device
match: /dev/rlofi/1
device
match: /dev/lofi/2
device
match: /dev/rlofi/2
attr:
name: comment
type: string
value: "This is SAP developement zone"
global# lofiadm
Block Device File
/dev/lofi/1 /root/SAP_DB2_9_LUW.iso
/dev/lofi/2 /usr/tmp/fsfile
I reboot the non-global zone, even reboot global-zone, and after that, in sapdev zone, there is no /dev/*lofi/* files.
What i do wrong? Maybe I reduce my sol 10 u4 sparc instalation too much.
Can anybody help me?
Thanks for help,
Marek

I experienced the same problem on my system Sol 10 08/07.
Normally, when the zone enters the READY state during boot, it's zoneadmd will run devfsadm -z <zone>. In my understanding this is to create the necessary device files in ZONEPATH/dev.
This worked well until recently. Now only the directories are still created.
It seems as if devfsadm -z is broken. Somebody should issue a call to sun.
As a workaround you can easily copy the device files into the zone. It is important not to copy the symbolic link but the target.
# cp /dev/lofi/1 ZONEPATH/dev/lofi
Hope this helps,
Konstantin Gremliza

Problem to migrate a non-global zone to a different machine.

Hi, recently, I had try to migrate a non-global zone to a different machine but its doesnt work.
1. First, this is the structure of my machine with my non-global zone:
host1# uname -a
SunOS testsolaris 5.11 snv_101b i86pc i386 i86pc
host1# zfs list
NAME USED AVAIL REFER MOUNTPOINT
big-zone 1.71G 1.64G 20K /big-zone
big-zone/export 1.71G 1.64G 22K /big-zone/export
big-zone/export/big-zone 1.67G 1.64G 21K /big-zone/export/big-zon e
big-zone/export/big-zone/ROOT 1.67G 1.64G 18K legacy
big-zone/export/big-zone/ROOT/zbe 1.67G 1.64G 1.66G legacy
big-zone/export/zonetest 41.8M 1.64G 21K /big-zone/export/zonetes t
big-zone/export/zonetest/ROOT 41.8M 1.64G 18K legacy
big-zone/export/zonetest/ROOT/zbe 41.8M 1.64G 1.66G /big-zone/export/zonetes t/root
rpool 8.35G 7.28G 72K /rpool
rpool/ROOT 6.86G 7.28G 18K legacy
rpool/ROOT/opensolaris 6.86G 7.28G 6.73G /
rpool/dump 575M 7.28G 575M -
rpool/export 375M 7.28G 21K /export
rpool/export/home 18K 7.28G 18K /export/home
rpool/export/small-zone 375M 7.28G 21K /export/small-zone
rpool/export/small-zone/ROOT 375M 7.28G 18K legacy
rpool/export/small-zone/ROOT/zbe 375M 7.28G 375M legacy
rpool/swap 575M 7.78G 56.8M -
2. In second, I had detach my non-global zone zonetest whit this commands :
host1# zoneadm z zonetest halt
host1# zoneadm z zonetest detach
3. In third, I had move my zonepath to my new host.
host1# cd /big-zone/export
host1# tar cf zonetest.tar zonetest
host1# sftp jay@new-host
host1# put zonetest.tar
Uploading .
host1# quit
4. Unpack my .tar file
host2# cd /big-zone/export
host2# tar xf zonetest.tar
So, after this, I think that my zonepath is transfert to my new host.
This is the structure of my new host :
jay@alien:~$ uname -a
SunOS alien 5.11 snv_101b i86pc i386 i86pc Solaris
jay@alien:~$ zfs list
NAME USED AVAIL REFER MOUNTPOINT
rpool 18.3G 73.3G 72K /rpool
rpool/ROOT 2.98G 73.3G 18K legacy
rpool/ROOT/opensolaris 2.98G 73.3G 2.85G /
rpool/dump 1023M 73.3G 1023M -
rpool/export 13.3G 73.3G 19K /export
rpool/export/home 13.3G 73.3G 19K /export/home
rpool/export/home/jay 13.3G 73.3G 13.3G /export/home/jay
rpool/swap 1023M 73.9G 321M -
zdata 10.7G 80.8G 9.65G /zdata
zdata/zones 1.08G 80.8G 18K /zdata/zones
zdata/zones/zonetest 1.08G 80.8G 1.08G /big-zone/export/
*I have a mountpoint to /big-zone/export
5. I had try to configure my zone on my new host and I receive and error message:
host2# zonecfg -z zonetest
zonetest: No such zone configured
Use 'create' to begin configuring a new zone.
zonecfg:zonetest> create -a /big-zone/export/zonetest
invalid path to detached zone
zonecfg:zonetest>

And my new big-zone (on the second host) show this in the /big-zone/export/zonetest folder :
jay@alien:/zdata/zones# zfs list
NAME USED AVAIL REFER MOUNTPOINT
rpool 23.5G 68.0G 72K /rpool
rpool/ROOT 6.31G 68.0G 18K legacy
rpool/ROOT/opensolaris 6.31G 68.0G 6.18G /
rpool/dump 1023M 68.0G 1023M -
rpool/export 15.2G 68.0G 19K /export
rpool/export/home 15.2G 68.0G 19K /export/home
rpool/export/home/jay 15.2G 68.0G 15.2G /export/home/jay
rpool/swap 1023M 68.6G 361M -
zdata 11.6G 79.9G 10.7G /zdata
zdata/zones 921M 79.9G 18K /zdata/zones
zdata/zones/web 921M 79.9G 21K /zdata/zones/web
zdata/zones/web/ROOT 921M 79.9G 18K legacy
zdata/zones/web/ROOT/zbe 921M 79.9G 921M legacy
zdata/zones/zonetest 54K 79.9G 18K /big-zone/export/zonetest
zdata/zones/zonetest/ROOT 36K 79.9G 18K legacy
zdata/zones/zonetest/ROOT/zbe 18K 79.9G 18K legacy
jay@alien:/zdata/zones/zonetest# pwd
/zdata/zones/zonetest
jay@alien:/zdata/zones/zonetest# ls -ls
total 6
3 drwxr-xr-x 2 root sys 2 Feb 8 2009 dev
3 drwxr-xr-x 16 root root 19 Feb 8 2009 root
jay@alien:/zdata/zones/zonetest# cd root
jay@alien:/zdata/zones/zonetest/root# ls -ls
total 52902
1 lrwxrwxrwx 1 root root 9 Feb 1 20:29 bin -> ./usr/bin
3 drwxr-xr-x 13 root sys 15 Feb 8 2009 dev
11 drwxr-xr-x 55 root sys 168 Feb 8 2009 etc
3 dr-xr-xr-x 2 root root 2 Jan 22 16:26 home
15 drwxr-xr-x 9 root bin 241 Feb 4 2009 lib
3 drwxr-xr-x 2 root sys 2 Jan 22 16:23 mnt
3 dr-xr-xr-x 2 root root 2 Jan 22 16:26 net
3 drwxr-xr-x 4 root sys 4 Jan 24 15:26 opt
3 dr-xr-xr-x 2 root root 2 Jan 22 16:23 proc
3 drwx------ 3 root root 7 Feb 6 2009 root
5 drwxr-xr-x 2 root sys 47 Jan 22 16:24 sbin
3 drwxr-xr-x 4 root root 4 Jan 22 16:23 system
3 drwxrwxrwt 2 root sys 2 Feb 8 2009 tmp
5 drwxr-xr-x 30 root sys 42 Feb 6 2009 usr
3 drwxr-xr-x 32 root sys 32 Feb 6 2009 var
52835 -rw-r--r-- 1 root root 42882560 Jan 22 16:35 webmin-1.441.pkg
jay@alien:/zdata/zones/zonetest/root#
I think my problem is there ...
jay@alien:/big-zone/export/zonetest# pwd
/big-zone/export/zonetest
jay@alien:/big-zone/export/zonetest# ls -ls
total 8
2 ---------- 1 root root 114 Dec 31 1969 @LongLink
3 drwxr-xr-x 2 root root 2 Feb 1 21:10 root
3 drwx------ 4 root root 4 Feb 1 21:10 zonetest
jay@alien:/big-zone/export/zonetest# cd zonetest/
jay@alien:/big-zone/export/zonetest/zonetest# ls -ls
total 6
3 drwxr-xr-x 2 root sys 2 Feb 8 2009 dev
3 drwxr-xr-x 4 root root 5 Feb 1 21:10 root
jay@alien:/big-zone/export/zonetest/zonetest# cd root
jay@alien:/big-zone/export/zonetest/zonetest/root# ls -ls
total 7
1 lrwxrwxrwx 1 root root 9 Feb 1 21:10 bin -> ./usr/bin
3 drwxr-xr-x 4 root root 4 Jan 22 16:23 system
3 drwxr-xr-x 23 root sys 28 Feb 1 21:11 usr
I think I have a problem with my zfs mountpoint but I don't how to resolve this.
Edited by: jaymachine on Feb 26, 2009 6:16 PM

Non-global zone installation problem

I have created a non-global zone sqa45-zone as follows:
zonecfg -z sqa45-zone
zonecfg:sqa45-zone> info
zonepath: /export/home/zones/sqa45-zone
autoboot: false
pool:
inherit-pkg-dir:
dir: /lib
inherit-pkg-dir:
dir: /platform
inherit-pkg-dir:
dir: /sbin
inherit-pkg-dir:
dir: /usr
net:
address: 10.4.105.105
physical: bge0
zonecfg:sqa45-zone> exit
When I try to install the zone, this is the error message I see.
sqa45# zoneadm -z sqa45-zone install
could not verify net address=10.4.105.105 physical=bge0: No such device or address
zoneadm: zone sqa45-zone failed to verify
sqa45#
I'm not sure how I can correct this. Any help is appreciated.
Thanks.

You havent specified a netmask.
That might be causing it.
You can specifiy it as address=10.4.105.105/24 or by a separate netmask entry.

Add device cdrom non global zone

Hi All ,
how to add device cdrom to non global zone ?
many thanks

Hi David,
Does your judgement that "you can definitely use a lofs mount to make /usr/local available inside the four zones" hold when /usr/local is an NFS mount in the global zone? James indicated that his /usr/local was an NFS mount, but I don't know if you targeted that specifically, or if you were just responding to the general case.
I have not had any success in performing lofs mounts of NFS mounts and making them visible in a local zone. I don't have any problems making a lofs mount of a NFS mount work in the global zone, I just can't NFS mount anything in the global zone and make it accessible in a local zone.
See http://www.opensolaris.org/jive/thread.jspa?threadID=2181&tstart=0 for a full description of what I tried and what happened. The short result is that when I try, accessing that directory in the local zone gives "I/O error" for file operations and "Not owner" for df.
Thanks,
Dab

Non-global zones and unix sockets

Hello, I have a problem with local zones and unix socket sharing. I've created directory in global zone for ex. /zones/shared. Added it to zones via 'add fs, type=lofs' . In one zone I'm putting mysql socket in it and I want that other local zones could use it. Is it possible to share socket between zones?
After all my experiments I'm always getting 'can't connect to mysql ... (146)' , 146 is 'connection refused' error.

These services are off-line in the non-global zone, which is why non of the
rc2.d or rc3.d scripts are being run:
offline Dec_12 svc:/milestone/multi-user-server:default
offline Dec_12 svc:/milestone/multi-user:default
Any idea how to enable these, and why they are offline?
Michael
Created a non-global zone on a Solaris 10 box.
Boots up ok and I can login with zlogin.
It doesn't seem to run any of the scripts in
/etc/rc2.d or /etc/rc3.d
I know Solaris 10 uses "Service Management Facility"
for most services now,
but could still run legacy scripts in /etc/init.d ?
Also I can't get sshd to start on the non-global
zone.
# svcs -a |grep ssh2
offline 11:44:58 svc:/network/ssh:default
# svcadm enable -t svc:/network/ssh:default
# svcs -a |grep ssh2
offline 11:44:58 svc:/network/ssh:default
Anyone got any ideas?
Michael

Failing to install pkg on non-global zone

(root)@syslog1:~# pkgadd -d . SUNWant
Processing package instance <SUNWant> from </home/iqbala>
Jakarta ANT(sparc) 11.10.0,REV=2005.01.08.05.16
WARNING: Stale lock installed for pkgrm, pkg SUNWaspell quit in remove-initial state.
Removing lock.
Using </> as the package base directory.
## Processing package information.
ERROR: Cannot allocate memory for package object array.
pkgadd: ERROR: memory allocation failure
pkgadd: ERROR: unable to process pkgmap
Installation of <SUNWant> failed (internal error).
No changes were made to the system.
(root)@syslog1:~#
(root)@syslog1:~# zonename
syslog
This non-global zone is capped to 1G phy memory out of 2G total of the T1000
(root)@syslog-global:~# uname -a
SunOS syslog-global 5.10 Generic_137137-09 sun4v sparc SUNW,Sun-Fire-T1000
(root)@syslog-global:~# zoneadm list
global
syslog
(root)@syslog-global:~# zonename
global
(root)@syslog-global:~# zonecfg -z syslog info
zonename: syslog
zonepath: /syslog
brand: native
autoboot: true
bootargs: -m verbose
pool:
limitpriv: default,sys_time
scheduling-class: FSS
ip-type: shared
inherit-pkg-dir:
     dir: /lib
inherit-pkg-dir:
     dir: /platform
inherit-pkg-dir:
     dir: /sbin
inherit-pkg-dir:
     dir: /usr
fs:
     dir: /var/logs
     special: /var/logs
     raw not specified
     type: lofs
     options: []
fs:
     dir: /usr/local
     special: /syslog-local/usr/local
     raw not specified
     type: lofs
     options: []
net:
     address: 192.168.0.114
     physical: aggr1
     defrouter: 192.168.0.1
dedicated-cpu:
     ncpus: 1-8
     importance: 10
capped-memory:
     physical: 1G
     [swap: 512M]
attr:
     name: comment
     type: string
     value: "syslog server"
rctl:
     name: zone.max-swap
     value: (priv=privileged,limit=536870912,action=deny)
(root)@syslog-global:~# prstat -Z
PID USERNAME SIZE RSS STATE PRI NICE TIME CPU PROCESS/NLWP
13118 root 7184K 5952K sleep 1 0 52:00:54 0.5% nco_p_syslog/10
11730 root 162M 123M sleep 59 0 38:51:35 0.1% splunkd/22
7324 root 12M 8280K sleep 59 0 0:58:06 0.0% syslogd/25
266 root 97M 24M sleep 49 0 31:45:02 0.0% poold/8
209 daemon 8104K 3080K sleep 59 0 24:39:56 0.0% rcapd/1
29553 root 2496K 2024K cpu4 59 5 0:00:00 0.0% splunk-optimize/1
21578 root 38M 36M sleep 59 0 0:01:10 0.0% puppetd/2
29554 root 6088K 3712K cpu0 49 0 0:00:00 0.0% prstat/1
24244 root 5760K 3104K sleep 49 0 0:00:00 0.0% bash/1
1024 noaccess 171M 96M sleep 59 0 8:41:32 0.0% java/18
27771 noaccess 189M 100M sleep 1 0 4:44:36 0.0% java/18
274 daemon 3192K 496K sleep 59 0 0:00:00 0.0% statd/1
279 daemon 2816K 576K sleep 60 -20 0:00:00 0.0% nfs4cbd/2
326 root 2304K 40K sleep 59 0 0:00:00 0.0% cimomboot/1
151 root 2576K 344K sleep 59 0 0:00:00 0.0% drd/2
ZONEID NPROC SWAP RSS MEMORY TIME CPU ZONE
3 47 465M 513M 25% 99:54:00 0.7% syslog
0 42 391M 466M 23% 71:04:39 0.1% global
Total: 89 processes, 386 lwps, load averages: 0.21, 0.26, 0.26
Am I hitting a bug?

If your pkg wants to be installed in /usr or another inherit-pkg-dir, it can't because they are share as read-only.
Verify wherer the pkg copies its files.

How to share Global zone CPUs to non global zones

Okay we have a server with 8 CPU`s and 32Gig RAM running Solaris 10 11/06 release.
We have 2 full zones setup in addition to the default global zone. Each of these 2 zones has 3 CPU`s assigned to it leaving 2 CPU`s only used by the gloabl zone so if we were to loose one we would not loose the zones etc.
Now is it possible under Solaris 10 11/06 release to have the 2 non gobal zones have the 3 dedicated CPU`s each and also share 1 CPU each from the 2 CPU`s used by the global zone? All the documentaion I have seen and read does not make this clear but I have read that the new Solaris 10 08/07 release have several new zone commands available?
I know there is FSS but I do not think that can do what we want.
Has anyone done anything like this or able to offer any help.

Yes, there are new features in 08/07 you should consider useful in your configuration. Especially the possibility to restrict physical and virtual memory are important to everyone cause a bad process in zone can consume all the memory of the system, leaving all the zones unusable.
But when it comes to your problem, there is no real help, cause you cannot split cpus, only a much simplified configuration.
A pset still cannot share a cpu with another pset.
What you can do:
You can however make use of the dynamic resource manager in Solaris 10. He can dynamically bind a cpu to either zones on the fly if they need one.
pset.poold.objectives "utilization > 30; utilization < 80;" for eg means if the pset and its cpus is used more the 80% for some time, the a free unbound cpu will be added to the pset on the fly.
Read: http://docs.sun.com/app/docs/doc/817-1592/rmconfig-3?l=en&a=view
In Solaris 07/08 this is easy to configure:
freom [zones-discuss] http://mail.opensolaris.org/pipermail/zones-discuss/2006-August/005105.html
{color:#3366ff}_Dedicated CPUs_
Many existing resource management features have a new, simplified user
interface. For example,
"<a href="http://docs.sun.com/app/docs/doc/817-1592/6mhahuooo?l=en&a=view#gepsd">dedicated-cpus</a>"
re-use the existing
Dynamic
Resource Pools features. But instead of needing many
commands to configure them, configuration can be as simple as:
global# zonecfg -z myzone
zonecfg:myzone> add dedicated-cpu
zonecfg:myzone:dedicated-cpu> set ncpus=1-3
zonecfg:myzone:dedicated-cpu> end
zonecfg:myzone> exit
After using that command, when that Container boots, Solaris:
{color}<ol><li>{color:#3366ff}removes a CPU from the default pool
     {color}</li>
<li>{color:#3366ff}assigns that CPU to a newly created temporary pool
     {color}</li>
<li>{color:#3366ff}associates that Container with that pool, i.e. only schedules
     that Container's processes on that CPU
     {color}</li>
</ol>
{color:#3366ff}
Further, if the load on that CPU
exceeds a default threshold and another CPU can be moved from another
pool, Solaris will do that, up to the maximum configured amount of three CPUs.
Finally, when the Container is stopped, the temporary pool is destroyed
and its CPU(s) are placed back in the default pool.
{color:#000000}
Hope this helps,{color}
{color:#000000}Konstantin Gremliza{color}
{color}

SFTP chroot from non-global zone to zfs pool

Hi,
I am unable to create an SFTP chroot inside a zone to a shared folder on the global zone.
Inside the global zone:
I have created a zfs pool (rpool/data) and then mounted it to /data.
I then created some shared folders: /data/sftp/ipl/import and /data/sftp/ipl/export
I then created a non-global zone and added a file system that loops back to /data.
Inside the zone:
I then did the ususal stuff to create a chroot sftp user, similar to: http://nixinfra.blogspot.com.au/2012/12/openssh-chroot-sftp-setup-in-linux.html
I modifed the /etc/ssh/sshd_config file and hard wired the ChrootDirectory to /data/sftp/ipl.
When I attempt to sftp into the zone an error message is displayed in the zone -> fatal: bad ownership or modes for chroot directory /data/
Multiple web sites warn that folder ownership and access privileges is important. However, issuing chown -R root:iplgroup /data made no difference. Perhaps it is something todo with the fact the folders were created in the global zone?
If I create a simple shared folder inside the zone it works, e.g. /data3/ftp/ipl......ChrootDirectory => /data3/ftp/ipl
If I use the users home directory it works. eg /export/home/sftpuser......ChrootDirectory => %h
FYI. The reason for having a ZFS shared folder is to allow separate SFTP and FTP zones and a common/shared data repository for FTP and SFTP exchanges with remote systems. e.g. One remote client pushes data to the FTP server. A second remote client pulls the data via SFTP. Having separate zones increases security?
Any help would be appreciated to solve this issue.
Regards John

sanjaykumarfromsymantec wrote:
Hi,
I want to do IPC between inter-zones ( commnication between processes running two different zones). So what are the different techniques can be used. I am not interested in TCP/IP ( AF_INET) sockets.Zones are designed to prevent most visibility between non-global zones and other zones. So network communication (like you might use between two physical machines) are the most common method.
You could mount a global zone filesystem into multiple non-global zones (via lofs) and have your programs push data there. But you'll probably have to poll for updates. I'm not certain that's easier or better than network communication.
Darren

Dynamically adding a device to a non-global zone

How can you add a new device to a non-global zone without having
to reboot the zone ? Obviously using zonecfg and then rebooting the
zone works but often rebooting the zone would be very user unfriendly.
In particular we occasionally need to add a new disk mirror in the global
zone and then let the non-global zone have access to it.

So each zone has a /dev tree that's private in <zoneroot>/dev which gets lofs mounted to /dev in the zone. You can mknod a new device in here and it appears instantly in the zone. Use the same major and minor numbers that device has in the global zone. If it's a disk device, make sure to major both the block and character device.
Of course, you want to edit the zone config to make it permanent (though I suspect it may actually be permanent if you mknod the device...)

Unable to add a device (e.g. /dev/cua0) to a non-global zone

Hi,
I've installed solaris 10u4 on a x86 machine with the latest patches, installed with the smpatch utility
The history:
I've installed solaris 10u3 without any patches, a quite minimum installation; I 've created a non-global zone, added a zfs dataset, added networking, add one serial device (/dev/cua0); installed hylafax from blastwave in the created zone using the attached modem on /dev/cua0, all was working fine, except some sendmail issues. Due to issues with samba, which I needed on this machine, I've tried to update the machine, after ending up in dependency hell, due the minimum installation, I gave up. I did a fresh install of solaris 10u4 instead also with latest patches applied with the smpatch utility, the I've created a new zone and want to add the device /dev/cua0 like in the s10u3 installation, but the device doesn't appear in the non-global zone, so I've installed hylafax in the global-zone temporary.
The question, any ideas or workarrounds to bring the async device into a non-global zone again ?
I'm not a newbie in nix like systems (several years with BSD and GNU/Linux), but for solaris I would classify myself as a newbie ;-)
thanks in advance.

Hmm. If that didn't work, then it's possible you're running into a different problem.
But I checked again and this is the one I was thinking of. Toward the bottom, some patches are referenced. I suppose they won't hurt, but I'm worried you're seeing something related to the 'cua' device rather than the general problem of device creation.
http://www.opensolaris.org/jive/thread.jspa?messageID=171187
Darren

Non-global zone in "shutting_down" state.. Hung in this state

Hi.. My server is running in Sol10. It has got two non-global zones hosted in it in which the database is running.
There was some complain from the database team that they were not able to login to the server. When I checked, it the status of the local zones were fine. But when tried to "# zlogin" to them, it got hung. So i tried to " # zlogin -S <zone_name>" and i was able to login in the failsafe mode but not able to execute any command in it. Any command from "uptime", "zfs list", gets hung and i had to forcefully logout.
So I tried to halt the non-global zones first and then boot it. But here, it got stuck in "shutting_down" state.
When tried to kill the processes of the non-global zones using "kill -9", it failed to kill the processes.
so I rebooted the global zone which fixed the issue. But then, 10 days later, the same issue came up.
I followed the same steps to fix the issue but i'm afraid this issue might come up again since i think rebooting the global zone server is a temporary fix.
I logged a call with Oracle Support for this, but the server looks fine from the explorer output that was provided.
Has anyone faced this same problem? What can i do to fix this issue permanantly?

If you encounter the issue again in future, please get a system crash dump by panicing the global zone. This will allow us (support) to review the crash dump and understand why the zone failed to shut down. It will have been waiting on a resource and without the dump there's simply no way to know what or why.
IIRC we recently (with the past month) did a putback of a bug (which I can't find the ID of right now) whereby if a zone doesn't hang on the way down we'll fork a new instance of the zone and leave the old refs in their hung state. So it's worth ensuring that you're running the latest Patchset.

Non-Global Zone Routing

I have a V20z running a global zone on an IANA private network of 172.30.0.x and nic bge0
I also have a non-global zone on a public IP of 207.246.20.169 and nic bge1.
I am unable to ping from one zone to the next via a gateway. Normally the global zone would use a standard gateway for that network and my public network would also use a standard gateway for that network.
What appears to be happening is that despite what is in my /etc/defaultrouter the zone itself is the gateway.
For example, to ping something from either zone which would require the gateway results in:
ICMP Host Unreachable from gateway 'zone name' (zone ip address)
What I want to happen is that the global zone honors the gateway that is normally used in this network and the non-global zone uses/honors the gateway that is normally used in that network.
It doesn't seem to matter if I have the normal internal gateway in my /etc/defaultrouter or if I have the normal public gateway in /etc/defaultrouter or if I have both in /etc/defaultrouter (all in the global zone of course).
Do I need to use routed to achieve this? Am I missing something here?

I hammered the problem out by adding a static route in the global zone:
route add 172.30.0.0 207.246.20.161
Where 207.246.20.161 is my gateway on the public side.
I slapped this into an /etc/init.d script in the global zone and ran it from /etc/rc2.d like the article below suggests:
http://www.sun.com/bigadmin/content/submitted/persistent_routing.html

Non-global zone networking

I've created a non-global zone with a pair of anet devices. I plan to do IPMP inside the non-global zone to manage interface redundancy. The anet config is rather simple -- I have a net0 and net1 whose lower-link's are net2 and net3 respectively.
Inside the zone, it looks like everything is ready to go. My two VNICs are up.
zone# dladm show-link
LINK CLASS MTU STATE OVER
net0 vnic 1500 up ?
net1 vnic 1500 up ?
So I try to plumb them (if I can still use that term).
zone# ipadm create-ip net0
zone# ipadm create-ip net1
zone# ipadm show-if
IFNAME CLASS STATE ACTIVE OVER
lo0 loopback ok yes --
net0 ip down no --
net1 ip down no --
That's strange -- why are they not up?
zone# ifconfig net0 up; ifconfig net1 up
zone# ipadm show-if
IFNAME CLASS STATE ACTIVE OVER
lo0 loopback ok yes --
net0 ip ok yes --
net1 ip ok yes --
Aaah. Much better. Now I can get on with my life.
# ipadm create-ipmp -i net0 -i net1 ipmp0
# ipadm create-addr -T static -a 192.168.1.104/24 ipmp0/v4
So my quesion is why did I have to resort to running an ifconfig up on these interfaces? ifconfig is dead to me -- or so I'd like to think. :)
What is the "right" way to deal with this problem?

Figured this out.
The issue was that I had just done a zlogin to the zone after it was built (which was 3 weeks ago). I had completely forgotten that I had not yet completed the system configuration so the svc:/milestone/config:default service was offline, along with it's many dependancies.
Basically I manually configured the network information before I had told the system config that I was going to do so.
Strange behaviour -- but that's what happens when you don't follow order of operation.

Non-LOFS Zone problem

Similar Messages

Maybe you are looking for