Persistent Resource Config in Non-global Zones
I'm trying to figure out how I can make zone-based resource allocations persist across reboots.
For instance I'm trying --
#prctl -s -t privileged -n zone.max-shm-memory -v 1024MB -i zone z01After making this change, the configuration is verified via prctl. However, it doesn't persist across reboots of the zone.
The project file (/etc/project) is for project SRM configs -- can I put in zone configuration in it. If so, how?
The problem being described was config in the global zone.
However the fix i found out was to put these entries in the zonecfg of the NGZ being configured.
Example --
add rctl
set name=zone.max-swap
add value (priv=privileged,limit=536870912,action=deny)
end
add rctl
set name=zone.max-locked-memory
add value (priv=privileged,limit=268435456,action=deny)
end
add rctl
set name=zone.cpu-shares
add value (priv=privileged,limit=4,action=none)
end
add rctl
set name=zone.max-sem-ids
add value (priv=privileged,limit=256,action=deny)
end
add rctl
set name=zone.max-shm-ids
add value (priv=privileged,limit=100,action=deny)
end
add rctl
set name=zone.max-shm-memory
add value (priv=privileged,limit=4294967296,action=deny)
end
Similar Messages
-
How to retrieve # on-line procs in a non-global zone with resource pool
Is there any way to retrieve the #of on line processors of the machine running in a non global zone with resource pool ?
sysconf does not return this value. In fact this is an excerpt of the man:
"If the caller is in a non-global zone and the pools facility is active, sysconf(_SC_NPROCESSORS_CONF) and sysconf_SC_NPROCESSORS_ONLN) return the number of processors in the processor set of the pool to which the zone is bound."So, from within a local zone that's in a pool (i.e. in a pool with 8 CPUs) , you want to query how many CPUs really exist in the global zone (i.e. the global zone may actually have 16 CPUs)? I don't think that's possible: in fact for security reasons it's probably intentionally disabled.
A quick workaround would be a script/cron-job in the global zone that writes a small file in the filesystem of the local zone... then from within that zone you could read the CPU count.
I'm interested though: what are you trying to set up?
Regards,
[email protected] -
Make non-global zone svcs persistant accross reboots
Q: Solaris 10 services such as telnet will need to be enabled after installation of non-glabal zones. Command "svcs enable telnet" did not leave telnet enabled after rebooting a non-global zone. Any suggestions? Thanks.
Did you do the "svcs enable telnet" while zlogin'ed to the zone.
If so it should have worked. -
Installing multiple MySQLs in Non-Global Zones
Hi all,
We have db01 and db02 physical servers with latest Solaris and Sun Cluster software installed. Each one has the following zones:
db01z001 - db02z001
db01z002 - db02z002
db01z003 - db02z003
db01z004 - db02z004
db01zXXX - db02zXXX
Every zone is installed on zpool zones (on local disks):
root@db01:~$ zpool status zones
pool: zones
state: ONLINE
scrub: none requested
config:
NAME STATE READ WRITE CKSUM
zones ONLINE 0 0 0
mirror ONLINE 0 0 0
c2t0d0 ONLINE 0 0 0
c2t1d0 ONLINE 0 0 0
We want to install and configure a different MySQL application and data service in every pair of non-global zones.
We want to use two SAN logical devices for mysql data:
d3 db02:/dev/rdsk/c4t600508B4000906990001100000E70000d0
d3 db01:/dev/rdsk/c4t600508B4000906990001100000E70000d0
d7 db02:/dev/rdsk/c4t600508B40009069900011000008E0000d0
d7 db01:/dev/rdsk/c4t600508B40009069900011000008E0000d0
Is there any way to use this configuration for N pairs or we can only use 2?
Thanks,
GeorgeHi George,
You might get away creating global monunts, create directories below the mount pint. Now comes the trick, you create HAStoragePlus resources with filesystem_mountpoints=/global_mountmount/mysql1, you must set AffinityOn to false.
This creates a lofs mount into the zone.
I must admit, that I never tried this myself, but it should work. Of cause you will get a performance penalty if you create tables over the wire. Creating tables means creating small files. It is wortha a
It would be better, if you would have more and smaller luns, so that you could restrict on lun to a pair of zones.
Kind Regards
Detlef -
How to enable GUI in a non global zone in solaris11?
How to enable graphical logon in a non global zone in solaris11, so the zone can be login by Xmanager? Thanks!
This guide will cover how to setup a basic VNC connection to a Solaris 11 machine. There is also an optional step to allow for persistent VNC connections.
Step 1
Configure GDM to include ‘[security] DisallowTCP=false’ and ‘[xdmcp] Enable=true’.
$ sudo gedit /etc/gdm/custom.conf
# GDM configuration storage
[daemon]
[security]
DisallowTCP=false
[xdmcp]
Enable=true
[greeter]
[chooser]
[debug]
Step 2
Configure X-Server to accept remote connections.
# svccfg -s application/x11/x11-server
svc:/application/x11/x11-server> setprop options/tcp_listen = boolean: true
svc:/application/x11/x11-server> end
Step 3
Configure the VNC service (you could change the ‘-geometry 1280×720′ to whatever resolution you would like).
# svccfg -s xvnc-inetd
svc:/application/x11/xvnc-inetd> setprop inetd_start/exec = astring: "/usr/bin/Xvnc -desktop sol11:0 -geometry 1024x768 -inetd -query localhost -once securitytypes=none"
svc:/application/x11/xvnc-inetd> setprop inetd/wait = boolean: true
svc:/application/x11/xvnc-inetd> end
** The line highlighted red is optional – only do this if you want your VNC connection to persist (as well as any potential security issues)
or
# svccfg -s xvnc-inetd
svc:/application/x11/xvnc-inetd> editprop
search for # setprop inetd_start/exec = astring: "/usr/bin/Xvnc
copy the line, uncomment the copy, makethe changes above, write the file out.
svcadm refresh xvnc-inetd
Step 4
Disable and the re-enable the GDM and VNC-inetd services for the changes to take effect.
$ su root
Password:
# svcadm disable gdm xvnc-inetd; svcadm enable gdm xvnc-inetd
If still in maintenance, reboot (I had to, don't know why).
Step 5
Point your favourite VNC client at your Solaris server and test if it accepts your VNC connection – you should be presented with a Username/Password login screen.
If you performed the optional step to make your connections persist – close your favourite VNC client and then reconnect – if you remained logged in you have a persistent connections.
Greg on said:
After a fresh text install of Solaris-11 (11/11) both xvnc-inetd and gdm are not present. After installing them (# pkg install xvnc-inetd gdm) I can’t get gdm to start:
# svcadm enable gdm
# svcs gdm
offline 10:24:03 svc:/application/graphical-login/gdm:default
Any thoughts?
Ron on said:
You are missing some X packages. Do the following:
pkg install slim_install # installs 400+ packages
svcadm enable gdm && exit # gdm now works
pkg uninstall slim_install # uninstalls the installer package only -
LDAP Client Configuration in Non Global Zone
I have configured 3 non global zones (different ip addresses and different names from global zone), installed LDAP client 2 on each, which worked fine, until the zones were rebooted. The ldapcachemgr was running, but authentication does not work--have to reinstall ldapclient each time.
Does anyone have any suggestions?Here are a few things to check:
1. /var/ldap/ldap_client_file - Does it have the info you're expecting? If not, it could be the config profile in the Direcotry Server is incorrect.
2. /etc/nsswitch.conf - Is it configured correctly?
3. /etc/pam.conf - Is that configured correctly?
4. If the above files appear OK, check the access logs on the Directory Server.
HTH,
Roger S. -
Dynamically adding a device to a non-global zone
How can you add a new device to a non-global zone without having
to reboot the zone ? Obviously using zonecfg and then rebooting the
zone works but often rebooting the zone would be very user unfriendly.
In particular we occasionally need to add a new disk mirror in the global
zone and then let the non-global zone have access to it.So each zone has a /dev tree that's private in <zoneroot>/dev which gets lofs mounted to /dev in the zone. You can mknod a new device in here and it appears instantly in the zone. Use the same major and minor numbers that device has in the global zone. If it's a disk device, make sure to major both the block and character device.
Of course, you want to edit the zone config to make it permanent (though I suspect it may actually be permanent if you mknod the device...) -
Non-global zone network configuration
Hi,
Zones are a new thing for me so please excuse me if this is a basic query... I have recently jumpstarted a system using a jumpstart script that was developed by somebody else. It creates two non-global zones and configures their network interfaces.
I have unplumbed one of the virtual interfaces for a particular zone because the IP address it was using is actually being used by another system on the network. However, when I reboot the zone, the interface is re-assigned the same IP address again. The IP address in question is not in /etc/hosts on any of the zones, and in the non-global zones the "hostname.<interface>" files do not exist at all. Also, the IP address is not in sysidcfg in any of the zones.
So basically, interface e1000g0:2 is being assigned an IP address that was configured by the jumpstart script, so perhaps the jumpstart script has placed that IP address in some file that is read when the zone is booting. I have even checked rc scripts just in case but I cannot find the IP address anywhere. Would anybody please be able to tell me where the configuration information could be coming from in this scenario (nsswitch.conf specifies only files).
Thank you in advance...its in the zone config.
zonecfg -z <zone in question> info
it should list a net address and physical device. you can then use:
zonecfg -z <zone in question>
from here you can remove the net statements, or change the address if you want to keep using the net card in your zone. -
Non-global zone in "shutting_down" state.. Hung in this state
Hi.. My server is running in Sol10. It has got two non-global zones hosted in it in which the database is running.
There was some complain from the database team that they were not able to login to the server. When I checked, it the status of the local zones were fine. But when tried to "# zlogin" to them, it got hung. So i tried to " # zlogin -S <zone_name>" and i was able to login in the failsafe mode but not able to execute any command in it. Any command from "uptime", "zfs list", gets hung and i had to forcefully logout.
So I tried to halt the non-global zones first and then boot it. But here, it got stuck in "shutting_down" state.
When tried to kill the processes of the non-global zones using "kill -9", it failed to kill the processes.
so I rebooted the global zone which fixed the issue. But then, 10 days later, the same issue came up.
I followed the same steps to fix the issue but i'm afraid this issue might come up again since i think rebooting the global zone server is a temporary fix.
I logged a call with Oracle Support for this, but the server looks fine from the explorer output that was provided.
Has anyone faced this same problem? What can i do to fix this issue permanantly?If you encounter the issue again in future, please get a system crash dump by panicing the global zone. This will allow us (support) to review the crash dump and understand why the zone failed to shut down. It will have been waiting on a resource and without the dump there's simply no way to know what or why.
IIRC we recently (with the past month) did a putback of a bug (which I can't find the ID of right now) whereby if a zone doesn't hang on the way down we'll fork a new instance of the zone and leave the old refs in their hung state. So it's worth ensuring that you're running the latest Patchset. -
I've created a non-global zone with a pair of anet devices. I plan to do IPMP inside the non-global zone to manage interface redundancy. The anet config is rather simple -- I have a net0 and net1 whose lower-link's are net2 and net3 respectively.
Inside the zone, it looks like everything is ready to go. My two VNICs are up.
zone# dladm show-link
LINK CLASS MTU STATE OVER
net0 vnic 1500 up ?
net1 vnic 1500 up ?
So I try to plumb them (if I can still use that term).
zone# ipadm create-ip net0
zone# ipadm create-ip net1
zone# ipadm show-if
IFNAME CLASS STATE ACTIVE OVER
lo0 loopback ok yes --
net0 ip down no --
net1 ip down no --
That's strange -- why are they not up?
zone# ifconfig net0 up; ifconfig net1 up
zone# ipadm show-if
IFNAME CLASS STATE ACTIVE OVER
lo0 loopback ok yes --
net0 ip ok yes --
net1 ip ok yes --
Aaah. Much better. Now I can get on with my life.
# ipadm create-ipmp -i net0 -i net1 ipmp0
# ipadm create-addr -T static -a 192.168.1.104/24 ipmp0/v4
So my quesion is why did I have to resort to running an ifconfig up on these interfaces? ifconfig is dead to me -- or so I'd like to think. :)
What is the "right" way to deal with this problem?Figured this out.
The issue was that I had just done a zlogin to the zone after it was built (which was 3 weeks ago). I had completely forgotten that I had not yet completed the system configuration so the svc:/milestone/config:default service was offline, along with it's many dependancies.
Basically I manually configured the network information before I had told the system config that I was going to do so.
Strange behaviour -- but that's what happens when you don't follow order of operation. -
FilesystemMountPoints for ufs disks mounted to non-global zones
Hello,
I have a SAN ufs disk to be used as a failover storage, mounted to non-global zones (NGZ).
Solaris 10 nodes using Cluster 3.2
I'm looking for the correct value for the property FilesystemMountPoints and the vfstab entry required for a failover disk mounted to a NGZ.
Should the path NOT include the NGZ root path?
From the man page for SUNW.HAStoragePlus, for the property FilesystemMountPoints:
You can specify both the path in a non-global zone and the path in a global zone, in this format:
Non-GlobalZonePath:GlobalZonePath
The global zone path is optional. If you do not specify a global zone path, Sun Cluster assumes that the path in
the non-global zone and in the global zone are the same. If you specify the path as
Non-GlobalZonePath:GlobalZonePath, you must specify Global-ZonePath in the global zone's /etc/vfstab.
The default setting for this property is an empty list.
You can use the SUNW.HAStoragePlus resource type to make a file system available to a non-global zone. To enable
the SUNW.HAStoragePlus resource type to do this, you must create a mount point in the global zone and in the
non-global zone. The SUNW.HAStoragePlus resource type makes the file system available to the non-global zone
by mounting the file system in the global zone. The resource type then performs a loopback mount in the
non-global zone.
Each file system mount point should have an equivalent entry in /etc/vfstab on all cluster nodes and in all
global zones. The SUNW.HAStoragePlus resource type does not check /etc/vfstab in non-global zones.
SUNW.HAStoragePlus resources that specify local file systems can only belong in a failover resource group
with affinity switchovers enabled. These local file systems can therefore be termed failover file systems. You
can specify both local and global file system mounts points at the same time.
Any file system whose mount point is present in the FilesystemMountPoints extension property is assumed to
be local if its /etc/vfstab entry satisfies both of the following conditions:
1. The non-global mount option is specified.
2. The "mount at boot" field for the entry is set to "no."
In my situation, I want to mount the disk to /mysql_data on the NGZ called ftp_zone. So, which is the correct setup?
a. FilesystemMountPoints=/mysql_data:/zones/ftp_zone/root/mysql_data
Global zone vfstab entry /dev/md/ftpabin/dsk/d110 /dev/md/ftpabin/rdsk/d110 /zones/ftp_zone/root/mysql_data ufs 1 no logging
NGZ mount point /mysql_data
OR
b. FilesystemMountPoints=/mysql_data:/mysql_data (can be condensed to simply /mysql_data)
Global zone vfstab entry /dev/md/ftpabin/dsk/d110 /dev/md/ftpabin/rdsk/d110 /mysql_data ufs 1 no logging
NGZ mount point /mysql_data
Should the path NOT include the NGZ root path?
And should the fsck pass # be 1 or 2?
Looking at this example from p. 26 of
http://wikis.sun.com/download/attachments/24543510/820-4690.pdf
This example doesn't mention the entry in vfstab.
Create a resource group that can holds services in nodea zonex and nodeb zoney
nodea# clresourcegroup create -n nodea:zonex,nodeb:zoney test-rg
Make sure the HAStoragePlus resource is registered
nodea# clresourcetype register SUNW.HAStoragePlus
Now add a UFS [or VxFS] fail-over file system: mount /bigspace1 to failover/export/install in NGZ
nodea# clresource create -t SUNW.HAStoragePlus -g test-rg \
-p FilesystemMountPoints=/fail-over/export/install:/bigspace1 \
ufs-hasp-rs
Thank you!Hi,
/zones/oracle-z is my root directory of the zone.
* add the device to the zone :
root@mpbxapp1 # zonecfg -z oracle-z
zonecfg:oracle-z> add device
zonecfg:oracle-z:device> set match=/dev/global/dsk/d12s0
zonecfg:oracle-z:device> end
zonecfg:oracle-z> add device
zonecfg:oracle-z:device> set match=/dev/global/rdsk/d12s0
zonecfg:oracle-z:device> end
zonecfg:oracle-z> exit
* add FS to NGZ's /etc/vfstab : ( You may omit this step, I don't know why but it works without this step :) )
root@mpbxapp1 # vi /zones/oracle-z/root/etc/vfstab
/dev/global/dsk/d12s0 /dev/global/rdsk/d12s0 /global/oracle ufs 1 no logging
* add FS to global zone's /etc/vfstab :
root@mpbxapp1 # vi /etc/vfstab
/dev/global/dsk/d12s0 /dev/global/rdsk/d12s0 /zonefs/oracle ufs 1 no logging
* set the FilesystemMountPoints property :
root@mpbxapp1 # /usr/cluster/bin/clresource set -p FilesystemMountPoints=/global/oracle:/zonefs/oracle oracle-hastp
Whit this configuration you may ensure that the FS is not directly accessible from master zone. Actually, it's accessible but with a different PATH. For example, for Oracle, from the master zone Oracle can not be started/stopped because the controlfile can not be accessed. :)
Hope this helps,
Murat -
Unexpected behavior: Solaris10 , vlan , ipmp, non-global zones
I've configured a System with several non-global zones.
Each of them has ip - connection via a seperate vlan (1 vlan for each nonglobal zone). The vlans are established by the global zone. They are additionally brought under control of ipmp.
I followed the instructions described at:
http://forum.sun.com/thread.jspa?threadID=21225&messageID=59653#59653
to create the defaultrouters for the non-global zones.
In addition to that, I've created the default route for the 2nd ipmp-interface. (to keep the route in the non-global Zone in case of ipmp-failover)
ie:
route add default 172.16.3.1 -ifp ce1222000
route add default 172.16.3.1 -ifp ce1222002Furthermore, i' ve put the 172.16.3.1 in the /etc/defaultrouter of the global zone, to ensure it will be the 1st entry in the routing table (because it's the defaultrouter for the global zone)
Here the unexpected:
Tried to reach a ip-target ouside the configured subnets, say 172.16.1.3 , via icmp. The router 172.16.3.1 knows the proper route to get it. The 1st tries (can't remember the exact number) went through ce1222000 and associated icmp-replies travelled back trough ce1222000. But suddenly the outgoing interface changed to ce1322000 or ce1122000 ! The defaultrouters configured on these vlans are not aware of the 172.16.1.3 (172.16.1.0/24), and there was no answer. The defaultroutes seemed to be "cycled" between the configured.
Furthermore the connection from the outside to the nonglobal-zones (wich do have only 1 defaultrouter configured: the one of the vlan the non-global Zone belongs to) was broken intermittent.
So, how to get the combination of VLAN ,IPMP, diff. defaultrouters, non-global Zones running?
Got the following config visible in the global zone:
(the 172.13.x.y are sc3.1u4 priv. interconnect)
netstat -rn
Routing Table: IPv4
Destination Gateway Flags Ref Use Interface
172.31.193.1 127.0.0.1 UH 1 0 lo0
172.16.19.0 172.16.19.6 U 1 4474 ce1322000
172.16.19.0 172.16.19.6 U 1 0 ce1322000:1
172.16.19.0 172.16.19.6 U 1 1791 ce1322002
172.31.1.0 172.31.1.2 U 1 271194 ce5
172.31.0.128 172.31.0.130 U 1 271158 ce1
172.16.11.0 172.16.11.6 U 1 8715 ce1122000
172.16.11.0 172.16.11.6 U 1 0 ce1122000:1
172.16.11.0 172.16.11.6 U 1 7398 ce1122002
172.16.3.0 172.16.3.6 U 1 4888 ce1222000
172.16.3.0 172.16.3.6 U 1 0 ce1222000:1
172.16.3.0 172.16.3.6 U 1 4236 ce1222002
172.16.27.0 172.16.27.6 U 1 0 ce1411000
172.16.27.0 172.16.27.6 U 1 0 ce1411000:1
172.16.27.0 172.16.27.6 U 1 0 ce1411002
192.168.0.0 192.168.0.62 U 1 24469 ce3
172.31.193.0 172.31.193.2 U 1 651 clprivnet0
172.16.11.0 172.16.11.6 U 1 0 ce1122002:1
224.0.0.0 192.168.0.62 U 1 0 ce3
default 172.16.3.1 UG 1 1454
default 172.16.19.1 UG 1 0 ce1322000
default 172.16.19.1 UG 1 0 ce1322002
default 172.16.11.1 UG 1 0 ce1122000
default 172.16.11.1 UG 1 0 ce1122002
default 172.16.3.1 UG 1 0 ce1222000
default 172.16.3.1 UG 1 0 ce1222002
127.0.0.1 127.0.0.1 UH 41048047 lo
#ifconfig -a
lo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232
index 1
inet 127.0.0.1 netmask ff000000
lo0:1: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232
index 1
zone Z-BTO1-1
inet 127.0.0.1 netmask ff000000
lo0:2: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232
index 1
zone Z-BTO1-2
inet 127.0.0.1 netmask ff000000
lo0:3: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232
index 1
zone Z-ITR1-1
inet 127.0.0.1 netmask ff000000
lo0:4: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232
index 1
zone Z-TDN1-1
inet 127.0.0.1 netmask ff000000
lo0:5: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232
index 1
zone Z-DRB1-1
inet 127.0.0.1 netmask ff000000
ce1: flags=1008843<UP,BROADCAST,RUNNING,MULTICAST,PRIVATE,IPv4> mtu 1500
index 10
inet 172.31.0.130 netmask ffffff00 broadcast 172.31.0.255
ether 0:3:ba:f:63:95
ce3: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 8
inet 192.168.0.62 netmask ffffff00 broadcast 192.168.0.255
groupname ipmp0
ether 0:3:ba:f:68:1
ce5: flags=1008843<UP,BROADCAST,RUNNING,MULTICAST,PRIVATE,IPv4> mtu 1500
index 9
inet 172.31.1.2 netmask ffffff00 broadcast 172.31.1.127
ether 0:3:ba:d5:b1:44
ce1122000: flags=201000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4,CoS> mtu 1500
index 2
inet 172.16.11.6 netmask ffffff00 broadcast 172.16.11.127
groupname ipmp2
ether 0:3:ba:f:63:94
ce1122000:1:
flags=209040843<UP,BROADCAST,RUNNING,MULTICAST,DEPRECATED,IPv4,NOFAILOVER,CoS>
mtu 1500 index 2
inet 172.16.11.7 netmask ffffff00 broadcast 172.16.11.127
ce1122002:
flags=9040843<UP,BROADCAST,RUNNING,MULTICAST,DEPRECATED,IPv4,NOFAILOVER> mtu
1500 index 3
inet 172.16.11.8 netmask ffffff00 broadcast 172.16.11.127
groupname ipmp2
ether 0:3:ba:f:68:0
ce1122002:1: flags=1040843<UP,BROADCAST,RUNNING,MULTICAST,DEPRECATED,IPv4>
mtu 1500 index 3
inet 172.16.11.10 netmask ffffff00 broadcast 172.16.11.255
ce1122002:2: flags=1040843<UP,BROADCAST,RUNNING,MULTICAST,DEPRECATED,IPv4>
mtu 1500 index 3
zone Z-ITR1-1
inet 172.16.11.9 netmask ffffff00 broadcast 172.16.11.255
ce1222000: flags=201000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4,CoS> mtu 1500
index 4
inet 172.16.3.6 netmask ffffff00 broadcast 172.16.3.127
groupname ipmp3
ether 0:3:ba:f:63:94
ce1222000:1:
flags=209040843<UP,BROADCAST,RUNNING,MULTICAST,DEPRECATED,IPv4,NOFAILOVER,CoS>
mtu 1500 index 4
inet 172.16.3.7 netmask ffffff00 broadcast 172.16.3.127
ce1222002:
flags=9040843<UP,BROADCAST,RUNNING,MULTICAST,DEPRECATED,IPv4,NOFAILOVER> mtu
1500 index 5
inet 172.16.3.8 netmask ffffff00 broadcast 172.16.3.127
groupname ipmp3
ether 0:3:ba:f:68:0
ce1222002:1: flags=1040843<UP,BROADCAST,RUNNING,MULTICAST,DEPRECATED,IPv4>
mtu 1500 index 5
zone Z-BTO1-1
inet 172.16.3.9 netmask ffffff00 broadcast 172.16.3.255
ce1222002:2: flags=1040843<UP,BROADCAST,RUNNING,MULTICAST,DEPRECATED,IPv4>
mtu 1500 index 5
zone Z-BTO1-2
inet 172.16.3.10 netmask ffffff00 broadcast 172.16.3.255
ce1322000: flags=201000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4,CoS> mtu 1500
index 6
inet 172.16.19.6 netmask ffffff00 broadcast 172.16.19.127
groupname ipmp1
ether 0:3:ba:f:63:94
ce1322000:1:
flags=209040843<UP,BROADCAST,RUNNING,MULTICAST,DEPRECATED,IPv4,NOFAILOVER,CoS>
mtu 1500 index 6
inet 172.16.19.7 netmask ffffff00 broadcast 172.16.19.127
ce1322002:
flags=9040843<UP,BROADCAST,RUNNING,MULTICAST,DEPRECATED,IPv4,NOFAILOVER> mtu
1500 index 7
inet 172.16.19.8 netmask ffffff00 broadcast 172.16.19.127
groupname ipmp1
ether 0:3:ba:f:68:0
ce1322002:1: flags=1040843<UP,BROADCAST,RUNNING,MULTICAST,DEPRECATED,IPv4>
mtu 1500 index 7
zone Z-TDN1-1
inet 172.16.19.9 netmask ffffff00 broadcast 172.16.19.255
ce1411000: flags=201000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4,CoS> mtu 1500
index 12
inet 172.16.27.6 netmask ffffff00 broadcast 172.16.27.255
groupname ipmp4
ether 0:3:ba:f:63:94
ce1411000:1:
flags=209040843<UP,BROADCAST,RUNNING,MULTICAST,DEPRECATED,IPv4,NOFAILOVER,CoS>
mtu 1500 index 12
inet 172.16.27.7 netmask ffffff00 broadcast 172.16.27.255
ce1411002:
flags=9040843<UP,BROADCAST,RUNNING,MULTICAST,DEPRECATED,IPv4,NOFAILOVER> mtu
1500 index 13
inet 172.16.27.8 netmask ffffff00 broadcast 172.16.27.255
groupname ipmp4
ether 0:3:ba:f:68:0
ce1411002:1: flags=1040843<UP,BROADCAST,RUNNING,MULTICAST,DEPRECATED,IPv4>
mtu 1500 index 13
zone Z-DRB1-1
inet 172.16.27.9 netmask ffffff00 broadcast 172.16.27.255
clprivnet0:
flags=1009843<UP,BROADCAST,RUNNING,MULTICAST,MULTI_BCAST,PRIVATE,IPv4> mtu
1500 index 11
inet 172.31.193.2 netmask ffffff00 broadcast 172.31.193.255
ether 0:0:0:0:0:2 -
Always install applications into non-global zones?
I am planning on taking full advantage of Containers and Zones as I migrate servers and applications to Solaris 10. During this migration process, I believe that I will have a need to initially just run just one application on a server. I fear that if I do this in the global zone I will lose flexibility down the road for future projects and workloads. So, should I consider always installing applications in a non-global zone and never install applications in the global zone? This would keep the global zone as the controller of the non-global zones and ensure that I can always add more non-global zones later without having to worry about what is running in the global zone.
Are there any thoughts or comments on this topic?Yes we've found it's best to run the applications in non-global zones. Here are a few benefits, basically we only put an application in the global zone if it requires it (like Oracle RAC). Note non-RAC instances of Oracle will run in a non-global zone just fine.
Reasons to put applications in non-global zones
o Increased security (self contained environment)
o Increased flexibility for provisioning resources (CPU, memory, etc) when/if we decide to run multiple applications on the same hardware
o Increased flexibility in starting up temporary environments to debug issues in parallel to the primary environment (i.e. in another non-global zone on the same server)
o Works well with Sun Cluster (i.e. we cluster the non-global zones so that they can run across several hosts)
o Improved trouble shooting and performance diagnosis as the applications are isolated to a non-global zone
o Simplified environment for the application admins as the environment can be fine tuned for their needs (i.e. only let them see what they need)
o Disaster recovery is much faster for a non-global zone -
/boot not preent in Non-Global zones
Hi,
/boot directory is not present in non-global zones. Is there any specific reason for that?
On sun x86 uses /boot/solaris/bootenv.rc to duplicate the eeprom functionality. Since bootenv.rc is used for boot prom functionality and /boot itself not present in zones, because of that eeprom command failing on x86 zones.
Is there any specific reason why /boot is not present in Zones ?
Thanks in advance,
ChanthuHi George,
You might get away creating global monunts, create directories below the mount pint. Now comes the trick, you create HAStoragePlus resources with filesystem_mountpoints=/global_mountmount/mysql1, you must set AffinityOn to false.
This creates a lofs mount into the zone.
I must admit, that I never tried this myself, but it should work. Of cause you will get a performance penalty if you create tables over the wire. Creating tables means creating small files. It is wortha a
It would be better, if you would have more and smaller luns, so that you could restrict on lun to a pair of zones.
Kind Regards
Detlef -
Non-global zones on a SAN???
Hi everyone, i have a question that's probably been asked before and i'm sure many others are interested in knowing the answer.
Is it possible to store non-global zone(s) on a SAN? The idea being that if the server hosting the non-global zone(s) dies, the non-global zone(s) can be brought up on another server that also has access to the same SAN. This is sort of what vmware can do. It would be great if Solaris 10 non-global zones could also do it.
StewartYes it is possible to do this. In fact if you use Sun Cluster (now free) it can be setup so that the zones automatically start on another node within the cluster. Basically any application that can run in a non-global zone can be clustered.
This also helps greatly with resource balancing as you can move zones between servers as needed. Note the zone does have to shutdown as start again but that usually takes less than a minute.
Maybe you are looking for
-
Dc7700 Booting randomly // BIOS error
Hey! I am having trouble with my dc7700 computer, it has started booting randomly. This occurs, like mentoned, randomly. There is no spesific program that is "crashing" or forcing the computer to boot. It sometimes boots when I am doing nothing on it
-
AIAAsyncErrorHandlingBPELProcess [1.0]-- Status Pending
Hello Experts, Env: Sun Solaris 10 SOA 11.1.1.6.0 -- 2 Node cluster Web Logic 10.3.6 OSB BAM AIA Unable to use AIA, because of the error in AIASync apps... Tried to shudown and restart WLS, SOS etc.. no help When I click the service, got the below er
-
Report is displaying but without record
hi all i am using 10g Release 2.Report is displaying in PDF but without records.is there anything incorrect in web.show_document? declare rep report_object; vcJobid varchar2(100); vcURL varchar2(100); pl_id paramlist; ipaddress
-
I recently introduced a colleague of mine to Arch, and all's going well except for a handful of issues. His primary concern is that he enjoys plugging his laptop into his TV via HDMI. This isn't a problem; we got him set up quite easily (hardest part
-
Hi I am querying one of my tables based on date column,however, when passing the value as string the service is failing please tell me how to correct this issue. For eg. My input date is '06-FEB-12' as string and the table xsd is <xs:element name="Ch