Zone Manager Screencast
Posted by Sam
Sometimes it's hard to understand just how simple something is without seeing it first hand. In an attempt to show people just how powerful and extremely awesome Zone Manager is (not to mention Solaris Zones) I thought I would create a screencast. Screencasts are all the rage these days and for good reason. Running commands from the command line isn't sexy, but watching a video where I create an entirely new server in well under two minutes is dead sexy! And so without further ado I present Zonemgr!
Limiting Bandwidth for Solaris Zones
Posted by Sam
I love Solaris. I mean I really love it. Using zones and ZFS is like a breath of fresh air. If I had one complaint it's that Solaris is sometimes over-documented. I know that seems strange at first, but case in point is trying to setup IPQoS to simply limit the bandwidth on a particular zone. This week I decided that I need to take some time and figure out how to limit a zone to only using 1mb of bandwidth. So I started by looking around on the web and there was nothing. It was a ghost town. Some people were talking about, but nobody had a simple example of how to implement it. In the Linux world there would be a million how-tos. More than half of which are out of date and of questionable quality, but they are out there none the less.
Since I couldn't get any love from the internet at large I decided to look at the documentation that Sun provides. Sun's documentation is great, but often times it's overkill. Or they expect that you've been to some training class and already have a pretty decent understanding of what you are doing. The documentation for IPQoS was no different. It came in at 72 pages when printed and was not at all helpful. Ugh! Finally, I put together a solution and I thought I would share it here. Hopefully it will help others as well.
In Solaris 10 update 4 there are three example files for QoS in the /etc/inet directory so I created a new file there. Here are the contents of the file.
fmt_version 1.0
The important parts of the file are committed_rate, committed_burst and peak_burst. Basically this tells IPQoS that it should start dropping packets whenever the bandwidth exceeds 1 megabit (1,048,576 bits). In the example above I have a class named web1 and a filter that's also named web1 that points to the class web1. These can be named anything you like, but make sure that filter > class has the same name as class > name.
action {
module ipgpc
name ipgpc.classify
params {
global_stats TRUE
}
class {
name web1
next_action cap
enable_stats FALSE
}
filter {
name web1
daddr 10.1.1.5
class web1
}
}
action {
module tokenmt
name cap
params {
committed_rate 1048576
committed_burst 1048576
peak_burst 1048576
red_action_name drop
green_action_name continue
yellow_action_name continue
global_stats TRUE
}
}
After you create the file above you can active it by using ipqosconf like so:
bash-3.00# ipqosconf -a ipqos.conf
Be sure to substitute the name of the file above for ipqos.conf. Assuming you don't have any errors you should be good to go!
Easy and Fast Solaris Zone Creation
Posted by Sam
Want to automate the creation of Solaris zones or just want to create zones faster? Using Zone Manager you can save yourself several steps and even some time. As I'll show below you can easily create a brand new zone in less than two minutes with one command. Grab Zone Manager and stick it in your path. I put mine in /usr/sbin. Here's an example:
bash-3.00# time zonemgr -a add \
> -n web1 \
> -z /opt/zones \
> -P secret \
> -I "10.100.1.1|bge0|255.255.255.0|web1" \
> -C /etc/resolv.conf \
> -C /etc/nsswitch.conf
Checking to see if the zone IP address (10.100.1.1) is already in use...IP is available.
Preparing to install zone < web1 >.
Creating list of files to copy from the global zone.
Copying <297> files to the zone.
Initializing zone product registry.
Determining zone package initialization order.
Preparing to initialize <205> packages on the zone.
Initialized <205> packages on zone.
Zone < web1 > is initialized.
The file contains a log of the zone installation.
Creating the sysidcfg file for automated zone configuration.
Copying (/etc/resolv.conf) from the global zone to (/etc/resolv.conf) in the non-global zone.
Copying (/etc/nsswitch.conf) from the global zone to (/etc/nsswitch.conf) in the non-global zone.
Copy completed.
Booting zone for the first time.
Waiting for first boot tasks to complete.
Updating netmask information.
Copying (/etc/nsswitch.conf) from the global zone to (/etc/nsswitch.conf) in the non-global zone.
Copy completed.
Updating /etc/inet/hosts of the global zone with the webshell IP information.
Zone web1 is ready.
real 1m52.449s
user 0m12.063s
sys 0m16.275s
What we did
Here's what we did, line by line.
- Add the zone
- Name the zone web1
- Create the zone in /opt/zones/web1
- Set the password to secret
- Set the IP address, ethernet adaptor, subnet mask and hostname
- Copy the resolv.conf file from the global zone
- Copy the nsswitch.conf file from the global zone
That's it! With one command and in less than two minutes you have a brand new, fully functional zone. For more information on Zone Manager check out the docs. You can also subscribe to the Zone Manager blog. To see how much time and how many steps that saves check out this blog. Happy Zoning!