Solaris zones reference
# zoneadm list -cv
List zones on server
# zonecfg -z <zonehostname> info
Show configuration of a particular zone
# zonecfg -z <zonehostname> boot
Boot a zone
# zlogin -C <zonehostname>
Move a zone
# zoneadm -z zonename move /new/path
Connect to the console for a zone.
Use ~. to disconnect.
Problems starting zones? Make sure the smf entry is present -
online 10:04:38 svc:/system/cluster/sc_zones:default
Introduction to zones site from Princeton
http://www.princeton.edu/~unix/Solaris/troubleshoot/zones.html
Creating a zone.
# zonecfg -z tzone1
tzone1: No such zone configured
Use 'create' to begin configuring a new zone.
zonecfg:tzone1> create
zonecfg:tzone1> set zonepath=/zones/tzone1
zonecfg:tzone1> set autoboot=true
zonecfg:tzone1> add net
zonecfg:tzone1:net> set address=192.168.1.151
zonecfg:tzone1:net> set physical=e1000g0
zonecfg:tzone1:net> end
zonecfg:tzone1> verify
zonecfg:tzone1> commit
zonecfg:tzone1> exit
# zoneadm -z tzone1 install
Preparing to install zone .
Creating list of files to copy from the global zone.
Copying <2464> files to the zone.
Initializing zone product registry.
Determining zone package initialization order.
Preparing to initialize <1056> packages on the zone.
Initialized <1056> packages on zone.
Zone is initialized.
Installation of these packages generated errors:
The file contains a log of the zone installation.
These failures were due to Kerberos not being installed. e.g, from the above mentioned install_log
*** package failed to install with fatal errors:
Error: /usr/lib/libkrb5.so.1 not found.
# zoneadm -z tzone1 boot
# zlogin -C tzone1
[Connected to zone 'tzone1' console]
Use ~~. to exit the zone
Watch the server boot. You will have to answer the usual system id questions. Then it will reboot again.
And you’re done. Just that easy.
Want to clone a zone?
The sed below is to change the zonepath, or you can change it manually. If you set a static IP, you need to change it also with another sed. Then pipe the input to zonecfg
# zonecfg -z tzone1 export|sed -e 's/tzone1/tzone2/'|zonecfg -z tzone2
tzone2: No such zone configured
Use 'create' to begin configuring a new zone.
Now clone it (source zone must not be running)
# zoneadm -z tzone2 clone tzone1
Cloning zonepath /zones/tzone1...
# zoneadm list -cv
ID NAME STATUS PATH BRAND IP
0 global running / native shared
- tzone1 installed /zones/tzone1 native shared
- tzone2 installed /zones/tzone2 native shared
To remove a zone:
# zoneadm -z tzone2 uninstall -F
then
zonecfg -z tzone2 delete
Enable auditing in a zone.
See http://docs.sun.com/app/docs/doc/816-4557/auditplan-10?a=view
Basically, you can either have the audit trails for all zones be collected by the global zone (copy your global config files around and
svcadm enable svc:/system/auditd
Or, you can have per-zone audit trails, then do per-zone config files and set up per-zone storage.