Zone を作ってみた。

Zone を作ってみた。

-bash-3.2$ sudo zpool create tank c1t1d0
-bash-3.2$ zpool list
NAME    SIZE   USED  AVAIL    CAP  HEALTH  ALTROOT
rpool  7.94G  5.41G  2.53G    68%  ONLINE  -
tank   7.94G  73.5K  7.94G     0%  ONLINE  -

-bash-3.2$ sudo zfs create tank/zones
-bash-3.2$ sudo zfs mountpoint=/expor/home/zones tank/zones
-bash-3.2$ sudo zfs compression=gzip tank/zones

-bash-3.2$ sudo zfs get all tank/zones
NAME        PROPERTY         VALUE                    SOURCE
tank/zones  type             filesystem               -
tank/zones  creation         木  9月 18 10:26 2008  -
tank/zones  used             18K                      -
tank/zones  available        7.81G                    -
tank/zones  referenced       18K                      -
tank/zones  compressratio    1.00x                    -
tank/zones  mounted          yes                      -
tank/zones  quota            none                     default
tank/zones  reservation      none                     default
tank/zones  recordsize       128K                     default
tank/zones  mountpoint       /expor/home/zones        local
tank/zones  sharenfs         off                      default
tank/zones  checksum         on                       default
tank/zones  compression      gzip                     local
tank/zones  atime            on                       default
tank/zones  devices          on                       default
tank/zones  exec             on                       default
tank/zones  setuid           on                       default
tank/zones  readonly         off                      default
tank/zones  zoned            off                      default
tank/zones  snapdir          hidden                   default
tank/zones  aclmode          groupmask                default
tank/zones  aclinherit       restricted               default
tank/zones  canmount         on                       default
tank/zones  shareiscsi       off                      default
tank/zones  xattr            on                       default
tank/zones  copies           1                        default
tank/zones  version          3                        -
tank/zones  utf8only         off                      -
tank/zones  normalization    none                     -
tank/zones  casesensitivity  sensitive                -
tank/zones  vscan            off                      default
tank/zones  nbmand           off                      default
tank/zones  sharesmb         off                      default
tank/zones  refquota         none                     default
tank/zones  refreservation   none                     default
tank/zones  primarycache     all                      default
tank/zones  secondarycache   all                      default

-bash-3.2$ sudo zonecfg -z osol01z
osol01z: そのような構成済みゾーンはありません
'create' を使用して、新しいゾーンの構成を開始してください。
Bad terminal type: "xterm-new". Will assume vt100.
zonecfg:osol01z> create
zonecfg:osol01z> set zonepath=/export/home/zones/osol01z
zonecfg:osol01z> add net
zonecfg:osol01z:net> set physical=e1000g0
zonecfg:osol01z:net> set address=192.168.254.101
zonecfg:osol01z:net> end
zonecfg:osol01z> info
zonename: osol01z
zonepath: /export/home/zones/osol01z
brand: native
autoboot: false
bootargs: 
pool: 
limitpriv: 
scheduling-class: 
ip-type: shared
inherit-pkg-dir:
        dir: /lib
inherit-pkg-dir:
        dir: /platform
inherit-pkg-dir:
        dir: /sbin
inherit-pkg-dir:
        dir: /usr
net:
        address: 192.168.254.101
        physical: e1000g0
        defrouter が指定されていません
zonecfg:osol01z> verify
zonecfg:osol01z> commit
zonecfg:osol01z> exit

-bash-3.2$ sudo zoneadm list -cv
  ID NAME             STATUS     PATH                           BRAND    IP    
   0 global           running    /                              native   shared
   - osol01z          configured /export/home/zones/osol01z     native   shared

-bash-3.2$ sudo zoneadm -z osol01z install
Preparing to install zone <osol01z>.
Creating list of files to copy from the global zone.
Copying <4820> files to the zone.
Initializing zone product registry.
Determining zone package initialization order.
Preparing to initialize <1372> packages on the zone.
Initialized <1372> packages on zone.
Zone <osol01z> is initialized.
Installation of these packages generated warnings: <SUNWmmsr>
The file </export/home/zones/osol01z/root/var/sadm/system/logs/install_log> contains a log of the zone installation.

-bash-3.2$ sudo zoneadm list -cv
  ID NAME             STATUS     PATH                           BRAND    IP    
   0 global           running    /                              native   shared
   - osol01z          installed  /export/home/zones/osol01z     native   shared

-bash-3.2$ sudo zoneadm -z osol01z boot
zone 'osol01z': WARNING: e1000g0:1: no matching subnet found in netmasks(4) for 192.168.254.101; using default of 255.255.255.0.

-bash-3.2$ sudo zlogin -C osol01z
[ゾーン 'osol01z' コンソールに接続しました]


Select a Language

  1. English
  2. Japanese

Please make a choice (1 - 2), or press h or ? for help:

What type of terminal are you using?
 1) ANSI Standard CRT
 2) DEC VT52
 3) DEC VT100
 4) Heathkit 19
 5) Lear Siegler ADM31
 6) PC Console
 7) Sun Command Tool
 8) Sun Workstation
 9) Televideo 910
 10) Televideo 925
 11) Wyse Model 50
 12) X Terminal Emulator (xterms)
 13) CDE Terminal Emulator (dtterm)
 14) Other
Type the number of your choice and press Return: 
 
Creating new rsa public/private host key pair
Creating new dsa public/private host key pair
Configuring network interface addresses: e1000g0.

.. 色々設定が入りますが、普通の Solaris となんら変わりません。

System identification is completed.

rebooting system due to change(s) in /etc/default/init

[NOTICE: Zone rebooting]

SunOS Release 5.11 Version snv_97 64-bit
Copyright 1983-2008 Sun Microsystems, Inc.  All rights reserved.
Use is subject to license terms.
Hostname: osol01z
Reading ZFS config: done.
osol01z console login: root
Password: 
Sep 18 10:52:40 osol01z login: ROOT LOGIN /dev/console
Sun Microsystems Inc.   SunOS 5.11      snv_97  November 2008
# bash
bash-3.2# 
bash-3.2# svcadm disable sendmail
bash-3.2# useradd -g staff -d /export/home/voluntas -s /bin/bash voluntas
bash-3.2# passwd voluntas
New Password: 
Re-enter new Password: 
passwd: password successfully changed for voluntas
bash-3.2# chown -R voluntas:staff /export/home/voluntas

bash-3.2# ifconfig -a
lo0:1: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1
        inet 127.0.0.1 netmask ff000000 
e1000g0:1: flags=201000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4,CoS> mtu 1500 index 2
        inet 192.168.254.101 netmask ffffff00 broadcast 192.168.254.255

.. 1回抜けて作成したユーザで入れるかどうか確認

osol01z console login: voluntas
Password: 
Sun Microsystems Inc.   SunOS 5.11      snv_97  November 2008
-bash-3.2$ 

$ ssh voluntas@192.168.254.129                                                 [~]
パスワード: 
Last login: Thu Sep 18 10:48:57 2008 from 192.168.254.1
Sun Microsystems Inc.   SunOS 5.11      snv_97  November 2008
-bash-3.2$ 

.. 今度は Mac から今回作った zone へ ssh でログインしてみる

$ ssh voluntas@192.168.254.101                                                 [~]
The authenticity of host '192.168.254.101 (192.168.254.101)' can't be established.
RSA key fingerprint is 4e:72:2f:1b:7f:95:a4:f2:fb:e8:97:f5:05:79:68:6d.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.254.101' (RSA) to the list of known hosts.
Password: 
Last login: Thu Sep 18 10:55:51 2008
Sun Microsystems Inc.   SunOS 5.11      snv_97  November 2008
-bash-3.2$ cat /etc/release 
                   Solaris Express Community Edition snv_97 X86
           Copyright 2008 Sun Microsystems, Inc.  All Rights Reserved.
                        Use is subject to license terms.
                            Assembled 27 August 2008


.. ノングローバルゾーンは完全に分離されているので、単体で独立しています。

ZFS 上に作ってみたつもりだけどなんか上手いこと作れていないですね ... その辺は追っかけてみる予定。