Key Terms
Review Exercises
13.1. Creating a Whole Root Zone
In this exercise, you'll see how to create a non-global zone, which copies the Solaris packages to the zone's private file system. You will need a Solaris 10 workstation with approximately 3.5 Gigabytes of free disk space. Make sure you are logged in as root and are running a window system (either CDE or Gnome). The zone you are going to create will be called zone1 and its IP address will be 192.168.0.28.
Estimated Time: 1 hour
1. | Open a terminal window and identify a file system with at least 3.5 Gigabytes of free disk space. For this example, we have used the /export file system. Create the zone directory. You also need to set the permissions on the directory. Enter the following commands at the command prompt:
# mkdir -p /export/zones/zone1
# chmod 700 /export/zones/zone1
| 2. | Now start creating the zone, using the zonecfg command. In this exercise, only the basic setup is required, but in order to create a whole root zone, the default inherited file systems must be removed. This is necessary to ensure the entire Solaris package collection is copied to the zone. Enter the commands as shown here in bold:
# zonecfg -z zone1
zone1: No such zone configured
Use 'create' to begin configuring a new zone.
zonecfg:zone1> create
zonecfg:zone1> set zonepath=/export/zones/zone1
zonecfg:zone1> set autoboot=true
zonecfg:zone1> add net
zonecfg:zone1:net> set address=192.168.0.28
zonecfg:zone1:net> set physical=hme0
zonecfg:zone1:net> end
zonecfg:zone1> add rctl
zonecfg:zone1:rctl>set name=zone.cpu-shares
zonecfg:zone1:rctl> add value (priv=privileged, limit=20, action=none)
zonecfg:zone1:rctl> end
zonecfg:zone1> add attr
zonecfg:zone1:attr> set name=comment
zonecfg:zone1:attr> set type=string
zonecfg:zone1:attr> set value="This is a whole root zone"
zonecfg:zone1:attr> end
zonecfg:zone1> remove inherit-pkg-dir dir=/lib
zonecfg:zone1> remove inherit-pkg-dir dir=/platform
zonecfg:zone1> remove inherit-pkg-dir dir=/sbin
zonecfg:zone1> remove inherit-pkg-dir dir=/usr
zonecfg:zone1> verify
zonecfg:zone1> commit
zonecfg:zone1> exit
| 3. | The zone has now been created and should be in the configured state. You can view the state by entering the following command :
# zoneadm -z zone1 list -v
| 4. | Verify the zone and then enter the command to install the files from the global zone as follows:
# zoneadm -z zone1 verify
# zoneadm -z zone1 install
| 5. | Several messages inform you of the progress of the installation. When it has completed, verify that the zone state has now changed to installed by re-entering the following command:
# zoneadm -z zone1 list -v
| 6. | The next thing to do is to make the zone ready and boot it so that it is running:
# zoneadm -z zone1 ready
# zoneadm -z zone1 boot
| 7. | Add an entry to the global zone /etc/hosts file and try to connect to the hostname for the zone, using telnet. This will fail because the internal configuration of the zone has yet to be completed. Complete the installation by logging in to the console of the newly created zone:
| 8. | A console session will be established with the new zone. A number of questions need to be answered before the zone is fully operational. Enter the language, locale, terminal, the hostname for the zone, a security policy (if required), a naming service (choose "none" if a naming service is not being used), and a time zone. Finally, you will be asked to enter a root password.
| 9. | When you have entered all of the required information, a final prompt appears concerning the NFSv4 domain name. Answer this question ("no" is the default).
| 10. | The zone reboots to implement the configuration you have just specified. The reboot only takes a few seconds, when complete, you will be able to telnet to the zone as if it was any other remote system .
|
Exam Questions
1. | Which of the following is the correct command to install the zone called appzone1?
| zonecfg -z appzone1 install
| | | | zoneadm -z appzone1 install
| | |
| 2. | Which of the following would uninstall the zone called appzone1 automatically, without requesting confirmation from the system administrator?
| zonecfg appzone1 uninstall
| | zoneadm -z appzone1 uninstall -F
| | zoneadm -z appzone1 install -U
| | zoneadm -z appzone1 uninstall
|
| 3. | Which of the following are valid types of Root File System types for a non-global zone? (Choose 2.)
| 4. | You are the system administrator and you need to administer a zone called testzone. Which command will perform an interactive administration login to the zone directly from the global zone?
| 5. | You are the system administrator and you need to see if the user account testuser has been created in the zone testzone. Which command from the global zone will achieve this using a non-interactive login to the zone?
| zoneadm testzone grep testuser /etc/passwd
| | zlogin -z testzone grep testuser /etc/passwd
| | grep testuser /etc/passwd
| | zlogin testzone grep testuser /etc/passwd
|
| 6. | You are creating a new non-global zone. Which of the following zone names is invalid?
| 7. | Which of the following are features of the global zone? (Choose 3.)
| The global zone is not aware of the existence of other zones.
| | The global zone is always assigned Zone ID 0.
| | It contains a full installation of Solaris system packages.
| | It contains a subset of the installed Solaris system packages.
| | It provides the single bootable instance of the Solaris Operating Environment that runs on the system.
|
| 8. | Which of the following describes how networking in a non-global zone is implemented in Solaris zones?
| Each non-global zone requires its own physical network interface
| | All non-global zones must use the same IP address
| | Each non-global zone uses a logical interface and is assigned a unique IP address
| | Non-global zones must use unique port numbers to avoid conflict
|
| 9. | Which command displays the current state of the zone testzone?
| | | zoneadm -z testzone list -v
| | | | |
| 10. | This daemon process allocates the zone ID for a non-global zone, plumbs the virtual network interface, and mounts any loopback or conventional file systems. Which daemon process is being described?
| 11. | You are configuring a non-global zone called zone1, which has a zonepath of /export/zones/zone1. You have pre-configured the zone configuration by creating a sysidcfg file, and you need to install it in the correct location so that when you login following the initial boot of the zone, the configuration will complete automatically. Where are you going to install the sysidcfg file?
| | | | | | | /export/zones/zone1/root/etc
|
| 12. | This transitional zone state can be seen when a non-global zone is being installed or uninstalled. Which zone state is being described?
| 13. | You have a non-global zone called tempzone which is no longer required. The zone has already been halted and uninstalled. Which command will actually delete the zone configuration for this zone without asking for confirmation?
| | | zoneadm -z tempzone delete -F
| | zonecfg -z tempzone delete -F
| | |
| 14. | Which option of the zlogin command would be used to gain access to a damaged zone for recovery purposes when other forms of login are not working?
| 15. | Which of the following are valid states for a non-global zone? (Choose 3.)
| 16. | Which of the following are features of a non-global zone? (Choose 2)
| It provides the single bootable instance of the Solaris Operating Environment that runs on a system.
| | It contains a full installation of Solaris system packages.
| | It contains a subset of the installed Solaris system packages.
| | Its zone ID is assigned when it is booted.
| | It is always assigned Zone ID 0.
|
| 17. | You have created a new non-global zone called newzone and want to view the zone configuration data. Which of the following will display the required information? (Choose 2.)
| cat /etc/zones/newzone.xml
| | cat /export/zones/newzone/root/etc/zones/newzone.xml
| | zoneadm -z newzone list -v
| | zonecfg -z newzone export
|
|
Answers to Exam Questions
1. | C. The command zoneadm -z appzone1 install will successfully install the zone called appzone1. For more information, see the section "Installing a Zone."
| 2. | B. The command zoneadm -z appzone1 uninstall -F will successfully uninstall the zone called appzone1 without asking the administrator for confirmation. For more information, see the section "Uninstalling a Zone."
| 3. | A and D. Whole Root and Sparse Root are valid types of Root File System in the non-global zone. For more information, see the section "Non-global Zone Root File System Models."
| 4. | B. The command zlogin testzone will initiate an interactive login to the zone from the global zone. For more information, see the section "Logging in to a Zone."
| 5. | D. The command zlogin testzone grep testuser /etc/passwd will run the command grep testuser /etc/passwd in the testzone zone, in a non-interactive login from the global zone. For more information, see the section "Running a Command in a Zone."
| 6. | C. The zone name "SUNWzone" is invalid because all zonenames beginning with "SUNW" are reserved. For more information, see the section "The zonecfg Command."
| 7. | B, C and E. The global zone is always assigned Zone ID 0, it contains a full installation of Solaris system packages, and it also provides the single bootable instance of the Solaris Operating Environment that runs on the system. For more information, see the section "Zone Features."
| 8. | C. Networking in non-global zones is implemented by using a logical network interface and the zone is assigned a unique IP address. For more information, see the section "Networking in a Zone Environment."
| 9. | B. The command zoneadm -z testzone list -v will display the current state of the zone called testzone. For more information, see the section "Booting a Zone."
| 10. | A. The zoneadmd daemon process assigns the zone ID to a non-global zone; it also plumbs the virtual network interface and mounts any loopback or conventional file systems. For more information, see the section "Zone Daemons."
| 11. | D. In order to get the non-global zone zone1 to automatically complete the zone configuration, the sysidcfg would be installed in the /export/zones/zone1/root/etc directory. For more information, see the section "Using a sysidcfg File."
| 12. | B. The zone state being described is incomplete, because it is a transitional state that is displayed when a non-global zone is being installed or uninstalled.
| 13. | C. The command zonecfg -z tempzone delete -F will successfully delete the configuration for zone tempzone.
| 14. | B. The zlogin -S command is used to gain access to a damaged zone for recovery purposes when other forms of login are not working. For more information, see the section "Zone Login."
| 15. | A, D, and F. The valid zone states are configured, ready and running. For more information, see the section "Zone States."
| 16. | C and D. The non-global zone contains a subset of the installed Solaris system packages and its zone ID is assigned by the system when it boots.
| 17. | A and D. The two ways of displaying the zone configuration data for the zone newzone are cat /etc/zones/newzone.xml and zonecfg -z newzone export. For more information, see the section "Viewing the Zone Configuration."
|
|