How to create whole root zone on Sun Solaris 11 Operating System

In Solaris 10, we can’t install it without configuring repo on Solaris while in Solaris 11 ,first we need to create a  Solaris 11 repo , then we can install Solaris local zone. In Solaris 11, all the local zones by default uses exclusive ip address. You can’t set the IP address while configuring the zone. After the installation of zone, you can able to configure the IP from the local zone itself.

On my Solaris 11 machine I have already installed one local zone which is used for my R&D work so for this post work I need to install second local zone. So I will clone it from the first local zone.

Step by step method to create a zone on Solaris 11:-

➤ In the first step we will create a new local zone. For the zone creation we will used "zonecfg" command and configure the zones as whole root zone without any options supplied.

!-[solaris]#zonecfg -z sun02

sun02: No such zone configured

Use 'create' to begin configuring a new zone.

zonecfg:sun> create

zonecfg:sun> info

zonename: sun02

zonepath:

brand: native

autoboot: false

bootargs:

pool:

limitpriv:

scheduling-class:

ip-type: shared

hostid:

zonecfg:sun> set zonepath=/zones/sun02

zonecfg:sun > add anet

zonecfg:sun:anet> set linkname=net0

zonecfg:sun:anet> end

zonecfg:sun > verfiy

zonecfg:sun > commit

zonecfg:sun > exit

In the above step, we will create a zne and set the zonepath. In my case my new solaris zone path is "/zones/sun02" in your case you can change your installation zone path. Here, I assign the network interface "net0" for this newly zone.

➤ After successfully zone creation in above step 1, we will go for start the Solaris zone installation in this step. As I explained you for solaris 11 local zone installation we required solaris 11 repo which is used for installation part.

!-[solaris]#zoneadm -z sun02 install

The following ZFS file system(s) have been created:

    rpool/zones/sun02

Progress being logged to /var/log/zones/zoneadm.30220110Z233232Z.sun02.install

       Image: Preparing at /zones/sun02/root.

 AI Manifest: /tmp/manifest.xml.F_ayqq

  SC Profile: /usr/share/auto_install/sc_profiles/enable_sci.xml

    Zonename: sun02

Installation: Starting ...

              Creating IPS image

Startup linked: 1/1 done

        Installing packages from:

solaris  origin:  http://localhost:1008/solaris/ce43f14c4791b5320596e2023cde1ec08709a3af/

DOWNLOAD                                PKGS         FILES    XFER (MB)   SPEED

Completed                            183/183   33556/33556  222.2/222.2  139k/s

PHASE                                          ITEMS

Installing new actions                   46825/46825

Updating package state database               Done

Updating image state                          Done

Creating fast lookup database                 Done

Installation: Succeeded

Note:Man pages can be obtained by installing pkg:/system/manual done. Done: Installation completed in 2392.837 seconds.

Now our newly zone "sun02" has been installed successfully. All the configuration files are keep in /zones/sun02/root directory.

➤ In this step we will boot the newly installed zone "sun02".

!-[solaris]#zoneadm -z sun02 boot

You can check the status of zone that it is running or not after boot.

!-[solaris]#zoneadm list -icv

ID NAME      STATUS     PATH          BRAND    IP

   0 global   running    /            solaris  shared

   1 sun01    running    /zones/sun01 solaris  excl

   3 sun02    running    /zones/sun02 solaris  excl

if you see the above output newly zone "sun02" is running working fine on the solaris 11 operating system.

➤ Now in the next step, we will login on the local zone console to complete the configuration process.

!-[solaris]# zlogin -C sun02

[Connected to zone 'sun02' console]

You can press enter when you will get this message. Now it is asking for some configuration step we need to give a details one by one.

Time Zone: Regions

select the region that contains your time zone.

Regions

UTC/GMT

Africa

Americas

Antarctica

Arctic Ocean

Asia

Atlantic Ocean

Australia

Europe

Indian Ocean

Pacific Ocean

F2_Continue  F3_Back  F6_Help  F9_Quit

Time Zone: Locations

Select the location that contains your time zone.

Locations

x Afghanistan

x Armenia

x Azerbaijan

x Bahrain

x Bangladesh

x Bhutan

x Brunei

x Cambodia

x China

x Cyprus

x East Timor

x Georgia

x Hong Kong

v India

F2_Continue  F3_Back  F6_Help  F9_Quit

Time Zone

Select your time zone.

Time Zones

Asia/Kolkata

F2_Continue  F3_Back  F6_Help  F9_Quit

System Configuration Summary

Review the settings below before continuing. Go back (F3) to make changes.

Time Zone: Asia/Kolkata

Language: *The following can be changed when logging in.

Default language: C/POSIX

Terminal type: vt100

Users:

No user account

Network:

Computer name: sun02

Network Configuration: Automatic

Support configuration:

Not generating a Support profile as OCM and ASR services are not installed.

Hostname: sun02

So now your zone is fully configured ans installed successfully. You can login in zone very easily. So in next step we will see the post configuration settings which is required on local solaris zone.

➤ In the final step you need login to local zone sun02 and configured the ip address on the zone sun02.

!-[solaris]# zlogin -z sun02

You can successfully login in your newly created solaris 11 zone. Please leave a comment if you have any doubt , I will get back to you as soon as possible.

How to disable the SELinux in Linux operating system machine

Security-enhanced Linux (SELINUX): SELinux is know as Security enhanced linux system which is the security feature of the Linux kernel system. It is define the security Policy which makes system proctative agaginst the misconfiguration of the daemons. SELinux running in 3 modes which is disabled, enabled and permissive. We will explain these mode in configuration steps.

Here, you can find the all the steps which is required to enable or disable the SELinux configuration.

How to disable SELinux on Linux operating system:

➤ In the first step you can check the current status of SELinux. To do this please run the below command.

[root@localhost]# getenforce

Enabled

"getenforce" command is used for checking the current status of SELinux.

➤ As you see on my machine when I run the above command my SElinux is enabled, So in this step we will change the SELinux mode.

[root@localhost]# vi /etc/sysconfig/selinux

# This file controls the state of SELinux on the system.

# SELINUX= can take one of these three values:

# enforcing - SELinux security policy is enforced.

# permissive - SELinux prints warnings instead of enforcing.

# disabled - No SELinux policy is loaded.

SELINUX=disabled

# SELINUXTYPE= can take one of these two values:

# targeted - Targeted processes are protected,

# mls - Multi Level Security protection.

SELINUXTYPE=targeted

Normally selinux configuration file you can found on the above location. You can edit the SELINUX entry to disabled. All the command is run by super user "root" only.

➤ Once you change the entry in SELinux configuration file then for permanent effect you need to take a reboot of the system.

[root@localhost]# init 6

Once you reboot the server all the configuration files changes has been done.

➤ In the last step you will run the "getenforce" command again to verify the new status of SELinux.

[root@localhost]# getenforce

Disabled

If you comparison the both step 1 and this step output you can found that SELinux policy is not disabled on the Linux operating system.

Sun Solaris zonecfg commands with an example

"zonecfg" command is very useful command which is mostly used during configuration of new zone or installed zone as well as for removal of any zone configuration files.

This command are valid for Sun Solaris 10.x,11.x,12.x version.

➤ Command for creating a Solaris zone:

Please find the below commands to creating a zone on Sun Solaris server. The command must be run on Global zone with root user.

!-[solaris]# zonecfg -z <zone>

Example: !-[solaris]# zonecfg -z sunz01

Once you run the above command, you can enter in the configuration file, where you can add or edit the configuration for the zone.

➤ Command for deleting a Solaris zone:

Please find the below command to deleting a Solaris zone from Global zone.

!-[solaris]# zonecfg -z <zone> delete -F

Example: !-[solaris]# zonecfg -z sunz01 delete -F

using above command you can delete or remove the configuration file of solaris local zone.

Note: You need to shutdown and uninstall the local zone before deleting the configuration files of Sun Solaris local zone.

➤ Command for display zone current configuration:

Please find the below command to display the current configuration of local Solaris zones.

!-[solaris]# zonecfg -z <zone> info

Example: !-[solaris]#zonecfg -z sunz01 info

This command output show you the zonename, zonepath, autoboot etc attributes information of the solaris zone.

➤ Command for zone creation file:

Please find the below command to create a solaris zone creation file.

!-[solaris]#zonecfg -z <zone> export

Example: !-[solaris]#zonecfg -z sun01 export

Once the creation file has been export you can use this file to another zone creation as well as for restoration of this local zone if any problem occur on this zone.

Sun Solaris Processes Monitoring - prstat command

"PRSTAT" command basically used for monitoring the current memory and CPU utilization of Sun solaris local zones and global zone.

Using "prstat" command we can display the solaris zone process information. This command generate the reports information about the processes and zones.

The prstat statistics utility shows a summary of the processes that are using system resources currently. The prstat utility summarizes this information for an every 5 seconds by default and reports the statistics for that period.

Display the zones process information:

!-[solaris]# prstat -Z

 PID USERNAME  SIZE   RSS STATE   PRI NICE      TIME  CPU PROCESS/NLWP

 18638 20159    2118M 1502M cpu43    10    0   0:00:44 2.4% oracle/7

 20927 24076    8784K 8136K cpu127    0    2   0:00:17 1.8% prstat/1

   897 24865     916M  512M sleep    59    0  27:52:32 0.7% java/95

 17511 26055     599M  285M sleep    59    0  35:08:33 0.6% java/115

 12540 26055     951M  341M sleep    59    0  31:00:01 0.5% java/101

 ZONEID    NPROC  SWAP   RSS MEMORY      TIME  CPU ZONE

     8     3427   73G   27G    21%  44:01:48 2.8% sunz01

     0      100  465M  132M   0.1% 507:26:46 2.6% global

     6     4056   86G   32G    25%  35:23:30 2.3% sunz02    

Total: 13382 processes, 36594 lwps, load averages: 9.11, 9.27, 9.47

Using above command "prstat -Z" we can monitor the server process utilization in every 5 second. This command is show you the global zone & their local zone process utilization only.

If you want to only specific zone process utilization then you can use the below command.

!-[solaris]# prstat -z sun01

This command output show you only process utilization of specific zone only.

Note:

-Z Reports information about processes and zones.

-z Reports information about a particular zone.

You can use the below syntax to monitor the Global zone as well as only specific zone.

How to run Oracle Explorer on Sun Solaris 11 Operating System

Explorer files are used as a snapshot when we need to check all hardware issues or internal issue. The explorer files keeps all these information.

Oracle SUN Solaris explorer is a collection of scripts and binary executable files which collect all information and creates a detailed snapshot of Oracle Sun Solaris system configurations.

Oracle Sun Solaris Explorer is always installed on Global zone using root user which are running only Sun Sparc system and Solaris X86 systems as well as we are gathers information related to drivers, patches, recent system event history, and log file entries from the Oracle Explorer Data Collector output.

Before moving to run the explorer files we need to understand which packages is required to installed and configure the explorer files.

➤ First we need to download the Service tools bundle from any ftp servers and extract them and run the script with extension syntax.

!-[solaris]# ./install_stb.sh -ext

➤ In this step we will uncompressed and untar the Explorer tar file using below command.

!-[solaris]# cd /var/tmp/stb/extract/Explorer

!-[solaris]# uncompress Explorer.tar.Z

!-[solaris]# tar xvf Explorer.tar

➤ In this step we will install Explorer packages and create directories "SUNWexplo" and "SUNWexplu" to install the required packages.

!-[solaris]# pkgadd -d . SUNWexplo SUNWexpl

➤ Now we will run the explorer command to obtained the logs files from the Sun Solaris system.

!-[solaris]# explorer

  

Normally on Solaris server the default location to run the above command is /usr/sbin/explorer which create & send the explorer log file.

➤ If you want the create default configuration file only first time please use the below syntax.

 !-[solaris]# explorer -g 

➤ If you want to check explorer version please run the below command.

 !-[solaris]# explorer -V

        

Normally in most of the Solaris server the default path of the explorer output is /var/explorer/output but it depends where you installed the Explorer.

Please comment on the post, if you have any query related to this topic.