Some Question's about Zone

Hi all,
i am new learner in Zoning and virtualization Technology and i have some question's about it
i create zone using this step
zonecfg -z app-apache
create
set zonepath=/zone_adm/app-apache
add net
set address=192.168.1.250
set physical=bge0
end
set autoboot=true
verify
commit
exit
zoneadm -z app-apache install
zoneadm -z app-apache boot
zlogin -C app-apache

this is the path of the file created by zonecfg
/etc/zones/app-apache.xml

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE zone PUBLIC "-//Sun Microsystems Inc//DTD Zones//EN" "file:///usr/share/lib/xml/dtd/zonecfg.dtd.1">
<!--
    DO NOT EDIT THIS FILE.  Use zonecfg(1M) instead.
-->
<zone name="app-apache" zonepath="/zone_adm/app-apache" autoboot="true">
  <inherited-pkg-dir directory="/lib"/>
  <inherited-pkg-dir directory="/platform"/>
  <inherited-pkg-dir directory="/sbin"/>
  <inherited-pkg-dir directory="/usr"/>
  <network address="192.168.1.250" physical="bge0"/>
</zone>

and i want to add some inherited directory

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE zone PUBLIC "-//Sun Microsystems Inc//DTD Zones//EN" "file:///usr/share/lib/xml/dtd/zonecfg.dtd.1">
<!--
    DO NOT EDIT THIS FILE.  Use zonecfg(1M) instead.
-->
<zone name="app-apache" zonepath="/zone_adm/app-apache" autoboot="true">
  <inherited-pkg-dir directory="/lib"/>
  <inherited-pkg-dir directory="/platform"/>
  <inherited-pkg-dir directory="/sbin"/>
  <inherited-pkg-dir directory="/usr"/>
  <inherited-pkg-dir directory="/etc"/>
  <inherited-pkg-dir directory="/export"/>
  <network address="192.168.1.250" physical="bge0"/>
</zone>

is there any problem about edit this file manually
is that correct to inherit all folder and file from global zone
how to edit zone already running
add inherited directory by command line
how to assign for example 25% from processor to this zone
how to assign for example 25% from memory to this zone

when i write this command when i enter the zone console
dladm show-link
to know the interface name
give me this error

insufficient privileges

why i see this error also i enter this zone as root user

if i use the zone for example app-apache and don't have privilleges to work in globale zone (how to know the globale machine name)

Network Question
when i configure the zone for the first time i set static IP
when i enter the zone and make vi /etc/hostname.bge0 to see my IP i didn't found this file where is the Static IP set for this zone

Note
thanks in advance and sorry for this too question but Zoning and virtualization is very interest topic to learn and also have a lot of advantage

I am a newbie for solaris ,I just follow the doc to set up zone step by step
but at last ,I met some problems when I used zlogin to login ,although the zone seems be running.
1.
root@opensolaris-vm:~# zoneadm list -vc
ID NAME STATUS PATH BRAND IP
0 global running / native shared
5 mysql1 running /zone/mysql1 ipkg shared

  • mysql2 configured /zone/mysql2 ipkg shared

root@opensolaris-vm:~# zlogin -C mysql1
[Connected to zone 'mysql1' console] 69/69
Reading ZFS config: done.
Mounting ZFS filesystems: (1/5)cannot mount 'rpool/zone': Insufficient privileges
cannot mount 'rpool/zone/mysql1': Insufficient privileges (5/5)
svc:/system/filesystem/local:default: WARNING: /usr/sbin/zfs mount -a failed: exit status 1
Nov 6 18:18:48 svc.startd[3996]: svc:/system/filesystem/local:default: Method "/lib/svc/method/fs-local" failed with exit status 95.
Nov 6 18:18:48 svc.startd[3996]: system/filesystem/local:default failed fatally: transitioned to maintenance (see 'svcs -xv' for details)

root@opensolaris-vm:~# zfs list
NAME USED AVAIL REFER MOUNTPOINT
rpool 4.70G 2.62G 77.5K /rpool
rpool/ROOT 3.86G 2.62G 19K legacy
rpool/ROOT/opensolaris 3.86G 2.62G 3.72G /
rpool/dump 256M 2.62G 256M -
rpool/export 260M 2.62G 21K /export
rpool/export/home 260M 2.62G 243M /export/home
rpool/export/home/vmplanet 16.7M 2.62G 16.7M /export/home/vmplanet
rpool/zone 341M 2.62G 21K /zone
rpool/zone/mysql1 341M 2.62G 19K /zone/mysql1
rpool/zone/mysql1/ROOT 341M 2.62G 19K legacy
rpool/zone/mysql1/ROOT/zbe 341M 2.62G 341M legacy
rpool/zone/mysql2 19K 2.62G 19K /zone/mysql2

root@opensolaris-vm:~# ls -l /zone/
total 2
drwx------ 4 root root 4 2009-11-07 10:17 mysql1

root@opensolaris-vm:~# zonecfg -z mysql1 info
zonename: mysql1
zonepath: /zone/mysql1
brand: ipkg
autoboot: false
bootargs:
pool:
limitpriv:
scheduling-class:
ip-type: shared
hostid:
net:
address: 192.168.89.125/24
physical: pcn1
defrouter not specified

And who can explain the add dataset step in zonecfg ?
I mean when should I use add dataset ,in my configuration ,no dataset was set,but it also works .

It is certainly a very bad idea to inherit /etc which contains configuration files that must be unique to each zone. It might even break the global zone.

Give us link to doc you used to create mysql1 zone. As for adding datasets, it is used to delegate full control over added ZFS filesystem to zone, so within that zone new ZFS filesystems can be created, as well as snapshots etc.

thanks sir for your effort
did you know how to reconfigure zone already exist?
vi command
please explain

tks a lot ,but from the info I pasted ,could you give me some solution?

Well I've never seen that problem before so I don't know what might go wrong. So steps you used to create that zone would help very much. I can see you have another zone there. Is it working? No problems with mounting ZFS in mysql2?

If you want to completely reset zone's configuration, then login to zone through console (zlogin -C) and execute:

# sys-unconfig

Zone will reboot, and after that it will prompt you to enter configuration info.

Be carefull not to execute sys-unconfig from global zone.

thanks bartus11 for your reply
i am specially asking about
1- if you assign for example 25% from processor to zone already exist
2- if you assign for example 25% from memory to zone already exist
3- add new folder to this zone it was in global zone and inherit from this folder
how to reconfigure
if you have any reference about all zone option i appreciated this for you
i am try to google about this topic but i did'nt found completed reference

thanks
Max

It is all done via zonecfg command. Visit man pages section 1M: System Administration Commands - Sun Microsystems

For assigning maximum CPU time for zone check "capped-cpu" keyword.
For assigning maximum memory check "capped-memory" keyword.
For adding directory to zone, check "fs" and "dataset" keywords. There are nice examples at the end of that man page, so you should check them too.

thanks bartus11 for your reply
i will going through man page

Folk, this what you just said is not true. # sys-unconfig should be used for local zone configuration from scratch, it has nothing to do with inherit directories from global zone.
If you would like to change global configuration for mentioned zone, you should use zonecfg -z zone_name, or eventually if you know what you are doing vi /etc/zones/zone_name.xml.
For claiming CPU you should use FSS / scheduling class / and not "capped-cpu".
This just for your info.....

Well I just little misunderstood what he wants to do :stuck_out_tongue_winking_eye: He cleared that up in further posts.

The reason you see "insufficient privileges" is that the zone doesnt actually own the underlying hardware devices. Run the dladm show-dev command in the global zone and it will work.

Zones dont own hardware devices and cant really run commands at hardware levels. Snoop is another command which doesnt work too well within a zone, even if you make the NIC exclusive to it.

SBK