Changing hostname in Solaris

I had to change the host name in one of Solaris zones today, and just out of curiousity looked into /etc/init.d/network script. That’s how I learned a new (to me) option of the uname command, which seems to be specific to Solaris: uname -S <newhostname>.

So here’s a very simple procedure for updating the hostname of your Solaris 10 server.

[Read more…]

Shared-IP and Exclusive-IP in Non-Global Solaris Zones

Just a few days ago I’ve been busy configuring one of the Solaris 10 zones on a DMZ server, and sure enough I hit one of the most common IP-related issues with non-global zones.

Shared IP configuration for non-global Solaris zones

By default, non-global zones will be configured with a shared IP functionality. What this means is that IP layer configuration and state is shared between the zone you’re creating and the global zone. This usually implies both zones being on the same IP subnet for each given NIC.

Shared IP mode is defined by the following statement in zone configuration:

set ip-type=shared

[Read more…]

Solaris 10 update 7 (5/09) release

Last week yet another update of Solaris 10 OS was released: Solaris 10u7.

What’s new in Solaris 10 update 7?

  • ZFS support when cloning a Solaris zone – quite a useful tool for someone who always copied the files of Solaris zones. I personally did similar cloning myself, but it’s handy that now ZFS cloning is supported in the zoneadm command itself.
  • IPsec – SMF services – Service Management Framework now manages all the necessary IPsec functionality with traditionally thorough approach: interface consistency, restarting anf fault-tracking are all provided. SMF services for IPsec are: ipsec/policy, ipsec/ike, ipsec/manual-key and ipsec/ipsecalgs.
  • SunSSH with OpenSSL PKCS#11 Engine support – this opens way for more optimal use of hardware crypto accelerators.
  • iSCSI Target improvements – greatly improved iSNS (Internet Storage Name Service) support, updates for improved interoperability. Most common iSCSI initiators are now supported
  • NetXen 10-GigE driver – a new NIC driver called ntxn will make it possible to use 10-Gigabit cards on your x86 platform
  • New locale support – greetings go to Kazakhstan and Ukraine which are now fully supported

This isn’t a full list of improvements, so if you’re interested in all the details – please read the official What’s New in Solaris 10 update 7 doc.

Solaris 10 u7 screenshots gallery

I’ve uploaded a few screenshots for you, nothing revolutionary but will still give you an idea if you have never seen Solaris 10 before:

See also:

Solaris 10 zones: part one – a working example

Many of you have already heard about Solaris 10 zones – it’s a virtualization technology which allows you to create isolated and secure environments for running applications. For end-users these environments look just like separate abstract machines with Solaris 10 installed on them. Inside each zone, all the processes don’t see anything happening in all the other zones on a system. Isolation is done on such a level that processes of one zone can’t see or affect processes of any other zone.

All of this is done on a software level, and by default every Solaris 10 machine has a global zone – only from this zone you can view processes of all the rest zones on your system. You probably didn’t even notice, but upon the completion of your Solaris 10 install, you’re immediately put into the global zone. It’s very easy to see this zone:

solaris# zoneadm list -vc
ID NAME             STATUS         PATH
0 global           running        /

[Read more…]

Zones in Solaris 10: part two – types of resources

Now that we know how to create non-global zones in Solaris, it’s probably time to learn some basics of zones configuration. Most work is done with zonecfg which has been mentioned in my Solaris zones: a working example post.

Example of fully configuring a Solaris 10 zone

For starters, let’s have a look at the full configuration of our zone. You’ve probably guessed by now, that we only specified the minimal number of parameters when creating our zone. Now I’ll show you how to get a full view of our zone’s configuration, and I’ll also talk a bit about types of resources you can allocate to a non-global zone.

[Read more…]

Solaris 8 Migration Assistant (Project Etude)

I’ve finally completed my first successful experiment with Solaris 8 Migration Assistant (S8MA) today – a new product from Sun which allows you to run Solaris 8 branded zones. It’s a fully and officially supported solution (for an extra price), but you can download the free 90-day trial to play with it and understand how really cool it is.

Why use Solaris 8 zones?

First of all, just a few words about the niche for this product. Many companies are rather conservative about their Solaris upgrades. Most systems are still running Solaris 8, if not something older. Quite often this is also dictated by third-party software dependencies – products which were bought and configured for Solaris 8, which are now so tightly integrated that there isn’t an easy way to migrated them into Solaris 10. Such systems are doomed for slow but very expensive death. Expensive, because with every year the hardware support for  servers capable of running Solaris 8 raises again and again.

[Read more…]

Zones in Solaris 10: part three – sparse root and whole root

If you have just arrived at this page, then you might want to start with Solaris 10 zones: a working example and Solaris 10 zones: resource types posts. Today I’ll tell you about root filesystem models for non-global zones in Solaris.

Two filesystem models in Solaris 10 zones

As you probably know, there are two such models in Solaris 10: sparse root and whole root. The former approach means that the newly created non-global zone’s root filesystem will only partially consist of actually copied into it packages and files, the rest will be inherited from the global zone. Such a model needs approximately 100Mb of disk space per zone, which is obviously much less than a full Solaris 10 installation, which happens in a case of a whole root approach. I’ve already mentioned this earlier.

[Read more…]