Re: [zones-discuss] Liveupgrade on cluster with zones
On 02/08/13 10:08, Habony, Zsolt wrote: Hello, I try to use lucreate on a cluster node, where there is failover zone on the other node. so LU with failover zones is pretty much not supported really, or at least not well documented or tested either. There is a doc that I put together a few years ago. https://blogs.oracle.com/patch/resource/luzones.pdf Now beaware that this doc is slightly out of date ( need to update it,more for LU that cluster ). Hartmut also has a doc that I attached. Son in general, there are a few manual steps, one has to complete, for instance after the boot to the ABE, one has to export the pool, then online the RG that controls the failover zone. Need to docuemnt that part. Bug 15789658 is also recently opened for LU + failover zones. Enda lucreate fails saying that zone cannot be mounted, which is true, as it is switched over to the other node. At the moment I would like to use it to create a contingency boot environment, but I planned to use it for patching as well. In a clustered environment with many zones, ( assuming that they are distributed between the two nodes) can I make lucreate work somehow ? I did not find any switch for excluding zones, and some zones are obviously cannot be mounted as they are one SAN, switched to the other node. [root@V0006 ~]# lucreate -C /dev/dsk/c0t5000CCA03C3F8CF4d0s0 -n ABE -p v0006-ABE Analyzing system configuration. Updating boot environment description database on all BEs. /zones/testzone/root must not be group readable. /zones/testzone/root must not be group executable. /zones/testzone/root must not be world readable. /zones/testzone/root must not be world executable. could not verify zonepath /zones/testzone/root because of the above errors. zoneadm: zone testzone failed to verify ERROR: Failed to mount non-global zone testzone ERROR: All required PBE file systems are not mounted. Thank You, Zsolt Habony Senior Infrastructure Specialist Unix, Linux, Virtualization Team EMEA Production Engineering, Midrange and Storage HP Enterprise Services Telephone+36 1 279 8629 Mobile+36 70 93 88 077 emailzsolt.hab...@hp.com mailto:zsolt.hab...@hp.com Bartók Béla út 43-47 / Budapest, 1114 hplogo_forsignature.png ___ zones-discuss mailing list zones-discuss@opensolaris.org LU_with_SC32-v3.odt Description: application/vnd.oasis.opendocument.text ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] Upgrade Branded Zone OS
On 20/09/2012 12:17, Ajmal Chungath wrote: Is this possible to upgrade Solaris Solaris 9 12/03 s9s_u5wos_08b SPARC to Solaris 9 with Update 6 which running as Branded Zone ? Please reply me with the procedure if possible . Hi Ajmal if you mean upgrade a branded zone running 12/03 to s9u6, then no, there is no upgrade facility in s9/s8 branded zones. They can patch it to the latest kernel patch for u9 etc. But what exactly are you trying to solve, does some software require later update? or is this for a bug fix in later u9? Enda Regards Ajju ___ zones-discuss mailing list zones-discuss@opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] zones toast after updating Solaris 11 Express system
Hi According to this your global zone is at 151 ie express Global zone version: entire@0.5.11,5.11-0.151.0.1:20101105T054056Z in global zone run pkg info entire if that says 151 then can i see pkg publisher If that points to s11 can I see pkg update -nv '*@latest' Enda On 11/02/2012 14:06, gerard henry wrote: i exactly have the same problem, but detach; attach -u didn't solve it But it seems that the attach -u doesn't upgrade, according to the messages: # zoneadm -z www attach -u Log File: /var/tmp/www.attach_log.LGaqKg Attach Path: /zones/www/root Attach ZFS Dataset: rpool/zones/www/ROOT/zbe-4 Installing: Using pre-existing data in zonepath Global zone version: entire@0.5.11,5.11-0.151.0.1:20101105T054056Z Non-Global zone version: entire@0.5.11,5.11-0.151.0.1:20101105T054056Z Cache: Using /var/pkg/publisher. Updating non-global zone: Output follows No updates necessary for this image. Updating non-global zone: Zone updated. Result: Attach Succeeded. after the system has booted with: SunOS Release 5.11 Version 151.0.1.12 64-bit I don't understand what you said with pkg -R ... image-update ? thanks in advance for help, 2011/10/5 Ian Collins i...@ianshome.com mailto:i...@ianshome.com On 10/ 5/11 09:26 PM, casper@oracle.com mailto:casper@oracle.com wrote: Before I go through the pain of logging a support call, has anyone seen or fixed the following problem: I ran an update on a fresh Solaris 11 Express system from the support repository and after restarting, all the systems zones are dead. The zone consoles report: SunOS Release 5.11 Version 151.0.1.8 64-bit Copyright (c) 1983, 2010, Oracle and/or its affiliates. All rights reserved. Requesting System Maintenance Mode (See /lib/svc/share/README for more information.) svc:/system/early-manifest-__import:default signalled: SYS The zones run an older version of the Solaris software and as a result its libc doesn't match the kernel and the binaries will fail. I think you will need to upgrade all your zones too It might be something simple as zoneadm detach; zoneadm attach -u but make sure that you keep sufficient save sufficient information to reinstall the zones; and make sure you try this on one zone first before you detach all of them. It might be possible to update the zones also using pkg -Rzoneroot image-update after you've mounted the root filesystem. Thanks Casper! I really should tattoo zoneadm detach; zoneadm attach -u inside my eyelids! -- Ian. _ zones-discuss mailing list zones-discuss@opensolaris.org mailto:zones-discuss@opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] zones toast after updating Solaris 11 Express system
On 11/02/2012 14:15, Enda O'Connor wrote: Hi According to this your global zone is at 151 ie express Global zone version: entire@0.5.11,5.11-0.151.0.1:20101105T054056Z in global zone run pkg info entire if that says 151 then can i see pkg publisher If pkg is set to s11 repo and if entire is at 151 run pkg update pkg init 6 on reboot pkg update if any of these fail add -nv to see what gives. Enda If that points to s11 can I see pkg update -nv '*@latest' Enda On 11/02/2012 14:06, gerard henry wrote: i exactly have the same problem, but detach; attach -u didn't solve it But it seems that the attach -u doesn't upgrade, according to the messages: # zoneadm -z www attach -u Log File: /var/tmp/www.attach_log.LGaqKg Attach Path: /zones/www/root Attach ZFS Dataset: rpool/zones/www/ROOT/zbe-4 Installing: Using pre-existing data in zonepath Global zone version: entire@0.5.11,5.11-0.151.0.1:20101105T054056Z Non-Global zone version: entire@0.5.11,5.11-0.151.0.1:20101105T054056Z Cache: Using /var/pkg/publisher. Updating non-global zone: Output follows No updates necessary for this image. Updating non-global zone: Zone updated. Result: Attach Succeeded. after the system has booted with: SunOS Release 5.11 Version 151.0.1.12 64-bit I don't understand what you said with pkg -R ... image-update ? thanks in advance for help, 2011/10/5 Ian Collins i...@ianshome.com mailto:i...@ianshome.com On 10/ 5/11 09:26 PM, casper@oracle.com mailto:casper@oracle.com wrote: Before I go through the pain of logging a support call, has anyone seen or fixed the following problem: I ran an update on a fresh Solaris 11 Express system from the support repository and after restarting, all the systems zones are dead. The zone consoles report: SunOS Release 5.11 Version 151.0.1.8 64-bit Copyright (c) 1983, 2010, Oracle and/or its affiliates. All rights reserved. Requesting System Maintenance Mode (See /lib/svc/share/README for more information.) svc:/system/early-manifest-__import:default signalled: SYS The zones run an older version of the Solaris software and as a result its libc doesn't match the kernel and the binaries will fail. I think you will need to upgrade all your zones too It might be something simple as zoneadm detach; zoneadm attach -u but make sure that you keep sufficient save sufficient information to reinstall the zones; and make sure you try this on one zone first before you detach all of them. It might be possible to update the zones also using pkg -Rzoneroot image-update after you've mounted the root filesystem. Thanks Casper! I really should tattoo zoneadm detach; zoneadm attach -u inside my eyelids! -- Ian. _ zones-discuss mailing list zones-discuss@opensolaris.org mailto:zones-discuss@opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] Problem booting Solaris 10 zone imported form Solaris 11 express
On 12/14/11 15:16, Mike Gerdts wrote: On Wed 14 Dec 2011 at 05:10PM, Ian Collins wrote: On 12/14/11 05:06 PM, Mike Gerdts wrote: On Wed 14 Dec 2011 at 05:02PM, Ian Collins wrote: On 12/14/11 04:54 PM, Ian Collins wrote: On 12/14/11 04:48 PM, John D Groenveld wrote: In message4ee8183b.2050...@ianshome.com, Ian Collins writes: The zone originally came from a Solaris 10 update 9 system. How do I go about patching it? Can you v2v the zone back to an S10 system and then apply the latest patches there? I was hoping no one would suggest that! That's probably harder than it appears, the zone's root zfs filesystems have been migrated, so they can't be sent back to an older OS version. By this, do you mean that you ran /usr/lib/brand/shared/dsconvert? Yes. You should be able to get out of the situation you are in with: 1. Reboot to the Solaris 11 Express BE root@global# beadm activates11express-be-name root@global# init 6 2. Partially revert the work done by dsconvert In this example, the zone's zonepath is /zones/s10. root@global# zfs list -r /zones/s10 rpool/zones/s103.18G 11.3G51K /zones/s10 rpool/zones/s10/rpool 3.18G 11.3G31K /rpool rpool/zones/s10/rpool/ROOT 3.18G 11.3G31K legacy rpool/zones/s10/rpool/ROOT/zbe-0 3.18G 11.3G 3.18G / rpool/zones/s10/rpool/export 62K 11.3G31K /export rpool/zones/s10/rpool/export/home31K 11.3G31K /export/home The goal here is to move rpool/zones/s10/rpool/ROOT up one level. We need to do a bit of a dance to get it there. Do not reboot or issue 'zfs mount -a' in the middle of this. If something goes wrong and a reboot happens, it won't be disasterous - you will just need to complete the procedure when the next boot stops with svc:/filesystem/local problems. root@global# zfs set mountpoint=legacy rpool/zones/s10/rpool/ROOT/zbe-0 root@global# zfs set zoned=off rpool/zones/s10/rpool root@global# zfs rename rpool/zones/s10/rpool/ROOT/zbe-0 \ rpool/zones/s10/ROOT root@global# zfs set zoned=on rpool/zones/s10/rpool root@global# zfs set zoned=on rpool/zones/s10/ROOT Now the zone's dataset layout should look like: root@global# zfs list -r /zones/s10 NAMEUSED AVAIL REFER MOUNTPOINT rpool/zones/s103.19G 11.3G51K /zones/s10 rpool/zones/s10/ROOT 3.19G 11.3G31K legacy rpool/zones/s10/ROOT/zbe-0 3.19G 11.3G 3.19G legacy rpool/zones/s10/rpool93K 11.3G31K /rpool rpool/zones/s10/rpool/export 62K 11.3G31K /export rpool/zones/s10/rpool/export/home31K 11.3G31K /export/home 3. Boot the zone and patch root@global# zoneadm -z s10 boot root@global# zlogin s10 root@s10# ... (apply required patches) make sure 119254/119255 rev 75 is installed at a minimum ( patch utils patch SPARC/x86 ) before any other patches are applied, that is very important. Then apply u9 kernel patch 142909-17/142910-17 ( SPARC/x86 ) Enda 4. Shutdown the zone root@s10# init 0 5. Revert the dataset layout to the way that dsconvert left it. Again, try to avoid reboots during this step. root@global# zfs set zoned=off rpool/zones/s10/ROOT root@global# zfs set zoned=off rpool/zones/s10/rpool root@global# zfs rename rpool/zones/s10/ROOT rpool/zones/s10/rpool/ROOT root@global# zfs set zoned=on rpool/zones/s10/rpool root@global# zfs inherit zoned rpool/zones/s10/rpool/ROOT 6. Reboot to Solaris 11 root@global# beadm activatesolaris11-be-name root@global# init 6 At this point, the zone should be bootable on Solaris 11. I've filed: 7121298 dsconvert should prevent conversion if not at right S10 patch level Sorry for the troubles you had. ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] Problem booting Solaris 10 zone imported form Solaris 11 express
On 12/14/11 03:30, Ian Collins wrote: Hello, I just tried booting a Solaris 10 branded zone after upgrading its host to Solaris 11 (from Express) and it migrated OK, but won't boot: # zoneadm -z sandpit boot zone 'sandpit': WARNING: vnic3:1: no matching subnet found in netmasks(4): 172.25.48.101; using default of 255.255.0.0. zone 'sandpit': Error: The installed version of Solaris 10 is not supported. zone 'sandpit': SPARC systems require patch 142909-17 zone 'sandpit': x86/x64 systems require patch 142910-17 zone 'sandpit': exec /usr/lib/brand/solaris10/s10_boot sandpit /zoneRoot/sandpit failed zone 'sandpit': ERROR: unable to unmount /zoneRoot/sandpit/root. The zone originally came from a Solaris 10 update 9 system. How do I go about patching it? actually, further to Mike's reply on how to reverse dsconvert, the message above should not have happened if zone was at update 9 level, as update 9 has 142909-17/142910-17, are you sure the zone was at update 9 kernel? Enda ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] Oracle Patches with ID 800???-??
On 11/29/11 16:22, Christian Meier wrote: Hello List, I've got a question about the Patches delivered with the DVD Image with ID Number 800 I've written a script that check the difference between systems, eg. global zone and local zone No I have a different by the patch 800200-15 I need to migrate (detach/attach) a local Zone from a t3 U10 system to U9 with patch-level U10 The patch 800200-15 is not installed on the patched U9 System, because it was shipped with the U10 DVD and is also not included in other patches Is there a description about these 800 patches. ys, they are special patches used to actually build the solaris update, they are never released as they are internal patches used in the update build process, zoneadm is aware of them and ignores them, so they are not an issue for zoneadm attach. Enda Thank you Christian ___ zones-discuss mailing list zones-discuss@opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] Expanding the set of packages installed into a Zone?
On 11/10/11 13:42, Frank Batschulat wrote: On Thu, 10 Nov 2011 14:39:41 +0100, Mike Gerdts mike.ger...@oracle.com wrote: On Thu 10 Nov 2011 at 08:32PM, Ian Collins wrote: On 10/10/11 07:20 PM, Edward Pilatowicz wrote: On Fri, Oct 07, 2011 at 12:23:30PM -0700, Michael Speer wrote: All, I have two questions based on what I have been seeing where I don't see packages of interest being installed into a zone I create when the package exists in the global zone. 1) Where is the list of packages kept that will be installed into new zone? How does this list get modified? by default packages that get installed into a zone are specified in the default AI manifest used to install zones. you can find that manifest here: /usr/share/auto_install/manifest/zone_default.xml I can't see that file (or the auto_instal directory) on any of my systems. Has it moved? That file exists in Solaris 11 as part of the auto-install-common package: $ pkg search /usr/share/auto_install/manifest/zone_default.xml INDEX ACTION VALUE PACKAGE path file usr/share/auto_install/manifest/zone_default.xml pkg:/system/install/auto-install/auto-install-common@0.5.11-0.175.0.0.0.2.1482 With Solaris 11 Express, the list of packages was hard coded into scripts under /usr/lib/brand/ipkg. What are you running? fwiw, on 175b I do have the file but not the package installed which claims to deliver it ;-) osoldev.batschul./.= ls -la /usr/share/auto_install/manifest/zone_default.xml -r--r--r-- 1 root sys 2367 Sep 23 11:54 /usr/share/auto_install/manifest/zone_default.xml osoldev.batschul./.= pkg search /usr/share/auto_install/manifest/zone_default.xml INDEX ACTION VALUE PACKAGE path file usr/share/auto_install/manifest/zone_default.xml pkg:/system/install/auto-install/auto-install-common@0.5.11-0.175.0.0.0.2.1482 hmm, search says it is there locally, what does pkg info say ( drop the -r ) Enda osoldev.batschul./.= pkg info -r auto-install Name: system/install/auto-install Summary: Automated Installer Client Components Description: AI Client Components Category: System/Administration and Configuration State: Not installed Publisher: solaris Version: 0.5.11 Build Release: 5.11 Branch: 0.175.0.0.0.2.1482 Packaging Date: Wed Oct 19 12:26:41 2011 Size: 42.20 kB FMRI: pkg://solaris/system/install/auto-install@0.5.11,5.11-0.175.0.0.0.2.1482:20111019T122641Z ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] Expanding the set of packages installed into a Zone?
On 11/10/11 13:53, Mike Gerdts wrote: On Thu 10 Nov 2011 at 02:42PM, Frank Batschulat wrote: fwiw, on 175b I do have the file but not the package installed which claims to deliver it ;-) That statement is worrisome. I think, however, it is not correct. :) osoldev.batschul./.= ls -la /usr/share/auto_install/manifest/zone_default.xml -r--r--r-- 1 root sys 2367 Sep 23 11:54 /usr/share/auto_install/manifest/zone_default.xml osoldev.batschul./.= pkg search /usr/share/auto_install/manifest/zone_default.xml INDEX ACTION VALUEPACKAGE path file usr/share/auto_install/manifest/zone_default.xml pkg:/system/install/auto-install/auto-install-common@0.5.11-0.175.0.0.0.2.1482 osoldev.batschul./.= pkg info -r auto-install Here you asked the one from the repo (-r == remote). I get the same results if I use the command you used. Without -r things look right. not clear why the -r does this, as i see the same behaviour with -r? With -r, match packages based on the newest available versions, retrieving information for packages not currently installed (if necessary) from the repositories of the image's configured publishers. At least one pack- age must be specified when using this option. Without -r, only installed packages are displayed by default. Name: system/install/auto-install Summary: Automated Installer Client Components Description: AI Client Components Category: System/Administration and Configuration State: Not installed Publisher: solaris Version: 0.5.11 Build Release: 5.11 Branch: 0.175.0.0.0.2.1482 Packaging Date: Wed Oct 19 12:26:41 2011 Size: 42.20 kB FMRI: pkg://solaris/system/install/auto-install@0.5.11,5.11-0.175.0.0.0.2.1482:20111019T122641Z ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] Expanding the set of packages installed into a Zone?
On 11/10/11 13:52, Frank Batschulat wrote: On Thu, 10 Nov 2011 14:50:25 +0100, Enda o'Connor - Oracle Ireland - Software Engineer enda.ocon...@oracle.com wrote: fwiw, on 175b I do have the file but not the package installed which claims to deliver it ;-) osoldev.batschul./.= ls -la /usr/share/auto_install/manifest/zone_default.xml -r--r--r-- 1 root sys 2367 Sep 23 11:54 /usr/share/auto_install/manifest/zone_default.xml osoldev.batschul./.= pkg search /usr/share/auto_install/manifest/zone_default.xml INDEX ACTION VALUE PACKAGE path file usr/share/auto_install/manifest/zone_default.xml pkg:/system/install/auto-install/auto-install-common@0.5.11-0.175.0.0.0.2.1482 hmm, search says it is there locally, what does pkg info say ( drop the -r ) I've deliberately chosen -r because the package is not installed locally I'm unlcear abot this -r as i see same, so what does pkg info auto-install say, might be some obscure thing IPS works, or maybe a bug even :-) Enda osoldev.batschul./.= pkg info -r auto-install Name: system/install/auto-install Summary: Automated Installer Client Components Description: AI Client Components Category: System/Administration and Configuration State: Not installed ^^ Publisher: solaris Version: 0.5.11 Build Release: 5.11 Branch: 0.175.0.0.0.2.1482 Packaging Date: Wed Oct 19 12:26:41 2011 Size: 42.20 kB FMRI: pkg://solaris/system/install/auto-install@0.5.11,5.11-0.175.0.0.0.2.1482:20111019T122641Z ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] Solaris 10 zone migration to Solaris 11 Express
On 07/04/2011 11:34, Ketan wrote: Thanks .. i got it working .. zone is attached and booted .. i remember i read that sparse root zone is not supported anymore in Solaris 11 express. But there is one more question/issue i 've been dealing with. Whenever we migrate a solaris 10u8 zone to a solaris10u8 zone it works fine but later on the live upgrade stucks or gives lots of issues on the target system complaining about the newly migrated zone .. is it very common issue or its just we are facing it. ? Just to be clear, you migrated a NGZ from an s10_u8 system to another s10_u8 system? Not sure what you are exactly doing from above. Do you have the Lu failure that you can copy and paste, along with the zone details, ie the FS it's on etc, lufslist from the current BE and the lucreate etc that was ran, plus what rev of 121430/121431 ( sparc/x86 ) Lu patch was installed. ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] Solaris 10 zone migration to Solaris 11 Express
Hi so this is a bug in the s11 docs, as it does need to mention the libc bit of the step. I will log a bug. Enda On 06/04/2011 17:28, Steve Lawrence wrote: Look for unmount on this page: http://download.oracle.com/docs/cd/E19797-01/817-1592/gjwmp/index.html On 04/ 6/11 06:18 AM, Mike Gerdts wrote: On Wed 06 Apr 2011 at 02:33AM, Ketan wrote: I was testing of migrating the solaris10 zone to solaris 11 express zone. I used cpio to create the archive with following syntax #find db_zone -print | cpio -oP@ | gzip/swdump/ovpidb_zone.cpio.gz Then i created a solaris10 brand zone on the Solaris 11 environment and tried to attach the zone but i got following error. *** zoneadm -z s10zone1 attach -a /home/vneb/ovpidb_zone.cpio.gz Log File: /var/tmp/s10zone1.attach_log.oFaavh Attaching... ERROR: The image was created with an incompatible libc.so.1 hwcap lofs mount. The zone will not boot on this platform. See the zone's documentation for the recommended way to create the archive. I 'm moving solaris 10u8 zone from M5000 to a Ldom2.0 Solaris11 express It sounds like the zone was running when you created the archive. As a result, the version of libc that is optimized for the SPARC64 CPU found in the M5000 was mounted on top of /lib/libc.so.1. On the T-series box that you are moving to, the CPU architecture is different and incompatible with the type of optimization done for the SPARC64 CPU. It looks like you were following the instructions at http://download.oracle.com/docs/cd/E19963-01/html/821-1460/gentextid-12093.html#gcglo but there shut down the zone while creating the archive step seems to be missing. ___ zones-discuss mailing list zones-discuss@opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] zlogin -C does not seem to work for me as expected
On 21/03/2011 16:37, Russ Weingartz wrote:
Hi,
i'm new to this, and working on an older system (s10_06) but am trying to
complete the final configuration steps to adding a zone and any help would be
appreciated
from what i find i need to finish the configuration after the
create/install/boot procedure (those steps seem to have gone fine) using zlogin
commands.
when, as root user, i do zlogin -C i am told i'm connected to the console, and
am presented with a cursor. what next? from what i have seen i should be faced
with a barrage of questions allowing me to complete my steps.
if i wait a while and press return key, i am told i've enered system
maintenance mode at /dev/console and again a cursor presents itself.
so how do i get the questions to show up?
thanks for any assistance.
rosco
Hi what does zoneadm lsit -cv say about zone state
what does ptree -z zonename say is running in the zone.
To automate this one can include a sysidcfg file in zonepath/root/etc
seem man sysidcfg to get an idea of what it might look like
or an example: domain-name and ip adresses changed :-)
root@kilcolgan:/export# cat sysidcfg
name_service=NIS { domain_name=foo.com }
system_locale=C
terminal=vt100
timeserver=patchmenow
timezone=GB-Eire
network_interface=PRIMARY {
hostname=whitecliff
ip_address=100.100.100.100
protocol_ipv6=no
default_route=100.100.100.1
}
security_policy=none
display=workaround:Unknown
pointer=workaround:Unknown
monitor=workaround:Unknown
root_password=blahblah
nfs4_domain=sun.com
root@kilcolgan:/export#
Enda
___
zones-discuss mailing list
zones-discuss@opensolaris.org
Re: [zones-discuss] Zones zone.max-shm-memory setting.
Hi Locked memory is typically used by oracle database, ie ISM/DISM segments etc, not likely to be used on desktop, apps that use shared memory tend to try and pin it in memory to give max performance. I wouldn't think a desktop would need this typically. De On 29/11/2010 19:16, Jordan Vaughan wrote: Locked memory is the same as pinned memory: In other words, pages that won't be paged to disk. Applications can request that pages be locked into memory. The pager won't page locked pages to disk. Regarding an appropriate value for desktop usage: It depends on what kinds of applications you're using. Most applications don't use locked/pinned pages. I don't set this property on my desktop, but you could set it to a small value. (0M?) Jordan On 11/27/10 01:15 PM, Orvar Korvar wrote: At the same time, I would like to ask exactly what is locked RAM? How much is an apropriate value for desktop usage? 2GB? add capped-memory set locked=2GB end ___ zones-discuss mailing list zones-discuss@opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] lucreate failure call to zoneadmd failed
Hi Could we see the zonecfg Enda On 02/11/2010 20:50, Paul Kraus wrote: I apologize for posting here, as this is not specifically an OpenSolaris issue, but I have a support case open and am not making any headway, and I need to complete the LU by the reboot window tomorrow night. - Solaris 10U8 - Current LU and Pkg/Patch admin patches applied - One NG Zone on UFS - OS on UFS - About 300 ZFS datasets - Separate /, /var, /opt Any help or suggestions would be appreciated. df -h -F ufs Filesystem size used avail capacity Mounted on /dev/md/dsk/d7 9.6G 3.6G 5.9G39%/ /dev/md/dsk/d6 5.8G 1.2G 4.5G22%/var /dev/md/dsk/d304.9G 1.8G 3.1G38%/zones /dev/md/dsk/d317.9G 1.8G 6.0G24%/export/home /dev/md/dsk/d324.9G 1.7G 3.2G35%/opt sudo lucreate -n 10U9 -m /:/dev/md/dsk/d0:ufs -m /var:/dev/md/dsk/d4:ufs -m /opt:/dev/md/dsk/d33:ufs Determining types of file systems supported Validating file system requests Preparing logical storage devices Preparing physical storage devices Configuring physical storage devices Configuring logical storage devices Analyzing system configuration. Comparing source boot environmentu8 file systems with the file system(s) you specified for the new boot environment. Determining which file systems should be in the new boot environment. Updating boot environment description database on all BEs. Updating system configuration files. The device/dev/dsk/c5t5000C5000774F56Bd0s0 is not a root device for any boot environment; cannot get BE ID. Creating configuration for boot environment10U9. Source boot environment isu8. Creating boot environment10U9. Creating file systems on boot environment10U9. Creatingufs file system for/ in zoneglobal on/dev/md/dsk/d0. Creatingufs file system for/opt in zoneglobal on/dev/md/dsk/d33. Creatingufs file system for/var in zoneglobal on/dev/md/dsk/d4. Mounting file systems for boot environment10U9. Calculating required sizes of file systems for boot environment10U9. Populating file systems on boot environment10U9. Checking selection integrity. Integrity check OK. Populating contents of mount point/. Populating contents of mount point/opt. Populating contents of mount point/var. Copying. Creating shared file system mount points. Copying root of zonez01.nyc-sed3 to/.alt.tmp.b-xwb.mnt/zones/01-10U9. Creating compare databases for boot environment10U9. Creating compare database for file system/var. Creating compare database for file system/opt. Creating compare database for file system/. Updating compare databases on boot environment10U9. Making boot environment10U9 bootable. ERROR: unable to mount zones: zoneadm: zone 'z01.nyc-sed3': zone root /zones/01-10U9/root is reachable through /zones/01/root/.alt.tmp.b-M7b.mnt zoneadm: zone 'z01.nyc-sed3': call to zoneadmd failed ERROR: unable to mount zonez01.nyc-sed3 in/.alt.tmp.b-0Xe.mnt ERROR: unmounting partially mounted boot environment file systems ERROR: cannot mount boot environment by icf file/etc/lu/ICF.1 ERROR: Unable to remount ABE10U9: cannot make ABE bootable ERROR: no boot environment is mounted on root device/dev/md/dsk/d0 Making the ABE10U9 bootable FAILED. ERROR: Unable to make boot environment10U9 bootable. ERROR: Unable to populate file systems on boot environment10U9. ERROR: Cannot make file systems for boot environment10U9. zoneadm list -icv ID NAME STATUS PATH BRANDIP 0 global running/ native shared 1 z01.nyc- running/zones/01 native shared sudo lustatus Boot Environment Is Active ActiveCanCopy Name Complete NowOn Reboot Delete Status -- -- - -- -- u8 yes yesyes no - 10U9 no no noyes- ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] lucreate failure call to zoneadmd failed
On 11/03/10 08:59, Enda O'Connor wrote: Hi Could we see the zonecfg also what rev of 121430/121431 ( sparc/x86 ), is installed, is the zonepath a mountpoint. zonecfg -z z01.nyc- export Enda Enda On 02/11/2010 20:50, Paul Kraus wrote: I apologize for posting here, as this is not specifically an OpenSolaris issue, but I have a support case open and am not making any headway, and I need to complete the LU by the reboot window tomorrow night. - Solaris 10U8 - Current LU and Pkg/Patch admin patches applied - One NG Zone on UFS - OS on UFS - About 300 ZFS datasets - Separate /, /var, /opt Any help or suggestions would be appreciated. df -h -F ufs Filesystem size used avail capacity Mounted on /dev/md/dsk/d7 9.6G 3.6G 5.9G 39% / /dev/md/dsk/d6 5.8G 1.2G 4.5G 22% /var /dev/md/dsk/d30 4.9G 1.8G 3.1G 38% /zones /dev/md/dsk/d31 7.9G 1.8G 6.0G 24% /export/home /dev/md/dsk/d32 4.9G 1.7G 3.2G 35% /opt sudo lucreate -n 10U9 -m /:/dev/md/dsk/d0:ufs -m /var:/dev/md/dsk/d4:ufs -m /opt:/dev/md/dsk/d33:ufs Determining types of file systems supported Validating file system requests Preparing logical storage devices Preparing physical storage devices Configuring physical storage devices Configuring logical storage devices Analyzing system configuration. Comparing source boot environmentu8 file systems with the file system(s) you specified for the new boot environment. Determining which file systems should be in the new boot environment. Updating boot environment description database on all BEs. Updating system configuration files. The device/dev/dsk/c5t5000C5000774F56Bd0s0 is not a root device for any boot environment; cannot get BE ID. Creating configuration for boot environment10U9. Source boot environment isu8. Creating boot environment10U9. Creating file systems on boot environment10U9. Creatingufs file system for/ in zoneglobal on/dev/md/dsk/d0. Creatingufs file system for/opt in zoneglobal on/dev/md/dsk/d33. Creatingufs file system for/var in zoneglobal on/dev/md/dsk/d4. Mounting file systems for boot environment10U9. Calculating required sizes of file systems for boot environment10U9. Populating file systems on boot environment10U9. Checking selection integrity. Integrity check OK. Populating contents of mount point/. Populating contents of mount point/opt. Populating contents of mount point/var. Copying. Creating shared file system mount points. Copying root of zonez01.nyc-sed3 to/.alt.tmp.b-xwb.mnt/zones/01-10U9. Creating compare databases for boot environment10U9. Creating compare database for file system/var. Creating compare database for file system/opt. Creating compare database for file system/. Updating compare databases on boot environment10U9. Making boot environment10U9 bootable. ERROR: unable to mount zones: zoneadm: zone 'z01.nyc-sed3': zone root /zones/01-10U9/root is reachable through /zones/01/root/.alt.tmp.b-M7b.mnt zoneadm: zone 'z01.nyc-sed3': call to zoneadmd failed ERROR: unable to mount zonez01.nyc-sed3 in/.alt.tmp.b-0Xe.mnt ERROR: unmounting partially mounted boot environment file systems ERROR: cannot mount boot environment by icf file/etc/lu/ICF.1 ERROR: Unable to remount ABE10U9: cannot make ABE bootable ERROR: no boot environment is mounted on root device/dev/md/dsk/d0 Making the ABE10U9 bootable FAILED. ERROR: Unable to make boot environment10U9 bootable. ERROR: Unable to populate file systems on boot environment10U9. ERROR: Cannot make file systems for boot environment10U9. zoneadm list -icv ID NAME STATUS PATH BRAND IP 0 global running / native shared 1 z01.nyc- running /zones/01 native shared sudo lustatus Boot Environment Is Active Active Can Copy Name Complete Now On Reboot Delete Status -- -- - -- -- u8 yes yes yes no - 10U9 no no no yes - ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] lucreate failure call to zoneadmd failed
On 11/03/10 11:10, Paul Kraus wrote: On Wed, Nov 3, 2010 at 6:38 AM, Enda o'Connor - Sun Microsystems Ireland - Software Engineerenda.ocon...@oracle.com wrote: also what rev of 121430/121431 ( sparc/x86 ), is installed, Latest (downloaded yesterday), -53 is the zonepath a mountpoint. No, /zones is a UFS filesystem and the zonepath is /zones/01 xcan we see zonecfg -z zone info and lufslist for the BE's Enda ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] attach -u question
Hi Paula I seem to remember that an RFE for this was mentioned but I cannot locate it if one was logged, the idea beignthat one coudl pass a lsit of packages to update. Enda Paula Van Wie wrote: Does anyone know if this is going to be fixed or has it? Cu uses whole root zones and is wondering if in the future attach -u will update even if SUWN_PKG_ALLZONES is not set to true. Thanks. A number of important non-application packages are not updated when doing 'zoneadm zonename attach -u' because SUNW_PKG_ALLZONES is not defined as true, or no packages that depend on the package have this parameter set to true. The list of packages that do not update on our 10/09 build with zone update on attach are: (This is a short list) SUNWTk SUNWbash SUNWbind SUNWbindr SUNWciu8 SUNWctlu SUNWdtbas SUNWdtdmr SUNWfreetype2 SUNWgtar SUNWgzip SUNWicu SUNWinst SUNWj5cfg -- Enda O'Connor x19781 Software Product Engineering Patch System Test : Ireland : x19781/353-1-8199718 ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] zone attach -u from u6 to u8 issues
On 03/02/2010 22:10, Gael wrote: On Tue, Feb 2, 2010 at 4:10 PM, Gael gael.marti...@gmail.com mailto:gael.marti...@gmail.com wrote: I ran a few test upgrades moving zones from a T5220 u6 system to a u8 system patched with 119254-72 and I keep observing the following packages missing into the end result zone.. I'm really concerned by the pkg/patch tools packages missing ... I have tried to also patch the source system before detaching the zone without success ... when you say patching failed, what exactly occurred when you tried patching the global zone? In whoel root zone, the packaging bits are not pulled into update on attach, but they shoudl never be missing obviously. Do we have an explorer what does pkginfo -p say when run in global zone of affected system Enda Here is a diff of the packages missing in the zone but present in the GZ. SUNWgccruntime SUNWinstall-patch-utils-root SUNWntp4r SUNWntp4u SUNWpkgcmdsr SUNWpkgcmdsu SUNWppror SUNWpprou SUNWproduct-registry-root SUNWs8brandr SUNWs8brandu SUNWstosreg SUNWswmt SUNWwsr2 Is that a known issue ? Regards -- Gael Martinez I reloaded the landing-zone machine with a vanilla U8 image (basic installation, all packages, no patches), and reused the same ufsdump file containing the zone. zoneadm update -u with that version did install the pkg related packages... labs9006.uhc.com:/zones #zoneadm -z apsz0224 attach -u zoneadm: zone 'apsz0224': WARNING: pools facility not active; zone will not be bound to pool 'fss_default_pool'. zoneadm: zone 'apsz0224': WARNING: pools facility not active; zone will not be bound to pool 'fss_default_pool'. Getting the list of files to remove Removing 2520 files Remove 15 of 15 packages Installing 25271 files Add 454 of 454 packages Installation of these packages generated warnings: SUNWcsr SUNWgssc SUNWinstall-patch-utils-root SUNWkrbr SUNWmconr SUNWntpr SUNWpcr SUNWppror SUNWpsr SUNWsacom SUNWwbcor SUNWxwplr VRTSodm Updating editable files The file /var/sadm/system/logs/update_log within the zone contains a log of the zone update. labs9006.uhc.com:/zones #zlogin apsz0224 pkginfo | grep SUNWpkgcmd system SUNWpkgcmdsrSVr4 package commands (root) system SUNWpkgcmdsuSVr4 packaging commands (usr) labs9006.uhc.com:/zones # The same issue was confirmed when testing S10 U4 to U8 upgrades... Will continue toying around tomorrow and will open a case if I don't hear anything from this list. Regards -- Gael Martinez ___ zones-discuss mailing list zones-discuss@opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] SUNWservicetagr and /tmp ?
Hi yes this is expected in solaris 10. some of the scripts create non unique tmp entries. I can dig up bugs for this one most likely, seem to remember logging one myself. Enda On 05/01/2010 15:37, Gael wrote: Hello Was toying around with Solaris 10 U8 x86 (not patches applied) creating 2 zones in parallel and noticed that I was getting different packages errors during the builds. After looking at the log files, apparently both zones build processes were stepping on each other ... Is that a known issue. Being offsite this week, just wanted to check that before opening a fyi case. bash-3.00# cat /export/zone2/root/var/sadm/system/logs/install_log | grep -v success | egrep -v ^$ *** package SUNWservicetagr installed with warnings: /tmp/rbac_SUNWservicetagr_auth_attr_merge.old: No such file or directory mv: cannot unlink /tmp/rbac_SUNWservicetagr_auth_attr_merge: No such file or directory /export/zone2/root/var/sadm/pkg/SUNWservicetagr/install/i.rbac : failed to mv /tmp/rbac_SUNWservicetagr_auth_attr_merge to /tmp/rbac_SUNWservicetagr_prof_attr_merge.old: No such file or directory /tmp/rbac_SUNWservicetagr_prof_attr_merge: failed to get acl entries: No such file or directory /export/zone2/root/var/sadm/pkg/SUNWservicetagr/install/i.rbac : failed to mv /tmp/rbac_SUNWservicetagr_prof_attr_merge to ERROR: attribute verification of /export/zone2/root/etc/security/auth_attr failed pathname does not exist Installation of SUNWservicetagr on zone zone2 partially failed. bash-3.00# uname -a SunOS sanfran 5.10 Generic_141445-09 i86pc i386 i86pc bash-3.00# pkginfo -l SUNWservicetagr PKGINST: SUNWservicetagr NAME: Service Tags (root) CATEGORY: system ARCH: i386 VERSION: 1.0,REV=2007.05.21.20.36 BASEDIR: / VENDOR: Sun Microsystems, Inc. DESC: Service Tags Agent PSTAMP: sparc(re-s10-s01)Tue Nov 27 14:22:24 MST 2007 INSTDATE: Jan 04 2010 15:48 HOTLINE: Please contact your local service provider STATUS: completely installed FILES: 15 installed pathnames 11 shared pathnames 10 directories 17 blocks used (approx) Regards -- Gael Martinez ___ zones-discuss mailing list zones-discuss@opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] Webrev for CR 6909222
Jordan Vaughan wrote: On 12/23/09 12:40 AM, Frank Batschulat (Home) wrote: On Tue, 22 Dec 2009 00:46:00 +0100, Jordan Vaughan jordan.vaug...@sun.com wrote: I need someone to review my fix for 6909222 reboot of system upgraded from 128 to build 129 generated error from an s10 zone due to boot-archive My webrev is accessible via http://cr.opensolaris.org/~flippedb/onnv-s10c Jordan, we probably should update the s10container dev guide to point out that we remove $ZONEROOT/boot/solaris/bin/create_ramdisk and essentially disable bootarchive update within the s10 branded zone ? http://hub.opensolaris.org/bin/view/Community+Group+zones/s10brand_dev_guide there may be ISVs/OEMs that potentially add/change stuff there ? cheers frankB The developer guide is not the best place to post such notices. I don't know which document is most suitable or whether posting such a notice is worthwhile. Thanks, Jordan ___ zones-discuss mailing list zones-discuss@opensolaris.org Hi Jordan Not being too familiar with the underlying technology, I assume s10_boot.ksh is run every boot, as otherwise a patch can deliver create_ramdisk to the system after it's removed. Enda -- Enda O'Connor x19781 Software Product Engineering Patch System Test : Ireland : x19781/353-1-8199718 ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] solaris 10 branded zone
Jerry Jelinek wrote: xx wrote: i installed virtualbox and installed solaris 10 from an iso download. i used the flar command to create s10.flar as directed in: http://hub.opensolaris.org/bin/view/Community+Group+zones/s10brand_dev_guide i then tried to install s10.flar in the solaris 10 branded zone: init...@dogpatch:~# zoneadm -z csuite install -a /virtualbox/s10.flar -u WARNING: skipping network interface 'vnic0_3' which may not be present/plumbed in the global zone. A ZFS file system has been created for this zone. Log File: /var/tmp/csuite.install_log.2raajz Installing: This may take several minutes... Missing etc at /zones/csuite/root Missing etc/svc at /zones/csuite/root Missing var at /zones/csuite/root Missing var/svc at /zones/csuite/root Missing lib/svc at /zones/csuite/root Is this a sparse zone image? The image must be whole-root. Missing sbin/zonename at /zones/csuite/root Is this a sparse zone image? The image must be whole-root. Missing usr/bin/chmod at /zones/csuite/root Is this a sparse zone image? The image must be whole-root. Sanity Check: FAILED (see log for details). ERROR: Result: *** Installation FAILED *** init...@dogpatch:~# zonecfg -z csuite info zonename: csuite zonepath: /zones/csuite brand: solaris10 autoboot: false bootargs: pool: limitpriv: scheduling-class: ip-type: shared hostid: net: address: 192.168.30.4 physical: vnic0_3 defrouter not specified init...@dogpatch:~# did i skip a step? How did you create the flar of the s10 system? Did the s10 system have a zfs root? If so, then you must create the flar using an explicit -L option to specify either a cpio or pax archive. Otherwise the flar will actually contain a zfs send stream of the root pool and that is not suitable for installing a zone (since the zone root must be a dataset, not a pool). I recently integrated the following bug fix to help address this: 6903478 need better error msg for flar made on system with zfs root Jerry Also if the system has a separate /var and is zfs root based, you will need to manually build the cpio archive, ie flar create -L cpio will not work. 6889459 flarcreate using cpio of a system running SUNWCreq zfs root with seperate /var fails. I used the following cd / find . \( \( -fstype nfs -o -fstype autofs \) -prune \) -o -print| egrep -v ^./proc|^./system|^./devices|^./dev|^./export/home|^./home|^./tmp |cpio -oc /export/home/oryx.cpio But that is only if you have zfs root and separate /var. Enda ___ zones-discuss mailing list zones-discuss@opensolaris.org -- Enda O'Connor x19781 Software Product Engineering Patch System Test : Ireland : x19781/353-1-8199718 ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] solaris 10 branded zone
xx wrote: according to my notes, i create the flar with: #flar create -n myflash /export/home/s10-.flar i picked up the command on the video: http://mediacast.sun.com/users/flippedbits/media/s10c-demo-jerry.swf when i installed solaris 10 in virtualbox, i opted for a zfs file system: Sun Microsystems Inc. SunOS 5.10 Generic January 2005 # zfs list NAMEUSED AVAIL REFER MOUNTPOINT rpool 9.27G 6.35G33K /rpool rpool/ROOT 3.51G 6.35G21K legacy rpool/ROOT/s10x_u8wos_08a 3.51G 6.35G 3.51G / rpool/dump 1.00G 6.35G 1.00G - rpool/export 3.77G 6.35G23K /export rpool/export/home 3.77G 6.35G 3.77G /export/home rpool/swap1G 7.35G16K - can i go back and re-install solaris 10 with a UFS and make this flar problem go away? i am only installing solaris 10 on virtualbox to create the branded zone so a re-install will work for me. Hi so flar create -L cpio -n myflash should work for you, but you need the -L cpio bit, ( or pax ), if you had a separate /var dataset you'd need to manually run cpio command. Enda Enda O'Connor x19781 Software Product Engineering Patch System Test : Ireland : x19781/353-1-8199718 ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] Uninheriting a directory
Mike Gerdts wrote: Suppose I have some (SXCE, S10) zones with /opt in in the inherit-pkg-dir list and I want to have that no longer be the case. It seems to me that I could do: zonecfg -z optzone create -t badzone set zonepath=/zones/optzone remove inherit-pkg-dir dir=/opt zoneadm -z optzone install zoneadm -z badzone halt cd /zones/optzone/root find opt | cpio -pdump@ /zones/badzone/root vi /etc/zones/badzone.xml (remove inherit-pkg-dir for /opt line) zoneadm -z badzone boot I know that it is unsupported. Experimentation suggests that it works. What thorny issues exist (aside from resources priorities) that make it so that something like this isn't supported? patching in s10 woudl render this problematic, in particular the presence of an empty undo.Z for inherited package dirs, such that a patch that was added to an inherited /opt woudl not have an undo entries for /opt, so if one changed the zone to not inherit /opt, then ran patchrm it woudl lead to some possible undesired behaviopur, ie bits from patch not removed, particularly relevant to JES products that install to /opt Enda FWIW, I suspect that the real implementation would probably be more like: zoneadm -z badzone detach zoneadm -z badzone attach -u --uninherit /opt Where a single letter option would be added instead of --uninherit. ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] how to have zones with a different solaris 10 version than the host
when build 127 of Opensolaris releases, this will be possible via the s10 brand which will integrate at that stage. Build 126 is the current available build, so 127 won't be far off, a few week perhaps, someone can clarify. If this is needed on Solaris 10 ( ie global must be solaris 10 ), then it is not currently possible. Solaris 10 does not support an s10 brand. Non-global zones running Solaris 10 are virtual copies of the global zone itself. Ldoms does support this, but is only on sun4v by the way. Enda Thomas Elsgaard wrote: Hi Guys I have 2 SUN sparc machines that i would like to consolidate to one machine using the zone/container concept, but the application requires a different version of solaris 10 than the one installed on the host server, how can i handle this? Application requires: Solaris 10 10/08 And my host machine where i would like to have the applications to run in a zone is running Solaris 10 5/09 Is there anyway that i can have a zone runing 10 10/08 on the global zone where the server is running 10 5/09 ? and how is this done? Best regards ///Thomas ___ zones-discuss mailing list zones-discuss@opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] invalid property 'zpdata:rbe'
Hi what was the lucreate command that was run, is there zfs actually involved, ie zones on zfs, need to see more data, as this would seem that an old zfs pool was involved. Enda Larry Forsyth wrote: Performing lucreate and luupgrade from 10 03/05 to 10 10/08, and I get these odd messages. Anyone seen them and what should I be concerned about? sudo luupgrade -u -n Sol10Oct08 -s /mnt 42092 blocks miniroot filesystem is lofs Mounting miniroot at /mnt/Solaris_10/Tools/Boot Validating the contents of the media /mnt. The media is a standard Solaris media. The media contains an operating system upgrade image. The media contains Solaris version 10. Constructing upgrade profile to use. Locating the operating system upgrade program. Checking for existence of previously scheduled Live Upgrade requests. Creating upgrade profile for BE Sol10Oct08. invalid property 'zpdata:rbe' usage: list [-rH] [-o property[,property]...] [-t type[,type]...] [filesystem|volume|snapshot] ... The following properties are supported: PROPERTY EDIT INHERIT VALUES type NO NO filesystem | volume | snapshot creation NO NO date used NO NO size availableNO NO size referenced NO NO size compressratioNO NO 1.00x or higher if compressed mounted NO NO yes | no | - origin NO NO snapshot quota YES NO size | none reservation YES NO size | none volsize YES NO size volblocksize NO NO 512 to 128k, power of 2 recordsize YES YES 512 to 128k, power of 2 mountpoint YES YES path | legacy | none sharenfsYES YES on | off | share(1M) options checksumYES YES on | off | fletcher2 | fletcher4 | sha256 compression YES YES on | off | lzjb atime YES YES on | off devices YES YES on | off execYES YES on | off setuid YES YES on | off readonlyYES YES on | off zoned YES YES on | off snapdir YES YES hidden | visible aclmode YES YES discard | groupmask | passthrough aclinherit YES YES discard | noallow | secure | passthrough Sizes are specified in bytes with standard units such as K, M, G, etc. Determining packages to install or upgrade for BE Sol10Oct08. Performing the operating system upgrade of the BE Sol10Oct08. CAUTION: Interrupting this process may leave the boot environment unstable or unbootable. Upgrading Solaris: 100% completed Installation of the packages from this media is complete. Updating package information on boot environment Sol10Oct08. Package information successfully updated on boot environment Sol10Oct08. Adding operating system patches to the BE Sol10Oct08. The operating system patch installation is complete. INFORMATION: The file /var/sadm/system/logs/upgrade_log on boot environment Sol10Oct08 contains a log of the upgrade operation. INFORMATION: The file /var/sadm/system/data/upgrade_cleanup on boot environment Sol10Oct08 contains a log of cleanup operations required. WARNING: 2 packages failed to install properly on boot environment Sol10Oct08. INFORMATION: The file /var/sadm/system/data/upgrade_failed_pkgadds on boot environment Sol10Oct08 contains a list of packages that failed to upgrade or install properly. INFORMATION: Review the files listed above. Remember that all of the files are located on boot environment Sol10Oct08. Before you activate boot environment Sol10Oct08, determine if any additional system maintenance is required or if additional media of the software distribution must be installed. The Solaris upgrade of the boot environment Sol10Oct08 is partially complete. Installing failsafe Failsafe install is complete. -- Enda O'Connor x19781 Software Product Engineering Patch System Test : Ireland : x19781/353-1-8199718 ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] invalid property 'zpdata:rbe'
Hi what version of 121430|121431 9 sparc|x86 ) is beign used? ie patchadd -p |grep 121430 Enda Larry Forsyth wrote: Hi Enda, lucreate -n Sol10Oct08 -m /:/dev/md/dsk/d2:ufs -m -:/dev/md/dsk/d4:swap -m /var:/dev/md/dsk/d8:ufs No zfs ever used on this server. Very odd to us here. Let me know if you have further questions. Larry -- Enda O'Connor x19781 Software Product Engineering Patch System Test : Ireland : x19781/353-1-8199718 ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] invalid property 'zpdata:rbe'
Hi So I have logged bug 6898159 luupgrade on systems with zfs is giving zfs errors problem is with an lu script that now depends on zpool version 10 ( delivered in update 6, or 137137-09 ) so you have less than 137137-09 ( u6 Ku ) active, uname -a will tell. but it is harmless at the same time for you. Enda Larry Forsyth wrote: Hi Enda, lucreate -n Sol10Oct08 -m /:/dev/md/dsk/d2:ufs -m -:/dev/md/dsk/d4:swap -m /var:/dev/md/dsk/d8:ufs No zfs ever used on this server. Very odd to us here. Let me know if you have further questions. Larry -- Enda O'Connor x19781 Software Product Engineering Patch System Test : Ireland : x19781/353-1-8199718 ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] invalid property 'zpdata:rbe'
Larry Forsyth wrote: Hi... l_for...@mspbkp02:/usr/home/l_forsyt 0 uname -a SunOS mspbkp02 5.10 Generic_118833-36 sun4u sparc SUNW,Sun-Fire-V440 so you're saying this is a zfs issue? Hi No, it'd an Lu issue, it is using a zfs property that only exists if you have 137137-09 ( the u6 ) active, specifically rpdata. So it's an LU bug in that it runs a zfs get for this property, and as you have an earler zpool version that produces an error. Enda ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] Solaris 10 U8 Zone Problem with LU and PCA
deniz rende wrote: Hi Folks, I've been regularly patching my Solaris 10 U8 with Liveupgrade and PCA. I had a zone running on the system which I ended up changing its name. Then I wanted to create a new LU ABE and got the following error: # lustatus Boot Environment Is Active ActiveCanCopy Name Complete NowOn Reboot Delete Status -- -- - -- -- Solaris10U8PCA yes yesyes no - # lucreate -n Solaris10U8PCA01 Checking GRUB menu... System has findroot enabled GRUB Analyzing system configuration. Comparing source boot environment Solaris10U8PCA file systems with the file system(s) you specified for the new boot environment. Determining which file systems should be in the new boot environment. Updating boot environment description database on all BEs. Updating system configuration files. Creating configuration for boot environment Solaris10U8PCA01. Source boot environment is Solaris10U8PCA. Creating boot environment Solaris10U8PCA01. Cloning file systems from boot environment Solaris10U8PCA to create boot environment Solaris10U8PCA01. Creating snapshot for rpool/ROOT/Solaris10U8PCA on rpool/ROOT/solaris10u8...@solaris10u8pca01. Creating clone for rpool/ROOT/solaris10u8...@solaris10u8pca01 on rpool/ROOT/Solaris10U8PCA01. Setting canmount=noauto for / in zone global on rpool/ROOT/Solaris10U8PCA01. zperl: Miscellaneous file system error Configuration not saved. ERROR: Unable to set zonepath to /.alt.tmp.b-t1b.mnt/zoneds/zperl-Solaris10U8PCA01 for zone zperl Saving existing file /boot/grub/menu.lst in top level dataset for BE Solaris10U8PCA01 as mount-point//boot/grub/menu.lst.prev. File /boot/grub/menu.lst propagation successful Copied GRUB menu from PBE to ABE No entry for BE Solaris10U8PCA01 in GRUB menu Population of boot environment Solaris10U8PCA01 successful. Creation of boot environment Solaris10U8PCA01 successful. Although it created the LU environmet, It's got some errors mentioned above. The name of the zone originally was and I changed it to zperl by using zfs rename, and editing zonepath files (index and zperl.xml) I tried to mount this into a temp directory called /b: r...@solix# lustatus Boot Environment Is Active ActiveCanCopy Name Complete NowOn Reboot Delete Status -- -- - -- -- Solaris10U8PCA yes yesyes no - Solaris10U8PCA01 yes no noyes- r...@solix# lumount Solaris10U8PCA01 /b ERROR: unable to mount zones: /b/zonepool/zperl must not be group readable. /b/zonepool/zperl must not be group executable. /b/zonepool/zperl must not be world readable. /b/zonepool/zperl must not be world executable. could not verify zonepath /b/zonepool/zperl because of the above errors. zoneadm: zone zperl failed to verify ERROR: unable to mount zone zperl in /b ERROR: unmounting partially mounted boot environment file systems ERROR: No such file or directory: error unmounting rpool/ROOT/Solaris10U8PCA01ERROR: cannot mount boot environment by name Solaris10U8PCA01 Also I have a strange error in df -h as well. # df -h Filesystem size used avail capacity Mounted on rpool/ROOT/Solaris10U8PCA 67G 7.5G56G12%/ /devices 0K 0K 0K 0%/devices ctfs 0K 0K 0K 0%/system/contract proc 0K 0K 0K 0%/proc mnttab 0K 0K 0K 0%/etc/mnttab swap 1.9G 412K 1.9G 1%/etc/svc/volatile objfs0K 0K 0K 0%/system/object sharefs 0K 0K 0K 0%/etc/dfs/sharetab /usr/lib/libc/libc_hwcap2.so.1 64G 7.5G56G12%/lib/libc.so.1 fd 0K 0K 0K 0%/dev/fd swap 1.9G 100K 1.9G 1%/tmp swap 1.9G32K 1.9G 1%/var/run rpool/export67G21K56G 1%/export rpool/export/home 67G18K56G 1%/export/home rpool 67G43K56G 1%/rpool zonepool67G21K63G 1%/zonepool /vol/dev/dsk/c0t0d0/unnamed_rmdisk:c 1.9G 767M 1.1G41%/rmdisk/unnamed_rmdisk rpool/iscsi_luns67G21K56G 1%/rpool/iscsi_luns df: cannot statvfs /zonepool/zruby: No such file or directory rpool/ROOT/Solaris10U8PCA01/zoneds 67G21K56G 1% /.alt.Solaris10U8PCA01/zoneds The name of the zone was originally zruby and now it is zperl. Could you guys please tell me how to get rid of these messages and get the system back to its feet on this so that I can go ahead and patch it? Best Regards... can
Re: [zones-discuss] Strange error with ZFS Live Upgrade and Zones
Hi I installed zfs root with separate /var on SUNWCall and when I run lucreate/luactivate followed by shutdown -y -g0 -i6, system goes into maintenance mode due to LU not handling the seperate /var The /var is the supported one inside the root dataset dataos/ROOT/solaris10_6 4.64M 25.7G 3.36G / dataos/ROOT/solaris10_6/var 564K 25.7G 76.1M /var I have logged CR 6891469 cannot boot a new zfs based BE created using latest Live Upgrade patch when it has seperate /var for this issue. Enda Jesus Cea wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 sriman wrote: I am suspecting that your child datasets inside the zone are creating problem. I could not look into this today. Tomorrow, I will create a similar configuration for myself and try to reproduce the issue. Will get back to you tomorrow. Any progress?. I have stopped patching my systems because I can not create new BE's :-(. - -- Jesus Cea Avion _/_/ _/_/_/_/_/_/ j...@jcea.es - http://www.jcea.es/ _/_/_/_/ _/_/_/_/ _/_/ jabber / xmpp:j...@jabber.org _/_/_/_/ _/_/_/_/_/ . _/_/ _/_/_/_/ _/_/ _/_/ Things are not so easy _/_/ _/_/_/_/ _/_/_/_/ _/_/ My name is Dump, Core Dump _/_/_/_/_/_/ _/_/ _/_/ El amor es poner tu felicidad en la felicidad de otro - Leibniz -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.8 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQCVAwUBSsyu85lgi5GaxT1NAQIw9gP/dqqZyYX2q9TOV/a3O3Ph5IOSLJ6WEcCz UHUPql+QqQiwp1n9ZLE2/YO7a/sKMxRIcua/qijWTEbVLV7CwnJj9Eb/7X3+K6M0 Vf0+j1koxVZf5H3nSwSLcdQHN7hpngA9HuELleQt5ZIaKPSDweKa2El8su8yIlFU H44vs0j9BNs= =qGWl -END PGP SIGNATURE- ___ zones-discuss mailing list zones-discuss@opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] 121431-43 Live Upgrade Patch
Hi Dick So you do need to login even to download non entitled patches, is it the login screen that you are seeing? if so you just need to login. I have downloaded the patch using a SOA with just public entitlement. If this persists, then I don't know what might be wrong, have checked that patch has public entitlement ( it has ), so should be downloadable by all. If it does persists then log feedback to SunSolve. Enda dick hoogendijk wrote: This needed and adviced (by sun) Live Upgrade Patch can be found on http://sunsolve.sun.com/show.do?target=patches/zos-x10 As all can see the patch is listed there as public so, it should be downloadable for guys without contracts. However, it's NOT. Click on it and you get to the page where you're reminded to renew your contract. Something's wrong. Hope it get available soon and solves my upgrade problems. -- Enda O'Connor x19781 Software Product Engineering Patch System Test : Ireland : x19781/353-1-8199718 ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] Strange error with ZFS Live Upgrade and Zones
Hi This one is unclear to me, you have latest x86 LU patch. coudl you run the luactivate in debug mode export LU_DEBUG_OVERRIDE=20 for a start and send the output on, should have some data of interest to indicate the issue. Enda Jesus Cea wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mark J Musante wrote: PS: If the zones datasets must be children of the current BE dataset, that SHOULD be documented clearly in the manual!. The u7 version of LU should support zones outside of the BE dataset hierarchy. The latest doc pointer I have is this: http://docs.sun.com/app/docs/doc/819-5461/gigek?a=view So... What can I do?. Do you want me to check/test anything?. - -- Jesus Cea Avion _/_/ _/_/_/_/_/_/ j...@jcea.es - http://www.jcea.es/ _/_/_/_/ _/_/_/_/ _/_/ jabber / xmpp:j...@jabber.org _/_/_/_/ _/_/_/_/_/ . _/_/ _/_/_/_/ _/_/ _/_/ Things are not so easy _/_/ _/_/_/_/ _/_/_/_/ _/_/ My name is Dump, Core Dump _/_/_/_/_/_/ _/_/ _/_/ El amor es poner tu felicidad en la felicidad de otro - Leibniz -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.8 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQCVAwUBSrpNcJlgi5GaxT1NAQK8rQP8CpkOYTmzLwg2HDehLyw+0Yj1hxvkoJdp mdajxD1Ux/rRscQEzy/wAC162b1zoHLLlDnrKTZP3nrWwYFbcVqZXaRIbojoyQO8 xtCsXXgvonozIWrfTU10m9PNkAjJH0PkWx8iDwGgR8fmQ5gwoLdGrHbrykoV32JU wxGFIGGCZwo= =BvTc -END PGP SIGNATURE- ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] Strange error with ZFS Live Upgrade and Zones
Hi Coudl I see debug from luactivate, I cannot see anything obvious in lucreate, but this time cut and paste to a text file and attach it, as it easier to work with after. Enda Jesus Cea wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I have a warning when creating the BE. Maybe it is a hint: [r...@stargate-host /]# lucreate -n Solaris10u7-20090923 Checking GRUB menu... System has findroot enabled GRUB Analyzing system configuration. Comparing source boot environment Solaris10u7 file systems with the file system(s) you specified for the new boot environment. Determining which file systems should be in the new boot environment. Updating boot environment description database on all BEs. Updating system configuration files. Creating configuration for boot environment Solaris10u7-20090923. Source boot environment is Solaris10u7. Creating boot environment Solaris10u7-20090923. Cloning file systems from boot environment Solaris10u7 to create boot environment Solaris10u7-20090923. Creating snapshot for datos/ROOT/Solaris10u7 on datos/ROOT/solaris1...@solaris10u7-20090923. Creating clone for datos/ROOT/solaris1...@solaris10u7-20090923 on datos/ROOT/Solaris10u7-20090923. Setting canmount=noauto for / in zone global on datos/ROOT/Solaris10u7-20090923. Creating snapshot for datos/ROOT/Solaris10u7/var on datos/ROOT/Solaris10u7/v...@solaris10u7-20090923. Creating clone for datos/ROOT/Solaris10u7/v...@solaris10u7-20090923 on datos/ROOT/Solaris10u7-20090923/var. Setting canmount=noauto for /var in zone global on datos/ROOT/Solaris10u7-20090923/var. Creating snapshot for datos/zones/stargate on datos/zones/starg...@solaris10u7-20090923. Creating clone for datos/zones/starg...@solaris10u7-20090923 on datos/zones/stargate-Solaris10u7-20090923. WARNING: split filesystem / file system type zfs cannot inherit mount point options - from parent filesystem / file type - because the two file systems have different types. Saving existing file /boot/grub/menu.lst in top level dataset for BE Solaris10u7-20090923 as mount-point//boot/grub/menu.lst.prev. File /boot/grub/menu.lst propagation successful Copied GRUB menu from PBE to ABE No entry for BE Solaris10u7-20090923 in GRUB menu Population of boot environment Solaris10u7-20090923 successful. Creation of boot environment Solaris10u7-20090923 successful. I don't understand the warning. Any pointer [r...@stargate-host /]# zfs get all datos/zones/stargate NAME PROPERTY VALUE SOURCE datos/zones/stargate type filesystem - datos/zones/stargate creation Tue Jul 28 1:01 2009 - datos/zones/stargate used 12.4G - datos/zones/stargate available618G - datos/zones/stargate referenced 606M - datos/zones/stargate compressratio1.74x - datos/zones/stargate mounted yes- datos/zones/stargate quotanone default datos/zones/stargate reservation none default datos/zones/stargate recordsize 128K default datos/zones/stargate mountpoint /datos/zones/stargate inherited from datos datos/zones/stargate sharenfs offlocal datos/zones/stargate checksum on default datos/zones/stargate compression gzip-9 inherited from datos/zones datos/zones/stargate atimeon default datos/zones/stargate devices on default datos/zones/stargate exec on default datos/zones/stargate setuid on default datos/zones/stargate readonly offdefault datos/zones/stargate zonedoffdefault datos/zones/stargate snapdir hidden default datos/zones/stargate aclmode groupmask default datos/zones/stargate aclinherit restricted default datos/zones/stargate canmount on default datos/zones/stargate shareiscsi offdefault datos/zones/stargate xattron default datos/zones/stargate copies 1 default datos/zones/stargate version 3 - datos/zones/stargate utf8only off- datos/zones/stargate normalizationnone - datos/zones/stargate casesensitivity sensitive - datos/zones/stargate vscanoffdefault datos/zones/stargate nbmand offdefault datos/zones/stargate sharesmb offdefault datos/zones/stargate refquota none default datos/zones/stargate refreservation none default
Re: [zones-discuss] Strange error with ZFS Live Upgrade and Zones
Hi What rev of 121430/121431 (SPARC/x86 ) is applied, there are a lot of fixes in later rev's ( 42 is latest ) for zones on zfs. Could I see zfs list zonecfg info on stargate. Enda Jesus Cea wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I am trying to do a live upgrade of a Solaris 10 U7 with zones, and I am finding some errors. Any suggestion is welcomed. I do a lucreate correctly. But when I try to do a luactivate, I find this: [r...@stargate-host /]# luactivate Solaris10u7-20090922_2 System has findroot enabled GRUB Generating boot-sign, partition and slice information for PBE Solaris10u7 ERROR: unable to mount zones: zoneadm: zone 'stargate': zone root /datos/zones/stargate-Solaris10u7-20090922_2/root is reachable through /datos/zones/stargate/root/.alt.tmp.b-ox.mnt zoneadm: zone 'stargate': call to zoneadmd failed ERROR: unable to mount zone stargate in /.alt.tmp.b-T5.mnt ERROR: unmounting partially mounted boot environment file systems ERROR: cannot mount boot environment by icf file /etc/lu/ICF.2 ERROR: Unable to mount the boot environment Solaris10u7-20090922_2. I see some of the filesystems mounted, so I try to unmount them: [r...@stargate-host /]# luumount Solaris10u7-20090922_2 ERROR: No such file or directory: error unmounting /.alt.tmp.b-T5.mnt/var/run ERROR: umount: /.alt.tmp.b-T5.mnt/var/run busy ERROR: cannot unmount /.alt.tmp.b-T5.mnt/var/run ERROR: failed to unmount /.alt.tmp.b-T5.mnt/var/run ERROR: cannot fully unmount boot environment - 1: file systems remain mounted Reading the Solaris 10 documentation I can not see any relevant detail, except that I created my zones under datos/zones (a ZFS dataset) instead of a child of datos/ROOT/Solaris10u7, as showed in every example. I don't know if this is relevant or not. In any case, the zones datasets are snapshottedcloned correctly. If that is the problem, I think I can do a rename of the dataset to move it to the right place, and edit the config files by hand to reflect the new location (/etc/zones). But first I need to know if this is actually the issue. I think that having the zones under datos/zones, being an absolute path independent of the BE (Boot Environment), could be the problem. Could you confirm it?. This is a production machine, so I would like to solve this without disturbing it too much (I can mess a bit with it if necessary). Thanks for any help. PS: If the zones datasets must be children of the current BE dataset, that SHOULD be documented clearly in the manual!. - -- Jesus Cea Avion _/_/ _/_/_/_/_/_/ j...@jcea.es - http://www.jcea.es/ _/_/_/_/ _/_/_/_/ _/_/ jabber / xmpp:j...@jabber.org _/_/_/_/ _/_/_/_/_/ . _/_/ _/_/_/_/ _/_/ _/_/ Things are not so easy _/_/ _/_/_/_/ _/_/_/_/ _/_/ My name is Dump, Core Dump _/_/_/_/_/_/ _/_/ _/_/ El amor es poner tu felicidad en la felicidad de otro - Leibniz -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.8 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQCVAwUBSrlMP5lgi5GaxT1NAQKz4gP/V77F5p5+ToJlkWcSblbZLKkiESxPB/2O nEG4aGo7SVwcuhbjs/gQ6eZNbgb9SxSqUEwdyxGACij4sIqYVkM+ajfXzPVRAEkN S9zLqC67uThCvkBqkfikp34I6/hBa+bPyhIvrzYHafCoQDJviwnjI6pbPontwRU3 qO0LaLtwsrQ= =77AS -END PGP SIGNATURE- ___ zones-discuss mailing list zones-discuss@opensolaris.org -- Enda O'Connor x19781 Software Product Engineering Patch System Test : Ireland : x19781/353-1-8199718 ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] How to determine if a package has a dependency in global zone?
On 08/05/09 13:03, Jacqueline Tse wrote: Hi Hello, On 08/04/09 14:55, Jacqueline Tse wrote: The problem I am trying to solve is when a software scanner is run in a non-global zone, it needs to decide if a package was inherited from the global zone, and exclude it from the report. We don't want to report the same package in the zone because it was inherited from the global zone. I have created a package, ABCDtestpkg, and installed it in the global zone and the non-global zone. pkgparam -v ABCDtestpkg shows neither one of the followings was set: - SUNW_PKG_ALLZONES - SUNW_PKG_HOLLOW - SUNW_PKG_THISZONE So I'm not clear of why you want to report on essentially omit packages that either have 1 ALLZONES=true or 2 have part of their deliverable reside on an inherited directory. 1 is easy enough, but 2 is not doable from within the zone itself. What is the purpose of this tool, is it to identify software that can be managed from within the zone? The tool is used to report information about packages which are installed in the system, which can be run in the global zone, and/or the non-global zone. When this tool is run in the non-global zone, it needs to find out if the package was installed from the global zone, and exclude such package info from the report. Is it possible to find out such info from the command line or API? The aim is not to report the same package multiple times, when it was installed from the global zone and inherited by all the non-global zones? On second thoughts it might be possible to do this to a degree so from within a non-global zone 1 if /var/sadm/pkg/pkg-name/pkginfo has SUNW_PKG_ALLZONES-true then can only be managed from global, else if false then check that no entry in /var/sadm/install/contents for this package lives on an inherited filesystem. /var/sadm/install/contents is a flatfile maintained by patch/packaging tools. grep for say SUNWcsr and you will see the structure, or man -s 4 contents. Still a bit unclear as to the use of this tool, by run in the global and/or non0-global zone, you mean they can be managed ie patched/removed etc? I then removed ABCDtestpkg from the non-global zone, pkgrm indicated there is a dependency in global zone. it is a pkgadd messaging bug, should have said the zone name instead of global zone. [i]zone1 # pkgrm ABCDtestpkg The following package is currently installed: ABCDtestpkg ABCD test package (sparc) 1.0 Do you want to remove this package? [y,n,?,q] y ## Removing installed package instance ABCDtestpkg ## Verifying package ABCDtestpkg dependencies in global zone ok that is a bug in pkgadd, pkgrm in a non-global zone does not do dependency tests int he global zone at all. So above is a typo, should really say Verifying package ABCDtestpkg dependencies in zone1 But why should pkgrm say the package has dependency in the non-global zone, when it was runnning in the non-global zone? it a bug, it should not have said this at all. Perhaps pkgadd/pkgrm should omit the message, if it doesn't check dependency in the non-global zone. yes it should omit the message. Many thanks, Jacqueline ...[/i] How did pkgrm determine ABCDtestpkg has a dependency in the global zone? Are there any API/CLI to find out such info from non-global zone? Solaris 10 5/08 is used. Many thanks, Jacqueline -- Enda O'Connor x19781 Software Product Engineering Patch System Test : Ireland : x19781/353-1-8199718 ___ zones-discuss mailing list zones-discuss@opensolaris.org -- Enda O'Connor x19781 Software Product Engineering Patch System Test : Ireland : x19781/353-1-8199718 ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] Fwd: Live Upgrade and sparse root zones with their own /usr?
Hi I'm a bit late getting in on this thread, so basically each zone in /space will get duplicated, and the new zone will get upgraded, then in luactivate will get renamed, so say you have /space/zone1 lucreate will create a new zone /space/lu-zone1 ( can't remember what the exact name it uses is ) then luactivate of the new BE will rename lu-zone1 to zone1. I guess if space is a consideration? then assuming the upgrade was to u6 ( or better still u7 ), once could detach the zone prior to upgrade, then upgrade just the global zone, and do an zoneadm update on attach of the zones once the global zone has upgraded. NOTE: There are differences between standard upgrade and zone update on attach. Enda On 05/10/09 02:08, Elizabeth Schwartz wrote: Thanks! I still feel like I'm missing two vital pieces of the puzzle. First, for better or worse, the sparse zones were created with separate /usr dirs, using the command: zonecfg:zone_1 remove inherit-pkg-dir dir=/usr Also, I have four zones on one machine (and ten on another!) The four zones are sharing one physical partition, named /space. I don't have enough free partitions to make one for each zone, and Solaris 10 u3 doesn't allow for ZFS roots so I can't use my ZFS SAN partition (another reason to upgrade!) So do I understand correctly that if all my zones live on /space, If I do: lucreate -n newbe -m /space:/dev/dsk/whatver:/ufs liveupgrade will duplicate /space in the new BE and use it for all of the zones that live on /space? And just to complicate matters, on the test server, /space is a heck of a lot bigger than any other free partition. Would this work if I lived dangerously, allow my alternate boot environment to mount /space, and let it update the zones? Recognizing that if the ugrade fails, my zones are toast and I have no rollback (on this particular server, rebuilding the zones would be relatively easy) (I'm obviously going to learn a lot that I can use to redesign my next generation of servers, but meanwhile I'm trying to drag this group into this decade. And the irony is that, when this is all done, I'll have a server I can use as a *proper* test server. And double irony, I'll be at an OS release that'll let me use ZFS root file systems, but I'm not there yet...) thanks for your patience, this is all sort of an emergency because I've got a production server crashing and Sun is insisting that it needs an upgrade or bust - my original plan to do this over a 2-month period and spend lots of time with a test server, is toast. ___ zones-discuss mailing list zones-discuss@opensolaris.org -- Enda O'Connor x19781 Software Product Engineering Patch System Test : Ireland : x19781/353-1-8199718 ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] Zones, Solaris 10 and ZFS...do zones need to sit on rpool ?
Hi As far as I'm aware the latest Lu patches remove this restriction 121430-xx, but I have cc'ed the zfs team for some guidance. Enda Alexander Skwar wrote: Hi! On Mon, Apr 6, 2009 at 19:55, Nicolas Dorfsman n...@unikservice.eu wrote: Le 6 avr. 09 à 19:35, Alexander Skwar a écrit : On Mon, Apr 6, 2009 at 13:46, Nicolas Dorfsman n...@unikservice.eu wrote: I'm waiting for some patch to allow non-local zones to be located out of the rpool before upgrading my customer mainframe (s/mainframe/sf15k/). Is there anybody here who knows if or when it'd be available ? Is it not allowed to have non-global zones on an arbitrary zpool? Who says so? I'm curious, because my zone roots are NOT located on rpool and things *seem* to work fine. Or am I running into some sort of problem by doing this? You could read : I *could* :) In other words : if you never apply patchs, everything's fine. If you'd like to patch, you may need to use some trick (like detaching zone and re-attaching them on a OS supporting your conf). Thanks a lot, I wasn't actually aware of that limitation. Learn something new every day... :/ So...now we're friend you and me, waiting for a patch. :) Yes, seems like. Thanks a lot for reading the important part to me. I appreciate it! Best regards, Alexander -- [ Soc. = http://twitter.com/alexs77 | http://www.plurk.com/alexs77 ] [ Mehr = http://zyb.com/alexws77 ] [ Chat = Jabber: alexw...@jabber80.com mailto:alexw...@jabber80.com | Google Talk: a.sk...@gmail.com mailto:a.sk...@gmail.com ] [ Mehr = AIM: alexws77 ] Sent from Winterthur, ZH, Switzerland ___ zones-discuss mailing list zones-discuss@opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] zone create on sol10u6
On 12/01/08 13:36, Maciej Browarski wrote: Hello, I try to install zone on zfs file system using solaris 10 update 6. I have separate storage pool which is names zone. (mount in /zone). So I type: #zonecfg -z new zonecfg:new create zonecfg:new set zonepath=/zone/new zonecfg:new exit #zoneadm -z new install After that I don't see zone/new filesystems. On Nevada systems I always have separate zfs. In man documentation from zoneadm I read that option -x means that don't use zfs filesystem. Why is this don't working with solaris10u6 ? Regards Hi Could you clarify what you mean by I don't see zone/new filesystems is it that it's not in zfs list, i.e. how did you create /zone/new to start with. Enda -- Enda O'Connor x19781 Software Product Engineering Patch System Test : Ireland : x19781/353-1-8199718 ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] zone create on sol10u6
On 12/01/08 14:09, bob netherton wrote: No Solaris 10u6 does support zones on zfs, but not as cleanly as nevada, there are some differences, as new features are integrated into nevada, then later they might get backported to soalris updates. Reminds me of the car commercial - the suggested price is blah, nicely appointed for blah + $$. As Enda says, zfs and zones are available, but will be nicely appointed in a future release. the automatic creation of the datasets does not work. use of zfs snapshot and clones when cloning a zone do not work.for LU the zoneroots must be datasets (file systems). So just to clarify, the next Lu patch to release ( 121430-30/121431-31, saprc/x86 ) that releases will relax that restriction in terms of upgrade of zones on zfs, basically allowing zones on zfs to live anywhere, ie top level dataset, lower level dataset, or a directory ina dataset ie zfs create zones/zonehome zonecfg : set path=/zones/zonehome/myzone-01 Now the only caveat is that you must also apply this patch to the ABE, prior to booting it, ie apply LU patch 121430-30 to live system run lucreate run luupgrade ( if upgrading from pre u6 ) apply 121430-30 to the new BE using luupgrade -t ( or patchadd -R ) The last step MUST be done prior to luactivate, so even if you are creating a BE for patching ie skipping the luupgrade step, you still need to apply the patch after lucreate and before luactivate. Not doign so can result in not being able to boot back to original BE once new BE is activated. Enda On s10u6 you have to create the zonepath yourself, either mkdir or zfs create, setting appropriate permissions too, If the zoneroot is no present, a mkdir will be done for you. and the permissions will be set correctly. this has been that way since u1 or u2 (u1 IIRC). A zfs dataset will not be automatically created like it does in nevada. and if you do create the zoneroot, make sure and set the permissions to 700 like Enda says - this is only done automatically when we mkdir on your behalf. if you do it then you must do it right. zone1 is on ufs. zone2 will be a similar zone on zfs. /dune/zones/s10u6 is already a dataset (file system). this will (should) be live upgradable. # zonecfg -z zone2 create -t zone1 # zonecfg -z zone2 set zonepath=/dune/zones/s10u6/zone2 # zfs create dune/zones/s10u6/zone2 # chmod 700 /dune/zones/s10u6/zone2 # zoneadm -z zone2 install Preparing to install zone zone2. Creating list of files to copy from the global zone. time passes, stuff happens. bob ___ zones-discuss mailing list zones-discuss@opensolaris.org -- Enda O'Connor x19781 Software Product Engineering Patch System Test : Ireland : x19781/353-1-8199718 ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] zone create on sol10u6
Steve Lawrence wrote: Now the only caveat is that you must also apply this patch to the ABE, prior to booting it, ie apply LU patch 121430-30 to live system run lucreate run luupgrade ( if upgrading from pre u6 ) apply 121430-30 to the new BE using luupgrade -t ( or patchadd -R ) The last step MUST be done prior to luactivate, so even if you are creating a BE for patching ie skipping the luupgrade step, you still need to apply the patch after lucreate and before luactivate. Not doign so can result in not being able to boot back to original BE once new BE is activated. Hey Enda, For clarity, once I'm up and running on a BE with u6 + 121430-30, if I create another ABE for the purpose of patching or upgradeing, do I need to re-apply the latest LU patch to it again? Example: (running u5, the decribed scenerio): patchadd 121430-30 lucreate ABE luupgrade ABE u6 (or perhaps patch up to some u6 KU) luupgrade ABE -t 121430-30 luactivate ABE reboot yes above is necessary Now I want to patch to th next KU, or upgrade to U7) (running u6 or some equivalent ku) patchadd latest u6 lu patch lucreate BBE luupgrade BBE to next KU patch (or maybe update to u7) (do I need to add latest lu patch to BBE??) if you upgrade to u7, you would be ok, if you creating an ABE to patch, id would be ok too, as you'd get the patched LU bits. Just upgrading to u6 is the problem, as you'd end up with the old u6 lu bits. Enda luactivate BBE reboot Comments? -Steve L. ___ zones-discuss mailing list zones-discuss@opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] Issue with zone upgrade on attach
Hi Not a special path, so should be good to just add it in new server. cheers Enda Christophe Dupre wrote: From the global zone: PATCHLIST= From zone being attached: PATCHLIST=139100-01 So I guess I need to install 139100-01 in the new server's global zone ? That makes sense - the original server was 05/08 but had received a recommended cluster in early october, so it is probable that it received some patches that were not rolled into 10/08. Hopefully, the error messages will be improved to provide a hint of what the problem is. Enda O'Connor wrote: Hi Christophe In the zone being attached: zonepath/root/var/sadm/pkg/SUNWgtar/pkginfo file there should be an entry for PATCHLIST= could I see this, and also the one from the target system's global zones pkginfo. Enda Christophe Dupre wrote: Thanks Jerry for the quick reply. I am making progress, but no cigar (yet). Now I have: zoneadm: zone 'X': ERROR: attempt to downgrade package SUNWgtar, the source had patches but this system does not It does not give me a patch number, so I can't add it to the bad_patches file. Or maybe it does ? Is there a list of patches I should add to bad_patches for this to work ? The workaround mentions an attached file, but I don't see it. Thanks, Christophe Dupre -Original Message- From: Jerry Jelinek [mailto:[EMAIL PROTECTED] Sent: Tue 2008-11-18 13:58 To: Christophe Dupre Cc: zones-discuss Subject: Re: [zones-discuss] Issue with zone upgrade on attach Christophe Dupre wrote: Hello, we're having an issue migrating a zone from one server to another. Server A has Solaris 10 x86 05/08 and hosts zone X (spare-root zone). Server B has just been acquired and installed with Solaris 10 x86 10/08 and hosts a number of zones created locally. We would like to move zone X from A to B. We have done a 'zoneadm -z X detach' on A, then did a tar of the zonepath to send it to server B. On server B, we created a zfs /zones/X where we untarred the zone. Then: zonecfg -z X create -a /zones/X zoneadm -z X attach -u This gives: zoneadm: zone 'X': ERROR: attempt to downgrade package SUNWcsr, the source had patch 125098-14 which is not installed on this system From what I can tell, 125098-14 was part of 05/08, not a patch we added to the system after initial setup, and not something we can download. Does anyone have a solution for this ? How can I migrate my zone ? This is bug: 6743776 zone update on attach should ignore all special patches This is escalated and a patch is being developed. The workaround is in the bug report (the workaround is actually the fix). It updates the /usr/lib/brand/native/bad_patches file. You can manually do this as well. Jerry ___ zones-discuss mailing list zones-discuss@opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] Zone Statistics: monitoring resource use of zones
Hi I'd agree with James, the update revision is sometimes a blurry picture, ie cat /etc/release will tell me that my system is 1/06 ( update 1 if I remember correctly ) but if I have applied the latest jumbo kernel patch 137137-09 I essentially have a lot of the u6 functionality ( a lot but not all .. ) so is the system u1 or u6? I tend to say it's u1 patched to u6 kernel, so as to give some idea of the start point and current point, but other than cat /etc/release ( the starting point ) uname -a to give current KU level and ls -tr1 /var/sadm/patch to see patches applied besides current KU plus patchadd -p to just get every patch including patches that are part of the update build. So sometimes an update might be meaningless, ie I can have an x86 FCS system ( from cat /etc/release ) but it has grub,zfs and all the latest zones functionality, just by adding 137137-09, plus the near 30 patches requires to get that on board. To me they probably need a patch automation tool to tell them what is currently available in terms of patching, and they see what they need from that. ie pca -l missing or the like, pca being a solaris patch automation tool from http://www.par.univie.ac.at/solaris/pca/ Enda On 11/18/08 13:58, James Carlson wrote: Glenn Brunette writes: This actually hits on a similar request that I have (but for different reasons). I would like a stable interface from which I could tell the update revision of a system. We have no such thing. It's not clear to me how such a thing would work. Suppose someone installs only the KJP corresponding to U5 on a U4 system -- is that now U5 or U4 or U4++ or something else entirely? If that returns U5, then suppose someone installs a U5 patch not dependent on the KJP onto a U4 system. Is that still U4? What determines U5-ness? If it's dependent on the upgrade process itself, and none of the above would return the answer U5, then suppose someone installs all of the patches for U5 and then installs/removes packages to make the system equivalent to one that had been upgraded. Is that now U5 or is it still something else? Does it make any sense that you can have arbitrary (and improper) subsets of bits on the system and yet you're insisting on returning an effectively scalar result? I have a very large government customer who (as part of their security configuration hardening and assessment) process have a very real need to detect OS version and update levels so that they can determine which actions/checks to apply. You can get the OS version from uname and the list of patches installed from patchadd. assumptions about how the system was installed/maintained). For example, is the feature not present or has it been removed or simply not installed? Is there some difference between those things? That sounds like the realm of metaphysics to me ... if bits aren't present, the why question seems much less interesting. How can the system necessarily know what features _could_ potentially be installed but aren't there? Isn't that everything? If you've installed something and then removed it, would that be different from never having installed it in the first place? (If it is, doesn't that indicate a bug in the removal process?) Perhaps most importantly: how can you use that information? What would you do differently if something had once been installed that you wouldn't do if it had never been installed? Also, the existence of some features also can not be easily tested using automated tools without imposing a great burden on the tool developer. That sounds like a bug that should be fixed. -- Enda O'Connor x19781 Software Product Engineering Patch System Test : Ireland : x19781/353-1-8199718 ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] Issue with zone upgrade on attach
Hi Christophe In the zone being attached: zonepath/root/var/sadm/pkg/SUNWgtar/pkginfo file there should be an entry for PATCHLIST= could I see this, and also the one from the target system's global zones pkginfo. Enda Christophe Dupre wrote: Thanks Jerry for the quick reply. I am making progress, but no cigar (yet). Now I have: zoneadm: zone 'X': ERROR: attempt to downgrade package SUNWgtar, the source had patches but this system does not It does not give me a patch number, so I can't add it to the bad_patches file. Or maybe it does ? Is there a list of patches I should add to bad_patches for this to work ? The workaround mentions an attached file, but I don't see it. Thanks, Christophe Dupre -Original Message- From: Jerry Jelinek [mailto:[EMAIL PROTECTED] Sent: Tue 2008-11-18 13:58 To: Christophe Dupre Cc: zones-discuss Subject: Re: [zones-discuss] Issue with zone upgrade on attach Christophe Dupre wrote: Hello, we're having an issue migrating a zone from one server to another. Server A has Solaris 10 x86 05/08 and hosts zone X (spare-root zone). Server B has just been acquired and installed with Solaris 10 x86 10/08 and hosts a number of zones created locally. We would like to move zone X from A to B. We have done a 'zoneadm -z X detach' on A, then did a tar of the zonepath to send it to server B. On server B, we created a zfs /zones/X where we untarred the zone. Then: zonecfg -z X create -a /zones/X zoneadm -z X attach -u This gives: zoneadm: zone 'X': ERROR: attempt to downgrade package SUNWcsr, the source had patch 125098-14 which is not installed on this system From what I can tell, 125098-14 was part of 05/08, not a patch we added to the system after initial setup, and not something we can download. Does anyone have a solution for this ? How can I migrate my zone ? This is bug: 6743776 zone update on attach should ignore all special patches This is escalated and a patch is being developed. The workaround is in the bug report (the workaround is actually the fix). It updates the /usr/lib/brand/native/bad_patches file. You can manually do this as well. Jerry ___ zones-discuss mailing list zones-discuss@opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] ZFS, Zones and Live Upgrade
Hi there is a bug that means LU does not work if the zone path is a zfs dataset mountpoint, I will dig uo the CR if interested, it is a high priority fix as far as I know due to go into solaris 10 update 6, so should be in snv builds very soon, but I will get the details and send them on. So LU does support zones on zfs at this stage in latest snv builds, and in solaris 10 update 6. Enda Vincent Boisard wrote: Hello, I am trying to find some recent information about Live Upgrade and Zones with zonepath on ZFS. Is it supported now ? As I could not find enough info, I decided to experiment with VMware. I am currently testing with snv_95 with ZFS root. My zone 'test' zonepath is /zones/test (dataset rpool/zones/test) I am trying to upgrade to snv_97. lucreate -c snv_95 -n snv_97 succeeds. (It creates a clone of rpool/zones/test) If my zone is running , luupgrade -u -n snv_97 -s /mnt/cdrom fails with: Creating upgrade profile for BE snv_97. ERROR: unable to mount zones: cannot mount '/zones/test': directory is not empty rpool/ROOT/snv_95 - / zfs - no /devices - /devices devfs - no /dev - /dev dev - no ctfs - /system/contract ctfs - no proc - /proc proc - no mnttab - /etc/mnttab mntfs - no swap - /etc/svc/volatile tmpfs - no xattr objfs - /system/object objfs - no sharefs - /etc/dfs/sharetab sharefs - no /usr/lib/libc/libc_hwcap1.so.1 - /lib/libc.so.1 lofs - no fd - /dev/fd fd - no rw swap - /tmp tmpfs - no xattr swap - /var/run tmpfs - no xattr rpool/export - /export zfs - no rw,devices,setuid,nonbmand,exec,xattr,atime rpool/export/home - /export/home zfs - no rw,devices,setuid,nonbmand,exec,xattr,atime rpool - /rpool zfs - no rw,devices,setuid,nonbmand,exec,xattr,atime rpool/zones - /zones zfs - no rw,devices,setuid,nonbmand,exec,xattr,atime rpool/zones/test - /zones/test zfs - no rw,devices,setuid,nonbmand,exec,xattr,atime /dev - /zones/test/root/dev dev - no /lib - /zones/test/root/lib lofs - no ro,nodevices,nosub /platform - /zones/test/root/platform lofs - no ro,nodevices,nosub /sbin - /zones/test/root/sbin lofs - no ro,nodevices,nosub /usr - /zones/test/root/usr lofs - no ro,nodevices,nosub proc - /zones/test/root/proc proc - no nodevices,zone=test ctfs - /zones/test/root/system/contract ctfs - no nodevices,zone=test mnttab - /zones/test/root/etc/mnttab mntfs - no nodevices,zone=test objfs - /zones/test/root/system/object objfs - no nodevices,zone=test swap - /zones/test/root/etc/svc/volatile tmpfs - no nodevices,xattr,zone=test /zones/test/root/usr/lib/libc/libc_hwcap1.so.1 - /zones/test/root/lib/libc.so.1 lofs - no zone=test fd - /zones/test/root/dev/fd fd - no rw,nodevices,zone=test swap - /zones/test/root/tmp tmpfs - no nodevices,xattr,zone=test swap - /zones/test/root/var/run tmpfs - no nodevices,xattr,zone=test /dev/dsk/c1t0d0p0 - /mnt/cdrom hsfs - no ro,noglobal,maplcase,rr,traildot /dev/lofi/1 - /mnt/cdrom/Solaris_11/Tools/Boot ufs - no rw,intr,largefiles,logging,xattr,onerror=panic /tmp/javaui.cpio.bz2.1902/usr/lib/install/data/wizards - /mnt/cdrom/Solaris_11/Tools/Boot/usr/lib/install/data/wizards lofs - no rpool/ROOT/snv_97 - /a zfs - no rw,devices,setuid,nonbmand,exec,xattr,atime /export - /a/export lofs - no ro,nodevices,nosub /export/home - /a/export/home lofs - no ro,nodevices,nosub /rpool - /a/rpool lofs - no ro,nodevices,nosub /zones - /a/zones lofs - no ro,nodevices,nosub swap - /a/var/run tmpfs - no xattr swap - /a/tmp tmpfs - no xattr zone 'test': zone root /zones/test/root already in use by zone test zoneadm: zone 'test': call to zoneadmd failed ERROR: unable to mount zone test in /a ERROR: unmounting partially mounted boot environment file systems ERROR: cannot mount boot environment by icf file /tmp/.luupgrade.beicf.1902 cat: cannot open /tmp/.luupgrade.tmp.1902: No such file or directory ERROR: Unable to mount ABE disk slices: . ERROR: Unable to mount the BE snv_97. If the zone is not running, luupgrade succeeds by I get a lot of : zlogin: Could not chdir to home directory /root: No such file or directory in the update_log luactivate snv_97 succeeds. Reboot's fine, it boots into the new snv_97 environement but the zone does not seem to be updated: /etc/release still indicates snv_95. By the way, if I boot into the old BE (selecting snv_95) in GRUB, it cannot mount /export because on the root fs, a directory home already exists in /export: (cannot mount '/export': directory is not empty) but /export/home is mounted. If I create a rpool/ROOT/snv_95/zones dataset. when I install my zone, it does not create a dataset for my zone, BUT live upgrade works properly (/etc/release in zone properly updated). However, live upgrade has created a rpool/ROOT/snv_97/zoneds and rpool/ROOT/snv_97/zoneds/test datasets. I am a bit lost. I need my zones to have their zonepath on their own dataset (cloning heavily used). Should abandon the idea of using live upgrade ? Live
Re: [zones-discuss] Can I configure my zones on a ZFS filesystem?
Dick Davies wrote: Ah, that's really interesting ( a bigger deal than ZFS root boot for me). Does Nevada LU support it yet? Or does anyone know when it will? As far as I'm aware it's integrated into nevada ( I will check this out and find out build ), and it will be going into s10 update 6. Enda On Thu, Jun 26, 2008 at 5:46 PM, Enda O'Connor [EMAIL PROTECTED] wrote: Lewis Thompson wrote: http://opensolaris.org/os/community/zones/faq/#sa_zfs states: Q: Can I configure my zones on a ZFS filesystem? A: Solaris 10 Update Release: Support for zonepaths on ZFS is under development. [September 2006] As far as I know it will be available in s10_u6 release, Lu currently does not handle zones on zfs. you can patch zones on zfs, but not upgrade currently. ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] Can I configure my zones on a ZFS filesystem?
Hi When was this, or to be precise what rev of patch utils was installed,119254/11955 SPARC/x86. Patching zones on zfs is supported at this point. Did you report this, what errors did you see etc. The original doc mentioned patch and upgrade, most recent mentions upgrade only.as not being supported. If you install 119254/119255 currently on sunsolve, patching zones on zfs will work, or if it doesn't then you need to report it, as it's a bug. Enda Elizabeth Schwartz wrote: It is NOT resolved in Solaris 10 u3, although the patch documentation does imply otherwise. . I built some zones on zfs root paths under u3 and when I tried to install the 10_Recommended patch cluster, it bombed out at patch 120011-14. I ended up having to blow away all the zones, patch, and rebuild. Note that the original documentation only said that building zones with zfs zonepath would cause a problem with *upgrade*; it now talks about upgrade and *patching*. (Solaris patching seems to do more upgrading than it once did...) On Thu, Jun 26, 2008 at 12:16 PM, Lewis Thompson [EMAIL PROTECTED] wrote: Hi, http://opensolaris.org/os/community/zones/faq/#sa_zfs states: Q: Can I configure my zones on a ZFS filesystem? A: Solaris 10 Update Release: It is possible to install a zone on a ZFS file system. However, at this time, we do not recommend putting the zonepath of a non-global zone on ZFS due to possible problems with upgrading the system to a later Solaris 10 update release. Support for zonepaths on ZFS is under development. [September 2006] It is my understanding that this issue was resolved in Solaris 10u3 (11/06). If so, should this section of the Zones FAQ be updated? Thanks, Lewis ___ zones-discuss mailing list zones-discuss@opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] Can I configure my zones on a ZFS filesystem?
Lewis Thompson wrote: Hi, http://opensolaris.org/os/community/zones/faq/#sa_zfs states: Q: Can I configure my zones on a ZFS filesystem? A: Solaris 10 Update Release: It is possible to install a zone on a ZFS file system. However, at this time, we do not recommend putting the zonepath of a non-global zone on ZFS due to possible problems with upgrading the system to a later Solaris 10 update release. Support for zonepaths on ZFS is under development. [September 2006] It is my understanding that this issue was resolved in Solaris 10u3 (11/06). If so, should this section of the Zones FAQ be updated? Thanks, Lewis ___ zones-discuss mailing list zones-discuss@opensolaris.org Hi As far as I know it will be available in s10_u6 release, Lu currently does not handle zones on zfs. you can patch zones on zfs, but not upgrade currently. Enda ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] Applications supported in Solaris zones
Krzys wrote: Is there any list or something where Sun would list application compatibility? problems with applications and their resolutions? if there is a central resource or something that would be awesome to have. What I am looking for is something of this type: http://www-1.ibm.com/support/docview.wss?uid=swg21233258 http://hursleyonwmq.wordpress.com/2007/03/02/websphere-mq-with-solaris-zones/ It does state that IBM is supporting WebSphere MQ v6.0 in zones and they give you all the information and problems and resolutions. So I was wondering if there was anything similar for any application or is it realy vendor related only? I am working on a project where we have quite a few servers running various applications, we are planning to put all those servers into local zones, so I need to figure out each and every of the application and see first of all if it is supported by vendor and second if there are any problems and resolutions or concerns and such... Anyway help is greatly appreciated, and I will try to share with the list my findings at the end if anyone would be interested at such. ___ zones-discuss mailing list zones-discuss@opensolaris.org Hi Not sure if or where such a list resides, but the following articles might help you get started anyway http://developers.sun.com/solaris/articles/application_in_zone.html#softnotwork http://developers.sun.com/solaris/articles/zone_app_qualif.html enda ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] Sparse vs. Whole Root Zones
Hi Sparse are the way to go if you can get your software to run in a sparse zone. Failing that then whole-root, else you can use an in between one, ie only inherit /platform /sbin /lib and leave /usr writable. The patch/packaging tools are not hard coded in this respect, so won't care which dirs are inherited or not. but you'll need to determine what apps need which dirs writable, and also what priviledges etc these apps require, see previous links I sent on, in this regard. But in my experience most apps should run in one form or another, ie oracle will run fine in a sparse zone for instance. Enda Krzys wrote: I was just wondering of why someone might choose Sparse vs. Whole Root Zones, what are the benefits of one over the other, I need to decide in my new data center which one should I be using since there is no easy way to switching between them after they are created at least from Sun's support perspective. So when I set my standard of creating zones I have to make sure that I have no need to going from the one that is selected into the other if such would be required... So in other words I wanted to cover all benefits for both and chose best alternative for my standards. On Fri, 30 May 2008, Enda O'Connor wrote: Krzys wrote: I am not sure if this question was already asked or not, but can you please tell me or point me to links where I can find what are the benefits or problems to have Sparse vs. Whole Root Zones? Here is what I have so far, please correct me if I'm wron on any of them. Whole Root Zones * Each zone is assigned its own root file system and cannot see that of others the bit about cannot see that of others applies to any type of zone ( sparse branded etc ) * A zone can be created as a whole-rootzone The zone gets its own writable copy of all Solaris file systems it gets it's own writable copies of /usr /platform /sbin /lib to be percise, along with all the otehr file systems. * Advantages of a whole root zone installation of software such as WebSphere MQ v6.0 is easily acomplished since MQ must be installed into an environment where /opt and /usr are writable. portability yes, some software does require writable /usr Sparse Zones The default file system configuration is called a sparse-rootzone yes The zone contains its own writable /etc, /var, /proc, /dev these are writable in any zone type assuming default install. Inherited file systems (/usr, /lib, /platform, /sbin) are read-only mounted via a loopback file system (LOFS) yes /opt is a good candidate for inheriting possibly, but depends really on whether you want your zone to be able to write to /opt or not. * Advantages of a sparse root zone Faster patching and installation due to inheritance of /usr and /lib yes Read-only access prevents trojan horse attacks against other zones not really applicable as such in my opinion, each sparse root zone will see the global zone's /usr for instance. But cannot modify /usr in any way. Libraries shared across all zones reducing VM footprint yes, but not really an issue unless you run a massive amount of zones and don't have resources to cope. BTW if you just want /usr writable, then you could leave the other file systems such as /lib /platform and /sbin as inherited. But it depends on what software you are trying to install ( and where it wants to write to ) Enda ___ zones-discuss mailing list zones-discuss@opensolaris.org !DSPAM:122,48400c3126842021468! ___ zones-discuss mailing list zones-discuss@opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] convert sparse zone to whole root zone?!?
Krzys wrote: Is there way to convert sparse solaris zone to whole root zone? if yes what or how could I do that? Is it even possible to do so? ___ zones-discuss mailing list zones-discuss@opensolaris.org Hi No it's not possible, currently you'd have to uninstall/delete the sparse zone and re do it as a whole root zone. Why is it necessary to do this out of interest. Enda ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] WARNING
Sanjay Akula wrote: Did anybody saw this WARNING messages while loading patch cluster what does it means. Installing 120011-14... /kernel/drv/sparcv9/fcp: undefined symbol 'fc_ulp_hold_remote_port' WARNING: mod_load: cannot load module 'fcp' WARNING: fctl: ULP FCSM version mismatch; please upgrade FCSM Can any one suggest me the solution. -- Regards, SysAdmin ___ zones-discuss mailing list zones-discuss@opensolaris.org Hi The only time I have seen this is in the following scenario user adds patch a-03 which delivers a newer incompatible kernel module ( by incompatible I mean that the new module depends on say a new genunix not loaded till next reboot )say module fcp-version3,without forcing a load of the old module it is replacing, later in the same patch session user applies 120011-14, which deliver fcp-version4 ( a newer incompatible fcp module ), but due to how this patch 120011-14 is installed, patchadd actually forces a load of the existing modules including the incompatible fcp-version3, leading to the warning. These are benign and once a reboot has occurred, order will be restored, as the new genunix in 120012-14 will be compatible with the new fcp module. so I suspect you applied another patch before 120011-14 that also delivered fcp module. Enda ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] Patches vs Updates - Zone Features
roush wrote: Hi Enda, Enda O'Connor ( Sun Micro Systems Ireland) wrote: Ellard Roush wrote: Hi, Solaris 10 update 4 introduced the BrandZ feature set. Solaris 10 update 5 will introduce more zone features. Today Sun Cluster requires the the Solaris 10 release be at least up to the Solaris 10 update 3 level. We are proposing to ship a new feature in Sun Cluster that will use the BrandZ feature set and support the new zone features in Solaris 10 update 5. Naturally, this new feature will only be operational when the customer installs Solaris 10 update 5. There are at least 2 ways to load new software. 1) Install the Solaris 10 update 5 release In this case we know that everything works fine. 2) Install patches for Solaris 10 update 5. This approach loads all of the bug fixes, and does not load the new packages. If a customer installs patches, will BrandZ and all the new zone features of Solaris 10 update 5 work ? Or will the customer just get the bug fixes ? they'll get everything in this case. 127127-11/127128-11 is the u5 kernel patch that will deliver all this. What features are you interested in. We are using the BrandZ framework to support a cluster Brand zone that is the same as the native Brand zone with hooks added for our software. For example, we use the callbacks to learn when zones change state up vs down, while we still execute the original native brand functionality in these cases. We are going support a Zone Cluster, which is a virtual cluster, where each virtual node is a cluster brand zone. This will enable us to support cluster applications inside a zone environment. This means that we need S10u4 in order to get the BrandZ feature set. We also would like to support the new zone features of S10u5, which will probably include hard caps on CPU's. yep. the patch 127127-11/127128-11 (SPARC/x86 ) will deliver this then. Enda As for installing patcehs on zones systems there are a few things they need to be aware of. 1 install latest patch utils first (119254/119255) 2 always run patchadd -a patch-id first before installing the patch. the -a does a dryrun and especially in the case of zones, will catch issues like zones dependency issues/unbootable zones etc. No files get modified, so it allows you to identify certain types of issues ( not all issues mind you ). The patchadd -a output is pretty hard to parse, but make sure to examine closely for any issues relating to zones etc. Enda Thanks for the information. Ellard --- Our people in the field say that customers are much more willing to install patch as opposed to installing an update. Some aspects of patching are murky. So your help is appreciated. Regards, Ellard ___ zones-discuss mailing list zones-discuss@opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] Solaris u5 and cpu hard capping... A patch for u3 and u4 ?
Gael wrote: Hello, hello With the release of Solaris 10 0508, the feature that appears the most appealing for us is the new cpu capping ability... Will that feature be available thru a patch to avoid liveupgrading a lot of systems ? Which other features are benefitial to zones in U5 ? Regards the patch would be 127127-11/127128-11 (SPARC/x86 ) Kernel Update patches. These require other patches BTW. Also remember to install latest rev of patch utilites first ( 119254/119255 : SPARC/x86 ) Actually if you have diskspace, then I recommend using LiveUpgrade to apply these patches, as it has the following benefits 1 only downtime is reboot 2 gives user the ability to rollback the changes. Enda -- Gael ___ zones-discuss mailing list zones-discuss@opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] Solaris u5 and cpu hard capping... A patch for u3 and u4 ?
gael martinez wrote: hello Enda, we do use liveupgrade but as we are using whole zones on dedicated individual veritas vxvm ufs filesystems ( to allow mobility) it is currently still a very painful approach. In that case. please make sure to first apply the highest rev of 119254/119255 that is available. then any required patches for 127127-11 then prior to installing 127127-11 run patchadd -a 127127-11 this does a dryrun ( modifies no files on system ) and might catch issues with unpatchable zones etc, before any damage is permanent. The output from -a will be verbose ( well same as normal patchadd ), but make sure to parse it and examine any errors that it might uncover. Only then proceed to installing 127127-11 ( please make sure that there is sufficient space in / and /var/ and /var/run, in the latter case, best to have 150M available. the other file systems should have at least 350M free. Enda Regards On Apr 17, 2008, at 3:24, Enda O'Connor [EMAIL PROTECTED] wrote: Gael wrote: Hello, hello With the release of Solaris 10 0508, the feature that appears the most appealing for us is the new cpu capping ability... Will that feature be available thru a patch to avoid liveupgrading a lot of systems ? Which other features are benefitial to zones in U5 ? Regards the patch would be 127127-11/127128-11 (SPARC/x86 ) Kernel Update patches. These require other patches BTW. Also remember to install latest rev of patch utilites first ( 119254/119255 : SPARC/x86 ) Actually if you have diskspace, then I recommend using LiveUpgrade to apply these patches, as it has the following benefits 1 only downtime is reboot 2 gives user the ability to rollback the changes. Enda -- Gael ___ zones-discuss mailing list zones-discuss@opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] Moving zones to a new system
Crambit Team wrote: Hi Enda, the Solaris release is 8/07. What I really need is move the zone (doing like an ufsdump) and let it becaming a global zone and not a zone in a another system. not that I'm aware of ( making a non-global zone be a global zone somewhere else) Sorry I missed that bit of vital info in previous mail. un-doable I would imagine as zones would not have the files/binaries need to actually physically boot a system ( due to SUNW_PKG_HOLLOW=true on some core packages ) I'd suggest installing oracle on target machine and importing DB to it. then rebuild indexes etc. Is there some other reason for not being able to do above ( ie import oracle DB ) Enda This is because we didn't have a new Sun blade so we created a zone in another machine then the oracle/application people could work in the meantime we order another system. Fred On Mon, Mar 31, 2008 at 1:57 PM, Enda O'Connor ( Sun Micro Systems Ireland) [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: Crambit Team wrote: Hi all, I need to move two zones to a 2 different systems as global zone. In one of them I have Oracle. My questions are: 1) What is the best way to do so? what Solaris release are you on? If it's the Solaris 10 updates, then best to have both systems in sync in terms of patches + packages really. After that then, zoneadm detach/attach are your best bet. 2) From the zone that has Oracle is there anything I have to be aware of when I move it? ah yes Oracle, well how are you managing the migration of the Oracle datafiles and so on, I assume you probably have some storage available to the zone via zonecfg add device etc? I assume memory etc on the new system is sufficient for Oracle. In general moving an app like an Oracle DB, would require large amounts of testing, so that things like performance don't take a nosedive. In my experience with Oracle, moving from one system to another can induce performance issues with respect to how say access is configured to storage on the new system, or say how a later OS release might impact on the current optimised database, ie if your database is highly optimised with respect to one system, it might take some time to get it to say level on a later OS update etc. Very hard to tell with Oracle, so I'd strongly suggest trying to setup a test zone on target system and replicate the DB to this, in order to test performance etc beforehand. Enda TIA Fred ___ zones-discuss mailing list zones-discuss@opensolaris.org mailto:zones-discuss@opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] Moving zones to a new system
Mike Gerdts wrote: On Mon, Mar 31, 2008 at 7:38 AM, Crambit Team [EMAIL PROTECTED] wrote: Hi Enda, the Solaris release is 8/07. What I really need is move the zone (doing like an ufsdump) and let it becaming a global zone and not a zone in a another system. This is because we didn't have a new Sun blade so we created a zone in another machine then the oracle/application people could work in the meantime we order another system. Maybe this will help: http://mail.opensolaris.org/pipermail/zones-discuss/2008-February/003622.html hmm, for Oracle probably best to just install it ( easier than copying over the oracle install and all it's bits ie password file , and those in /var/opt ) and then either use standard oracle procedure to migrate the database over. transportable tablespaces are of grate help here really. you'd need to build the DB instance on the target node first etc. Enda ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] can non-zones see less RAM than global?
Menno Lageman wrote: Anne Moore wrote: I doubt it. If Oracle is taking 1/2 of physical memory by default, it will probably do so whether you have 4GB or 40GB. Probably so. But I'm using Zones here, so it may be a different story all together. page 94 of http://www.sun.com/blueprints/0505/819-2679.pdf has tunables for Oracle 9 Thanks. I'm using Oracle 10g 2. I'll see if I can find a article for that. (Unfortunately, I don't have a sun solve service plan!) For Oracle 10g you'll probably want to look at the sga_target and sga_max_size initialization parameters to limit Oracle's use of memory. Menno Hi Just to clarify a bit, when the Oracle installer is creating a starter database it will take 40% of available memory, ( and in 32 bit up to 4G only is allowable ), But this is just the default ( oracle likes memory and generally will try and take what it can ) So these parameters that go to make up The Oracle System Global Area ( SGA ) can be resized ( and should be for performance/optimisation ) anyway, ie shared_pool_size, large_pool_size block buffers etc, but care should be taken as gettign it wrong can have bad consequence. Enda ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] How to upgrade from Solaris 10 u2 to Solaris 10 u3?
Anne Moore wrote: Hi All I need to upgrade my Solaris 10 u2 system to Solaris 10 u3 (in order to gain some additional ZONE functionality that u2 doesn't offer.) I've googled this and can't seem to find a 'how-to' upgrade from u2 to u3 (on a sparc system). I *think* I must use live upgrade but I can't find instructions for updating only from u2 to u3 with live upgrade. Does anyone know how to do this and can share with me? Thanks for your help! Anne ___ zones-discuss mailing list zones-discuss@opensolaris.org Hi Why not go to u4, as then you can use live upgrade, prior to U4, the only upgrade mechanism supported is using jumpstart upgrade, which basically under the hood applies all the u3 patches to your u4 system, this is slow (depends on number of zones ) does not support zones on veritas ( no veritas module in mimiroot, no zones on zfs either. I'd go to u4,else apply the u3 KU 118833-36 and associated zones patches 122660-10 to get this functionality, I'd be slow to go the u2 to u3 upgrade route, as it's cumbersome and was basically a once off. If applying patches 1 always apply latest patchadd patch first (119254-xx) 2 always run patchadd with -a , ie patchadd -a 118833-36 This can catch certain classes of errors, ie unpatchable zones, unbootable zones etc. Depending on number of zones, might be best to leave them running Enda ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] trying to move a non-global zone to a new server -not possible?
Anne Moore wrote: It's: Solaris 10 6/06 s10s_u2wos_09a SPARC Which I can see is only update 2. And, I can't install Update 3 or 4 because the last three times I did that, it brought my systems to a complete halt. Ruined them. what exactly happened, did you upgrade or apply patches? Or did a fresh install of u3/u4 actually fail? Is there any way that you know of to move a zone/container without using the detach option? none that is supported anyway. Thank you for the help. Anne -Original Message- From: Ellis, Mike [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 12, 2008 12:37 PM To: Anne Moore Subject: RE: [zones-discuss] trying to move a non-global zone to a new server -not possible? What does: cat /etc/release say? -- MikeE -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Anne Moore Sent: Wednesday, March 12, 2008 12:34 PM To: zones-discuss@opensolaris.org Subject: [zones-discuss] trying to move a non-global zone to a new server -not possible? Hi All I'm running Solaris 10 11/06 on a Sparc system. I'm trying to move a container on this box to another box of the same type. However, I'm going through the instructions from Sun: http://www.sun.com/software/solaris/howtoguides/moving_containers.jsp And at one of the steps, it says to run #zoneadm -z zonename detach However, when I try to run that command, it says that detach is not an options! UGH. The options I have for zonadm are: help boot [-s] halt ready reboot list [-cipv] verify install uninstall [-F] And this is an 11/06 image! Is there anyway I can move my container from this box to another box without using the detach option? Thank you for your help! Anne ___ zones-discuss mailing list zones-discuss@opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] new option - cpu-dedicated
Maciej Browarski wrote: Enda O'Connor wrote: Maciej Browarski wrote: Hello, I upgrade Solaris 10 update 3 to update 4 but I use dedicated-cpu with live upgrade but I don't see dedicated-cpu (and capped-mem) option in zonecfg, but man zonecfg shows this option. Is it possibility that I must add new packages to have this functionality ? Regards, Hi These are in u4, what is the output from uname -a what happens when you try and use these options? Enda Hi, To be more precise, this installation is made by my client. He has Solaris 10 update 3 and use UpdateManager to update this solaris to Update 4. In with patch level of zones the functionality dedicated-cpu is included ? # uname -a SunOS v445c 5.10 Generic_118833-36 sun4u sparc SUNW,Sun-Fire-V445 Regards, Hi Ok, then this in not an upgrade, updatemanager is just a tool to apply patches. In saying that applying 120011-14 ( the u4 KU ) will get your customer the zones resources he requires. 118833-36 is the u3 KU, so he needs to install 120011-14 and reboot. Not sure if update manager can handle this patch as it has some complex requirements, in a round about way it requires 122660-10 to be installed first. ( among quite a few other requirements, but 122660-10 is not directly required, but is required by a required patch via prepatch script ) Now please make sure 119254 latest rev is installed first ( it's the patchadd patch ), before adding 120011-14. Also read the README in 120011-14 carefully. Enda ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] new option - cpu-dedicated
Mike Gerdts wrote: On Tue, Mar 11, 2008 at 4:49 AM, Enda O'Connor [EMAIL PROTECTED] wrote: Now please make sure 119254 latest rev is installed first ( it's the patchadd patch ), before adding 120011-14. Also read the README in 120011-14 carefully. Does updatemanager use patchadd -M under the covers? If so, the latest rev of 119254 may hit: 6668239 patchadd -M might fail after intalling 119254-49 or later Hi I suspect that patch manager could will not install 120011-14 at all, it's patch properties are set to interactive so update manager will not install any patch that is interactive, user must download and install manually. Enda ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] How to Upgrade Sparse Zone from 10U2 to 10U3
Paul Kraus wrote: On Mon, Mar 10, 2008 at 1:24 PM, Enda O'Connor [EMAIL PROTECTED] wrote: Hi basically you'll need to have the old zone at the same patch/package level, a zoneadm attach should tell you what is out of sync. Right, I understand that. So you'll have to patch the old system to same level as new system. Basically as a starting point the Kernel Patches will need to be identical, ie 118833-36 on both systems, 118833-33 was the Ku in u3, but rev 36 was the only Ku released that will satisfy this. So both systems will need 118833-36. Unfortunately, I can't get a window to patch the old system, it is the full on production DB server with a dozen production zones on it. Part of the reason for moving this zone off is a piece of the shell game that will (eventually) get all the servers up to 10U4. Let me ask the question a slightly different way ... is there a way I can patch *just* a non-global sparse zone ? If there is, then I can just apply the patches there to match the new system it is moving to. The manpage on patchadd is slightly unclear on this. I suspect that if SUNW_PKG_ALLZONES is set to TRUE on *any* of the packages involved, then I am out of luck and need to fall back to Plan B (create a new zone and reinstall the application). No there isn't really, most of the relevant patches are ALLZONES=true, especially Kernel patches. so you'll need to have the zone in sync witht he target system. Enda ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] How to configure Global/Local zone in seperate subnet and use seperate router
Hi For the ce driver you will need 137042-01 SPACR 137043-01 X86 which fix CR 6616075 ( ON Part ) as well as 118777-12 SPARC 118778-12 x86 which fix CR 6606507 the ce driver side. Enda Enda O'Connor wrote: Hi There is a doc at http://sunsolve.sun.com/search/document.do?assetkey=1-9-90317-1searchclause=ip-type=exclusive%2420120011-14 which goes through the patches required to get ip instances working on pre u4. Also you'll need the ce patches, I'll try and dig them up for you. Enda Konstantin Gremliza wrote: I would prefer not to upgrade, but to patch the solaris 10u3 to the functionality of 10u4 (mainly kernel and zones patches). You also need the newly released ce driver patch, which will enable exclusive tcpip in zones. regards, konstantin Tony Wong wrote: Dear All and Solaris Expert, Our customer wanted to configure Global and Local zone in completely difference IP Subnet and use difference default router. Understand that existing Solaris 10 prior to update4, it's quite impossible, as the Global zone will still see the Local zone IP traffic and the routing can only be done of Global zone. Doing so, the Global zone has becoming part of the member in the Local zone subnet After escalated, SUN Backend engineer has advised that it can be done on Solaris 10 update4. Now, customer wanted to upgrade from Solaris 10 11/06 u3 to update 4, to have that feature. The following is some of our customer's questions (In Green), my research (In red) and question at the bottom of this email. Hope this email isn't too long for your to read 1, What would be the technical impact on their ecosystem? Any impact on Solaris volume manager and container? Starting with this release, *Solaris* Live Upgrade has been changed with the following enhancements: == Taking about Solaris 10 08/07 u4 * You can upgrade the *Solaris* OS when non-global zones are installed on a system by using *Solaris* Live Upgrade. == Then what about Solaris 10 11/06 u3? http://docs.sun.com/app/docs/doc/817-0547/getjd?l=enq=solaris+10+zoneadma=view#getas 2. A written confirmation from Sun that by updating the Solaris, it will resolve their issue. Found the following: Determine whether the zone will be a shared-IP zone or an exclusive-IP zone. For a shared-IP zone, which is the default, obtain or configure IP addresses for the zone. Depending on your configuration, you must obtain at least one IP address for each non-global zone that you want to have network access. For an exclusive-IP zone, determine the data-link that will be assigned to the zone. The zone requires exclusive access to one or more network interfaces. The interface could be a separate LAN such as bge1, or a separate VLAN such as bge2000. _*The data-link must be GLDv3*_. A data-link that is *not* GLDv3 is identified as type: legacy in the output of the dladm show-link command. http://docs.sun.com/app/docs/doc/817-1592/6mhahuoov?l=ena=view Document Say the GLDv3 is supported on the interface types: bge, xge, and e1000g. But, _*Customer** E25K is running most ce interface*_ http://docs.sun.com/app/docs/doc/816-4554/6maoq01n5?l=ena=view#gaugz Questions as follow: 1. Can we live upgrade the Solaris 10u3 to u4 without impacting their existing solaris container/zone? 2. After upgraded, is their existing interface card supported to configure global and local zone in difference subnet and use individual default router without interface each other the global and local zone. 3. How to configure it? Any advise and comment are very much appreciated. Thank you in advance Thanks Regards Tony Wong ___ zones-discuss mailing list zones-discuss@opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] Zone creation Hangs.
Morris Hooten wrote: I've crated many zones but haven't seen this one yet and have tried a few things and can't get it past this point in installing the new zone. it just hangs at the point below any hinsts? i looked in sunsolve but nothing specific thanks Creating list of files to copy from the global zone. Copying 2873 files to the zone. Initializing zone product registry. Determining zone package initialization order. Preparing to initialize 1165 packages on the zone. Initializing package 1164 of 1165: percent complete: 99% ___ zones-discuss mailing list zones-discuss@opensolaris.org Hi what does the last entry in the zone install log look like ( although it mightn't have flushed the relevant data to file it might be worth a look ) so zone-path/root/var/sadm/system/logs/install_log what does ptree say for the global zone ( ptree -z global ) maybe a truss of the hung process mighgt shed some light. also what is the OS release etc Enda ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] Failing to install pkg on a zone
Hi what is the zonecfg for the particualr zone is /opt/csw/bin writable in the zone, etc the mesasge about /var looks wierd though. Enda Asif Iqbal wrote: I can install pkg just fine on all the other zones except this one. bash-3.00# pkgadd -d pkg_get-3.7.2-all-CSW.pkg The following packages are available: 1 CSWpkgget pkg_get - CSW version of automated package download tool (all) 3.7.2 Select package(s) you wish to process (or 'all' to process all packages). (default: all) [?,??,q]: 1 Processing package instance CSWpkgget from /var/tmp/pkg_get-3.7.2-all-CSW.pkg pkg_get - CSW version of automated package download tool(all) 3.7.2 You may use and copy this software without charge, as you see fit. The software is copyright (C) Philip Brown, Nov 2000-2006 Dont forget to update /opt/csw/etc/pkg-get.conf with your nearest archive site. (or /etc/opt/csw/pkg-get.conf) Dont stick with the default of ibiblio.org: it's very slow! Using /opt/csw as the package base directory. ## Processing package information. ## Processing system information. 5 package pathnames are already properly installed. ## Verifying disk space requirements. ## Checking for conflicts with packages already installed. The following files are already installed on the system and are being used by another package: /var Do you want to install these conflicting files [y,n,?,q] y ## Checking for setuid/setgid programs. This package contains scripts which will be executed with super-user permission during the process of installing this package. Do you want to continue with the installation of CSWpkgget [y,n,?] y Installing pkg_get - CSW version of automated package download tool as CSWpkgget ## Installing part 1 of 1. pkgadd: ERROR: unable to create package object /opt/csw/bin. pathname does not exist pathname does not exist unable to fix attributes /opt/csw/bin/pkg-get ERROR: attribute verification of /opt/csw/bin/pkg-get failed pathname does not exist unable to fix attributes pkgadd: ERROR: unable to create package object /opt/csw/etc. pathname does not exist pathname does not exist unable to fix attributes /opt/csw/etc/pkg-get.conf.csw ERROR: attribute verification of /opt/csw/etc/pkg-get.conf.csw failed pathname does not exist unable to fix attributes pkgadd: ERROR: unable to create package object /opt/csw/share. pathname does not exist pathname does not exist unable to fix attributes pkgadd: ERROR: unable to create package object /opt/csw/share/man. pathname does not exist pathname does not exist unable to fix attributes pkgadd: ERROR: unable to create package object /opt/csw/share/man/man1m. pathname does not exist pathname does not exist unable to fix attributes /opt/csw/share/man/man1m/pkg-get.1m ERROR: attribute verification of /opt/csw/share/man/man1m/pkg-get.1m failed pathname does not exist unable to fix attributes pkgadd: ERROR: unable to create package object /var. pathname does not exist unable to fix attributes /var pkgadd: ERROR: unable to create package object /var/pkg-get. pathname does not exist pathname does not exist unable to fix attributes /var/pkg-get /var/pkg-get/admin-fullauto ERROR: attribute verification of /var/pkg-get/admin-fullauto failed pathname does not exist unable to fix attributes [ verifying class none ] ERROR: attribute verification of /opt/csw/bin/pkg-get failed pathname does not exist unable to fix attributes ERROR: attribute verification of /opt/csw/etc/pkg-get.conf.csw failed pathname does not exist unable to fix attributes ERROR: attribute verification of /opt/csw/share/man/man1m/pkg-get.1m failed pathname does not exist unable to fix attributes ERROR: attribute verification of /var failed pathname does not exist unable to fix attributes ERROR: attribute verification of /var/pkg-get failed pathname does not exist unable to fix attributes ERROR: attribute verification of /var/pkg-get/admin-fullauto failed pathname does not exist unable to fix attributes ## Executing postinstall script. Installing /opt/csw/etc/pkg-get.conf.csw to pkg-get.conf IMPORTANT A default configuration file for pkg-get has been created in /opt/csw/etc/pkg-get.conf You should edit it to change the 'site' configuration, to point to the most appropriate mirror for you, from the list at http://www.blastwave.org/mirrors Installation of CSWpkgget partially failed. Any idea what is going on? ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] FYI: fixes for IP Instances using ce NICs now on OpenSolaris and coming in Nevada/Solaris Express build 80
Robert Milkowski wrote: Hello Steffen, Friday, December 21, 2007, 1:05:53 PM, you wrote: SW [attempt to bcc this alias seemed to have failed] SW If you have been waiting for the fixes to be able to use IP Instances SW with the GigaSwift NICs (ce), they are now in OpenSolaris, and I have SW tested them with Nevada build 80, currently available within Sun. I SW don't know when build 80 ISOs will be on opensolaris.org. The bits have SW to go through at least four to six week soak testing in Nevada before a SW back port to Solaris 10 can be released. http://sunsolve.sun.com/search/document.do?assetkey=1-21-118777-12-1 Problem Description: 6606507 ce driver needs to work with Solaris 10 IP Instances Well, according to patch 118777-12 CR 6606507 is fixed by it. I guess it's a mistake... ??? Hi Robert There are actually two changes needed to get ce working with IP instances the CE driver change is 6606507 and the Zones one, that is also needed is 6616075. The zones change 6616075 has been put back to build 80, and so now that both are in opensolaris, the ce driver works with IP instances. cheers Enda ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] (no subject)
Hi In this case, it's expected as the package that contains the file is HOLLOW # grep /usr/openwin/lib/libGLw.so /var/sadm/install/contents /usr/openwin/lib/libGLw.so=libGLw.so.2 s none SUNWglrt /usr/openwin/lib/libGLw.so.1 f none 0755 root bin 26156 51012 1154470635 SUNWglrt /usr/openwin/lib/libGLw.so.2 f none 0755 root bin 26100 44947 1154470635 SUNWglrt # pkgparam SUNWglrt SUNW_PKG_HOLLOW true # Basically if a package is SUNW_PKG_HOLLOW=HOLLOW, then none of it's files are installed in the non global zones, as this zone is whole, you will not see these files, if the zone was sparse, then as /usr is inherited the files would appear anyway. Not clear though why OpenGL stuff is down as hollow, but I am not familiar with OpenGL to any degree. Enda Caroline Carol wrote: Hi all, and have good year 2008! I have installed a whole root zone, but I didn't find some libraries on it, for example : /usr/openwin/lib/libGLw.so These libraries exist in global zone. Is this normal ? Thanks Regards, carol Ne gardez plus qu'une seule adresse mail ! Copiez vos mails http://fr.rd.yahoo.com/mail/mail_taglines/trueswitch/*http://www.trueswitch.com/yahoo-fr/ vers Yahoo! Mail ___ zones-discuss mailing list zones-discuss@opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] [zfs-discuss] 3510 Array and ZFS/Zones
Mangan wrote: Is this a release that can be downloaded from the website and will work on SPARC systems. The write up says it is for VMware. Am I missing something? Use Solaris 10 9/07. It has more than a year's worth of improvements and enhancements to Solaris. -- richard ___ zones-discuss mailing list zones-discuss@opensolaris.org Hi Haven't been following this thread so I might be off topic .. I think this should be 8/07 ( Solaris 10 update 4 ) If so then it's on the download site ( or should be ) and works for SPARC/x86 ( same as any Solaris 10 release ) What writeup are you looking at? Enda ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] [zfs-discuss] 3510 Array and ZFS/Zones
Richard Elling wrote: Morris Hooten wrote: I looked through the solarsinternals zfs best practices and not completly sure of the best scenario. ok, perhaps we should add some clarifications... I have a Solaris 10 6/06 Generic_125100-10 box with attached 3510 array and would like to use zfs on it. Should I create multiple logical disks thru the raid controller then create zfs raid file systems across the LD's? That method will work ok. Many people do this with various RAID arrays. We can't answer the question is it the best way? because we would need more detailed information on what you are trying to accomplish and how you want to make design trade-offs. So for now, I would say it works just like you would expect. Can I also migrate zones that are on a ufs file system now into a newly created zfs file system although knowing the limitations with zones and zfs in 06/06? Zone limitations with ZFS should be well documented in the admin guides. Currently, the install and patch process is not ZFS aware, which might cause you some difficulty with upgrading or patching. There are alternative methods to solve this problem, but you should be aware of the current limitation. the patch to fix the patch of zones on zfs is pending. 119254/119255 revision 49, we hope to release this in the coming days ( maybe by COB today even ) Recommendations? Use Solaris 10 9/07. It has more than a year's worth of improvements and enhancements to Solaris. I think you mean 8/07, ( update 4 ) release? But yes this release is most advised, Enda -- richard ___ zfs-discuss mailing list [EMAIL PROTECTED] http://mail.opensolaris.org/mailman/listinfo/zfs-discuss ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] [zfs-discuss] 3510 Array and ZFS/Zones
Mangan wrote: The 9/07 release appears to be for X86 only. The 8/07 release appears to be for Sparc or X86. The 9/07 release is also titled Express Developers Edition 9/07. Apparently not a release I can use. Thanks for the quick feedback. ok my mistake, getting confused by release numbers, 9.07 was what Richard meant. Enda When is the next release for Sparc due out? Paul -Original Message- From: Enda O'Connor ( Sun Micro Systems Ireland) [EMAIL PROTECTED] Sent: Dec 21, 2007 9:15 AM To: Richard Elling [EMAIL PROTECTED] Cc: [EMAIL PROTECTED], zones-discuss@opensolaris.org, [EMAIL PROTECTED] Subject: Re: [zones-discuss] [zfs-discuss] 3510 Array and ZFS/Zones Richard Elling wrote: Morris Hooten wrote: I looked through the solarsinternals zfs best practices and not completly sure of the best scenario. ok, perhaps we should add some clarifications... I have a Solaris 10 6/06 Generic_125100-10 box with attached 3510 array and would like to use zfs on it. Should I create multiple logical disks thru the raid controller then create zfs raid file systems across the LD's? That method will work ok. Many people do this with various RAID arrays. We can't answer the question is it the best way? because we would need more detailed information on what you are trying to accomplish and how you want to make design trade-offs. So for now, I would say it works just like you would expect. Can I also migrate zones that are on a ufs file system now into a newly created zfs file system although knowing the limitations with zones and zfs in 06/06? Zone limitations with ZFS should be well documented in the admin guides. Currently, the install and patch process is not ZFS aware, which might cause you some difficulty with upgrading or patching. There are alternative methods to solve this problem, but you should be aware of the current limitation. the patch to fix the patch of zones on zfs is pending. 119254/119255 revision 49, we hope to release this in the coming days ( maybe by COB today even ) Recommendations? Use Solaris 10 9/07. It has more than a year's worth of improvements and enhancements to Solaris. I think you mean 8/07, ( update 4 ) release? But yes this release is most advised, Enda -- richard ___ zfs-discuss mailing list [EMAIL PROTECTED] http://mail.opensolaris.org/mailman/listinfo/zfs-discuss ___ zones-discuss mailing list zones-discuss@opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] Simple question... An inherit-pkg-dir resource with the dir '/lib' already
David Smith wrote: I'm getting an error on trying to create a second zone. -bash-3.00# zonecfg -z test123 -f test123-zone-cmd.txt On line 7 of test123-zone-cmd.txt: An inherit-pkg-dir resource with the dir '/lib' already exists. resource specification incomplete Zone test123 failed to verify test123: Insufficient specification Configuration not saved. Here is the start of the command file: create set zonepath=/zones/test123 set autoboot=true set pool=test add inherit-pkg-dir set dir=/lib end add inherit-pkg-dir set dir=/platform add inherit-pkg-dir set dir=/sbin end add inherit-pkg-dir set dir=/usr end I think this is probably a simple error. Does anyone know what I'm doing incorrectly? This is S10U4. Hi you are creating a default zone so it already has lib inherited I suspect, also not sure if typo in above but add inherit-pkg-dir set dir=/platform add inherit-pkg-dir set dir=/sbin end missing an end there. But the defaul from create already has these libs /lib /sbin /platform and /sbin inherited already. Enda Enda Thanks, David This message posted from opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] Can't install zone after 10_recommended
Mangan wrote: I installed the 10_recommended patchset on a machine that had a running zone. The host machine and the running zone appear to be ok but when I try to install an additional zone the new zone gets created but it won't go through the sys config routine and you can't change the root password ( permission denied) even though you can login via zlogin. I took an identical T2000 without the 10_reccommended patchset and I can create as many working zones as I want. Could this be a part of 120011-14 patch problem? ---Paul Mangan ___ zones-discuss mailing list zones-discuss@opensolaris.org Hi could we get some info on the setup ie os release ( cat /etc/release ) what patches got applied as part of this cluster install. ( just the newly applied ones ) what patches are applied in total ls -tr1 /var/sadm/patch + patchadd -p output also cat /var/sadm/system/admin/CLUSTER Were there errors during zone install, have a look at zonepath/root/var/sadm/system/logs and verify that no errors are present. what exactly happens during the sysconfig part? Enda ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] Patching whole-root zones
Hi patchadd in the global zone will patch all local zones ( whole or sparse) by defalt. So if you add the recommended cluster it will patch the whole root zone as well. Make sure to apply the latest 119254/119255 ( sparc/x86 )in a seperate patchadd session. This patch is the patch utils patch, I suspect that the cluster applies it first anyway, but just in case. This will also ensure that the zones etc are all available for patching prior to applying the cluster itself. Enda Jatinder wrote: Hi Just want some clarification following; If I was to apply a recommended patchcluster to my global zone will it also patch the uderlying whole-root zones, my understanding is that it will not effect the whole-root zones as they have there own /usr lib areas and only the global zone will be patched. So my thinking is that to patch my whole-root zones I would have to patch each zone individually? Thanks This message posted from opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] Patching whole-root zones
Hi just to be clear, apply 119254 in the global ( it will patch all available zones ) then ap[ply the cluster, and all zones will also get patched, no need to patch the zone seperately. Enda Enda O'Connor wrote: Hi patchadd in the global zone will patch all local zones ( whole or sparse) by defalt. So if you add the recommended cluster it will patch the whole root zone as well. Make sure to apply the latest 119254/119255 ( sparc/x86 )in a seperate patchadd session. This patch is the patch utils patch, I suspect that the cluster applies it first anyway, but just in case. This will also ensure that the zones etc are all available for patching prior to applying the cluster itself. Enda Jatinder wrote: Hi Just want some clarification following; If I was to apply a recommended patchcluster to my global zone will it also patch the uderlying whole-root zones, my understanding is that it will not effect the whole-root zones as they have there own /usr lib areas and only the global zone will be patched. So my thinking is that to patch my whole-root zones I would have to patch each zone individually? Thanks This message posted from opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] Zone Migration - Sun4u to Sun4v - Supported?
Mads Toftum wrote: On Wed, Nov 07, 2007 at 11:11:13PM -0800, Andrew wrote: Can anyone advise if it is supported to migrate a zone from one SPARC architecture to another? E.G., Sun4u to Sun4v? I presume this should be ok provided the Solaris build on both target and source platforms is the same? Things should run, but there's a recent RFE to make attach work across sun4u and sun4v: 6576592 RFE: zoneadm detach/attach should work between sun4u and sun4v architecture But I'm sure it would work if you hacked the files under /etc/zones. vh Mads Toftum There are quite a few patches that are sun4v only out there, not clear how this would work out. ie sat migrate from 4u to 4u, will complain about the 4v only patches in the zone. Enda ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] Configuration on first boot of a zone
Andrew Black wrote:
Enda O'Connor ( Sun Micro Systems Ireland) [EMAIL PROTECTED]
wrote in news:[EMAIL PROTECTED]:
Hi
Did you clone the zone by any chance as this does not go through
sysidcfg?
I didnt know you can clone zones? this would be useful
yes in 11/06 otherwise know as update 3 ( someone might correct me there )
copied from another article:
So say you have zone1 with IP of 192.168.100.101, then to clone a zone2
from it:
# *zonecfg -z zone2*
zone2: No such zone configured
Use 'create' to begin configuring a new zone.
zonecfg:zone2 *create -t zone1*
zonecfg:zone2 *set zonepath=/zones/zone2*
zonecfg:zone2 *select net address=192.168.100.101; set
address=192.168.100.102/24; end*
zonecfg:zone2 *verify*
zonecfg:zone2 *commit*
zonecfg:zone2 *exit*
Instead of installing a new zone, let's clone from zone1.
# *time zoneadm -z zone2 clone zone1*
WARNING: read-write lofs file system on '/export' is configured in both zones.
Copying /zones/zone1...
real0m31.135s
user0m0.431s
sys 0m3.818s
# *zoneadm -z zone2 boot*
# *zlogin -C zone2* (or supply a sysidconfig file)
Might be of use.
Else how did you create the zone?
No- I created it using zonecfg then did a zoneadm install then boot.
hmm, it must have asked in zlogin -C )( otherwise something untold
happened )
Without answering the sysidcfg bit, the zone will actually appear to
boot, but won't be accessible outside of zlogin, unless you answer the
sysidcfg stuff.
But either way to fully automate it, add asysidcfg file as mentioned.
To automate it I usually insert a sysidcfg file in
${zonepath}/root/etc such as
# cat sysidcfg
Thanks for that info
___
zones-discuss mailing list
zones-discuss@opensolaris.org
___
zones-discuss mailing list
zones-discuss@opensolaris.org
Re: [zones-discuss] Configuration on first boot of a zone
Andrew Black wrote:
When I first create a zone, it normally asks you some questions such as the
time zone and whether you want NIS etc.
- is there any way of autmating this so you always get the same answer
- today I created a zone and it didnt ask me these questions. I wasnt
aware of doing anything different.
Andrew
___
zones-discuss mailing list
zones-discuss@opensolaris.org
Hi
Did you clone the zone by any chance as this does not go through sysidcfg?
Else how did you create the zone?
To automate it I usually insert a sysidcfg file in ${zonepath}/root/etc
such as
# cat sysidcfg
system_locale=C
terminal=xterm
network_interface=PRIMARY {
hostname=myzone
ip_address=your ip-address
default_route=your defualt route
protocol_ipv6=no
netmask=255.255.255.0
}
name_service=NIS {
domain_name=lab1.ireland.sun.com
}
security_policy=NONE
root_password=your passwd
timezone=GB-Eire
nfs4_domain=sun.com
timeserver=server1
#
default route from netstat -rn and so on.
Enda
___
zones-discuss mailing list
zones-discuss@opensolaris.org
Re: [zones-discuss] Non-interactive zone creation
Bryan Allen wrote:
On Nov 6, 2007, at 8:18 AM, Nicolas Dorfsman wrote:
Hi all,
Is there anyone here working on something able to create/configure/
boot a zone without interactivity ? I tried to update
create_zone.sh but it's a little bit hard to maintain it in shell.
So, an alternative would be to create a brand new one in Perl...or
to work on something different directly in Solaris source.
http://www.madstop.com/managing-solaris-zones.html
I have my own set of zone-creation scripts (newzone.sh, then various
nnn-foo.sh scripts which get iterated over), though I will soon be
moving to using puppet to manage creation. I already use puppet to
manage configuration, so it's not much of a stretch for me. I will be
much happier when adding a new zone to a system simply involved adding
a bittova config to a puppet node class. :-)
It's somewhat kludgey with the shell scripts, though I wouldn't say
it's particularly tedious.
Cheers.
--
bda
cyberpunk is dead. long live cyberpunk.
http://bda.mirrorshades.net/
___
zones-discuss mailing list
zones-discuss@opensolaris.org
Hi
I looked at your site and I see the following ( sorry about formating )
{
puppet -d -e 'zone { myzone: ensure = running }'
This won't get any inherited directories or any network addresses, but
you can always add them later:
puppet -d -e ' zone { myzone: ensure = running, inherits = [/usr,
/sbin] }'
Yes, that will modify the configuration of your existing zone, not try
to create a new one or any some such.}
}
Now one cannot modify the inherited directories once a zone is
installed. ( you can up to that point alright )
ie if you create a whole root zone ( ie install it via zoneadm install )
then the only way to add inherited dir's is by a reinstall as far as I know.
You can modify the ip etc on the fly, but the inherited dirs bit in
relation to the default dirs such as /lib /sbin /bin /platform cannot
be changed once installed.
Enda
___
zones-discuss mailing list
zones-discuss@opensolaris.org
Re: [zones-discuss] zlogin invoked by cron hangs after a few minutes
Damien Carbery wrote: are you piping /dev/null to STDIn in the commands, I can see you did that on the commands line, but not clear if you did it in the script or not. For every command in the script? The script is: http://cvs.opensolaris.org/source/xref/jds/spec-files/trunk/cron-script.sh I would like to get my single command experiment working first, proof-of-concept if you will. Where does the redirection go? Inside the quoted command or for zlogin? zlogin -l gbuild big-zone the_command /dev/null zlogin -l gbuild big-zone the_command /dev/null Hi Damien the last one is the one you want. Enda This message posted from opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] sysidcfg problem with zones
Kamlakar Patil wrote: Hi All, I am using zonemgr for creating zones on T2000 systems. It is getting stuck at Waiting for first boot tasks to complete forever. Can anybody help on this? Thanks, -Kamlakar ___ zones-discuss mailing list zones-discuss@opensolaris.org what dos zlogin -C have to say when connected to the zone in question? Also is this 8/07 (u4) or earlier, if so what release and what Ku is applied ( uname -a in global should tell you ) cheers Enda ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] zlogin invoked by cron hangs after a few minutes
Damien Carbery wrote: Using snv_73 sparc. Trying to build JDS inside a whole root zone (because we install packages under /usr, /etc during the build). I have a cron script that uninstalls the current build, does a svn update, does a full build and then sends report mails. I noticed that it was hanging very early on, during the uninstall section. pkgtool mentioned below is from the JDS CBE. I trimmed by zlogin command down to just one command: zlogin -l gbuild big-zone . /jds/cbe/bin/env.sh; cd /jds/spec-files; pkgtool uninstall-pkgs closed/*.spec *.spec /dev/null This command processes 143 .spec files. When I specify lesser numbers it works. 90 files is okay but 109 files caused it to hang. If I run that command from the terminal it works without issue. $ ps -ef | grep zlogin root 20133 397 0 17:21:00 ? 0:00 sh -c zlogin -l gbuild big-zone . /jds/cbe/bin/env.sh; cd /jds/spec-files; pkg root 20134 20133 0 17:21:00 ? 0:00 zlogin -l gbuild big-zone . /jds/cbe/bin/env.sh; cd /jds/spec-files; pkgtool un The ptree output is: $ ptree 20134 397 /usr/sbin/cron 20133 sh -c zlogin -l gbuild big-zone . /jds/cbe/bin/env.sh; cd /jds/spec-fi 20134 zlogin -l gbuild big-zone . /jds/cbe/bin/env.sh; cd /jds/spec-files; 20135 bash -c . /jds/cbe/bin/env.sh; cd /jds/spec-files; pkgtool uninstal 20147 /usr/bin/perl -I /jds/cbe/lib/pkgbuild-1.2.0 /jds/cbe/lib/pkgbuil Any thoughts? Suggestions? Is there a bug here? We currently use a chroot environment to build JDS but a zones setup would be preferred as it is a supported feature. This message posted from opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org are you piping /dev/null to STDIn in the commands, I can see you did that on the commands line, but not clear if you did it in the script or not. Enda ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] S10 U3 Live Upgrade with zones
Hi Mary Thanks for this Enda mary ding wrote: Enda and Richard: It will work and you need to get infodoc 72099 to see the list of patches you need in order for this to work. Enda O'Connor wrote: Richard Weatherley wrote: Hi Enda Any progress on this one? Thanks -- Richard This message posted from opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org Hi Richard I didn't work on this project, but as far as I'm aware it should all go, ie Lu from U3 to U4 a system with zones. You will have to apply the U4 packages and a list of patches ( including 120011/120012, that 8/07 KU as far as I'm aware ) Other people might be able to add more info here Enda ___ zones-discuss mailing list zones-discuss@opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] Problem patching zones with kernel patch 120011-14
Hi I have logged CR 6617022 space checking in/var/run for deferred activation patching is broke to cover this issue Enda Blatt, Andrew (GTI) wrote: Is there a required size for /var/run that I should be aware of? I'm rebuilding the box now, to retest if there is a required size. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Monday, October 15, 2007 11:49 AM To: Blatt, Andrew (GTI) Cc: zones-discuss@opensolaris.org Subject: Re: [zones-discuss] Problem patching zones with kernel patch 120011-14 Hi yes unfortunately, I'll contact the developers and have a look at the code not much you can do other than reinstall/recover sorry Enda Blatt, Andrew (GTI) wrote: Looks like corruption: cp: /var/run/.patchSafeModeOrigFiles/usr/sbin/zoneadm: No space left on device cp: /var/run/.patchSafeModeOrigFiles/usr/sbin/zonecfg: No space left on device cp: /var/run/.patchSafeModeOrigFiles/usr/share/lib/xml/dtd/zonecfg.dtd.1: write: No space left on device Done! /a/var/sadm/patch/120011-14/log: No such file or directory bash-3.00# pwd After rebooting post-patch: Rebooting with command: boot Boot device: v10_0_3_2 File and args: not found: vtag_flushctx not found: vtag_flushctx not found: vtag_flushctx not found: vtag_flushctx_tl1 not found: vtag_flushctx_tl1 not found: ctx_pgsz_array not found: ctx_pgsz_array not found: ctx_pgsz_array not found: ctx_pgsz_array krtld: error during initial load/link phase panic - boot: exitto64 returned from client program Program terminated -Original Message- From: Blatt, Andrew (GTI) Sent: Monday, October 15, 2007 11:37 AM To: '[EMAIL PROTECTED]' Cc: zones-discuss@opensolaris.org Subject: RE: [zones-discuss] Problem patching zones with kernel patch 120011-14 Enda, Thank you for the insight.. I can't tell if its doing anything at this point since /var/run is at 100% with a lot of lofs mounts, and am hesitant to break the patchadd unless you think I should ;) I moved the zone to ufs to see about patching, and that's when I ran into the /var/run issue.. I attached my df output: # df -k Filesystemkbytesused avail capacity Mounted on /dev/vx/dsk/bootdg/rootvol 8262473 4950593 322925661%/ /devices 0 0 0 0%/devices ctfs 0 0 0 0% /system/contract proc 0 0 0 0%/proc mnttab 0 0 0 0%/etc/mnttab swap 47464241360 4745064 1% /etc/svc/volatile objfs 0 0 0 0%/system/object fd 0 0 0 0%/dev/fd /dev/vx/dsk/bootdg/var 4132034 1110109 298060528%/var swap 1048576 29040 1019536 3%/tmp swap 20480 20480 0 100%/var/run swap 4745064 0 4745064 0%/dev/vx/dmp swap 4745064 0 4745064 0%/dev/vx/rdmp /8262473 4950593 322925661% /var/run/.patchSafeMode/root /var 4132034 1110109 298060528% /var/run/.patchSafeMode/root/var /dev/vx/dsk/DG1_js10/zone_os 8388608 4083681 403620551%/zone_os2 /dev/vx/dsk/DG1_js10/zone_os2 8256877 4008614 416569550%/zone_os /zone_os 8256877 4008638 416567150% /var/run/.patchSafeMode/root/zone_os swap 4745072 8 4745064 1% /zone_os/dse-zone3-d/lu /var/run/.patchSafeModeOrigFiles/usr/kernel/pcbe/sparcv9/pcbe.4.3 20480 20480 0 100% /usr/kernel/pcbe/sparcv9/pcbe.4.3 /var/run/.patchSafeModeOrigFiles/usr/kernel/pcbe/sparcv9/pcbe.4.5 20480 20480 0 100% /usr/kernel/pcbe/sparcv9/pcbe.4.5 /var/run/.patchSafeModeOrigFiles/usr/platform/sun4us/include/sys/dvma.h 20480 20480 0 100% /usr/platform/sun4us/include/sys/dvma.h /var/run/.patchSafeModeOrigFiles/usr/platform/sun4us/include/sys/machcpu var.h 20480 20480 0 100% /usr/platform/sun4us/include/sys/machcpuvar.h /var/run/.patchSafeModeOrigFiles/usr/platform/sun4us/include/sys/machpar am.h 20480 20480 0 100% /usr/platform/sun4us/include/sys/machparam.h /var/run/.patchSafeModeOrigFiles/usr/platform/sun4us/include/sys/memnode .h 20480 20480 0 100% /usr/platform/sun4us/include/sys/memnode.h /var/run/.patchSafeModeOrigFiles/usr/platform/sun4us/include/sys/opl_hwd esc.h 20480 20480 0 100% /usr/platform/sun4us/include/sys/opl_hwdesc.h
Re: [zones-discuss] Problem patching zones with kernel patch 120011-14
Hi yes unfortunately, I'll contact the developers and have a look at the code not much you can do other than reinstall/recover sorry Enda Blatt, Andrew (GTI) wrote: Looks like corruption: cp: /var/run/.patchSafeModeOrigFiles/usr/sbin/zoneadm: No space left on device cp: /var/run/.patchSafeModeOrigFiles/usr/sbin/zonecfg: No space left on device cp: /var/run/.patchSafeModeOrigFiles/usr/share/lib/xml/dtd/zonecfg.dtd.1: write: No space left on device Done! /a/var/sadm/patch/120011-14/log: No such file or directory bash-3.00# pwd After rebooting post-patch: Rebooting with command: boot Boot device: v10_0_3_2 File and args: not found: vtag_flushctx not found: vtag_flushctx not found: vtag_flushctx not found: vtag_flushctx_tl1 not found: vtag_flushctx_tl1 not found: ctx_pgsz_array not found: ctx_pgsz_array not found: ctx_pgsz_array not found: ctx_pgsz_array krtld: error during initial load/link phase panic - boot: exitto64 returned from client program Program terminated -Original Message- From: Blatt, Andrew (GTI) Sent: Monday, October 15, 2007 11:37 AM To: '[EMAIL PROTECTED]' Cc: zones-discuss@opensolaris.org Subject: RE: [zones-discuss] Problem patching zones with kernel patch 120011-14 Enda, Thank you for the insight.. I can't tell if its doing anything at this point since /var/run is at 100% with a lot of lofs mounts, and am hesitant to break the patchadd unless you think I should ;) I moved the zone to ufs to see about patching, and that's when I ran into the /var/run issue.. I attached my df output: # df -k Filesystemkbytesused avail capacity Mounted on /dev/vx/dsk/bootdg/rootvol 8262473 4950593 322925661%/ /devices 0 0 0 0%/devices ctfs 0 0 0 0%/system/contract proc 0 0 0 0%/proc mnttab 0 0 0 0%/etc/mnttab swap 47464241360 4745064 1%/etc/svc/volatile objfs 0 0 0 0%/system/object fd 0 0 0 0%/dev/fd /dev/vx/dsk/bootdg/var 4132034 1110109 298060528%/var swap 1048576 29040 1019536 3%/tmp swap 20480 20480 0 100%/var/run swap 4745064 0 4745064 0%/dev/vx/dmp swap 4745064 0 4745064 0%/dev/vx/rdmp /8262473 4950593 322925661% /var/run/.patchSafeMode/root /var 4132034 1110109 298060528% /var/run/.patchSafeMode/root/var /dev/vx/dsk/DG1_js10/zone_os 8388608 4083681 403620551%/zone_os2 /dev/vx/dsk/DG1_js10/zone_os2 8256877 4008614 416569550%/zone_os /zone_os 8256877 4008638 416567150% /var/run/.patchSafeMode/root/zone_os swap 4745072 8 4745064 1% /zone_os/dse-zone3-d/lu /var/run/.patchSafeModeOrigFiles/usr/kernel/pcbe/sparcv9/pcbe.4.3 20480 20480 0 100% /usr/kernel/pcbe/sparcv9/pcbe.4.3 /var/run/.patchSafeModeOrigFiles/usr/kernel/pcbe/sparcv9/pcbe.4.5 20480 20480 0 100% /usr/kernel/pcbe/sparcv9/pcbe.4.5 /var/run/.patchSafeModeOrigFiles/usr/platform/sun4us/include/sys/dvma.h 20480 20480 0 100% /usr/platform/sun4us/include/sys/dvma.h /var/run/.patchSafeModeOrigFiles/usr/platform/sun4us/include/sys/machcpu var.h 20480 20480 0 100% /usr/platform/sun4us/include/sys/machcpuvar.h /var/run/.patchSafeModeOrigFiles/usr/platform/sun4us/include/sys/machpar am.h 20480 20480 0 100% /usr/platform/sun4us/include/sys/machparam.h /var/run/.patchSafeModeOrigFiles/usr/platform/sun4us/include/sys/memnode .h 20480 20480 0 100% /usr/platform/sun4us/include/sys/memnode.h /var/run/.patchSafeModeOrigFiles/usr/platform/sun4us/include/sys/opl_hwd esc.h 20480 20480 0 100% /usr/platform/sun4us/include/sys/opl_hwdesc.h /var/run/.patchSafeModeOrigFiles/usr/platform/sun4us/include/sys/sbd_ioc tl.h 20480 20480 0 100% /usr/platform/sun4us/include/sys/sbd_ioctl.h /var/run/.patchSafeModeOrigFiles/usr/platform/sun4us/include/sys/vm_mach param.h 20480 20480 0 100% /usr/platform/sun4us/include/sys/vm_machparam.h /var/run/.patchSafeModeOrigFiles/usr/platform/sun4us/include/vm/hat_sfmm u.h 20480 20480 0 100% /usr/platform/sun4us/include/vm/hat_sfmmu.h /var/run/.patchSafeModeOrigFiles/usr/platform/sun4us/lib/mdb/kvm/sparcv9 /unix.so 20480 20480 0 100%
Re: [zones-discuss] Problem patching zones with kernel patch 120011-14
Hi Unfortunately 20M is very small even for /var/run itself. There appears to be a bug in the space checking part of pdo that verifies /var/run I will investigate more, but considering we are copying in approx 1000+ files to /var/run the more the merrier ( I would suggest having upwards of 500M in /var/run ) Enda Blatt, Andrew (GTI) wrote: Is there a required size for /var/run that I should be aware of? I'm rebuilding the box now, to retest if there is a required size. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Monday, October 15, 2007 11:49 AM To: Blatt, Andrew (GTI) Cc: zones-discuss@opensolaris.org Subject: Re: [zones-discuss] Problem patching zones with kernel patch 120011-14 Hi yes unfortunately, I'll contact the developers and have a look at the code not much you can do other than reinstall/recover sorry Enda Blatt, Andrew (GTI) wrote: Looks like corruption: cp: /var/run/.patchSafeModeOrigFiles/usr/sbin/zoneadm: No space left on device cp: /var/run/.patchSafeModeOrigFiles/usr/sbin/zonecfg: No space left on device cp: /var/run/.patchSafeModeOrigFiles/usr/share/lib/xml/dtd/zonecfg.dtd.1: write: No space left on device Done! /a/var/sadm/patch/120011-14/log: No such file or directory bash-3.00# pwd After rebooting post-patch: Rebooting with command: boot Boot device: v10_0_3_2 File and args: not found: vtag_flushctx not found: vtag_flushctx not found: vtag_flushctx not found: vtag_flushctx_tl1 not found: vtag_flushctx_tl1 not found: ctx_pgsz_array not found: ctx_pgsz_array not found: ctx_pgsz_array not found: ctx_pgsz_array krtld: error during initial load/link phase panic - boot: exitto64 returned from client program Program terminated -Original Message- From: Blatt, Andrew (GTI) Sent: Monday, October 15, 2007 11:37 AM To: '[EMAIL PROTECTED]' Cc: zones-discuss@opensolaris.org Subject: RE: [zones-discuss] Problem patching zones with kernel patch 120011-14 Enda, Thank you for the insight.. I can't tell if its doing anything at this point since /var/run is at 100% with a lot of lofs mounts, and am hesitant to break the patchadd unless you think I should ;) I moved the zone to ufs to see about patching, and that's when I ran into the /var/run issue.. I attached my df output: # df -k Filesystemkbytesused avail capacity Mounted on /dev/vx/dsk/bootdg/rootvol 8262473 4950593 322925661%/ /devices 0 0 0 0%/devices ctfs 0 0 0 0% /system/contract proc 0 0 0 0%/proc mnttab 0 0 0 0%/etc/mnttab swap 47464241360 4745064 1% /etc/svc/volatile objfs 0 0 0 0%/system/object fd 0 0 0 0%/dev/fd /dev/vx/dsk/bootdg/var 4132034 1110109 298060528%/var swap 1048576 29040 1019536 3%/tmp swap 20480 20480 0 100%/var/run swap 4745064 0 4745064 0%/dev/vx/dmp swap 4745064 0 4745064 0%/dev/vx/rdmp /8262473 4950593 322925661% /var/run/.patchSafeMode/root /var 4132034 1110109 298060528% /var/run/.patchSafeMode/root/var /dev/vx/dsk/DG1_js10/zone_os 8388608 4083681 403620551%/zone_os2 /dev/vx/dsk/DG1_js10/zone_os2 8256877 4008614 416569550%/zone_os /zone_os 8256877 4008638 416567150% /var/run/.patchSafeMode/root/zone_os swap 4745072 8 4745064 1% /zone_os/dse-zone3-d/lu /var/run/.patchSafeModeOrigFiles/usr/kernel/pcbe/sparcv9/pcbe.4.3 20480 20480 0 100% /usr/kernel/pcbe/sparcv9/pcbe.4.3 /var/run/.patchSafeModeOrigFiles/usr/kernel/pcbe/sparcv9/pcbe.4.5 20480 20480 0 100% /usr/kernel/pcbe/sparcv9/pcbe.4.5 /var/run/.patchSafeModeOrigFiles/usr/platform/sun4us/include/sys/dvma.h 20480 20480 0 100% /usr/platform/sun4us/include/sys/dvma.h /var/run/.patchSafeModeOrigFiles/usr/platform/sun4us/include/sys/machcpu var.h 20480 20480 0 100% /usr/platform/sun4us/include/sys/machcpuvar.h /var/run/.patchSafeModeOrigFiles/usr/platform/sun4us/include/sys/machpar am.h 20480 20480 0 100% /usr/platform/sun4us/include/sys/machparam.h /var/run/.patchSafeModeOrigFiles/usr/platform/sun4us/include/sys/memnode .h 20480 20480 0 100% /usr/platform/sun4us/include/sys/memnode.h
Re: [zones-discuss] RSC cards and zlogin -C to a zone clash of interest
Ihsan Zaghmouth wrote: Here's one issue that was raised by a Sun customer ... Looks like we have a clash of ineterst on ~. They have v490s with RSC cards (Remote System Control) and Zones. When they do *console -C zone* , then do a *~.* to disconnect from that zones console, it takes them to the *RSC prompt.* If they console from there, they go back to the zone console. They can't escape back to the global zone. Anyone seen this before... Any thoughts ? does ~~. help cheers Ihsan ___ zones-discuss mailing list zones-discuss@opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] RSC cards and zlogin -C to a zone clash of interest
Ihsan Zaghmouth wrote: Well I recommended the customer to use the -e option when they zlogin and change it to ? or or any other character they wish for, at least for now. zlogin *-e ?* -C zonename *-e* c Specifies a different escape character, c, for the key sequence used to access extended functions and to disconnect from the login. *The default escape character is the tilde (~).* as both use tilde, you need the double ~~. ie escape the tilde itself as I suggested ( try it and it should work ) Enda Enda O'Connor ( Sun Micro Systems Ireland) wrote: Ihsan Zaghmouth wrote: Here's one issue that was raised by a Sun customer ... Looks like we have a clash of ineterst on ~. They have v490s with RSC cards (Remote System Control) and Zones. When they do *console -C zone* , then do a *~.* to disconnect from that zones console, it takes them to the *RSC prompt.* If they console from there, they go back to the zone console. They can't escape back to the global zone. Anyone seen this before... Any thoughts ? does ~~. help cheers Ihsan ___ zones-discuss mailing list zones-discuss@opensolaris.org -- ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] troubleshooting zone boot issues - failed with exit code 32
Jerry Kemp wrote: I have a Sun T2000 running Solaris 10u2, all UFS file systems that has been in place for several months. This morning during a reboot, I had a zone that would not come back up. It failed to boot due to an inability to mount /svc with an error of failed with exit code 32. I did many Yahoo and Google searches and also looked at the most recent Solaris Containers - Resource Management and Solaris Zones guide that was just released this summer. I did see that several people has encountered this issue, but did not find any resolutions. Posted below are some specifics about the zone in question. tech3 is the global zone and tech10 is the zone with booting problems. The zoneadm that shows the error had to be recreated from memory as I needed to get a work-around in place and did not get a capture of the error, but the error code is accurate. Where can I research this error code in more detail? TIA, Jerry K - tech3 / 170 # uname -a SunOS tech3 5.10 Generic_118833-18 sun4v sparc SUNW,Sun-Fire-T200 tech3 / 171 # zonecfg -z tech10 info zonepath: /export/zones/tech10 autoboot: false pool: inherit-pkg-dir: dir: /lib inherit-pkg-dir: dir: /platform inherit-pkg-dir: dir: /sbin inherit-pkg-dir: dir: /usr fs: dir: /opt special: /dev/md/dsk/d71 raw: /dev/md/rdsk/d71 type: ufs options: [logging] fs: dir: /usr/local special: /dev/md/dsk/d70 raw: /dev/md/rdsk/d70 type: ufs options: [logging] fs: dir: /prod special: /dev/md/dsk/d72 raw: /dev/md/rdsk/d72 type: ufs options: [logging] fs: dir: /svc special: /dev/md/dsk/d73 raw: /dev/md/rdsk/d73 type: ufs options: [logging] net: address: 10.9.3.79 physical: ipge1 attr: name: comment type: string value: tech10 zone tech3 / 172 # tech3 / 173 # cat /etc/release Solaris 10 6/06 s10s_u2wos_09a SPARC Copyright 2006 Sun Microsystems, Inc. All Rights Reserved. Use is subject to license terms. Assembled 09 June 2006 tech3 / 174 # zoneadm -z tech10 boot zoneadm: zone 'tech10': /usr/lib/fs/dev/mount -o attrdir=/export/tech10/svc /svc /dev/md/dsk/d73 failed with exit code 32 zoneadm: zone 'tech10': call to zoneadmd failed tech3 / 175 # ___ zones-discuss mailing list zones-discuss@opensolaris.org Hi could be a range of things as Jerry mentioned, is the d73 shared out in the global zone by any chance since last zone boot, is it some how busy in the global zone? perhaps run the failing mount command in a truss, ie truss -o /tmp/mount.txt -fae mount ... from the command line in the global Might give some more indication of why the mount is failing. Enda ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] Problem patching zones with kernel patch 120011-14
Hi your sparse zone's zonepath in in /usr and it inherits /usr as well. In our testing pkgadd calls getcwd in /dev/.SUNW_patches_0909107281-1123512-01035723188c/120011-14 inside the zone, which instead of returning /dev/.SUNW.. as the absolute path returns the absolute path /usr/local/zones/[zonename]/lu/dev/.SUNW and this is the what causes the failure in the sparse zone. Need to do some more investigation as to why the whole root zone is failing to see if it's the same problem. What is the zonecfg of the whole root zone. Enda Philip Nelson wrote: Path /usr/local/zones, and the zonepath under it, are part of the global zone's /usr/local filesystem. They are not separate mounts. On the system where the kernel patch worked, the zonepaths are separate mounts. -Philip Enda O'Connor wrote: Philip Nelson wrote: Enda O'Connor wrote: Philip Nelson wrote: They're 755, all the way to /. Here's the actual error message a small zone gets: /usr/local/zones/[zonename]/lu/dev/.SUNW_patches_0909107281-1123512-01035723188c/120011-14/SUNWbart/install/checkinstall: /usr/local/zones/[zonename]/lu/dev/.SUNW_patches_0909107281-1123512-01035723188c/120011-14/SUNWbart/install/checkinstall: cannot open pkgadd: ERROR: checkinstall script did not complete successfully Dryrun complete. No changes were made to the system. Hi Philip what is the premissions on the directory structure containing the patch being added? 775. can you boot and halt the zone prior to running patchadd Yes--that's how I did it. I just patched a 6/01 server with containers, successfully this time. The only differences I can see are that the failing servers are 6/06 instead of 6/01 (my earlier 6/01 problem was with a ZFS zone root), and that the working 6/01 server has the container roots mounted on their own UFS partitions. The zone roots are still permissions 700, but the underlying mount points (what you see if you unmount the zone roots) are 755. On the failing servers, the zone roots are not mounted on their own partitions; they are simply part of the /usr/local partition. hmm, need to test this locally to see what is up, suspect that the code in patchadd that mounts things up for installing the 120011 patch is getting confused somewhere. So just to be clear, /usr/local/zones is part of the root filesystem, it's not a seperate mount. Enda Any idea if nobody would be able to reference an underlying mount point, and ignore the perms of the filesystem mounted on top of it? -Philip Enda -Philip Enda O'Connor wrote: Philip wrote: I've run into difficulty installing sparc kernel patch 120011-14 from the Oct/03/07 recommended patch cluster onto 6/01 and 6/06 systems with non-global zones (whether small or large). As long as all non-global zones are halted (and don't have ZFS roots), the patch installs all right in the global zone. However, it gives a failure message for installation in the non-global zones because user nobody can't read the zone roots (due to the required 700 permissions on those directories). If I try to give nobody read access to those directories, the patch fails anyhow because it can't boot the non-global zone (it fails on the 700 perms check). I can't run the patch with the zones already started because the kernel patch requires them to be halted (for deferred activation patching). So, I'm boxed in. There are a couple other patches not installing into the non-global zones because they fail a dependency check on the kernel patch. I'm hoping that the small zones are inheriting the patches anyhow, but I don't know what to do with the big zones. Any thoughts? This message posted from opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org Hi wierd, my zonepaths are all 700 and it works fine, what is the permission of the parent of zonepath? Enda ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] Problem patching zones with kernel patch 120011-14
Philip wrote: I've run into difficulty installing sparc kernel patch 120011-14 from the Oct/03/07 recommended patch cluster onto 6/01 and 6/06 systems with non-global zones (whether small or large). As long as all non-global zones are halted (and don't have ZFS roots), the patch installs all right in the global zone. However, it gives a failure message for installation in the non-global zones because user nobody can't read the zone roots (due to the required 700 permissions on those directories). If I try to give nobody read access to those directories, the patch fails anyhow because it can't boot the non-global zone (it fails on the 700 perms check). I can't run the patch with the zones already started because the kernel patch requires them to be halted (for deferred activation patching). So, I'm boxed in. There are a couple other patches not installing into the non-global zones because they fail a dependency check on the kernel patch. I'm hoping that the small zones are inheriting the patches anyhow, but I don't know what to do with the big zones. Any thoughts? This message posted from opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org Hi wierd, my zonepaths are all 700 and it works fine, what is the permission of the parent of zonepath? Enda ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] Problem patching zones with kernel patch 120011-14
Philip Nelson wrote: They're 755, all the way to /. Here's the actual error message a small zone gets: /usr/local/zones/[zonename]/lu/dev/.SUNW_patches_0909107281-1123512-01035723188c/120011-14/SUNWbart/install/checkinstall: /usr/local/zones/[zonename]/lu/dev/.SUNW_patches_0909107281-1123512-01035723188c/120011-14/SUNWbart/install/checkinstall: cannot open pkgadd: ERROR: checkinstall script did not complete successfully Dryrun complete. No changes were made to the system. Hi Philip what is the premissions on the directory structure containing the patch being added? can you boot and halt the zone prior to running patchadd Enda -Philip Enda O'Connor wrote: Philip wrote: I've run into difficulty installing sparc kernel patch 120011-14 from the Oct/03/07 recommended patch cluster onto 6/01 and 6/06 systems with non-global zones (whether small or large). As long as all non-global zones are halted (and don't have ZFS roots), the patch installs all right in the global zone. However, it gives a failure message for installation in the non-global zones because user nobody can't read the zone roots (due to the required 700 permissions on those directories). If I try to give nobody read access to those directories, the patch fails anyhow because it can't boot the non-global zone (it fails on the 700 perms check). I can't run the patch with the zones already started because the kernel patch requires them to be halted (for deferred activation patching). So, I'm boxed in. There are a couple other patches not installing into the non-global zones because they fail a dependency check on the kernel patch. I'm hoping that the small zones are inheriting the patches anyhow, but I don't know what to do with the big zones. Any thoughts? This message posted from opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org Hi wierd, my zonepaths are all 700 and it works fine, what is the permission of the parent of zonepath? Enda ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] Problem patching zones with kernel patch 120011-14
Philip Nelson wrote: Enda O'Connor wrote: Philip Nelson wrote: They're 755, all the way to /. Here's the actual error message a small zone gets: /usr/local/zones/[zonename]/lu/dev/.SUNW_patches_0909107281-1123512-01035723188c/120011-14/SUNWbart/install/checkinstall: /usr/local/zones/[zonename]/lu/dev/.SUNW_patches_0909107281-1123512-01035723188c/120011-14/SUNWbart/install/checkinstall: cannot open pkgadd: ERROR: checkinstall script did not complete successfully Dryrun complete. No changes were made to the system. Hi Philip what is the premissions on the directory structure containing the patch being added? 775. can you boot and halt the zone prior to running patchadd Yes--that's how I did it. I just patched a 6/01 server with containers, successfully this time. The only differences I can see are that the failing servers are 6/06 instead of 6/01 (my earlier 6/01 problem was with a ZFS zone root), and that the working 6/01 server has the container roots mounted on their own UFS partitions. The zone roots are still permissions 700, but the underlying mount points (what you see if you unmount the zone roots) are 755. On the failing servers, the zone roots are not mounted on their own partitions; they are simply part of the /usr/local partition. hmm, need to test this locally to see what is up, suspect that the code in patchadd that mounts things up for installing the 120011 patch is getting confused somewhere. So just to be clear, /usr/local/zones is part of the root filesystem, it's not a seperate mount. Enda Any idea if nobody would be able to reference an underlying mount point, and ignore the perms of the filesystem mounted on top of it? -Philip Enda -Philip Enda O'Connor wrote: Philip wrote: I've run into difficulty installing sparc kernel patch 120011-14 from the Oct/03/07 recommended patch cluster onto 6/01 and 6/06 systems with non-global zones (whether small or large). As long as all non-global zones are halted (and don't have ZFS roots), the patch installs all right in the global zone. However, it gives a failure message for installation in the non-global zones because user nobody can't read the zone roots (due to the required 700 permissions on those directories). If I try to give nobody read access to those directories, the patch fails anyhow because it can't boot the non-global zone (it fails on the 700 perms check). I can't run the patch with the zones already started because the kernel patch requires them to be halted (for deferred activation patching). So, I'm boxed in. There are a couple other patches not installing into the non-global zones because they fail a dependency check on the kernel patch. I'm hoping that the small zones are inheriting the patches anyhow, but I don't know what to do with the big zones. Any thoughts? This message posted from opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org Hi wierd, my zonepaths are all 700 and it works fine, what is the permission of the parent of zonepath? Enda ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] Problem patching zones with kernel patch 120011-14
Hi seems to be a problem with zones under / file system. I will look into this more tomorrow. Enda Philip Nelson wrote: Path /usr/local/zones, and the zonepath under it, are part of the global zone's /usr/local filesystem. They are not separate mounts. On the system where the kernel patch worked, the zonepaths are separate mounts. -Philip Enda O'Connor wrote: Philip Nelson wrote: Enda O'Connor wrote: Philip Nelson wrote: They're 755, all the way to /. Here's the actual error message a small zone gets: /usr/local/zones/[zonename]/lu/dev/.SUNW_patches_0909107281-1123512-01035723188c/120011-14/SUNWbart/install/checkinstall: /usr/local/zones/[zonename]/lu/dev/.SUNW_patches_0909107281-1123512-01035723188c/120011-14/SUNWbart/install/checkinstall: cannot open pkgadd: ERROR: checkinstall script did not complete successfully Dryrun complete. No changes were made to the system. Hi Philip what is the premissions on the directory structure containing the patch being added? 775. can you boot and halt the zone prior to running patchadd Yes--that's how I did it. I just patched a 6/01 server with containers, successfully this time. The only differences I can see are that the failing servers are 6/06 instead of 6/01 (my earlier 6/01 problem was with a ZFS zone root), and that the working 6/01 server has the container roots mounted on their own UFS partitions. The zone roots are still permissions 700, but the underlying mount points (what you see if you unmount the zone roots) are 755. On the failing servers, the zone roots are not mounted on their own partitions; they are simply part of the /usr/local partition. hmm, need to test this locally to see what is up, suspect that the code in patchadd that mounts things up for installing the 120011 patch is getting confused somewhere. So just to be clear, /usr/local/zones is part of the root filesystem, it's not a seperate mount. Enda Any idea if nobody would be able to reference an underlying mount point, and ignore the perms of the filesystem mounted on top of it? -Philip Enda -Philip Enda O'Connor wrote: Philip wrote: I've run into difficulty installing sparc kernel patch 120011-14 from the Oct/03/07 recommended patch cluster onto 6/01 and 6/06 systems with non-global zones (whether small or large). As long as all non-global zones are halted (and don't have ZFS roots), the patch installs all right in the global zone. However, it gives a failure message for installation in the non-global zones because user nobody can't read the zone roots (due to the required 700 permissions on those directories). If I try to give nobody read access to those directories, the patch fails anyhow because it can't boot the non-global zone (it fails on the 700 perms check). I can't run the patch with the zones already started because the kernel patch requires them to be halted (for deferred activation patching). So, I'm boxed in. There are a couple other patches not installing into the non-global zones because they fail a dependency check on the kernel patch. I'm hoping that the small zones are inheriting the patches anyhow, but I don't know what to do with the big zones. Any thoughts? This message posted from opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org Hi wierd, my zonepaths are all 700 and it works fine, what is the permission of the parent of zonepath? Enda ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] /dev/ttyp* to non-global zone
Bangalore, Suresh wrote: Hi Gurus We have a non-global zone which is currently configured, installed and running. Now Customer wants to add /dev/ttyp* to the non-global zone. Tried adding to the zonecfg using adding device match: /dev/ttyp* and then rebooted the zone. This doesn't work. Hi It should work, what is your customer running ( 8/07 has a problem with adding devices, or systems running 120012-14/120011-14 ) Also why are they doing this, adding one half of the pseudo teminal to a non-global zone? Enda Is there any way to configure this without uninstalling and reinstalling the zone again. Thanks Suresh This e-mail and any attachments may contain confidential information that is intended solely for the use of the intended recipient and may be subject to copyright. If you receive this e-mail in error, please notify the sender immediately and delete the e-mail and its attachments from your system. You must not disclose, copy or use any part of this e-mail if you are not the intended recipient. Any opinion expressed in this e-mail and any attachments is not an opinion of RailCorp unless stated or apparent from its content. RailCorp is not responsible for any unauthorised alterations to this e-mail or any attachments. RailCorp will not incur any liability resulting directly or indirectly as a result of the recipient accessing any of the attached files that may contain a virus. ___ zones-discuss mailing list zones-discuss@opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] S10 U3 Live Upgrade with zones
Richard Weatherley wrote: Hi Enda What is the ETA for 119255 ( -42) that addresses the problems with deferred activation patching for ZFS and VxFS when trying to install 120012-14? Thanks. This message posted from opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org Hi I will try and get some preliminary dates ( it will not in 43 is all I can say ) I have added some people how are working on resolving these issues ( well it one issue really ) Enda ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] S10 U3 Live Upgrade with zones
Enda O'Connor ( Sun Micro Systems Ireland) wrote: Richard Weatherley wrote: Hi Enda What is the ETA for 119255 ( -42) that addresses the problems with deferred activation patching for ZFS and VxFS when trying to install 120012-14? Thanks. This message posted from opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org Hi I will try and get some preliminary dates ( it will not in 43 is all I can say ) I have added some people how are working on resolving these issues ( well it one issue really ) Enda ___ zones-discuss mailing list zones-discuss@opensolaris.org Hi Also meant to say, sorry for the hassle incurred here, but we are working towards getting a fix for this out soon. Enda ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] bug? zone wont create device files during boot
Dan Price wrote: On Tue 02 Oct 2007 at 07:35AM, Konstantin Gremliza wrote: Someone earlier stated that this was also broken in SXDE-- as far as I know that is *not* the case. One of the reasons this has been a troublesome area is that in Nevada the /dev zones implementation is radically different from S10, due to the existence of the devnames project in Nevada. Hence the S10 and Nevada code is pretty in this area. -dp Before I posted this to [zone-discuss] I tried again on SXDE 09/07, and the same problem occured. Adding a device match will not create any device files in ZONEPATH/dev. Konstantin, we'll go back and retest SXDE 9/07, although at present we don't have a bug for this problem open against SXDE. As I said, the code is basically completely different in that area between SXDE and S10, so it would have to be a new and different bug. My desktop is a SPARC box running build 72 (which AFAIK is SXDE 9/07) and I don't see this there; this is an example of adding, then removing a pseudo device in a basic test: # uname -a SunOS snowdog 5.11 snv_72 sun4u sparc SUNW,A70 # ls -l /aux/foo/root/dev/lockstat /aux/foo/root/dev/lockstat: No such file or directory # zonecfg -z foo 'add device; set match=/dev/lockstat; end' # zoneadm -z foo reboot # ls -l /aux/foo/root/dev/lockstat crw-r--r-- 1 root sys 89, 0 Oct 3 02:55 /aux/foo/root/dev/lockstat # zonecfg -z foo 'remove device match=/dev/lockstat' # zoneadm -z foo reboot # ls -l /aux/foo/root/dev/lockstat /aux/foo/root/dev/lockstat: No such file or directory (Please note that I'm not advising that anyone add /dev/lockstat to their zone; I simply used it as a test case). Perhaps you could post your SXDE test case? -dp - Daniel Price - Solaris Kernel Engineering - [EMAIL PROTECTED] - blogs.sun.com/dp ___ zones-discuss mailing list zones-discuss@opensolaris.org Hi I tried build 74, add device set match=/dev/dsk/c0t0d0s7 end add device set match=/dev/rdsk/c0t0d0s7 end rebooted zone and device is there ( verified it wasn't before hand ) We need the user case that fails. Enda ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] bug? zone wont create device files during boot
Jerry Jelinek wrote: Enda O'Connor ( Sun Micro Systems Ireland) wrote: I tried build 74, add device set match=/dev/dsk/c0t0d0s7 end add device set match=/dev/rdsk/c0t0d0s7 end rebooted zone and device is there ( verified it wasn't before hand ) We need the user case that fails. Enda, I thought the original email used a wildcard match like this: set match=/dev/*dsk/c1t15d0s* I just tried that on build 74 and it worked fine though, so I agree that we need more info. Jerry Hi Jerry hadn't spotted the wildcard :-) but it does appear to work non the less. Enda ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] S10 U3 Live Upgrade with zones
Ihsan Zaghmouth wrote: Enda, If you go over the 72099 carefully, here is what it says now: *The following patch has been withdrawn and until a new version is released you can not use LU on systems with zones* Solaris 10sparc 120272-12 /search/document.do?assetkey=urn:cds:docid:1-21-120272-12-1 SMA Patch . 120011-14 /search/document.do?assetkey=urn:cds:docid:1-21-120011-14-1 depends on it *The following patch has been withdrawn and until a new version is released you can not use LU on systems with zones* Solaris 10x86 120273-13 /search/document.do?assetkey=urn:cds:docid:1-21-120273-13-1 SMA patch . 120012-14 /search/document.do?assetkey=urn:cds:docid:1-21-120012-14-1 depends on this The SMA patch for both SPARC and X86 has been WITHDRAWN. Reason: Adding patch 120272-12 or 120273-13 corrupts the /etc/sma/snmpd.conf file causing the snmpd services not to come up after patching. That is what I am trying to convey. That is the confusion right here ! Its affecting the JP Indeed this is the current problem, the plan is to release the fixed SPARC SMA patch end of this week, unfortunately x86 SMA patch is delayed till next week at the earliest I suspect. Enda Ihsan Enda O'Connor wrote: Hi Appears there is some confusion here, what is the patch that is missing, I though the patch list was complete by now, 9 thre were issues with the u4 Ku not being available due to a requirement being uprev'ed. I could be wrong, but as u4 is finished all patches are now cut. Enda Ihsan Zaghmouth wrote: Hi Enda, What is the status of the NOTE in 72099 ? Are you saying that the list is complete and that whatever is there is final and it should work now ? *Should the info doc be revised then ? Please advise * NOTE: *This patch list is currently incomplete for Solaris[TM] 10 systems running zones. * One patch that impacts patching zones is not available for either SPARC or x86 platforms. *If you are not using Live Upgrade on a system involving zones, the patch list below is complete.* Ihsan Enda O'Connor wrote: Hi This should work, are you using the latest released rev's of the patches listed, are you using the packages from 8/07? So what are the exact steps you followed, and the step where the error occurs. Enda Sergiy Kolodka wrote: Guys, Can someone please confirm or deny if it is possible to do LiveUpgrade from Solaris 11/06 with zones installed to Solaris 8/07 ? I've tried to apply all patches mentioned in 72099 doco from SunSolve, but lucreate keep complaining that I need to install all required patches in order to do upgrade with zones, and I'm pretty sure that I already have all them installed, actually I checked that five times and they are in fact. Whey I deattached zones process went pretty smooth, but that's not what I'm looking for. So, am I missing something or LiveUpgrade with zones still doesn't work ? Thanks ! This message posted from opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org -- ___ zones-discuss mailing list zones-discuss@opensolaris.org -- ___ zones-discuss mailing list zones-discuss@opensolaris.org
