Hi,
A work-around for this issue has been provided by SunSupport. The
direct parent of a zonepath must not be a dataset. That is
/tank/myzone will result in a new dataset being created.
/tank/some_empty_dir/myzone will get you a zonepath that's just a
directory. Yay, SunSupport!
CT
On Sat, Feb 13, 2010 at 3:10 AM, Frank Batschulat (Home)
wrote:
>
>
> a '-x nodataset' option for 'clone' like in 'install' is unlikely going to
> happen, in
> fact I will remove the '-x nodataset' option for 'install' completely soon in
> OSOL build 135
OK, I need my sanity confirmed because I
On Tue, Feb 16, 2010 at 4:59 PM, Dombrowski, Neil
wrote:
> For an example, let's say zone1 has a default route using gateway 172.16.1.1
> and zone2 has a default router using gateway 192.168.0.1. If I am logged into
> the global zone, and it needs to send a packet to 10.10.10.10, will it use
>
> Does the data really need to be under the zonepath? If you were to do
> something like:
>
> zfs create -o mountpoint=/stuff rpool/stuff
> mkdir /stuff/z1 /stuff/z2
>
> zonecfg -z z1
> add fs
> set dir=/stuff
> set special=/stuff/z1
> set options=rw
> end
> exit
>
> zonecfg -z z2
> add fs
> set d
On Sat, Feb 13, 2010 at 3:10 AM, Frank Batschulat (Home)
wrote:
> a '-x nodataset' option for 'clone' like in 'install' is unlikely going to
> happen, in
> fact I will remove the '-x nodataset' option for 'install' completely soon in
> OSOL build 135
>
> PSARC 2010/008 Remove zoneadm install su
Hi, I'm sorry to bug the OpenSolaris for a question that pertains to
S10U8, but I am really stuck.
I am doing a zoneadm clone -m copy, and I do not want a new ZFS
dataset even though my zonepath is on a ZFS filesystem, for
performance reasons particular to how I am using my zones.
Unfortunately, z
I'm about to make a change to the dependency of routing-setup, I just
want to check first if this has been filed as a CR and has been fixed.
The problem is that zones and routing-setup both trace their
dependency back to milestone/network, but no relationship to each
other. I have a priori knowle
On Sat, Nov 21, 2009 at 2:31 AM, nikolay wrote:
> So the best way for me is 'downgrading' my OS (have no idea how to do
> this)??? What the f...k these containers are needed for? I have only one
> sparc workstation, so have no machine to install Solaris 9 (but it's crucial
> for some software I
On Wed, Jul 15, 2009 at 3:32 PM, Patrick J.
McEvoy wrote:
> I am trying to pre-configure zones with sysidcfg as described in:
>
>
> http://docs.sun.com/app/docs/doc/817-1592/z.login.task-38?l=en&a=view&q=sysidcfg+and+containers
>
> Basically:
>
>clone a zone
>zoneadm -z ready
>edit
> Installing from a repo is orthogonal to the sparse
> vs. whole root discussion. That is tracked as:
>
> 1947 Offline zone creation is impossible
I'm not complaining, just describing what's important to me (and my
shop) re:zones going forward. This thread started out as "no sparse
zone on OS",
On Mon, May 18, 2009 at 9:59 AM, Jerry Jelinek wrote:
> Thanks for the write-up. It is helpful for us to
> know what peoples concerns are for the sparse vs. whole
> root configurations.
Our application make and destroy zones as needed. We've built up a
set of tools to create, clone, and tear d
I realize that zoneadmd is a private interface, but, here´s a
question. Can I have a running zone and no zoneadmd running, at all?
If yes, what does it mean?
--
http://www.apress.com/book/view/1430218916
---
Pro OpenSolaris - 57 var
On Thu, Apr 30, 2009 at 11:25 AM, solarg wrote:
> hello all,
> i'm wondering how to create a sparse zone in os2008.11:
> - in solaris 10, just use "create" instead of "create -b" does a "sparse"
> zone
> - in os2008.11, you have to add manually:
> add inherit-pkg-dir
Ermmm ... I don't think zones
> The problem I have is when creating shared IP zones on another subnet,
> such as the 192.168.0.0/19: subnet 192.168.96.0/19 is unreachable and
> they cannot connet to the outside world through 192.168.96.1.
It can't work this way. Your zone on 192.168.0.0/19 will never see
192.168.96.1 because
> fs:
>dir: /netapp/tacacs
>special: /syslog-local/netapp/tacacs
>raw not specified
>type: lofs
>options: []
> fs:
>dir: /netapp/syslog
>special: /syslog-local/netapp/syslog
>raw not specified
>type: lofs
>options: []
On Fri, Feb 13, 2009 at 8:16 PM, Jordan Vaughan wrote:
> Hi Cristine,
>
> I tried both methods on OpenSolaris 2008.11 and they worked for me. My
> guess is that there's something wrong with your script. Perhaps you forgot
> to close a control construct (e.g., end an if block with fi).
Errmm, we
I'm writing a script that adds an LOFS to a zone, using a pre-made
batch file it works but I rather generate this on the fly.
It looks something like this:
if [ something ]; then
zonecfg -z $myzone << EOF
add fs
set dir=/tmp/foo
set special=/tmp/foo
set type=lofs
add options
On Thu, Jan 29, 2009 at 10:44 AM, Jerry Jelinek wrote:
> It would be nice to try to understand more about
> what you did so we could try to figure out why
> the dataset was left mounted when you halted the zone.
> If there is anything unusual you can recall, please
> let me know.
I don't think I
> What is the output of 'mount -p' and 'zfs list' on this
> system?
r...@ender:/# mount -p
rpool/ROOT/opensolaris - / zfs - no
/devices - /devices devfs - no
/dev - /dev dev - no
ctfs - /system/contract ctfs - no
proc - /proc proc - no
mnttab - /etc/mnttab mntfs - no
swap - /etc/svc/volatile tmpfs
On Thu, Jan 29, 2009 at 9:20 AM, Jerry Jelinek wrote:
>
> You haven't provided much information so its hard
> to help you. What build are you running? The
> issue described in the thread you reference should
> be fixed in the OpenSolaris 2008.11 release. Do
> you have a second BE mounted, as i
I am running into this:
https://opensolaris.org/jive/thread.jspa?threadID=79673
r...@ender:/# zoneadm -z web boot
zone 'web': Error: error mounting zone root dataset.
zone 'web':
zoneadm: zone 'web': call to zoneadmd failed
When I go to check the CR, there's nothing in the workaround. I just
ne
> You can add multiple physicals to a shared stack zone, they are
> just added as logicals. You need the underlying interface plumbed
> in the global zone though. An exclusive stack doesn't know anything
> about other zones' network configuration.
OK, I'm beginning to see. Like this, you mean?
g
>> Unless ip_restrict_interzone_loopback is 0 (the default is 1 on OS).
>> You can have zones of type exclusive-ip plumbed on different
>> interfaces but not cabled up if this parameter is set to 0.
>
> Where is this documented?
This is what started the whole kerfuffle for me,
https://www.openso
On Fri, Jan 23, 2009 at 4:27 AM, Jon Anderson wrote:
> Hi,
>
> Do you have more details on your zone configuration? If you are
> using exclusive stack zones then this is expected.
>
Hmm, I thought the exact opposite. zones of type exclusive-ip type,
plumbed on different interfaces, will drive th
Hi,
Has anyone *actually* observe that you can communicate between zones
with the cable removed when /dev/ip ip_restrict_interzone_loopback is
set to 0?
Here's my setup, s10u5.
global: 192.168.1.60/24 e1000g0, cabled
zone1: 192.168.1.61/24 e1000g1, cabled
zone2: 192.168.1.62/24 e1000g2, not cabl
My apologies for being late replying.
I've thought of posting the cluster I use but it seems that everyone
has has a special build particular to their needs.For example, most
people would not use kerberos, but it's in rnet. You could make a
case for SUNWbip, SUNWrcmdc, NTP ... how much do you rea
On Tue, Dec 16, 2008 at 6:13 PM, Fredrich Maney wrote:
> Instead of snooping the traffic, why not do it through DTrace? That
> should meet your security requirements nicely.
>
> fpsm
>
Heh! No SUNWCdtrace cluster either. In fact, I may have to sell
"observability" down the river because I see t
On Tue, Dec 16, 2008 at 12:36 PM, James Carlson wrote:
> Using the existing Clearview interfaces (integrated back in November
> for build 103; see CR 4085089), you should be able to snoop lo0 just
> fine.
>
Unfortunately this is Solaris 10 8/07, we may be able to go to 10/08
but Nevada is defini
> Hi,
>
> I am putting 2 applications that talk to each other on two non-global
> zones of type exclusive-ip. I do this for one reason only, that is to
> be able to observe traffic between the two applications for
> troubleshooting if and when things go wrong. Unfortunately, this will
> run afoul
Hi,
I am putting 2 applications that talk to each other on two non-global
zones of type exclusive-ip. I do this for one reason only, that is to
be able to observe traffic between the two applications for
troubleshooting if and when things go wrong. Unfortunately, this will
run afoul of security
Cross-posted, pardon me for duplicates.
I'm building a system starting with SUNWCrnet, it needs zones and TX.
Using the fine Solaris Package Companion tool, I'm down to the
following:
[C] SUNWCzoneXXSolaris Zones
[P] SUNWzoner PASSEDSolaris Zones (Root)
On Wed, Nov 19, 2008 at 2:16 PM, Amol Chiplunkar
<[EMAIL PROTECTED]> wrote:
> I would also look at zoneadm -z move
> e.g. zoneadm -z /large-filesystempath/
> Unless you are particular about '/zones' path, you don't even have to
> remount it as /zones
This is a unique problem. Turns out we're
Follow up on this previous item:
> On deck: zone detach and attach, upgrade on attach.
To be able to do the above requires that there be some kind of
preservation of the data on top of iscsi targets. I tried putting iscsi
targets into metasets which could be taken and released. Does not
app
roush wrote:
> Sun Cluster plans to support an iSCSI disk as a quorum device.
> Sun Cluster accesses the iSCSI disk early in the boot process.
> When the iSCSI disk is on the same subnet as the cluster machines,
> things work. When the iSCSI disk is on a different subnet
> the system cannot find t
What is iSCSI?
SCSI over TCP/IP. iSCSI makes remote disks look local. The remote host
with storage resource presents iscsi targets. The client accessing the
storage is the initiator. iSCSI initiator was present in S10 3/05 and
up. iSCSI target went into S10 8/07.
Why zones on iSCSI?
iSCSI
Anne Moore wrote:
> James
>
> I am definitely using OpenSolaris as that's what I downloaded and installed,
> (excuse me if it's not called "10").
>
> <>
> I feel sorry for you James. It appears you must put people down to feel
> better about yourself. Why not go to a shrink for help?!
Ann! He
Hi,
I have a customer who wants to do zones on iSCI targets. The concern I
have is whether or not the install/upgrade tool can find and mount the
zones when doing a standard upgrade. He can see and mount the zones in
single-user.
Anyone who has zones on iSCSI targets, AND who has done an upg
Thilo Stallherm wrote:
> Hi all,
>
> is it possible to add a ZFS to a running Zone without having to reboot
> the Zone?
I was able to do it.
# zfs create tank/foo
# zfs set mountpoint=legacy tank/foo
# zfs set zoned=on tank/foo
Create the mountpoint in the zone, mount it into the running zone
> Christine Tran wrote:
>> Hi,
>>
>> I understands the upgrade issue surrounding the patching and upgrade
>> tools. Can I get around this with some trickery using quota and
>> reservation? I would quota and reserve for a pool/somezonepath some
>> capacit
I guess this situation is possible now?
http://mail.opensolaris.org/pipermail/zones-discuss/2005-September/004340.html
Because I'm reading CR 6600677 and it appears that *that* CR is a side
effect of doing what this user was attempting to do.
If one is able to configure an lofs mount in a NGZ,
Konstantin Gremliza wrote:
>
> Hi Brad,
>
> unfortunatly there is no
>
> who -r
>
> for smf.
who -r still works in a zone.
[EMAIL PROTECTED]> zonename
zone1
[EMAIL PROTECTED]> who -r
. run-level 3 Jan 24 14:53 3 0 S
> i don't know if there is a rfe for this. the default
Jerry Jelinek wrote:
> Christine Tran wrote:
>> A customer is unable to share something called the "terminal server
>> ports" to non-global zone. I don't know what these are, but here's
>> the description:
>>
>> "Serial sensor inte
A customer is unable to share something called the "terminal server
ports" to non-global zone. I don't know what these are, but here's the
description:
"Serial sensor interfaces are fed to a patch panel and then received by
a digital terminal server. Terminal server sends output to a switch,
Hi,
Possibly a discrepancy between the man page and U4 functionality? I'm
on Solaris x86 U4, and
# zoneadm clone -s tank/[EMAIL PROTECTED] zone1
-s: illegal option --s
The -s is clearly documented in the man page.
CT
___
zones-discuss mailing list
Hi,
Quick question, can I attach (-f) a zone on shared storage that hasn't
been detached from another host? I don't have the hardware setup
necessary to test this. -CT
___
zones-discuss mailing list
zones-discuss@opensolaris.org
Hi,
I just need some clarification, this does not matter in any functional
way.
I have had it explained to me that zone-to-zone communication on same
host does not actually use the loopback interface, it's a slip of
speech. The system "loops traffic back" within the IP stack, and you
can't g
Paul Kraus wrote:
> On 8/29/07, Brandorr <[EMAIL PROTECTED]> wrote:
>
>> In a related, but similar situation. How does one know that they are
>> actually in a non-global zone vs a global zone? (Using a committed
>> interface).
>
> `ps -ef` and look for pid 0,1,2,3; these should only be visible in
Customer wants to know if several sparse-root zones share some library
or text segments, and an application in a zone dumps core, could there
be cases where there are "leaks" in the core file, containing
information from other zones.
I can't construct a scenario that would lead to this, but I'
F.V.(Phil)Porcella wrote:
Last question for you all, (maybe it should get its own thread), I would like
to incorporate the /export/home directories from the global zone, into the
non-global zone.
What is the best way to do this?
Seems like I have 3 choices:
1 add inherit-pkg-dir, set dir=/ex
Jeff Victor wrote:
See http://docs.sun.com/app/docs/doc/817-1592/6mhahuoog?a=view for some
more info.
Hmm ... this does not admonish that you should not use zero i-p-d or all
four. I agree with Steffen that if this leads to an unsupported
environment the customer should at least get a warni
Jeff Victor wrote:
Customer has zones with 3 out of 4 default inherit-pkg-dir, each zone
has its own /usr. They are reporting that a DST patch did not
install correctly in the non-global zone.
Was that "3 out of 4 zones has all the default i-p-d's" or "the zones
have 3 out of the 4 default
Hi,
Customer has zones with 3 out of 4 default inherit-pkg-dir, each zone
has its own /usr. They are reporting that a DST patch did not install
correctly in the non-global zone.
Perhaps related to this, last week I had another question about patching
a zone which had an /opt inherit-pkg-di
If I have an application (SUNW_PKG_ALLZONES = FALSE) that installs some
in /opt and some in /var/opt, and I set my non-global zone to have an
inherit-pkg-dir /opt, when I install the zone and when I patch the
application in the global zone, will it install and patch my NGZ
/var/opt, where por
Christine Tran wrote:
> Wynne Wang wrote:
>> Hi
>>
>> I'm engineer of China, customer want to know it the application work well
>> under local zone. Do we have such an application list of local zone
>> awareness?
>>
>> Such as Oracle? DB2? S
Wynne Wang wrote:
> Hi
>
> I'm engineer of China, customer want to know it the application work well
> under local zone. Do we have such an application list of local zone
> awareness?
>
> Such as Oracle? DB2? Siebel?
>
As far as I know Sun maintains no such list. There is a tool you can
Menno Lageman wrote:
Nobody gets signaled, as 'signal' (and 'deny' for that matter) are not
valid actions for zone.cpu-shares. This is because cpu-shares is not a
limit that can be exceeded in the sense that for instance
project.max-filedescriptor can be exceeded. Once a zone is at it's
maxi
The zones.cpu-shares rctl has a set of threshhold actions: none, deny
and signal=. Say if I set the action as signal=TERM, who actually gets
signaled? Is it the process in the zone that's currently queuing to get
on CPU, or is it zoneadmd (which presumably will pass it back?)
I've always use
Jerry Jelinek wrote On 08/18/06 17:21,:
It is in the man page I just looked at (mount_tmpfs(1M)).
Oy, sorry, I just looked at mount(1M).
zonecfg doesn't know about every option on every filesystem, bundled
and unbundled, that is available on Solaris. zoneadm does some
basic validation of
Hi,
I came across a zone example that looks like this:
fs:
dir: /tmp
special: swap
raw not specified
type: tmpfs
options: ["size=1024"]
Hmm ... I think I know what the person is trying to do, give the zone
its own
Doug Scott wrote On 08/04/06 11:42,:
create a zfs filesystem in the global zone for the zone. Something like
$ zfs create mypool/export/zones/zone1
$ mkdir -p /export/zones/zone1
$ zfs set mountpoint=/export/zones/zone1 mypool/export/zones/zone1
With zonecfg set your zonepath=/export/zones/z
I am attempting to run apache as a non-root user in a non-global zone. I'm
not able to start apache, my error_log says:
Permission denied: mod_rewrite: could not create rewrite_log_lock
Thinking that this may be related to a privilege issue, I ran ppriv -e -D and
got:
httpsd.worker[14906]: m
Hi,
I found an old email written by Amol a while ago stating in effect that
zones.cpu-shares has no meaning when the system is carved up into
different pools. I would like some clarification, directly, I have a
customer who wants to attach one zone to one pool, and the rest of the
box, glob
Here's the link to ipf-howto for Jeff.
http://www.signaltonoise.net/library/ipf-howto.html
Mike Ditto wrote:
Christine Tran wrote:
Does this mean I can't have my global zone redirect to a non-global
zone living on the same box? Because I'm really using the loopback
interface
I'm reading this section from the ipf how-to:
"The rdr function is applied to packets that enter the firewall on the
specified interface. When a packet comes in that matches a rdr rule, its
destination address is then rewritten, it is pushed into ipf for
filtering, and should it successfully
[EMAIL PROTECTED] wrote:
Actually, that's not quite right. Standard upgrade is supported in
upgrading from 3/05 to 1/06.
Heh, I will have to eat crow then, a customer told me that he upgrade a
box with zones from 3/05 to 1/06 and I said I don't know how you managed
to do that, according to
Hi David,
Umm ... sorry, perhaps this is outdated, my notes have a section
cut&pasted from a BigAdmin article "Understanding The Basics About
Solaris Containers in the Solaris 10 OS" dated 8/05. It says that for
3/05, standard upgrade and LU don't know about non-global zones.
Specifically:
LU doesn't work for boxes with zones yet, afaik. zonepath on vxvm
volumes won't work for upgrade from 3/05 (granted, upgrade from 3/05
with zones isn't supported anyway). I have no reason to think this
would work with 1/06 either, vxconfigd has to run in order to present
the volumes to the OS
67 matches
Mail list logo