Migration of Native Solaris Zones

Migration of Native Solaris Zones (NGZ) to Kernel Zones (KZ)/Logical Domains (LDOMs)
A decision to migration a Native Solaris Zone (NGZ) to a LDOM is not a direct one, but a stepped one.
A NZG needs to be first migrated to a KZ and then this KZ needs to me migrated to a LDOM.
I have spent a lot of time on the web to find if anyone has done this before. I couldn’t find anything. So I
took it upon myself to do this task and document the procedure for the benefit of some poor souls who
has to undergo the same.
Please note: the below procedure is using Solaris x86/64 on VmWare workstation. But it will remain
more or less similar on a SPARC system as well.
We will now see how to go about this procedure.
Points to consider:
(1) DHCP setup is a must – at least for the purpose of the migration.
(2) The server on which the repository is configured, MUST have a fixed IP.
(3) The Resositiry must be published over http and not filesystem/directory.
(4) Storage space is required for facilitating the migration. This is the space where the images are
stored and should be available to the physical servers on which the zones are backed-up as well
as migrated to.
(5) A private link between the global zone and the Kernel Zone is preferred to avoid network
latency.
Initial System setup – (to emulate a Box with NGZ)
1. Create a VM with Solaris 11.2/11.3 along with its repository.

1. Start VMWare Workstation – As you can see there are no VMs existing.
2. Click “file ->

Change this to:
Change this to:
Change this to:

Click Finish
Click “Edit Virtual Machine Settings”

Click “Add”
Add a new 25 GB LUN. This will host the Repository
Click Add
Add a new 25 GB LUN. This will host the Zones
Click Add
Add a new 50 GB LUN. This will host the Backups
Now you have created 4 Disks in the VM –
1. for OS – 16 GB
2. for Repository – 25GB
3. for Zones – 25 GB
4. for Backups – 50 GB
Map the ISO image of the OS to the CD/DVD to install the OS.
Change this to:
Select the ISO image location and file
Select “Power on”
OS Installation Starts
Select the 1st disk 16GB for OS installation
Change this to:
Change this to:
Change this to:
Type root password of your choice – twice
In the meantime, you need to make some changes in the “Virtual Network Editor”
Check VMnet1 details. Its NOT matching with out IP address that we chose for our server.
Our Server IP: 192.9.200.10

VMnet1 IP network: 10.10.1.0
Change this to 192.9.200.0 Also ensure DHCP is “DISABLED”
Click on change settings

Click on VMnet1
Change Subnet IP:
From: 10.10.1.0
To: 192.9.200.0
Installation complete
Now Reboot
Now our Physical Server is up & ready.
Lets activate network access to the system.
Check if the VM is pingable
Login as root and disable Sendmail to avoid those annoying messages coming on the screen.
Alternatively, you can all a FQDN to the host file to work around the issue.
To disable Sendmail
# svcadm disable Sendmail
# svcadm disable Sendmail-client
To implement FQDN:
Edit the /etc/hosts file and add an alias as below
Now, activate direct root SSH access. Its faster to use putty than using the console.
Change this to:
Restart ssh services

Now login as root to 192.9.200.10 using putty
We are in!!!
Now lets prepare the repository, zones & backup pools

Create the pools as per the plan
Optional: Enable compression to save diskspace on your laptop. I have observed that
enabling compression actually makes the systems faster…much faster.
Prepare the Repository:
Download the repository files from the below location and extract it in /Repo filesystem
http://www.oracle.com/technetwork/server-storage/solaris11/downloads/local-repository-
2245081.html
Check existing default repository
root@SolA:~# pkg publisher

PUBLISHER TYPE STATUS P LOCATION
solaris origin online F http://pkg.oracle.com/solaris/release/
root@SolA:~#
Change it to the newly created repository created under /Repo filesystem
root@SolA:~# pkg unset-publisher solaris

Updating package cache 1/1
root@SolA:~#

root@SolA:~#
root@SolA:~# pkg set-publisher -g /Repo/Sol11.3_repo/ solaris

root@SolA:~#
root@SolA:~# pkg set-publisher -g /Repo/Sol11.3_SRU/ solaris
root@SolA:~#

solaris origin online F file:///Repo/Sol11.3_SRU/
solaris origin online F file:///Repo/Sol11.3_repo/
root@SolA:~#
verify repository version and status

Compare it with your existing OS version
root@SolA:~# pkg info entire

Name: entire
Summary: Incorporation to lock all system packages to the same build
Description: This package constrains system package versions to the same
build. WARNING: Proper system update and correct package
selection depend on the presence of this incorporation.
Removing this package will result in an unsupported system.
Category: Meta Packages/Incorporations
State: Installed
Publisher: solaris
Version: 0.5.11 (Oracle Solaris 11.3.1.5.0)
Build Release: 5.11
Branch: 0.175.3.1.0.5.0
Packaging Date: October 6, 2015 02:00:51 PM
Size: 5.46 kB
FMRI: pkg://solaris/entire@0.5.11,5.11-0.175.3.1.0.5.0:20151006T140051Z
root@SolA:~#
root@SolA:~# pkg info -r entire

Name: entire
Summary: entire incorporation including Support Repository Update (Oracle
Solaris 11.3.7.5.0).
Removing this package will result in an unsupported system. For
more information see:
https://support.oracle.com/rs?type=doc&id=2045311.1
State: Not installed
Publisher: solaris
Build Release: 5.11
Branch: 0.175.3.7.0.5.0
Packaging Date: April 13, 2016 01:57:22 PM
Size: 5.46 kB
root@SolA:~#
As you can see in the above outputs, the Repo version is higher than the OS version.
Update the OS to the latest version using the repository
root@SolA:~# pkg update --accept

------------------------------------------------------------
Package: pkg://solaris/consolidation/osnet/osnet-incorporation@0.5.11,5.11-
0.175.3.7.0.5.0:20160413T135024Z
License: lic_OTN
You acknowledge that your use of this Oracle Solaris software product
is subject to, and may not exceed the use for which you are authorized,
(i) the license or cloud services terms that you accepted when you
obtained the right to use Oracle Solaris software; or (ii) the license
terms that you agreed to when you placed your Oracle Solaris software
order with Oracle; or (iii) the Oracle Solaris software license terms
included with the hardware that you acquired from Oracle; or, if (i),
(ii) or (iii) are not applicable, then, (iv) the OTN License Agreement
for Oracle Solaris (which you acknowledge you have read and agree to)
available at
http://www.oracle.com/technetwork/licenses/solaris-cluster-express-license-167852.html.
Note: Software downloaded for trial use or downloaded as replacement
media may not be used to update any unsupported software.
Packages to install: 2
Packages to update: 217
Create boot environment: Yes
Create backup boot environment: No
DOWNLOAD PKGS FILES XFER (MB) SPEED

Completed 219/219 11898/11898 387.1/387.1 0B/s
PHASE ITEMS
Removing old actions 1437/1437
Installing new actions 2433/2433
Updating modified actions 11925/11925
Updating package state database Done
Updating image state Done
Creating fast lookup database Done
A clone of solaris exists and has been updated and activated.

On the next boot the Boot Environment solaris-1 will be
mounted on '/'. Reboot when ready to switch to this updated BE.
---------------------------------------------------------------------------
NOTE: Please review release notes posted at:
http://www.oracle.com/pls/topic/lookup?ctx=solaris11&id=SERNS
---------------------------------------------------------------------------
Reboot the system and compare the versions once again
root@SolA:~# pkg info entire

Name: entire
Solaris 11.3.7.5.0).
State: Installed
Publisher: solaris
Build Release: 5.11
Branch: 0.175.3.7.0.5.0
Size: 5.46 kB
root@SolA:~#
root@SolA:~# pkg info -r entire

Name: entire
Solaris 11.3.7.5.0).
State: Installed
Publisher: solaris
Build Release: 5.11
Branch: 0.175.3.7.0.5.0
Size: 5.46 kB
root@SolA:~#
As you can see above, the OS version installed and the Repo versions are matching.
Now lets create Native Zones. Currently no zones exists.
root@SolA:~# zoneadm list -icv

ID NAME STATUS PATH BRAND IP
0 global running / solaris shared
root@SolA:~#
root@SolA:~# zonecfg -z zone1-ngz

Use 'create' to begin configuring a new zone.
zonecfg:zone1-ngz> create
create: Using system default template 'SYSdefault'
zonecfg:zone1-ngz> info
zonename: zone1-ngz
zonepath.template: /system/zones/%{zonename}
zonepath: /system/zones/zone1-ngz
brand: solaris
autoboot: false
autoshutdown: shutdown
bootargs:
file-mac-profile:
pool:
limitpriv:
scheduling-class:
ip-type: exclusive
hostid:
tenant:
fs-allowed:
anet 0:
linkname: net0
lower-link: auto
allowed-address not specified
configure-allowed-address: true
defrouter not specified
allowed-dhcp-cids not specified
link-protection: mac-nospoof
mac-address: auto
mac-prefix not specified
mac-slot not specified
vlan-id not specified
priority not specified
rxrings not specified
txrings not specified
mtu not specified
maxbw not specified
bwshare not specified
rxfanout not specified
vsi-typeid not specified
vsi-vers not specified
vsi-mgrid not specified
etsbw-lcl not specified
cos not specified
pkey not specified
linkmode not specified
evs not specified
vport not specified
zonecfg:zone1-ngz> set zonepath=/zones/zone1-ngz
zonecfg:zone1-ngz> commit
zonecfg:zone1-ngz> exit
root@SolA:~#
root@SolA:~#

- zone1-ngz configured /zones/zone1-ngz solaris excl
root@SolA:~#
root@SolA:~# zoneadm -z zone1-ngz install

The following ZFS file system(s) have been created:
zones/zone1-ngz
Progress being logged to /var/log/zones/zoneadm.20160517T175526Z.zone1-ngz.install
Image: Preparing at /zones/zone1-ngz/root.
Install Log: /system/volatile/install.1779/install_log

AI Manifest: /tmp/manifest.xml.Hka4Cd
SC Profile: /usr/share/auto_install/sc_profiles/enable_sci.xml
Zonename: zone1-ngz
Installation: Starting ...
Creating IPS image

Startup linked: 1/1 done
Installing packages from:
solaris
origin:
http://localhost:1008/solaris/643bf6d89d4108a0437f0ed31b1c076a16646bcd/
origin:
http://localhost:1008/solaris/fda0d3fcc17d07c03d7117dba5e60cff71f29b30/
DOWNLOAD PKGS FILES XFER (MB) SPEED
Completed 282/282 50044/50044 345.6/345.6 594k/s
PHASE ITEMS
Installing new actions 68177/68177
Updating package state database Done
Updating image state Done
Creating fast lookup database Done
Installation: Succeeded
Note: Man pages can be obtained by installing pkg:/system/manual
done.
Done: Installation completed in 815.795 seconds.
Next Steps: Boot the zone, then log into the zone console (zlogin -C)
to complete the configuration process.
Log saved in non-global zone as /zones/zone1-

ngz/root/var/log/zones/zoneadm.20160517T175526Z.zone1-ngz.install
root@SolA:~#
Zone creation completed. Poweron the zone and complete the rest of the configuration
root@SolA:~# zoneadm -z zone1-ngz boot
root@SolA:~# zlogin -C zone1-ngz

[Connected to zone 'zone1-ngz' console]
Slect Manual IP Configuration
Now lets populate some data in this zone, so that we when we migrate, we should see this
data to confirm that the migration is successful.
root@zone1-ngz:~# zfs create rpool/data

root@zone1-ngz:~# cp -pr /var/adm/* /rpool/data
root@zone1-ngz:~# groupadd dba

root@zone1-ngz:~# useradd -g dba -d /export/home/oracle oracle
root@zone1-ngz:~# passwd oracle
New Password:
Re-enter new Password:
passwd: password successfully changed for oracle
root@zone1-ngz:~# mkdir /export/home/oracle

root@zone1-ngz:~# chown -R oracle:dba /export/home/oracle/
root@zone1-ngz:~# su - oracle
Oracle Corporation SunOS 5.11 11.3 March 2016
-bash-4.1$ pwd
/export/home/oracle
-bash-4.1$ ls -al
total 6
drwxr-xr-x 2 oracle dba 2 May 17 20:22 .
drwxr-xr-x 3 root root 3 May 17 20:22 ..
-bash-4.1$ cd /rpool/data
-bash-4.1$ ls -al
total 28
drwxr-xr-x 6 root root 11 May 17 20:21 .
-rw------- 1 uucp bin 0 May 17 18:06 aculog
drwxr-xr-x 2 adm adm 2 May 17 18:06 exacct
-r-------- 1 root root 28 May 17 20:20 lastlog
drwxr-xr-x 2 adm adm 2 May 17 18:06 log
-rw-r--r-- 1 root root 526 May 17 20:00 messages
drwxr-xr-x 2 root sys 2 May 17 18:06 sm.bin
drwxr-xr-x 2 root sys 2 May 17 18:06 streams
-rw-r--r-- 1 root bin 1860 May 17 20:20 utmpx
-rw-r--r-- 1 adm adm 5580 May 17 20:20 wtmpx
-bash-4.1$ logout
root@zone1-ngz:~# pwd
/root
root@zone1-ngz:~# cd /rpool/data
root@zone1-ngz:/rpool/data# >sa
root@zone1-ngz:/rpool/data# >sandeep
root@zone1-ngz:/rpool/data# >sandeep123
root@zone1-ngz:/rpool/data# tar cvf sandeep.tar *

a aculog 0K
a exacct/ 0K
a lastlog 1K
a log/ 0K
a messages 1K
a sa 0K
a sandeep 0K
a sandeep123 0K
a sm.bin/ 0K
a streams/ 0K
a utmpx 2K
a wtmpx 6K
root@zone1-ngz:/rpool/data# pwd
/rpool/data
root@zone1-ngz:/rpool/data# ls -al
total 32
-rw-r--r-- 1 root root 0 May 17 20:22 sa
-rw-r--r-- 1 root root 0 May 17 20:22 sandeep
-rw-r--r-- 1 root root 16384 May 17 20:23 sandeep.tar
-rw-r--r-- 1 root root 0 May 17 20:22 sandeep123
root@zone1-ngz:/rpool/data#
root@zone1-ngz:/rpool/data# cat /etc/passwd

root:x:0:0:Super-User:/root:/usr/bin/bash
daemon:x:1:1::/:
bin:x:2:2::/usr/bin:
sys:x:3:3::/:
adm:x:4:4:Admin:/var/adm:
lp:x:71:8:Line Printer Admin:/:
uucp:x:5:5:uucp Admin:/usr/lib/uucp:
nuucp:x:9:9:uucp Admin:/var/spool/uucppublic:/usr/lib/uucp/uucico
dladm:x:15:65:Datalink Admin:/:
netadm:x:16:65:Network Admin:/:
netcfg:x:17:65:Network Configuration Admin:/:
smmsp:x:25:25:SendMail Message Submission Program:/:
gdm:x:50:50:GDM Reserved UID:/var/lib/gdm:
zfssnap:x:51:12:ZFS Automatic Snapshots Reserved UID:/:/usr/bin/pfsh
upnp:x:52:52:UPnP Server Reserved UID:/var/coherence:/bin/ksh
xvm:x:60:60:xVM User:/:
mysql:x:70:70:MySQL Reserved UID:/:
openldap:x:75:75:OpenLDAP User:/:
webservd:x:80:80:WebServer Reserved UID:/:
postgres:x:90:90:PostgreSQL Reserved UID:/:/usr/bin/pfksh
svctag:x:95:12:Service Tag UID:/:
unknown:x:96:96:Unknown Remote UID:/:
nobody:x:60001:60001:NFS Anonymous Access User:/:
noaccess:x:60002:60002:No Access User:/:
nobody4:x:65534:65534:SunOS 4.x NFS Anonymous Access User:/:
ikeuser:x:67:12:IKE Admin:/:
aiuser:x:61:61:AI User:/:
pkg5srv:x:97:97:pkg(5) server UID:/:
oracle:x:100:100::/export/home/oracle:/usr/bin/bash
root@zone1-ngz:/rpool/data# cat /etc/shadow

root:$5$0Em7ga9.$hUlJ79ehKhq9lMDLQyldjPmtGXt1k18mTUgkpd2O7E.:16938::::::
daemon:NP:6445::::::
bin:NP:6445::::::
sys:NP:6445::::::
adm:NP:6445::::::
lp:NP:6445::::::
uucp:NP:6445::::::
nuucp:NP:6445::::::
dladm:*LK*:::::::
netadm:*LK*:::::::
netcfg:*LK*:::::::
smmsp:NP:6445::::::
gdm:*LK*:::::::
zfssnap:NP:::::::
upnp:NP:::::::
xvm:*LK*:6445::::::
mysql:NP:::::::
openldap:*LK*:::::::
webservd:*LK*:::::::
postgres:NP:::::::
svctag:*LK*:6445::::::
unknown:*LK*:::::::
nobody:*LK*:6445::::::
noaccess:*LK*:6445::::::
nobody4:*LK*:6445::::::
ikeuser:*LK*:16938::::::
aiuser:*LK*:16938::::::
pkg5srv:NP:16938::::::
oracle:$5$lk.ETh3z$pLKAXxWuByMdYDuCLJB35RTE8.v8EwfpFr9ImBR6RUB:16938::::::
Create an archive of the zone

1 zone1-ngz running /zones/zone1-ngz solaris excl
root@SolA:~# zoneadm -z zone1-ngz halt

root@SolA:~# archiveadm create -r -z zone1-ngz /backup/zone1-ngz_reco.uar
Unified Archive initialized: /backup/zone1-ngz_reco.uar
Logging to: /system/volatile/archive_log.5015
Dataset discovery completey...
Media creation completefor zone(s)...
Archive stream creation completen...
Archive creation completessembly...
root@SolA:~#
Create a Kernel Zone
root@SolA:~# zonecfg -z zone1-kz create -t SYSsolaris-kz

root@SolA:~#
root@SolA:~# zonecfg -z zone1-kz

zonecfg:zone1-kz> info
zonename: zone1-kz
brand: solaris-kz
autoboot: false
autoshutdown: shutdown
bootargs:
pool:
scheduling-class:
hostid: 0x1c3db0c8
tenant:
anet 0:
lower-link: auto
allowed-address not specified
configure-allowed-address: true
defrouter not specified
allowed-dhcp-cids not specified
link-protection: mac-nospoof
mac-address: auto
mac-prefix not specified
mac-slot not specified
vlan-id not specified
priority not specified
rxrings not specified
txrings not specified
mtu not specified
maxbw not specified
bwshare not specified
rxfanout not specified
vsi-typeid not specified
vsi-vers not specified
vsi-mgrid not specified
etsbw-lcl not specified
cos not specified
pkey not specified
linkmode not specified
evs not specified
vport not specified
iov: off
lro: auto
id: 0
device 0:
match not specified
storage.template: dev:/dev/zvol/dsk/%{global-rootzpool}/VARSHARE/zones/%
{zonename}/disk%{id}
storage: dev:/dev/zvol/dsk/rpool/VARSHARE/zones/zone1-kz/disk0
id: 0
bootpri: 0
virtual-cpu:
ncpus: 4
capped-memory:
physical: 4G
zonecfg:zone1-kz>
zonecfg:zone1-kz> select device 0

zonecfg:zone1-kz:device> set storage=dev:/dev/zvol/dsk/zones/zone1-kz/rootdisk0
zonecfg:zone1-kz:device> end
zonecfg:zone1-kz> select capped-memory

zonecfg:zone1-kz:capped-memory> set physical=2g
zonecfg:zone1-kz:capped-memory> end
zonecfg:zone1-kz> select virtual-cpu

zonecfg:zone1-kz:virtual-cpu> set ncpus=2
zonecfg:zone1-kz:virtual-cpu> end
zonecfg:zone1-kz> commit
zonecfg:zone1-kz> exit
root@SolA:~#
Implementation of Pre-requisites:
1) Implement Private Link between Global Zone and Kernel Zone.

For this purpose we will set up a etherstub.
This Ethernet will be sliced up into vnics and will be allotted to the Kernel Zones.
root@SolA:~# dladm
LINK CLASS MTU STATE OVER
net0 phys 1500 up --
root@SolA:~#
root@SolA:~# dladm create-etherstub stub0

root@SolA:~#
root@SolA:~# dladm
LINK CLASS MTU STATE OVER
net0 phys 1500 up --
stub0 etherstub 9000 unknown --
root@SolA:~# dladm create-vnic -l stub0 glbstub0
root@SolA:~# dladm show-vnic

LINK OVER SPEED MACADDRESS MACADDRTYPE IDS
glbstub0 stub0 40000 2:8:20:18:35:cf random VID:0
root@SolA:~# ipadm
NAME CLASS/TYPE STATE UNDER ADDR
lo0 loopback ok -- --
lo0/v4 static ok -- 127.0.0.1/8
lo0/v6 static ok -- ::1/128
net0 ip ok -- --
net0/v4 static ok -- 192.9.200.10/24
net0/v6 addrconf ok -- fe80::20c:29ff:feae:e4dc/10
root@SolA:~# ipadm create-ip glbstub0

root@SolA:~# ipadm create-addr -T static -a local=1.1.1.1/24 glbstub0/v4
root@SolA:~# ipadm
glbstub0 ip ok -- --
glbstub0/v4 static ok -- 1.1.1.1/24
lo0/v4 static ok -- 127.0.0.1/8
net0 ip ok -- --
net0/v4 static ok -- 192.9.200.10/24
net0/v6 addrconf ok -- fe80::20c:29ff:feae:e4dc/10
root@SolA:~#
Allocate a VNIC from this etherstub to the kernelZone

2) DHCP configuration.
We will configure DHCP server in the global zone to provide DHCP IP addresses in the
range of 1.1.1.0/24 over the etherstub that we created earlier
root@SolA:# cd /etc/inet
root@SolA:# cp dhcpd.conf.example dhcpd4.conf
Modify dhcpd4.conf as below:

Hash below entries:
option domain-name "example.org";
option domain-name-servers ns1.example.org, ns2.example.org;
it should look as below

#option domain-name "example.org";
#option domain-name-servers ns1.example.org, ns2.example.org;
Modify below paragraph:

# This is a very basic subnet declaration.
subnet 10.254.239.0 netmask 255.255.255.224 {

range 10.254.239.10 10.254.239.20;
option routers rtr-239-0-1.example.org, rtr-239-0-2.example.org;
}
# This declaration allows BOOTP clients to get dynamic addresses,

# which we don't really recommend.
To look as below
# This is a very basic subnet declaration.
subnet 10.254.239.0 netmask 255.255.255.224 {

range 10.254.239.10 10.254.239.20;
option routers rtr-239-0-1.example.org, rtr-239-0-2.example.org;
}
subnet 1.1.1.0 netmask 255.255.255.224 {

range 1.1.1.10 1.1.1.20;
}
# This declaration allows BOOTP clients to get dynamic addresses,

# which we don't really recommend.
root@SolA:~#
root@SolA:~# svcs -a | grep dhcp
disabled 17:44:58 svc:/network/dhcp/relay:ipv4
disabled 17:44:58 svc:/network/dhcp/server:ipv4
root@SolA:~#
root@SolA:~# svcadm enable svc:/network/dhcp/server:ipv4
root@SolA:~# svcs -a | grep dhcp

online 22:28:51 svc:/network/dhcp/server:ipv4
Publish Repository over a HTTP service
This step is a MUST, because, after an initial copy process, as a part of the installation, kernel
zone will configure its pkg publisher and point it to the global zone’s repository.
If the Global zone’s local repository is file/filesystem based, the phase 2 installation of the
kernel zone will fail with the below message:
And the kernel zone will be reverted back to “configured state”

To avoid this, an http repository is a must and must be publisher over the same IP that we
are using for private connectivity. In our case its 1.1.1.1/24
Run the below to create a HTTP service for the Repository &/or SRU
root@SolA:~# svccfg -s pkg/server add Sol11_3_Repo

root@SolA:~# svccfg -s pkg/server:Sol11_3_Repo setprop pkg/inst_root=/Repo/Sol11.3_repo
root@SolA:~# svccfg -s pkg/server:Sol11_3_Repo setprop pkg/port=10081
root@SolA:~# svcadm refresh pkg/server:Sol11_3_Repo
root@SolA:~# svcadm enable pkg/server:Sol11_3_Repo
root@SolA:~#
root@SolA:~# svccfg -s pkg/server add Sol11_3_SRU

root@SolA:~# svccfg -s pkg/server:Sol11_3_SRU setprop pkg/inst_root=/Repo/Sol11.3_SRU
root@SolA:~# svccfg -s pkg/server:Sol11_3_SRU setprop pkg/port=10082
root@SolA:~# svcadm refresh pkg/server:Sol11_3_SRU
root@SolA:~# svcadm enable pkg/server:Sol11_3_SRU
root@SolA:~#
Unset the publisher currently pointing to the file/filesystem .

solaris origin online F file:///Repo/Sol11.3_SRU/
solaris origin online F file:///Repo/Sol11.3_repo/
root@SolA:~# pkg unset-publisher solaris

root@SolA:~#

root@SolA:~#
Now, set the publisher to point it to HTTP service
root@SolA:~# pkg set-publisher -g http://1.1.1.1:10081/ solaris

root@SolA:~# pkg set-publisher -g http://1.1.1.1:10082/ solaris
root@SolA:~#

solaris origin online F http://1.1.1.1:10081/
solaris origin online F http://1.1.1.1:10082/
root@SolA:~#
Install the kernel zone from the uar
Kindly note: You may face an error while initiating the “install” as below:
root@SolA:~# zoneadm -z zone1-kz install –a /backup/zone1-ngz_reco.uar

Platform does not support the kernel-zone brand.
zoneadm: zone zone1-kz failed to verify
root@SolA:~#
the workaround for this issue is as below:
Running virtinfo confirms it:

root@s112test:/dev/lofi# virtinfo
NAME CLASS
vmware current
non-global-zone supported
1. First thing is that you need to be running i5/i7 generation processor that will support
nested paging.
2. Shutdown your VM and then go into the container/folder for the VM and modify the
.vmx file and add the following to the bottom:
vhv.enable = “TRUE”
3. Save the file and then restart your VM

4. Verify Support with virtinfo:
root@s112test:/dev/lofi# virtinfo
NAME CLASS
vmware current
non-global-zone supported
kernel-zone supported
Now, install the kernelzone again from the Unified Archive created earlier.
root@SolA:~# zoneadm -z zone1-kz install -a /backup/zone1-ngz_reco.uar
Progress being logged to /var/log/zones/zoneadm.20160518T095435Z.zone1-kz.install
[Connected to zone 'zone1-kz' console]
Boot device: cdrom1 File and args: /platform/i86pc/kernel/amd64/unix -B install=true
-B aimanifest=/system/shared/ai.xml
reading module /platform/i86pc/amd64/boot_archive...done.
reading kernel file /platform/i86pc/kernel/amd64/unix...done.
SunOS Release 5.11 Version 11.3 64-bit
Copyright (c) 1983, 2016, Oracle and/or its affiliates. All rights reserved.
--------------Snip-----------------------------
Preparing image for use

Done mounting image
Configuring devices.
Hostname: solaris
Using specified install manifest : /system/shared/ai.xml
At this time, kernel zone installation is in progress. But you can still login into the zone to see
if the IP Address and other parameters has been properly picked up by the zone.
In our case, the kernel zone should pickup 1.1.1.10/24 from the DHCP.
Let’s check
root@SolA:~# ping -s 1.1.1.10

PING 1.1.1.10: 56 data bytes
64 bytes from 1.1.1.10: icmp_seq=10. time=1298.786 ms
^C
----1.1.1.10 PING Statistics----
16 packets transmitted, 6 packets received, 62% packet loss
round-trip (ms) min/avg/max/stddev = 0.367/268.594/1298.786/518.318
root@SolA:~# zlogin zone1-kz

[Connected to zone 'zone1-kz' pts/3]
root@solaris:~# ipadm
lo0/v4 static ok -- 127.0.0.1/8
net0 ip ok -- --
net0/v4 dhcp ok -- 1.1.1.10/27
net0/v6 addrconf ok -- fe80::8:20ff:fe60:b394/10
root@solaris:~# exit
logout
[Connection to zone 'zone1-kz' pts/3 closed]

root@SolA:~#
So, as you can see above, we are perfectly right in our aassumption and the installation will
go on as planned.
Preparing image for use

Done mounting image
Hostname: solaris
Using specified install manifest : /system/shared/ai.xml
solaris console login:

Automated Installation started
The progress of the Automated Installation will be output to the console
Detailed logging is in the logfile at /system/volatile/install_log
Press RETURN to get a login prompt at any time.
09:59:15 Install Log: /system/volatile/install_log

09:59:15 Using XML Manifest: /system/volatile/ai.xml
09:59:15 Using profile specification: /system/volatile/profile
09:59:15 Starting installation.
09:59:15 0% Preparing for Installation
09:59:16 100% manifest-parser completed.
09:59:16 100% None
09:59:18 5% archive-1 completed.
09:59:18 6% install-env-configuration completed.
09:59:19 9% target-discovery completed.
09:59:24 Pre-validating manifest targets before actual target selection
09:59:24 Selected Disk(s) : c1d0
09:59:24 Pre-validation of manifest targets completed
09:59:24 Validating combined manifest and archive origin targets
09:59:24 Selected Disk(s) : c1d0
09:59:24 9% target-selection completed.
09:59:24 10% ai-configuration completed.
09:59:25 10% var-share-dataset completed.
09:59:34 10% target-instantiation completed.
09:59:34 10% Beginning archive transfer
09:59:34 Commencing transfer of stream: 98e1015e-06dc-437a-8e76-f3f2a07e183f-0.zfs
to rpool
09:59:46 11% Transferring contents
10:02:43 Completed transfer of stream: '98e1015e-06dc-437a-8e76-f3f2a07e183f-0.zfs'
from file:///system/shared/uafs/OVA
10:02:46 Archive transfer completed
10:03:20 89% generated-transfer-1006-1 completed.
10:03:20 89% Beginning IPS transfer
10:03:20 Setting post-install publishers to:
10:03:20 solaris
10:03:20 origin: http://1.1.1.1:10081/
10:03:20 origin: http://1.1.1.1:10082/
10:03:21 89% generated-transfer-1006-2 completed.
10:03:21 Changing target pkg variant. This operation may take a while
10:18:36 90% apply-pkg-variant completed.
10:18:36 90% update-dump-adm completed.
10:18:37 90% setup-swap completed.
10:18:38 90% device-config completed.
10:18:38 91% apply-sysconfig completed.
10:18:38 91% transfer-zpool-cache completed.
10:18:59 96% boot-archive completed.
10:18:59 Setting boot title prefix from manifest value: 'solaris-recovery'
10:19:00 Setting boot devices in firmware
10:19:00 98% boot-configuration completed.
10:19:00 98% update-filesystem-owner-group completed.
10:19:00 98% transfer-ai-files completed.
10:19:03 98% cleanup-archive-install completed.
10:19:03 100% create-snapshot completed.
10:19:03 100% None
10:19:04 Automated Installation succeeded.
10:19:04 You may wish to reboot the system at this time.
Automated Installation finished successfully
The system can be rebooted now
Please refer to the /system/volatile/install_log file for details
After reboot it will be located at /var/log/install/install_log
[NOTICE: Zone halted]
[Connection to zone 'zone1-kz' console closed]

Done: Installation completed in 1460.356 seconds.
root@SolA:~#
Now Boot the Kernel Zone and check it status

- zone1-ngz installed /zones/zone1-ngz solaris excl
- zone1-kz installed - solaris-kz excl
root@SolA:~# zoneadm -z zone1-kz boot

root@SolA:~#
root@SolA:~# zlogin -C zone1-kz

[Connected to zone 'zone1-kz' console]
SunOS Release 5.11 Version 11.3 64-bit
Copyright (c) 1983, 2016, Oracle and/or its affiliates. All rights reserved.
Loading smf(5) service descriptions: 51/51
WARNING: fastboot_update_config failed, disabling deferred dump
Hostname: zone1-ngz
zone1-ngz console login: May 18 10:22:30 zone1-ngz sendmail[662]: My unqualified host

name (zone1-ngz) unknown; sleeping for retry
May 18 10:23:30 zone1-ngz sendmail[662]: unable to qualify my own domain name (zone1-
ngz) -- using short name
zone1-ngz console login: ~.

[Connection to zone 'zone1-kz' console closed]
root@SolA:~# zlogin zone1-kz

[Connected to zone 'zone1-kz' pts/3]
Last login: Tue May 17 20:20:54 2016 on pts/2

root@zone1-ngz:~#
root@zone1-ngz:~# df -h
Filesystem Size Used Available Capacity Mounted on
rpool/ROOT/solaris-recovery
15G 1.6G 12G 13% /
/devices 0K 0K 0K 0% /devices
/dev 0K 0K 0K 0% /dev
ctfs 0K 0K 0K 0% /system/contract
proc 0K 0K 0K 0% /proc
mnttab 0K 0K 0K 0% /etc/mnttab
swap 1.8G 1.4M 1.8G 1% /system/volatile
objfs 0K 0K 0K 0% /system/object
sharefs 0K 0K 0K 0% /etc/dfs/sharetab
/dev/kz/sdir/shared@0
4.4G 1.7M 4.4G 1% /system/shared
/usr/lib/libc/libc_hwcap1.so.1
13G 1.6G 12G 13% /lib/libc.so.1
fd 0K 0K 0K 0% /dev/fd
rpool/ROOT/solaris-recovery/var
15G 118M 12G 1% /var
swap 1.8G 4K 1.8G 1% /tmp
rpool/VARSHARE 15G 1.1M 12G 1% /var/share
rpool/VARSHARE/zones 15G 31K 12G 1% /system/zones
rpool/export 15G 32K 12G 1% /export
rpool/export/home 15G 32K 12G 1% /export/home
rpool 15G 35K 12G 1% /rpool
rpool/data 15G 62K 12G 1% /rpool/data
rpool/VARSHARE/pkg 15G 32K 12G 1% /var/share/pkg
rpool/VARSHARE/pkg/repositories
15G 31K 12G 1% /var/share/pkg/repositories
root@zone1-ngz:~#
root@zone1-ngz:~# cd /rpool/data
root@zone1-ngz:/rpool/data# ls -al
total 77
-rw-r--r-- 1 root root 0 May 17 20:22 sa
-rw-r--r-- 1 root root 0 May 17 20:22 sandeep
-rw-r--r-- 1 root root 16384 May 17 20:23 sandeep.tar
-rw-r--r-- 1 root root 0 May 17 20:22 sandeep123
As you can see above, all the data from the rpool has been successfully migrated to the
kernel zone.
All other zpool disks now can be configured into the kernelzone.
Upon reboot, the successful kernelzone migration is completed.

Migration of Native Solaris Zones

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Migration of Native Solaris Zones

Uploaded by

Copyright:

Available Formats

Migration of Native Solaris Zones (NGZ) to Kernel Zones (KZ)/Logical Domains (LDOMs)

We will now see how to go about this procedure.

Initial System setup – (to emulate a Box with NGZ)

1. Create a VM with Solaris 11.2/11.3 along with its repository.

2. Click “file ->

Change this to:

Click “Edit Virtual Machine Settings”

Our Server IP: 192.9.200.10

Change this to 192.9.200.0 Also ensure DHCP is “DISABLED”

Click on change settings

Lets activate network access to the system.

Check if the VM is pingable

Change this to:

Restart ssh services

Now lets prepare the repository, zones & backup pools

Prepare the Repository:

root@SolA:~# pkg publisher

Change it to the newly created repository created under /Repo filesystem

root@SolA:~# pkg unset-publisher solaris

root@SolA:~# pkg publisher

root@SolA:~# pkg set-publisher -g /Repo/Sol11.3_repo/ solaris

root@SolA:~# pkg publisher

verify repository version and status

root@SolA:~# pkg info entire

root@SolA:~# pkg info -r entire

Update the OS to the latest version using the repository

root@SolA:~# pkg update --accept

DOWNLOAD PKGS FILES XFER (MB) SPEED

A clone of solaris exists and has been updated and activated.

Updating package cache 1/1

Reboot the system and compare the versions once again

root@SolA:~# pkg info entire

root@SolA:~# pkg info -r entire

Now lets create Native Zones. Currently no zones exists.

root@SolA:~# zoneadm list -icv

root@SolA:~# zonecfg -z zone1-ngz

root@SolA:~# zoneadm list -icv

root@SolA:~# zoneadm -z zone1-ngz install

Install Log: /system/volatile/install.1779/install_log

Creating IPS image

Note: Man pages can be obtained by installing pkg:/system/manual

Done: Installation completed in 815.795 seconds.

to complete the configuration process.

Log saved in non-global zone as /zones/zone1-

root@SolA:~# zoneadm -z zone1-ngz boot

root@SolA:~# zlogin -C zone1-ngz

root@zone1-ngz:~# zfs create rpool/data

root@zone1-ngz:~# groupadd dba

root@zone1-ngz:~# mkdir /export/home/oracle

root@zone1-ngz:/rpool/data# tar cvf sandeep.tar *

root@zone1-ngz:/rpool/data# cat /etc/passwd

root@zone1-ngz:/rpool/data# cat /etc/shadow

Create an archive of the zone

root@SolA:~# zoneadm list -icv

root@SolA:~# zoneadm -z zone1-ngz halt

Create a Kernel Zone

root@SolA:~# zonecfg -z zone1-kz create -t SYSsolaris-kz

root@SolA:~# zonecfg -z zone1-kz

zonecfg:zone1-kz> select device 0

zonecfg:zone1-kz> select capped-memory

zonecfg:zone1-kz> select virtual-cpu

1) Implement Private Link between Global Zone and Kernel Zone.

root@SolA:~# dladm create-etherstub stub0