In this article, we will try to get a Solaris 11 zone with the minimum amount of resources as posible. In order to acomplish it, we will use the global zone's network and filesystems, and we don't start the SMF's services
First we configure a normal zone, this will be the baseline for comparisson.
We define the zonename as a variable
# export ZONENAME=zone1 |
We configure the zone
# zonecfg -z ${ZONENAME} create -b set brand=solaris set ip-type=shared add net set address=192.168.170.253/24 set physical=vlan170 end commit exit |
Now, instead of installing with default values, we start cutting some space and services in the zone's manifest and config
# vi mainfest.xml <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE auto_install SYSTEM "file:///usr/share/install/ai.dtd.1"> <auto_install> <ai_instance name="zone_default"> <target> <logical> <zpool name="rpool"> <be name="zbe"> <options> <option name="compression" value="on"/> </options> </be> </zpool> </logical> </target> <software type="IPS"> <software_data action="install"> <name>core-os</name> </software_data> </software> </ai_instance> </auto_install> |
# vi config.xml <?xml version='1.0' encoding='US-ASCII'?> <!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1"> <!-- Auto-generated by sysconfig --> <service_bundle name="sysconfig" type="profile"> <service name="system/identity" type="service" version="1"> <instance enabled="true" name="cert"/> <instance enabled="true" name="node"> <property_group name="config" type="application"> <propval name="nodename" type="astring" value="solaris"/> </property_group> </instance> </service> <service name="system/name-service/cache" type="service" version="1"> <instance enabled="true" name="default"/> </service> <service name="system/name-service/switch" type="service" version="1"> <property_group name="config" type="application"> <propval name="default" type="astring" value="files"/> </property_group> <instance enabled="true" name="default"/> </service> <service name="system/keymap" type="service" version="1"> <instance enabled="true" name="default"> <property_group name="keymap" type="application"> <propval name="layout" type="astring" value="Spanish"/> </property_group> </instance> </service> <service name="system/environment" type="service" version="1"> <instance enabled="true" name="init"> <property_group name="environment" type="application"> <propval name="LANG" type="astring" value="C"/> </property_group> </instance> </service> <service name="system/timezone" type="service" version="1"> <instance enabled="true" name="default"> <property_group name="timezone" type="application"> <propval name="localtime" type="astring" value="UTC"/> </property_group> </instance> </service> <service name="system/config-user" type="service" version="1"> <instance enabled="true" name="default"> <property_group name="root_account" type="application"> <propval name="password" type="astring" value="$5$rounds=10000$lDL4x5q8$IlHsdf·Re3f$·iP5AAK8Jj6YF/wnigr$·"d9O825MC"/> <propval name="type" type="astring" value="normal"/> <propval name="login" type="astring" value="root"/> </property_group> </instance> </service> </service_bundle> |
Zone installation
# zoneadm -z ${ZONENAME} install -m manifest.xml -c config.xml The following ZFS file system(s) have been created: rpool/VARSHARE/zones/zone1 Progress being logged to /var/log/zones/zoneadm.20200304T094644Z.zone1.install Image: Preparing at /system/zones/zone1/root. Install Log: /system/volatile/install.14837/install_log AI Manifest: /tmp/manifest.xml.KwahVa SC Profile: /usr/share/auto_install/sc_profiles/enable_sci.xml Zonename: zone1 Installation: Starting ... Creating IPS image Startup linked: 1/1 done Installing packages from: solaris origin: http://pkg.gestio.sys/oracle/ DOWNLOAD PKGS FILES XFER (MB) SPEED Completed 306/306 47432/47432 327.0/327.0 6.5M/s PHASE ITEMS Installing new actions 66258/66258 Updating package state database Done Updating package cache 0/0 Updating image state Done Creating fast lookup database Done Updating package cache 1/1 Installation: Succeeded done. Done: Installation completed in 248.885 seconds. Next Steps: Boot the zone, then log into the zone console (zlogin -C) to complete the configuration process. Log saved in non-global zone as /system/zones/zone1/root/var/log/zones/zoneadm.20200304T094644Z.zone1.install |
The minimum package we can install is core-os, it takes 717Mb
# du -sh /system/zones/${ZONENAME} 717M /system/zones/zone1 |
We make a first boot in order to configure the services
# zoneadm -z ${ZONENAME} boot |
We install and start apache
# zlogin ${ZONENAME} pkg install apache-24 # zlogin ${ZONENAME} svcadm enable apache24 |
Now we see all the processes and how much memory it takes in the zone
# ptree -z ${ZONENAME} 17019 zsched 17093 /usr/sbin/init 17101 /lib/svc/bin/svc.startd 17507 /usr/sbin/ttymon -g -d /dev/console -l console -m ldterm,ttcompat -h -p solaris console login: 17103 /lib/svc/bin/svc.configd 17177 /usr/sbin/sysobjd -d 0 -b 300 -t 300 -n 5 17191 /lib/crypto/kcfd 17202 /usr/lib/pfexecd 17224 /usr/lib/utmpd 17232 /sbin/sh /lib/svc/method/net-ipmgmt start 17233 sleep 3600 17265 /lib/svc/bin/svc.periodicd 17270 /usr/lib/rad/rad -sp 17361 /usr/lib/zones/zoneproxy-client -s localhost:1008 17375 /usr/sbin/rpcbind -w 17389 /usr/lib/fm/fmd/fmd 17437 /usr/sbin/cron 17443 /usr/lib/inet/inetd start 17463 /usr/lib/sstore/bin/sstored --events --repo-path /var/share/sstore/repo --max-repo-size 2048 17471 /usr/sbin/nscd 17489 /usr/sbin/syslogd 17537 /usr/lib/sstore/bin/sysstatd --max-process-size=268435456 17577 /usr/apache2/2.4/bin/httpd -k start 17578 /usr/apache2/2.4/bin/httpd -k start 17579 /usr/apache2/2.4/bin/httpd -k start 17580 /usr/apache2/2.4/bin/httpd -k start # zonestat 5 Collecting data for first interval... Interval: 1, Duration: 0:00:05 SUMMARY Cpus/Online: 8/8 PhysMem: 8192M VirtMem: 9215M ----------CPU---------- --PhysMem-- --VirtMem-- --PhysNet-- ZONE USED %PART STLN %STLN USED %USED USED %USED PBYTE %PUSE [total] 0.01 0.14% 0.00 0.00% 2442M 29.8% 2602M 28.2% 2576 0.00% [system] 0.00 0.02% 0.00 0.00% 1858M 22.6% 1926M 20.8% - - global 0.00 0.10% - - 351M 4.29% 431M 4.68% 2576 0.00% zone1 0.00 0.01% - - 232M 2.83% 244M 2.65% 0 0.00% |
Now we turn off the zone
# zoneadm -z ${ZONENAME} halt |
We will now disable SMF by starting Apache from inittab
# echo "run::sysinit:/etc/rc.local >/dev/msglog 2>&1 </dev/console" > /system/zones/${ZONENAME}/root/etc/inittab # vi /system/zones/${ZONENAME}/root/etc/rc.local #!/bin/bash zfs mount rpool/VARSHARE ZONENAME=$(zoneadm list) zoneadm -z ${ZONENAME} mark -a goals-online /usr/apache2/2.4/bin/httpd -DFOREGROUND -k start zoneadm -z ${ZONENAME} mark -a goals-maintenance # chmod +x /system/zones/${ZONENAME}/root/etc/rc.local |
In the start script (rc.local) we have to mount /var/share because it is needed by zoneadm. With zoneadm we mark that the zone arrived to the goals-online service, then the service named svc:/system/zones/zone:${ZONENAME} at the global zone goes to the online state.
# zoneadm -z ${ZONENAME} boot # ptree -z ${ZONENAME} 18387 zsched 18461 /usr/sbin/init 18463 /bin/bash /etc/rc.local 18473 /usr/apache2/2.4/bin/httpd -DFOREGROUND -k start 18474 /usr/apache2/2.4/bin/httpd -DFOREGROUND -k start 18475 /usr/apache2/2.4/bin/httpd -DFOREGROUND -k start 18476 /usr/apache2/2.4/bin/httpd -DFOREGROUND -k start # zonestat 5 Collecting data for first interval... Interval: 1, Duration: 0:00:05 SUMMARY Cpus/Online: 8/8 PhysMem: 8192M VirtMem: 9215M ----------CPU---------- --PhysMem-- --VirtMem-- --PhysNet-- ZONE USED %PART STLN %STLN USED %USED USED %USED PBYTE %PUSE [total] 0.00 0.10% 0.00 0.00% 2216M 27.0% 2357M 25.5% 2188 0.00% [system] 0.00 0.02% 0.00 0.00% 1849M 22.5% 1906M 20.6% - - global 0.00 0.08% - - 351M 4.29% 432M 4.69% 2188 0.00% zone1 0.00 0.00% - - 15.3M 0.18% 18.1M 0.19% 0 0.00% |
Now we see that we have just a few processes and the memory footprint of the zone is a lot less than before
Then we can delete some directories and use the global zone. We mount the files from the global zone (similarly as we used to do with solaris 10 SMALL zones)
Now we configure the zone
# zonecfg -z ${ZONENAME} add fs set dir=/usr set special=/usr set type=lofs add options ro end add fs set dir=/lib set special=/lib set type=lofs add options ro end add fs set dir=/platform set special=/platform set type=lofs add options ro end commit exit |
We delete the files
# rm -rf /system/zones/${ZONENAME}/root/usr/* /system/zones/${ZONENAME}/root/lib/* /system/zones/${ZONENAME}/root/platform/* |
We deleted 600Mb
# du -sh /system/zones/${ZONENAME} 144M /system/zones/zone1 |
We can now delete the snapshots made by the install command:
# zfs destroy -r rpool/VARSHARE/zones/${ZONENAME}/rpool/ROOT/zbe@install |