Section 6.2. Zone Runtime

Previous page
Table of content
Next page

6.2. Zone Runtime

This section explains the overall structure of the zone runtime, including the zoneadmd(1M) daemon. Most of this information is knowledge that global administrators will need to understand before deploying zones; zone administrators are not required to understand these topics.

6.2.1. Zone State Model

The administrative tasks mentioned in the chapter introduction are managed as transitions in a finite state machine. This section describes the states that form the state machine abstraction. See Figure 6.2 for a graphical representation of this model. A zone can be in one of six states:

  • Configured. A zone's configuration has been completely specified and committed to stable storage.

  • Installed. A zone's configuration has been instantiated on the system; Packages have been installed under the zone's root path. In this state, the zone has no associated virtual platform.

  • Ready. At this stage, the virtual platform for the zone has been established: The kernel has created the zsched process, network interfaces have been plumbed, file systems have been mounted, devices have been configured, but no processes associated with the zone have been started.

  • Running. User processes associated with the zone application environment are running. The zone enters the running state as soon as the first user process associated with the application environment (init) has been created.

  • Shutting_down and down. These transitional states are visible while the zone is being halted. The zone may become stuck in one of these states if it is unable to tear down application environment state (such as mounted file systems) or if some portion of the virtual platform cannot be destroyed. In such cases, operator intervention is required.

Figure 6.2. Zones State Diagram


The following section shows how to use the zoneadm(1M) command to initiate transitions between these states.

6.2.2. Zone Names and Numeric IDs

Each zone, including the global zone, is assigned a zone name. The rules for a valid zone name are similar to those for host names: They must start with an alphanumeric character, and all remaining characters must consist of alphanumerics plus "-" and "_". The name "global" is reserved for the global zone; also reserved is any name beginning with "SUNW".

Each zone is dynamically assigned a unique numeric zone identifier (or zoneid) when the zone is made ready; this ID uniquely identifies the zone on a given system while the zone is in the ready or running state.

The global zone always has the name "global", is always mapped to ID 0, and is always reported as running. Zone names and IDs are generally of little interest within non-global zones. The zonename(1) command can be useful for distinguishing between zones.

It is worth noting that each zone also has a node name (that is, returned by uname -n in the zone). Unlike the zone name, the node name for each zone is under the control of the zone administrator and generally of little interest to other zones. The node name is completely independent of the zone name.

6.2.3. Zone Runtime Support

To manage the virtual platform and the application environment, two new processes are used by the zone runtime. zoneadmd manages most of the resources associated with the zone. zsched is a system process (like sched) that tracks kernel resources associated with the zone.

6.2.3.1. zoneadmd(1M)

zoneadmd(1M) is the primary process responsible for managing the zone's virtual platform. It is also responsible for setup and teardown of the application environment. There is one zoneadmd running for each active (ready, running, shutting_down) zone on the system.

The zoneadmd command is responsible for consulting the zone configuration and then setting up the zone as directed. This entails the following:

  • Calling the zone_create(2) system call; this allocates a zone ID and starts the zsched (see Section 6.2.3.2) system process.

  • Setting zonewide resource controls.

  • Registering the zone with devfsadmd(1M).

  • Plumbing virtual network interfaces.

  • Mounting loopback and conventional file systems.

  • Instantiating and initializing the zone console device.

zoneadmd is automatically started by zoneadm(1M) if not already running and can be contacted by userland applications (such as zoneadm in the global zone) and the kernel (as part of uadmin(2) calls from the managed zone).

An example of zoneadmd in action is as follows:

# dtrace -qn 'proc:::exec-success { printf("%-14s %s\n", curthread->t_procp->p_parent->p_user.u_comm, curpsinfo->pr_psargs); }' bash           zoneadm -z demozone boot zoneadm        zoneadmd -z demozone zoneadmd       mount -o zonedevfs /zones/demozone/dev /zones/demozone/root/dev zoneadmd       mount -o ro,nosub,nodevices /lib /zones/demozone/root/lib zoneadmd       mount -o ro,nosub,nodevices /platform /zones/demozone/root/platform zoneadmd       mount -o ro,nosub,nodevices /sbin /zones/demozone/root/sbin zoneadmd       mount -o ro,nosub,nodevices /usr /zones/demozone/root/usr zoneadmd       devfsadm -z demozone zsched         /sbin/init init           INITSH -c exec /lib/svc/bin/svc.startd   >/dev/msglog 2<>/dev/msglog </ dev/consol init           /lib/svc/bin/svc.startd svc.startd     /lib/svc/bin/svc.configd svc.startd     /sbin/sh -c exec /lib/svc/method/fs-root svc.startd     /sbin/sh /lib/svc/method/fs-root fs-root        /sbin/zonename fs-root        /usr/bin/moe -32 /usr/lib/libc/$HWCAP fs-root        egrep -s ^/lib/libc.so.1 on egrep          /usr/sbin/mount fs-root        /usr/sbin/mount -O -F lofs /usr/lib/libc/libc_hwcap1.so.1 /lib/libc.so.1 fs-root        mount -O /usr/lib/libc/libc_hwcap1.so.1 /lib/libc.so.1 svc.startd     /sbin/sh -c exec /lib/svc/method/net-physical svc.startd     /sbin/sh /lib/svc/method/net-physical net-physical   /sbin/zonename ...


6.2.3.2. zsched

Every active (ready through shutting_down) zone has an associated kernel process, zsched. Kernel threads doing work on behalf of the zone are owned by zsched. It exists largely to enable the zones subsystem to keep track of per-zone kernel threads.

6.2.4. Listing Zone Information

Pulling together the concepts presented in this chapter thus far, we can employ the zoneadm(1M) command to observe zones on the system. zoneadm is the primary tool used to manage zones once they have been configured. This command can be used to list zones.

global# zoneadm list -cv       ID NAME             STATE            PATH        0 global           running          /        - my-zone          configured       /aux0/my-zone        - fun              installed        /aux0/fun       15 nofun            ready            /aux1/nofun        7 lucky            running          /aux0/lucky       13 unlucky          shutting_down    /aux1/unlucky global# pgrep -lf zoneadmd 100819 zoneadmd nofun 100227 zoneadmd lucky 100304 zoneadmd unlucky


The -c flag lists all zones (even those not yet installed) instead of the default of all running zones; the -v flag specifies a verbose listing. It is useful to note that, as expected, zones that are configured or installed have no associated numeric ID.



Previous page
Table of content
Next page
SolarisT Internals. Solaris 10 and OpenSolaris Kernel Architecture
Solaris Internals: Solaris 10 and OpenSolaris Kernel Architecture (2nd Edition)
ISBN: 0131482092
EAN: 2147483647
Year: 2004
Pages: 244
Authors: Richard McDougall, Jim Mauro
BUY ON AMAZON
The Complete Cisco VPN Configuration Guide
101 Microsoft Visual Basic .NET Applications
The New Solution Selling: The Revolutionary Sales Process That Is Changing the Way People Sell [NEW SOLUTION SELLING 2/E]
Practical Intrusion Analysis: Prevention and Detection for the Twenty-First Century: Prevention and Detection for the Twenty-First Century
VBScript in a Nutshell, 2nd Edition
Java All-In-One Desk Reference For Dummies
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy