Date: Wed, 24 Nov 2004 10:26:02 -0500
From: "Kroeker, Teresa Lynn (Carswell)" <Teresa.Kroeker AT THOMSON DOT COM>
Subject: Solaris 10 and Zones
Has anyone thought about how they might backup a "zoned" Solaris 10 box.
Zones are similar to VMware I believe.
Note that Zones are *not* like VMWare, they're more like BSD Jails, but
much snazzier. Zones partition the Solaris OS, not the underlying
platform. VMWare allows you to run different OSes by virtualizing the
hardware layer. Zones are just for Solaris -- you couldn't run Windows
and/or Linux in a zone on SolarisX86.
There is some great info available from Sun on the Zones feature, both
at the bigadmin site and through some of the engineer's blogs at
blogs.sun.com. I know Andy Tucker, Dan Price, and John Clingan have
some zone-specific info on their blogs. There was also an excellent
paper about Zones from the most recent LISA:
http://blogs.sun.com/roller/resources/dp/zones_lisa.pdf
> You have a global zone (the
whole system) and zones within it have their own Solaris OS environment.
Essentially you are partitioning one large system in to smaller ones.
Here are several questions that I can think of:
=20
1) how would this be licensed (one client just for the global zone, one
client for each zone plus the global zone)?
Well, it is still one machine, and you should just be able to install
the Solaris client and backup the whole machine -- nothing has really
changed that way. The root user in the global zone has access to the
zone's path.
If Legato adds Zones-specific features, then I'd imagine they'd add
licensing for them too. It's hard to imagine why you'd not just want to
treat it like a normal machine and just back it up like you would
different filesystems -- each zone will use some part of the disk.
Either that or if you really wanted to just install the Networker client
inside the zone and then you can back it up "separately" from the global
zone. I'm not sure why you'd want to use up a client license doing that
though, but their could be a reason I'm missing.
2) would you backup just the global zone?
Yeah, that's what I'd think anyway.
3) would you backup each individual zone plus the global zone?
Maybe, if there was a compelling reason for it. Hard to imagine why
you'd want to, unless you were selling space on a zoned machine and the
person that bought a zone wanted to have control over backups and
restores for that 'server'? Note that the paper mentioned above gives
some specific caveats about placing devices in a zone, so while it may
be technically possible to have a networker *server* running inside a
zone, it doesn't sound like a good idea. The client shouldn't be a big
deal, but it would need to be tested.
4) how would users recover files from an individual zone (seems to imply
that you must have a client for each zone)?
If you set up each zone as a client with the networker client running,
then they'd restore normally "across the network" (even though if the
global zone was the server the network would be shortcut so there would
be less overhead).
If you just backup the global zone as a single client, then a user on
the global zone with correct permissions would need to restore the file
to the appropriate path.
5) how would you restore a zone?
I believe just like you would a normal path. I haven't tried it yet
though, so I can't say. Maybe you'd need to shutdown the zone before
the restore -- I imagine it depends on if you're restoring the whole
zone or just some files inside it.
=20
In our case data (other than the OS file systems) is stored on a Network
Appliance filer which we backup via NFS (75% of which is mounted on a
backup server just for backups, the rest is backed up via the clients
due to file system name conflicts). We are most concerned with backing
up the OS and having a system in which the users can recover their own
files. Our backup server method seems to be working fine for our users
(they use recover -c backupserver -s backupserver).
=20
Teresa Kroeker
Carswell
I'd guess you'd need to first decide how you were going to use the Zones
feature in your organization, then decide if there are good reasons to
backup individual zones or just the main machine, assuming both are
possible.
Note that this is all based on my understanding of Zones. I have a beta
installation of Solaris 10 that I've been playing with, but I haven't
tried taking a backup of it yet. I'll have to get around to that
sometime to see what's up. I could be completely off base about all of
this :-) I don't have any relationship with Sun either.
Note that anybody that wants to can get the latest beta of Solaris 10
from Sun for free. It's quite stable and the x86 version has come a
long way from a few years ago -- so you can install it on cheap hardware
to try it out. If you're really curious about it, I'd install it
somewhere and try it out. There's a new beta due out sometime this week
(supposed to be the 30th I think), so I'd wait for that one if you want
to try it (the currently-available beta, build 69, has some X-server
bugs that make it a bit difficult to setup. Those are supposed to be
fixed in the new build, build 72).
My guess is that Zones shouldn't be that big of a deal for Legato, but
it'd be good to try it. If there are any Legato engineers on the list
that know of any changes to the product needed for Zones, it'd be great
if they could add some details...
Of somewhat more interest to me is what Legato will need to do to
support the new ZFS that will be coming in a later update of Solaris 10...
Oh, and when/whether Legato will update Networker to support the new SMF
(Service Management Facility) stuff for startup/shutdown of the processes.
Sean Ross
Corvallis, Oregon, USA
rosss AT ace.orst DOT edu
--
Note: To sign off this list, send a "signoff networker" command via email
to listserv AT listmail.temple DOT edu or visit the list's Web site at
http://listmail.temple.edu/archives/networker.html where you can
also view and post messages to the list. Questions regarding this list
should be sent to stan AT temple DOT edu
=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=
| 