Tuesday, 10 April 2012

Migrating Solaris Zones from one Global host to another

This post illustrates how to migrate a Solaris zone from one global host to another using zfs send and receive via ssh. This procedure is very useful if you want to perform some kind of patching or upgrading on the global host and do not wish to have downtime on any of your zones.


Pre-requisites
Make sure the destination global host has some kind of file-system or zonepool to place the zone datasets (zone file-systems).
Obviously make sure you are on a release of Solaris that can support Solaris Zones. Run a "zoneadm" command for example to see if the command exists, we don't want to detach our zones and find out that we cannot attach them at the other end!!
Take note of network configuration, login credentials and 3rd party application running on zones, the aim is we want to have the zones up and running on the destination system the exact same state as they are/were on the source system. (running a "ps -ef" and a "w" (or "last -10") helps for me).
Make sure you have permitted root login on destination host by doing the following:


# vi /etc/ssh/sshd_config
PermitRootLogin yes
# svcadm restart ssh


Procedure
Log in to the global zone and shutdown and detach the zone


# zoneadm -z [zonename] halt
# zoneadm -z [zonename] detach


Create a zfs snapshot of your zone


# zfs snapshot -r /path/to/zfs/zone/filesystem/[zonename]@[zonedestination]


Example:
# zfs snapshot -r /zonepool/zones/apple@orange


To see if the snapshot has been created, run:


# zfs list


You should see something similar to this:


NAME                          USED  AVAIL  REFER  MOUNTPOINT

zonepool/zones/apple@orange     2.55M      -  1.55G  -

Send the snapshot over to the new global host using zfs send and receive via ssh:


# zfs send /zonepool/zones/apple@orange | ssh root@[destinationhost] "zfs recv /path/to/zones/apple"
Password:


To keep a check of the migration process, log in to your destination host and run the following command:


# zfs list | grep apple


You will know that the migration is complete when you have two results from that previous command; the zone filesystem and its snapshot.


Its now time to rebuild your zone on the new host:


# zonecfg -z apple
zonecfg:apple> create -a /path/to/zones/apple


Check that the configuration of that zone is the same


zonecfg:apple> info


Complete configuration:


zonecfg:apple> commit
zonecfg:apple> exit

Finally, its time to attach and boot up the zone on the new system. Using zoneadm attach you can see what inconsistencies there are in terms of version mismatches of packages and patches, this is useful to take note of what you need to install on the new zone, if you use attach -u it should automatically upgrade to new package and patch if there is a higher version on the global host. And finally if you just want to force and attachment and not bother with upgrades or list of  inconsistencies,  use attach -u -F:


# zoneadm -z apple attach
# zoneadm -z apple attach -u
# zoneadm -z apple attach -u -F
# zlogin apple

at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Platform Engineering: Developer Experience

Intro The role of Platform Engineer as evolved through the ages. I’ve gone through all the names: Sys Admin, Infrastructure Engineer, DevOps...