Possible steps to convert a global host into a Solaris Zone

This post shows possible steps of converting a Global host into a Solaris zone. The point of a global host is to control and maintain its derived Solaris Zones and if you have workload on a global host you will hit problems of when maintenance needs carrying out. So the best procedure is to have all your workload and applications on a Solaris Zone for easier management. There is a procedure you can go through to perform a p2v (physical to virtual) using flarcreate and zoneadm however this is only supported on a higher release of Solaris, by all means if you have a release of solaris that can support p2v then explore the oracle documentation, but read on if you have an older release.


Pre-requisites
Take note of your network configuration on global host (e.g. IP address, Subnet, Gateway)
(NOTE: It is probably that you will need an extra IP address as you are essentially creating another system that will require an IP address)
Take note of any third party software installed on global host as you will probably have to add them on zone manually if needed (/opt etc.)
Create a backup of your /etc/passwd, /etc/group and /etc/shadow file so that they can be migrated across to zone once it has been configured
Run a "ps -ef" to see if any processes not owned by yourself that are running so you can inform whoever is running them that there will be an outage/possibly schedule an outage.
If you are migrating to another global host, make sure "PermitRootLogin" is set to yes in the sshd_config file (remember to restart the ssh service):


# vi /etc/ssh/sshd_config
PermitRootLogin yes
# svcadm restart ssh


Procedure


Firstly, lets make our zone (it would help if you had two sessions on the same box open)


# zonecfg -z [zonename]
zonecfg:[zonename]>create
zonecfg:[zonename]>set zonepath=/path/to/zonepool/[zonename]
zonecfg:[zonename]>set autoboot=true
zonecfg:[zonename]>add net
zonecfg:[zonename]:net>set address=[ipaddress]
zonecfg:[zonename]:net>set physical=[interface]
zonecfg:[zonename]>end
zonecfg:[zonename]>verify
zonecfg:[zonename]>commit
zonecfg:[zonename]>exit
# zoneadm -z [zonename] install
[DATA]
# zoneadm -z [zonename] boot
# zlogin -C [zonename]


If you haven't used the -C switch before, it is the first-boot configuration of the zone, (languages, hostname etc). It has quite a friendly interface so just run the wizard.


The next step is migrate your /export/home directory from your global host to the new zone using scp. From the global host, run this command:


# scp -r /export/home root@[newzoneipaddress}:/export
[DATA]
[DATA]


Once this is complete, the next step is to copy your users from the /etc/passwd file to your new zone (WITH CAUTION) along with the password from the /etc/shadow file and /etc/group. NOTE PLEASE TAKE CARE WITH THIS PROCEDURE). Once this has complete and you have checked several times that there are no mistakes, reboot your new zone from the global


# zoneadm -z [zonename] reboot


Test to see if your users are configured properly in terms of passwords, groups and home directories. You may find that you need to run a "chown -R" to change all the home directories in /export/home to the relevant user and group. For example:


# chown -R bob:other /export/home/bob


The last step would be to make sure you install any solaris packages located in /opt or any other third party applications, the aim would be to make a complete duplicate of your global host but in solaris zone format. Good advice would be to run "ls -l" in popular directories on each server to increase similarity


Its a long process but it should get the job done. The thing to remember is, if the zone gets mis-configured it can be deleted and recreated.