sun solaris resources, zones & container

SUN SolarisResources, Zones & Container

Michael Schöbel

[email protected]

June 26, 2008 – Server Operating Systems

mailto:[email protected]

Server Operating Systems | SUN Solaris | June 26, 2008

2

Agenda

■ SUN Solaris - Overview / Definitions

■ Resource Management

■ Zones / Containers

■ Summary


3

Workload Entities

■ “System“

■ One server machine

■ Container

■ Zone + resource management

■ Zone

■ Virtualized operating system instance

■ Project

■ Process group, set of tasks

■ Task

■ Collection of processes, assigned to project

■ Process / Lightweight processes (LWP)

■ Application instance


4

Resource Types

■ Resource types in SUN Solaris

■ CPU

■ Network endpoints

■ Memory

■ Swap space

■ Storage space

■ ...


5

Resource Assignment

■ Resource assignment

■ Partitioning

□ Disjoint sets of resource shares

□ May be hardware supported

□ Partition = unit of resource assignment

■ Capping

□ Limiting amount of usable resources

■ (Fair-) sharing

□ Relative weights of concurrent activities

□ Applied if utilization reaches 100%


6

Agenda




■ Summary


7

Resource Management – Pools

■ Pool = dynamic resource collection

■ Scheduled independently and isolated from other pools

■ Processor set and importance

■ Configuration commands

□ psrset

◊ Manage processor sets

□ poolbind

◊ Bind zones, projects or tasks to resource pools

□ poolcfg / pooladm

◊ Manage/assign pools and processor sets


8

Resource Managment – Capping

■ rcapd – resource cap enforcement daemon

■ Manage RSS (resident set size == working set)

■ Applicable to processes, projects, tasks, and zones

■ Configuration commands

□ rcapd

□ rcapadm

◊ rcapadm –z <zone> -m <size>

□ prctlstate: enabled

memory cap enforcement threshold: 0%process scan rate (sec): 15

reconfiguration rate (sec): 60report rate (sec): 5

RSS sampling rate (sec): 5


9

Resource Management – (Fair-)Sharing

■ Ensure certain CPU share (if CPU utilization reaches 100%)

■ Activate Fair Share Scheduler (FSS) for resource pool

■ Assign CPU shares

□ prctl command

□ Zone configuration file

# poolcfg –c ‘modify pool pool_default (string pool.scheduler=“FSS”)’# pooladm –c

# priocntl –s –c FSS –i class TS# priocntl –s –c FSS –i pid 1


10

Agenda




■ Summary


11

SUN Solaris Zones

■ Virtualized/isolated operating system environments

■ Sparse root zones

□ Shared data (e.g. /lib or /usr) on disk and in memory

□ Patches and updates can be applied to global zone

□ Requires ~ 70 MByte disk space

■ Whole root zones

□ Complete copy of system files and data

□ Shared kernel

□ Allow for different patch level and application versions

□ Requires ~ 2500 MByte disk space

■ Tools: zonecfg and zoneadm


12

Zones – Lifecycle (I)

■ Zones state model

■ Configured

□ Zone configuration specified and saved to stable storage

■ Installed

□ Unique root file system is instantiated for zone

■ Ready

□ Virtual platform has been established (zsched process)

■ Running

□ init daemon is running and starts application environment

■ Shutting Down

■ Down


13

Zones – Lifecycle (II)


14

Zones – Configuration (I)

■ Zone templates (XML files) in /etc/zones/

■ File: index – currently configured zones

■ File: SUNWdefault.xml – default configuration

global:installed:/test_zone:installed:/zones/test_zone:07dae8f1-0eda-cc62-e45c-9922ebf9769f

<?xml version="1.0"?>

<!DOCTYPE zone PUBLIC "-//Sun Microsystems Inc//DTD Zones//EN" "file:///usr/share/lib/xml/dtd/zonecfg.dtd.1">

<zone name="default" zonepath="" autoboot="false"><inherited-pkg-dir directory="/lib"/><inherited-pkg-dir directory="/platform"/><inherited-pkg-dir directory="/sbin"/><inherited-pkg-dir directory="/usr"/>

</zone>


15

Zones – Configuration (II)

■ Configure zones: zonecfg

■ Can not affect running zone reboot required

■ Configure resources and properties

■ Resources

□ attr, capped-cpu, capped-memory, inherit-pgk-dir, …

■ Properties

□ Global

◊ zonename, zonepath, autoboot, …

□ Resource related

◊ capped-cpu: ncpus

◊ capped-memory: physical, swapped, locked

◊ …


16

Zone – Configuration (III)

# zonecfg -z test_zonetest_zone: No such zone configuredUse 'create' to begin configuring a new zone.zonecfg:test_zone> createzonecfg:test_zone> set zonepath=/zones/test_zonezonecfg:test_zone> set autoboot=truezonecfg:test_zone> set pool=test_poolzonecfg:test_zone> verifyzonecfg:test_zone> commitzonecfg:test_zone> exit


17

Zone – Installation

# zoneadm -z test_zone installPreparing to install zone <test_zone>.Creating list of files to copy from the global zone.Copying <14195> files to the zone.Initializing zone product registry.Determining zone package initialization order.Preparing to initialize <1196> packages on the zone.Initialized <1196> packages on zone.Zone <test_zone> is initialized.Installation of <1> packages was skipped.The file </zones/test_zone/root/var/sadm/system/logs/install_log> contains a log of the zone installation.# zoneadm list -civ

ID NAME STATUS PATH BRAND IP0 global running / native shared- test_zone installed /zones/test_zone native shared


18

Zone – Booting

# zoneadm -z test_zone boot# zoneadm list -civ

ID NAME STATUS PATH BRAND IP0 global running / native shared25 test_zone running /zones/test_zone native shared


19

Zone – Console access

■ Switching to console of zone installation (of Solaris OS)

■ System configuration of newly created Solaris OS (timezone, …)

■ Disconnect from console with ~. (tilde dot)

■ Access zone via network: telnet, rlogin, ssh, …

# zlogin –C test_zone[Connected to zone `test_zone` console]

Select a language…


20

Zone – Halt

# zoneadm –z test_zone halt# zoneadm list -civ

ID NAME STATUS PATH BRAND IP0 global running / native shared- test_zone installed /zones/test_zone native shared

■ Connect to console and halt/reboot virtual system


21

Zone – Uninstall / Remove

# zoneadm -z test_zone uninstallAre you sure you want to uninstall zone test_zone (y/[n])? y# zoneadm list -civ

ID NAME STATUS PATH BRAND IP0 global running / native shared- test_zone configured /zones/test_zone native shared

# zonecfg -z test_zone deleteAre you sure you want to delete zone test_zone (y/[n])? y# zoneadm list -civ

ID NAME STATUS PATH BRAND IP0 global running / native shared

# ls /etc/zones/SUNWblank.xml SUNWdefault.xml SUNWtsoldef.xml index


22

Zone – Further Aspects

■ BrandZ

■ Install Linux in Solaris zone

■ RedHat, CentOS, [and Debian]

■ Migration of zones

■ Detach/Attach operations (installed state <-> configured state)

■ Requires same patch level in global zone

■ No live migration

■ Zone clustering

■ Temporary pools and psets

■ …


23

Solaris Container

■ Container = zone + resource control

■ Zone provides isolated and secure environment

□ File system, process hierarchy

■ Resource control allows to define inter-zone relations

□ Manage resource dependencies

■ Use cases

□ Server consolidation (e.g. web hosting)

□ Isolation of development and production systems

□ …


24

Agenda




■ Summary


25

Summary

■ Solaris container / zones

■ Lightweight virtualization approach

■ Different possible usage scenarios

■ Flexible resource assignment to applications


26

Assignment

■ SUN Solaris experiments

■ Host: SPARC 4 CPU machine - tb3.asg-platform.org

■ Linux accounts, password = username

■ Alternative: SUN Solaris VMWare Image (see references)

■ Task

□ Diagnosis: DTrace, prstat, ...

□ Configure new zone in serveros pool

□ Create workload

□ Change assigned CPU share for your zone

□ Add/remove one CPU to serveros resource pset

□ Try memory capping


27

References

■ SUN Solaris documentation

■ Solaris Containers Learning Centerhttp://www.sun.com/software/solaris/containers_learning_center.jsp

■ Solaris 10 Container Leitfadenhttp://de.sun.com/teleweb/virtualisierung/pdf/ptt-leitfaden-solaris-container-v2.0.pdf

■ Price, Tucker:„Solaris Zones: Operating System Support for ConsolidatingCommercial Workloads“https://www.sun.com/bigadmin/content/zones/zones_lisa.pdf

■ Links / other resources

■ Solaris Express Developer Edition – VMWare Imagehttp://developers.sun.com/sxde/download.jsp

sun solaris resources, zones & container

Documents