-
Notifications
You must be signed in to change notification settings - Fork 2
Home
The "ipkg" brand allows you to have a full-root, IPS-managed zone running on SmartOS.
The SmartOS ipkg brand is not a proper "ipkg" brand, in the Solaris 11 or OpenIndiana sense. It is a modified "joyent" brand which boots a pre-built OpenIndiana template.
This code is experimental. It works, but it requires work to work. There are still some Issues.
- Install an OpenIndiana system
- Use
bin/setup.shfrom this repository to build a minimal sample OI template /opt/smartos-ipkg/bin/setup.sh /zones/oi-151a /root/oi-151a.zfs- Boot and configure a SmartOS host with stable storage
- Copy and import the OI template on the SmartOS system
cat oi-151a.zfs | zfs recv zones/oi-151a
You will need to replace OpenIndiana's net-physical method with SmartOS's, so network initialization will work properly.
cp /lib/svc/method/net-physical /zones/oi-151a/root/lib/svc/method/
For SmartOS's net-physical to work, you will also need to copy /lib/sdc into the template.
cp -R /lib/sdc /zones/oi-151a/root/lib/
Because SmartOS is built using GCC, and OpenIndiana 151 lacks some bug fixes, you probably need to delete /usr/lib/dtrace/nfs.d for DTrace to function within the zone.
Until these changes are incorporated into SmartOS proper, you will need to create loopback mounts on top of /usr/lib/brand and /usr/vm. Another alternative would be to modify your boot media (either the USB platform, or boot_archive if you are netbooting).
mount -F lofs /opt/smartos-ipkg/overlay/usr/lib/brand /usr/lib/brand
mount -F lofs /opt/smartos-ipkg/overlay/usr/vm /usr/vm
The zone creation process is the same as creating a "joyent" brand zone; we just need to change the brand name.
{
"hostname": "oi",
"alias": "oi",
"brand": "ipkg",
"autoboot": "true",
"default_gateway": "10.80.10.1",
"dns_domain": "local",
"dataset_uuid": "templates/oi-151a",
"nics": [
{
"nic_tag": "admin",
"model": "virtio",
"ip": "10.80.10.90",
"netmask": "255.255.255.0",
"gateway": "10.80.10.1",
"resolvers": "10.80.10.1",
"primary": 1
}
]
}
# vmadm create -f ipkg.json
Successfully created f08162af-9d6c-4194-9391-2ef95055a8a5
# zlogin f08162af-9d6c-4194-9391-2ef95055a8a5
[Connected to zone 'f08162af-9d6c-4194-9391-2ef95055a8a5' pts/2]
OpenIndiana (powered by illumos) SunOS 5.11 oi_151a September 2011
root@oi:~#
There is one final step: Until #1 is fixed, we will need to log into the zone and configure DNS resolution:
echo "nameserver 10.80.10.1" > /etc/resolv.conf
cp /etc/nsswitch.dns /etc/nsswitch.conf
echo "10.80.10.90 oi oi.local >> /etc/hosts"
Let's install Apache and telnet to ensure that IPS is working properly:
root@oi:~# pkg install apache-22 pkg:/network/telnet
Packages to install: 2
Create boot environment: No
Services to restart: 1
DOWNLOAD PKGS FILES XFER (MB)
Completed 2/2 796/796 3.5/3.5
PHASE ACTIONS
Install Phase 960/960
PHASE ITEMS
Package State Update Phase 2/2
Image State Update Phase 2/2
So, IPS works! Just for fun...
root@oi:~# svcadm enable http
root@oi:~# telnet localhost 80
Trying ::1...
Connected to localhost.
Escape character is '^]'.
GET /
<html><body><h1>It works!</h1></body></html>Connection to localhost closed by foreign host.
Cool. We have an IPS-enabled zone running on SmartOS!
Since we are replacing /lib/svc/method/net-physical, if you run pkg fix SUNWcs, networking will be totally broken the next time you reboot or restart the net-physical:default service.