How to Add LUN to a Non-Global Zone in Solaris Using ZFS
Introduction
In Solaris environments, disk management for non-global zones follows a controlled and secure approach. Unlike global zones, non-global zones cannot directly access physical disks or LUNs. Instead, storage must be provisioned at the global zone level and then delegated to the non-global zone using ZFS datasets.
This blog walks you through the complete process of adding a LUN to a non-global zone by:
- Creating a ZFS pool in the global zone
- Delegating a dataset to the non-global zone
- Creating and mounting a filesystem inside the zone
⚠️ Important Note:
This activity requires a zone reboot. Please plan an appropriate downtime for the non-global zone before proceeding.
Scenario Details
For this walkthrough, we are using the following example values:
- Zone Name:
test-live-fo1 - ZFS Pool Name:
test_logpool - LUN WWID:
600601608AE24E00D1B5E96550D021DE
Step 1: Prechecks on the Global Zone
Log in to the global zone and collect baseline information before making any changes.
These prechecks help in:
- Validating system health
- Confirming existing pool and zone configuration
- Capturing a rollback reference if needed
Step 2: Prechecks on the Non-Global Zone
Log in to the activity (non-global) zone and run the same precheck commands listed in Step 1.
This ensures:
- Consistency between zones
- No pre-existing filesystem or mount conflicts
Step 3: LUN Assignment and Detection (Global Zone)
The storage team will assign the LUN to the physical server (global zone). Once the LUN is presented, rescan the disks and identify the new LUN.
Identify the LUN using its WWID:
Make sure the correct disk is identified before moving forward.
Step 4: Create a New ZFS Pool in the Global Zone
Once the LUN is confirmed, create a ZFS pool.
At this stage:
- The pool exists only in the global zone
- It is not yet accessible to the non-global zone
Step 5: Delegate the Dataset to the Non-Global Zone
Now, delegate the dataset to the required zone.
This step authorizes the non-global zone to use the dataset derived from the global pool.
Step 6: Create ZFS Filesystem and Mount It (Inside the Zone)
Log in to the non-global zone and create a filesystem.
The filesystem is now visible inside the zone with the specified mount point.
Step 7: Set Directory Permissions
Adjust ownership and permissions as per application requirements. In this example, we assign ownership to the weblogic user and group.
Step 8: Verify and Apply Zone Configuration Changes
Back in the global zone, verify and apply the zone configuration.
Reboot the activity zone (planned downtime required):
After reboot, log in and verify:
If required, reset mount properties:
Step 9: Final Verification
Confirm that the filesystem is correctly mounted and accessible inside the non-global zone.
Conclusion
By following this approach:
- Physical storage is securely managed in the global zone
- Non-global zones receive controlled access via ZFS datasets
- Best practices for Solaris zone isolation are maintained
This method ensures flexibility, security, and maintainability when managing storage for Solaris non-global zones.
No comments:
Post a Comment