How to identify a Solaris non-global zone
It wouldn’t take much for an experienced Solaris Admin to figure out the server they have logged into is a Solaris Container aka Non-Global Zone, or “zone” for short.
For those of us who don’t have years of experience and expertise in Solaris Administration under our belts, here is a list of things I have come across which would help you identify if the server you are logging into is a container. Like always, not all of these will apply to your situation or server configuration so, your mileage will vary.
The zonename command shows the hostname instead of printing “global”
non-global-zone# zonename
non-global-zone
You can no longer use SVM commands
non-global-zone# metastat -p
metastat: zonename: Volume administration unavailable within non-global zones
Show other non-global zones if you are not using IPMP
non-global-zone# arp -a | grep SPLA
ce0 non-global-zone 255.255.255.255 SPLA 00:xx:xx:xx:xx:xx
ce0 other-non-global-zone.fqdn 255.255.255.255 SPLA 00:xx:xx:xx:xx:xx
ce0 theglobalzone.fqdn 255.255.255.255 SPLA 00:xx:xx:xx:xx:xx
If only using lofs devices, format returns nothing
non-global-zone# format
Searching for disks…done
No disks found!
lsof no longer works, see lsof FAQ
non-global-zone# lsof
lsof: can’t stat(/devices): No such file or directory
Sparse root zone does not have CLUSTER info
non-global-zone# ls -la /var/sadm/system/admin/CLUSTER
/var/sadm/system/admin/CLUSTER: No such file or directory
A Solaris zone has a zsched process as apposed to a “sched”
non-global-zone# ps -ef | grep zsched
A Solaris zone will not show any global processes when running a ps with a “-Z” option
non-global-zone# ps -ef -Z | grep global
non-global-zone root 25463 29042 0 03:53:04 pts/60 0:00 grep global
Loopback file systems are displayed instead of actual devices under the “Filesystem” column. Compare df output with /etc/vfstab entries. Chances are they will not match if you are using lofs devices.
non-global-zone# df -h
ifconfig shows a virtual loopback and nic interface
non-global-zone# ifconfig -a
lo0:2: flags=2001000849mtu 8232 index 1
inet 127.0.0.1 netmask ff000000
ce0:2: flags=1000843mtu 1500 index 2
inet xxx.xxx.xxx.xxx netmask ffffff00 broadcast xxx.xxx.xxx.xxx
mknod no longer works because it cant write to /dev/
non-global-zone# mknod /dev/testing c 4 64
mknod: Not owner
zonecfg can only be run from the global zone
non-global-zone# zonecfg -z test
zonecfg can only be run from the global zone.
zoneadm will only print you the non-global zone
non-global-zone# zoneadm list
pivishk
zlogin can only be run from the global zone
non-global-zone# zlogin other-non-global-zone
zlogin: ‘zlogin’ may only be used from the global zone
prstat does not show you “global” zone usage, just hostname when using “-Z” option
non-global-zone# prstat -Z
Missing /etc/ethers
non-global-zone# ls -la /etc/ethers
/etc/ethers: No such file or directory
dispadmin does not work
non-global-zone# dispadmin -d
dispadmin: Operation not supported in non-global zones
non-global-zone# prtdiag
prtdiag can only be run in the global zone
dumpadm no longer works
non-global-zone# dumpadm
dumpadm: failed to open /dev/dump: No such file or directory
Again, this is not a complete list nor an end all be all list of things that do not work in a Solaris non-global zone. However, what this list does do is aid in identification of a Solaris 10 zone.
If you’ve discovered other things that do not work in a Solaris 10 zone but do in a global zone, please add a comment.
About this entry
You’re currently reading “ How to identify a Solaris non-global zone ,” an entry on a little stupid blog
- Published:
- 3.30.09 / 4pm
- Category:
- tips-n-tricks
Comments are closed
Comments are currently closed on this entry.