Zone Best Practices and Other general questions
We are in the process of implementing zones on a E2900. We will
be installing, configuring and deploying a large number of software
products in these zones utilizing a 4T SAN for storage for all
these products. There will also be approximately 100-150 end users utilizing all zones on this E2900.
I'm in the process of learning about zone/container technology
and I had some quick questions as I'm getting started that
I was hoping everyone could share some info on:
1.Is there a limit to the number of zones?
2.Are there performance problems with 10 or more zones configured?
3.Are there some documented best practices for zones?
4.Has anyone ran across some published case studies where
companies are utilizing zones?
Thanks,
BillyD
[822 byte] By [
BillyD] at [2007-11-26 8:22:42]
# 1
Hi,
I can tell you one thing for sure..... we have a zones server over here which has 10 zones on it and that one does not show any performance problems.... We use the zones server as a development box to give each developer it's own environment where in he can develop applications.
# zoneadm list
global
dev01
dev03
dev02
dev04
dev05
dev09
dev10
dev07
dev08
dev06
Cheers,
Nico
NicoB at 2007-7-6 21:31:09 >
# 2
> 1.Is there a limit to the number of zones?
> 2.Are there performance problems with 10 or more
> zones configured?
According to http://www.sun.com/bigadmin/features/articles/zones_partition.html
The upper limit for the number of zones on a single physical server is 8192. The number of zones that can effectively be hosted on a single physical server is dependent upon the total resource requirements of applications running in all of the zones combined.
# 3
> 3. Are there some documented best practices for zones?
docs.sun.com has some literature that you should poke through, at least.
One item of consideration.. if you do anything with zones, you should try your best to do everything within a zone (on that physical system).
Actions in the Global Zone could very easily impact non-global zones.
# 4
Hi, what would be the minium requirement/configuration to be set on the global zone? For example, i have 3 local zone & 1 global zone. Each local zone is running web & oracle apps. What is the best practice that I should have on my global zone settings? thanks
# 5
zone best practices:
inherit directories/file systems from global for tools and software that are common to all users - this will save space
implement pooladm -
don't tell the end user that they are using a VM - undoubtedly they will blame the zone for a limitation/problem that may happen in the environment
migrate all users from the global zone to a VM zone - to prevent unwanted system instability or application installation - which may have a ripple effect to all zones i.e - installation of the sjsas DAS to the global
read up on lofs -- loopback filesystems
prstat -Z is your friend in determination of memory hogs
# 6
One limitation that we're looking at is the time to patch a zoned system. Each zone adds a not-insignificant time to the total run.
I like the poster (in another thread) who said they have a third mirror they break, patch then reboot to. That would really speed things up but generally our servers don't have three disks for booting.
# 7
So far we stumbled over the following things:
Don't point the zone path directly into the zones root directory, otherwise you cant place local Filesystems there. e.g
Zone Home /shared/zoes/myzone
ZonePath: /shared/zoes/myzone/zone
this allows you to create for example /shared/zoes/myzone/usr_local_etc
and lofs mount this as /usr/local/etc
in the zone myzone so it is writable.
If you build your own packages, think carefully where you place the files which are changing for each zone
To have a spares root zone is not only appealing for the saved disk space, but even more for the saved memory space as a shared library is loaded only once for all zones. But this means you have /usr inherited, and thus cant write to any file in there.
We have compiled all the open source packages we are using ourselves, with a layout where var is /usr/local/var
and etc /usr/local/etc
so we ran straight away into the wall :-(
We have so far two workarounds:
1. Lofs Mount /usr/local/var
and /usr/local/etc
to a directory in the zone home (see above). In this case pkaadd does not recognize this lofs mount and places the example files just in the direcory in the global zone which is hidden behind the lofs mount in the local zone, so you have to copy them over after the pkgadd.
2. Just inherit the subdirs from /usr which contain read only files /usr/bin, usr/bin, /usr/libc
etc. This gives a clean layout, but the zone configuration has lots of inherited directories, not a simple layout, it is not very intuitive to understand.
Of course there are two other solutions
3. use the whole root model. This means we would waste memory if we have lots of zones on a machine
4. recompile the packages and place the files which must be writable for example in /opt/local/...
This would be a major pain as we have about 200 Packages for 2 Solaris Versions installed on a few 100 hosts.
# 8
E2900 is a nice system.
As for best practices, I found the "Sun BluePrints Guide to Solaris Containers" to be quite good.
http://www.sun.com/blueprints/1006/820-0001.pdf
I've used zones to 'consolidate' old legacy (yet critical) applications.
We took several applications that were running on Netra T1-105s, E220Rs and E420s and consolidated them on loaded V440s and found no performance problems.
And I'm migrating two Sybase servers from two machines to one system and putting each DB server in it's own Zone.
And these are all production systems/applications.
Hope that helps.
C()
# 9
You should also consider using Container Manager (http://www.sun.com/software/products/container_mgr/).
Not only do you get point-and-click web access to create/destroy/boot/shutdown Zones, but you can also manage your pools of CPUs, alter CPU/memory/bandwidth shares, graph the utilization of the Zones (and whole box)... and do in-depth monitoring of the 2900 itself (since SCM comes with SunMC).
Regards,
Mike.Kirk@HalcyonInc.com
http://www.HalcyonInc.com
