Solaris Container Zone Japan OpenSolaris Users Group Leader
Internet WEB System
WEB Router w FW Stack Router w FW Switch Stack Switch L.A. L.A. L.A. Server Server Server L.A. L.A. L.A. Switch Stack Switch L.A. L.A. HeartBeat 1. Internet 2. Router with FireWall 3. Switch 4. Service Server 5. SAN Switch 6. Storage Server (TARGET) 7. Storage Array Storage Server HBA SAS Controller Controller SAS HBA Storage Server L4 L5L4 Storage Array - 3 -
WEB Load Balancer w FireWall WAF Load Balancer w FireWall WAF DNS/Resolver Forward Proxy MTA.... WEB Server WEB Server Application Server Application Server DNS / Contents Server DNS / Contents Server DBMS DBMS IPFW FTP - 4 -
......... - 5 -
1-7 -
...... - 8 -
. WEB....... DHCP. NAT. - 9 -
1. 2. Solaris Project Task 3. 4. OS 5. OS 6. OS - 10 -
.. OS - 11 -
Hypervisor
- 13 -
- 14 -
Live Migration - 15 -
Container Solaris Container
.. CPU.... - 17 -
.. OS... - 18 -
Solaris Containers Solaris Containers. OS... Solaris Resource Manager. 1. cpu cap memory cap.. BrandZ Linux illumos lx-zone. CentOS 3 4 Linux yum. - 19 -
OS OS root / etc var usr zones ここは ものにより異なる websv1 仮想サーバ名 root 仮想サーバのrootイメージ etc var usr websv2 root etc var usr. n o n - g l o b a l - zone globalzone. non global zone global-zone. non global zone - 20 -
0 sched global zone 10 /lib/svc/bin/svc.startd 551 /usr/lib/saf/sac -t 300 556 /usr/lib/saf/ttymon 574 /usr/lib/saf/ttymon -g -d /dev/console -l console -m ldterm,ttcompat -h -p ope 12 /lib/svc/bin/svc.configd 46 /sbin/dlmgmtd 191 /usr/lib/sysevent/syseventd 698 zoneadmd -z work-spec-oi151 non global zone 700 zoneadmd -z kikyo1 non global zone 900 zsched non global zone 1151 /sbin/init この下にぶら下がってるとわかりやすいが 実は違う 931 zsched non global zone 1179 /sbin/init この下にぶら下がってるとわかりやすいが 実は違う 1639 /usr/lib/memcached -u noaccess -u webservd -l 127.0.0.1 -p 11211 -m 128m こ れは non global zoneの中で動いてる kill renice - 21 -
1 OS 1 $ prstat -Z -s size PID USERNAME SIZE RSS STATE PRI NICE TIME CPU PROCESS/NLWP 27672 sshd 346M 344M sleep 59 0 4:22:46 0.1% tiarra/1 9522 mysql 178M 164M sleep 59 0 345:51:20 0.3% mysqld/11 860 webservd 87M 45M sleep 59 0 0:00:15 0.0% httpd/1 27659 sshd 79M 68M sleep 59 0 4:10:09 0.2% mono/10 1153 webservd 70M 34M sleep 59 0 0:00:00 0.0% httpd/1 9672 root 63M 18M sleep 59 0 1:36:33 0.1% httpd/1 6116 root 60M 45M sleep 59 0 338:06:56 2.1% pkg.depotd/53 22267 webservd 59M 5528K sleep 59 0 0:00:10 0.0% httpd/1 ZONEID NPROC SWAP RSS MEMORY TIME CPU ZONE 52 50 694M 595M 7.3% 268:40:02 4.7% kohju.justplayer.com 62 53 406M 369M 4.5% 374:25:44 2.6% p2vi001.justplayer.ne.jp 61 32 174M 88M 1.1% 44:29:38 1.5% p2vi042.justplayer.ne.jp 0 50 100M 87M 1.1% 880:38:41 2.4% global 11 26 85M 71M 0.9% 48:32:30 0.3% dist.justplayer.com 44 21 130M 108M 1.3% 807:58:20 6.4% ospkg.justplayer.com 9 16 41M 37M 0.5% 329:52:08 2.0% pkg-dev.justplayer.com 33 16 40M 35M 0.4% 362:00:42 1.9% pkg-release.justplayer.com Total: 311 processes, 1401 lwps, load averages: 2.49, 3.02, 2.57-22 -
Container Zone pfexec zfs create -o mountpoint=/zones rpool/zones Zone pfexec zonecfg -z testzone zone set zonepath=/zones/test.justplayer. com set brand=ipkg set autoboot=false set ip-type=shared add net set address=10.100.2.12/29 set physical=bge1 end add rctl set name=zone.cpu-cap add value (priv=privileged,limit=150,a ction=deny) end add rctl - 23 - set name=zone.max-swap add value (priv=privileged,limit=53687 0912,action=deny) end add capped-memory set physical=256m end ZFS rpool/zones/test.justplayer. com Zone
. WEB. PHP Java Servlet.. DNS. OS. Windows.. IIS Linux. Flash Media Server. DBMS MySQL PostgreSQL. Live Migration - 24 -
Solaris Container
ZFS / Storage. ZFS. ZFS. ZFS. CAP... - 26 -
COMSTAR / SAN. SAN. COMSTAR iscsi TARGET ZFS DAS. SAN. - 27 -
Network. Crossbow. NIC. NIC. spoofing. CPU. IP. Switch Etherstub. Bridge. VLAN. MAC. - 28 -
Network Network DMZ Backnet (tagvlan) Storage Area Network Control Network ControlNetwork Storage Area Network iscsi SAN DMZ /Backnet - 29 -
System
1. 2. OS 3. OS 4. OS - 31 -
.... - 32 -
.. 256MB. AMP 512MB.. VLAN VNIC VHUB Crossbow. IP.. Global Zonezlogin.. - 33 -
Load Balancer w FireWall Load Balancer w FireWall DNS/Resolver Forward Proxy MTA WAF WAF WEB Server WEB Server Application Server Application Server DNS / Contents Server DNS / Contents Server DBMS DBMS - 34 -
. 2. 2Private Net Network Server 1 Server 2-35 -
Tips. 2 cap 90%. 256MB512MB. lxzone.. LL OS. XaaS OS - 36 -
CPU. (zone halt) (zone detach). (zpool export) (iscsi detach). (iscsi attach) (zpool import). (zone attach) (zone boot) - 37 -
. Solaris. OpenIndiana. Illumos. Linux. Redhat Enterprise Linux. Solaris Container. Solaris Resource Manager. lxzone Linux. ZFS. COMSTAR. Crossbow. D-Trace. kvm(kernel Virtual Machine). lxc (Linux Container). OpenVZ / Virtuozzo. UMB (User Mode Linux). VMware. Xen Server. HVM/ PVM - 38 -
OpenSolaris Users Group @kohju) http://kohju.justplayer.com/ http:/// - 39 -