Print this page
OS-4915 want FX high priority zone configuration option
OS-4925 ps pri shows misleading value for zone in RT scheduling class
Reviewed by: Patrick Mooney <patrick.mooney@joyent.com>
| Split |
Close |
| Expand all |
| Collapse all |
--- old/usr/src/man/man1m/zonecfg.1m
+++ new/usr/src/man/man1m/zonecfg.1m
1 1 '\" te
2 2 .\" Copyright (c) 2004, 2009 Sun Microsystems, Inc. All Rights Reserved.
3 -.\" Copyright 2013 Joyent, Inc. All Rights Reserved.
3 +.\" Copyright 2015 Joyent, Inc.
4 4 .\" The contents of this file are subject to the terms of the Common Development and Distribution License (the "License"). You may not use this file except in compliance with the License. You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing.
5 5 .\" See the License for the specific language governing permissions and limitations under the License. When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE. If applicable, add the following below this CDDL HEADER, with the
6 6 .\" fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner]
7 -.TH ZONECFG 1M "Feb 28, 2014"
7 +.TH ZONECFG 1M "Nov 4, 2015"
8 8 .SH NAME
9 9 zonecfg \- set up zone configuration
10 10 .SH SYNOPSIS
11 11 .LP
12 12 .nf
13 13 \fBzonecfg\fR \fB-z\fR \fIzonename\fR
14 14 .fi
15 15
16 16 .LP
17 17 .nf
18 18 \fBzonecfg\fR \fB-z\fR \fIzonename\fR \fIsubcommand\fR
19 19 .fi
20 20
21 21 .LP
|
↓ open down ↓ |
4 lines elided |
↑ open up ↑ |
22 22 .nf
23 23 \fBzonecfg\fR \fB-z\fR \fIzonename\fR \fB-f\fR \fIcommand_file\fR
24 24 .fi
25 25
26 26 .LP
27 27 .nf
28 28 \fBzonecfg\fR help
29 29 .fi
30 30
31 31 .SH DESCRIPTION
32 -.sp
33 32 .LP
34 33 The \fBzonecfg\fR utility creates and modifies the configuration of a zone.
35 34 Zone configuration consists of a number of resources and properties.
36 35 .sp
37 36 .LP
38 37 To simplify the user interface, \fBzonecfg\fR uses the concept of a scope. The
39 38 default scope is global.
40 39 .sp
41 40 .LP
42 41 The following synopsis of the \fBzonecfg\fR command is for interactive usage:
43 42 .sp
44 43 .in +2
45 44 .nf
46 45 zonecfg \fB-z\fR \fIzonename subcommand\fR
47 46 .fi
48 47 .in -2
49 48 .sp
50 49
51 50 .sp
52 51 .LP
53 52 Parameters changed through \fBzonecfg\fR do not affect a running zone. The zone
54 53 must be rebooted for the changes to take effect.
55 54 .sp
56 55 .LP
57 56 In addition to creating and modifying a zone, the \fBzonecfg\fR utility can
58 57 also be used to persistently specify the resource management settings for the
59 58 global zone.
60 59 .sp
61 60 .LP
62 61 In the following text, "rctl" is used as an abbreviation for "resource
63 62 control". See \fBresource_controls\fR(5).
64 63 .sp
|
↓ open down ↓ |
22 lines elided |
↑ open up ↑ |
65 64 .LP
66 65 Every zone is configured with an associated brand. The brand determines the
67 66 user-level environment used within the zone, as well as various behaviors for
68 67 the zone when it is installed, boots, or is shutdown. Once a zone has been
69 68 installed the brand cannot be changed. The default brand is determined by the
70 69 installed distribution in the global zone. Some brands do not support all of
71 70 the \fBzonecfg\fR properties and resources. See the brand-specific man page for
72 71 more details on each brand. For an overview of brands, see the \fBbrands\fR(5)
73 72 man page.
74 73 .SS "Resources"
75 -.sp
76 74 .LP
77 75 The following resource types are supported:
78 76 .sp
79 77 .ne 2
80 78 .na
81 79 \fB\fBattr\fR\fR
82 80 .ad
83 81 .sp .6
84 82 .RS 4n
85 83 Generic attribute.
86 84 .RE
87 85
88 86 .sp
89 87 .ne 2
90 88 .na
91 89 \fB\fBcapped-cpu\fR\fR
92 90 .ad
93 91 .sp .6
94 92 .RS 4n
95 93 Limits for CPU usage.
96 94 .RE
97 95
98 96 .sp
99 97 .ne 2
100 98 .na
101 99 \fB\fBcapped-memory\fR\fR
102 100 .ad
103 101 .sp .6
104 102 .RS 4n
105 103 Limits for physical, swap, and locked memory.
106 104 .RE
107 105
108 106 .sp
109 107 .ne 2
110 108 .na
111 109 \fB\fBdataset\fR\fR
112 110 .ad
113 111 .sp .6
114 112 .RS 4n
115 113 \fBZFS\fR dataset.
116 114 .RE
117 115
118 116 .sp
119 117 .ne 2
120 118 .na
121 119 \fB\fBdedicated-cpu\fR\fR
122 120 .ad
123 121 .sp .6
124 122 .RS 4n
125 123 Subset of the system's processors dedicated to this zone while it is running.
126 124 .RE
127 125
128 126 .sp
129 127 .ne 2
130 128 .na
131 129 \fB\fBdevice\fR\fR
132 130 .ad
133 131 .sp .6
134 132 .RS 4n
135 133 Device.
136 134 .RE
137 135
138 136 .sp
139 137 .ne 2
140 138 .na
141 139 \fB\fBfs\fR\fR
142 140 .ad
143 141 .sp .6
144 142 .RS 4n
145 143 file-system
146 144 .RE
147 145
148 146 .sp
149 147 .ne 2
150 148 .na
151 149 \fB\fBnet\fR\fR
152 150 .ad
153 151 .sp .6
154 152 .RS 4n
155 153 Network interface.
156 154 .RE
157 155
158 156 .sp
|
↓ open down ↓ |
73 lines elided |
↑ open up ↑ |
159 157 .ne 2
160 158 .na
161 159 \fB\fBrctl\fR\fR
162 160 .ad
163 161 .sp .6
164 162 .RS 4n
165 163 Resource control.
166 164 .RE
167 165
168 166 .SS "Properties"
169 -.sp
170 167 .LP
171 168 Each resource type has one or more properties. There are also some global
172 169 properties, that is, properties of the configuration as a whole, rather than of
173 170 some particular resource.
174 171 .sp
175 172 .LP
176 173 The following properties are supported:
177 174 .sp
178 175 .ne 2
179 176 .na
180 177 \fB(global)\fR
181 178 .ad
182 179 .sp .6
183 180 .RS 4n
184 181 \fBzonename\fR
185 182 .RE
186 183
187 184 .sp
188 185 .ne 2
189 186 .na
190 187 \fB(global)\fR
191 188 .ad
192 189 .sp .6
193 190 .RS 4n
194 191 \fBzonepath\fR
195 192 .RE
196 193
197 194 .sp
198 195 .ne 2
199 196 .na
200 197 \fB(global)\fR
201 198 .ad
202 199 .sp .6
203 200 .RS 4n
204 201 \fBautoboot\fR
205 202 .RE
206 203
207 204 .sp
208 205 .ne 2
209 206 .na
210 207 \fB(global)\fR
211 208 .ad
212 209 .sp .6
213 210 .RS 4n
214 211 \fBbootargs\fR
215 212 .RE
216 213
217 214 .sp
218 215 .ne 2
219 216 .na
220 217 \fB(global)\fR
221 218 .ad
222 219 .sp .6
223 220 .RS 4n
224 221 \fBpool\fR
225 222 .RE
226 223
227 224 .sp
228 225 .ne 2
229 226 .na
230 227 \fB(global)\fR
231 228 .ad
232 229 .sp .6
233 230 .RS 4n
234 231 \fBlimitpriv\fR
235 232 .RE
236 233
237 234 .sp
238 235 .ne 2
239 236 .na
240 237 \fB(global)\fR
241 238 .ad
242 239 .sp .6
243 240 .RS 4n
244 241 \fBbrand\fR
245 242 .RE
246 243
247 244 .sp
248 245 .ne 2
249 246 .na
250 247 \fB(global)\fR
251 248 .ad
252 249 .sp .6
253 250 .RS 4n
254 251 \fBcpu-shares\fR
255 252 .RE
256 253
257 254 .sp
258 255 .ne 2
259 256 .na
260 257 \fB(global)\fR
261 258 .ad
262 259 .sp .6
263 260 .RS 4n
264 261 \fBhostid\fR
265 262 .RE
266 263
267 264 .sp
268 265 .ne 2
269 266 .na
270 267 \fB(global)\fR
271 268 .ad
272 269 .sp .6
273 270 .RS 4n
274 271 \fBmax-lwps\fR
275 272 .RE
276 273
277 274 .sp
278 275 .ne 2
279 276 .na
280 277 \fB(global)\fR
281 278 .ad
282 279 .sp .6
283 280 .RS 4n
284 281 \fBmax-msg-ids\fR
285 282 .RE
286 283
287 284 .sp
288 285 .ne 2
289 286 .na
290 287 \fB(global)\fR
291 288 .ad
292 289 .sp .6
293 290 .RS 4n
294 291 \fBmax-sem-ids\fR
295 292 .RE
296 293
297 294 .sp
298 295 .ne 2
299 296 .na
300 297 \fB(global)\fR
301 298 .ad
302 299 .sp .6
303 300 .RS 4n
304 301 \fBmax-shm-ids\fR
305 302 .RE
306 303
307 304 .sp
308 305 .ne 2
309 306 .na
310 307 \fB(global)\fR
311 308 .ad
312 309 .sp .6
313 310 .RS 4n
314 311 \fBmax-shm-memory\fR
315 312 .RE
316 313
317 314 .sp
318 315 .ne 2
319 316 .na
320 317 \fB(global)\fR
321 318 .ad
322 319 .sp .6
323 320 .RS 4n
324 321 \fBscheduling-class\fR
325 322 .RE
326 323
327 324 .sp
328 325 .ne 2
329 326 .na
330 327 .B (global)
331 328 .ad
332 329 .sp .6
333 330 .RS 4n
334 331 .B fs-allowed
335 332 .RE
336 333
337 334 .sp
338 335 .ne 2
339 336 .na
340 337 \fB\fBfs\fR\fR
341 338 .ad
342 339 .sp .6
343 340 .RS 4n
344 341 \fBdir\fR, \fBspecial\fR, \fBraw\fR, \fBtype\fR, \fBoptions\fR
345 342 .RE
346 343
347 344 .sp
348 345 .ne 2
349 346 .na
350 347 \fB\fBnet\fR\fR
351 348 .ad
352 349 .sp .6
353 350 .RS 4n
354 351 \fBaddress\fR, \fBphysical\fR, \fBdefrouter\fR
355 352 .RE
356 353
357 354 .sp
358 355 .ne 2
359 356 .na
360 357 \fB\fBdevice\fR\fR
361 358 .ad
362 359 .sp .6
363 360 .RS 4n
364 361 \fBmatch\fR
365 362 .RE
366 363
367 364 .sp
368 365 .ne 2
369 366 .na
370 367 \fB\fBrctl\fR\fR
371 368 .ad
372 369 .sp .6
373 370 .RS 4n
374 371 \fBname\fR, \fBvalue\fR
375 372 .RE
376 373
377 374 .sp
378 375 .ne 2
379 376 .na
380 377 \fB\fBattr\fR\fR
381 378 .ad
382 379 .sp .6
383 380 .RS 4n
384 381 \fBname\fR, \fBtype\fR, \fBvalue\fR
385 382 .RE
386 383
387 384 .sp
388 385 .ne 2
389 386 .na
390 387 \fB\fBdataset\fR\fR
391 388 .ad
392 389 .sp .6
393 390 .RS 4n
394 391 \fBname\fR
395 392 .RE
396 393
397 394 .sp
398 395 .ne 2
399 396 .na
400 397 \fB\fBdedicated-cpu\fR\fR
401 398 .ad
402 399 .sp .6
403 400 .RS 4n
404 401 \fBncpus\fR, \fBimportance\fR
405 402 .RE
406 403
407 404 .sp
408 405 .ne 2
409 406 .na
410 407 \fB\fBcapped-memory\fR\fR
411 408 .ad
412 409 .sp .6
413 410 .RS 4n
414 411 \fBphysical\fR, \fBswap\fR, \fBlocked\fR
415 412 .RE
416 413
417 414 .sp
418 415 .ne 2
419 416 .na
420 417 \fB\fBcapped-cpu\fR\fR
421 418 .ad
422 419 .sp .6
423 420 .RS 4n
424 421 \fBncpus\fR
425 422 .RE
426 423
427 424 .sp
428 425 .LP
429 426 As for the property values which are paired with these names, they are either
430 427 simple, complex, or lists. The type allowed is property-specific. Simple values
431 428 are strings, optionally enclosed within quotation marks. Complex values have
432 429 the syntax:
433 430 .sp
434 431 .in +2
435 432 .nf
436 433 (<\fIname\fR>=<\fIvalue\fR>,<\fIname\fR>=<\fIvalue\fR>,...)
437 434 .fi
438 435 .in -2
439 436 .sp
440 437
441 438 .sp
442 439 .LP
443 440 where each <\fIvalue\fR> is simple, and the <\fIname\fR> strings are unique
444 441 within a given property. Lists have the syntax:
445 442 .sp
446 443 .in +2
447 444 .nf
448 445 [<\fIvalue\fR>,...]
449 446 .fi
450 447 .in -2
451 448 .sp
452 449
453 450 .sp
454 451 .LP
455 452 where each <\fIvalue\fR> is either simple or complex. A list of a single value
456 453 (either simple or complex) is equivalent to specifying that value without the
457 454 list syntax. That is, "foo" is equivalent to "[foo]". A list can be empty
458 455 (denoted by "[]").
459 456 .sp
460 457 .LP
461 458 In interpreting property values, \fBzonecfg\fR accepts regular expressions as
462 459 specified in \fBfnmatch\fR(5). See \fBEXAMPLES\fR.
463 460 .sp
464 461 .LP
465 462 The property types are described as follows:
466 463 .sp
467 464 .ne 2
468 465 .na
469 466 \fBglobal: \fBzonename\fR\fR
470 467 .ad
471 468 .sp .6
472 469 .RS 4n
473 470 The name of the zone.
474 471 .RE
475 472
476 473 .sp
477 474 .ne 2
478 475 .na
479 476 \fBglobal: \fBzonepath\fR\fR
480 477 .ad
481 478 .sp .6
482 479 .RS 4n
483 480 Path to zone's file system.
484 481 .RE
485 482
486 483 .sp
487 484 .ne 2
488 485 .na
489 486 \fBglobal: \fBautoboot\fR\fR
490 487 .ad
491 488 .sp .6
492 489 .RS 4n
493 490 Boolean indicating that a zone should be booted automatically at system boot.
494 491 Note that if the zones service is disabled, the zone will not autoboot,
495 492 regardless of the setting of this property. You enable the zones service with a
496 493 \fBsvcadm\fR command, such as:
497 494 .sp
498 495 .in +2
499 496 .nf
500 497 # \fBsvcadm enable svc:/system/zones:default\fR
501 498 .fi
502 499 .in -2
503 500 .sp
504 501
505 502 Replace \fBenable\fR with \fBdisable\fR to disable the zones service. See
506 503 \fBsvcadm\fR(1M).
507 504 .RE
508 505
509 506 .sp
510 507 .ne 2
511 508 .na
512 509 \fBglobal: \fBbootargs\fR\fR
513 510 .ad
514 511 .sp .6
515 512 .RS 4n
516 513 Arguments (options) to be passed to the zone bootup, unless options are
517 514 supplied to the "\fBzoneadm boot\fR" command, in which case those take
518 515 precedence. The valid arguments are described in \fBzoneadm\fR(1M).
519 516 .RE
520 517
521 518 .sp
522 519 .ne 2
523 520 .na
524 521 \fBglobal: \fBpool\fR\fR
525 522 .ad
526 523 .sp .6
527 524 .RS 4n
528 525 Name of the resource pool that this zone must be bound to when booted. This
529 526 property is incompatible with the \fBdedicated-cpu\fR resource.
530 527 .RE
531 528
532 529 .sp
533 530 .ne 2
534 531 .na
535 532 \fBglobal: \fBlimitpriv\fR\fR
536 533 .ad
537 534 .sp .6
538 535 .RS 4n
539 536 The maximum set of privileges any process in this zone can obtain. The property
540 537 should consist of a comma-separated privilege set specification as described in
541 538 \fBpriv_str_to_set\fR(3C). Privileges can be excluded from the resulting set by
542 539 preceding their names with a dash (-) or an exclamation point (!). The special
543 540 privilege string "zone" is not supported in this context. If the special string
544 541 "default" occurs as the first token in the property, it expands into a safe set
545 542 of privileges that preserve the resource and security isolation described in
546 543 \fBzones\fR(5). A missing or empty property is equivalent to this same set of
547 544 safe privileges.
548 545 .sp
549 546 The system administrator must take extreme care when configuring privileges for
550 547 a zone. Some privileges cannot be excluded through this mechanism as they are
551 548 required in order to boot a zone. In addition, there are certain privileges
552 549 which cannot be given to a zone as doing so would allow processes inside a zone
553 550 to unduly affect processes in other zones. \fBzoneadm\fR(1M) indicates when an
554 551 invalid privilege has been added or removed from a zone's privilege set when an
555 552 attempt is made to either "boot" or "ready" the zone.
556 553 .sp
557 554 See \fBprivileges\fR(5) for a description of privileges. The command "\fBppriv
558 555 -l\fR" (see \fBppriv\fR(1)) produces a list of all Solaris privileges. You can
559 556 specify privileges as they are displayed by \fBppriv\fR. In
560 557 \fBprivileges\fR(5), privileges are listed in the form
561 558 PRIV_\fIprivilege_name\fR. For example, the privilege \fIsys_time\fR, as you
562 559 would specify it in this property, is listed in \fBprivileges\fR(5) as
563 560 \fBPRIV_SYS_TIME\fR.
564 561 .RE
565 562
566 563 .sp
567 564 .ne 2
568 565 .na
569 566 \fBglobal: \fBbrand\fR\fR
570 567 .ad
571 568 .sp .6
572 569 .RS 4n
573 570 The zone's brand type.
574 571 .RE
575 572
576 573 .sp
577 574 .ne 2
578 575 .na
579 576 \fBglobal: \fBip-type\fR\fR
580 577 .ad
581 578 .sp .6
582 579 .RS 4n
583 580 A zone can either share the IP instance with the global zone, which is the
584 581 default, or have its own exclusive instance of IP.
585 582 .sp
586 583 This property takes the values \fBshared\fR and \fBexclusive\fR.
587 584 .RE
588 585
589 586 .sp
590 587 .ne 2
591 588 .na
592 589 \fBglobal: \fBhostid\fR\fR
593 590 .ad
594 591 .sp .6
595 592 .RS 4n
596 593 A zone can emulate a 32-bit host identifier to ease system consolidation. A
597 594 zone's \fBhostid\fR property is empty by default, meaning that the zone does
598 595 not emulate a host identifier. Zone host identifiers must be hexadecimal values
599 596 between 0 and FFFFFFFE. A \fB0x\fR or \fB0X\fR prefix is optional. Both
600 597 uppercase and lowercase hexadecimal digits are acceptable.
601 598 .RE
602 599
603 600 .sp
604 601 .ne 2
605 602 .na
606 603 \fB\fBfs\fR: dir, special, raw, type, options\fR
607 604 .ad
608 605 .sp .6
609 606 .RS 4n
610 607 Values needed to determine how, where, and so forth to mount file systems. See
611 608 \fBmount\fR(1M), \fBmount\fR(2), \fBfsck\fR(1M), and \fBvfstab\fR(4).
612 609 .RE
613 610
614 611 .sp
615 612 .ne 2
616 613 .na
617 614 \fB\fBnet\fR: address, physical, defrouter\fR
618 615 .ad
619 616 .sp .6
620 617 .RS 4n
621 618 The network address and physical interface name of the network interface. The
622 619 network address is one of:
623 620 .RS +4
624 621 .TP
625 622 .ie t \(bu
626 623 .el o
627 624 a valid IPv4 address, optionally followed by "\fB/\fR" and a prefix length;
628 625 .RE
629 626 .RS +4
630 627 .TP
631 628 .ie t \(bu
632 629 .el o
633 630 a valid IPv6 address, which must be followed by "\fB/\fR" and a prefix length;
634 631 .RE
635 632 .RS +4
636 633 .TP
637 634 .ie t \(bu
638 635 .el o
639 636 a host name which resolves to an IPv4 address.
640 637 .RE
641 638 Note that host names that resolve to IPv6 addresses are not supported.
642 639 .sp
643 640 The physical interface name is the network interface name.
644 641 .sp
645 642 The default router is specified similarly to the network address except that it
646 643 must not be followed by a \fB/\fR (slash) and a network prefix length.
647 644 .sp
648 645 A zone can be configured to be either exclusive-IP or shared-IP. For a
649 646 shared-IP zone, you must set both the physical and address properties; setting
650 647 the default router is optional. The interface specified in the physical
651 648 property must be plumbed in the global zone prior to booting the non-global
652 649 zone. However, if the interface is not used by the global zone, it should be
653 650 configured \fBdown\fR in the global zone, and the default router for the
654 651 interface should be specified here.
655 652 .sp
656 653 For an exclusive-IP zone, the physical property must be set and the address and
657 654 default router properties cannot be set.
658 655 .RE
659 656
660 657 .sp
661 658 .ne 2
662 659 .na
663 660 \fB\fBdevice\fR: match\fR
664 661 .ad
665 662 .sp .6
666 663 .RS 4n
667 664 Device name to match.
668 665 .RE
669 666
670 667 .sp
671 668 .ne 2
672 669 .na
673 670 \fB\fBrctl\fR: name, value\fR
674 671 .ad
675 672 .sp .6
676 673 .RS 4n
677 674 The name and \fIpriv\fR/\fIlimit\fR/\fIaction\fR triple of a resource control.
678 675 See \fBprctl\fR(1) and \fBrctladm\fR(1M). The preferred way to set rctl values
679 676 is to use the global property name associated with a specific rctl.
680 677 .RE
681 678
682 679 .sp
683 680 .ne 2
684 681 .na
685 682 \fB\fBattr\fR: name, type, value\fR
686 683 .ad
687 684 .sp .6
688 685 .RS 4n
689 686 The name, type and value of a generic attribute. The \fBtype\fR must be one of
690 687 \fBint\fR, \fBuint\fR, \fBboolean\fR or \fBstring\fR, and the value must be of
691 688 that type. \fBuint\fR means unsigned , that is, a non-negative integer.
692 689 .RE
693 690
694 691 .sp
695 692 .ne 2
696 693 .na
697 694 \fB\fBdataset\fR: name\fR
698 695 .ad
699 696 .sp .6
700 697 .RS 4n
701 698 The name of a \fBZFS\fR dataset to be accessed from within the zone. See
702 699 \fBzfs\fR(1M).
703 700 .RE
704 701
705 702 .sp
706 703 .ne 2
707 704 .na
708 705 \fBglobal: \fBcpu-shares\fR\fR
709 706 .ad
710 707 .sp .6
711 708 .RS 4n
712 709 The number of Fair Share Scheduler (FSS) shares to allocate to this zone. This
713 710 property is incompatible with the \fBdedicated-cpu\fR resource. This property
714 711 is the preferred way to set the \fBzone.cpu-shares\fR rctl.
715 712 .RE
716 713
717 714 .sp
718 715 .ne 2
719 716 .na
720 717 \fBglobal: \fBmax-lwps\fR\fR
721 718 .ad
722 719 .sp .6
723 720 .RS 4n
724 721 The maximum number of LWPs simultaneously available to this zone. This property
725 722 is the preferred way to set the \fBzone.max-lwps\fR rctl.
726 723 .RE
727 724
728 725 .sp
729 726 .ne 2
730 727 .na
731 728 \fBglobal: \fBmax-msg-ids\fR\fR
732 729 .ad
733 730 .sp .6
734 731 .RS 4n
735 732 The maximum number of message queue IDs allowed for this zone. This property is
736 733 the preferred way to set the \fBzone.max-msg-ids\fR rctl.
737 734 .RE
738 735
739 736 .sp
740 737 .ne 2
741 738 .na
742 739 \fBglobal: \fBmax-sem-ids\fR\fR
743 740 .ad
744 741 .sp .6
745 742 .RS 4n
746 743 The maximum number of semaphore IDs allowed for this zone. This property is the
747 744 preferred way to set the \fBzone.max-sem-ids\fR rctl.
748 745 .RE
749 746
750 747 .sp
751 748 .ne 2
752 749 .na
753 750 \fBglobal: \fBmax-shm-ids\fR\fR
754 751 .ad
755 752 .sp .6
756 753 .RS 4n
757 754 The maximum number of shared memory IDs allowed for this zone. This property is
758 755 the preferred way to set the \fBzone.max-shm-ids\fR rctl.
759 756 .RE
760 757
761 758 .sp
762 759 .ne 2
763 760 .na
764 761 \fBglobal: \fBmax-shm-memory\fR\fR
765 762 .ad
766 763 .sp .6
767 764 .RS 4n
768 765 The maximum amount of shared memory allowed for this zone. This property is the
769 766 preferred way to set the \fBzone.max-shm-memory\fR rctl. A scale (K, M, G, T)
770 767 can be applied to the value for this number (for example, 1M is one megabyte).
771 768 .RE
772 769
773 770 .sp
774 771 .ne 2
775 772 .na
776 773 \fBglobal: \fBscheduling-class\fR\fR
|
↓ open down ↓ |
597 lines elided |
↑ open up ↑ |
777 774 .ad
778 775 .sp .6
779 776 .RS 4n
780 777 Specifies the scheduling class used for processes running in a zone. When this
781 778 property is not specified, the scheduling class is established as follows:
782 779 .RS +4
783 780 .TP
784 781 .ie t \(bu
785 782 .el o
786 783 If the \fBcpu-shares\fR property or equivalent rctl is set, the scheduling
787 -class FSS is used.
784 +class \fBFSS\fR is used.
788 785 .RE
789 786 .RS +4
790 787 .TP
791 788 .ie t \(bu
792 789 .el o
793 790 If neither \fBcpu-shares\fR nor the equivalent rctl is set and the zone's pool
794 791 property references a pool that has a default scheduling class, that class is
795 792 used.
796 793 .RE
797 794 .RS +4
798 795 .TP
799 796 .ie t \(bu
800 797 .el o
801 798 Under any other conditions, the system default scheduling class is used.
802 799 .RE
800 +.sp
801 +If the \fBFX\fR scheduling class is specified, then the optional
802 +\fBfixed-hi-pri\fR attribute can be set to \fBtrue\fR. This causes all of the
803 +processes in the zone to run at the highest \fBFX\fR priority. By default
804 +processes under \fBFX\fR run at the lowest priority. See \fBpriocntl\fR(2)
805 +for details on each scheduling class.
803 806 .RE
804 807
805 808
806 -
807 809 .sp
808 810 .ne 2
809 811 .na
810 812 \fB\fBdedicated-cpu\fR: ncpus, importance\fR
811 813 .ad
812 814 .sp .6
813 815 .RS 4n
814 816 The number of CPUs that should be assigned for this zone's exclusive use. The
815 817 zone will create a pool and processor set when it boots. See \fBpooladm\fR(1M)
816 818 and \fBpoolcfg\fR(1M) for more information on resource pools. The \fBncpu\fR
817 819 property can specify a single value or a range (for example, 1-4) of
818 820 processors. The \fBimportance\fR property is optional; if set, it will specify
819 821 the \fBpset.importance\fR value for use by \fBpoold\fR(1M). If this resource is
820 822 used, there must be enough free processors to allocate to this zone when it
821 823 boots or the zone will not boot. The processors assigned to this zone will not
822 824 be available for the use of the global zone or other zones. This resource is
823 825 incompatible with both the \fBpool\fR and \fBcpu-shares\fR properties. Only a
824 826 single instance of this resource can be added to the zone.
825 827 .RE
826 828
827 829 .sp
828 830 .ne 2
829 831 .na
830 832 \fB\fBcapped-memory\fR: physical, swap, locked\fR
831 833 .ad
832 834 .sp .6
833 835 .RS 4n
834 836 The caps on the memory that can be used by this zone. A scale (K, M, G, T) can
835 837 be applied to the value for each of these numbers (for example, 1M is one
836 838 megabyte). Each of these properties is optional but at least one property must
837 839 be set when adding this resource. Only a single instance of this resource can
838 840 be added to the zone. The \fBphysical\fR property sets the \fBmax-rss\fR for
839 841 this zone. This will be enforced by \fBrcapd\fR(1M) running in the global zone.
840 842 The \fBswap\fR property is the preferred way to set the \fBzone.max-swap\fR
841 843 rctl. The \fBlocked\fR property is the preferred way to set the
842 844 \fBzone.max-locked-memory\fR rctl.
843 845 .RE
844 846
845 847 .sp
846 848 .ne 2
847 849 .na
848 850 \fB\fBcapped-cpu\fR: ncpus\fR
849 851 .ad
850 852 .sp .6
851 853 .RS 4n
852 854 Sets a limit on the amount of CPU time that can be used by a zone. The unit
853 855 used translates to the percentage of a single CPU that can be used by all user
854 856 threads in a zone, expressed as a fraction (for example, \fB\&.75\fR) or a
855 857 mixed number (whole number and fraction, for example, \fB1.25\fR). An
856 858 \fBncpu\fR value of \fB1\fR means 100% of a CPU, a value of \fB1.25\fR means
857 859 125%, \fB\&.75\fR mean 75%, and so forth. When projects within a capped zone
858 860 have their own caps, the minimum value takes precedence.
859 861 .sp
860 862 The \fBcapped-cpu\fR property is an alias for \fBzone.cpu-cap\fR resource
861 863 control and is related to the \fBzone.cpu-cap\fR resource control. See
862 864 \fBresource_controls\fR(5).
863 865 .RE
864 866
865 867 .sp
866 868 .ne 2
867 869 .na
868 870 \fBglobal: \fBfs-allowed\fR\fR
869 871 .ad
870 872 .sp .6
871 873 .RS 4n
872 874 A comma-separated list of additional filesystems that may be mounted within
873 875 the zone; for example "ufs,pcfs". By default, only hsfs(7fs) and network
874 876 filesystems can be mounted. If the first entry in the list is "-" then
875 877 that disables all of the default filesystems. If any filesystems are listed
876 878 after "-" then only those filesystems can be mounted.
877 879
878 880 This property does not apply to filesystems mounted into the zone via "add fs"
879 881 or "add dataset".
880 882
881 883 WARNING: allowing filesystem mounts other than the default may allow the zone
882 884 administrator to compromise the system with a malicious filesystem image, and
883 885 is not supported.
884 886 .RE
885 887
886 888 .sp
887 889 .LP
888 890 The following table summarizes resources, property-names, and types:
889 891 .sp
890 892 .in +2
891 893 .nf
892 894 resource property-name type
893 895 (global) zonename simple
894 896 (global) zonepath simple
895 897 (global) autoboot simple
896 898 (global) bootargs simple
897 899 (global) pool simple
898 900 (global) limitpriv simple
899 901 (global) brand simple
900 902 (global) ip-type simple
901 903 (global) hostid simple
902 904 (global) cpu-shares simple
903 905 (global) max-lwps simple
904 906 (global) max-msg-ids simple
905 907 (global) max-sem-ids simple
906 908 (global) max-shm-ids simple
907 909 (global) max-shm-memory simple
908 910 (global) scheduling-class simple
909 911 fs dir simple
910 912 special simple
911 913 raw simple
912 914 type simple
913 915 options list of simple
914 916 net address simple
915 917 physical simple
916 918 device match simple
917 919 rctl name simple
918 920 value list of complex
919 921 attr name simple
920 922 type simple
921 923 value simple
922 924 dataset name simple
923 925 dedicated-cpu ncpus simple or range
924 926 importance simple
925 927
926 928 capped-memory physical simple with scale
927 929 swap simple with scale
928 930 locked simple with scale
929 931
930 932 capped-cpu ncpus simple
931 933 .fi
932 934 .in -2
933 935 .sp
934 936
935 937 .sp
936 938 .LP
|
↓ open down ↓ |
120 lines elided |
↑ open up ↑ |
937 939 To further specify things, the breakdown of the complex property "value" of the
938 940 "rctl" resource type, it consists of three name/value pairs, the names being
939 941 "priv", "limit" and "action", each of which takes a simple value. The "name"
940 942 property of an "attr" resource is syntactically restricted in a fashion similar
941 943 but not identical to zone names: it must begin with an alphanumeric, and can
942 944 contain alphanumerics plus the hyphen (\fB-\fR), underscore (\fB_\fR), and dot
943 945 (\fB\&.\fR) characters. Attribute names beginning with "zone" are reserved for
944 946 use by the system. Finally, the "autoboot" global property must have a value of
945 947 "true" or "false".
946 948 .SS "Using Kernel Statistics to Monitor CPU Caps"
947 -.sp
948 949 .LP
949 950 Using the kernel statistics (\fBkstat\fR(3KSTAT)) module \fBcaps\fR, the system
950 951 maintains information for all capped projects and zones. You can access this
951 952 information by reading kernel statistics (\fBkstat\fR(3KSTAT)), specifying
952 953 \fBcaps\fR as the \fBkstat\fR module name. The following command displays
953 954 kernel statistics for all active CPU caps:
954 955 .sp
955 956 .in +2
956 957 .nf
957 958 # \fBkstat caps::'/cpucaps/'\fR
958 959 .fi
959 960 .in -2
960 961 .sp
961 962
962 963 .sp
963 964 .LP
964 965 A \fBkstat\fR(1M) command running in a zone displays only CPU caps relevant for
965 966 that zone and for projects in that zone. See \fBEXAMPLES\fR.
966 967 .sp
967 968 .LP
968 969 The following are cap-related arguments for use with \fBkstat\fR(1M):
969 970 .sp
970 971 .ne 2
971 972 .na
972 973 \fB\fBcaps\fR\fR
973 974 .ad
974 975 .sp .6
975 976 .RS 4n
976 977 The \fBkstat\fR module.
977 978 .RE
978 979
979 980 .sp
980 981 .ne 2
981 982 .na
982 983 \fB\fBproject_caps\fR or \fBzone_caps\fR\fR
983 984 .ad
984 985 .sp .6
985 986 .RS 4n
986 987 \fBkstat\fR class, for use with the \fBkstat\fR \fB-c\fR option.
987 988 .RE
988 989
989 990 .sp
990 991 .ne 2
991 992 .na
992 993 \fB\fBcpucaps_project_\fR\fIid\fR or \fBcpucaps_zone_\fR\fIid\fR\fR
993 994 .ad
994 995 .sp .6
995 996 .RS 4n
996 997 \fBkstat\fR name, for use with the \fBkstat\fR \fB-n\fR option. \fIid\fR is the
997 998 project or zone identifier.
998 999 .RE
999 1000
1000 1001 .sp
1001 1002 .LP
1002 1003 The following fields are displayed in response to a \fBkstat\fR(1M) command
1003 1004 requesting statistics for all CPU caps.
1004 1005 .sp
1005 1006 .ne 2
1006 1007 .na
1007 1008 \fB\fBmodule\fR\fR
1008 1009 .ad
1009 1010 .sp .6
1010 1011 .RS 4n
1011 1012 In this usage of \fBkstat\fR, this field will have the value \fBcaps\fR.
1012 1013 .RE
1013 1014
1014 1015 .sp
1015 1016 .ne 2
1016 1017 .na
1017 1018 \fB\fBname\fR\fR
1018 1019 .ad
1019 1020 .sp .6
1020 1021 .RS 4n
1021 1022 As described above, \fBcpucaps_project_\fR\fIid\fR or
1022 1023 \fBcpucaps_zone_\fR\fIid\fR
1023 1024 .RE
1024 1025
1025 1026 .sp
1026 1027 .ne 2
1027 1028 .na
1028 1029 \fB\fBabove_sec\fR\fR
1029 1030 .ad
1030 1031 .sp .6
1031 1032 .RS 4n
1032 1033 Total time, in seconds, spent above the cap.
1033 1034 .RE
1034 1035
1035 1036 .sp
1036 1037 .ne 2
1037 1038 .na
1038 1039 \fB\fBbelow_sec\fR\fR
1039 1040 .ad
1040 1041 .sp .6
1041 1042 .RS 4n
1042 1043 Total time, in seconds, spent below the cap.
1043 1044 .RE
1044 1045
1045 1046 .sp
1046 1047 .ne 2
1047 1048 .na
1048 1049 \fB\fBmaxusage\fR\fR
1049 1050 .ad
1050 1051 .sp .6
1051 1052 .RS 4n
1052 1053 Maximum observed CPU usage.
1053 1054 .RE
1054 1055
1055 1056 .sp
1056 1057 .ne 2
1057 1058 .na
1058 1059 \fB\fBnwait\fR\fR
1059 1060 .ad
1060 1061 .sp .6
1061 1062 .RS 4n
1062 1063 Number of threads on cap wait queue.
1063 1064 .RE
1064 1065
1065 1066 .sp
1066 1067 .ne 2
1067 1068 .na
1068 1069 \fB\fBusage\fR\fR
1069 1070 .ad
1070 1071 .sp .6
1071 1072 .RS 4n
1072 1073 Current aggregated CPU usage for all threads belonging to a capped project or
1073 1074 zone, in terms of a percentage of a single CPU.
1074 1075 .RE
1075 1076
1076 1077 .sp
1077 1078 .ne 2
1078 1079 .na
1079 1080 \fB\fBvalue\fR\fR
1080 1081 .ad
1081 1082 .sp .6
1082 1083 .RS 4n
1083 1084 The cap value, in terms of a percentage of a single CPU.
1084 1085 .RE
1085 1086
1086 1087 .sp
1087 1088 .ne 2
1088 1089 .na
1089 1090 \fB\fBzonename\fR\fR
|
↓ open down ↓ |
132 lines elided |
↑ open up ↑ |
1090 1091 .ad
1091 1092 .sp .6
1092 1093 .RS 4n
1093 1094 Name of the zone for which statistics are displayed.
1094 1095 .RE
1095 1096
1096 1097 .sp
1097 1098 .LP
1098 1099 See \fBEXAMPLES\fR for sample output from a \fBkstat\fR command.
1099 1100 .SH OPTIONS
1100 -.sp
1101 1101 .LP
1102 1102 The following options are supported:
1103 1103 .sp
1104 1104 .ne 2
1105 1105 .na
1106 1106 \fB\fB-f\fR \fIcommand_file\fR\fR
1107 1107 .ad
1108 1108 .sp .6
1109 1109 .RS 4n
1110 1110 Specify the name of \fBzonecfg\fR command file. \fIcommand_file\fR is a text
1111 1111 file of \fBzonecfg\fR subcommands, one per line.
1112 1112 .RE
1113 1113
1114 1114 .sp
1115 1115 .ne 2
1116 1116 .na
1117 1117 \fB\fB-z\fR \fIzonename\fR\fR
1118 1118 .ad
|
↓ open down ↓ |
8 lines elided |
↑ open up ↑ |
1119 1119 .sp .6
1120 1120 .RS 4n
1121 1121 Specify the name of a zone. Zone names are case sensitive. Zone names must
1122 1122 begin with an alphanumeric character and can contain alphanumeric characters,
1123 1123 the underscore (\fB_\fR) the hyphen (\fB-\fR), and the dot (\fB\&.\fR). The
1124 1124 name \fBglobal\fR and all names beginning with \fBSUNW\fR are reserved and
1125 1125 cannot be used.
1126 1126 .RE
1127 1127
1128 1128 .SH SUBCOMMANDS
1129 -.sp
1130 1129 .LP
1131 1130 You can use the \fBadd\fR and \fBselect\fR subcommands to select a specific
1132 1131 resource, at which point the scope changes to that resource. The \fBend\fR and
1133 1132 \fBcancel\fR subcommands are used to complete the resource specification, at
1134 1133 which time the scope is reverted back to global. Certain subcommands, such as
1135 1134 \fBadd\fR, \fBremove\fR and \fBset\fR, have different semantics in each scope.
1136 1135 .sp
1137 1136 .LP
1138 1137 \fBzonecfg\fR supports a semicolon-separated list of subcommands. For example:
1139 1138 .sp
1140 1139 .in +2
1141 1140 .nf
1142 1141 # \fBzonecfg -z myzone "add net; set physical=myvnic; end"\fR
1143 1142 .fi
1144 1143 .in -2
1145 1144 .sp
1146 1145
1147 1146 .sp
1148 1147 .LP
1149 1148 Subcommands which can result in destructive actions or loss of work have an
1150 1149 \fB-F\fR option to force the action. If input is from a terminal device, the
1151 1150 user is prompted when appropriate if such a command is given without the
1152 1151 \fB-F\fR option otherwise, if such a command is given without the \fB-F\fR
1153 1152 option, the action is disallowed, with a diagnostic message written to standard
1154 1153 error.
1155 1154 .sp
1156 1155 .LP
1157 1156 The following subcommands are supported:
1158 1157 .sp
1159 1158 .ne 2
1160 1159 .na
1161 1160 \fB\fBadd\fR \fIresource-type\fR (global scope)\fR
1162 1161 .ad
1163 1162 .br
1164 1163 .na
1165 1164 \fB\fBadd\fR \fIproperty-name property-value\fR (resource scope)\fR
1166 1165 .ad
1167 1166 .sp .6
1168 1167 .RS 4n
1169 1168 In the global scope, begin the specification for a given resource type. The
1170 1169 scope is changed to that resource type.
1171 1170 .sp
1172 1171 In the resource scope, add a property of the given name with the given value.
1173 1172 The syntax for property values varies with different property types. In
1174 1173 general, it is a simple value or a list of simple values enclosed in square
1175 1174 brackets, separated by commas (\fB[foo,bar,baz]\fR). See \fBPROPERTIES\fR.
1176 1175 .RE
1177 1176
1178 1177 .sp
1179 1178 .ne 2
1180 1179 .na
1181 1180 \fB\fBcancel\fR\fR
1182 1181 .ad
1183 1182 .sp .6
1184 1183 .RS 4n
1185 1184 End the resource specification and reset scope to global. Abandons any
1186 1185 partially specified resources. \fBcancel\fR is only applicable in the resource
1187 1186 scope.
1188 1187 .RE
1189 1188
1190 1189 .sp
1191 1190 .ne 2
1192 1191 .na
1193 1192 \fB\fBclear\fR \fIproperty-name\fR\fR
1194 1193 .ad
1195 1194 .sp .6
1196 1195 .RS 4n
1197 1196 Clear the value for the property.
1198 1197 .RE
1199 1198
1200 1199 .sp
1201 1200 .ne 2
1202 1201 .na
1203 1202 \fB\fBcommit\fR\fR
1204 1203 .ad
1205 1204 .sp .6
1206 1205 .RS 4n
1207 1206 Commit the current configuration from memory to stable storage. The
1208 1207 configuration must be committed to be used by \fBzoneadm\fR. Until the
1209 1208 in-memory configuration is committed, you can remove changes with the
1210 1209 \fBrevert\fR subcommand. The \fBcommit\fR operation is attempted automatically
1211 1210 upon completion of a \fBzonecfg\fR session. Since a configuration must be
1212 1211 correct to be committed, this operation automatically does a verify.
1213 1212 .RE
1214 1213
1215 1214 .sp
1216 1215 .ne 2
1217 1216 .na
1218 1217 \fB\fBcreate [\fR\fB-F\fR\fB] [\fR \fB-a\fR \fIpath\fR |\fB-b\fR \fB|\fR
1219 1218 \fB-t\fR \fItemplate\fR\fB]\fR\fR
1220 1219 .ad
1221 1220 .sp .6
1222 1221 .RS 4n
1223 1222 Create an in-memory configuration for the specified zone. Use \fBcreate\fR to
1224 1223 begin to configure a new zone. See \fBcommit\fR for saving this to stable
1225 1224 storage.
1226 1225 .sp
1227 1226 If you are overwriting an existing configuration, specify the \fB-F\fR option
1228 1227 to force the action. Specify the \fB-t\fR \fItemplate\fR option to create a
1229 1228 configuration identical to \fItemplate\fR, where \fItemplate\fR is the name of
1230 1229 a configured zone.
1231 1230 .sp
1232 1231 Use the \fB-a\fR \fIpath\fR option to facilitate configuring a detached zone on
1233 1232 a new host. The \fIpath\fR parameter is the zonepath location of a detached
1234 1233 zone that has been moved on to this new host. Once the detached zone is
1235 1234 configured, it should be installed using the "\fBzoneadm attach\fR" command
1236 1235 (see \fBzoneadm\fR(1M)). All validation of the new zone happens during the
1237 1236 \fBattach\fR process, not during zone configuration.
1238 1237 .sp
1239 1238 Use the \fB-b\fR option to create a blank configuration. Without arguments,
1240 1239 \fBcreate\fR applies the Sun default settings.
1241 1240 .RE
1242 1241
1243 1242 .sp
1244 1243 .ne 2
1245 1244 .na
1246 1245 \fB\fBdelete [\fR\fB-F\fR\fB]\fR\fR
1247 1246 .ad
1248 1247 .sp .6
1249 1248 .RS 4n
1250 1249 Delete the specified configuration from memory and stable storage. This action
1251 1250 is instantaneous, no commit is necessary. A deleted configuration cannot be
1252 1251 reverted.
1253 1252 .sp
1254 1253 Specify the \fB-F\fR option to force the action.
1255 1254 .RE
1256 1255
1257 1256 .sp
1258 1257 .ne 2
1259 1258 .na
1260 1259 \fB\fBend\fR\fR
1261 1260 .ad
1262 1261 .sp .6
1263 1262 .RS 4n
1264 1263 End the resource specification. This subcommand is only applicable in the
1265 1264 resource scope. \fBzonecfg\fR checks to make sure the current resource is
1266 1265 completely specified. If so, it is added to the in-memory configuration (see
1267 1266 \fBcommit\fR for saving this to stable storage) and the scope reverts to
1268 1267 global. If the specification is incomplete, it issues an appropriate error
1269 1268 message.
1270 1269 .RE
1271 1270
1272 1271 .sp
1273 1272 .ne 2
1274 1273 .na
1275 1274 \fB\fBexport [\fR\fB-f\fR \fIoutput-file\fR\fB]\fR\fR
1276 1275 .ad
1277 1276 .sp .6
1278 1277 .RS 4n
1279 1278 Print configuration to standard output. Use the \fB-f\fR option to print the
1280 1279 configuration to \fIoutput-file\fR. This option produces output in a form
1281 1280 suitable for use in a command file.
1282 1281 .RE
1283 1282
1284 1283 .sp
1285 1284 .ne 2
1286 1285 .na
1287 1286 \fB\fBhelp [usage] [\fIsubcommand\fR] [syntax] [\fR\fIcommand-name\fR\fB]\fR\fR
1288 1287 .ad
1289 1288 .sp .6
1290 1289 .RS 4n
1291 1290 Print general help or help about given topic.
1292 1291 .RE
1293 1292
1294 1293 .sp
1295 1294 .ne 2
1296 1295 .na
1297 1296 \fB\fBinfo zonename | zonepath | autoboot | brand | pool | limitpriv\fR\fR
1298 1297 .ad
1299 1298 .br
1300 1299 .na
1301 1300 \fB\fBinfo [\fR\fIresource-type\fR
1302 1301 \fB[\fR\fIproperty-name\fR\fB=\fR\fIproperty-value\fR\fB]*]\fR\fR
1303 1302 .ad
1304 1303 .sp .6
1305 1304 .RS 4n
1306 1305 Display information about the current configuration. If \fIresource-type\fR is
1307 1306 specified, displays only information about resources of the relevant type. If
1308 1307 any \fIproperty-name\fR value pairs are specified, displays only information
1309 1308 about resources meeting the given criteria. In the resource scope, any
1310 1309 arguments are ignored, and \fBinfo\fR displays information about the resource
1311 1310 which is currently being added or modified.
1312 1311 .RE
1313 1312
1314 1313 .sp
1315 1314 .ne 2
1316 1315 .na
1317 1316 \fB\fBremove\fR \fIresource-type\fR\fB{\fR\fIproperty-name\fR\fB=\fR\fIproperty
1318 1317 -value\fR\fB}\fR(global scope)\fR
1319 1318 .ad
1320 1319 .sp .6
1321 1320 .RS 4n
1322 1321 In the global scope, removes the specified resource. The \fB[]\fR syntax means
1323 1322 0 or more of whatever is inside the square braces. If you want only to remove a
1324 1323 single instance of the resource, you must specify enough property name-value
1325 1324 pairs for the resource to be uniquely identified. If no property name-value
1326 1325 pairs are specified, all instances will be removed. If there is more than one
1327 1326 pair is specified, a confirmation is required, unless you use the \fB-F\fR
1328 1327 option.
1329 1328 .RE
1330 1329
1331 1330 .sp
1332 1331 .ne 2
1333 1332 .na
1334 1333 \fB\fBselect\fR \fIresource-type\fR
1335 1334 \fB{\fR\fIproperty-name\fR\fB=\fR\fIproperty-value\fR\fB}\fR\fR
1336 1335 .ad
1337 1336 .sp .6
1338 1337 .RS 4n
1339 1338 Select the resource of the given type which matches the given
1340 1339 \fIproperty-name\fR \fIproperty-value\fR pair criteria, for modification. This
1341 1340 subcommand is applicable only in the global scope. The scope is changed to that
1342 1341 resource type. The \fB{}\fR syntax means 1 or more of whatever is inside the
1343 1342 curly braces. You must specify enough \fIproperty -name property-value\fR pairs
1344 1343 for the resource to be uniquely identified.
1345 1344 .RE
1346 1345
1347 1346 .sp
1348 1347 .ne 2
1349 1348 .na
1350 1349 \fB\fBset\fR \fIproperty-name\fR\fB=\fR\fIproperty\fR\fB-\fR\fIvalue\fR\fR
1351 1350 .ad
1352 1351 .sp .6
1353 1352 .RS 4n
1354 1353 Set a given property name to the given value. Some properties (for example,
1355 1354 \fBzonename\fR and \fBzonepath\fR) are global while others are
1356 1355 resource-specific. This subcommand is applicable in both the global and
1357 1356 resource scopes.
1358 1357 .RE
1359 1358
1360 1359 .sp
1361 1360 .ne 2
1362 1361 .na
1363 1362 \fB\fBverify\fR\fR
1364 1363 .ad
1365 1364 .sp .6
1366 1365 .RS 4n
1367 1366 Verify the current configuration for correctness:
1368 1367 .RS +4
1369 1368 .TP
1370 1369 .ie t \(bu
1371 1370 .el o
1372 1371 All resources have all of their required properties specified.
1373 1372 .RE
1374 1373 .RS +4
1375 1374 .TP
1376 1375 .ie t \(bu
1377 1376 .el o
1378 1377 A \fBzonepath\fR is specified.
1379 1378 .RE
1380 1379 .RE
1381 1380
1382 1381 .sp
1383 1382 .ne 2
1384 1383 .na
1385 1384 \fB\fBrevert\fR \fB[\fR\fB-F\fR\fB]\fR\fR
1386 1385 .ad
1387 1386 .sp .6
1388 1387 .RS 4n
1389 1388 Revert the configuration back to the last committed state. The \fB-F\fR option
1390 1389 can be used to force the action.
1391 1390 .RE
1392 1391
1393 1392 .sp
1394 1393 .ne 2
1395 1394 .na
1396 1395 \fB\fBexit [\fR\fB-F\fR\fB]\fR\fR
1397 1396 .ad
1398 1397 .sp .6
1399 1398 .RS 4n
1400 1399 Exit the \fBzonecfg\fR session. A commit is automatically attempted if needed.
1401 1400 You can also use an \fBEOF\fR character to exit \fBzonecfg\fR. The \fB-F\fR
1402 1401 option can be used to force the action.
1403 1402 .RE
1404 1403
1405 1404 .SH EXAMPLES
1406 1405 .LP
1407 1406 \fBExample 1 \fRCreating the Environment for a New Zone
1408 1407 .sp
1409 1408 .LP
1410 1409 In the following example, \fBzonecfg\fR creates the environment for a new zone.
1411 1410 \fB/usr/local\fR is loopback mounted from the global zone into
1412 1411 \fB/opt/local\fR. \fB/opt/sfw\fR is loopback mounted from the global zone,
1413 1412 three logical network interfaces are added, and a limit on the number of
1414 1413 fair-share scheduler (FSS) CPU shares for a zone is set using the \fBrctl\fR
1415 1414 resource type. The example also shows how to select a given resource for
1416 1415 modification.
1417 1416
1418 1417 .sp
1419 1418 .in +2
1420 1419 .nf
1421 1420 example# \fBzonecfg -z myzone3\fR
1422 1421 my-zone3: No such zone configured
1423 1422 Use 'create' to begin configuring a new zone.
1424 1423 zonecfg:myzone3> \fBcreate\fR
1425 1424 zonecfg:myzone3> \fBset zonepath=/export/home/my-zone3\fR
1426 1425 zonecfg:myzone3> \fBset autoboot=true\fR
1427 1426 zonecfg:myzone3> \fBadd fs\fR
1428 1427 zonecfg:myzone3:fs> \fBset dir=/usr/local\fR
1429 1428 zonecfg:myzone3:fs> \fBset special=/opt/local\fR
1430 1429 zonecfg:myzone3:fs> \fBset type=lofs\fR
1431 1430 zonecfg:myzone3:fs> \fBadd options [ro,nodevices]\fR
1432 1431 zonecfg:myzone3:fs> \fBend\fR
1433 1432 zonecfg:myzone3> \fBadd fs\fR
1434 1433 zonecfg:myzone3:fs> \fBset dir=/mnt\fR
1435 1434 zonecfg:myzone3:fs> \fBset special=/dev/dsk/c0t0d0s7\fR
1436 1435 zonecfg:myzone3:fs> \fBset raw=/dev/rdsk/c0t0d0s7\fR
1437 1436 zonecfg:myzone3:fs> \fBset type=ufs\fR
1438 1437 zonecfg:myzone3:fs> \fBend\fR
1439 1438 zonecfg:myzone3> \fBadd net\fR
1440 1439 zonecfg:myzone3:net> \fBset address=192.168.0.1/24\fR
1441 1440 zonecfg:myzone3:net> \fBset physical=eri0\fR
1442 1441 zonecfg:myzone3:net> \fBend\fR
1443 1442 zonecfg:myzone3> \fBadd net\fR
1444 1443 zonecfg:myzone3:net> \fBset address=192.168.1.2/24\fR
1445 1444 zonecfg:myzone3:net> \fBset physical=eri0\fR
1446 1445 zonecfg:myzone3:net> \fBend\fR
1447 1446 zonecfg:myzone3> \fBadd net\fR
1448 1447 zonecfg:myzone3:net> \fBset address=192.168.2.3/24\fR
1449 1448 zonecfg:myzone3:net> \fBset physical=eri0\fR
1450 1449 zonecfg:myzone3:net> \fBend\fR
1451 1450 zonecfg:my-zone3> \fBset cpu-shares=5\fR
1452 1451 zonecfg:my-zone3> \fBadd capped-memory\fR
1453 1452 zonecfg:my-zone3:capped-memory> \fBset physical=50m\fR
1454 1453 zonecfg:my-zone3:capped-memory> \fBset swap=100m\fR
1455 1454 zonecfg:my-zone3:capped-memory> \fBend\fR
1456 1455 zonecfg:myzone3> \fBexit\fR
1457 1456 .fi
1458 1457 .in -2
1459 1458 .sp
1460 1459
1461 1460 .LP
1462 1461 \fBExample 2 \fRCreating a Non-Native Zone
1463 1462 .sp
1464 1463 .LP
1465 1464 The following example creates a new Linux zone:
1466 1465
1467 1466 .sp
1468 1467 .in +2
1469 1468 .nf
1470 1469 example# \fBzonecfg -z lxzone\fR
1471 1470 lxzone: No such zone configured
1472 1471 Use 'create' to begin configuring a new zone
1473 1472 zonecfg:lxzone> \fBcreate -t SUNWlx\fR
1474 1473 zonecfg:lxzone> \fBset zonepath=/export/zones/lxzone\fR
1475 1474 zonecfg:lxzone> \fBset autoboot=true\fR
1476 1475 zonecfg:lxzone> \fBexit\fR
1477 1476 .fi
1478 1477 .in -2
1479 1478 .sp
1480 1479
1481 1480 .LP
1482 1481 \fBExample 3 \fRCreating an Exclusive-IP Zone
1483 1482 .sp
1484 1483 .LP
1485 1484 The following example creates a zone that is granted exclusive access to
1486 1485 \fBbge1\fR and \fBbge33000\fR and that is isolated at the IP layer from the
1487 1486 other zones configured on the system.
1488 1487
1489 1488 .sp
1490 1489 .LP
1491 1490 The IP addresses and routing is configured inside the new zone using
1492 1491 \fBsysidtool\fR(1M).
1493 1492
1494 1493 .sp
1495 1494 .in +2
1496 1495 .nf
1497 1496 example# \fBzonecfg -z excl\fR
1498 1497 excl: No such zone configured
1499 1498 Use 'create' to begin configuring a new zone
1500 1499 zonecfg:excl> \fBcreate\fR
1501 1500 zonecfg:excl> \fBset zonepath=/export/zones/excl\fR
1502 1501 zonecfg:excl> \fBset ip-type=exclusive\fR
1503 1502 zonecfg:excl> \fBadd net\fR
1504 1503 zonecfg:excl:net> \fBset physical=bge1\fR
1505 1504 zonecfg:excl:net> \fBend\fR
1506 1505 zonecfg:excl> \fBadd net\fR
1507 1506 zonecfg:excl:net> \fBset physical=bge33000\fR
1508 1507 zonecfg:excl:net> \fBend\fR
1509 1508 zonecfg:excl> \fBexit\fR
1510 1509 .fi
1511 1510 .in -2
1512 1511 .sp
1513 1512
1514 1513 .LP
1515 1514 \fBExample 4 \fRAssociating a Zone with a Resource Pool
1516 1515 .sp
1517 1516 .LP
1518 1517 The following example shows how to associate an existing zone with an existing
1519 1518 resource pool:
1520 1519
1521 1520 .sp
1522 1521 .in +2
1523 1522 .nf
1524 1523 example# \fBzonecfg -z myzone\fR
1525 1524 zonecfg:myzone> \fBset pool=mypool\fR
1526 1525 zonecfg:myzone> \fBexit\fR
1527 1526 .fi
1528 1527 .in -2
1529 1528 .sp
1530 1529
1531 1530 .sp
1532 1531 .LP
1533 1532 For more information about resource pools, see \fBpooladm\fR(1M) and
1534 1533 \fBpoolcfg\fR(1M).
1535 1534
1536 1535 .LP
1537 1536 \fBExample 5 \fRChanging the Name of a Zone
1538 1537 .sp
1539 1538 .LP
1540 1539 The following example shows how to change the name of an existing zone:
1541 1540
1542 1541 .sp
1543 1542 .in +2
1544 1543 .nf
1545 1544 example# \fBzonecfg -z myzone\fR
1546 1545 zonecfg:myzone> \fBset zonename=myzone2\fR
1547 1546 zonecfg:myzone2> \fBexit\fR
1548 1547 .fi
1549 1548 .in -2
1550 1549 .sp
1551 1550
1552 1551 .LP
1553 1552 \fBExample 6 \fRChanging the Privilege Set of a Zone
1554 1553 .sp
1555 1554 .LP
1556 1555 The following example shows how to change the set of privileges an existing
1557 1556 zone's processes will be limited to the next time the zone is booted. In this
1558 1557 particular case, the privilege set will be the standard safe set of privileges
1559 1558 a zone normally has along with the privilege to change the system date and
1560 1559 time:
1561 1560
1562 1561 .sp
1563 1562 .in +2
1564 1563 .nf
1565 1564 example# \fBzonecfg -z myzone\fR
1566 1565 zonecfg:myzone> \fBset limitpriv="default,sys_time"\fR
1567 1566 zonecfg:myzone2> \fBexit\fR
1568 1567 .fi
1569 1568 .in -2
1570 1569 .sp
1571 1570
1572 1571 .LP
1573 1572 \fBExample 7 \fRSetting the \fBzone.cpu-shares\fR Property for the Global Zone
1574 1573 .sp
1575 1574 .LP
1576 1575 The following command sets the \fBzone.cpu-shares\fR property for the global
1577 1576 zone:
1578 1577
1579 1578 .sp
1580 1579 .in +2
1581 1580 .nf
1582 1581 example# \fBzonecfg -z global\fR
1583 1582 zonecfg:global> \fBset cpu-shares=5\fR
1584 1583 zonecfg:global> \fBexit\fR
1585 1584 .fi
1586 1585 .in -2
1587 1586 .sp
1588 1587
1589 1588 .LP
1590 1589 \fBExample 8 \fRUsing Pattern Matching
1591 1590 .sp
1592 1591 .LP
1593 1592 The following commands illustrate \fBzonecfg\fR support for pattern matching.
1594 1593 In the zone \fBflexlm\fR, enter:
1595 1594
1596 1595 .sp
1597 1596 .in +2
1598 1597 .nf
1599 1598 zonecfg:flexlm> \fBadd device\fR
1600 1599 zonecfg:flexlm:device> \fBset match="/dev/cua/a00[2-5]"\fR
1601 1600 zonecfg:flexlm:device> \fBend\fR
1602 1601 .fi
1603 1602 .in -2
1604 1603 .sp
1605 1604
1606 1605 .sp
1607 1606 .LP
1608 1607 In the global zone, enter:
1609 1608
1610 1609 .sp
1611 1610 .in +2
1612 1611 .nf
1613 1612 global# \fBls /dev/cua\fR
1614 1613 a a000 a001 a002 a003 a004 a005 a006 a007 b
1615 1614 .fi
1616 1615 .in -2
1617 1616 .sp
1618 1617
1619 1618 .sp
1620 1619 .LP
1621 1620 In the zone \fBflexlm\fR, enter:
1622 1621
1623 1622 .sp
1624 1623 .in +2
1625 1624 .nf
1626 1625 flexlm# \fBls /dev/cua\fR
1627 1626 a002 a003 a004 a005
1628 1627 .fi
1629 1628 .in -2
1630 1629 .sp
1631 1630
1632 1631 .LP
1633 1632 \fBExample 9 \fRSetting a Cap for a Zone to Three CPUs
1634 1633 .sp
1635 1634 .LP
1636 1635 The following sequence uses the \fBzonecfg\fR command to set the CPU cap for a
1637 1636 zone to three CPUs.
1638 1637
1639 1638 .sp
1640 1639 .in +2
1641 1640 .nf
1642 1641 zonecfg:myzone> \fBadd capped-cpu\fR
1643 1642 zonecfg:myzone>capped-cpu> \fBset ncpus=3\fR
1644 1643 zonecfg:myzone>capped-cpu>capped-cpu> \fBend\fR
1645 1644 .fi
1646 1645 .in -2
1647 1646 .sp
1648 1647
1649 1648 .sp
1650 1649 .LP
1651 1650 The preceding sequence, which uses the capped-cpu property, is equivalent to
1652 1651 the following sequence, which makes use of the \fBzone.cpu-cap\fR resource
1653 1652 control.
1654 1653
1655 1654 .sp
1656 1655 .in +2
1657 1656 .nf
1658 1657 zonecfg:myzone> \fBadd rctl\fR
1659 1658 zonecfg:myzone:rctl> \fBset name=zone.cpu-cap\fR
1660 1659 zonecfg:myzone:rctl> \fBadd value (priv=privileged,limit=300,action=none)\fR
1661 1660 zonecfg:myzone:rctl> \fBend\fR
1662 1661 .fi
1663 1662 .in -2
1664 1663 .sp
1665 1664
1666 1665 .LP
1667 1666 \fBExample 10 \fRUsing \fBkstat\fR to Monitor CPU Caps
1668 1667 .sp
1669 1668 .LP
1670 1669 The following command displays information about all CPU caps.
1671 1670
1672 1671 .sp
1673 1672 .in +2
1674 1673 .nf
1675 1674 # \fBkstat -n /cpucaps/\fR
1676 1675 module: caps instance: 0
1677 1676 name: cpucaps_project_0 class: project_caps
1678 1677 above_sec 0
1679 1678 below_sec 2157
1680 1679 crtime 821.048183159
1681 1680 maxusage 2
1682 1681 nwait 0
1683 1682 snaptime 235885.637253027
1684 1683 usage 0
1685 1684 value 18446743151372347932
1686 1685 zonename global
1687 1686
1688 1687 module: caps instance: 0
1689 1688 name: cpucaps_project_1 class: project_caps
1690 1689 above_sec 0
1691 1690 below_sec 0
1692 1691 crtime 225339.192787265
1693 1692 maxusage 5
1694 1693 nwait 0
1695 1694 snaptime 235885.637591677
1696 1695 usage 5
1697 1696 value 18446743151372347932
1698 1697 zonename global
1699 1698
1700 1699 module: caps instance: 0
1701 1700 name: cpucaps_project_201 class: project_caps
1702 1701 above_sec 0
1703 1702 below_sec 235105
1704 1703 crtime 780.37961782
1705 1704 maxusage 100
1706 1705 nwait 0
1707 1706 snaptime 235885.637789687
1708 1707 usage 43
1709 1708 value 100
1710 1709 zonename global
1711 1710
1712 1711 module: caps instance: 0
1713 1712 name: cpucaps_project_202 class: project_caps
1714 1713 above_sec 0
1715 1714 below_sec 235094
1716 1715 crtime 791.72983782
1717 1716 maxusage 100
1718 1717 nwait 0
1719 1718 snaptime 235885.637967512
1720 1719 usage 48
1721 1720 value 100
1722 1721 zonename global
1723 1722
1724 1723 module: caps instance: 0
1725 1724 name: cpucaps_project_203 class: project_caps
1726 1725 above_sec 0
1727 1726 below_sec 235034
1728 1727 crtime 852.104401481
1729 1728 maxusage 75
1730 1729 nwait 0
1731 1730 snaptime 235885.638144304
1732 1731 usage 47
1733 1732 value 100
1734 1733 zonename global
1735 1734
1736 1735 module: caps instance: 0
1737 1736 name: cpucaps_project_86710 class: project_caps
1738 1737 above_sec 22
1739 1738 below_sec 235166
1740 1739 crtime 698.441717859
1741 1740 maxusage 101
1742 1741 nwait 0
1743 1742 snaptime 235885.638319871
1744 1743 usage 54
1745 1744 value 100
1746 1745 zonename global
1747 1746
1748 1747 module: caps instance: 0
1749 1748 name: cpucaps_zone_0 class: zone_caps
1750 1749 above_sec 100733
1751 1750 below_sec 134332
1752 1751 crtime 821.048177123
1753 1752 maxusage 207
1754 1753 nwait 2
1755 1754 snaptime 235885.638497731
1756 1755 usage 199
1757 1756 value 200
1758 1757 zonename global
1759 1758
1760 1759 module: caps instance: 1
1761 1760 name: cpucaps_project_0 class: project_caps
1762 1761 above_sec 0
1763 1762 below_sec 0
1764 1763 crtime 225360.256448422
1765 1764 maxusage 7
1766 1765 nwait 0
1767 1766 snaptime 235885.638714404
1768 1767 usage 7
1769 1768 value 18446743151372347932
1770 1769 zonename test_001
1771 1770
1772 1771 module: caps instance: 1
1773 1772 name: cpucaps_zone_1 class: zone_caps
1774 1773 above_sec 2
1775 1774 below_sec 10524
1776 1775 crtime 225360.256440278
1777 1776 maxusage 106
1778 1777 nwait 0
1779 1778 snaptime 235885.638896443
1780 1779 usage 7
1781 1780 value 100
1782 1781 zonename test_001
1783 1782 .fi
1784 1783 .in -2
1785 1784 .sp
1786 1785
1787 1786 .LP
1788 1787 \fBExample 11 \fRDisplaying CPU Caps for a Specific Zone or Project
1789 1788 .sp
1790 1789 .LP
1791 1790 Using the \fBkstat\fR \fB-c\fR and \fB-i\fR options, you can display CPU caps
1792 1791 for a specific zone or project, as below. The first command produces a display
1793 1792 for a specific project, the second for the same project within zone 1.
1794 1793
1795 1794 .sp
|
↓ open down ↓ |
656 lines elided |
↑ open up ↑ |
1796 1795 .in +2
1797 1796 .nf
1798 1797 # \fBkstat -c project_caps\fR
1799 1798
1800 1799 # \fBkstat -c project_caps -i 1\fR
1801 1800 .fi
1802 1801 .in -2
1803 1802 .sp
1804 1803
1805 1804 .SH EXIT STATUS
1806 -.sp
1807 1805 .LP
1808 1806 The following exit values are returned:
1809 1807 .sp
1810 1808 .ne 2
1811 1809 .na
1812 1810 \fB\fB0\fR\fR
1813 1811 .ad
1814 1812 .sp .6
1815 1813 .RS 4n
1816 1814 Successful completion.
1817 1815 .RE
1818 1816
1819 1817 .sp
1820 1818 .ne 2
1821 1819 .na
1822 1820 \fB\fB1\fR\fR
1823 1821 .ad
1824 1822 .sp .6
1825 1823 .RS 4n
1826 1824 An error occurred.
1827 1825 .RE
1828 1826
1829 1827 .sp
|
↓ open down ↓ |
13 lines elided |
↑ open up ↑ |
1830 1828 .ne 2
1831 1829 .na
1832 1830 \fB\fB2\fR\fR
1833 1831 .ad
1834 1832 .sp .6
1835 1833 .RS 4n
1836 1834 Invalid usage.
1837 1835 .RE
1838 1836
1839 1837 .SH ATTRIBUTES
1840 -.sp
1841 1838 .LP
1842 1839 See \fBattributes\fR(5) for descriptions of the following attributes:
1843 1840 .sp
1844 1841
1845 1842 .sp
1846 1843 .TS
1847 1844 box;
1848 1845 c | c
1849 1846 l | l .
1850 1847 ATTRIBUTE TYPE ATTRIBUTE VALUE
1851 1848 _
1852 1849 Interface Stability Volatile
1853 1850 .TE
1854 1851
1855 1852 .SH SEE ALSO
1856 -.sp
1857 1853 .LP
1858 1854 \fBppriv\fR(1), \fBprctl\fR(1), \fBzlogin\fR(1), \fBkstat\fR(1M),
1859 1855 \fBmount\fR(1M), \fBpooladm\fR(1M), \fBpoolcfg\fR(1M), \fBpoold\fR(1M),
1860 1856 \fBrcapd\fR(1M), \fBrctladm\fR(1M), \fBsvcadm\fR(1M), \fBsysidtool\fR(1M),
1861 -\fBzfs\fR(1M), \fBzoneadm\fR(1M), \fBpriv_str_to_set\fR(3C),
1857 +\fBzfs\fR(1M), \fBzoneadm\fR(1M), \fBpriocntl\fR(2), \fBpriv_str_to_set\fR(3C),
1862 1858 \fBkstat\fR(3KSTAT), \fBvfstab\fR(4), \fBattributes\fR(5), \fBbrands\fR(5),
1863 1859 \fBfnmatch\fR(5), \fBlx\fR(5), \fBprivileges\fR(5), \fBresource_controls\fR(5),
1864 1860 \fBzones\fR(5)
1865 1861 .sp
1866 1862 .LP
1867 1863 \fISystem Administration Guide: Solaris Containers-Resource Management, and
1868 1864 Solaris Zones\fR
1869 1865 .SH NOTES
1870 -.sp
1871 1866 .LP
1872 1867 All character data used by \fBzonecfg\fR must be in US-ASCII encoding.
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX