Create a gist now

Instantly share code, notes, and snippets.

@hoanga /setup-zone-exclusive.sh
Created Jun 2, 2009

What would you like to do?
Download ZIP
Raw
setup-zone-exclusive.sh
#!/bin/sh
# Program Name: setup-zone-exclusive.sh
# Author: Alain Hoang
# Purpose: Wrapper around setting up an ipkg branded zone with
# an exclusive interface
# Notes: If you want DHCP you will need the script from the following URL
# http://www.linuxtopia.org/online_books/opensolaris_2008/SYSADV3/html/extkj.html
# Copy that to dhcp-client-event.sh
#
# Copyright (c) 2009, Alain Hoang
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to deal
# in the Software without restriction, including without limitation the rights
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
# copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
#
# The above copyright notice and this permission notice shall be included in
# all copies or substantial portions of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
# THE SOFTWARE.
################################################
# Change the following to match what is needed
################################################
REAL_IF="bnx0"
TEMPLATE_ZONE="barebones"
################################################
# Do not modify below
################################################
if test $# -lt 2
then
echo "Usage: $0 <new zone name> <network interface>"
exit 1
fi
# Get command line args
NEW_ZONE_NAME=$1
NET_IF=$2
# Verify we can only run as root
ROOT_USER=0
REAL_USER=`id -u`
if test ${ROOT_USER} -ne ${REAL_USER}
then
echo "This must be run as root. Exiting..."
exit 2
fi
# Check to see if the zone name has already been taken
zone_prov=`zoneadm list -c | grep -c ${NEW_ZONE_NAME}`
if test ${zone_prov} -gt 0
then
echo "Zone ${NEW_ZONE_NAME} seems to be already configured"
echo "Delete ${NEW_ZONE_NAME} [y/N]?"
read answer
case ${answer} in
y|Y*)
zonecfg -z ${NEW_ZONE_NAME} delete -F
;;
*)
echo "Zone already configured. Exiting..."
exit 3
;;
esac
fi
# Test the virtual nic nam
vnic_on=`dladm show-link | grep -c ${NET_IF}`
vnic_check=`dladm show-vnic | sed -e '1d' | awk ' { print $1 } '`
if test ${vnic_on} -lt 1
then
# Ask to create a virtual nic if it is not configured
#
# TODO: Ask user which physical interface to bind to
echo "Network interface ${NET_IF} does not seem exist"
echo "Create it [y/N]?"
read answer
case ${answer} in
y|Y*)
dladm create-vnic -l ${REAL_IF} ${NET_IF}
if test $? -ne 0
then
echo "Create vnic operation failed! Exiting"
exit 5
fi
;;
*)
echo "Network interface does not seem to exist"
exit 4
;;
esac
else
# Check if the virtual nic is already in use by another zone
# and do nothing if so
no_zone='--'
zone_for_netif=`dladm show-linkprop ${NET_IF} | grep zone | awk ' { print $4 } '`
if test ${zone_for_netif} != ${no_zone}
then
echo "${NET_IF} is in use by ${zone_for_netif}. Choose another interface"
exit 5
fi
fi
cat > ${NEW_ZONE_NAME}.zonecfg <<ZONECFG_FILE
create -b
set zonepath=/zones/${NEW_ZONE_NAME}
set brand=ipkg
set autoboot=false
set ip-type=exclusive
add net
set physical=${NET_IF}
end
ZONECFG_FILE
cat > ${NEW_ZONE_NAME}.sysidcfg <<SYSIDCFG_FILE
system_locale=C
terminal=xterms
network_interface=primary {
dhcp protocol_ipv6=yes
}
security_policy=NONE
timezone=Japan
SYSIDCFG_FILE
echo "============================"
echo "Configuring ${NEW_ZONE_NAME}..."
pfexec zonecfg -z ${NEW_ZONE_NAME} -f ${NEW_ZONE_NAME}.zonecfg
echo ""
echo "============================"
echo "Configuration for ${NEW_ZONE_NAME} is..."
pfexec zonecfg -z ${NEW_ZONE_NAME} export
echo ""
echo "============================"
echo "Cloning ${NEW_ZONE_NAME} from ${TEMPLATE_ZONE}..."
pfexec zoneadm -z ${NEW_ZONE_NAME} clone ${TEMPLATE_ZONE}
echo ""
echo "============================"
echo "Detaching ${NEW_ZONE_NAME} to autoconfigure..."
pfexec zoneadm -z ${NEW_ZONE_NAME} detach
echo ""
echo "============================"
echo "Copying ${NEW_ZONE_NAME}.sysidcfg into ${NEW_ZONE_NAME}..."
pfexec cp ${NEW_ZONE_NAME}.sysidcfg /zones/${NEW_ZONE_NAME}/root/etc/sysidcfg
echo ""
echo "============================"
echo "Conriguring root password for ${NEW_ZONE_NAME}..."
pfexec cp /zones/${NEW_ZONE_NAME}/root/etc/shadow /tmp/setupzone.$$
pfexec grep -v root /tmp/setupzone.$$ > /tmp/setupzone2.$$
pfexec echo 'root:$5$EVUu5LA8$jSAMMLX4DJDQ1tMAIoScYJp2f9EdETnxcIXa/BOLL8A:14146::::::' > /tmp/setupzone.$$
pfexec cat /tmp/setupzone2.$$ >> /tmp/setupzone.$$
pfexec mv /tmp/setupzone.$$ /zones/${NEW_ZONE_NAME}/root/etc/shadow
pfexec chmod 0400 /zones/${NEW_ZONE_NAME}/root/etc/shadow
echo ""
echo "============================"
echo "Setting NFSv4 domain for ${NEW_ZONE_NAME}..."
cat /zones/${NEW_ZONE_NAME}/root/etc/default/nfs | sed -e "s/\#NFSMAPID_DOMAIN\=domain/NFSMAPID_DOMAIN=zendo\.bebear\.net/" > /tmp/nfsconfig.$$
pfexec mv /tmp/nfsconfig.$$ /zones/${NEW_ZONE_NAME}/root/etc/default/nfs
pfexec chmod 644 /zones/${NEW_ZONE_NAME}/root/etc/default/nfs
pfexec touch /zones/${NEW_ZONE_NAME}/root/etc/.NFS4inst_state.domain
echo ""
echo "============================"
echo "Removing .UNCONFIGURED for ${NEW_ZONE_NAME}..."
pfexec rm /zones/${NEW_ZONE_NAME}/root/etc/.UNCONFIGURED
echo ""
echo "============================"
echo "Setting up DHCP event hook into ${NEW_ZONE_NAME}..."
pfexec cp dhcp-client-event.sh /zones/${NEW_ZONE_NAME}/root/etc/dhcp/eventhook
pfexec chmod +x /zones/${NEW_ZONE_NAME}/root/etc/dhcp/eventhook
echo ""
echo "============================"
echo "Setting up nsswitch into ${NEW_ZONE_NAME}..."
pfexec cp /zones/${NEW_ZONE_NAME}/root/etc/nsswitch.dns \
/zones/${NEW_ZONE_NAME}/root/etc/nsswitch.conf
echo ""
echo "============================"
echo "Re-attaching ${NEW_ZONE_NAME} to autoconfigure..."
pfexec zoneadm -z ${NEW_ZONE_NAME} attach
echo ""
echo "============================"
echo "Booting ${NEW_ZONE_NAME}..."
pfexec zoneadm -z ${NEW_ZONE_NAME} boot
echo "============================"
echo "sysidconfig on ${NEW_ZONE_NAME}..."
pfexec zlogin ${NEW_ZONE_NAME} sysidconfig
echo "============================"
echo "Plumbing ${NEW_ZONE_NAME}'s interface ..."
pfexec zlogin ${NEW_ZONE_NAME} ifconfig ${NET_IF} plumb
echo "============================"
echo "DHCPing ${NEW_ZONE_NAME}'s interface ..."
pfexec zlogin ${NEW_ZONE_NAME} ifconfig ${NET_IF} auto-dhcp
echo ""
echo "============================"
echo "Showing all configured zones"
zoneadm list -cv
echo ""
echo "============================"
echo "Finish the final setup with"
echo " pfexec zlogin -C ${NEW_ZONE_NAME}"
echo " pfexec zoneadm -z ${NEW_ZONE_NAME} boot"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment