View Source

OS Virtualized Machines, hereafter referred to as Zones, is a lightweight virtualization technology. Zones are fully isolated user-land environments, they do not possess their own kernel and therefore have effectively no performance overhead allowing for bare metal performance. Network and disk virtualization are provided by ZFS and the SmartOS networking stack ("Crossbow"). The result is a virtual environment that in every way acts like a complete environment.

h1. Creating Zones

The process of creating zones is simple:

# Download a Zone Image
# Create a Manifest describing the Zone
# Create the Zone using _vmadm_
# Use the Zone

h3. Obtaining a Zone Image

Zone creation requires an [image|DOC:Managing Images] to use as a template.

To find a zone image, use the command _[imgadm|]_ _avail_. Images with the OS type "smartos" are zone images. The "base" and "base-64" images are minimal images with only a basic 32bit or 64bit [pkgsrc|DOC:Working with Packages] installation and should be considered for building your own custom images.

# imgadm avail name=base-64
163cd9fe-0c90-11e6-bd05-afd50e5961b6 base-64 16.1.0 smartos zone-dataset 2016-04-27
13f711f4-499f-11e6-8ea6-2b9fb858a619 base-64 16.2.0 smartos zone-dataset 2016-07-14
adf9565c-8be6-11e6-a077-57637270218d base-64 16.3.0 smartos zone-dataset 2016-10-06
70e3ae72-96b6-11e6-9056-9737fd4d0764 base-64 16.3.1 smartos zone-dataset 2016-10-20

Import an image by specifying its UUID:

# imgadm import 5c7d0d24-3475-11e5-8e67-27953a8b237e
Importing 5c7d0d24-3475-11e5-8e67-27953a8b237e (base-64@15.2.0) from ""
Gather image 5c7d0d24-3475-11e5-8e67-27953a8b237e ancestry
Must download and install 1 image (127.2 MiB)
Imported image 5c7d0d24-3475-11e5-8e67-27953a8b237e (base-64@15.2.0)

You will referenced this images UUID when you create the zone manifest.

h3. The Zone Manifest

A manifest is a JSON object which describes your zone. There are many options which are fully described in the [vmadm(1m)|] man page. The most important are:

* *brand*: This must be set to "joyent" for Zones
* *image_uuid*: The UUID of the image you are using as a template (images were previously called "datasets")
* *alias*: An arbitrary name displayed in _vmadm list_ output in addition to the UUID
* *hostname*: Hostname that will be set within the zone
* *max_physical_memory*: Amount of RAM (RSS) available to the zone in MB
* *quota*: Amount of disk space in GB
* *resolvers:* DNS nameservers for this zone to use (placed in the zone's /etc/resolv.conf file)
* *nics*: One or more network interfaces attached to this zone

"brand": "joyent",
"image_uuid": "5c7d0d24-3475-11e5-8e67-27953a8b237e",
"alias": "web01",
"hostname": "web01",
"max_physical_memory": 512,
"quota": 20,
"resolvers": ["", ""],
 "nics": [
"nic_tag": "admin",
"ip": "",
"netmask": "",
"gateway": ""

h4. Passing SSH keys to the VM

With some images you won't be able to log in to unless you pass an SSH public key to validate your connection with. Adjust your config to contain a customer_metadata block:

"customer_metadata": {
"root_authorized_keys": "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA8aQRt2JAgq6jpQOT5nukO8gI0Vst+EmBtwBz6gnRjQ4Jw8pERLlMAsa7jxmr5yzRA7Ji8M/kxGLbMHJnINdw/TBP1mCBJ49TjDpobzztGO9icro3337oyvXo5unyPTXIv5pal4hfvl6oZrMW9ghjG3MbIFphAUztzqx8BdwCG31BHUWNBdefRgP7TykD+KyhKrBEa427kAi8VpHU0+M9VBd212mhh8Dcqurq1kC/jLtf6VZDO8tu+XalWAIJcMxN3F3002nFmMLj5qi9EwgRzicndJ3U4PtZrD43GocxlT9M5XKcIXO/rYG4zfrnzXbLKEfabctxPMezGK7iwaOY7w== wooyay@houpla",
"user-script" : "/usr/sbin/mdata-get root_authorized_keys > ~root/.ssh/authorized_keys ; /usr/sbin/mdata-get root_authorized_keys > ~admin/.ssh/authorized_keys"

h3. Creating the Zone

With your image imported and your manifest created, you can now create the zone. Do this by simply passing the manifest to _vmadm create \-f manifest.json_:

# vmadm create -f web01.json
Successfully created VM d6a0a022-3855-4762-a2e5-3f16969ca2fb

Alternatively, you can pass the manifest via STDIN:

# vmadm create <<EOL
(manifest json here)

The zone is now created and running.

h3. Connecting to your Zone

Once you have created a zone with {{vmadm create}}, you can log into your zone via one of two methods:

vmadm console UUID


zlogin UUID

Please refer to the manpage for [vmadm(1m)|] and [zlogin(1)|] respectively, for the escape sequence to exit out of console mode.