Back to the main page

syslog-ng installation on Solaris non-global zone

Installing syslog-ng on a zone requires little bit more exercise, so you can combine this document with  this one. 

First install syslog-ng on the global zone (I assume there is no non-global zone yet). 
If you need help, see previously mentioned document (I'll "call" this document couple of times). 

Okay, so syslog-ng is installed in the global zone. There are many approaches what to do next. 

Maybe configure syslog-ng in the global zone and then install non-global zone or do not configure anything in the global zone but install non-global zone and configure syslog-ng there.  

Maybe good idea is to configure syslog-ng in the global zone since this can be possibly syslog-ng client in future. Remember that syslog-ng server is going to be in our non-global zone.  

Okay, let's go with approach of installing and configuring syslog-ng in the global zone before installing non-global zone. 
Basically repeat whole steps from mentioned link (this will install and configure syslog-ng in global zone; also integrate syslog-ng as new Solaris service). 

Now, install the non-global zone. I will write in details about this somewhere else. 

For now let's just see information about non-global zone (called gek) 
# zonecfg -z gek info
zonename: gek
zonepath: /zones/gek
brand: native
autoboot: true
ip-type: shared
        dir: /lib
        dir: /platform
        dir: /sbin
        dir: /usr
        dir: /opt
        address: 192.168.etc.etc
        physical: e1000g0
        defrouter not specified
We see that non-global zone inherits five directories from global zone, and they are read-only as you can see below.
{gek}/usr/local> touch 1
touch: cannot create 1: Read-only file system
Also try this command just to get more info about inherited directories that are actually now loopback file systems.
# df -F lofs -h
Filesystem             size   used  avail capacity  Mounted on
/dev                    67G    23M    67G     1%    /dev
/lib                   3.9G   1.7G   2.2G    43%    /lib
/opt                   3.9G   1.7G   2.2G    43%    /opt
/platform              3.9G   1.7G   2.2G    43%    /platform
/sbin                  3.9G   1.7G   2.2G    43%    /sbin
/usr                   3.9G   1.7G   2.2G    43%    /usr
Our syslog-ng.conf file is in /usr/local/etc and we certainly need write permissions there. So how are we going to fix this? Well, let's try this exercise: 1. Rsync content from /usr/local/etc to /etc/local (/etc is not inherited directory so we can write there)
# /opt/csw/bin/rsync -aH /usr/local/etc /etc/local
2. Add the line in /etc/vfstab file (basically we create new loopback file system)
/etc/local - /usr/local/etc lofs - yes -
3. Mount directory with command:
mount /etc/local
Now we are able to write to /usr/local/etc and edit syslog-ng.conf file. Same steps can be performed for other "read-only" directories, like /opt (you may have other configuration files in /opt/csw/etc and you can create loopback file system /etc/csw that mounts /opt/csw/etc). Login to non-global zone with zlogin zone_name Same as in global zone, system-log is "free" of dependants who will now depend on syslog-ng. # svcs -D system-log STATE STIME FMRI online 16:32:52 svc:/milestone/multi-user:default Now you can use again previously mention link and integrate syslog-ng in Service Management Facility. You'll have to alter only /var/svc/manifest/system/syslog-ng.xml file. No need to alter the executable (method file) /lib/svc/method/syslog-ng since it is in inherited /lib and it was already taken care of in global zone, remember? Disable system-log service. Validate and import syslog-ng.xml
# svccfg
svc:> validate /var/svc/manifest/system/syslog-ng.xml
svc:> import /var/svc/manifest/system/syslog-ng.xml
svc:> quit
Enable syslog-ng service. # svcadm -v enable -r syslog-ng And this should be it. Once again, you may want to verify ownership and permissions of .xml and method files to be in line with other services' files. PostScript: Once I started working more seriously with syslog-ng on non-global zones, I realized there is also one important step I didn't mention in this document. Where are you going to login? Right! Here is the deal (just example from my work). I have SF X4200 with 2 x 73G and 2 x 146G. The OS was installed with zfs as boot file system (I will elaborate this in other documents) on 2 x 73G and other two disks will be for logging. Just to get better picture, zpool history command shows:
zpool create space1 mirror c0t2d0 c0t3d0
zfs set compression=on space1
zfs create -o mountpoint=/logs space1/logs
And you can also use zfs list NAME USED AVAIL REFER MOUNTPOINT space1 236K 134G 18K /space1 space1/logs 108K 134G 108K /logs Okay, so you see, I want logging to /logs. But this is in global zone. So here is how to allow non-global zone to access this file system in global zone. In the example, syslog-dc is name of non-global zone (this is my syslog-ng server). Basically we add loopback mounted file system.
# zonecfg -z syslog-dc
zonecfg:syslog-dc> add fs
zonecfg:syslog-dc:fs> set dir=/logs
zonecfg:syslog-dc:fs> set special=/logs
zonecfg:syslog-dc:fs> set type=lofs
zonecfg:syslog-dc:fs> end
zonecfg:syslog-dc> commit
zonecfg:syslog-dc> exit

# zoneadm -z syslog-dc reboot

# zlogin syslog-dc

{syslog-dc}/> df -F lofs -h
Filesystem             size   used  avail capacity  Mounted on
/dev                   8.0G    15M   8.0G     1%    /dev
/lib                   4.0G   1.3G   2.7G    34%    /lib
/logs                  134G   109K   134G     1%    /logs
/opt                   4.0G   1.3G   2.7G    34%    /opt
/platform              4.0G   1.3G   2.7G    34%    /platform
/sbin                  4.0G   1.3G   2.7G    34%    /sbin
/usr                   4.0G   1.3G   2.7G    34%    /usr
/etc/csw               8.0G    15M   8.0G     1%    /opt/csw/etc
/etc/local             8.0G    15M   8.0G     1%    /usr/local/etc
Happy logging!
Back to the main page