Looking for relevance to retrieve Solaris zone information

Yorkly 2019-01-16 14:57:11 UTC #1

Good day all, has anyone written a relevance to display whether a Solaris client is from a Global or Local zone. Kind of displaying if this Solaris client is under a Global or Local zone. Even also looking way to display which Global zone that Solaris local zone server is belong to as well. This helps me to determine which Solaris Global zone is missing the ILMT scanner installed. This is useful information for ILMT application. Thanks.

Yorkly 2019-01-21 21:25:08 UTC #2

Any suggestions from anyone?

ITSAM 2019-06-25 13:50:06 UTC #3

We REALLY need this relationship data. This is a big gap in BigFix capability if it cannot cover this portion of computing architecture.

Aram 2019-06-25 13:55:04 UTC #4

If the information is available on the endpoint, then it should be accessible via BigFix. It seems that there are scripts that can output this information, which can be run via BigFix actions, then the output of which can be read via properties.

brolly33 2019-07-01 19:42:00 UTC #5

Check out these inspectors for Solaris zones:
https://developer.bigfix.com/relevance/reference/zone.html

I don’t have a Solaris box handy to test them to see which one might give you the information about Global or Local.

ITSAM 2019-10-15 15:21:10 UTC #6

We are getting the relationship information for Global Zones via a BigFix Web Report. We then have to merge that data with BFI SW Classification reports to perform SW license reconciliations. It is a real hassle to perform this extra work ever day. Really wish that this relationship was shown in the BFI reports.

itsmpro92 2019-10-15 22:27:29 UTC #7

Is a Solaris Zone is equivalent to a Virtual Machine? How do these zones appear in BFI now? What are you using to link the two data sets?

FDA 2019-10-18 09:55:24 UTC #8

You can find some information about BES agent installation on Solaris zone at following link:

https://www.ibm.com/support/knowledgecenter/en/SSQL82_9.5.0/com.ibm.bigfix.doc/Platform/Installation/c_solaris_installation_instructi.html

Read the above link for the best practice how to install the BES client in on a Solaris Zone. In short, if you install the BES client in a global and in one or more “zones” those are considered separate computers and they will appear as separate entity in the BES console.

FDA 2019-10-18 10:20:05 UTC #9

To reply to the question about the Solaris zone inspectors, you may want to consider the following:

Q: zone of process
A: global
E: Singular expression refers to non-unique object.
T: 6520

Q: zone of process
A: zone01
E: Singular expression refers to non-unique object.
T: 5368

The first output is the results of the inspector run on a global zone machine. The second is the results from a local zone machine. The message “Singular expression refers to non-unique object” is because the system has got multiple processsors.

If you are interested about all “zones” (or the zones name) defined on your system, you can run the following inspector on the “global zone” computer:

Q: zones of processes
A: global
A: global
…
A: zone02
A: zone01
A: zone01
A: zone02
A: zone02

The multiple output is because of the multiple processors.

yorkly1 2021-01-14 13:55:19 UTC #10

Thanks FDA for the responses. Just got a chance today to review this topic.

I would definitely give it a try if I could find a Solaris zone environment to test it.

Do you have a Solaris LDOM to test out the " zone of process" and see what the results are? Since LDOM can be a physical Solaris SPARC server which can have multiple Global zone ( I think) and then each Global zone can have many logical zone inside. That would be interesting to see what the outcome is from that command on the LDOM.

Another interesting question, I wish the “Computer Type” property in BES Console is able show the computer type for Solaris and AIX platforms. Currently it is reporting “N/A” or “none”. This information is helpful to identify if Solaris is physical or zone or AIX is physical or WPAR or LPAR.

Do you know if there is another inspector to get this information?

FDA 2021-01-22 13:42:29 UTC #11

Sorry for not replying sooner. On my test system the computer type appears to work correctly, at least on the AIX systems:

Those are LPAR as it results from the command "uname -L"
I can’t find a specific inspector for the computer type (virtual or physical) on AIX.