Updating Solaris 11 zones behind a proxy

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)

I’ve forgotten this several times now so it’s time I wrote a short post to help me remember in future! In Solaris 11 we use the Image Packaging System to maintain the software on the system. This is written in python and uses libcurl and for non zoned systems setting the http_proxy is sufficient to allow the system to communicate with the repo.e.g.:

With zones however that is not sufficient. This is because of how zones are updated. On a system without zones you run ‘pkg install’ or ‘pkg update’ and it directly communicates with the publisher, so an environment variable to set the proxy will work in this case. For zones however the local zones communicate with the system repository service, they do not communicate with the publisher directly. The system repository service, as the name says, is a service and so does not get its environment from the shell you issue the pkg command from, hence it will not know about the proxy. This results in some unexpected errors when you try to update a system with zones. For example:

If you look in the log file for the system repository you will also see errors showing that it can’t communicate with the publisher:

WARNING: unable to access http://solaris-repo.us.oracle.com/s11development when checking for redirects:

The solution to this is to set the http_proxy property for the service. You do this by, for example:

You can check the current proxy settings by:

Leave a Reply

Notify of