1 / 21

Solaris - PowerPoint PPT Presentation

  • Uploaded on

Solaris 가상화 기술. 이강산. What is a zone?. A zone is a virtual operating system abstraction that provides a protected environment in which applications run. The applications are protected from each other to provide software fault isolation.

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about 'Solaris ' - hilaire

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

Solaris 가상화 기술


What is a zone
What is a zone?

  • A zone is a virtual operating system abstraction that

    • provides a protected environment in which applications run.

    • The applications are protected from each other to provide software fault isolation.

    • To ease the labor of managing multiple applications and their environments,

      • they co-exist within one operating system instance, and are usually managed as one entity.

What is a container
What is a container?

  • A zone which also uses the operating system's resource management facility is then called a container.

  • Many people use the two words 'zone' and 'container' interchangeably.

What types of zones are available
What types of zones are available?

  • Native

    • The default non-global zone is the native zone.

    • It has the same characteristics as the Solaris 10 Operating System or later release that is running in the global zone.

  • Branded Zones

    • It is also possible to run a different operating environment inside of a non-global zone.

    • The branded zone (BrandZ) framework extends the Solaris Zones infrastructure to include the creation of brands, or alternative sets of runtime behaviors.

    • "Brand" can refer to a wide range of operating environments.

What is a global zone sparse root zone whole root zone local zone

Install OS



Create a zone


(zone or

local zone)

What is a global zone? Sparse-root zone? Whole-root zone? Local zone?

  • After installing Solaris 10 on a system, but before creating any zones, all processes run in the global zone.

  • After you create a zone, it has processes which are associated with that zone and no other zone.

  • Any process created by a process in a non-global zone is also associated with that non-global zone.

  • Any zone which is not the global zone is called a non-global zone. Some people call non-global zones simply "zones."

  • Others call them "local zones" but this is discouraged.

  • The default zone filesystem model is called "sparse-root."

    • This model emphasizes efficiency at the cost of some configuration flexibility.

    • Sparse-root zones optimize physical memory and disk space usage by sharing some directories, like /usr and /lib.

    • Sparse-root zones have their own private file areas for directories like /etc and /var.

  • Whole-root zones increase configuration flexibility but increase resource usage.

    • They do not use shared filesystems for /usr, /lib, and a few others.

Will my software run in a zone or container
Will my software run in a zone or container?

  • Most Solaris software will run unmodified in a zone, without needing to re-compile.

  • Unprivileged software (programs that do not run as root nor with specific privileges) typically run unmodified in a zone once they can be successfully installed.

  • Installation software must not assume that it can write into shared, read-only filesystems, e.g. /usr.

  • This can be circumvented by adding a writable filesystem to the zone (e.g. at /usr/local) or using a whole-root zone.

  • However, there are a few applications which need non-default privileges to run - privileges not normally available in a zone, such as the ability to set the system's time-of-day clock.

    • For these situations, the feature named "configurable privileges" has been added.

    • This feature allows the global zone administrator - the person who manages zones on a system - to assign additional, non-default privileges to a zone.

    • The zone's administrator can then allow individual users to use those non-default privileges.

  • An applications which requires privileges which cannot be added to a zone may need modification to run properly in a zone.

  • Here are some guidelines

    • An application which accesses the network and files, and performs no other I/O, should work correctly.

    • Applications which require direct access to certain devices, e.g. a disk partition, will usually work if the zone is configured correctly.

      • However, in some cases this may increase security risks.

    • Applications which require direct access to these devices must be modified to work correctly

      • /dev/kmem

      • a network device

        • Starting with OpenSolaris build 37 and Solaris 10 8/07, a zone can be configured as an "exclusive-IP zone" which gives it exclusive access to the NIC(s) that the zone has been assigned. Applications in such a zone can communicate directly with the NIC(s) available to the zone.

        • Applications running in shared-IP zones should instead use one of the many IP services.

How big is a zone
How "big" is a zone?

  • If configured with default parameters, a zone requires about 85MB of free disk space per zone when the global zone has been installed with the "All" metacluster of Solaris packages.

  • Additional packages installed in the global zone will require additional space in the non-global zones.

  • SVM soft partitions can be used to divide disk slices and enforce per-zone disk space constraints.

  • When performing capacity planning, 40MB of additional RAM per zone is suggested.

  • Applications do not use any "extra" RAM because they are running in a zone.

  • A zone installed using the "full-root model" will take up as much space as the initial Solaris 10 installation, which will be more than 500MB in most cases.

Can each zone run a different solaris version
Can each zone run a different Solaris version?

  • No.

  • All of the zones use a single underlying kernel.

  • The version of the kernel determines the version of every container in that domain.

What types of re configurations require a non global zone re boot
What types of re-configurations require a non-global zone re-boot?

  • Adding a device to a non-global zone.

  • Binding a zone to a pool.