solaris n.
Skip this Video
Download Presentation
Solaris 가상화 기술

Loading in 2 Seconds...

play fullscreen
1 / 21

Solaris 가상화 기술 - PowerPoint PPT Presentation

  • Uploaded on

Solaris 가상화 기술. 이강산. What is a zone?. A zone is a virtual operating system abstraction that provides a protected environment in which applications run. The applications are protected from each other to provide software fault isolation.

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about 'Solaris 가상화 기술' - hilaire

Download Now An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
what is a zone
What is a zone?
  • A zone is a virtual operating system abstraction that
    • provides a protected environment in which applications run.
    • The applications are protected from each other to provide software fault isolation.
    • To ease the labor of managing multiple applications and their environments,
      • they co-exist within one operating system instance, and are usually managed as one entity.
what is a container
What is a container?
  • A zone which also uses the operating system's resource management facility is then called a container.
  • Many people use the two words 'zone' and 'container' interchangeably.
what types of zones are available
What types of zones are available?
  • Native
    • The default non-global zone is the native zone.
    • It has the same characteristics as the Solaris 10 Operating System or later release that is running in the global zone.
  • Branded Zones
    • It is also possible to run a different operating environment inside of a non-global zone.
    • The branded zone (BrandZ) framework extends the Solaris Zones infrastructure to include the creation of brands, or alternative sets of runtime behaviors.
    • "Brand" can refer to a wide range of operating environments.
what is a global zone sparse root zone whole root zone local zone

Install OS



Create a zone


(zone or

local zone)

What is a global zone? Sparse-root zone? Whole-root zone? Local zone?
  • After installing Solaris 10 on a system, but before creating any zones, all processes run in the global zone.
  • After you create a zone, it has processes which are associated with that zone and no other zone.
  • Any process created by a process in a non-global zone is also associated with that non-global zone.
  • Any zone which is not the global zone is called a non-global zone. Some people call non-global zones simply "zones."
  • Others call them "local zones" but this is discouraged.
The default zone filesystem model is called "sparse-root."
    • This model emphasizes efficiency at the cost of some configuration flexibility.
    • Sparse-root zones optimize physical memory and disk space usage by sharing some directories, like /usr and /lib.
    • Sparse-root zones have their own private file areas for directories like /etc and /var.
  • Whole-root zones increase configuration flexibility but increase resource usage.
    • They do not use shared filesystems for /usr, /lib, and a few others.
will my software run in a zone or container
Will my software run in a zone or container?
  • Most Solaris software will run unmodified in a zone, without needing to re-compile.
  • Unprivileged software (programs that do not run as root nor with specific privileges) typically run unmodified in a zone once they can be successfully installed.
  • Installation software must not assume that it can write into shared, read-only filesystems, e.g. /usr.
  • This can be circumvented by adding a writable filesystem to the zone (e.g. at /usr/local) or using a whole-root zone.
However, there are a few applications which need non-default privileges to run - privileges not normally available in a zone, such as the ability to set the system's time-of-day clock.
    • For these situations, the feature named "configurable privileges" has been added.
    • This feature allows the global zone administrator - the person who manages zones on a system - to assign additional, non-default privileges to a zone.
    • The zone's administrator can then allow individual users to use those non-default privileges.
  • An applications which requires privileges which cannot be added to a zone may need modification to run properly in a zone.
Here are some guidelines
    • An application which accesses the network and files, and performs no other I/O, should work correctly.
    • Applications which require direct access to certain devices, e.g. a disk partition, will usually work if the zone is configured correctly.
      • However, in some cases this may increase security risks.
    • Applications which require direct access to these devices must be modified to work correctly
      • /dev/kmem
      • a network device
        • Starting with OpenSolaris build 37 and Solaris 10 8/07, a zone can be configured as an "exclusive-IP zone" which gives it exclusive access to the NIC(s) that the zone has been assigned. Applications in such a zone can communicate directly with the NIC(s) available to the zone.
        • Applications running in shared-IP zones should instead use one of the many IP services.
how big is a zone
How "big" is a zone?
  • If configured with default parameters, a zone requires about 85MB of free disk space per zone when the global zone has been installed with the "All" metacluster of Solaris packages.
  • Additional packages installed in the global zone will require additional space in the non-global zones.
  • SVM soft partitions can be used to divide disk slices and enforce per-zone disk space constraints.
  • When performing capacity planning, 40MB of additional RAM per zone is suggested.
  • Applications do not use any "extra" RAM because they are running in a zone.
  • A zone installed using the "full-root model" will take up as much space as the initial Solaris 10 installation, which will be more than 500MB in most cases.
can each zone run a different solaris version
Can each zone run a different Solaris version?
  • No.
  • All of the zones use a single underlying kernel.
  • The version of the kernel determines the version of every container in that domain.
what types of re configurations require a non global zone re boot
What types of re-configurations require a non-global zone re-boot?
  • Adding a device to a non-global zone.
  • Binding a zone to a pool.