Support User Manuals

Sun Microsystems 10 Computer Hardware User Manual

Open as PDF

of 121

Version 3.1-en Solaris 10 Container Guide - 3.1 2. Functionality Effective: 30/11/2009

2. Functionality

2.1. Solaris Containers and Solaris Zones

2.1.1. Overview

[ug] Solaris Zones is the term for a virtualized execution environment – a virtualization at the operating

system level (in contrast to HW virtualization).

Solaris Containers are Solaris Zones with Resource Management. The term is frequently used

(in this document as well) as a synonym for Solaris Zones.

Resource Management has already been introduced with Solaris 9 and allows the definition of CPU,

main memory and network resources.

Solaris Zones represent a virtualization at the interface between the operating system and the

application.

• There is a global zone which is essentially the same as a Solaris operating system was in earlier

versions

• In addition, local zones, also called nonglobal zones, can be defined as virtual execution

environments.

• All local zones use the kernel of the global zone and are thus part of a single physical operating

system installation – unlike HW virtualization, where several operating systems are started on

virtualized hardware instances.

• All shared objects (programs, libraries, the kernel) are loaded only once; therefore, unlike for

HW virtualization, additional consumption of main memory is very low.

• The file system of a local zone is separated from the global zone. It uses a subdirectory of the

global zone's filesystem for a root directory (as in chroot environments).

• A zone can have one or several network addresses and network interfaces of its own.

• Physical devices are not visible in local zones (standard) but can optionally be configured.

• Local zones have their own OS settings, e.g. for name service.

• Local zones are separated from each other and from the global zone with respect to processes,

that is, a local zone cannot see the processes of a different zone.

• The separation extends also to the shared memory segments and logical or physical network

interfaces.

• Access to another local zone on the same computer is therefore possible through the network

only.

• The global zone, however, can see all processes in the local zones for the purpose of control

and monitoring (accounting).

Figure 1: [dd] Schematic representation of zones

2

Server

OS

App

Local

zone

Local

zone

Local

zone

Global zone

previous next