Sun Microsystems 10 manual Containers Solaris zones in an OS, Dd Container Solaris zones in an OS

2.2.3. Containers (Solaris zones) in an OS

[ug] In an operating system installation, execution environments for applications and services are created that are independent of each other. The kernel becomes multitenant enabled: it exists only once but appears in each zone as though it was assigned exclusively.

Separation is implemented by restricting access to resources, such as e.g. the visibility of processes (modified procfs), the usability of the devices (modified devfs) and the visibility of the file tree (as with chroot).

Advantages:

∙Application: All applications are executable unless they use their own drivers or other system- oriented features. Separate drivers can, however, be used via installations in the global zone.

∙Scalability: Container capacity can be configured (through resource management, processor sets and CPU caps).

∙Separation: Applications are separated from each other; direct mutual influence via the OS is not possible.

∙OS maintenance: OS installation, patches and implementation of in-house standards must take place in a central location (in the global zone) only.

∙Delegation: The department responsible for the application/ service requires root privileges for part of the administration. Here, it can obtain the root privileges within the zone without being in a position to affect other local zones or the global zone. The right to allocate resources is reserved to the global zone only.

∙Overhead: All local zone processes are merely normal application processes from the point of view of the global zone. The OS overhead (memory management, scheduling, kernel) and memory requirements for shared objects (files, programs, libraries) are created only once. Each zone has only a small additional number of system processes. For that reason, it is possible to have hundreds of zones on a single-processor system.

Disadvantages:

∙HW maintenance: If a shared component fails, many or all zones may be affected. Solaris 10 recognizes symptoms of a future failure through FMA (Fault Management Architecture) and can deactivate the affected components (CPU, memory, bus systems) while running, or instead use alternative components that are available. Through the use of cluster software (Sun Cluster), the availability of the application in the zone can be improved (Solaris Container Cluster/ Solaris Container Agent).

∙Separation: The applications can influence each other through shared hardware. That influence can be minimized in Solaris with resource management and network bandwidth management.

∙OS versions: Different operating systems/versions are possible with branded zones only. Here, a virtual process environment for another operating system is created in one zone but the kernel of the global zone is used by the branded zones as well.

Figure 4: [dd] Container (Solaris zones) in an OS

Implementations in the BSD operating system are Jails, in Solaris: zones, and in Linux the vserver project. HW requirements are not necessary.

12