Version 3.1-enSolaris 10 Container Guide - 3.1 4. Best Practices

Effective: 30/11/2009

A-3: Self-qualification of an application in a container

A-3-1: If necessary, note additional details in:

“Qualification Best Practices for Application Support in Non-Global Zones”

http://developers.sun.com/solaris/articles/zone_app_qualif.html

A-3-2:

y

n

 

 

 

 

A-3-3:

Use of Solaris Application Scanners

 

 

 

 

Problem found

 

 

 

 

 

?

?

 

n

 

 

 

y

 

A-3-5: Further testing since problems which

 

 

 

 

have arisen could be solved by special

 

 

 

 

 

 

 

 

container configurations.

 

 

 

 

 

 

 

 

A-3-6:

Is one of the requirementsy met by the application?

-Creation and removal of devices

-Direct access to kernel modules

-Loading and unloading of drivers

 

 

n

 

 

 

 

 

A-3-10:

 

y

 

 

Further privileged operations

 

 

 

 

 

necessary during the runtime

 

 

 

 

 

(suid root, or the like)

 

 

 

 

 

?

 

 

 

 

 

 

 

n

 

A-3-11:

 

n

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Can required privileges be

 

 

 

 

 

configured by zonecfg:limitpriv

 

 

 

 

 

?

 

 

 

 

 

 

 

y

 

 

 

 

 

 

 

 

 

 

 

 

A-3-12: determine zonecfg:limitpriv

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

A-3-13: Results of qualification positive (application is suitable for Solaris containers)

A-3: Self-qualification of an application

in a container

A-3-7: Results of qualification negative (application is not suitable for Solaris containers)

A-3-4: Results of qualification positive (application is suitable for Solaris containers)

Figure 29: [dd] Self-qualification of an application in a container

63

Page 70
Image 70
Sun Microsystems 10 manual Dd Self-qualification of an application in a container