Oracle Solaris Containers - Oracle Solaris 10 System Virtualization Essentials

Information Technology Reference

In-Depth Information

system call definitions into the system calls provided by the kernel for that Solaris

distribution.

Each Solaris distribution—for example, Solaris 10—has a default brand for its

Containers. The default brand for Solaris 10 is called native , but other brands

exist for Solaris 10, too. The default brand for OpenSolaris is called ipkg .

Table 6.3 lists the current brands.

Table 6.3 Brands

Purpose

Brand

Name

Base OS

System

Call

Layer?

Description

Solaris 8 Containers

solaris8 Solaris 10

Yes

A Solaris 8 (or 9) environment on a

Solaris 10 system, with P2V tools

Solaris 9 Containers

solaris9 Solaris 10

Yes

Solaris Cluster Nodes

cluster Solaris 10

No

Assists with cluster functions

Solaris Trusted Extensions labeled Solaris 10

No

Enables data compartmentalization

Red Hat EL 3

Solaris 10

Yes

A Linux environment on a Solaris 10

system

lx

Solaris 10 on OpenSolaris

s10brand

OpenSolaris

Yes

A Solaris 10 environment on an

OpenSolaris system *

* The s10brand is under development at http://opensolaris.org .

6.1.5 Packaging, Deployment, and File Systems

A Container's directory structure is a subset of the global zone's directory tree.

When you create a Container, Oracle Solaris creates a new directory in which all

of the Container's directories and files reside. That directory, which is owned by

the global zone's root user, is chosen as the Container's zonepath , which in turn

contains a directory named root . The latter directory is known by two names, as

shown in Figure 6.2. If you are in the global zone, its name is simply root ; if you

are in the Container, that directory has the usual name for a system's root direc-

tory: '/'. A process in the Container cannot change its current working directory

above that directory, nor can it reference any part of the global zone's directory

structure above the Container's root directory. Thus, by default, a process in one

Container cannot access a file in another Container.

By default, a Container inherits all of the Solaris programs installed in the

global zone, including programs and some other files in /sbin , /usr , /lib , and

/platform . These directories are mounted onto a Container's directories of the

same names. These are read-only mounts, so as to prevent processes running in

the Container from modifying the Solaris binaries. Figure 6.2 shows two of these

Oracle Solaris 10 System Virtualization Essentials

Search WWH ::

Custom Search

Home