Information Technology Reference
In-Depth Information
If a Container needs the ability to modify the package directories that are nor-
mally inherited, it can instead be configured using the “whole-root” model. Such
a Container can add programs and files to those directories, but uses much more
disk space. This approach is useful if you want to install additional software into
the
/usr
and
/lib
directories.
A Solaris 10 package can be updated by applying a patch. Oracle Solaris provides
some flexibility regarding the patching of systems that have Containers.
Yo u s h o u l d c h o o s e a s p a r s e - r o o t C o n t a i n e r i f y o u w a n t t o g e t t h e m o s t b e n e fi t
from the lightweight nature of Containers. Because it inherits almost all of its
packages from the global zone, the amounts of disk space and RAM used by Oracle
Solaris binaries are minimized. A package can be present at only one patch level,
however, so all sparse-root Containers will be at the same patch level as the global
zone in regard to those packages. This includes any non-Solaris packages installed
in the global zone.
By comparison, a whole-root Container can more easily maintain its own un-
bundled and third-party software packages. This increases the flexibility and po-
tential complexity for diverse environments.
Typically, you apply Oracle Solaris patches to the global zone and to Containers
by using the
patchadd
(1M) command in the global zone. That command first
patches the global zone, and then automatically patches each Container. Patches
for Solaris packages will be applied in this way. If you choose to install non-Solaris
packages from the global zone, those packages will, with a few exceptions, also be
made available to the Containers.
By default,
patchadd
patches each Container in sequence. Systems with suf-
ficient compute capacity can use the “parallel patching” feature to reduce the
elapsed time needed to patch many Containers. To use this feature, while working
in the global zone, edit the file
/etc/patch/pdo.conf
and change the value of
num_proc
to a value other than
1
, which is the default. That number represents
the desired level of parallelization. Ideally, you should choose a number close to
the number of CPUs that are not in use. For example, an 8-CPU system run-
ning at 50% CPU utilization should be able to support patch parallelization of 4
without reducing the performance of workloads. If you are patching a system in
single-user mode, you can set
num_proc
to the number of CPUs in the system.
Yo u m a y f u r t h e r r e d u c e t h e e l a p s e d p a t c h i n g t i m e b y i n c r e a s i n g
num_proc
to 1.5
times the number of CPUs.
Yo u c a n i n s t a l l t h i r d - p a r t y s o f t w a r e p a c k a g e s a n d p a t c h e s i n w h o l e - r o o t
Containers; these packages and patches can be different from the packages and
patches installed in the global zone. To do so, use the
patchadd
command when
Search WWH ::
Custom Search