Information Technology Reference
In-Depth Information
That form of the mount command will look up the other information in the /etc/
vfstab file.
To enhance security, you may use a read-only mount of the NFS file system.
Doing so would prevent a successful intruder from modifying the web page files. If
that is an appropriate configuration, you can use this line instead of the one given
earlier:
nfsserver:/web01 - /webpages nfs - yes ro,nosuid
The last step for each Container is starting Apache. Additionally, you can
modify the IP Filter rules for this Container from the global zone. IP Filter is not
discussed in this example.
Yo u c a n u s e zlogin to access the Container and start Apache:
GZ# zlogin web01
web01# svcadm enable apache2
This svcadm command starts Apache immediately, but also tells the Service
Management Facility (SMF) to start Apache after the Container boots in the
future. The svcadm command is part of SMF. Among other benefits, SMF will
restart Apache automatically if it crashes.
8.6.4 Testing
Yo u s h o u l d n o w b e a b l e t o t e s t t h e C o n t a i n e r w i t h a w e b b r o w s e r, u s i n g i t s h o s t
name or IP address.
8.6.5 Summary
Solaris Containers make it easy to consolidate multiple workloads from separate
systems into one system, as there is only one copy of the OS to manage.
8.7 Security Hardening with Oracle Solaris Containers
Server virtualization is commonly used to consolidate multiple workloads onto
one computer. But what else is it good for?
Solaris Containers have subtle uses in addition to general-purpose consolida-
tion. These uses rely on a unique combination of features:
 
 
 
 
Previous Page
Next Page
Oracle Solaris 10 System Virtualization Essentials
Search WWH ::




Custom Search
Home