Sun Microsystems 10 - Manual

Version 3.1-en Solaris 10 Container Guide - 3.1 Disclaimer Effective: 30/11/2009 Disclaimer Sun Microsystems GmbH does not offer any guarantee regarding the completeness and accuracy of the information and examples contained in this document. Revision control Version Contents Who 3.1 30/11/2009 Adju...

Version 3.1-en Solaris 10 Container Guide - 3.1 Disclaimer Effective: 30/11/2009 Version Contents Who Drawings 1 - 6 as an image Detlef Drewanz 1.2 06/11/2006 General chapter virtualization Additional network examples Detlef Drewanz, Ulrich Gräf 1.1 27/10/2006 Revision control table reorganized (the...

Version 3.1-en Solaris 10 Container Guide - 3.1 1. Introduction Effective: 30/11/2009 1. Introduction [dd/ug] This guide is about Solaris Containers, how they work and how to use them. Although the original guide was developed in german [ 25 ], starting with version 3.1 we begin to deliver a version...

Version 3.1-en Solaris 10 Container Guide - 3.1 2. Functionality Effective: 30/11/2009 2. Functionality 2.1. Solaris Containers and Solaris Zones 2.1.1. Overview [ug] Solaris Zones is the term for a virtualized execution environment – a virtualization at the operating system level (in contrast to HW...

Version 3.1-en Solaris 10 Container Guide - 3.1 2. Functionality Effective: 30/11/2009 Thus, a local zone is a Solaris environment that is separated from other zones and can be used independently. At the same time, many hardware and operating system resources are shared with other local zones, which...

Version 3.1-en Solaris 10 Container Guide - 3.1 2. Functionality Effective: 30/11/2009 2.1.5. Zones and resource management [ug] In Solaris 9, resource management was introduced on the basis of projects, tasks and resource pools. In Solaris 10, resource management can be applied to zones as well. Th...

Version 3.1-en Solaris 10 Container Guide - 3.1 2. Functionality Effective: 30/11/2009 2.1.5.2. Memory resource management [ug] In Solaris 10 (in an update of Solaris 9 as well), main memory consumption can be limited at the level of zones, projects and processes. This is implemented with the so-cal...

Version 3.1-en Solaris 10 Container Guide - 3.1 2. Functionality Effective: 30/11/2009 2.2. Virtualization technologies compared [ug] Conventional data center technologies include • Applications on separate computersThis also includes multi-tier architectures with firewall, load balancing, web and a...

Version 3.1-en Solaris 10 Container Guide - 3.1 2. Functionality Effective: 30/11/2009 2.2.1. Domains/physical partitions [ug] A computer can be partitioned by configuration into sub-computers (domain, partition). Domains are almost completely physically separated since electrical connections are tu...

Version 3.1-en Solaris 10 Container Guide - 3.1 2. Functionality Effective: 30/11/2009 2.2.3. Containers (Solaris zones) in an OS [ug] In an operating system installation, execution environments for applications and services are created that are independent of each other. The kernel becomes multiten...

Version 3.1-en Solaris 10 Container Guide - 3.1 2. Functionality Effective: 30/11/2009 2.2.5. Summary of virtualization technologies [ug] The virtualization technologies discussed above can be summarized in the following table – compared to installation on a separate computer. Separate computer Doma...

Version 3.1-en Solaris 10 Container Guide - 3.1 2. Functionality Effective: 30/11/2009 15 Figure 6: [dd] Comparison of virtualization technologies HW OS App Logical virtualisation (logical partitions) OS virtualisation (Container - Solaris zones - Physical virtualisation (Domains/ physical partition...

Version 3.1-en Solaris 10 Container Guide - 3.1 3. Use Cases Effective: 30/11/2009 3. Use Cases The following chapter discusses a variety of use cases for Solaris Containers and evaluates them. 3.1. Grid computing with isolation Requirement [ug] There is a need within a company to use free cycles on...

Version 3.1-en Solaris 10 Container Guide - 3.1 3. Use Cases Effective: 30/11/2009 3.2. Small web servers Requirement [ug] One of the following situations exists: • An Internet Service Provider (ISP) would like to have the option to set up web servers automatically, without additional costs. Based o...

Version 3.1-en Solaris 10 Container Guide - 3.1 3. Use Cases Effective: 30/11/2009 3.3. Multi-network consolidation Requirement [dd] A company uses several different networks that are separated either by firewalls or by routers. Applications are run in the individual networks. The company would like...

Version 3.1-en Solaris 10 Container Guide - 3.1 3. Use Cases Effective: 30/11/2009 3.5. Multi-network backup Requirement [dd] A company has several different networks that are separated in different stages either by firewalls or by routers. Different computers are installed in the individual network...

Version 3.1-en Solaris 10 Container Guide - 3.1 3. Use Cases Effective: 30/11/2009 3.6. Consolidation development/test/integration/production Requirement [ug] Usually, further systems supporting the same application exist while an application is in production: • Development systems • Test systems • ...

Version 3.1-en Solaris 10 Container Guide - 3.1 3. Use Cases Effective: 30/11/2009 3.7. Consolidation of test systems Requirement [ug] To test software and applications, there are many test systems in the data center environment that are only ever used for tests. They are mostly used only for qualit...

Version 3.1-en Solaris 10 Container Guide - 3.1 3. Use Cases Effective: 30/11/2009 3.9. Server consolidation Requirement [ug] In a data center, several applications run whose workload is too low (often much less than 50%). The computers themselves usually require a lot of electricity, cooling and sp...

Version 3.1-en Solaris 10 Container Guide - 3.1 3. Use Cases Effective: 30/11/2009 3.10. Confidentiality of data and processes Requirement [ug] In the data center, applications are running on different computers because • Certain departments want to be certain that data and processes are not seen by...

Version 3.1-en Solaris 10 Container Guide - 3.1 3. Use Cases Effective: 30/11/2009 3.11. Test systems for developers Requirement [ug] Developers need test systems to test their application. Frequently, the interaction of several computers must be tested as well. Resources for the installation of tes...

Version 3.1-en Solaris 10 Container Guide - 3.1 3. Use Cases Effective: 30/11/2009 3.12. Solaris 8 and Solaris 9 containers for development Requirement [ug] There are still systems running in companies under Solaris 8 or Solaris 9 with self-developed software, and it must be possible for these syste...

Version 3.1-en Solaris 10 Container Guide - 3.1 3. Use Cases Effective: 30/11/2009 3.13. Solaris 8 and Solaris 9 containers as revision systems Requirement [ug] For legal reasons or due to revision requests, it is necessary to have certain systems available for years under Solaris 8 or Solaris 9. • ...

Version 3.1-en Solaris 10 Container Guide - 3.1 3. Use Cases Effective: 30/11/2009 3.14. Hosting for several companies on one computer Requirement [ug] An application service provider operates systems for a variety of companies. The systems are underutilized. Solution [ug] The applications are conso...

Version 3.1-en Solaris 10 Container Guide - 3.1 3. Use Cases Effective: 30/11/2009 3.16. Upgrade- and Patch-management in a virtual environment Requirement [da] Virtualization by means of Solaris Containers allows the application to be disengaged from the hardware. An application can thus be run ver...

Version 3.1-en Solaris 10 Container Guide - 3.1 3. Use Cases Effective: 30/11/2009 3.17. "Flying zones" – Service-oriented Solaris server infrastructure Requirement [os] A highly available virtualization platform to run business-critical applications should meet the following requirements: •...

Version 3.1-en Solaris 10 Container Guide - 3.1 4. Best Practices Effective: 30/11/2009 4.1.5. Software installations in Solaris and zones [dd] The zones' directory structure is determined mainly from the need to install software with special needs in this area. Prior to creating the zones, this que...

Version 3.1-en Solaris 10 Container Guide - 3.1 4. Best Practices Effective: 30/11/2009 4.1.5.3. Software installation by the global zone – usage in the global zone • non-pkg software − Software A is installed by the global zone e.g. in /software/A − /software/A is available to the global zone as a ...

Version 3.1-en Solaris 10 Container Guide - 3.1 4. Best Practices Effective: 30/11/2009 4.1.9. Separate name services in zones [ug] Name services include among other things the hosts database and the userids ( p a s s w d , s h a d o w ) and are configured with the file / e t c / n s s w i t c h . c...

Version 3.1-en Solaris 10 Container Guide - 3.1 4. Best Practices Effective: 30/11/2009 4.2.3. One application per zone [ug] Another paradigm is to always install one application per zone.A zone has very little overhead; basically, only the application processes are separated from the rest of the sy...

Version 3.1-en Solaris 10 Container Guide - 3.1 4. Best Practices Effective: 30/11/2009 administrator. With the software products described here, the requirements with respect to visualization and flexibilization of containers right up to disaster recovery concepts can be covered completely. The har...

Version 3.1-en Solaris 10 Container Guide - 3.1 5. Cookbooks Effective: 30/11/2009 5.1.15. Accelerated automatic creation of zones on a ZFS file system [bf/ug] If a zone is configured on a ZFS file system, it can be duplicated very quickly by using ZFS snapshots. This procedure is described below by...

Version 3.1-en Solaris 10 Container Guide - 3.1 5. Cookbooks Effective: 30/11/2009 5.2.7.3. Zones in separate network segments using exclusive IP instances [dd/ug] Two local zones, zone1 and zone2, are located in separated network segments and provide services for these network segments. • Each loca...

Version 3.1-en Solaris 10 Container Guide - 3.1 5. Cookbooks Effective: 30/11/2009 5.3.10. Shutting down a zone [dd] Zones can be shut down from the local zone itself or from the global zone. Depending on which option is used, running services are either completed or simply stopped. • z o n e a d m ...

Version 3.1-en Solaris 10 Container Guide - 3.1 5. Cookbooks Effective: 30/11/2009 The BE is now available e.g. under /.alt.s10-807+1. Next, the boot archive of this BE is updated and the BE is unmounted again. bootadm update-archive -R /.alt.s10-807+1luumount s10-807+1 Finally, the new BE can be ac...

Version 3.1-en Solaris 10 Container Guide - 3.1 5. Cookbooks Effective: 30/11/2009 created with p o o l c f g and p o o l a d m . 5.5.9. Dynamic resource pools for zones [dd] As already described in 4.6.2.5 Dynamic resource pools , dynamic resource pools can very easily be used for zones since Solar...

Version 3.1-en Solaris 10 Container Guide - 3.1 5. Cookbooks Effective: 30/11/2009 5.5.10. Limiting the physical main memory consumption of a project [dd] To limit the physical main memory of a project, the resource capping daemon r c a p d ( 1 M ) can be used. If the resident set size (RSS) of a pr...

Version 3.1-en Solaris 10 Container Guide - 3.1 Supplement Effective: 30/11/2009 Supplement A. Solaris Container in OpenSolaris A.1. OpenSolaris – general [dd] In 2005, Sun Microsystems started OpenSolaris as an OpenSource project in order to support and advance the developer community around Solari...

Version 3.1-en Solaris 10 Container Guide - 3.1 A. Solaris Container in OpenSolaris Effective: 30/11/2009 A.1. Cookbook: Configuring an ipkg zone The configuration of the zone is done as usual with z o n e c f g ( 1 M ) . root@cantaloup:~# zonecfg -z keetonga keetonga: No such zone configured Use 'c...