| Skip Navigation Links | |
| Exit Print View | |
|
System Administration Guide: Oracle Solaris Containers-Resource Management and Oracle Solaris Zones |
| Skip Navigation Links | |
| Exit Print View | |
|
|
System Administration Guide: Oracle Solaris Containers-Resource Management and Oracle Solaris Zones |
1. Introduction to Solaris 10 Resource Management
2. Projects and Tasks (Overview)
3. Administering Projects and Tasks
4. Extended Accounting (Overview)
5. Administering Extended Accounting (Tasks)
6. Resource Controls (Overview)
7. Administering Resource Controls (Tasks)
8. Fair Share Scheduler (Overview)
9. Administering the Fair Share Scheduler (Tasks)
10. Physical Memory Control Using the Resource Capping Daemon (Overview)
11. Administering the Resource Capping Daemon (Tasks)
13. Creating and Administering Resource Pools (Tasks)
14. Resource Management Configuration Example
15. Resource Control Functionality in the Solaris Management Console
16. Introduction to Solaris Zones
17. Non-Global Zone Configuration (Overview)
18. Planning and Configuring Non-Global Zones (Tasks)
19. About Installing, Halting, Cloning, and Uninstalling Non-Global Zones (Overview)
20. Installing, Booting, Halting, Uninstalling, and Cloning Non-Global Zones (Tasks)
21. Non-Global Zone Login (Overview)
22. Logging In to Non-Global Zones (Tasks)
23. Moving and Migrating Non-Global Zones (Tasks)
24. Solaris 10 9/10: Migrating a Physical Solaris System Into a Zone (Tasks)
25. About Packages and Patches on a Solaris System With Zones Installed (Overview)
26. Adding and Removing Packages and Patches on a Solaris System With Zones Installed (Tasks)
27. Solaris Zones Administration (Overview)
Global Zone Visibility and Access
Process ID Visibility in Zones
File Systems and Non-Global Zones
Mounting File Systems in Zones
Unmounting File Systems in Zones
Security Restrictions and File System Behavior
Non-Global Zones as NFS Clients
Use of mknod Prohibited in a Zone
Restriction on Accessing A Non-Global Zone From the Global Zone
Networking in Shared-IP Non-Global Zones
IP Traffic Between Shared-IP Zones on the Same Machine
Solaris IP Filter in Shared-IP Zones
IP Network Multipathing in Shared-IP Zones
Solaris 10 8/07: Networking in Exclusive-IP Non-Global Zones
Exclusive-IP Zone Partitioning
Exclusive-IP Data-Link Interfaces
IP Traffic Between Exclusive-IP Zones on the Same Machine
Device Use in Non-Global Zones
/dev and the /devices Namespace
Utilities That Do Not Work or Are Modified in Non-Global Zones
Utilities That Do Not Work in Non-Global Zones
SPARC: Utility Modified for Use in a Non-Global Zone
Running Applications in Non-Global Zones
Resource Controls Used in Non-Global Zones
Fair Share Scheduler on a Solaris System With Zones Installed
FSS Share Division in a Non-Global Zone
Extended Accounting on a Solaris System With Zones Installed
Privileges in a Non-Global Zone
Using IP Security Architecture in Zones
IP Security Architecture in Shared-IP Zones
Solaris 10 8/07: IP Security Architecture in Exclusive-IP Zones
Using Solaris Auditing in Zones
Configuring Audit in the Global Zone
Configuring User Audit Characteristics in a Non-Global Zone
Providing Audit Records for a Specific Non-Global Zone
Running DTrace in a Non-Global Zone
About Backing Up a Solaris System With Zones Installed
Backing Up Loopback File System Directories
Backing Up Your System From the Global Zone
Backing Up Individual Non-Global Zones on Your System
Determining What to Back Up in Non-Global Zones
Backing Up Application Data Only
General Database Backup Operations
About Restoring Non-Global Zones
Commands Used on a Solaris System With Zones Installed
28. Solaris Zones Administration (Tasks)
29. Upgrading a Solaris 10 System That Has Installed Non-Global Zones
30. Troubleshooting Miscellaneous Solaris Zones Problems
31. About Branded Zones and the Linux Branded Zone
32. Planning the lx Branded Zone Configuration (Overview)
33. Configuring the lx Branded Zone (Tasks)
34. About Installing, Booting, Halting, Cloning, and Uninstalling lx Branded Zones (Overview)
35. Installing, Booting, Halting, Uninstalling and Cloning lx Branded Zones (Tasks)
36. Logging In to lx Branded Zones (Tasks)
37. Moving and Migrating lx Branded Zones (Tasks)
38. Administering and Running Applications in lx Branded Zones (Tasks)
An exclusive-IP zone has its own IP-related state and tuning variables. The zone is assigned its own set of data-links when the zone is configured.
For information on features that can be used in an exclusive-IP non-global zone, see Solaris 10 8/07: Exclusive-IP Non-Global Zones. For information on tuning IP ndd variables, see Oracle Solaris Tunable Parameters Reference Manual.
Exclusive-IP zones have separate TCP/IP stacks, so the separation reaches down to the data-link layer. One or more data-link names, which can be a NIC or a VLAN on a NIC, are assigned to an exclusive-IP zone by the global administrator. The zone administrator can configure IP on those data-links with the same flexibility and options as in the global zone.
A data-link name must be assigned exclusively to a single zone.
The dladm show-link command can be used to display data-links assigned to running zones.
For more information, see dladm(1M)
There is no internal loopback of IP packets between exclusive-IP zones. All packets are sent down to the data-link. Typically, this means that the packets are sent out on a network interface. Then, devices like Ethernet switches or IP routers can forward the packets toward their destination, which might be a different zone on the same machine as the sender.
You have the same IP Filter functionality that you have in the global zone in an exclusive-IP zone. IP Filter is also configured the same way in exclusive-IP zones and the global zone.
IP network multipathing (IPMP) provides physical interface failure detection and transparent network access failover for a system with multiple interfaces on the same IP link. In addition to fault tolerance, IPMP also provides load spreading of packets for systems with multiple interfaces.
The data-link configuration is done in the global zone. First, multiple data-link interfaces are assigned to a zone using zonecfg. The multiple data-link interfaces must be attached to the same IP subnet. IPMP can then be configured from within the exclusive-IP zone by the zone administrator. Multiple IPMP groups can be assigned to a given exclusive-IP zone, but those IPMP groups cannot be shared with other zones.
|