System Administration Guide: Virtualization Using the Solaris Operating System

Branded Zones Technology

The Solaris Zones infrastructure is documented in this manual in Part II, Zones. By default, a non-global zone has the same characteristics as operating system in the global zone, which is running the Solaris 10 Operating System or later Solaris 10 release. These native non-global zones and the global zone share their conformance to standards, runtime behavior, command sets, and performance traits in common. The branded zone (BrandZ) framework extends the zones infrastructure to include the creation of brands, or alternative sets of runtime behaviors. The term brand can refer to a wide range of operating environments. For example, the non-global zone can emulate another version of the Solaris Operating System, or an operating environment such as Linux. Or, it might augment the native brand behaviors with additional characteristics or features. Every zone is configured with an associated brand.

A brand can provide a simple or a complex environment. For example, a simple environment could replace the standard Solaris utilities with their GNU equivalents. A complex environment could provide a complete Linux user space which supports the execution of Linux applications.

The brand defines the operating environment that can be installed in the zone and determines how the system will behave within the zone so that the non-native software installed in the zone functions correctly. In addition, a zone's brand is used to identify the correct application type at application launch time. All branded zone management is performed through extensions to the native zones structure. Most administration procedures are identical for all zones.

You can change the brand of a zone in the configured state. Once a branded zone has been installed, the brand cannot be changed or removed.

BrandZ extends the zones tools in the following ways:

Note –

You can change the brand of a zone in the configured state. Once a branded zone has been installed, that brand cannot be changed or removed.

Processes Running in a Branded Zone

Branded zones provide a set of interposition points in the kernel that are only applied to processes executing in a branded zone.

A brand can also provide a plug-in library for librtld_db. The plug-in library allows Solaris tools such as the debugger, described in mdb(1), and DTrace, described in dtrace(1M), to access the symbol information of processes running inside a branded zone.

Branded Zone Device Support

The devices supported by each zone are documented in the man pages and other documentation for that brand. Device support is defined by the brand. A brand can choose to disallow the addition of any unsupported or unrecognized devices.

Branded Zone File System Support

The file systems required for a branded zone are defined by the brand.

Privileges in a Branded Zone

The privileges available in a branded zone are defined by the brand. For more information about privileges, see Privileges in a Non-Global Zone and Configurable Privileges in an lx Branded Zone.