Oracle Solaris Zones (Overview)
The Oracle Solaris Zones partitioning technology is used to virtualize operating system services
and provide an isolated and secure environment for running applications. A non-global zone is
a virtualized operating system environment created within a single instance of the Oracle
Solaris OS. When you create a non-global zone, you produce an application execution
environment in which processes are isolated from the rest of the system. This
isolation prevents processes that are running in one non-global zone from monitoring or
affecting processes that are running in other non-global zones. Even a process running
with superuser credentials cannot view or affect activity in other zones. A
non-global zone also provides an abstract layer that separates applications from the physical
attributes of the machine on which they are deployed. Examples of these attributes
include physical device paths.
Every Oracle Solaris system contains a global zone. The global zone has a
dual function. The global zone is both the default zone for the system
and the zone used for system-wide administrative control. All processes run in the
global zone if no non-global zones are created by the global administrator.
The global zone is the only zone from which a non-global zone can
be configured, installed, managed, or uninstalled. Only the global zone is bootable from
the system hardware. Administration of the system infrastructure, such as physical devices, routing,
or dynamic reconfiguration (DR), is only possible in the global zone. Appropriately privileged processes
running in the global zone can access objects associated with the non-global zones.