JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
Oracle Solaris Administration: Oracle Solaris Zones, Oracle Solaris 10 Zones, and Resource Management     Oracle Solaris 11 Information Library
search filter icon
search icon

Document Information


Part I Oracle Solaris Resource Management

1.  Introduction to Resource Management

2.  Projects and Tasks (Overview)

3.  Administering Projects and Tasks

4.  Extended Accounting (Overview)

5.  Administering Extended Accounting (Tasks)

6.  Resource Controls (Overview)

7.  Administering Resource Controls (Tasks)

8.  Fair Share Scheduler (Overview)

9.  Administering the Fair Share Scheduler (Tasks)

10.  Physical Memory Control Using the Resource Capping Daemon (Overview)

11.  Administering the Resource Capping Daemon (Tasks)

12.  Resource Pools (Overview)

13.  Creating and Administering Resource Pools (Tasks)

14.  Resource Management Configuration Example

Part II Oracle Solaris Zones

15.  Introduction to Oracle Solaris Zones

16.  Non-Global Zone Configuration (Overview)

17.  Planning and Configuring Non-Global Zones (Tasks)

18.  About Installing, Shutting Down, Halting, Uninstalling, and Cloning Non-Global Zones (Overview)

19.  Installing, Booting, Shutting Down, Halting, Uninstalling, and Cloning Non-Global Zones (Tasks)

20.  Non-Global Zone Login (Overview)

21.  Logging In to Non-Global Zones (Tasks)

22.  About Zone Migrations and the zonep2vchk Tool

23.  Migrating Oracle Solaris Systems and Migrating Non-Global Zones (Tasks)

24.  About Automatic Installation and Packages on an Oracle Solaris 11 System With Zones Installed

25.  Oracle Solaris Zones Administration (Overview)

Global Zone Visibility and Access

Process ID Visibility in Zones

System Observability in Zones

Reporting Active Zone Statistics with the zonestat Utility

Non-Global Zone Node Name

Running an NFS Server in a Zone

File Systems and Non-Global Zones

The -o nosuid Option

Mounting File Systems in Zones

Unmounting File Systems in Zones

Security Restrictions and File System Behavior

Non-Global Zones as NFS Clients

Use of mknod Prohibited in a Zone

Traversing File Systems

Restriction on Accessing A Non-Global Zone From the Global Zone

Networking in Shared-IP Non-Global Zones

Shared-IP Zone Partitioning

Shared-IP Network Interfaces

IP Traffic Between Shared-IP Zones on the Same Machine

Oracle Solaris IP Filter in Shared-IP Zones

IP Network Multipathing in Shared-IP Zones

Networking in Exclusive-IP Non-Global Zones

Exclusive-IP Zone Partitioning

Exclusive-IP Data-Link Interfaces

IP Traffic Between Exclusive-IP Zones on the Same Machine

Oracle Solaris IP Filter in Exclusive-IP Zones

IP Network Multipathing in Exclusive-IP Zones

Device Use in Non-Global Zones

/dev and the /devices Namespace

Exclusive-Use Devices

Device Driver Administration

Utilities That Do Not Work or Are Modified in Non-Global Zones

Utilities That Do Not Work in Non-Global Zones

SPARC: Utility Modified for Use in a Non-Global Zone

Allowed Utilities With Security Implications

Running Applications in Non-Global Zones

Resource Controls Used in Non-Global Zones

Fair Share Scheduler on a System With Zones Installed

FSS Share Division in a Global or Non-Global Zone

Share Balance Between Zones

Extended Accounting on a System With Zones Installed

Privileges in a Non-Global Zone

Using IP Security Architecture in Zones

IP Security Architecture in Shared-IP Zones

IP Security Architecture in Exclusive-IP Zones

Using Oracle Solaris Auditing in Zones

Core Files in Zones

Running DTrace in a Non-Global Zone

About Backing Up an Oracle Solaris System With Zones Installed

Backing Up Loopback File System Directories

Backing Up Your System From the Global Zone

Backing Up Individual Non-Global Zones on Your System

Creating Oracle Solaris ZFS Backups

Determining What to Back Up in Non-Global Zones

Backing Up Application Data Only

General Database Backup Operations

Tape Backups

About Restoring Non-Global Zones

Commands Used on a System With Zones Installed

26.  Administering Oracle Solaris Zones (Tasks)

27.  Configuring and Administering Immutable Zones

28.  Troubleshooting Miscellaneous Oracle Solaris Zones Problems

Part III Oracle Solaris 10 Zones

29.  Introduction to Oracle Solaris 10 Zones

30.  Assessing an Oracle Solaris 10 System and Creating an Archive

31.  (Optional) Migrating an Oracle Solaris 10 native Non-Global Zone Into an Oracle Solaris 10 Zone

32.  Configuring the solaris10 Branded Zone

33.  Installing the solaris10 Branded Zone

34.  Booting a Zone, Logging in, and Zone Migration



Using IP Security Architecture in Zones

The Internet Protocol Security Architecture (IPsec), which provides IP datagram protection, is described in Chapter 14, IP Security Architecture (Overview), in Oracle Solaris Administration: IP Services. The Internet Key Exchange (IKE) protocol is used to manage the required keying material for authentication and encryption automatically.

For more information, see the ipsecconf(1M) and ipseckey(1M) man pages.

IP Security Architecture in Shared-IP Zones

IPsec can be used in the global zone. However, IPsec in a non-global zone cannot use IKE. Therefore, you must manage the IPsec keys and policy for the non-global zones by using the Internet Key Exchange (IKE) protocol in the global zone. Use the source address that corresponds to the non-global zone that you are configuring.

IP Security Architecture in Exclusive-IP Zones

IPsec can be used in exclusive-IP zones.