By default, a non-global zone has the same characteristics as operating system in the global zone, which is running the Solaris 10 Operating System or later Solaris 10 release. These native non-global zones and the global zone share their conformance to standards, runtime behavior, command sets, and performance traits in common.
It is also possible to run a different operating environment inside of a non-global zone. The branded zone (BrandZ) framework extends the Solaris Zones infrastructure to include the creation of brands, or alternative sets of runtime behaviors. Brand can refer to a wide range of operating environments. For example, the non-global zone can emulate another version of the Solaris Operating System, or an operating environment such as Linux. Or, it might augment the native brand behaviors with additional characteristics or features. Every zone is configured with an associated brand.
The brand defines the operating environment that can be installed in the zone and determines how the system will behave within the zone so that the non-native software installed in the zone functions correctly. In addition, a zone's brand is used to identify the correct application type at application launch time. All branded zone management is performed through extensions to the native zones structure. Most administration procedures are identical for all zones.
You can change the brand of a zone in the configured state. Once a branded zone has been installed, the brand cannot be changed or removed.
BrandZ extends the zones tools in the following ways:
The zonecfg command is used to set a zone's brand type when the zone is configured.
The zoneadm command is used to report a zone's brand type as well as administer the zone.
Although you can configure and install branded zones on a Solaris Trusted Extensions system that has labels enabled, you cannot boot branded zones on this system configuration.
The following components available in a branded zone are defined by the brand.
The privileges.
Device support. A brand can choose to disallow the addition of any unsupported or unrecognized devices. Devices can be added to solaris8 non-global zones. See About Solaris 8 Branded Zones.
The file systems required for a branded zone are defined by the brand. You can add additional Solaris file systems to a branded zone by using the fs resource property of zonecfg.
Branded zones provide a set of interposition points in the kernel that are only applied to processes executing in a branded zone.
These points are found in such paths as the syscall path, the process loading path, and the thread creation path.
At each of these points, a brand can choose to supplement or replace the standard Solaris behavior.
A brand can also provide a plug-in library for librtld_db. The plug-in library allows Solaris tools such as the debugger, described in mdb(1), and DTrace, described in dtrace(1M), to access the symbol information of processes running inside a branded zone.