About Oracle Solaris Kernel Zones

An Oracle Solaris Kernel Zone, also called a solaris-kz zone, is a non-global zone that has its own kernel and operating system that are separate from the global zone. The separate kernel and OS installation provide for greater independence and enhanced security of operating system instances and applications.

The administrative and structural content of a kernel zone is entirely independent of the global zone. For example, a kernel zone does not share software packaging with the global zone, or kernel zone host. Package updates on the kernel zone host are not linked images and do not affect kernel zones. Similarly, packaging commands such as pkg update are fully functional from inside a kernel zone. For more information, see Options That Operate on Non-Global Zones in Updating Systems and Adding Software in Oracle Solaris 11.4.

System processes are handled in the kernel zone's separate process ID table and are not shared with the global zone. Resource management in kernel zones is also different. Resource controls such as max-processes are not available when configuring a kernel zone.

The zoneadm rename command is not supported for kernel zones in the installed state. You can only change the name of a kernel zone by using the zonecfg command when the kernel zone is in the configured or unavailable state.

Use the existing zlogin, zonecfg, and zoneadm commands to manage and to administer kernel zones on the global zone.

Kernel zones are part of the branded zones framework. For more information, see the brands(7) man page.

See Chapter 1, Oracle Solaris Zones Introduction in Introduction to Oracle Solaris Zones for additional overview of kernel zones concepts.

Caution:

On an Oracle Solaris x86 system, do not run Oracle VM VirtualBox and Oracle Solaris Kernel Zones at the same time.