Solaris Containers - PowerPoint PPT Presentation

About This Presentation
Title:

Solaris Containers

Description:

Solaris Containers Research Design Team Leading The Way Agenda Containers and the TCO game Solaris Resource Management Solaris Zones Solaris 10 benefits Potential ... – PowerPoint PPT presentation

Number of Views:6
Avg rating:3.0/5.0
Slides: 18
Provided by: RobinM57
Category:

less

Transcript and Presenter's Notes

Title: Solaris Containers


1
Solaris Containers
  • Research Design Team
  • Leading The Way

2
Agenda
  • Containers and the TCO game
  • Solaris Resource Management
  • Solaris Zones
  • Solaris 10 benefits
  • Potential Usage

3
Consolidation and the TCO shell game
  • Consolidate
  • What constitutes consolidation?
  • Factors to consider
  • Work Smarter..

4
Solaris Containers
  • Build customized, isolated containerseach with
    their own IP address, file system, users, and
    assigned resourcesto safely and easily
    consolidate systems
  • Guarantee sufficient CPU and memory resource
    allocation to applications while retaining the
    ability to use idle resources as needed
  • Reserve and allocate a specific CPU or group of
    CPUs for the exclusive use of the container
  • Automatically recover from potentially
    catastrophic system problems by leveraging the
    combined functionality of Predictive Self Healing
    and Solaris Containers

5
Solaris Resource Management
  • All features are included in Solaris
  • Fair Share scheduler
  • Controls allocation of CPU
  • Meet application SLA
  • Real time allocation based on what else is
    running
  • Dynamic Resource Pools
  • Extended Accounting

6
In the Zone.
  • Virtualized O/S layer
  • File System
  • Network Processes
  • Devices
  • Privacy - cant see other zones on same host
  • Security Cant affect activity outside zone
  • Failure Isolation application failure in one
    zone does not affect other zones

7
Failure Isolation
  • Each process is associated with one zone
  • From within a zone, only processes in the same
    zone can be seen or affected
  • root in a zone has authority for that zone
    only!

8
Security
  • Each zone has a security boundary
  • Processes running in a zone are unable to affect
    activity in the global zone or other zones
  • A compromised zone can not escalate its
    privileges

9
File Systems
  • Each zone is allocated its own root /
  • File systems can be inherited in read-only,
    copied into zone, mounted read-write
  • /usr, /lib /sbin and /platform are read-only
  • /etc and /opt are copied into zones
  • Sections of a file system can be mounted into one
    or more zones (read-only)

10
Patch and Package ManagementNetwork and Identity
  • Global system admin can administer software on
    every zone
  • Global zones use Solaris packaging and patch
    tools
  • Each zone has its own identity
  • Node name, RPC domain name, time zone,
  • Separate /etc/passwd
  • Private IP addresses

11
  • Only one TCP/IP stack per kernel
  • Each zone is shielded from stack specifics
  • Each zone is prohibited from view of other zones
    traffic
  • Each zone has its own logical network interfaces

12
Global Zone
  • Is assigned ID 0 by the system
  • Provides the single instance of the Solaris
    kernel that is bootable and running on the system
  • Contains a complete installation of the Solaris
    system packages
  • Can contain additional software packages or
    additional software, directories, files, and
    other data not installed through packages
  • Provides a complete and consistent product
    database that contains information about all
    software components installed in the global zone
  • Holds configuration information specific to the
    global zone only, such as the global zone host
    name and file system table
  • Is the only zone that is aware of all devices and
    all file systems
  • Is the only zone with knowledge of non-global
    zone existence and configuration
  • Is the only zone from which a non-global zone can
    be configured, installed, managed, or uninstalled

13
Non-global or Local zone
  • Is assigned a zone ID by the system when the zone
    is booted
  • Shares operation under the Solaris kernel booted
    from the global zone
  • Contains an installed subset of the complete
    Solaris Operating System software packages
  • Contains Solaris software packages shared from
    the global zone
  • Can contain additional installed software
    packages not shared from the global zone
  • Can contain additional software, directories,
    files, and other data created on the non-global
    zone that are not installed through packages or
    shared from the global zone
  • Has a complete and consistent product database
    that contains information about all software
    components installed on the zone
  • Is not aware of the existence of any other zones
  • Cannot install, manage, or uninstall other zones,
    including itself
  • Has configuration information specific to that
    non-global zone only

14
Solaris 10 Benefits
  • Dynamic Tracing (DTrace)
  • Predictive Self Healing
  • Services
  • The Least Privilege Model
  • Linux Application Environment (allow users on x86
    systems to take existing, unmodified Linux
    binaries and run them on the Solaris platform )

15
UPS futures
  • Limit/reduce overall TCO
  • Consolidate and reduce O/S images to maintain
  • Reduced number of server footprints
  • Use of commodity hardware
  • Increased flexibility
  • Reduce time to market

16
Possible applications?
  • MRS lab simultaneous training on new products
    and features.
  • Build environments for POC efforts quickly
  • Horizontally scaled applications

17
QA
Write a Comment
User Comments (0)
About PowerShow.com