[dundee] Follow up from last night - Solaris+

Owen Bowers Adams owen at obowersa.net
Fri Sep 13 09:54:26 UTC 2013 

Hey guys,

I had a couple of questions last night which I just wanted to get back to
people on.

Firstly, the slides can be found here:

https://docs.google.com/presentation/d/1Bxs1f0YAANlK_FJJEWrLP9iU0dJOd05OvH5bqTuDWkU/edit?usp=sharing


To try and answer the questions in order,

-------------------------------------
Can you run a ubuntu/etc image under a non debian based distribution?:

Yes. The important part isn't the Host OS, but the host kernel. The
containers will share their base kernel with the host (sort of. SysCalls
are issued to the actual host to fulfil) but the operating system files can
be of any distribution you want.

--------------------------------------
How do Solaris Zones work ?:

This one I really should have been able to answer, but my brain decided to
abandon me.

Conceptually Zones(or Containers) are the same as the
LXC/CGroups/Namespaces combination.

The devil is in the details.

The big differences are the following,

- All Solaris 10+ systems implement at least one zone ( the Global Zone)

- Technically you have 3...sort of 4..types of zones.
Global Zone. This can see all processes running in the sub zones.
Non-Global zones. These are similar in how they operate to Linux Containers.
Branded Zones, these come it two types but in essence they are used to
enable the Zone to behave in a different way to the host kernel.
-- Non SysCall Translation Branded Zones (Joyent's zones are an
implemention of this)
-- SysCall translated zones. Best example is s10brand zone which enables
running of Solaris 10 code in opensolaris etc

- Doesnt use namespaces/cgroups.
This ones a little bit of a hard one to conceptualize. Everything in
solaris 10 and above is run in a zone. Even if you don't do any further
configuration you by default have one global zone which everything runs
under.

Due to this you don't have something such as namespaces/cgroups (which are
ultimately bolt on's to the Linux kernel to enable it to support stuff like
containers.) There isn't anything you can point and and say 'Here..this bit
here was added to support x'

---------------------------------------

Hopefully this helps!

Regards,

Owen
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.lug.org.uk/pipermail/dundee/attachments/20130913/abc64dc7/attachment.html>

More information about the dundee mailing list