This is a research paper I wrote for my Operating systems class.
Solaris Zones OverrviewScott Mink - April 2, 2005
The ability to partition a server into multiple virtual machines can be useful for many tasks. For example, a company can create multiple virtual machines to allow different business units to share a single server, a development team can create multiple test environments on a single machine, or a web hosting company can create separate virtual machines for each of their customers for increased security while sharing servers. Among the benefits are the decreased cost of hosting multiple applications on a single machine instead of purchasing separate machines and increasing security by preventing users from accessing files outside of their partition.
In large corporations, a huge cost savings can be realized by consolidating multiple business unit servers onto a single machine. In many companies, business units maintain separate servers for their applications, and frequently these servers are underutilized. By moving these applications to virtual machines a company can purchase fewer machines and save money not only on hardware, but software licensing, power consumption, and maintenance costs.
For web hosting companies the main benefit of virtual machines is security. Traditionally, many hosting companies have configured their web servers to serve the files in their customers' home directory. The customers' login accounts do not have the ability to access each other's files; however the account the httpd service runs as has the ability to read from and write to the files of all users. It is fairly easy for any of the users to create a web application that would access other users' files, since when the web application runs it would have the privileges of the httpd daemon. By using virtual servers each customer could have a copy of the httpd daemon that only has access to their own files.
The common method for creating virtual machines is to use a product such as VMWare or Microsoft's Virtual Server, which emulate the hardware of a separate computer. Using these products allows for multiple copies of an operating system, or even multiple operating systems, to be installed and running on a single machine. Each instance of an operating system runs independently from the others just as it would if it was on its own dedicated machine. The drawback is that each operating system needs the same system resources it would need if it was running on a separate computer, so there is a fairly low limit to the number of virtual machines that can be running at once.
Sun Microsystems' latest version of their Solaris operating system, Solaris 10, includes a new way of partitioning a single system into multiple virtual machines, which are called zones. Unlike the other methods of creating virtual machines, zones run within a single instance of the Solaris operating system. That is, while other methods simulate separate hardware and run complete copies of the operating system, zones creates separate and independence user environments within a single copy of the operating system. Each zone is a virtual instance of Solaris, and can be assigned its own file system, hardware resources, and IP address. Processes running within a zone cannot access any resources outside of their zone. To the user who is logged into a zone, it appears to be a standalone machine. A user with super-user rights to a zone cannot modify settings outside of their virtual machine, and zones can be rebooted independently. Using zones requires less overhead, so it is possible to run many more virtual machines using this method compared to the others, however; the drawback is that all of the machines have to be running Solaris 10. An additional benefit is that whenever it is necessary to install system patches or updates, they only need to be installed in the global zone. Since the virtual machines share the system files they will automatically use the new versions of the files once they are installed.
Overview of zonesThe global zone is the base Solaris operating system installed on a machine, and is the zone used for system wide control. The administrator of the global zone can create non-global zones, which are virtual machines. Each non-global zone can be administrated separately by the administrator of that zone, as if it was a separate machine. With the default settings, a non-global zone has read only access to the global zone's /usr, /lib, /sbin, and /platform directories, and creates new versions of the other directories that are normally found in the root of a Unix file system, such as /etc and /var, in the zone's file system (Gregg). A freshly created zone configured in this manner will require about 60 Mb of disk space for the files that are created in its file system. The zone file system can also be customized to include its own copies of the system files instead of using the global zone versions, if necessary. Configuring a zone to use its own copy of the files can increase its size to around 3 Gb (Gregg).
With a normal Unix installation the init process is started only once, immediately after the kernel starts, and runs for the entire time the system is running. The init process is responsible for initializing the system and launching whatever processes the system needs to be functional (YoLinux). With zones, each virtual machine has its own init process which manages all of the processes needed to create a complete functional machine; however the zone's init process uses the root of the zone's file system instead of the root of the drive. Each zone runs as a separate instance of the operating system, but only a single instance of the kernel runs. Additionally, when multiple zones run instances of the shared files each zone runs a separate process, but the file is only loaded into memory once, reducing the memory requirements (Price).
Managing CPU resourcesSeveral options are available for allocating CPU resources for the zones. In general, the physical processors are assigned to CPU pools and the CPU pools are assigned to either a zone or multiple zones (Price). The simplest scenario to understand is to assign a fixed number of processors to the zones. A system with two zones and four processors to assign could be configured so each zone was assigned two processors. This way each zone would always have the same amount of CPU resources available to it, regardless of what was running in the other zone. The drawback of this method is that there is no opportunity to share resources (Gregg). If one zone is using all of its available CPU time and the other is mostly idle the extra CPU time is not transferred to the zone that could use it. One reason this method might be used is licensing. For example, to run an application provided by a vendor who charges based on the number of CPUs it is running on.
A second option for assigning CPU resources is to use minimum and maximum settings. The same example system with two zones and four free processors could be configured with each zone being assigned a minimum of one and a maximum of three processors. In this configuration each zone would always be guaranteed the full resources of one processor, but would share the additional CPU time with each other.
Another option is to use the Fair Share Scheduler, or FSS. The FSS allows for each zone to be assigned a numerical share value to signify its importance. As long as the CPUs are not fully utilized each zone gets whatever CPU time it needs. When the need for CPU time increases the decisions on which zones get priority are based on the share values assigned to each zone. The FSS also allows for setting minimum and maximum values. This option is the only one that can be used if the number of zones is greater than the number of processors in a system.
Managing memoryManaging memory assignments for the zones is a little different than managing processors. Memory is managed by the global zone, or the host version of Solaris that the other zones are running under. A benefit of this is that commonly used executables and libraries can be loaded into memory once and shared amongst the zones, saving considerable memory (Price). The ability to limit the memory available to zones is not specifically build into the partitioning software, however; the Solaris resource cap daemon, rcapd, can be used to limit the amount of memory each zone can use. When a process reaches its memory limit the rcapd daemon will force it to send pages to the swap device.
Managing disk spaceLike memory, the tools required to limit the amount of disk space a zone can use are not specifically included in the partitioning software. Instead, other techniques are used to achieve the same goal.
A zone can be assigned a dedicated volume, disk, or slice. A slice is the Solaris equivalent of a partition in Windows or Linux drive. This will allow the zone to grow until it reaches the capacity of the slice, but it also prevents the space from being used by other zones if it is not used. Additionally, there are a limited number of slices, so using slices limits the number of zones that can be configured on a machine.
Solaris 10 includes a new file system called Zetabyte File System, or ZFS. Using ZFS quotas is a second method for managing the available disk space allowed for each zone, and allows for setting both maximum size and reserved size (Gregg). One particular feature of this method is that the sum of their maximum sizes of the zones on a disk can exceed the capacity of the disk. The idea is that most zones won't actually use all of the space that is reserved for them, but the quota is to prevent a small number of zones from expanding to consume the entire disk. The reserved size is guaranteed for the zone, so the sum of the reserved sizes cannot exceed the capacity of the disk.
ConclusionFor most uses, the new partitioning features in Solaris 10 are a great improvement to the old methods of creating virtual machines. The resources needed are drastically reduced by only having a single instance of the operating system running, and the ability to share memory and CPU time between virtual machines allows for very efficient use of the hardware compared to the other techniques.
Gregg, B. (2005). Documentation: Zones. Retrieved April 1, 2005, from http://users.tpg.com.au/adsln4yb/zones.html
Price, D. & Tucker, A. (2004). Solaris zones: Operating system support for consolidating commercial workloads. Retrieved April 1, 2005, from http://www.sun.com/bigadmin/content/zones/zones_lisa.pdf.
YoLinux (n.d.) Linux Init Process / PC Boot Procedure. Retrieved April 1, 2005, from http://www.yolinux.com/TUTORIALS/LinuxTutorialInitProcess.html