If you have just arrived at this page, then you might want to start with Solaris 10 zones: a working example and Solaris 10 zones: resource types posts. Today I’ll tell you about root filesystem models for non-global zones in Solaris.
Two filesystem models in Solaris 10 zones
As you probably know, there are two such models in Solaris 10: sparse root and whole root. The former approach means that the newly created non-global zone’s root filesystem will only partially consist of actually copied into it packages and files, the rest will be inherited from the global zone. Such a model needs approximately 100Mb of disk space per zone, which is obviously much less than a full Solaris 10 installation, which happens in a case of a whole root approach. I’ve already mentioned this earlier.
By default, there are four directories of your global zone’s root filesystem which are accessible to a non-global zone via sparse root model: /lib, /platform, /sbin and /usr.
If a non-global zone is created with at least one resource of inherit-pkg-dir type, such a zone is said to be a sparse root one.
If you look at the zone’s description, you can easily see how exactly such an access is configured:
solaris# zonecfg -z zone1 export ... add inherit-pkg-dir set dir=/lib end add inherit-pkg-dir set dir=/platform end add inherit-pkg-dir set dir=/sbin end add inherit-pkg-dir set dir=/usr end ...
Remember: resources of this type can only be created when a zone is in a configured state, in other words – when it’s set up, but no Solaris 10 installation copied any packages into it just yet. Thus, if you decide to alter these resources for an existing zone, you’re going to have to uninstall it first (by doing something like zonecfg -z zone1 uninstall).
Just to sum it all up: if a non-global zone doesn’t have any inherit-pkg-dir resources, such a zone is said to be a whole root one, since all of the Solaris 10 packages are properly and fully copied into it. Such a mode takes up much more space, but you gain a great deal of flexibility – inside such a zone you can easily remove any files and packages, which isn’t always possible within a zone with inherit-pkg-dir resources.
A sparse root model does the following: when installing Solaris 10 into your non-global zone, only the most necessary files are copied – the ones from packages where SUNW_PKGTYPE parameter is set to root. All the rest packages won’t be installed into the non-global zone, and later files from these packages will be accessible from withing the zone via loopback filesystems (lofs) in a read-only mode. Imagine how much space is saved with such an approach!
If you don’t know anything about lofs, please read man lofs, and most things will probably clear up 😉
As an example, do the following:
solaris# mkdir /var/tmp/hey solaris# mount -F lofs -o ro /usr /var/tmp/hey
Now, if you cd into /var/tmp/hey and try to create or remove any file, you won’t be able to, simply because /var/tmp/hey is a read-only mounted filesystem view of a /usr directory.