Consolidating Applications With Solaris Containers
Title : Consolidating Applications with Solaris ContainersAuthor : Vaishal GariwalaEmail : email@example.comEnvironment : Solaris 10 Operating EnvironmentKeywords : Virtualization and ConsolidationLevel : IntermediateDescription : This article explains the basics about virtualization on Solaris 10 and how Solaris Containers work.Solaris Containers: OverviewSolaris Containers Suns operating system virtualization technique consists of severaltechnologies that work together to foster improved resource management and isolate theenvironment from the underlying OS. With Solaris Containers, organizations can determine howto allocate resources among applications and services, and ensure they do not interfere with oneanother. In other words a Solaris Container is a complete runtime environment for applications.Solaris 10 Resource Manager and Solaris Zones software partitioning technology are both partsof the container. These components address different qualities the container can deliver and worktogether to create a complete container. The zones portion of the container provides a virtualmapping from the application to the platform resources. Zones allow application components tobe isolated from one another even though the zones share a single instance of the SolarisOperating System. Resource management features permit you to allocate the quantity ofresources that a workload receives. The container establishes boundaries for resourceconsumption, such as CPU. These boundaries can be expanded to adapt to changing processingrequirements of the application running in the container.
Solaris ZonesAs part of the consolidation effort, it is important to evaluate the needs of the applications that willshare the consolidated system. In this example, the email server and Web server applicationsneed to run in isolated environments that make it appear as if they are running on physicallyseparate machines. This is made possible by a Solaris Container technology called SolarisZones, which provides separate environments on a machine and logically isolates applicationsfrom one another. Each application receives a dedicated namespace in which to run, and cannotsee, monitor, or affect applications running in another zone. See the figure below:In the figure above all the three applications have there own Solaris Zone.Dynamic Resource PoolsIn the above mentioned example there are two types of applications, one that needs a fullydedicated CPU an email server, and another that is more flexible and can share CPUs the twoWeb servers. To accomplish these different levels of isolation we use a Solaris Containertechnology called Dynamic Resource Pools that enables CPU resources to be dedicated tospecific applications. In this example, the email server needs a separate resource pool, while theWeb servers can share another. As can be seen in figure below, we give one CPU to resourcepool 1 and three CPUs to resource pool 2.In the figure email server has resource pool 1 and the Web Servers are sharing resourcepool 2.
Fair Share SchedulerWhile the two Web servers are capable of sharing the remaining CPUs on the system, they eachneed a minimum guarantee of CPU resources that will be available to them. This is madepossible by another Solaris Container technology called the Fair Share Scheduler (FSS). Thissoftware enables CPU resources to be allocated proportionally to applications. That is, eachapplication gets assigned a number of the available shares of the total CPU.Of the five available shares, Web server 1 gets three, and Web server 2 gets two.Using all these Solaris Container technologies on the new server creates an environment like thatshown in figure below. Now the system includes three Containers: one with dedicated CPUresources and two others shares CPU resources.Figure above shows a Container with a zone on a dedicated resource pool, and two Containerseach with a zone on a shared pool with shares.
Two Types of ZonesAll systems that run Solaris 10 contain a master zone, called the global zone. The global zone isthe original Solaris OS instance. It has access to the physical hardware and can control allprocesses. It also has the authority to create and control new zones, called non-global zones, inwhich applications run. Non-global zones do not run inside the global zone they run along sideit yet the global zone can look inside non-global zones to see how they are configured, monitor,and control them. Like the other zones, this global zone is also associated with a resource pool.In our example this is resource pool 2. In this case, it shares CPU resources with the Webservers. When the Fair Share Scheduler is enabled, the global zone defaults to one share.Figure above shows the full example with all the resource pools and zones.Advantages: · Multiple isolated pools o Security o Resource Management · Comprehensive consolidation facility integrated as a core component of a mainstream OS o Portability to multiple platforms · Lower Administration o Manageable, observable o Reduces administration work o Delegation of container management · Low computational overhead · No additional hardware, licensing or support fees · Support multiple, isolated application environments in one OS instance o Achieves isolation, manageability, reduces cost · Software based solution o Achieves portability and simplicity · Do not require application changes or recompilation
Disadvantages: · No file system sharing o A Non-global Solaris Zone cannot be an NFS server, though they can establish NFS client connections to already running NFS servers.