On 04/20/10 03:24, Jorgen Lundman wrote:
I have heard many reports of people using more than 10 zones per system. I know of one production system with more than 200 zones. I created a lab system with 1,000 running zones:Solaris 10/OpenSolaris x86 Customer data on NFSv4 from x4540s. Researching various ways to setup a SSH cluster for customers, for full shell access (to compile, and crontab etc).But it would be "nicer" if I could somehow restrict what the customer sees of other customers. Ie, Privacy laws, and leaking customer information. So not really stopping customers from seeing and using the system-files, but rather each others' files, user-names (in 'ps', 'w', 'ls') and so on. Worse than that, sometimes there are 'admin-accounts', with a multiple 'sub-accounts' contained within (works great with FTP for example). Both the 'admin-account' and 'sub-accounts' have the same UID (so that quotas are shared). Would be especially nice if a login as a sub-account could only see its home directory, and not other sub-account's home-directories. But as it has the same UID, I do not see this as possible. I guess something like FreeBSD's jail might work, but I do not know the full extent on how resource heavy it is. Solaris do not have jails though, right? Solaris Zones is not a realistic options, with some 200-300 customers per server. (Solaris zones tend to handle 5-10 per server before becoming unusable). Part 1: http://blogs.sun.com/JeffV/entry/spawning_0_5kz_hr_part Part 2: http://blogs.sun.com/JeffV/entry/spawning_0_5kz_hr_part1 Part 3: http://blogs.sun.com/JeffV/entry/title_spawning_0_5kz_hr Please open a support call so that the problem you are having with zones can be investigated. Thanks, --JeffV --
| ||||
_______________________________________________ sysadmin-discuss mailing list sysadmin-discuss@opensolaris.org http://mail.opensolaris.org/mailman/listinfo/sysadmin-discuss
