Mikael Kjerrman wrote:
>> From an isolation perspective are there any drawbacks from creating and
>> managing one zpool from the global zone and adding datasets to the local
>> zones. What comes to mind are the idea of not sharing anything between
>> the zones, I realise that we already share the network for instance, but
>> I just want to verify this about the datasets aswell.

When you say "not sharing anything between the zones" are you talking only 
about ZFS datasets which would be used for applications and data?

One drawback to sharing a pool among multiple zones is that you cannot export 
parts of a pool.  You must export the entire pool.  This might be important to 
you, but it might be irrelevant.

Someday you might want to move a zone to a different system. The limitation on 
exporting zpools means that you cannot simply export the dataset from the 
original system and import it on the new system.  For example, if you want to 
move a zone which uses a ZFS file system for its applications, you must use 
"zfs send" and "zfs receive" to accomplish your goal.

N.B.: with Solaris 10 update 4, more network isolation is being added to the 
zones framework. This will allow you to give a zone exclusive access to a NIC 
and allow the zone to control its own network connection.

Jeff VICTOR              Sun Microsystems            jeff.victor @ sun.com
OS Ambassador            Sr. Technical Specialist
Solaris 10 Zones FAQ:    http://www.opensolaris.org/os/community/zones/faq
zones-discuss mailing list

Reply via email to