Get in the Zone

Solaris offers something that actually impressed me this week. The concept of a “zone” (or “container” they are having a branding issue) is a twist on the traditional virtual machine analogy. Lets take everyones favorite operating system Windows as an example to illustrate the differences between a “virtual machine” and a “zone”.

In a traditional virtual machine, the entire environment is replicated. So for Windows, this would be “C:” partition.  This would include the “Program Files”, and “Windows” directories, etc. Because everything is self contained, it is a fully functional copy of a Windows installation.  However, what if you have 5 virtual machines, or 500? Well, then you are looking at significant waste (beyond the fact that my example uses Windows). For the most part, the “Windows” directory isn’t going to change too much. Its just the core operating system files needed for operations. Its not really customized for each installation. So if its the same, why replicate it?

Solaris zones tackle just that – the “Windows” directory would be hosted and shared from the root zone. Basically, the container is just the user’s files (with a few exceptions). Whats more is applying updates propogate into the Solaris Zones (which can be good or bad) so all of the systems are up to date with minimal patching effort.

Of course, this example could never work with the Windows operating system because of technical, and political limitations, but for real operating systems, this is a cool concept – especially in the server arena. I read somewhere that the impact of running a Solaris zone is less than 1% of your system resources. The maximum number of zones per host is theoretically somewhere around 8,000 – actually results will be dependent on avaialble processing power, memory, and hard drive storage space.

So kudos Sun, for finally getting something right. Now lets talk about shipping Solaris with “dpkg” instead of “pkg-get”…



  1. “Zone” is just another name for a FreeBSD Jail [1]. Pretty much any Unix has some sort of facility for creating jails. Don’t be lulled into a false sense of security, though. Jails _can_ be broken.

    [1] —

    ** this is the third damn time I’ve typed this and hit submit **


  2. Ben Simpson says:

    “** this is the third damn time I’ve typed this and hit submit **” – What happened? Something on my end?

    Thanks for the Security heads up – if it can be built, it can be broken…


  3. I kept forgetting to type my email address. The form doesn’t indicate that it is required, and the javascript doesn’t prevent me from pressing submit if it isn’t present. After clicking submit the form is cleared, and you can’t use the back button to recover what you type.


Leave a Comment

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.