[OpenIndiana-discuss] plumbing for zones [was Re: CIFS performance issues]
James Carlson
carlsonj at workingcode.com
Fri Jan 27 14:22:20 UTC 2012
On 01/27/12 08:52, Open Indiana wrote:
> I'm very sorry to have misinformed you. I didn't check my remarks on a
> working system and I mixed up two things.
>
> Virtualbox will discover even an unplumbed device.
>
> It was the zones booting that I had in mind. On my solaris 10 server I need
> to plumb all interfaces that are used inside a zone on the global zone
> before the zone can use it.
Yes, that's a completely different mechanism. The issue there is that
with zones, there's only one kernel, and certain global operations (such
as plumbing) can take place only in the global zone, not in a non-global
zone.
Of course, the addition of exclusive IP stacks in one of the S10 patches
makes that distinction a bit muddier, but it still exists. For example,
you cannot install or load a kernel module inside a non-global zone.
There's no way for the kernel to find it there. And if you could do it,
then you could break the security model, so the limitation is a good thing.
--
James Carlson 42.703N 71.076W <carlsonj at workingcode.com>
More information about the OpenIndiana-discuss
mailing list