Solaris Operating System - Data Sheet

Skip to Content Java Solaris Communities About Sun How to Buy United States Worldwide

Solaris Containers - Optimizing Resource Utilization for Predictable Service Levels

With the escalating costs of managing vast networks of servers and software components, companies today are looking for new ways to reduce their IT infrastructure costs and better manage service levels. Consolidating multiple applications onto a single system means changing the way applications deployed. This can be a very expensive solution. And that's where virtualization and the Solaris Operating System come in.

PDF[101K]

Table of Contents

Key Highlights
Virtualization made easy
Increase resource utilization and deliver predictable service levels
Ensure application isolation and lower risk
Test and deploy applications — fast

Reduce costs and improve ROI
Integration — Solaris Containers built for the Solaris OS
New model — ease usability
Extended — do more than other OSes
Learn More

Key Highlights

Highlights

Dynamically move or replicate applications to fit the changes of the business

Lower administrative costs by safely combining multiple applications onto a single system

Reduce conflicts among applications running on the same system by isolating them from one another

Support Predictive Self-Healing to minimize fault propagation and unplanned downtime

Enhance security by preventing unauthorized access and unintended intrusions

Integrated with other groundbreaking Solaris 10 features — at no additional cost

Virtualization made easy

Solaris Containers and Logical Domains (LDoms) are part of Sun's comprehensive offering of virtualization technologies. Solaris Containers use virtualization to enable you to maintain the one-application-per-server deployment model, while at the same time sharing hardware resources. LDoms, in conjunction with the CoolThreads technology in Sun Fire UltraSPARC T1 servers, work at a systems virtualization level, allowing multiple operating systems to run simultaneously.

As an integral part of the Solaris 10 OS, Solaris Containers isolate software applications and services using flexible, software-defined boundaries. Solaris Containers represent a breakthrough approach to virtualization and software partitioning, allowing many private execution environments to be created within a single instance of the Solaris 10 OS. Each environment has its own identity, separate from the underlying hardware, so it behaves as if it's running on its own system — making consolidation simple, safe, and secure.

Because Solaris Containers are independent from the underlying hardware, application services can be re-created on other systems as needed. Each application runs in its own private environment — without dedicating new systems or operating systems — and many application resources can be tested and deployed on a single server without impacting one another. System and network resources can be allocated and controlled on a finegrained basis, helping to simplify computing infrastructures and improve resource utilization. As a result, you can better consolidate applications onto fewer servers without concern for resource constraints, fault propagation, or security breaches. That's service provisioning made simple.

Of course, the choice of which virtualization technologies to implement is not an exclusive decision. In fact, it is possible to gain the benefits of multiple technologies using a hybrid approach. For example it is possible to run Solaris Containers within a Logical Domain, giving you the flexibility of multiple OS versions with the scalability and performance of Solaris Containers.

Increase resource utilization and deliver predictable service levels

No two organizations have the same type of workload or employ system resources in the same manner. Regardless of how your datacenter is arranged, a vast amount of computing capacity often remains untapped. And while your users are continually searching for more computing resources to help solve problems, your systems can still be either underutilized or overwhelmed due to issues concerning resource allocation.

Server consolidation provides the opportunity to lower costs by reducing the hardware and system administration required to run applications; however, provisioning applications with the appropriate resources on a shared system can be tricky. Solaris Containers give you the ability to prioritize applications and control resource usage. Computing resources — CPUs, physical memory, network bandwidth, and more — can be dedicated to a single application, then shared with others in an instant, without moving applications or rebooting the system.

For example, a database, Web server, and batch application, each running on its own system, can be consolidated onto a single server configured to give each access to one-third of the available system resources. That same server can be automatically reconfigured so that the Web server receives 75 percent of network bandwidth during peak-load conditions. With the ability to dynamically allocate resources where they're needed most and the increased observability provided by DTrace integration, Solaris Containers help increase your resource utilization while ensuring that you're meeting your service-level agreements.

Ensure application isolation and lower risk

With Solaris Containers, your organization can gain control and establish isolation mechanisms to improve resource utilization. Each application can run in its own private environment, virtually eliminating error propagation, unauthorized access, and unintentional intrusions. Providing a fine granularity of control, Solaris Containers ensure that all workloads have access to an appropriate amount of computing resources — and that no workload is able to consume the entire system unless authorized to do so.

Because resources are isolated and dedicated to a Solaris Container and its applications rather than a complete system, highly efficient application consolidation is now possible. For example, Web servers typically listen to network port 80, which requires root privileges and presents a high security risk. To reduce this risk and run multiple Web servers per system, each Web server can run in a Solaris Container, listen to its own unique port 80, and have its own root user, operating in an isolated and secure manner.

Indeed, even a single service can benefit from the isolation that Solaris Containers provide. To continue with the Web server example, it is possible to use Solaris Containers to help address the common issue of Web server security and Web page defacement by separating Web server administration and Web page maintenance from each other.

Test and deploy applications — fast

Developing new applications and services, and getting them operational quickly, is critical. Solaris Containers speed the deployment of new applications.

With Solaris Containers, you can create environments on multiple systems and start them where they're needed. You can modify and test applications and services in one Solaris Container and later deploy them to an online area without impacting other users. You can test multiple deployment scenarios with ease. And your administrators can roll back to previous settings and configurations if needed. Because application testing no longer requires dedicated systems that sit idle most of the time, you spend less time — and money — getting services up and running.

With the migration features of Solaris Containers (attach, detach and clone), it is now possible to rapidly create, test, and deploy applications into a production environment. This not only reduces required downtime, but also puts in place, by default, a roll-back strategy. A developer can now create an application in a Container, harden it, and hand it off to the test team. The test engineer can test and verify the migrated Container before handing over to the production team. Finally, the production administrator can duplicate and introduce the verified, hardened Container into production. All this can be done more rapidly than in a traditional, nonvirtualized environment — and with minimum disruption.

Reduce costs and improve ROI

Maintaining flexibility and improving manageability are essential to effective cost-cutting strategies. Solaris Containers help you organize resources and gain a better understanding of how they're being used. With the ability to securely and dynamically manage and tune Solaris Containers, you can host multiple applications on one system and use expensive resources to greater effect. In addition, Solaris Containers gather workload-based usage data rather than system data, making it easier to more accurately charge for resources used. System-related administrative tasks are performed for the entire system instead of each application environment independently, saving time and money.

With Solaris Containers and the Solaris 10 OS, you can lower your costs, reduce downtime, and gain greater utilization of resources to improve ROI.

Integration — Solaris Containers built for the Solaris OS

Solaris Containers take advantage of other technologies built into the Solaris OS to make your environment even more cost effective and observable. The integration with ZFS, for example, allows multiple Solaris Containers to consume a minimal disk footprint by utilizing ZFS snapshots. The global administrator can also hand off ZFS disk sets to the Container administrator, for example, enabling them to create their own snapshots and clones.

In addition, by taking advantage of the observability provided by DTrace within a Container, application developers are able to probe their applications, enabling them to debug systemic problems that are typically difficult to diagnose using traditional debugging tools.

New model — ease usability

Solaris Containers enable you to more accurately re-create your physical system in the virtualized world by allowing simple, easyto-configure CPU and memory resource management together with a specific network configuration. This makes the definition of a Container easy and allows rapid definition and deployment of new Containers without the need to go through a time-consuming hardware purchase cycle.

An example of this flexibility is IP instances, which allow the option to dedicate a network port to a Container. The Container administrator now has control over the network port and can allow configuration within the Container of such things as IP address, routing table, and network device settings.

Extended — do more than other OSes

By using Solaris Containers, it is possible to extend the functionality of your containers, providing you with more choice and functionality by using Trusted Extensions or Solaris Containers for Linux Applications.

Take advantage of Trusted Extensions, an advanced security feature that implements labels to protect your data and applications based on their sensitivity level, not just on who owns or runs them. Credit card information, classified data, and personal records remain secure and can't be accessed by or written to unauthorized sources.

Solaris Containers for Linux Applications allow Linux applications to run unmodified on the Solaris 10 OS. This enables you to maximize consolidation of your IT environments by allowing Linux and Solaris software to coexist, increases flexibility by lowering the barrier to migrate, removes dependencies on unpredictable schedules and source code availability, and boosts cross-platform development by extending the observability features of the Solaris 10 OS to the Linux platform.