[Lxc-users] Linux Containers vs Solaris Zones
Daniel Lezcano
daniel.lezcano at free.fr
Tue Nov 15 20:50:16 UTC 2011
On 11/15/2011 10:14 AM, bruce bushby wrote:
> Hello
>
> I'm hoping someone on the list could answer a couple of questions. I
> believe Linux Containers are the perfect answer to some of the issues
> I have at work but wanted to confirm some technical bits before
> formally submitting any designs. I have worked with Solaris Zones in
> the past.
Hi Bruce,
the lxc is an userspace component which integrate the different kernel
functionalities in order to create an object called a "container" which
is similar to the Solaris Zones.
The lxc is configurable, so some parts can be isolated or not depending
of what you want, eg. share the file system or the network stack.
> The questions:
> Does each "Linux Container" have it's own "network stack"?
> If so, how independent is the stack....ie could each container have a
> different routing table?
The network stack isolation/virtualization acts at the layer 2, so if
you configure the container to have its own network stack (which is done
in three lines), you will have a full new network stack for the
container with network devices, iptables, raw sockets, routing ...
allowing to keep the system network script unchanged for your container.
> Does the "Linux Container" share the rpmdb of the "physical host" ....
> or can each lxc have it's own rpmdb?
Again, that depends of your configuration. You can share the file system
with the host or use an image file, a block device or a directory as a
rootfs. You can also make the container to have its own rootfs but bind
mount system directories to the rootfs, etc ...
It is all configurable.
So the short answer is you can choose to share the rpmdb or not.
> Does the "Linux Container" share passwd/shadow/pam authentication of
> the physical host?
Idem.
> How does the "Linux Container" handle network cards/MAC addresses?
If you don't specify one, the kernel will randomly generate on mac
address for you.
This default behavior works in most of the cases but with some corner
cases in a bridge configuration.
> I noticed my RHN Satellite RHEL 6.1 channel doesn't contain the lxc
> rpm, anybody running containers on RHEL 6.1.
Yes, as far as I know, redhat is the only distro without lxc. A fedora
package is available, which could be changed to EPEL [1]. Any volunteer ? :)
[1] http://fedoraproject.org/wiki/EPEL
I hope you got your answers :)
Thanks
-- Daniel
More information about the lxc-users
mailing list