Solaris containers, am I thinking in the right way ?
807559Mar 16 2005 — edited Mar 20 2005Hi there,
I've downloaded Solaris 10 and so far I really like what I see. With all the exploits appearing on Linux (local root exploits in the kernel for example) I'm seriously considering to replace my Debian GNU/Linux environment with Solaris 10. Ofcourse this requires a lot of preperation, which is where I'm now. Slowly but steadily checking and comparing to make sure that Solaris can do everything I'm currently doing on Linux.
One of the reasons why I think Solaris is appealing are the so called 'containers'. I've already read some faqs which explain the procedure (like the 'partial root' setup where your main directories get "linked" from the root system) but I'm still not too sure what to make of all this.
Is this setup comparible with a chroot'ed environment or is this comparable (to a certain extend) with the UML (User Mode Linux) setup; where a copy of the Linux kernel runs in userspace, thus making it harder to gain access to the host system ? I know that the container shares the same kernel and memory, but what about the rest ?
Many websites compare the containers with the BSD Jails, but from what I have read on sun.com there still seem to be many differences.
So could someone shed a little more light on this subject or, even better, point me to some documentation which gives a little more detail than focussing on the broad basics ?
Thanks in advance!