1# <a name="solarisApplicationContainerConfiguration" />Solaris Application Container Configuration
2
3Solaris application containers can be configured using the following properties, all of the below properties have mappings to properties specified under [zonecfg(1M)][zonecfg.1m_2] man page, except milestone.
4
5## <a name="configSolarisMilestone" />milestone
6The SMF(Service Management Facility) FMRI which should go to "online" state before we start the desired process within the container.
7
8**`milestone`** *(string, OPTIONAL)*
9
10### Example
11```json
12"milestone": "svc:/milestone/container:default"
13```
14
15## <a name="configSolarisLimitpriv" />limitpriv
16The maximum set of privileges any process in this container can obtain.
17The property should consist of a comma-separated privilege set specification as described in [priv_str_to_set(3C)][priv-str-to-set.3c] man page for the respective release of Solaris.
18
19**`limitpriv`** *(string, OPTIONAL)*
20
21### Example
22```json
23"limitpriv": "default"
24```
25
26## <a name="configSolarisMaxShmMemory" />maxShmMemory
27The maximum amount of shared memory allowed for this application container.
28A scale (K, M, G, T) can be applied to the value for each of these numbers (for example, 1M is one megabyte).
29Mapped to `max-shm-memory` in [zonecfg(1M)][zonecfg.1m_2] man page.
30
31**`maxShmMemory`** *(string, OPTIONAL)*
32
33### Example
34```json
35"maxShmMemory": "512m"
36```
37
38## <a name="configSolarisCappedCpu" />cappedCPU
39Sets a limit on the amount of CPU time that can be used by a container.
40The unit used translates to the percentage of a single CPU that can be used by all user threads in a container, expressed as a fraction (for example, .75) or a mixed number (whole number and fraction, for example, 1.25).
41An ncpu value of 1 means 100% of a CPU, a value of 1.25 means 125%, .75 mean 75%, and so forth.
42When projects within a capped container have their own caps, the minimum value takes precedence.
43cappedCPU is mapped to `capped-cpu` in [zonecfg(1M)][zonecfg.1m_2] man page.
44
45* **`ncpus`** *(string, OPTIONAL)*
46
47### Example
48```json
49"cappedCPU": {
50 "ncpus": "8"
51}
52```
53
54## <a name="configSolarisCappedMemory" />cappedMemory
55The physical and swap caps on the memory that can be used by this application container.
56A scale (K, M, G, T) can be applied to the value for each of these numbers (for example, 1M is one megabyte).
57cappedMemory is mapped to `capped-memory` in [zonecfg(1M)][zonecfg.1m_2] man page.
58
59* **`physical`** *(string, OPTIONAL)*
60* **`swap`** *(string, OPTIONAL)*
61
62### Example
63```json
64"cappedMemory": {
65 "physical": "512m",
66 "swap": "512m"
67}
68```
69
70## <a name="configSolarisNetwork" />Network
71
72### <a name="configSolarisAutomaticNetwork" />Automatic Network (anet)
73anet is specified as an array that is used to set up networking for Solaris application containers.
74The anet resource represents the automatic creation of a network resource for an application container.
75The zones administration daemon, zoneadmd, is the primary process for managing the container's virtual platform.
76One of the daemon's responsibilities is creation and teardown of the networks for the container.
77For more information on the daemon see the [zoneadmd(1M)][zoneadmd.1m] man page.
78When such a container is started, a temporary VNIC(Virtual NIC) is automatically created for the container.
79The VNIC is deleted when the container is torn down.
80The following properties can be used to set up automatic networks.
81For additional information on properties, check the [zonecfg(1M)][zonecfg.1m_2] man page for the respective release of Solaris.
82
83* **`linkname`** *(string, OPTIONAL)* Specify a name for the automatically created VNIC datalink.
84* **`lowerLink`** *(string, OPTIONAL)* Specify the link over which the VNIC will be created.
85Mapped to `lower-link` in the [zonecfg(1M)][zonecfg.1m_2] man page.
86* **`allowedAddress`** *(string, OPTIONAL)* The set of IP addresses that the container can use might be constrained by specifying the `allowedAddress` property.
87 If `allowedAddress` has not been specified, then they can use any IP address on the associated physical interface for the network resource.
88 Otherwise, when `allowedAddress` is specified, the container cannot use IP addresses that are not in the `allowedAddress` list for the physical address.
89 Mapped to `allowed-address` in the [zonecfg(1M)][zonecfg.1m_2] man page.
90* **`configureAllowedAddress`** *(string, OPTIONAL)* If `configureAllowedAddress` is set to true, the addresses specified by `allowedAddress` are automatically configured on the interface each time the container starts.
91 When it is set to false, the `allowedAddress` will not be configured on container start.
92 Mapped to `configure-allowed-address` in the [zonecfg(1M)][zonecfg.1m_2] man page.
93* **`defrouter`** *(string, OPTIONAL)* The value for the OPTIONAL default router.
94* **`macAddress`** *(string, OPTIONAL)* Set the VNIC's MAC addresses based on the specified value or keyword.
95 If not a keyword, it is interpreted as a unicast MAC address.
96 For a list of the supported keywords please refer to the [zonecfg(1M)][zonecfg.1m_2] man page of the respective Solaris release.
97 Mapped to `mac-address` in the [zonecfg(1M)][zonecfg.1m_2] man page.
98* **`linkProtection`** *(string, OPTIONAL)* Enables one or more types of link protection using comma-separated values.
99 See the protection property in dladm(8) for supported values in respective release of Solaris.
100 Mapped to `link-protection` in the [zonecfg(1M)][zonecfg.1m_2] man page.
101
102#### Example
103```json
104"anet": [
105 {
106 "allowedAddress": "172.17.0.2/16",
107 "configureAllowedAddress": "true",
108 "defrouter": "172.17.0.1/16",
109 "linkProtection": "mac-nospoof, ip-nospoof",
110 "linkname": "net0",
111 "lowerLink": "net2",
112 "macAddress": "02:42:f8:52:c7:16"
113 }
114]
115```
116
117
118[priv-str-to-set.3c]: http://docs.oracle.com/cd/E86824_01/html/E54766/priv-str-to-set-3c.html
119[zoneadmd.1m]: http://docs.oracle.com/cd/E86824_01/html/E54764/zoneadmd-1m.html
120[zonecfg.1m_2]: http://docs.oracle.com/cd/E86824_01/html/E54764/zonecfg-1m.html
View as plain text