Two-level service model in operating system partitions

US 7,526,774 B1
Filed: 01/20/2004
Issued: 04/28/2009
Est. Priority Date: 05/09/2003
Status: Active Grant

First Claim

Patent Images

1. A machine-implemented method, comprising:

establishing, within a global operating system environment provided by an operating system (OS) kernel, a first non-global zone which serves as a first virtual platform for supporting and isolating user processes, wherein the first non-global zone is a separate and distinct OS partition of the global operating system environment having a first zone identifier associated therewith, and wherein the first non-global zone is established and exists without requiring any user processes to be running therein;

establishing, within the global operating system environment, a second non-global zone which serves as a second virtual platform for supporting and isolating user processes, wherein the second non-global zone is a separate and distinct OS partition of the global operating system environment having a second zone identifier associated therewith, and wherein the second non-global zone is established and exists without requiring any user processes to be running therein;

executing a first set of one or more user processes within the first non-global zone;

executing a second set of one or more user processes within the second non-global zone; and

isolating the first set of one or more user processes within the first non-global zone and the second set of one or more user processes within the second non-global zone such that the first set of one or more user processes cannot access processes in the second non-global zone and the second set of one or more user processes cannot access processes in the first non-global zone;

wherein the first and second non-global zones are established by the OS kernel, and wherein the OS kernel enforces zone boundaries to isolate the first set of one or more user processes within the first non-global zone and the second set of one or more user processes within the second non-global zone.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention provides, in one embodiment, a multi-level service model operating system environment that may be partitioned into a global zone and one or more non-global zones to isolate processes from processes executing in association with other non-global zones under control of a single kernel instance. In one embodiment, the multi-level service model includes a virtual platform layer and an application layer. The virtual platform layer may include services and resources for supporting the zones, which can be made accessible to the zones in the form of a virtual platform. The application layer may comprise the non-global zones, including an application environment for maintaining a runtime state for the zone'"'"'s processes and any zone-constructed objects, such as network connections and shared memory segments. In one embodiment, control and management of non-global zones can be provided by a system of states and transitions.

120 Citations

View as Search Results

27 Claims

1. A machine-implemented method, comprising:
- establishing, within a global operating system environment provided by an operating system (OS) kernel, a first non-global zone which serves as a first virtual platform for supporting and isolating user processes, wherein the first non-global zone is a separate and distinct OS partition of the global operating system environment having a first zone identifier associated therewith, and wherein the first non-global zone is established and exists without requiring any user processes to be running therein;
  
  establishing, within the global operating system environment, a second non-global zone which serves as a second virtual platform for supporting and isolating user processes, wherein the second non-global zone is a separate and distinct OS partition of the global operating system environment having a second zone identifier associated therewith, and wherein the second non-global zone is established and exists without requiring any user processes to be running therein;
  
  executing a first set of one or more user processes within the first non-global zone;
  
  executing a second set of one or more user processes within the second non-global zone; and
  
  isolating the first set of one or more user processes within the first non-global zone and the second set of one or more user processes within the second non-global zone such that the first set of one or more user processes cannot access processes in the second non-global zone and the second set of one or more user processes cannot access processes in the first non-global zone;
  
  wherein the first and second non-global zones are established by the OS kernel, and wherein the OS kernel enforces zone boundaries to isolate the first set of one or more user processes within the first non-global zone and the second set of one or more user processes within the second non-global zone.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, wherein the OS kernel provides services that are invoked by the first set of one or more user processes, and wherein the services are invoked by the first set of one or more user processes through the first virtual platform.
  - 3. The method of claim 1,wherein a first set of resources are associated with the first non-global zone and a second set of resources are associated with the second non-global zone;
    - wherein the first set of resources are accessed by the first set of one or more user processes through the first virtual platform and the second set of resources are accessed by the second set of one or more user processes through the second virtual platform; and
      
      wherein the first set of resources and the second set of resources each include one or more resources from the group consisting of a network interface, a communications interface, a file system, a system console, a DASD address, and an operating system service process.
  - 4. The method of claim 3, wherein isolating the first set of one or more user processes within the first non-global zone and the second set of one or more user processes within the second non-global zone further comprises:
    - preventing the first set of one or more user processes from accessing the second set of resources associated with the second non-global zone; and
      
      preventing the second set of one or more user processes from accessing the first set of resources associated with the first non-global zone.
  - 5. The method of claim 3, wherein executing the first set of one or more user processes within the first non-global zone causes a first application environment to be established within the first non-global zone, and wherein the method further comprises:
    - receiving a command to halt the first non-global zone;
      
      in response to the command to halt the first non-global zone;
      
      terminating all user processes executing within the first non-global zone, thereby terminating the first application environment; and
      
      disassociating the first set of resources from the first non-global zone;
      
      wherein the second non-global zone is not affected by the command to halt the first non-global zone.
  - 6. The method of claim 3, wherein executing the first set of one or more user processes within the first non-global zone causes a first application environment to be established within the first non-global zone, and wherein the method further comprises:
    - receiving a command to halt the first non-global zone;
      
      in response to the command to halt the first non-global zone;
      
      terminating all user processes executing within the first non-global zone, thereby terminating the first application environment; and
      
      performing one or more tasks from the group consisting of stopping a scheduler process, unmounting one or more file systems, closing one or more network interfaces, and removing configurations for devices associated with the first non-global zone;
      
      wherein the second non-global zone is not affected by the command to halt the first non-global zone.
  - 7. The method of claim 1, further comprising:
    - allowing a first administrator to manage processes and resources within the first non-global zone, wherein the first administrator is not allowed to manage processes and resources within the second non-global zone; and
      
      allowing a second administrator to manage processes and resources within the second non-global zone, wherein the second administrator is not allowed to manage processes and resources within the first non-global zone.
  - 8. The method of claim 1, wherein establishing the first non-global zone comprises:
    - assigning the first zone identifier, plumbing one or more network interfaces, and mounting one or more file systems;
      
      wherein establishing the first non-global zone does not include executing user processes within the first non-global zone.
  - 9. The method of claim 8, wherein the configuration information comprises one or more parameters from the group consisting of a zone name, a path to a root directory for the first non-global zone, specification of one or more file systems to be mounted when the first non-global zone is created, specification of one or more network interfaces, specification of one or more devices to be configured when the first non-global zone is created, and specification of resource controls to be imposed on the first non-global zone.
  - 10. The method of claim 1, wherein executing the first set of one or more user processes within the first non-global zone comprises:
    - executing an initialization process; and
      
      initializing, by the initialization process, execution of the first set of one or more user processes.

11. A machine-readable storage medium storing one or more sets of instructions which, when executed by one or more processors, cause the one or more processors to perform the steps of:
- establishing, within a global operating system environment provided by an operating system (OS) kernel, a first non-global zone which serves as a first virtual platform for supporting and isolating user processes, wherein the first non-global zone is a separate and distinct OS partition of the global operating system environment having a first zone identifier associated therewith, and wherein the first non-global zone is established and exists without requiring any user processes to be running therein;
  
  establishing, within the global operating system environment, a second non-global zone which serves as a second virtual platform for supporting and isolating user processes, wherein the second non-global zone is a separate and distinct OS partition of the global operating system environment having a second zone identifier associated therewith, and wherein the second non-global zone is established and exists without requiring any user processes to be running therein;
  
  executing a first set of one or more user processes within the first non-global zone;
  
  executing a second set of one or more user processes within the second non-global zone; and
  
  isolating the first set of one or more user processes within the first non-global zone and the second set of one or more user processes within the second non-global zone such that the first set of one or more user processes cannot access processes in the second non-global zone and the second set of one or more user processes cannot access processes in the first non-global zone;
  
  wherein the first and second non-global zones are established by the OS kernel, and wherein the OS kernel enforces zone boundaries to isolate the first set of one or more user processes within the first non-global zone and the second set of one or more user processes within the second non-global zone.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 12. The machine-readable storage medium of claim 11, wherein the OS kernel provides services that are invoked by the first set of one or more user processes, and wherein the services are invoked by the first set of one or more user processes through the first virtual platform.
  - 13. The machine-readable storage medium of claim 11,wherein a first set of resources are associated with the first non-global zone and a second set of resources are associated with the second non-global zone;
    - wherein the first set of resources are accessed by the first set of one or more user processes through the first virtual platform and the second set of resources are accessed by the second set of one or more user processes through the second virtual platform; and
      
      wherein the first set of resources and the second set of resources each include one or more resources from the group consisting of a network interface, a communications interface, a file system, a system console, a DASD address, and an operating system service process.
  - 14. The machine-readable storage medium of claim 13, wherein isolating the first set of one or more user processes within the first non-global zone and the second set of one or more user processes within the second non-global zone further comprises:
    - preventing the first set of one or more user processes from accessing the second set of resources associated with the second non-global zone; and
      
      preventing the second set of one or more user processes from accessing the first set of resources associated with the first non-global zone.
  - 15. The machine-readable storage medium of claim 13, wherein executing the first set of one or more user processes within the first non-global zone causes a first application environment to be established within the first non-global zone, and wherein the machine-readable storage medium further stores one or more sets of instructions for causing the one or more processors to perform the steps of:
    - receiving a command to halt the first non-global zone;
      
      in response to the command to halt the first non-global zone;
      
      terminating all user processes executing within the first non-global zone, thereby terminating the first application environment; and
      
      disassociating the first set of resources from the first non-global zone;
      
      wherein the second non-global zone is not affected by the command to halt the first non-global zone.
  - 16. The machine-readable storage medium of claim 13, wherein executing the first set of one or more user processes within the first non-global zone causes a first application environment to be established within the first non-global zone, and wherein the machine-readable storage medium further stores one or more sets of instructions for causing the one or more processors to perform the steps of:
    - receiving a command to halt the first non-global zone;
      
      in response to the command to halt the first non-global zone;
      
      terminating all user processes executing within the first non-global zone, thereby terminating the first application environment; and
      
      performing one or more tasks from the group consisting of stopping a scheduler process, unmounting one or more file systems, closing one or more network interfaces, and removing configurations for devices associated with the first non-global zone;
      
      wherein the second non-global zone is not affected by the command to halt the first non-global zone.
  - 17. The machine-readable storage medium of claim 11, wherein the machine-readable storage medium further stores one or more sets of instructions for causing the one or more processors to perform the steps of:
    - allowing a first administrator to manage processes and resources within the first non-global zone, wherein the first administrator is not allowed to manage processes and resources within the second non-global zone; and
      
      allowing a second administrator to manage processes and resources within the second non-global zone, wherein the second administrator is not allowed to manage processes and resources within the first non-global zone.
  - 18. The machine-readable storage medium of claim 11, wherein establishing the first non-global zone comprises:
    - assigning the first zone identifier, plumbing one or more network interfaces, and mounting one or more file systems;
      
      wherein establishing the first non-global zone does not include executing user processes within the first non-global zone.
  - 19. The machine-readable storage medium of claim 18, wherein the configuration information comprises one or more parameters from the group consisting of a zone name, a path to a root directory for the first non-global zone, specification of one or more file systems to be mounted when the first non-global zone is created, specification of one or more network interfaces, specification of one or more devices to be configured when the first non-global zone is created, and specification of resource controls to be imposed on the first non-global zone.
  - 20. The machine-readable storage medium of claim 11, wherein executing the first set of one or more user processes within the first non-global zone comprises:
    - executing an initializer process; and
      
      initializing, by the initializer process, execution of the first set of one or more user processes.

21. An apparatus comprising:
- one or more processors configured to implement;
  
  means for establishing, within a global operating system environment provided by an operating system (OS) kernel, a first non-global zone which serves as a first virtual platform for supporting and isolating user processes, wherein the first non-global zone is a separate and distinct OS partition of the global operating system environment having a first zone identifier associated therewith, and wherein the first non-global zone is established and exists without requiring any user processes to be running therein;
  
  means for establishing, within said global operating system environment, a second non-global zone which serves as a second virtual platform for supporting and isolating user processes, wherein the second non-global zone is a separate and distinct OS partition of the global operating system environment having a second zone identifier associated therewith, and wherein the second non-global zone is established and exists without requiring any user processes to be running therein;
  
  means for executing a first set of one or more user processes within the first non-global zone;
  
  means for executing a second set of one or more user processes within the second non-global zone; and
  
  means for isolating the first set of one or more user processes within the first non-global zone and the second set of one or more user processes within the second non-global zone such that the first set of one or more user processes cannot access processes in the second non-global zone and the second set of one or more user processes cannot access processes in the first non-global zone;
  
  wherein the first and second non-global zones are established by the OS kernel, and wherein the OS kernel enforces zone boundaries to isolate the first set of one or more user processes within the first non-global zone and the second set of one or more user processes within the second non-global zone.
- View Dependent Claims (22, 23, 24, 25, 26, 27)
- - 22. The apparatus of claim 21,wherein a first set of resources are associated with the first non-global zone and a second set of resources are associated with the second non-global zone;
    - wherein the first set of resources are accessed by the first set of one or more user processes through the first virtual platform and the second set of resources are accessed by the second set of one or more user processes through the second virtual platform; and
      
      wherein the first set of resources and the second set of resources each include one or more resources from the group consisting of a network interface, a communications interface, a file system, a system console, a DASD address, and an operating system service process.
  - 23. The apparatus of claim 22, wherein the means for isolating the first set of one or more user processes within the first non-global zone and the second set of one or more user processes within the second non-global zone further comprises:
    - means for preventing the first set of one or more user processes from accessing the second set of resources associated with the second non-global zone; and
      
      means for preventing the second set of one or more user processes from accessing the first set of resources associated with the first non-global zone.
  - 24. The apparatus of claim 22, wherein executing the first set of one or more user processes within the first non-global zone causes a first application environment to be established within the first non-global zone, and wherein the apparatus further comprises:
    - means for receiving a command to halt the first non-global zone;
      
      in response to the command to halt the first non-global zone;
      
      means for terminating all user processes executing within the first non-global zone, thereby terminating the first application environment; and
      
      means for disassociating the first set of resources from the first non-global zone;
      
      wherein the second non-global zone is not affected by the command to halt the first non-global zone.
  - 25. The apparatus of claim 22, wherein executing the first set of one or more user processes within the first non-global zone causes a first application environment to be established within the first non-global zone, and wherein the apparatus further comprises:
    - means for receiving a command to halt the first non-global zone;
      
      in response to the command to halt the first non-global zone;
      
      means for terminating all user processes executing within the first non-global zone, thereby terminating the first application environment; and
      
      means for performing one or more tasks from the group consisting of stopping a scheduler process, unmounting one or more file systems, closing one or more network interfaces, and removing configurations for devices associated with the first non-global zone;
      
      wherein the second non-global zone is not affected by the command to halt the first non-global zone.
  - 26. The apparatus of claim 21, wherein the means for establishing the first non-global zone comprises:
    - means for assigning the first zone identifier, plumbing one or more network interfaces, and mounting one or more file systems;
      
      wherein establishing the first non-global zone does not include executing user processes within the first non-global zone.
  - 27. The apparatus of claim 26, wherein the configuration information comprises one or more parameters from the group consisting of a zone name, a path to a root directory for the first non-global zone, specification of one or more file systems to be mounted when the first non-global zone is created, specification of one or more network interfaces, specification of one or more devices to be configured when the first non-global zone is created, and specification of resource controls to be imposed on the first non-global zone.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Oracle America, Inc. (Oracle Corporation)
Original Assignee
Sun Microsystems Incorporated (Oracle Corporation)
Inventors
Price, Daniel B., Beck, John T., Praza, Liane, Leonard, Ozgur C., Tucker, Andrew G.
Primary Examiner(s)
An; Meng-Ai
Assistant Examiner(s)
VERDI, KIMBLEANN C

Application Number

US10/761,622
Time in Patent Office

1,925 Days
Field of Search

719/320
US Class Current

719/320
CPC Class Codes

G06F 11/3476   Data logging G06F11/14, G06...

Y10S 707/99931   Database or file accessing

Y10S 707/99943   Generating database or data...

Two-level service model in operating system partitions

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

120 Citations

27 Claims

Specification

Solutions

Use Cases

Quick Links

Two-level service model in operating system partitions

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

120 Citations

27 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links