| LX(7) | Standards, Environments, and Macros | LX(7) |
lx — zone brand
for running a GNU/Linux user-level environment
The lx brand uses the brands(7) framework to provide an environment for running binary applications built for GNU/Linux. User-level code, including an entire Linux distribution, can run inside the zone. Both 32-bit and 64-bit applications are supported. The majority of Linux system calls are provided, along with emulation for a variety of Linux file systems, such as proc, cgroup and sysfs.
The /proc file system within the zone is a subset of a full Linux /proc. Most kernel-level tuning applied to /proc is unavailable or ignored. Some tuning can be performed, but only to reduce the overall limits that have been specified on the zone's configuration. That is, within the zone there is no way to increase the resource limits set on the zone itself.
The zone must be installed using one of: an absolute pathname of a zfs(8) send stream of a dataset which contains an image of the software to be run in the zone, a name of a zfs(8) dataset to be cloned or snapshot to be promoted, or the absolute pathname of a tar(1) file or gzipped tar file.
Examples:
zoneadm -z myzone install -x nodataset zoneadm -z myzone install -s /path/to/sendstream.zfs zoneadm -z myzone install -s name/of/dataset-to-clone zoneadm -z myzone install -s name/of/snapshot-to@promote zoneadm -z myzone install -t /path/to/tarball.tgz
Applications provided by the base OmniOS operating system are also available within the zone under the /native mount point. This allows the use of various native tools such as dtrace(8), mdb(1), or the proc(1) tools on GNU/Linux applications. However, not every native tool will work properly within an lx zone.
In addition to the standard configuration options provided by the zones(7) framework, the following additional attributes are available for lx zones. These are defined as string attributes at the top level of the zone configuration (see the example below).
dns-domainipv6kernel-versionuname command and the contents of
/proc/version.resolversAn example lx zone configured with VNIC "lx1" using a static IP address is below:
create -t lx
set zonepath=/zones/lx1
set autoboot=true
add net
set physical=lx1
set allowed-address=192.168.0.2/24
set defrouter=192.168.0.1
set global-nic=auto
end
add attr
set name=dns-domain
set type=string
set value=example.com
end
add attr
set name=resolvers
set type=string
set value=192.168.12.1,192.168.13.1
end
add attr
set name=kernel-version
set type=string
set value=4.3.0
end
The brand only supports the exclusive IP stack zone configuration.
Most modern GNU/Linux application software runs on lx, but because there are some system calls or file systems which are not currently implemented, it's possible that an application won't run. This does not preclude the application running in the future as the lx brand adds new capabilities.
As there is only the single illumos kernel running on the system, there is no support for any Linux kernel-level modules. That is, there is no support for add-on drivers or any other modules that are part of the Linux kernel itself. If that is required, a full virtual machine should be used instead of an lx branded zone.
Any core files produced within the zone are in the native illumos format.
As with any zone, the normal security mechanisms and privileges apply. Thus, certain operations (for example, changing the system time), will not be allowed unless the zone has been configured with the appropriate additional privileges.
mdb(1), proc(1), brands(7), privileges(7), resource_controls(7), zones(7), dtrace(8), zfs(8), zoneadm(8), zonecfg(8)
| April 4, 2020 | OmniOS |