How to Protect Your Oracle Solaris Zone Cluster
By Rickramsey-Oracle on Mar 21, 2013
We just published an article by Subarna Ganguly that describes how to build a secure zone cluster. In other words, a zone cluster with trusted extensions. If you want to go straight to the article, scroll down to the bottom of this blog. If you're new to zones, clustering, or trusted extensions, I'll try to explain what's interesting about this article.
In the beginning there was root and user. Root could do anything anywhere, user could do very little. We improved that with the notion of roles. Access rights (permissions) were assigned to roles instead of users. And individual users were assigned to one or more roles. Access Control Lists (ACL) improved this even more.
Oracle Solaris has about 80 different roles. You can see the privileges each one has by looking at the
Trusted extensions add "sensitivity" labels. These labels are similar to a security clearance in the military: confidential, secret, top secret, etc. With trusted extensions, you first label users, data, processes, peripherals, and pretty much everything that a user or process can access. Then you give uses and processes their own label. A user or process can only access something that has a label with the same or greater access.
"Trusted extensions ... is not something that can be just 'turned on' like a firewall. Trusted extensions fits into a framework where there's a formal security policy, possibly an LDAP server where users and their clearances are defined, as well as network access points that are labeled."
- Book: Oracle Solaris 11 System Administration, Chapter 18
Zones are virtual instances of the Solaris environment launched and controlled from the base OS environment, known as the non-global zone.
"Oracle Solaris Zones let you isolate one application from others on the same OS, allowing users to log in and do what they want from inside one zone without affecting anything outside that zone. In addition, Oracle Solaris Zones are secure from external attacks and internal malicious programs. Each Oracle Solaris Zone contains a complete resource-controlled environment that allows you to allocate resources such as CPU, memory, networking, and storage."
- OTN Article: How to Get Started Creating Zones in Oracle Solaris 11
Oracle Solaris Cluster lets you deploy the Oracle Solaris operating system across different servers. If the server in your Barbados data center gets washed away by a hurricane that hates you and dropped off in West Africa, the other servers pick up the load, and the operating system continues to operate without interruption.
"Oracle Solaris Cluster delivers the high availability and disaster recovery capabilities of Oracle Solaris 11 and extends, with version 4.1, its built-in support for the Oracle software and hardware stack, to protect business critical application deployments in virtualized and traditional environments." - White Paper: Oracle Solaris and Oracle Solaris Cluster
A zone cluster is a cluster created from Solaris zones that are physically located on different servers. That's similar to a regular cluster, but it uses zones instead of entire OS instances.
"Such large amounts of idle processing capacity present an almost irresistible opportunity for better system utilization. Organizations seek ways to reclaim this unused capacity, and thus are moving to host multiple applications on a single cluster. However, concerns about interactions between applications, especially in the areas of security and resource management, make people wary. Virtualization technologies address these security concerns and provide safe ways to host multiple applications in different clusters on a single hardware configuration.
- White Paper: How to Deploy Virtual Clusters and Why
Trusted Zone Clusters and Saburna's How To Article
Oracle Solaris Trusted Zone clusters became available in Oracle Solaris Cluster 4.1. They are zone clusters with the security capabilities (mandatory access control or MAC) provided by Trusted Extensions. The zones in the cluster are labeled in the same way that other objects are labeled, so that only other objects with the same (or higher) sensitivity label can access them. Saburna Ganguli walks you through the steps required to set one up:
More Cluster Resources
- Download Oracle Solaris Cluster 4.1
- What's New (PDF)
- Oracle Docs: Installation Guide
- Oracle Docs: Administration Guide
- Book: Oracle Solaris Cluster Administration Guide
Note: Get big discounts on Safari Books online by subscribing to the OTN Systems Community Newsletter