Oracle Solaris Kernel Zones API
API for creating and managing Oracle Solaris Kernel Zones, which are non-global zones with their own kernel providing greater independence and enhanced security isolation.
OpenAPI Specification
openapi: 3.1.0
info:
title: Solaris Zones Oracle Solaris Kernel Zones API
description: >-
REST API for creating and managing Oracle Solaris Kernel Zones via the RAD
zonemgr module. Kernel Zones (brand solaris-kz) are non-global zones with
their own kernel, providing greater independence and enhanced security
isolation compared to native zones. They support live migration, independent
patching, and hardware-assisted virtualization.
version: '1.6'
contact:
name: Oracle Solaris Support
url: https://www.oracle.com/solaris/support/
email: solaris-support@oracle.com
license:
name: Oracle Technology Network License
url: https://www.oracle.com/legal/terms.html
externalDocs:
description: Oracle Solaris Kernel Zones Documentation
url: https://docs.oracle.com/en/operating-systems/solaris/oracle-solaris/11.4/kernel-zones/oracle-solaris-kernel-zones.html
servers:
- url: https://{host}:{port}/api/com.oracle.solaris.rad.zonemgr/1.6
description: Oracle Solaris RAD REST endpoint
variables:
host:
default: localhost
description: Solaris host running RAD
port:
default: '6788'
description: RAD REST API port
tags:
- name: Kernel Zone Configuration
description: Configure kernel zone resources and properties
- name: Kernel Zone Lifecycle
description: Kernel zone boot, halt, suspend, and resume operations
- name: Kernel Zone Management
description: Create and manage kernel zones
- name: Kernel Zone Migration
description: Live migration of kernel zones between hosts
security:
- cookieAuth: []
paths:
/ZoneManager/_rad_method/create:
put:
operationId: createKernelZone
summary: Solaris Zones Create a Kernel Zone
description: >-
Create a new kernel zone using the solaris-kz brand template. Kernel
zones run their own kernel and provide enhanced isolation through
hardware-assisted virtualization.
tags:
- Kernel Zone Management
requestBody:
required: true
content:
application/json:
schema:
type: object
required:
- name
properties:
name:
type: string
description: Unique kernel zone name
example: kzone1
path:
type: string
description: Zone root path
example: /zones/kzone1
template:
type: string
description: Must be SYSsolaris-kz for kernel zones
default: SYSsolaris-kz
enum:
- SYSsolaris-kz
examples:
CreatekernelzoneRequestExample:
summary: Default createKernelZone request
x-microcks-default: true
value:
name: Example Title
path: example_value
template: SYSsolaris-kz
responses:
'200':
description: Kernel zone created
content:
application/json:
schema:
$ref: '#/components/schemas/ZoneResult'
examples:
Createkernelzone200Example:
summary: Default createKernelZone 200 response
x-microcks-default: true
value:
status: example_value
payload:
code: NONE
message: example_value
stdout: example_value
stderr: example_value
'400':
$ref: '#/components/responses/BadRequest'
'401':
$ref: '#/components/responses/Unauthorized'
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
/Zone/{zoneName}:
get:
operationId: getKernelZone
summary: Solaris Zones Get Kernel Zone Details
description: >-
Retrieve detailed information about a kernel zone including its brand
(solaris-kz), state, UUID, and auxiliary states. The brand property
confirms this is a kernel zone.
tags:
- Kernel Zone Management
parameters:
- $ref: '#/components/parameters/zoneName'
- $ref: '#/components/parameters/radDetail'
responses:
'200':
description: Kernel zone details
content:
application/json:
schema:
type: object
properties:
status:
type: string
payload:
$ref: '#/components/schemas/KernelZone'
examples:
Getkernelzone200Example:
summary: Default getKernelZone 200 response
x-microcks-default: true
value:
status: example_value
payload:
name: Example Title
brand: solaris-kz
id: abc123
uuid: '500123'
state: configured
auxstate:
- example_value
'401':
$ref: '#/components/responses/Unauthorized'
'404':
$ref: '#/components/responses/NotFound'
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
/Zone/{zoneName}/_rad_method/install:
put:
operationId: installKernelZone
summary: Solaris Zones Install a Kernel Zone
description: >-
Install a configured kernel zone. This provisions the zone with its own
Solaris kernel, creating an independent operating environment with
hardware-assisted virtualization support.
tags:
- Kernel Zone Lifecycle
parameters:
- $ref: '#/components/parameters/zoneName'
requestBody:
content:
application/json:
schema:
type: object
properties:
options:
type: array
items:
type: string
description: Optional install arguments
examples:
InstallkernelzoneRequestExample:
summary: Default installKernelZone request
x-microcks-default: true
value:
options:
- example_value
responses:
'200':
description: Kernel zone installation initiated
content:
application/json:
schema:
$ref: '#/components/schemas/ZoneResult'
examples:
Installkernelzone200Example:
summary: Default installKernelZone 200 response
x-microcks-default: true
value:
status: example_value
payload:
code: NONE
message: example_value
stdout: example_value
stderr: example_value
'401':
$ref: '#/components/responses/Unauthorized'
'404':
$ref: '#/components/responses/NotFound'
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
/Zone/{zoneName}/_rad_method/boot:
put:
operationId: bootKernelZone
summary: Solaris Zones Boot a Kernel Zone
description: >-
Boot a kernel zone. Unlike native zones, kernel zones boot their own
kernel providing full OS isolation.
tags:
- Kernel Zone Lifecycle
parameters:
- $ref: '#/components/parameters/zoneName'
requestBody:
content:
application/json:
schema:
type: object
properties:
options:
type: array
items:
type: string
description: Optional boot arguments
examples:
BootkernelzoneRequestExample:
summary: Default bootKernelZone request
x-microcks-default: true
value:
options:
- example_value
responses:
'200':
description: Kernel zone boot initiated
content:
application/json:
schema:
$ref: '#/components/schemas/ZoneResult'
examples:
Bootkernelzone200Example:
summary: Default bootKernelZone 200 response
x-microcks-default: true
value:
status: example_value
payload:
code: NONE
message: example_value
stdout: example_value
stderr: example_value
'401':
$ref: '#/components/responses/Unauthorized'
'404':
$ref: '#/components/responses/NotFound'
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
/Zone/{zoneName}/_rad_method/halt:
put:
operationId: haltKernelZone
summary: Solaris Zones Halt a Kernel Zone
tags:
- Kernel Zone Lifecycle
parameters:
- $ref: '#/components/parameters/zoneName'
responses:
'200':
description: Kernel zone halted
content:
application/json:
schema:
$ref: '#/components/schemas/ZoneResult'
examples:
Haltkernelzone200Example:
summary: Default haltKernelZone 200 response
x-microcks-default: true
value:
status: example_value
payload:
code: NONE
message: example_value
stdout: example_value
stderr: example_value
'401':
$ref: '#/components/responses/Unauthorized'
'404':
$ref: '#/components/responses/NotFound'
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
/Zone/{zoneName}/_rad_method/shutdown:
put:
operationId: shutdownKernelZone
summary: Solaris Zones Gracefully Shut Down a Kernel Zone
tags:
- Kernel Zone Lifecycle
parameters:
- $ref: '#/components/parameters/zoneName'
responses:
'200':
description: Kernel zone shutdown initiated
content:
application/json:
schema:
$ref: '#/components/schemas/ZoneResult'
examples:
Shutdownkernelzone200Example:
summary: Default shutdownKernelZone 200 response
x-microcks-default: true
value:
status: example_value
payload:
code: NONE
message: example_value
stdout: example_value
stderr: example_value
'401':
$ref: '#/components/responses/Unauthorized'
'404':
$ref: '#/components/responses/NotFound'
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
/Zone/{zoneName}/_rad_method/reboot:
put:
operationId: rebootKernelZone
summary: Solaris Zones Reboot a Kernel Zone
tags:
- Kernel Zone Lifecycle
parameters:
- $ref: '#/components/parameters/zoneName'
responses:
'200':
description: Kernel zone reboot initiated
content:
application/json:
schema:
$ref: '#/components/schemas/ZoneResult'
examples:
Rebootkernelzone200Example:
summary: Default rebootKernelZone 200 response
x-microcks-default: true
value:
status: example_value
payload:
code: NONE
message: example_value
stdout: example_value
stderr: example_value
'401':
$ref: '#/components/responses/Unauthorized'
'404':
$ref: '#/components/responses/NotFound'
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
/Zone/{zoneName}/_rad_method/suspend:
put:
operationId: suspendKernelZone
summary: Solaris Zones Suspend a Kernel Zone
description: >-
Suspend a running kernel zone, saving its complete state including
the kernel zone's own kernel state for later resumption.
tags:
- Kernel Zone Lifecycle
parameters:
- $ref: '#/components/parameters/zoneName'
responses:
'200':
description: Kernel zone suspended
content:
application/json:
schema:
$ref: '#/components/schemas/ZoneResult'
examples:
Suspendkernelzone200Example:
summary: Default suspendKernelZone 200 response
x-microcks-default: true
value:
status: example_value
payload:
code: NONE
message: example_value
stdout: example_value
stderr: example_value
'401':
$ref: '#/components/responses/Unauthorized'
'404':
$ref: '#/components/responses/NotFound'
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
/Zone/{zoneName}/_rad_method/editConfig:
put:
operationId: editKernelZoneConfig
summary: Solaris Zones Begin Editing Kernel Zone Configuration
description: >-
Start a configuration editing session for a kernel zone. Kernel zones
support additional resource types such as virtual CPUs (dedicated-cpu),
virtual memory, and virtual I/O devices.
tags:
- Kernel Zone Configuration
parameters:
- $ref: '#/components/parameters/zoneName'
requestBody:
content:
application/json:
schema:
type: object
properties:
liveMode:
type: boolean
default: false
description: Enable live reconfiguration
examples:
EditkernelzoneconfigRequestExample:
summary: Default editKernelZoneConfig request
x-microcks-default: true
value:
liveMode: true
responses:
'200':
description: Editing session started
content:
application/json:
schema:
$ref: '#/components/schemas/ZoneResult'
examples:
Editkernelzoneconfig200Example:
summary: Default editKernelZoneConfig 200 response
x-microcks-default: true
value:
status: example_value
payload:
code: NONE
message: example_value
stdout: example_value
stderr: example_value
'401':
$ref: '#/components/responses/Unauthorized'
'404':
$ref: '#/components/responses/NotFound'
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
/Zone/{zoneName}/_rad_method/addResource:
put:
operationId: addKernelZoneResource
summary: Solaris Zones Add Resource to Kernel Zone
description: >-
Add a resource to the kernel zone configuration. Kernel zones support
additional resource types including dedicated-cpu for virtual CPU
allocation, capped-memory for memory limits, and virtual I/O devices.
tags:
- Kernel Zone Configuration
parameters:
- $ref: '#/components/parameters/zoneName'
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/KernelZoneResource'
examples:
AddkernelzoneresourceRequestExample:
summary: Default addKernelZoneResource request
x-microcks-default: true
value:
type: dedicated-cpu
properties:
- name: Example Title
value: example_value
type: simple
listvalue: {}
complexvalue: {}
parent: example_value
responses:
'200':
description: Resource added
content:
application/json:
schema:
$ref: '#/components/schemas/ZoneResult'
examples:
Addkernelzoneresource200Example:
summary: Default addKernelZoneResource 200 response
x-microcks-default: true
value:
status: example_value
payload:
code: NONE
message: example_value
stdout: example_value
stderr: example_value
'400':
$ref: '#/components/responses/BadRequest'
'401':
$ref: '#/components/responses/Unauthorized'
'404':
$ref: '#/components/responses/NotFound'
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
/Zone/{zoneName}/_rad_method/commitConfig:
put:
operationId: commitKernelZoneConfig
summary: Solaris Zones Commit Kernel Zone Configuration
tags:
- Kernel Zone Configuration
parameters:
- $ref: '#/components/parameters/zoneName'
responses:
'200':
description: Configuration committed
content:
application/json:
schema:
$ref: '#/components/schemas/ZoneResult'
examples:
Commitkernelzoneconfig200Example:
summary: Default commitKernelZoneConfig 200 response
x-microcks-default: true
value:
status: example_value
payload:
code: NONE
message: example_value
stdout: example_value
stderr: example_value
'401':
$ref: '#/components/responses/Unauthorized'
'404':
$ref: '#/components/responses/NotFound'
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
/Zone/{zoneName}/_rad_method/getResources:
put:
operationId: getKernelZoneResources
summary: Solaris Zones Query Kernel Zone Resources
description: >-
Retrieve resources configured for the kernel zone including CPU, memory,
I/O devices, and networking.
tags:
- Kernel Zone Configuration
parameters:
- $ref: '#/components/parameters/zoneName'
requestBody:
content:
application/json:
schema:
type: object
properties:
type:
type: string
description: >-
Resource type filter. Kernel zones support: dedicated-cpu,
capped-memory, anet, device, suspend, security-flags
filter:
type: array
items:
$ref: '#/components/schemas/Property'
examples:
GetkernelzoneresourcesRequestExample:
summary: Default getKernelZoneResources request
x-microcks-default: true
value:
type: example_value
filter:
- name: Example Title
value: example_value
type: simple
listvalue:
- {}
complexvalue:
- {}
responses:
'200':
description: Kernel zone resources
content:
application/json:
schema:
type: object
properties:
status:
type: string
payload:
type: array
items:
$ref: '#/components/schemas/KernelZoneResource'
examples:
Getkernelzoneresources200Example:
summary: Default getKernelZoneResources 200 response
x-microcks-default: true
value:
status: example_value
payload:
- type: dedicated-cpu
properties:
- {}
parent: example_value
'401':
$ref: '#/components/responses/Unauthorized'
'404':
$ref: '#/components/responses/NotFound'
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
/Zone/{zoneName}/_rad_method/migrate:
put:
operationId: livelyMigrateKernelZone
summary: Solaris Zones Live Migrate a Kernel Zone
description: >-
Live migrate a running kernel zone to a remote host. Kernel zones
are the primary zone type that supports live migration where the zone
continues running while its state is transferred to the destination.
tags:
- Kernel Zone Migration
parameters:
- $ref: '#/components/parameters/zoneName'
requestBody:
required: true
content:
application/json:
schema:
type: object
required:
- host
- type
properties:
host:
type: string
description: Destination host for the migration
type:
type: string
enum:
- live
- cold
description: >-
Migration type. Kernel zones support both live and cold
migration. Live migration keeps the zone running.
cipher:
type: string
description: Encryption cipher for migration data transfer
examples:
LivelymigratekernelzoneRequestExample:
summary: Default livelyMigrateKernelZone request
x-microcks-default: true
value:
host: example_value
type: live
cipher: example_value
responses:
'200':
description: Migration initiated
content:
application/json:
schema:
$ref: '#/components/schemas/ZoneResult'
examples:
Livelymigratekernelzone200Example:
summary: Default livelyMigrateKernelZone 200 response
x-microcks-default: true
value:
status: example_value
payload:
code: NONE
message: example_value
stdout: example_value
stderr: example_value
'400':
$ref: '#/components/responses/BadRequest'
'401':
$ref: '#/components/responses/Unauthorized'
'404':
$ref: '#/components/responses/NotFound'
x-microcks-operation:
delay: 0
dispatcher: FALLBACK
components:
securitySchemes:
cookieAuth:
type: apiKey
in: cookie
name: _rad_session
description: RAD session cookie obtained via authentication
parameters:
zoneName:
name: zoneName
in: path
required: true
description: Kernel zone name
schema:
type: string
radDetail:
name: _rad_detail
in: query
required: false
description: Include detailed property information
schema:
type: boolean
responses:
Unauthorized:
description: Authentication required
content:
application/json:
schema:
$ref: '#/components/schemas/RadError'
BadRequest:
description: Invalid request
content:
application/json:
schema:
$ref: '#/components/schemas/RadError'
NotFound:
description: Zone not found
content:
application/json:
schema:
$ref: '#/components/schemas/RadError'
schemas:
RadError:
type: object
properties:
status:
type: string
example: failure
payload:
type: object
properties:
code:
type: integer
message:
type: string
example: example_value
ZoneResult:
type: object
properties:
status:
type: string
example: example_value
payload:
type: object
properties:
code:
type: string
enum:
- NONE
- FRAMEWORK_ERROR
- SNAPSHOT_ERROR
- COMMAND_ERROR
- RESOURCE_ALREADY_EXISTS
- RESOURCE_NOT_FOUND
- RESOURCE_TOO_MANY
- RESOURCE_UNKNOWN
- ALREADY_EDITING
- INCOMPLETE_NO_CONFIG
- PROPERTY_UNKNOWN
- NOT_EDITING
- SYSTEM_ERROR
- INVALID_ARGUMENT
- INVALID_ZONE_STATE
message:
type: string
stdout:
type: string
stderr:
type: string
example: example_value
KernelZone:
type: object
properties:
name:
type: string
description: Kernel zone name
example: Example Title
brand:
type: string
description: Zone brand (solaris-kz for kernel zones)
enum:
- solaris-kz
example: solaris-kz
id:
type: integer
description: Numeric zone ID
example: abc123
uuid:
type: string
format: uuid
description: Zone UUID
example: '500123'
state:
type: string
enum:
- configured
- incomplete
- installed
- ready
- running
- shutting_down
- down
description: Current zone state
example: configured
auxstate:
type: array
items:
type: string
description: Auxiliary zone states
example: []
KernelZoneResource:
type: object
required:
- type
properties:
type:
type: string
description: >-
Resource type. Kernel zone specific types include dedicated-cpu
and capped-memory for virtual hardware allocation.
enum:
- dedicated-cpu
- capped-memory
- capped-cpu
- anet
- device
- fs
- suspend
- security-flags
- attr
example: dedicated-cpu
properties:
type: array
items:
$ref: '#/components/schemas/Property'
description: Resource property values
example: []
parent:
type: string
description: Parent resource reference
example: example_value
Property:
type: object
required:
- name
properties:
name:
type: string
description: >-
Property name. Key kernel zone properties include ncpus, physical,
locked, swap, lower-link, allowed-address.
example: Example Title
value:
type: string
description: Property value
example: example_value
type:
type: string
enum:
- simple
- list
- complex
example: simple
listvalue:
type: array
items:
type: string
example: []
complexvalue:
type: array
items:
type: string
example: []