About Backing Up a Solaris System With Zones Installed
You can perform backups in individual non-global zones, or back up the entire
system from the global zone.
Backing Up Loopback File System Directories
Because many non-global zones share files with the global zone through the use
of loopback file system read-only mounts (usually /usr, /lib, /sbin, and /platform), you
must use a global zone backup method to back up lofs directories.
Caution - Do not back up the lofs file systems in non-global zones. An attempt
by the non-global administrator to restore lofs file systems from a non-global
zone could cause a serious problem.
Backing Up Your System From the Global Zone
You might choose to perform your backups from the global zone in
the following cases:
You want to back up the configurations of your non-global zones as well as the application data.
Your primary concern is the ability to recover from a disaster. If you need to restore everything or almost everything on your system, including the root file systems of your zones and their configuration data as well as the data in your global zone, backups should take place in the global zone.
You want to use the ufsdump command to perform a data backup. Because importing a physical disk device into a non-global zone would change the security profile of the zone, ufsdump should only be used from the global zone.
You have commercial network backup software.
Note - Your network backup software should be configured to skip all inherited lofs file systems if possible. The backup should be performed when the zone and its applications have quiesced the data to be backed up.
Backing Up Individual Non-Global Zones on Your System
You might decide to perform backups within the non-global zones in the following
cases.
The non-global zone administrator needs the ability to recover from less serious failures or to restore application or user data specific to a zone.
You want to use programs that back up on a file-by-file basis, such as tar or cpio. See the tar(1) and cpio(1) man pages.
You use the backup software of a particular application or service running in a zone. It might be difficult to execute the backup software from the global zone because application environments, such as directory path and installed software, would be different between the global zone and the non-global zone.
If the application can perform a snapshot on its own backup schedule in each non-global zone and store those backups in a writable directory exported from the global zone, the global zone administrator can pick up those individual backups as part of the backup strategy from the global zone.