Monday Aug 18, 2014

Why Wouldn't Root Be Able to Change a Zone's IP Address in Oracle Solaris 11?





You might assume that if you have root access to an Oracle Solaris zone, you'd be able to change the root's IP address. If so, you'd proceed along these lines ...


  1. First, you'd log in:
  2. root@global_zone:~# zlogin user-zone
  3. Then you'd remove the IP interface:
  4. root@user-zone:~# ipadm delete-ip vnic0
  5. Next, you'd create a new IP interface:
  6. root@user-zone:~# ipadm create-ip vnic0
  7. Then you'd assign the IP interface a new IP address (10.0.0.10):
  8. root@user-zone:~# ipadm create-addr -a local=10.0.0.10/24 vnic0/v4
    ipadm: cannot create address: Permission denied




Why would that happen? Here are some potential reasons:

  • You're in the wrong zone
  • Nobody bothered to tell you that you were fired last week.
  • The sysadmin for the global zone (probably your ex-girlfriend) enabled link protection mode on the zone with this sweet little command:
  • root@global_zone:~# dladm set-linkprop -p \ protection=mac-nospoof,restricted,ip-nospoof vnic0

How'd your ex-girlfriend learn to do that? By reading this article:

Securing a Cloud-Based Data Center with Oracle Solaris 11

by Orgad Kimchi, Ron Larson, and Richard Friedman

When you build a private cloud, you need to protect sensitive data not only while it's in storage, but also during transmission between servers and clients, and when it's being used by an application. When a project is completed, the cloud must securely delete sensitive data and make sure the original data is kept secure. These are just some of the many security precautions a sysadmin needs to take to secure data in a cloud infrastructure. Orgad, Ron, and Richard explain the rest and show you how to employ the security features in Oracle Solaris 11 to protect your cloud infrastructure. Part 2 of a three-part article on cloud deployments that use the Oracle Solaris Remote Lab as a case study.

About the Photograph

That's the fence separating a small group of tourist cabins from a pasture in the small town of Tropic, Utah.

Follow Rick on:
Personal Blog | Personal Twitter | Oracle Forums
  Follow OTN Garage on:
Web | Facebook | Twitter | YouTube

Friday May 16, 2014

Orgad Strikes Again

"And while you're at it, use the Unified Archive to deploy a cloud in a box."

Orgad is too smart. Or maybe, he does what Einstein claims to do:

"It's not that I'm so smart, it's just that I stay with problems longer."
- Albert Einstein

How to Set Up a Hadoop 2.2 Cluster on Oracle Solaris 11.2

Technical Article by Orgad Kimchi

Figuring out how to set up a Hadoop 2.2 Cluster helps keep Orgad challenged on those late nights when, after a few too many shots of Joov, he strikes up a casual game of chess with Deep Blue. As he explains,

"Setting up a Hadoop cluster on Oracle Solaris 11.2 gives you fast provisioning via zone cloning, best I/O performance from ZFS compression, and rapid provisioning with the Unified Archive."

But setting up a Hadoop cluster and configuring its failover capabilities (yawn) is just not enough to keep Orgad interested. Nope. To stay awake he has to toss in a neat little trick at the end of his article: how to use the Unified Archive in Oracle Solaris 11.2 to create a cloud-in-a-box that you can deploy in a variety of environments.

I don't know what Orgad does between midnight and 2:00 am, but in case you want to take a guess, here are more gems from Orgad:

About the Photograph

Photograph of plant killed by Mrs. Ramsey taken by Rick Ramsey in Colorado

- Rick
Follow Rick on:
Personal Blog | Personal Twitter
  Follow OTN Garage on:
Web | Facebook | Twitter | YouTube

Tuesday Oct 23, 2012

You Don't Want to Meet Orgad Kimchi in a Dark Alley

source

Do you remember what those bad guys in the old Charles Bronson films looked like? They looked like Orgad Kimchi, that's what they looked like. When I met him at Oracle OpenWorld 2012, I realized I didn't want to meet him in the wrong alleyway of Budapest after dark.

Neither do old versions of Oracle Solaris, which Orgad bends to his will with as much ease as he probably bends stray tourists to his will in Budapest, Kandahar, or Dagestan.

How Orgad Made Oracle Database Migrate from Oracle Solaris 8 to Oracle Solaris 11

In this article, which we liked so much we reprinted it from his blog (please don't tell him!), Orgad explains how he head-butted an Oracle Database into submission. The database thought it was safe running in Oracle Solaris 8, but Orgad dragged its whimpering carcas into Oracle Solaris 11. How'd he do that? Well, if you had met Orgad in person, you wouldn't ask that question. Because you'd know he could have simply stared at it, and the database would have migrated on its own.

But Orgad didn't do that. Instead, he stuffed an Oracle Solaris 8 Physical-to-Virtual (P2V) Archiver Tool into his leather trench coat, the one with the special pockets sown in by the East German Secret Police for several Uzis and their ammo, and walked into his data center in a way that reminded the survivors of this clip from Matrix Reloaded.

The end result? The Oracle Database 10.2 that was running on Oracle Solaris 8 is now running inside a Solaris 10 branded zone in Oracle Solaris 11. With no complaints.

Don't make Orgad angry. Read his article.

- Rick

Website Newsletter Facebook Twitter
About

Contributors:
Rick Ramsey
Kemer Thomson
and members of the OTN community

Search

Archives
« July 2015
SunMonTueWedThuFriSat
   
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
 
       
Today
Blogs We Like