Monday Aug 18, 2014

Why Wouldn't Root Be Able to Change a Zone's IP Address in Oracle Solaris 11?

You might assume that if you have root access to an Oracle Solaris zone, you'd be able to change the root's IP address. If so, you'd proceed along these lines ...

  1. First, you'd log in:
  2. root@global_zone:~# zlogin user-zone
  3. Then you'd remove the IP interface:
  4. root@user-zone:~# ipadm delete-ip vnic0
  5. Next, you'd create a new IP interface:
  6. root@user-zone:~# ipadm create-ip vnic0
  7. Then you'd assign the IP interface a new IP address (
  8. root@user-zone:~# ipadm create-addr -a local= vnic0/v4
    ipadm: cannot create address: Permission denied

Why would that happen? Here are some potential reasons:

  • You're in the wrong zone
  • Nobody bothered to tell you that you were fired last week.
  • The sysadmin for the global zone (probably your ex-girlfriend) enabled link protection mode on the zone with this sweet little command:
  • root@global_zone:~# dladm set-linkprop -p \ protection=mac-nospoof,restricted,ip-nospoof vnic0

How'd your ex-girlfriend learn to do that? By reading this article:

Securing a Cloud-Based Data Center with Oracle Solaris 11

by Orgad Kimchi, Ron Larson, and Richard Friedman

When you build a private cloud, you need to protect sensitive data not only while it's in storage, but also during transmission between servers and clients, and when it's being used by an application. When a project is completed, the cloud must securely delete sensitive data and make sure the original data is kept secure. These are just some of the many security precautions a sysadmin needs to take to secure data in a cloud infrastructure. Orgad, Ron, and Richard explain the rest and show you how to employ the security features in Oracle Solaris 11 to protect your cloud infrastructure. Part 2 of a three-part article on cloud deployments that use the Oracle Solaris Remote Lab as a case study.

About the Photograph

That's the fence separating a small group of tourist cabins from a pasture in the small town of Tropic, Utah.

Follow Rick on:
Personal Blog | Personal Twitter | Oracle Forums
  Follow OTN Garage on:
Web | Facebook | Twitter | YouTube

Wednesday Jul 16, 2014

Get Your ZFS On

Surprising as it may seem, there are still many sysadmins out there who don't use ZFS or are not familiar with its best features. We (since I'm one of them) should send expensive gifts to Oracle ACE Alexandre Borges. Alexandre loves Solaris so much he can't stop writing about it. He recently put together a torrent of articles about ZFS that, even if you think you know everything about it, you should peruse. Because I bet he's found things you didn't know about.

I've been posting them at the rate of about one a week. Here are the first five.

1. Using COMSTAR and ZFS to Configure a Virtualized Storage Environment

by Alexandre Borges

How to configure the Common Multiprotocol SCSI TARget (COMSTAR) capability in Oracle Solaris 11 to provide local iSCSI storage to Windows, Linux, and Mac clients.

2. Playing with Swap Space in ZFS Volumes

by Alexandre Borges

Alexandre walks through several ZFS commands that control and monitor swap space, describes the insight they provide, and explains how to use them to increase or decrease swap space.

3. Playing with ZFS Shadow Migration

by Alexandre Borges

If you need to migrate data from a server running Oracle Solaris 10 or 11 to one running Oracle Solaris 11.1, use Shadow Migration. It's easy, and allows you to migrate shared ZFS, UFS, or VxFS (Symantec) file systems through NFS or even through a local file system. Alexandre shows how.

4. Delegating a ZFS Dataset to a Non-Global Zone

by Alexandre Borges

Adding a dataset to a non-global zone does not give the non-global zone's administrator control over the dataset's properties. They are retained by the global zone's administrator. Delegating a dataset, however, does give the non-global zone's administrator control over the dataset's properties. Alexandre explains the difference and how to perform the delegation.

5. Playing with ZFS Encryption

by Alexandre Borges

Oracle Solaris 11 supports native encryption on ZFS so that it can protect critical data without depending on external programs. It's also integrated with the Cryptographic Framework. Alexandre explains the benefits of these and other Oracle Solaris encryption capabilities, and the different methods for encrypting and decrypting files, file systems, and pools.

About the Photograph

In late June I rode from the South Entrance to Yellowstone National Park in heavy rain. When I stopped at the grill for a burger, I inadvertently shocked the good patrons by wringing water out of my neck warmer, sweater, and t-shirt directly onto the stone floor in the cafeteria. When I'm on a long ride it takes me a moment to remember the finer points of civilized behavior. When the clouds temporarily cleared, I took this picture of Yellowstone Falls from Uncle Tom's trail.

- Rick
Follow Rick on:
Personal Blog | Personal Twitter
  Follow OTN Garage on:
Web | Facebook | Twitter | YouTube

Wednesday Jun 11, 2014

Troubleshooting Your Network with Oracle Linux

Are you afraid of network problems? I was. Whenever somebody said "it's probably the network," I went to lunch. And hoped that it was fixed by the time I got back. Turns out it wasn't that hard to do a little basic troubleshooting

Tech Article: Troubleshooting Your Network with Oracle Linux

by Robert Chase

You're no doubt already familiar with ping. Even I knew how to use ping. Turns out there's another command that can show you not just whether a system can respond over the network, but the path the packets to that system take. Our blogging platform won't allow me to write the name down, but I can tell you that if you replace the x in this word with an e, you'll have the right command:


Once you get used to those, you can venture into the realms of mtr, nmap, and netcap.

Robert Chase explains how each one can help you troubleshoot the network, and provides examples for how to use them. Robert is not only a solid writer, he is also a brilliant motorcyclist and rides an MV Augusta F4 750.

About the Photograph

Photo of flowers in San Simeon, California, taken by Rick Ramsey on a ride home from the Sun Reunion in May 2014.

- Rick
Follow me on:
Personal Blog | Personal Twitter
  Follow OTN Garage on:
Web | Facebook | Twitter | YouTube

Monday May 26, 2014

Validating Petabytes of Data with Regularity and Thoroughness

by Brian Zents

When former Intel CEO Andy Grove said “only the paranoid survive,” he wasn’t necessarily talking about tape storage administrators, but it’s a lesson they’ve learned well. After all, tape storage is the last line of defense to prevent data loss, so tape administrators are extra cautious in making sure their data is secure. Not surprisingly, we are often asked for ways to validate tape media and the files on them.

In the past, an administrator could validate the media, but doing so was often tedious or disruptive or both. The debut of the Data Integrity Validation (DIV) and Library Media Validation (LMV) features in the Oracle T10000C drive helped eliminate many of these pains. Also available with the Oracle T10000D drive, these features use hardware-assisted CRC checks that not only ensure the data is written correctly the first time, but also do so much more efficiently.

Traditionally, a CRC check takes at least 25 seconds per 4GB file with a 2:1 compression ratio, but the T10000C/D drives can reduce the check to a maximum of nine seconds because the entire check is contained within the drive. No data needs to be sent to a host application. A time savings of at least 64 percent is extremely beneficial over the course of checking an entire 8.5TB T10000D tape.

While the DIV and LMV features are better than anything else out there, what storage administrators really need is a way to check petabytes of data with regularity and thoroughness. With the launch of Oracle StorageTek Tape Analytics (STA) 2.0 in April, there is finally a solution that addresses this longstanding need. STA bundles these features into one interface to automate all media validation activities across all Oracle SL3000 and SL8500 tape libraries in an environment. And best of all, the validation process can be associated with the health checks an administrator would be doing already through STA.

In fact, STA validates the media based on any of the following policies:

  • Random Selection – Randomly selects media for validation whenever a validation drive in the standalone library or library complex is available.
  • Media Health = Action – Selects media that have had a specified number of successive exchanges resulting in an Exchange Media Health of “Action.” You can specify from one to five exchanges.
  • Media Health = Evaluate – Selects media that have had a specified number of successive exchanges resulting in an Exchange Media Health of “Evaluate.” You can specify from one to five exchanges.
  • Media Health = Monitor – Selects media that have had a specified number of successive exchanges resulting in an Exchange Media Health of “Monitor.” You can specify from one to five exchanges.
  • Extended Period of Non-Use – Selects media that have not had an exchange for a specified number of days. You can specify from 365 to 1,095 days (one to three years).
  • Newly Entered – Selects media that have recently been entered into the library.
  • Bad MIR Detected – Selects media with an exchange resulting in a “Bad MIR Detected” error. A bad media information record (MIR) indicates degraded high-speed access on the media.

To avoid disrupting host operations, an administrator designates certain drives for media validation operations. If a host requests a file from media currently being validated, the host’s request takes priority. To ensure that the administrator really knows it is the media that is bad, as opposed to the drive, STA includes drive calibration and qualification features. In addition, validation requests can be re-prioritized or cancelled as needed. To ensure that a specific tape isn’t validated too often, STA prevents a tape from being validated twice within 24 hours via one of the policies described above. A tape can be validated more often if the administrator manually initiates the validation.

When the validations are complete, STA reports the results. STA does not report simply a “good” or “bad” status. It also reports if media is even degraded so the administrator can migrate the data before there is a true failure. From that point, the administrators’ paranoia is relieved, as they have the necessary information to make a sound decision about the health of the tapes in their environment.

About the Photograph

Photograph taken by Rick Ramsey in Death Valley, California, May 2014

- Brian

Follow OTN Garage on:
Web | Facebook | Twitter | YouTube

Tuesday May 06, 2014

Replay of Solaris Labs From OTN Virtual Sysadmin Day

Missed OTN's last Virtual Sysadmin Day? That's OK, so did the majority of Earth's 7 billion inhabitants. A stalwart 400 did manage to pull themselves away from The Daily Grind and attend in person. To accommodate the remaining 7 billion slackers, I published videos of the Solaris hands-on labs. I'll do the same for the Oracle Linux and Virtualization sessions over the next few days.

Lab Intro - How Oracle Solaris 11 Simplifies the Life of a Sysadmin

Typical tasks and challenges in a sysadmin's work and how Oracle Solaris 11 simplifies them. Managing software packages, updating systems, managing users, monitoring system performance and diagnosing problems, assessing, assigning and redistributing system resources according to workload patterns. Which Oracle Solaris 11 features can help. Examples and best practices. Exercises that model everyday situations.

Lab 1: Managing the Software Lifecycle with Oracle Solaris 11

Tricks to help you to manage software packages installed on your systems. Most organizations have separate environments for development, test, QA and production applications. How can you make sure the right versions of software packages are installed in each of them, and avoid inconsistencies? How can you configure your production systems to avoid accidental updates? How should you integrate your software packages with SMF services? These and many other questions will be answered by using practical hands-on examples.

Lab 2: Managing Your Data with ZFS in Oracle Solaris 11

ZFS has been a round a long time, but it has so many new capabilities to explore that you might still have a lot of questions. For instance, how do I create a ZFS file system that will have a guaranteed amount of available space, instead of sharing it with other file systems in a pool? What are the best practices for backing up ZFS file systems? How can I use ZFS encryption? Can I create a raw block device on ZFS and why do I need it? These and many other questions will be answered by using practical hands-on examples.

Lab 3: Managing Virtual Environments in Oracle Solaris 11

What are the best ways to create and manage zones? How should I use Solaris virtual networking to separate traffic from different applications? How can I monitor and manage system resources assigned to zones? How should I protect my zones from malicious users? How can I migrate zones between hosts? These and many other questions will be answered with practical hands-on examples.

About the Photograph

Photo of Las Vegas skyline taken by Rick Ramsey at Collaborate 2014

- Rick
Follow Rick on:
Personal Blog | Personal Twitter
  Follow OTN on:
Web | Facebook | Twitter | YouTube

Tuesday Apr 29, 2014

How Easy Is It To Run OpenStack on Oracle Solaris 11.2?

Three resources to help you see how easy it is to create, provision, and manage an internal cloud using OpenStack on Oracle Solaris 11.2.

Sofia, Where's My Cloud?

An OTN Home Movie

7-year old Sofia installs a cloud using OpenStack running on Oracle Solaris 11.2 and shows her clueless Daddy how to manage it using the OpenStack Dashboard.

OpenStack Dashboard Walkthrough - The Admin Panel

An OTN Tech Demo

David Comay, Solaris engineer, shows you how to use the Admin panel in the OpenStack Dashboard, including how to define the types of virtual machines and software images a user can create, and how to give them networking capabilities.

OpenStack Dashboard Walkthrough - The Project Panel

An OTN Tech Demo

David Comay, Solaris engineer, shows you how to use the Project panel in the OpenStack dashboard, including how to create an instance of a virtual compute and storage resource, how to associate it with a network, how to view its topology, and more.

Stay tuned in the coming days for more video interviews of the Solaris engineers that developed this and other technologies in Oracle Solaris 11.

About the Photograph

Photograph of fountain at Oracle's Santa Clara campus taken by Rick Ramsey, April 2014.

- Rick

Follow me on:
Web | Blog | Facebook | Twitter | YouTube

Monday Apr 14, 2014

Which Type of Virtualization Should I Use?

I routinely ask techies which type of virtualization they'd recommend for which type of job. I seldom get an answer as crystal clear as Brian Bream's.

Video Interview: Which Type of Virtualization Should I Use?

with Brian Bream, CTO Collier IT

Oracle's portfolio of virtualization technologies includes Oracle VM Server for x86, Oracle VM Server for SPARC (previously known as LDOMS), and Oracle Solaris Zones, among others. Brian Bream provides a crystal clear technical overview of their differences and examples of what you would use them to do to. After you listen to the recording, which is about 5 minutes long, you'll understand why Brian was selected Instructor of the Year for both Oracle University and Sun Microsystems University before that.

More Resources About Virtualization

Here's an 8-part series about Oracle virtualization products written by Detlef Drewanz and Lenz Grimmer that might also be helpful:

About the Photograph

Photograph of Vaillancourt Fountain in San Francisco taken by Rick Ramsey, April 2014.

- Rick

Follow me on:
Web | Blog | Facebook | Twitter | YouTube

Friday Apr 11, 2014

New Oracle Solaris/SPARC SIG Launched by IOUG

What happens in Vegas ...

... stays in Vegas.

Well, most of it does, anyway.

Collaborate 2014, put on by the Independent Oracle User Group (IOUG), the Oracle Applications User Group (OAUG), and the Quest International User Group was terrific. Great content, great people, great event. And lots of sysadmins!

One of the most interesting things to come out of Collaborate is a new Special Interest Group (SIG) for Oracle Systems technologies, sponsored by Independent Oracle User Group (IOUG). It's called the Solaris/SPARC SIG, but the first meeting covered a lot of ground that included the other technologies in Oracle's Systems portfolio, including engineered systems, storage, networking, and optimized solutions. This perspective on Oracle Solaris is significant because the value of Oracle Solaris becomes increasingly evident when viewed from the perspective of the database, engineered systems like Oracle SuperCluster, and cloud strategies.

So keep an eye on the SIG and join us in future activities. I'll be sure to promote them here, but also keep an eye on the SIG Calendar.

Seth Miller and Ed Whalen, Oracle ACES, were kind enough to tape a couple of video interviews for the OTN Garage. I'll be posting them there soon.

About the Photograph

Photograph of your Systems Community Manager and friends taken by Laura Ramsey in Las Vegas, Nevada, USA, in April 2014.

- Rick

Follow me on:
Blog | Facebook | Twitter | YouTube

Wednesday Mar 26, 2014

More Tips for Remote Access with Oracle Linux

In a previous blog, Oracle Linux Tips and Tricks, I covered alternative ways to use SSH. In this article, I will cover some additional tips and tricks for using SSH for remote access, as well as some other ways to connect remotely to a server.

SSH's primary use is for remote access to hosts. SSH is not only able to provide us a terminal interface to a server, it's also able to provide us a transport for a graphical interface. In order to utilize this functionality, we must have an X server running on our local workstation. On a Linux workstation with a graphical environment, this functionality is built in. On other systems, such as a Windows machine or a Mac, this functionality is not built in. Both XQuartz on the Mac and MobaXTerm are X servers for these platforms. There are also a number of other open source and paid products available for both platforms.

Once you have an acceptable X server installed on your local workstation, you can connect with SSH using the following ssh command. The -X enables X11 forwarding for the connection. Keep in mind that the X11 forwarding is based on the user who originally connected. Logging in with one user and then using sudo often will not work, depending on the permissions and ownership needed to complete a task.

[user@laptop ~]$ ssh -X

Once you authenticate, you drop directly to a standard prompt. If you look closely, though, and examine the environment variables in your terminal, you will find an additional environment variable that has the IP address of your workstation. You can examine your environment variables using the env command.


Now you can launch an application that has a graphical interface, and the interface will be displayed on your local workstation. The following example will launch gedit. The ampersand symbol is useful for forking the process in the background so we can retain the use of our terminal.

[user@remotehost ~]$ gedit &

Using X11 connections over SSH can be quite useful for using application installers that are graphical, such as the Oracle Universal Installer for Oracle Database.

The screen application is a great compliment to SSH and is quite useful for sharing an SSH session with another user. Because of the way screen preserves sessions for the user, it is also great for high-latency network connections that have frequent disconnects and for maintaining sessions that time out due to security policies. With a regular SSH connection, if you are disconnected, any processes that were running are not preserved. Unlike SSH, the screen application keeps the session alive so it can be connected to again later.

One of the simplest things you can do with screen is share a session. You can launch screen on the terminal you wish to share by issuing the screen command. Once you do this, a new shell is running inside of screen. Another user can log in to the same machine and use the command screen -x to be immediately connected to your shell. They see everything you type. Even if you disconnect from the machine on either terminal, the shell will continue to run. This can be quite useful for sharing a terminal for a demonstration in a remote office or for running a terminal-based console that is shared between many users.

To see all of the active screen sessions, you can use screen -list, which will show active and detached sessions. To connect to a detached session, you can use screen -r and the pid.session name listed in the screen -list output. In the following example, there are five screen sessions running. One of them is detached.

[user@server ~]$ screen -list
There are screens on:
        24565.pts-1.server     (Attached)
        24581.pts-2.server     (Attached)
        24597.pts-3.server     (Attached)
        24549.pts-0.server     (Attached)
        24613.pts-4.server     (Detached)
5 Sockets in /var/run/screen/S-user.

The command screen -x can be used to connect to a currently attached session. In the following example, a connection to session 24565 is made:

[user@server ~]$ screen -x 24565

If you need access to a full graphical desktop environment remotely, there are a number of packages that can accomplish this. The package tigervnc-server is useful for connections to a remote machine providing a full Linux desktop experience. To set up and install the package, perform the following steps.

First, run the following command to install the package:

[root@server ~]# yum install tigervnc-server

Once the package is installed, you need to edit the file /etc/sysconfig/vncservers. The VNCSERVERS line establishes the user accounts that you want to enable the VNC server for and their display number. In the example below, the user bob is configured for display 2 and the user sue is configured for display 3. The VNCSERVERARGS[#] section allows you to specify options for each display. In this example, we are specifying a 1280 x 1024 resolution for display 2 and a 1024 x 768 resolution for display 3:

VNCSERVERS="2:bob 3:sue"
VNCSERVERARGS[2]="-geometry 1280x1024 "
VNCSERVERARGS[3]="-geometry 1024x768"

Once the /etc/sysconfig/vncservers file has been edited, you need to set passwords for each user account. This is accomplished with the vncpasswd command. In the following example, the user bob sets a password using the vncpasswd command.

[bob@server ~]$ vncpasswd

Once the package is installed, the configuration file is edited, and passwords are set, you are ready to turn on the vncserver service. The following two commands start the service and set the service to start automatically at the next boot:

chkconfig vncserver on
service vncserver start

Once configured and running, you can connect to your Linux system using a standard VNC client. When connecting, be sure to specify the display and password credentials that are needed in order to connect.


I hope these tips and tricks have been useful and that you will take advantage of some of them in the course of your day. We will be publishing more of these tips-and-tricks articles in the future. Feel free to leave a comment for further topics that you would like to see in this series.

See Also

Oracle Linux blog

About the Author

Robert Chase is a member of the Oracle Linux product management team. He has been involved with Linux and open source software since 1996. He has worked with systems as small as embedded devices and with large supercomputer-class hardware.

About the Photograph

Photograph taken by Rick Ramsey in Durango in the Fall of 2012

Follow OTN Garage on:
Blog | Facebook | Twitter | YouTube

Wednesday Mar 05, 2014

Preserving Unpacked Software During a Package Uninstall

I love it when I can wriggle out of the unintended side effects created by an automated system designed to simplify my life.

Here's a side effect created by the very good Image Packaging System (IPS) in our beloved Oracle Solaris 11. If you use the IPS to uninstall all packaged content from a directory, it also removes the directory. Not good if you also kinda sorta loaded unpackaged content into that directory.

For instance, let's say you worked with a third-party IPS package that installed its software into /usr/local. After a pause to polish the chrome on your custom Softail Deluxe, you install a second application into /usr/local from a tar file. What happens to that second application when you use IPS to remove the third-party IPS package from the /usr/local directory? Yup. IPS dumps the directory on the asphalt and high-sides the unpackaged content all the way to /var/pkg/lost+found.

Thank goodness somebody watches out for those of us who don't follow directions. Alta Elstad, from the Solaris Documentation Team at Oracle, is one of them. Here's how she suggests you avoid this problem.

How to Preserve the Directory

To prevent the packaged directory from being removed along with its content, package the directory separately. Create an IPS package that delivers only the one directory or directory structure that you want. Then that directory structure will remain in place until you uninstall that specific package. Uninstalling a different package that delivers content to that directory will not remove the directory.

Here's a detailed example.

  1. Create the directory structure you want to deliver. This example shows /usr/local. You could easily expand this to include /usr/local/bin and other subdirectories if necessary.
    $ mkdir -p usrlocal/usr/local
  2. Create the initial package manifest.
    $ pkgsend generate usrlocal | pkgfmt > usrlocal.p5m.1
    $ cat usrlocal.p5m.1
    dir path=usr owner=root group=bin mode=0755
    dir path=usr/local owner=root group=bin mode=0755
  3. Create a pkgmogrify input file to add metadata and to exclude delivering /usr since that directory is already delivered by Oracle Solaris. You might also want to add transforms to change directory ownership or permissions.
    $ cat usrlocal.mog
    set name=pkg.fmri value=pkg://site/usrlocal@1.0
    set name=pkg.summary value="Create the /usr/local directory."
    set name=pkg.description value="This package installs the /usr/local \
    directory so that /usr/local remains available for unpackaged files."
    set name=variant.arch value=$(ARCH)
    <transform dir path=usr$->drop>
  4. Apply the changes to the initial manifest.
    $ pkgmogrify -DARCH=`uname -p` usrlocal.p5m.1 usrlocal.mog | 
      pkgfmt > usrlocal.p5m.2
    $ cat usrlocal.p5m.2
    set name=pkg.fmri value=pkg://site/usrlocal@1.0
    set name=pkg.summary value="Create the /usr/local directory."
    set name=pkg.description value="This package installs the /usr/local \
    directory so that /usr/local remains available for unpackaged files."
    set name=variant.arch value=$(ARCH)
    <transform dir path=usr$->drop> 
  5. Check your work.
    $ pkglint usrlocal.p5m.2
    Lint engine setup...
    Starting lint run...
  6. Publish the package to your repository.
    $ pkgsend -s yourlocalrepo publish -d usrlocal usrlocal.p5m.2
  7. Make sure you can see the new package that you want to install.
    $ pkg refresh site
    $ pkg list -a usrlocal
    usrlocal (site)       1.0          --- 
  8. Install the package.
    $ pkg install -v usrlocal
               Packages to install:         1
         Estimated space available:  20.66 GB
    Estimated space to be consumed: 454.42 MB
           Create boot environment:        No
    Create backup boot environment:        No
              Rebuild boot archive:        No
    Changed packages:
        None -> 1.0,5.11:20140303T180555Z
    PHASE                                          ITEMS
    Installing new actions                           5/5
    Updating package state database                 Done
    Updating package cache                           0/0
    Updating image state                            Done
    Creating fast lookup database                   Done
    Reading search index                            Done
    Updating search index                            1/1
  9. Make sure the package is installed.
    $ pkg list usrlocal
    usrlocal (site)       1.0          i-- 
    $ pkg info usrlocal
              Name: usrlocal
           Summary: Create the /usr/local directory.
       Description: This package installs the /usr/local directory so that
                    /usr/local remains available for unpackaged files.
             State: Installed
         Publisher: site
           Version: 1.0
     Build Release: 5.11
            Branch: None
    Packaging Date: March  3, 2014 06:05:55 PM
              Size: 0.00 B
              FMRI: pkg://site/usrlocal@1.0,5.11:20140303T180555Z
    $ ls -ld /usr/local
    drwxr-xr-x   2 root     bin            2 Mar  3 10:17 /usr/local/

For More Information

About the Photograph

Photograph of Vancouver's laughing statues courtesy of BMK via Wikipedia Commons Creative Commons License 2.0

- Rick

Follow me on:
Blog | Facebook | Twitter | YouTube | The Great Peruvian Novel

Wednesday Feb 26, 2014

Oracle Solaris 11 Resources for the AIX Sysadmin

Start buttons belong on Tiger Wood's golf cart. Give me car keys that jangle when I insert them into a 1968 Dodge Charger. The music that engine makes ... it enters your body through your soul before your ear drums even register the vibration. And give me Save buttons on browser-based interfaces, too. This amorphous invisible background save that I'm supposed to trust is happening is the brainchild of developers who put posters of Joseph Stalin on their walls.

In spite of my Luddite tendencies, I do like new technologies. I also like a variety of them. If you ask my personal opinion, the more operating systems, the better. More jobs for sysadmins. More jobs for developers. More arm-wrestling matches in the server room. And more interesting problems. That's my idea of fun.

Unfortunately, it's not The Man's idea of fun. Forces I can't possibly understand and would never take for a joy ride in a stolen Dodge Charger push for consolidation and cost-cutting with the frenzy of a four barrel carburetor sucking air at wide open throttle (WOT). Even if, like me, you prefer a more genteel IT environment, you have to adapt. And so, we sometimes wave good-bye to our friends.

If you're facing a migration away from AIX, consider Oracle Solaris. Yeah, it's designed to handle the competitive pressures of today's IT environments...

  • Cloud-ready provisioning, security, and virtualization
  • Quick to reallocate compute, storage, and network resources
  • Zones, ZFS, Dynamic Tracing, Predictive Self Healing and Trusted Extensions reduce downtime and simplify the application deployment
  • Optimized to run on Oracle hardware, and to run Oracle applications
  • Automated migration tools plus assistance and education for DBAs and Power/AIX administrators migrating to Oracle Solaris.

... and yeah, because the Oracle stack is optimized to run best on Oracle Solaris (and Oracle Linux), it gives you some crazy good numbers compared to AIX ...

  • Up to 2.4x greater database performance
  • Up to 3.4x faster Java application server performance
  • Increased Oracle application performance : 1.9x faster for Siebel CRM (4) and 3x faster for JD Edwards

... but it's also got soul. And it doesn't have a dumb Start button.

Below is a link to a hands-on lab and some other resources to help you understand what's involved in migrating from AIX to Oracle Solaris.

Hands-On Lab: Oracle Solaris Administration for AIX Sysadmins

by Glynn Foster

Walks an AIX sysadmin through the basic administration of Oracle Solaris 11 and how it compares to IBM AIX Enterprise in areas including installation, software packaging, file systems, user management, services, networking, and virtualization. Even makes helps you navigate your way through documentation, man pages, and online how-to articles.

More Resources

About the Photograph

Photograph of '68 Dodge Charger courtesy of Kobac via Wikipedia Commons Creative Commons License 2.0

- Rick

Follow me on:
Blog | Facebook | Twitter | YouTube | The Great Peruvian Novel

Thursday Feb 13, 2014

Getting Your Hands Dirty with Load Balancing

What Does the Integrated Load Balancer Do?

According to the Oracle Solaris 11 documentation, the Integrated Load Balancer (ILB) intercepts incoming requests from clients, decides which back-end server should handle the request based on load-balancing rules, and then forwards the request to that server. By spreading one server's work load across multiple servers, ILB improves reliability, minimizes response time, and improves performance of the server.

The documentation describes features, components, how it works, and even the command line interface. The docs help you understand what your load balancing toolset is, but if you want to get your hands dirty, try this:

Hands-On Lab - Deploying the Integrated Load Balancer in 60 Minutes

by Amir Javanshir

This is a cool lab because it walks you through the steps that set up an environment that enables you to play with the load balancer. The steps consist more or less of:

  • Installing Solaris
  • Setting up the virtual switches and their VNICs
  • Configuring the zone for the load balancer, including its access to the VNICs
  • Cloning that zone into three other zones
  • Configuring each cloned zone to run Apache Tomcat
  • Installing the load balancer on the first zone

Once the environments are set up, the lab walks you through several exercises to help you become familiar with the different ways in with the load balancer monitors and manages traffic. This lab is a whole lot of fun.

More Hands-On Labs for Oracle Solaris 11

You can find all the hands-on labs for Oracle Solaris 11 here:

All Hands-On Labs for Oracle Solaris 11

- Rick

Follow me on:
Blog | Facebook | Twitter | YouTube | The Great Peruvian Novel

Friday Jan 31, 2014

Simplifying the Installation of Oracle Database on Oracle Linux - Reprint

Most of my workdays start by shapechanging me into a seven-headed Hydra, and each Hydra promptly makes a beeline for multi-tasking hell. So, when I get a chance to simplify something, anything, I jump on it.

Ginny has done that for OTN at last twice. Below are two of her exercises in simplifying our lives. We published these articles before, but we recently had to rebuild one of them because somebody (I'm not going to say who) deleted it. To avoid annoying one of your Hydras, and instead send you off to a peaceful weekend, here they are again.

How I Simplified Oracle Database Installation on Oracle Linux 5

by Ginny Henningsen

Before installing Oracle Database 10g or 11g on a system, you need to preconfigure the operating environment since the database requires certain software packages, package versions, and tweaks to kernel parameters. Ginny discovered that Oracle Linux provides a remarkably easy way to address these installation prerequisites. Find out how.

How I Simplified Oracle Database 11g and 12c Installation on Oracle Linux 6

by Ginny Henningsen

Similar to the article above, but updated for Database 12c and Oracle Linux 6. Ginny simplifies the installation of Oracle Database 11g by automatically pre-configuring Oracle Linux with the required software packages and correct kernel parameters.

Photograph of Fat Boy on Sakajawea Road in Idaho taken by Rick Ramsey

- Rick

Follow me on:
Blog | Facebook | Twitter | YouTube | The Great Peruvian Novel

Wednesday Jan 29, 2014

Man Vs. Machine

Man vs machine. Command Line vs GUI. It's not a new debate. In fact, when I was a little boy I watched this Paul Bunyan cartoon with the dismay of a sysadmin watching the increasing popularity of GUIs:

Cartoon: Paul Bunyan's Ax vs The Chain Saw

What Skills Do Sysadmins Need to Manage a Modern Data Center?

Video Interview with Brian Bream

When I wrote technical manuals for Oracle Solaris back in the day, I had the luxury of my very own lab. For instance, while writing the NIS+ books, I was able to discover my own procedures on a small network and, when I needed something larger, I could ask the sysadmins in Sun's bigger labs to try some experiments for me. Little did I know those were the Golden Years of technical writing.

They were also the Command Line Years. We used the command line for everything, including email, product testing and, of course, managing Solaris. The command line put the operator in control. You had a mental map of what you were doing, you were completely engaged, and if something became repetitive, you could always write a script for it. The shell was the interface, and emacs was the only tool you needed.

When GUI's first came out, we hated them on principle. They were slower than the command line, and they didn't really add any value. Plus, they weakened your skills.

Since then it's been a tossup. GUI's have gotten steadily better, but they didn't add enough value to overcome our attachment to the command line. In fact, we kinda resented them because they were used as a pretext to hire less experienced and cheaper sysadmins.

However, with the advent of vertically-integrated systems such as Oracle's Exadata and SuperCluster, the GUI may have finally come into its own. Listen to Brian Bream explain why.

Watch video interview here

Photograph of bicycle in Durango taken by Rick Ramsey in Oct 2012

- Rick

Follow me on:
Blog | Facebook | Twitter | YouTube | The Great Peruvian Novel


Logan Rosenstein
and members of the OTN community


« October 2015
Blogs We Like