Wednesday Jul 16, 2014

Get Your ZFS On

Surprising as it may seem, there are still many sysadmins out there who don't use ZFS or are not familiar with its best features. We (since I'm one of them) should send expensive gifts to Oracle ACE Alexandre Borges. Alexandre loves Solaris so much he can't stop writing about it. He recently put together a torrent of articles about ZFS that, even if you think you know everything about it, you should peruse. Because I bet he's found things you didn't know about.

I've been posting them at the rate of about one a week. Here are the first five.

1. Using COMSTAR and ZFS to Configure a Virtualized Storage Environment

by Alexandre Borges

How to configure the Common Multiprotocol SCSI TARget (COMSTAR) capability in Oracle Solaris 11 to provide local iSCSI storage to Windows, Linux, and Mac clients.

2. Playing with Swap Space in ZFS Volumes

by Alexandre Borges

Alexandre walks through several ZFS commands that control and monitor swap space, describes the insight they provide, and explains how to use them to increase or decrease swap space.

3. Playing with ZFS Shadow Migration

by Alexandre Borges

If you need to migrate data from a server running Oracle Solaris 10 or 11 to one running Oracle Solaris 11.1, use Shadow Migration. It's easy, and allows you to migrate shared ZFS, UFS, or VxFS (Symantec) file systems through NFS or even through a local file system. Alexandre shows how.

4. Delegating a ZFS Dataset to a Non-Global Zone

by Alexandre Borges

Adding a dataset to a non-global zone does not give the non-global zone's administrator control over the dataset's properties. They are retained by the global zone's administrator. Delegating a dataset, however, does give the non-global zone's administrator control over the dataset's properties. Alexandre explains the difference and how to perform the delegation.

5. Playing with ZFS Encryption

by Alexandre Borges

Oracle Solaris 11 supports native encryption on ZFS so that it can protect critical data without depending on external programs. It's also integrated with the Cryptographic Framework. Alexandre explains the benefits of these and other Oracle Solaris encryption capabilities, and the different methods for encrypting and decrypting files, file systems, and pools.

About the Photograph

In late June I rode from the South Entrance to Yellowstone National Park in heavy rain. When I stopped at the grill for a burger, I inadvertently shocked the good patrons by wringing water out of my neck warmer, sweater, and t-shirt directly onto the stone floor in the cafeteria. When I'm on a long ride it takes me a moment to remember the finer points of civilized behavior. When the clouds temporarily cleared, I took this picture of Yellowstone Falls from Uncle Tom's trail.

- Rick
Follow Rick on:
Personal Blog | Personal Twitter
  Follow OTN Garage on:
Web | Facebook | Twitter | YouTube

Friday Jun 13, 2014

Insights into Swap Space on Oracle Solaris 11

What I enjoy about the articles that Oracle ACE Alexandre Borges writes is the insights he provides. For example:

swaplo indicates the minimum possible swap space size, which represents the memory page size (8 sectors x 512 bytes = 4K). To check it:
root@solaris11-1:~# pagesize
4096
A value of 4K is typically found on Intel machines. However, with Oracle Solaris 11 on SPARC machines, the page size can vary from 16K to 2 GB (this upper limit also applies for Intel processors). The upper limit of swap space is mainly used as the page size for the System Global Area (SGA)—a dedicated shared-memory area for an instance of Oracle Database 11g. Additionally, it is worth noting that 2 GB pages are supported with Oracle Solaris 10 8/11 or later Oracle Solaris releases and Oracle's SPARC T4 processor, but this page size isn't enabled by default. If it's suitable for some applications, we have to enable it by inserting set max_uheap_lpsize=0x80000000 in the /etc/system file and then rebooting the system.

Alexandre not only loves working with Oracle Solaris, he takes the trouble to explain its nuances. He's written a series of articles on his experience with Oracle Solaris. This is the second one:

Tech Article: Playing with Swap Monitoring and Increasing Swap Space Using ZFS Volumes in Oracle Solaris 11

by Alexandre Borges

Alexandre walks through several commands and the insight they provide into a system's swap space, and explains how to use them to increase or decrease it.

Stay tuned for more articles from Alexandre in the coming weeks.

About the Photograph

Photograph of 01 Ducati 748 vertical cylinder piston and rings taken by Rick Ramsey in Colorado

- Rick

Follow Alexandre on:
His Blog | Twitter
  Follow OTN on:
Web | Facebook | Twitter | YouTube

Tuesday May 06, 2014

Replay of Solaris Labs From OTN Virtual Sysadmin Day

Missed OTN's last Virtual Sysadmin Day? That's OK, so did the majority of Earth's 7 billion inhabitants. A stalwart 400 did manage to pull themselves away from The Daily Grind and attend in person. To accommodate the remaining 7 billion slackers, I published videos of the Solaris hands-on labs. I'll do the same for the Oracle Linux and Virtualization sessions over the next few days.

Lab Intro - How Oracle Solaris 11 Simplifies the Life of a Sysadmin

Typical tasks and challenges in a sysadmin's work and how Oracle Solaris 11 simplifies them. Managing software packages, updating systems, managing users, monitoring system performance and diagnosing problems, assessing, assigning and redistributing system resources according to workload patterns. Which Oracle Solaris 11 features can help. Examples and best practices. Exercises that model everyday situations.

Lab 1: Managing the Software Lifecycle with Oracle Solaris 11

Tricks to help you to manage software packages installed on your systems. Most organizations have separate environments for development, test, QA and production applications. How can you make sure the right versions of software packages are installed in each of them, and avoid inconsistencies? How can you configure your production systems to avoid accidental updates? How should you integrate your software packages with SMF services? These and many other questions will be answered by using practical hands-on examples.

Lab 2: Managing Your Data with ZFS in Oracle Solaris 11

ZFS has been a round a long time, but it has so many new capabilities to explore that you might still have a lot of questions. For instance, how do I create a ZFS file system that will have a guaranteed amount of available space, instead of sharing it with other file systems in a pool? What are the best practices for backing up ZFS file systems? How can I use ZFS encryption? Can I create a raw block device on ZFS and why do I need it? These and many other questions will be answered by using practical hands-on examples.

Lab 3: Managing Virtual Environments in Oracle Solaris 11

What are the best ways to create and manage zones? How should I use Solaris virtual networking to separate traffic from different applications? How can I monitor and manage system resources assigned to zones? How should I protect my zones from malicious users? How can I migrate zones between hosts? These and many other questions will be answered with practical hands-on examples.

About the Photograph

Photo of Las Vegas skyline taken by Rick Ramsey at Collaborate 2014

- Rick
Follow Rick on:
Personal Blog | Personal Twitter
  Follow OTN on:
Web | Facebook | Twitter | YouTube

Tuesday Mar 18, 2014

Configuring COMSTAR to Provide Local iSCSI Storage

Oracle Solaris 11 introduced two storage capabilities that I wasn't aware of until Oracle ACE Alexandre Borges brought them to my attention.

A Solaris 11 system can serve as an iSCSI target that offers storage to other machines, or as an iSCSI initiator to access the storage offered by another iSCSI target. This capability is a real advantage, because any storage offered through the iSCSI protocol is available to an iSCSI initiator as local storage, without the need to use expensive technologies such as Fibre Channel (FC).

Solaris provides this service through a framework named Common Multiprotocol SCSI TARget (COMSTAR). Alexandre Borges shows you how to use it:

Tech Article: Using COMSTAR and ZFS to Configure a Virtualized Storage Environment

How to use COMSTAR to provide local iSCSI storage for any service that runs in Windows, Linux, or Mac OS. It also shows you how to configure authentication using the Challenge Handshake Authentication Protocol (CHAP) to secure the iSCSI storage against forbidden access. Part 1 of a series about ZFS.

About Alexandre Borges

Alexandre Borges is an Oracle ACE who worked as an employee and contracted instructor at Sun Microsystems from 2001 to 2010 teaching Oracle Solaris, Oracle Solaris Cluster, Oracle Solaris security, Java EE, Sun hardware, and MySQL courses. Nowadays, he teaches classes for Symantec, Oracle partners, and EC-Council, and he teaches several very specialized classes about information security. In addition, he is a regular writer and columnist at Linux Magazine Brazil.

More content from Alexandre:

Exploring Installation Options and User Roles in Oracle Solaris 11

Part 1 of a two-part series that describes how Alexandre installed Oracle Solaris 11 and explored its new packaging system and the way it handles roles, networking, and services. This article focuses first on exploring Oracle Solaris 11 without the need to install it, and then actually installing it on your system.

Exploring Networking, Services, and the New Image Packaging System in Oracle Solaris 11

Alexandre walks you through the new way Oracle Solaris 11 manages networking, services, and packages, compared to the way it managed them in Solaris 10.

Articles in Linux Brazil Magazine (Portuguese)

Columns in Linux Brazil Magazine (Portuguese)

More About ZFS and COMSTAR

About the Photograph

Photograph of San Rafael Swell taken in Utah by Rick Ramsey on the way to Java One.

- Rick

Follow me on:
Blog | Facebook | Twitter | YouTube | The Great Peruvian Novel

Thursday Oct 03, 2013

How Does Oracle Make Storage So Freaky Fast?

The sound quality of these videos is not very good because I taped them while people around me were watching the America's Cup, but the content is worth your time. Jason Schaffer, from Oracle Storage Engineering, explains ...

How the ZS3 Storage System is Engineered

by Jason Schaffer (3 minutes)

The ZS3 is the fastest storage system "on the planet." Jason Schaffer explains what makes it so fast, how it was engineered, and what you can do with it.

How the ZS3 Storage Appliance Tunes Itself

by Jason Schaffer (2 minutes)

Jason Schaffer, from Oracle Storage Engineering, explains how the ZS3 Storage System uses the Oracle Intelligent Storage Protocol (OISP) to automatically tune its I/O patterns to make Oracle Database 12c run faster.

How Oracle Makes the ZS3 Storage System Go Fast

by Jason Schaffer (4 minutes)

Jason Schaffer explains how the ZS3 Storage Appliance uses DRAM to get its crazy fast performance. Taped at Oracle OpenWorld 2013.

More Resources About the ZS3 Storage Appliance

Monday Jul 29, 2013

How to Bend Bare Metal to Your Will

photo copyright 2013 by Rick Ramsey

The fins on this 1957 DeSoto were shaped during a time when Americans weren't afraid of offending anyone with their opinions, right or wrong. We have, perhaps, grown a little more introspective, a little more considerate, but our cars have paid the price. They all look alike. Their edges have been worn away by focus groups. They have no personality. They cringe at the sight of their own shadows.

I weep for my adopted country.

Well, if you like classic American cars as much as I do, you may on occasion feel the need to bend bare metal to your will. Here's your chance.

Tech Article: How to Get Best Performance From the ZFS Storage Appliance

Disk storage. Clustering. CPU and L1/L2 caching size. Networking. And file systems. Just some of the components of Oracle ZFS Storage Appliance that you can shape for optimum performance. Anderson Souza shows you how. Go ahead. Give your appliance a pair of tail fins. (Link is in the title.)

Psst:
You can see more unique cars from the Golden Age of American Automobile at the Gateway Automobile Museum. If you can't get to the border between Utah and Colorado to appreciate them in person, like I was fortunate enough to do, you can enjoy them through your browser at http://www.gatewayautomuseum.com/cars-and-galleries/.

- Rick

Follow me on:
Blog | Facebook | Twitter | YouTube | The Great Peruvian Novel

Friday Apr 26, 2013

Three Goodies About the ZFS Storage Appliance

Today we have three goodies about the ZFS Storage Appliance to share (image removed from blog):

Video Interview: The Top Capabilities of ZFS Storage Appliance Explained

Nancy Hart describes her favorite capabilities about the ZFS Storage Appliance, and Jeff Wright explains how each of them works. They cover Hybrid Columnar Compression, Direct NFS (makes data transfer more efficient), Remote Direct Memory Access, Oracle Intelligent Storage Protocol (database aware of the storage and vice versa), DTrace Analytics to optimize deployments, and more.

Blog: My Personal ZFS Storage Appliance Crib Sheet

We recently published some articles about really cool ways to use the ZFS Storage Appliance, so I spent a little time looking into the darned thing. It's easy to find out what the ZFS Storage Appliance does, but more difficult to find out what its components are. What can I yank out and replace? What can I connect it to? And what buttons and levers can I push? Or pull. So I put together this crib sheet. If you didn't grow up in The Bronx, see wikipedia's definition of crib sheet.

3D Demo

Pop the doors open, pull out the disk shelves, find out what's inside each one. Great demo, and you're at the controls.

Additional Resources

For more technical resources about the ZFS Storage appliance, use any of the four tabs on OTN's Technical Resources Center. And, to see other blogs about Oracle's storage products, select the "Storage" tab under Categories in the right margin, or click here.

- Rick

Follow me on:
Blog | Facebook | Twitter | YouTube | The Great Peruvian Novel

Wednesday Jul 25, 2012

OTN Sysadmin Day in Denver, Colorado

Source

Can you find the sysadmin in the picture?

You might be able to on Thursday, August 23rd. OTN is hosting its next Sysadmin Day in Denver, Colorado, and we can never keep track of our sysadmins. In a place as purty as Colorado, it will be even harder.

Note: The date on the link above is incorrect. The correct date is Thursday, August 23rd.

Our previous OTN Sysadmin Day in Santa Clara had almost 100 attendees. The one in Denver will have similar presentations, but we're adding some content on virtualization. Which we hope to expand into a third track in the future. As usual, Pavel Anni opens our OTN Sysadmin Days with a talk about Oracle's dual OS strategy. He explains why Oracle offers two operating systems, and summarizes the main features of each one. Then we split off into two different groups to get our hands on each OS.

One group gets their hands on the ZFS filesystem, virtualization capabilities, and security controls of Oracle Solaris.

The other group gets their hands on the package management tools, services, and runs levels of Oracle Linux, plus its volume management tools and the Btrfs filesystem.

Both groups learn by doing, using the hands-on labs similar to those on OTN's Hands-On Labs page. Why attend an event in person when you could simply work the labs on your own? Two reasons:

  1. Since you are away from the obligations of the data center, you get to focus on working the labs without interruption.
  2. You get help from Oracle experts and other sysadmins who are working on the same labs as you.
The event is free. Here's the agenda:

Time Session
8:00 am System Shakedown
9:00 am Oracle's Dual OS Strategy
 

Oracle Solaris Track

Oracle Linux Track

10:00 am HOL: Oracle Solaris ZFS HOL: Package Management and Configuration
11:30 am HOL: Virtualization HOL: Storage Management
1:00 pm Lunch / Surfing OTN
2:00 pm HOL: Oracle Solaris Security HOL: Btrfs filesystem
3:00 pm Presentation: Oracle Enterprise Manager Ops Center 11g
3:30 pm Presentation: Oracle VM Manager
4:00 pm Discussion: What are the most pressing issues for sysadmins today?
5:00 pm Get lost in the mountains.

- Rick

Website Newsletter Facebook Twitter

Thursday Jul 12, 2012

Smaller/faster: what's not to like?

200 MB DiskpacksOne might think that things like disk space and even computer speed had become irrelevant. After all, our cell phones have more computing power and storage than million dollar computers of fifteen years ago. (Stop me if I’ve told this story too many times: 25 years ago we sold a terabyte of disk using the big 200 MB disk platters. So, that was a total of over 4,000 disks. Since this is ancient history, the details are hazy, but I do remember that it involved a sizable facility for the storage alone and an even more sizeable commission for the sales rep. Those were the good ol’ days!)

The truth is, there is always an opportunity to take advantage of more resources. Indeed, we are in the era of big data and it would seem that our big limitation now is the speed of light. Rather than brute force, clever engineers continually come up with better ways of doing things. The RDBMS world has tended to think in terms of rows, but there is a new trend to organize it in columns instead. Wikipedia has a great summary of the pros and cons worth taking a look at, if this is new to you. In a nutshell, columnar databases can provide real performance advantages for data warehouses.

Oracle’s Hybrid Columnar Compression technology is nicely described in this paper. Long time storage specialist Art Licht has written a paper about a study he did, explaining How We Improved SAN and NAS Performance with Hybrid Columnar Compression with some remarkable results: 19x reduction in required storage space and an average 6x increase in database query performance.

Art provides specifics on how to do this using the Pillar Axiom Storage System and Sun ZFS Storage Appliance, with detailed test results. This is an article you don’t want to miss: a real hands-on description that quickly brings you up to speed with the technology and its application in the real world. Cache Accesses

–Kemer

Tuesday Apr 24, 2012

Excuses, Excuses!

Excuses BookThere are two kinds of sysadmin. One charges into the unknown, eager to try the latest-and-greatest, confident in his or her ability to fix whatever breaks. The other is cautious, dedicated to keeping the Enterprise running and probably aware that unplanned downtime can become one of those career-limiting events.

If you are the latter, you probably have a pile of valid reasons (polite version of "excuse") why you haven't upgraded from Oracle Solaris 10 to Oracle Solaris 11. But that pile is getting pretty small. One of the remaining challenges may be how to get from here to there with minimal downtime. Fortunately, Harold Shaw has written an article that takes fear, pain, and loathing out of that migration: How to Live Install from Oracle Solaris 10 to Oracle Solaris 11 11/11.

You'll notice that we are being very specific that this will get you to Oracle Solaris 11 11/11. In fact, there are a couple of very important caveats: not only is this how-to (currently) specific to a target OS of Oracle Solaris 11 11/11, Harold is careful to point that you can't create a golden image on one type of system, say a SPARC M-Series system from Oracle, and deploy it on a different system, such as a SPARC T-Series system from Oracle.

The 4 Steps to Migrating from Oracle Solaris 10 to 11 11/11

Harold's formula is very detailed and surprisingly concise. I'd say you are running out of excuses to not make that switch to Oracle Solaris 11.

—Kemer

Website

Newsletter

Facebook

Twitter

Friday Mar 09, 2012

My Personal Crib Sheet for the ZFS Storage Appliance

Question: What do the F22 Raptor and the ZFS Storage Appliance have in common?

Answer: They bend time. They compress distance. And they both come with their own simulator.

We recently published some articles about really cool ways to use the ZFS Storage Appliance (see below), so I spent a little time looking into the darned thing. It's easy to find out what the ZFS Storage Appliance does, but more difficult to find out what its components are. What can I yank out and replace? What can I connect it to? And what buttons and levers can I push? Or pull.

So I put together this crib sheet. If you didn't grow up in The Bronx, see wikipedia's definition of crib sheet.

What Have We Published Recently?

What the Heck Is It?

It is Oracle's main NAS system for enterprise environments. In case you don't already know, NAS (Network Attached Storage) is simply a storage system designed to be shared by several servers on a network. Instead of each server having its own storage, which would make sharing files wicked slow, you put all your storage on your NAS system, and let all the servers access it fast. Plus, it's much easier to manage. Shoot, you can even store your boot environments on your NAS system so that if one of your servers dumps core, you can reboot it from the NAS system.

It comes in three variations:

  • 7120 - for small and medium size installations - 3.3 TB to 177 TB raw capacity
  • 7320 - mid-range storage for the enterprise - cluster option - up to 288 TB raw capacity - Hybrid Storage Pools with up to 4 TB of optimized cache
  • 7420 - For virtualized environments requiring multiple data services and heterogeneous file sharing - single or cluster - up to 1.7 PB of raw capacity

What Makes It Special?

  • It's wicked fast (see F22 Raptor, above).
  • It's got management software that makes it easy to administer.
  • Its Hybrid Storage Pool Design recognizes I/O patterns and places data in the storage media that will provide best performance for that data, whether DRAM, flash, or disk.
  • Hybrid Columnar Compression reduces storage footprints for NAS-based databases from three to five times.
  • DTrace analytics help you diagnose performance and networking bottlenecks
  • Fault Management Architecure (FMA) identifies faults and automatically re-routes traffic around them.
  • When you need more capacity, you can add:
    • DRAM, cache, or I/O ports for more resources
    • Disk shelf units for greater total capacity
    • Flash drives for faster performance.
  • You can get it in a dual-cluster configuration for high availability.
  • It provides a variety of RAID protections to balance capacity, protection, and performance requirements of your applications.
  • It's waaaaay cheaper than an F22 and doesn't require all that cryptic back and forth with those moody Air Traffic Control people.

Details here.

What's In The Box?

When I asked, I got the usual "Well, I could tell you what's in the box, but then I'd have to shoot you." Turns out they don't want me messing with it. Or you messing with it. The darn thing is built from off-the-shelf components, but the value-add comes from the way they're tuned to work together. So if you, Mister Curiosity, decide to pop open a terminal and run ssh into Solaris, you'll see a message notifying you that if you continue with your wayward ways you'll void your warranty. Ack! Like the good ol' boys from the Georgia Satellites like to put it...

She said, "No huggee, no kissee
Until you make me a wife."
Oh, my honey, my baby
Don't put my love upon no shelf
She said, "Don't hand me no lines
And keep your hands to yourself."

Here's what you really need to know: It's a specialized server with a processor, memory, and disk drives. Loaded with a highly tuned version of Oracle Solaris and other software goodies. But don't think of it that way. Think of it as remote storage. That's all. A box with:

  • Two types of storage:
    1. Filesystem, such as CIFS, NFS, ZFS, etc.
    2. Block, allocated as a Logical Unit (LUN)
  • Connections for a wide variety of network protocols
  • Two sysadmin toolkits:
    1. BUI (boo! boo!)
    2. CLI (yay! yay!)
  • Analytics to help you monitor its performance.

Connections? What Can I Connect It To?

For starters, you can connect it to the other servers on the network, through the stock Infiniband HCA's. That's part of what makes it wicked fast. But you can also connect it to other devices through industry-standard network protocols, including:

  • Infiniband
  • Fibre Channel
  • NFS
  • Common Internet File System (CIFS)
  • Internet Small Computer System Interface (iSCSI)
  • NDMP (Network Data management Protocol so it can participate in remotely-coordinated automatic backups
  • A Virus Scan Service
  • NIS naming, LDAP directory, and Microsoft Active Directory services for centralized management of users, groups, hostnames, etc.

What Administration Tasks Does It Require?

Details vary by model and your needs, but basic administration consists of:

  • Defining the storage allocated to each server
  • Making it available to the servers (sharing)
  • Migrating data
  • Integrating it with other applications
  • Taking snapshots
  • Monitoring performance with DTrace Analytics
  • The usual backups, diagnostics, and housecleaning tasks for any server or storage system

Any Examples of What To Use It For?

Turns out you can do lots of cool things with the ZFS Storage Appliance. A partial listing:

For More Information

The Best American Country Song of All Time?

Is it the best? That's debatable. But it's certainly one of my favorite renditions of a country song, from one of my favorite movies of all time.

- Rick Ramsey (with special thanks to Andrew Ness)

Website

Newsletter

Facebook

Twitter

Tuesday Feb 28, 2012

Santa Clara On April 10 - Next OTN Sysadmin Day

Before the part of Oracle that was then Sun Microsystems moved in, the facility used to be known as the Agnews Insane Asylum. Some of us who worked for Sun at the time thought the image was hilarious. Some thought it was insensitive. Some believed it was a statement about the rise of the corporate state and the demise of benign government. That was the Santa Clara campus back then, a diverse, magical workplace full of people who held strong opinions about everything, yet managed to have a great time together.

Another topic that incites strong opinions among good friends is Oracle Solaris vs Oracle Linux. Which one is better? Which one should I use? Which one should I learn how to use? At our OTN Sysadmin Days, we let you decide. Pavel Anni always opens our OTN Sysadmin Days with a talk about Oracle's dual OS strategy. He explains why Oracle offers two operating systems, and summarizes the main features of each one. Then we split off into two different groups to get our hands on each OS.

One group gets their hands on the ZFS filesystem, virtualization capabilities, and security controls of Oracle Solaris.

The other group gets their hands on the package management tools, services, and runs levels of Oracle Linux, plus its volume management tools and the Btrfs filesystem.

The truly adventurous sysadmins jump between groups. Both groups learn by doing, using the hands-on labs similar to those on OTN's Hands-On Labs page. Why attend an event in person when you could simply work the labs on your own? Two reasons:

  1. Since you are away from the obligations of the data center, you get to focus on working the labs without interruption.
  2. You get help from Oracle experts and other sysadmins who are working on the same labs as you.

I've been to all our OTN Sysadmin Days so far. The sysadmins and IT managers who attended told me that it was time very well spent. However, our attendance has been low. Not sure whether we haven't gotten the word out to enough people, or whether it's just difficult for sysadmins to get away. In any case, if we don't improve attendance, we'll have to cancel OTN Sysadmin Days.

So if you're interested, register now. Santa Clara on April 10 may be your last chance. The event is free. Here's the agenda:

Time Session
8:00 am System Shakedown
9:00 am Oracle's Dual OS Strategy
 

Oracle Solaris Track

Oracle Linux Track

10:00 am HOL: Oracle Solaris ZFS HOL: Package Management and Configuration
11:30 am HOL: Virtualization HOL: Storage Management
1:00 pm Lunch / Surfing OTN
2:00 pm HOL: Oracle Solaris Security HOL: Btrfs filesystem
3:00 pm Presentation: Oracle Enterprise Manager Ops Center 11g
3:30 pm Presentation: Setting Up and In-House Development Environment with Oracle Solaris Studio
4:00 pm Discussion: What are the most pressing issues for sysadmins today?
5:00 pm We all go home

- Rick Ramsey

Website

Newsletter

Facebook

Twitter

Thursday Nov 03, 2011

Solaris Security Resources on OTN

image courtesy of Faisal's photo stream on Flikr

An Overview of Oracle Solaris 10 Security Controls

Glenn Brunette describes how to more easily secure ZFS file systems compared to UFS file systems in this white paper, along the following lines:

UFS file systems have the following characteristics:

  • UFS file systems are directly tied to disk slices
  • Disk slice space is not easily expanded to increase capacity for UFS file systems because the disk generally contains other disk slices for active file systems
  • In some cases, you have to reinstall the OS to increase the size of the UFS root file system
  • UFS file system space is controlled by using UFS quotas

ZFS file systems have the following advantages:

  • ZFS uses a pooled storage model where all the file systems in pool use available pool space.
  • No relationship exists between ZFS file systems and disk slices except for the ZFS root file system.
  • A long-standing boot limitation is that a ZFS root file system must be created on a disk slice.
  • During installation, you define the size of the root pool disk slice or mirrored slices that contain the root file system.
  • The root file system contains separate directories of system-related components, such as etc, usr, and var, unless you specify that var is separate file system.
  • You can put a reservation and a quota on the /var file system to determine how much disk space is reserved for /var and how disk space it can consume.

For example, you might consider configuring a separate /var file system when installing a system that will be used as a mail server. This way, you can control the size of var with a quota so that root pool's space capacity is not exceeded.

In addition, if the ZFS root file system and the /var file system begin to exceed the pool's capacity, you can easily replace the root pool disk with a larger disk without having to unmount, restore a backup, or reinstall the root file system.

How should you configure your ZFS data sets for optimum security? Read Glenn's paper to find out. He not only provides security-based recommendations for ZFS, but also for:

  • Software installation clusters
  • Minimization
  • Non-executable stacks
  • Filesystems
  • USB Support
  • Plugable Authentication Modules
  • Service Management Facility
  • Cryptographic services management
  • Zones
  • And lots more

If you're inclined to read more about security, try these other two papers we published recently, plus OTN's security collection.

Oracle Solaris 11 Security: What's New for Developers

Recommendations for Creating Reduced or Minimal Solaris Configurations

OTN's Security Collection

- Rick Ramsey and Cindy Swearingen
Website
Newsletter
Facebook
Twitter

Wednesday Sep 14, 2011

OTN Sysadmin Day - Seattle

OTN Sysadmin Day held in Sacramento on Sep 8 was the first time we presented two tracks of hands-on labs:

Time Session
8:00 am System Shakedown
9:00 am Oracle's Dual OS Strategy / Overview of OTN
 

Oracle Solaris Track

Oracle Linux Track

10:00 am HOL: ZFS HOL: managing packages, configuring services
11:30 am HOL: Exploring OS, network, and storage virtualization HOL on Storage Part I: managing storage and file systems
1:00 pm Lunch Break
2:00 pm HOL: Managing software with IPS HOL on Storage Part II: Device Mapper, BTRFS
3:00 pm Presentation: Oracle Enterprise Manager Ops Center 11g
4:00 pm Discussion: What are the most pressing issues for sysadmins today?
5:00 pm We all go home

Participants found the hands-on labs particularly valuable. You get to learn by doing. And what you get to do is install, configure, and manage the technologies of Oracle Solaris 11 and Oracle Linux in the same way as you would in the real world.

Next Sysadmin Day

We are doing another one in Seattle, on September 22nd. From 8:00 am to 5:00 pm. It's free, but you must register. Please stay for the feedback session at the end. They tend to be pretty spirited, and you might win a neat prize. I'll tell you more if you make it to Seattle.

Our next Sysadmin Day won't happen till January 18 (Salt Lake City), so do what you can to make it to Seattle. It's being held at the Seattle Westin Hotel, 1900 5th Avenue.

If you'd like to see some pictures from the Sacramento event, go to the "OTN Sysadmin Day Sacramento" photo folder on the OTN Garage on Facebook.

- Rick
Website
Newsletter
Facebook
Twitter

Tuesday Aug 16, 2011

Ginny Had A Bright Idea

image courtesy of Twenty Words

In the Olden Days before most of us were born, if a woman got a bright idea she got an immediate spanking from John Wayne. Thank goodness John Wayne has stopped doing that, or we wouldn't get to reap the benefits of the research Ginny Henningsen did with Oracle Solaris 11.

When Ginny read about all the different ways to download, install, patch, and manage updates in Solaris 11, she wasn't sure where to start. So she drew on her personal experience, the experience of other sysadmins and systems engineers, the documentation, and the related technical articles posted on OTN.

The result? These three very practical articles.

Article 1
Best Way To Update Software Using IPS in Oracle Solaris 11

The SVR4 packaging and patching systems in earlier versions of Solaris were designed by the Chosen for the Faithful. If you loved SunOS you could recite package nomenclature in your sleep and you always, always used the command line. Alas, nobody loves software for its own sake any more. At least, not enough of us do. And so, the latest version of Solaris does away with the mystery, the animal sacrifice, the practice of witchcraft, and the other requirements for mastery of earlier versions. Read how Ginny put away her potions and figured out the best way to use the new tools.

Article 2
Best Way to Automate ZFS Snapshots and Track Software Updates in Oracle Solaris 11

Boot environments in Solaris 11 perform a function similar to Live Upgrade environments in Oracle Solaris 10. Except that they're implemented with ZFS. Which means you can generate snapshots of your boot environments at every point you'd like to record. And the beauty of that is, of course, that you can return to any snapshot of the boot environment that you want to use. In this article, Ginny introduces TimeSlider, shows you how to configure it to take automatic snapshots, and explains how to keep a record of the software updates that have been made to the current boot environment.

Article 3
Best Way to Update Software in Oracle Solaris 11 Zones

Before the Zone there was the Container. And before the Container, the Zone. This is The Way of Software. In her third "Best Way" article, Ginny figures out the best way to manage software updates in Solaris 11 zones which, as you might expect, are different from Solaris 10 zones. After showing you those differences, she shows you how to create, configure, install, and clone a Solaris 11 zone, then how to upgrade both the global and non-global zones. As a bonus, you get to find out what to do if something goes wrong.

We're expecting more "Best Way" articles from Ginny down the road. So read these, try out their recommendations yourself, and tell us what you think.

And don't forget to save the lemur!

- Rick
Website
Newsletter
Facebook
Twitter

About

Contributors:
Logan Rosenstein
and members of the OTN community

Search

Archives
« June 2016
SunMonTueWedThuFriSat
   
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
  
       
Today
Blogs We Like