Wednesday Dec 22, 2010

Sun Rays\* and Round Robin

\*While the title of this blog is misleading, know that my intent is to help people find answers via search engines.  In reality, this post is about using operating systems that perform caching of resolved DNS names and how it can affect name resolution.  Nothing to do with Sun Ray, except the fact that they are the most widely used client for readers of this blog.

Every once in a while a problem shows up where an application or script installed on a Sun Ray server always connects to the first server in a list of hosts that has been configured for round robin in DNS.  Typically, this is noticed in kiosk mode where something like the Sun Ray Windows Connector is pointed at a DNS name that is configured to round robin (RR) through multiple Windows Servers hosts running Terminal/Remote Desktop Services.  Sun Ray administrators are often left scratching their heads as to the root cause.

The most common initial reaction is that the DNS server is setup incorrectly (I'll plead guilty that I've had the same reaction).  It is true that some DNS servers can be configured will return the same IP on the initial DNS query.  This is called a cyclic ordering and  results in the first IP address of the resolved name on every client to be identical.   For example, if a DNS server is set for cyclic ordering, every first request for the IP address of will be that of "Server A" on all clients. The second query from the same client for should result in "Server B" being resolved (if not, then you do have a DNS problem).  However, in the case of Sun Ray Server, the "second query from the same client" would be from the second Sun Ray session.  As far as the DNS server is concerned, all the Sun Ray sessions (at least those on the same server) are coming from the same client.  Therefore, even with cyclic ordering, round robin should work as expected (or even better) in a Sun Ray environment as compared to a "fat" client environment. You can check the documentation for specific DNS servers on how to set a random order for round robin (which should be the default), but know that chasing down cyclic ordering of RR entries as a cause to this "issue" is basically a red herring in a Sun Ray environment.

The most likely culprit in this scenario is a side effect of the name service caching daemon (nscd) that is active on the operating system where Sun Ray Server Software (SRSS) is installed.  The job of nscd is to speed up name resolution of a lot of things; hosts, groups, and in the case of Solaris, even things like user attributes (i.e. RBAC).  However, we are primarily concerned about the caching of host IP addresses.

The truth is that nscd usually breaks round robin scheme as it caches the first server returned by the first query from the "caller" (i.e. the host doing the name lookup, aka in this case the Sun Ray server) and all applications/scripts on the caller will use that address for the lifetime of the cache (TTL). The default TTL of the nscd cache on Solaris and Linux is 3600 seconds (an hour).  If you think that TTL is long, consider the similar mechanism on Windows is 86,400 seconds (1 day). 

On Solaris to disable the caching of hosts, edit /etc/nscd.conf on every Sun Ray server in the host group (aka FOG) and uncomment the line that reads "enable-cache        hosts           no".  To completely disable the name service caching daemon for Solaris 10, run the following command on every Sun Ray server in the host group (aka FOG): svcadm disable system/name-service-cache

On Linux to disable the caching of hosts, edit /etc/nscd.conf on every Sun Ray server in the host group (aka FOG) and change "enable-cache        hosts           yes"  to "enable-cache        hosts           no".   Then restart nscd /etc/init.d/nscd restart  Note that utilities per distro can vary, for instance on Oracle Linux or Red Hat you could run authconfig --disablecache to completely disable nscd.

On Windows...Ok, I'll include it for fun even though SRSS does not run on Windows.  Every release of Windows after Windows 2000 has an nscd like feature called "dnscache".  To permanently disable dnscache, use the Services control panel applet to set the 'Windows DNS Client' service to disabled.  Note that this service may also appear as "Dnscache."  You can stop caching temporarily until next reboot with net stop dnscache

If the caching of host names is still desirable on your platform, yet you'd like to shorten the cache life to something that more suits your needs, that is possible too.  Just read the man pages for nscd, though I'm sure if you made the edits above you've figured the cache TTL already.  For Windows, google "windows client dns cache".  Normally I'd just to post a link to technet article, but in my experience, Microsoft has been about as reliable with "permalinks" on support articles as a 20 year old Yugo would be on cross country road trips five year old PC having Windows 7 drivers available.

For those running Sun Ray Server Software on Solaris, there's one final step.  An über smart colleague (Ed. Note: I just love that he is listed as a "Newbie") mentioned the possibility of another problem that could exist in a Solaris environment, even if nscd is disabled.  This has to do with hosts on the same subnet as the caller and the default behavior of the Solaris resolver library.  By default, the Solaris resolver library puts servers that reside on the same subnet as the caller at the top of the sort order. You can read the notes in the Solaris man pages for "gethostbyname" and  nss(4) for more information, but both reference how this behavior can break round robin. The fix is to edit /etc/default/nss and uncomment (or add) the statement SORT_ADDRS=FALSE

Following these changes should allow sessions on your Sun Ray Server to behave as one would expect with round robin DNS entries. 

Happy Holidays and Happy computing resolving!

Thursday Oct 28, 2010

Documentation Updates for Sun Ray Software 5.1 and Sun Ray 3 Series Clients

Sun Ray 3 Series ClientsWe've had some product announcements the past few months and I want to make sure you all remember where to find the latest documentation.

The Sun Ray 3 and Sun Ray 3i clients are now available and you can find out all about their technical specifications and cool environmental stats on the Sun Ray Hardware Information Center.  If you need additional information about these thin clients that you can't find on the site, don't hesitate to ask.

Just this week, we announced the new Sun Ray Software 5.1 release, which has a number of new features aimed at the Windows connector feature (SRWC).  Check out the SRS 5.1 product documentation.

Friday Jul 30, 2010

Multi-Core or Hyper-Threaded? Or Both?

Recently a question was posed to the Sun Ray User Community:  Intel or AMD for Linux Sun Ray Server?

Ford vs Chevy!  Coke vs Pepsi!  What a great blog topic for a Friday.

You could choose from dual Intel 6 core X5670 2.93 GHz ("Nehalem") or dual AMD Opteron 12 core 6168 1.9 GHz ("Magny-Cours")

Of course the "I love my job and I'd really like to keep it" answer would be Intel since Oracle does not offer any servers based on the 12 core Opteron (just 8 core models).  But let's throw caution to the wind and think about this in the context of what a Sun Ray Server in "traditional" mode (i.e. not kiosk mode) really is.  It's a desktop.  Unlike kiosk mode where normally applications execute "somewhere else" (i.e. terminal server, a VM, etc) in traditional mode the applications execute on the Sun Ray Server.  Unlike a desktop, it's multi-user.

So while you definitely want something "server class", you also want something that is going to run \*your\* applications at the best price/performance ratio.

At the end of the day, both options offer 24 threads.   The Intel solution does so by offering 6 Hyper-Threaded Technology (HTT) cores per socket and the AMD by offering 12 single threaded cores per socket.  There's a 1 GHz clock speed difference favoring the Intel solution, but let's not fall prey to the "megahertz myth".  Not just yet anyways.

While you can go out there and find all kinds of "Bench This", "Spec That" types of reviews, those tests are generally written to take the most advantage out of any platform.  However, most of the end user applications we all use aren't.

So, which design is better for "desktop applications", Intel with HTT or AMD with all those glorious physical cores? 

Here's I get to use the most popular, catch all answer of all-time when it comes to any Server Based Computing or VDI question. 

It depends. 

It depends on the applications.  Doesn't everything?

Recent history would indicate that desktop applications prefer the multiple cores over HTT.  Or perhaps better stated, the developers of those applications may prefer multi-core development (or at least find it easier).  

Remember that Pentium HTT ("Northwood") actually was replaced on the desktop in favor of  multi-core processors (see CoreDuo). In a traditional Sun Ray environment where a variety of "desktop applications" execute on the Sun Ray Server, understanding some of the possible reasons HTT was replaced by multi-core is interesting, if not important.

When HTT was introduced, most desktop applications simply weren't able to take advantage of the it.  Add to that, the HTT chips actually consumed a lot more power.  End result was a system that increased your energy costs while decreasing your application's performance.  Explain that one to your boss, Mr Technology influencer.   Especially with "all those CPUs" showing up in mpstat or perfmon.

None of that of course was the fault of the technology, well the power was, but not the bad performance or the misconception of threads as physical processor that sits in a socket.  Truthfully our traditional performance monitoring tools still promote that misconception.  The performance was due to applications not taking advantage of the HTT and it being on a single core.  Didn't it seem like around 2004-05, the catch-all response to all desktop application performance queries was: "Pentium 4, you say?  Did you try disabling Hyper-Threading in the BIOS?"

With Nehalem, Intel put all that bad PR behind them and brought HTT back to the desktop, but with a twist, it's also multi-core.  

This is different, but is it better?  Maybe.  Maybe not.  Probably, depends.  (Ha!)

We know that the OSes are better equipped for HTT (i.e. Solaris is now optimized for it along with a million other things), and they actually don't consume that much more power, so they are "greener".  Goodness for the data center.

From my experience, I'd say both Sun Ray Software and the Oracle VDI stack performs better with HTT (based on sizing numbers in kiosk mode and per core VM sizing data under Solaris) than they did under the non-HTT models of those chips.  Considerably better, all other things being equal (clock speed, # of cores, etc).  But those aren't typically considered "desktop applications", they are more in the realm of pseudo-operating systems, or at least "Server Systems".  Both of which have been HTT aware for a long time, but that doesn't exactly help \*your\* application.  Which leads us to the million dollar question:

How many of the applications that you use today are parallelized so they can execute across multiple threads simultaneously (i.e. HTT aware)?  If the answer is "very few" then you're not taking advantage of the Intel design and the physical cores on AMD solution may actually perform better for your apps even with the "lower clock speed". 

Making applications multi-core aware is fairly easy (says the non-programming "developer"), and most existing applications already support this.  However adding HTT capabilities to existing applications is considerably far more work.  And sure, there are those that will say that HTT can help certain multi-core aware applications depending on what they are doing. Though I think a lot of these arguments mistake multi-threading for Hyper-Threading, which in fact is simultaneous multi-threading.

But really, to get the most out of HTT, you need to code your applications a certain way.  Intel has guides, and all kinds of tools to aid the application developer get the most out of HTT.  But what if those aren't used?

In a single user use case, the average person might never know the applications they are using aren't taking advantage of HTT technology because of the multi-core and relatively high clock rate. The HTT multi-core becomes a Swiss Army Knife so to speak.  If your app can take advantage of HTT, great.  If it can't, we've got cores.  And on top of that we have speed!  That's beautiful for a PC.  A single user PC.

But how well does it scale out when we are talking about multiple users running those "non-HTT aware" apps on the same server? In the AMD design, multi-core (but non-HTT aware) apps have 24 "physical" cores to work with, what's the trade off of the "virtual" cores on the HTT chips?  Is the clock speed enough to overcome? The other features on HTT chips enough to tip the scales? Maybe.  Probably.  It depends.

If you were running Sun Ray Server Software in Kiosk mode or choosing a server to be the hypervisor for Oracle VDI, go with Intel and their HTT "Nehalem" processors.  You won't be disappointed.  At least I haven't been.  I'm sure I'd also have a lot of good things to say about the AMD as well.

But if you are actually running desktop apps on the Sun Ray Server, and trying to do so at any kind of scale, I'd say it's at least worth doing some investigating and maybe even some application testing at scale.  Then you can really understand what's the best fit for your environment.

Thursday Jul 15, 2010

SRS 5: Big updates disguised in a patch

Greetings Think Thin Readers,

Those who watch things like SunSolve for new patch releases noticed starting last Saturday that a slew of new patches began showing up.  If you read the "fixes" in the patch read me files, that's exactly what it looked like...a patch.  But there's so much more.  Beyond numerous bug fixes ("black screens", High CPU using Flash or USB redirection, etc) these patches enable some great new features, details of which were in a press release today.  Just some of the highlights:

New Platform Support:

  • Support for Oracle Enterprise Linux as a Sun Ray Server Software Platform
    • Continued support for Solaris, RHEL, and SLES
Oracle Virtual Desktop Client 2.0 (formerly SDAC)
  • Renaming & Oracle branding of the Sun Desktop Access Client (SDAC) to Oracle Virtual Desktop Client (OVDC)
  • New Apple OS X Version of the OVDC 
    • Continued support for Windows XP, Vista, 7
  • Smart card support for OVDC
    • Hot Desk from your PC or Mac with a smart card reader to a Sun Ray Thin Client
  • Support for Upstream Audio
  • Support for Client Serial Port Mapping

Sun Ray Connector for Windows OS

  • Upstream Audio
    • bidirectional audio capabilities for Windows XP and Windows Server 2003
    • Requires SRSS 4.2 and SRWC 2.2 patches, version -03 or later, and the SRWC Components 1.1 patch, version -01 or late
    • Note upstream audio is off by default.  New uttsc argument required -r soundin:(low|medium|high)
  • Multiple pesky bug fixes ("Double login" for 2008 session directory, black screens, Flash and USB-R fixes)

Install the latest patches per platform, download the new OVDC and let us know what you think!

And as always...Stay Tuned.  Hopefully making noise about things like this will put to rest any doubt that Oracle is committed to it's Desktop Virtualization Portfolio (Sun Ray, SGD, Oracle VDI).

Saturday May 29, 2010

Sun Ray 3 Plus Firmware now available

Hi Think Thin Readers,

Sun Ray Core Services Patch -02 for SRSS 4.2 is available for download from

New firmware for the new Sun Ray 3 Plus clients is included in this patch, which means you can now deploy your 3 Plus clients via VPN (factory firmware is the non-GUI variety).

140993-02 - Solaris SPARC

140994-02 - Solaris 10 x86

140995-02 - Linux


Monday Aug 03, 2009

SRS 5 Wiki Documentation: Everything is O.K.

Last time I talked to you, I was trying to ease you into the new way we are delivering the Sun Ray Software 5 documentation.  What can I say, I'm a very nurturing person.

Positive Feedback

The good news is that my prediction that everything was going to be o.k. held true.  After going through a vigorous Early Access program (which ended on July 31st), the wiki documentation held its own.  In fact, we actually received the following positive feedback from customers:

  • "I like the new wiki format for documentation."
  • " online documentation is huge improvement"
  • "I relied heavily on the wiki.. certain steps are always tricky during an upgrade and the wiki documents these better."
  • "Again the wiki is cool, but it is hard to find information sometime and customers want pdfs."

Dynamic PDFs

The last feedback brings up a good point about some users still wanting (or needing) PDFs, and I forgot to mention in my last post that we have that covered as well.  On both the SRSS and SRWC documentation sites, you can dynamically build PDFs based on all the information on the wiki.  And, the PDFs will be in sync with the latest content on the wiki.  Here are the specific pages where you can get to the PDFs, and the links to these pages are also provided on the left-hand nav bar on each site:

I know these PDFs are not as slick as what you are used to from Sun, but we are working on that and the output will continue to improve. I'm on it.

Comments, Calling All Comments

Now, even with the positive feedback, there is still room for improvement...there is always room for improvement. We are getting ready for the next Early Access program and we are continuing to improve the content based on reviews and comments.   If you are feeling some post-EA1 blues and want to provide more input to the SRS 5 release, you are in luck.  The wikis are always open for comments and you can make comments on a specific page.

Here's how to provide a comment on the wiki:

  • Log in to
  • Navigate to the page. 
  • Choose Comment from the Add icon.
    The comment section is displayed.
  • Enter your comment. 
  • Click Post.

From our good friends over at the Sun xVM Ops Center team, see the How to comment on a Sun Wiki page screencast for a visual, step-by-step tutorial.

Looking forward to your comments, and I'll be back again soon with some more documentation goodness.

(BTW, if you are wondering why I've included a picture of a koala bear, I don't have a good answer for you.  I like when blogs have pictures and I didn't have one to provide.  So, I thought I would give you a random koala bear picture.  It's hard not to smile when you see one of these marsupials.  Again, I'm all about the nurturing....)


Sunday Sep 07, 2008

Customized Sun Ray kiosk sessions

Have you ever tried to customize your Sun Ray installation to display different 'things' for different Sun Rays and users' cards? HERE you'll find an info how to do so (configuration via SRSS Admin GUI only).
What can be displayed?
- full Windows/Solaris session
- single Windows/Solaris application
- menu with some Windows/Solaris applications
- wallpaper - ie. to see your girlfriend photo if card is not inserted
- images slideshow - ie. reception desk or tradeshow.
Scripts support USB storage, serial devices and printers connected to Sun Ray.

Additionally HERE you can find some instructions/scripts which can help to install, configure and connect
your SGD server to Active Directory.

Tuesday Dec 18, 2007

Deep Dive in the Alps

From January 15th through the 18th, Sun will be holding a Software Event in Grenoble, France.  Days 1 and 2 will be focused on Sun Ray, Secure Global Desktop, and the Sun VDI solution.  I will be presenting along with Andy and Dirk.  We're even trying to get Matt to come to cover Sun Ray Server in conjunction with S10 Trusted Extensions.

Alexis' blog has the details on how to register for the FREE event. 

Hope to see you there.

(P.S. Anyone know of a good gym in Grenoble?)



SRSS 3.1 Patch -07 Released

Patch -07 for Sun Ray SRSS 3.1 has been released and is available on SunSolve. 

Patch ID's are:

Solaris SPARC: 120879-07

Solaris X86: 120880-07

Linux: 120881-07

Problems Fixed In Patch: 

6512434 DTU hang/choppiness when using PCSC and SRWC 1.1_15 with smartcard PKI certs and ActivCard

6356963 utseriald sometimes denies access to device
6531336 utseriald crashes in ut_svc_cmd_detach - dprintf_level
6321047 reset of YUV sessions after 30 seconds can result in GNC/26D
6522301 unable to set multicast address for Sun Ray utauthd on x86
6476242 Group Manager should ignore interfaces that are not running
6532811 utdevmgrd logs warning message for every minute in /var/adm/messages file in one scenario
6568443 Oberthur 5.2 cards do not work on Sun Rays
6571384 Device Manager can be spoofed
6573728 sometimes xlock screen comes when smartcard session hotdesked
6605645 SRSS 4.0 network bandwidth much higher than 3.1.1
6610233 Sun Ray firmware problem with 2048bit key
6592372 channels switch when playing audio on SR2FS and SR2 DTUs
6596045 audio record not working on 4.0 b48 on Sun Ray 2 family
6573093 1400x1050 res doesn't work if native panel resolution


Update (Thanks Otto!)

SRSS 3.1.1 (Linux Only) Patch -02 was also released

Patch ID is 124388-02

Friday Sep 28, 2007

SRSS 4.0 Add-ons

I have put together a set of handy add-on packages for SRSS 4.0.

These are easy to install and automatically configured components which deliver typically desired features.

The current set of Add-ons include:
  • Remote Control Toolkit - Remote Control functions for all SRSS sessions based on VNC - Updated for SRSS 4.0
  • Follow-Me Printing - Integrates the basic follow-me printing functionality
  • Sun Ray Windows Connector Lockscreen - Provides "Lock-on-card-removal" function for uttsc sessions
  • Kiosk Generic Session - Provides a blank X Canvas which will run the script given in the Arguments field of the Kiosk GUI
Future Add-ons in the works:
  • ICA Kiosk Session - Complete, easy to install and configure ICA session. Including all .ini file manipulation. I'm almost done here. Need to fix a keyboard issue with Linux
  • SRWC Advanced USB - Using the scrips provided by Daniel Cifuentes, this should simplify access to USB devices
  • Kiosk Billboard - Provides an easy to use mechanism for using Sun Rays as electronic billboard devices.
All Add-ons are installed by running an script, and come with a detailed README.

More detailed information and download links can be found on the wiki:

DISCLAIMER: The software script(s) included with this package are not a generally available standard Sun product. It is a fundamental condition of supply of the software script(s) that Customer accepts them 'as is' and without warranty of any kind.

No support services of any kind are available for the software script(s). There is no guarantee that operation of any of the software script(s) shall be uninterrupted or error free. Nor that functions contained in the software script(s) shall operate in the combinations which may be selected for use.

There is also no promise that updated or upgraded versions of the software script(s) will be issued.

Please give these a try, and let me know what breaks, and what I've missed and I'll try to get it fixed. Also, if you have any ideas for other Add-Ons, please let me know.

Friday Aug 17, 2007

Restoring KDE Session on SUSE SLES 9 after installing SRSS

Installing SRSS on one of the supported versions of Linux requires us to deliver a different version of GDM. The version delivered, and most recent GDM builds, contain the hooks necessary to create and destroy other Xsessions/Xservers on the fly. As you could probably understand, this is necessary for SRSS.

SLES is distributed with KDM for managing sessions. Unfortunately, we havn't been focused on testing/updating/pushing to get KDM to do what is necessary for SRSS. This is why we install GDM on SLES.

The default gdm.conf only looks for gnome session types, which on SLES 9 is VERY old. If you are installing on SLES, you probably want KDE.

To restore the option to use a KDE session, edit /etc/X11/gdm/gdm.conf

un-comment this line:


And change this line:




The final step is to make kde.desktop accessible to GDM:

mv /etc/X11/dm/Sessions/kde.desktop.notused /etc/X11/dm/Sessions/kde.desktop

That's it...

Thursday Nov 09, 2006

SRSS 05 Patch Released

The 05 rev of the Sun Ray Server Software 3.1 patch has been released.

Solaris SPARC
Solaris X86

This is the first patch to have Sun Ray 2 specific firmware included, along with the following fixes:

6382740 Sun Ray 170 can get stuck sending exchangeAPDU to certain OpenPlatform-like smartcards, causing 26D
6459224 utreader allows only eight token readers, customer wants more
5025790 utreader output with options -c, -d is not giving meaning as said in usage
6457072 Support on Sun Ray for smartcard operations with 2048 bit keys
6443568 Some USB 2.0 hubs don't appear to work when attached to Sun Ray
6306412 KDE display is corrupt under numerous and quick graphic changes
6422934 utquery can fail to collect and report responses
6437329 utauthd crash in GroupManager.whichServer
6355343 utuser -r causes all DTUs in FOG to alternate between the "X" and "100F ...
6465742 Need Support for Starcos SPK23 family of cards
6468437 Support for Incrypto smart cards
6457990 Sometimes SR270, Sun Ray 2 and Sun Ray 2FS hang when Authenticated Smart Cards are used
6446288 Mouse pointer "floats" and/or doesn't reach the title bar when in full screen mode on MS windows
6471000 Sessions with very long tokens are not redirected correctly
6446769 Balance must be made read-only for speaker-option on 270 170
6428572 Provide firmware support for new Sun Ray 2,Sun Ray 2fs Sun Ray 270 units
6482453 Firmware panics on NULL value for redirectProps key


Think Thin is a collection of bloggers that work with Oracle's Virtual Desktop portfolio of products.


« July 2016