Friday Apr 28, 2006

What's New in Solaris Express 4/06 (Nevada Build 36)

Today marks the release of Solaris Express 4/06 (or Nevada Build 36). I missed blogging about 3/06, and I feel guilty.

Anyway, you can look at the 3/06 What's New Doc for a summary of 3/06, so I'll just pretend I wasn't a slacker last month.

Among other things, about 750 bugs were fixed.

Notable New Features in Solaris "Nevada", Build 36 (SX 4/2006)


  • The DTrace JNI binding project integrated. This means that you can now control DTrace from Java programs; the author, Tom Erickson, has subsequently released Chime, a client program which uses this facility.


  • ZFS persistent offline was added; this changes the behavior of zfs offline to persist across reboot. offline -t is available as a "temporary" offline.
  • ls -V was introduced, which provides a new ACL display mode to ls which is more compatible with NFSv4/ZFS ACLs. This produces ACLs in a compact format, which some users prefer.
  • Disk write caches are enabled if ZFS owns the disk. [6322205]
  • The fsstat utility was added, providing vfs-level observability.
  • The ZFS FMA Phase 1 project integrated, bringing a sophisticated approach to I/O fault handling to the system. Eric wrote a nice blog entry about this.
  • zfs mountroot phase 1 was implemented, which allows you to hand-assemble a system which boots from ZFS. See Tabriz's Blog for details.
  • The .zfs/ feature of ZFS is now supported over NFSv3 (it was supported over NFSv4 already).



  • libumem now uses significantly less memory on some workloads. Jonathan wrote a nice blog entry about this. [6304072]
  • getrusage() is now faster. [6381512]


  • FMA for Athlon 64 and Opteron Processors was integrated. This brings sophisticated error telemetry and diagnosis to Opteron and Athlon 64 systems of all shapes and sizes (not just those made by Sun). Here are the highlights:
    • CPU & Memory error detection
    • ChipKill is on by default
    • Offlining of CPUs and Cores
    • Memory retire
    All of this should add up to additional improvements in the uptime of Opteron and Athlon systems running Solaris.
  • Hotplug support for PCI Express was added; the front-end for this is the cfgadm command.
  • Hotpluggable drives are now better able to accomodate EFI-labels and device IDs, both of which are very important to supporting ZFS on USB and Firewire disk drives. [6348407]
  • It's now possible to offline CPU 0 on x86 systems, a long standing annoyance. [6342823]
  • The AMD64 kernel now emulates two Intel-invented instructions, lahf and sahf. [6219321]
  • A closed-source disassembler for x86 was purged from the system and replaced with open code.
  • An audio driver for the ATI IXP400 chip was added.
  • The Intel ACPI interpreter was updated to 20060217.

Free Software

  • PostreSQL has been integrated and is available in /usr/bin
  • Samba has been converted to an SMF service: svc:/network/samba:default [6310561]
  • Samba is now compiled with LDAP support. [6174211]
  • Apache has been updated to 2.0.55.


  • The "Coolstart" project has landed. See Jan's Blog Entry for more information about how to turn on fancy boot-time graphics. CDE, JDS, dtlogin and gdm have all been reskinned to match. (dtlogin in particular looks really nice now).
  • dtlogin and the various CDE daemons have been converted to SMF services: svc:/application/graphical-login/cde-login, svc:/network/cde-spc, svc:/network/rpc/cde-calendar-manager, and svc:/network/rpc/cde-ttdbserver
  • Fixes to the USB mouse driver mean better compatibility with the latest mice [5083593] [6328758]
  • A video driver for the AST 2000 chip was added to XSun.
  • The OpenGL vendor switching project was integrated. The goal here is to allow multiple different implementations of OpenGL to co-exist on a machine at one time, and provide boot time selection of the best implementation for the hardware present. man -M /usr/X11/man ogl-select for details.
  • Font handling in JDS was improved. [5099951]
  • Xorg now works properly if the system has no mouse connected. [6245431]
  • ATI mach64 driver performance has been significantly improved. [6303855]
  • Xorg auto-configuration has been improved to more accurately detect monitor characteristics. [6385111]

Community Contributions

  • Juergen Keil contributed:
    [6368142] sd: unaligned write memory corruption; zfs on dvdram media: panic
    [6311025] build_reserved_irqlist ignores irq15 information from ELCR register
    [6372009] dma_mem_alloc failures when free memory is low; zfs panic on usb mass storage
    [6388096] NULL pointer dereference panic in sd_range_lock()
  • Rich Lowe contributed:
    PSARC 2006/134 logadm(1m) $zonename keyword
    [4823583] crontab command prints incorrect usage
    [6352485] RFE: add $zonename to the list of macros supported by logadm
    [6357132] DHCP server should not open /dev/ip
    [4844685] gratuitous "in.ndpd: terminated" printed during shutdown.

This work is licensed under a Creative Commons Attribution-ShareAlike 2.5 License.

Technorati Tag:

Monday Apr 24, 2006

Zones Boot Arguments PSARC Case

Today I submitted a proposal to our ARC Process (specifically, to PSARC), entitled Zone Boot Arguments II. While this isn't the best sample of my writing, I do think it demonstrates the value of writing such documents carefully and of trying as hard as you can to fully understand the problem space.

While each project team is free to make its own choices, the zones team is choosing to share as much of this design rationale with our community as possible. We want to hear from the widest possible set of voices in order to validate our design work. I've set a timer for May 1, 2006. If you have comments, please send them to me by that time.

Technorati Tag:

Saturday Apr 22, 2006

A Trip to the Faire

Today was the first day of the first Maker Faire, put together by O'Reilly's MAKE Magazine. Here's my photo gallery of my wanderings through the Faire. It's very late so I'll just note my principle impressions:
  • Kids love this stuff. It was nice to see so many parents and their children engaged in what is basically science education.
  • The Faire had a lot to offer-- it was bigger and more interesting than I'd expected
  • Sun had a booth, and the dedicated folks from Sun Labs were showing off an impressive series of Sun SPOT demos.
If you live in the Bay Area, I recommend that you take a look tomorrow (Sunday, Apr 23).

Friday Apr 21, 2006

Installing "Sun Java System Web Proxy Server"

At Sun we have a corporate firewall which does not do transparent web proxying to the outside world. All traffic is directed through traditional proxy servers.

For many years, I've run my own proxy server, deployed on recent versions of Solaris, and always on x86 or x64 based hardware. Most recently this has been on a 2-cpu Opteron Server. When it works well, a couple of dozen people use it, although I've always wanted to have more users.

The early years: Squid

Since the early days (ok, 1999), I ran the Squid proxy cache. Frankly, I'm fed up with Squid: it is hard to make the right choices at compile time, hard to make the right choices at run-time, has many bugs, and just doesn't feel like a very modern piece of software.

From Squid to Apache

Last week I attempted to replace Squid with Apache 2.2.0's mod_proxy and mod_cache subsystems. However, we started seeing a lot of Apache core dumps (> 150 per day), and have hit problems in which Apache serves up .css (style sheet) content as text/plain instead of text/css. Unfortunately, firefox doesn't like that, and so sites like fail to render properly. I posted to apache's users alias but received no help. I spent some time trying to track down the core dump problem, but I just don't have time to debug this to root cause.

What now?

So what other proxy servers are there? I surveyed what was available on freshmeat but had no luck finding anything that seemed to fill my list of requirements:

  • Provides Caching
  • Web correctness (see apache above, which fails on this point)
  • Scales to many users
  • Robust
  • Easy (at least sort of) to configure and administer
  • Free
  • Open Source
  • Helpful Community

From Apache to Sun's Proxy

Finally I decided to try my own company's product: Sun Java System Web Proxy Server 4.0. I had avoided this in the past, because it did not run on x86. Thankfully, that has now been corrected. Also it is definitely the proxy with the biggest (and silliest) name. But is it useful? Unlike the other proxies, it is not Open Source, which as far as I'm concerned is a negative. But from my limited testing thus far it scores well on my other requirements: it was simple to set up, and appears to be pretty robust. Hopefully it will someday be released into open source, since as you'll see, it's pretty nice, and I think a lot of folks would find this a nice project to hack on.


Sun Java System Web Proxy Server 4.0 is free to use, as long as you don't want support. You can download it from Sun's website. It is available for Solaris (x86, x64 and SPARC), Linux, and Windows. The download interface is a bit clunky-- but hey, it's free. The download is about 130MB, which seemed like a lot to me, but it carries with it various patches you need. Once you have it downloaded, you can use a graphical installer provided you have an X server. In this example, I'll be installing onto a machine called "webhop", and I unpacked the provided .zip file into /sunproxy
myhost $ xhost + webhop

webhop # export DISPLAY=myhost:0
webhop # cd /sunproxy/java_es_05Q4_webproxy
webhop # cd Solaris_x86
webhop # ./installer
This popped up the installer GUI on my machine "myhost". Unlike many programs, the installer is polite if can't remotely display the GUI:
webhop # ./installer
Unable to access a usable display on the remote system.
Continue in command-line mode?(y/n)
I briefly examined the command line installer and wasn't too impressed, but the graphical one is nice. Here's a sequence of images from my installation:
screenshot screenshot screenshot screenshot screenshot screenshot screenshot screenshot screenshot screenshot screenshot

There were a couple of nice features here which I appreciated: I could enter some basic configuration settings at installation time, and I felt that I wasn't asked many esoteric questions.
One hiccup I did hit was that the proxy didn't install itself as an SMF service. Hopefully in the next version that will be fixed. Also, in the final panel, the wizard offered to load me up some additional documentation (a nice touch), but that didn't seem to work for me.


It would have been nice if the installation GUI could have reminded me, at the end of installation, of the URL I would need to configure the server. In this case. But I soon worked out that it was port 8888 on my server. Logging in there, I used the "admin" account and the password I had supplied earlier. At this point, a rather slick looking web based interface launched itself. Here are some of the pages I looked at:
screenshot screenshot screenshot screenshot screenshot
With a little unguided fiddling, I was able to get the proxy to listen on the port of my choice, with a cache sized the way I wanted. There are definitely some rough edges but overall I was usually able to find the features I wanted. Here are some things we could do better:
  • One rather obvious improvement would be to the Reporting section, which produces a textual summary of cache usage-- surely some charts would make a big difference here. The good news is that with configurable log files, it should be easy to reuse an existing package such as AWStats to roll my own. The default log file looks pretty much like apache's.
  • I'll also need to work on an SMF service conversion so that if the proxy does crash, it is automatically restarted (it does seem to have a "watchdog" process which fulfills that function but at some point in my testing the watchdog itself crashed).
  • The proxy server outputs a fairly pedestrian message to client browsers when it can't find some host you've typed in. Isn't this an opportunity for branding?
  • I was surprised that my connection to the administration GUI for the server was insecure by default. There is a complex "security" section which allows the installation of certificates, but I couldn't make heads or tails of it. There should be a basic security mode enabled by default.
  • "Expert" mode and "Simple" mode-- My configuration isn't very complex, so an administration mode which guides me through the configuration would really help.
  • Integrated status display: it would be nice to have a single "console" which had basic statistics, server status, errors, etc. all integrated together on a single panel. Something to tell you at a glance how things were going. This should be the default view.
  • The proxy includes a GUI for generating a proxy autoconfiguration file, which web browsers can utilitize-- but unfortunately this didn't seem to work for me.
  • I had trouble convincing the proxy to use the cache directory I wanted-- it took me a lot of digging to understand that the cache was made up of "partitions." In my opinion, modern filesystems like ZFS eliminate the need for this sort of thing (i.e. spreading your cache out across multiple filesystems), so it would be nice to not see this complexity if it is not required.
  • It is often important to restart the server to get configuration changes to be applied. Sometimes the GUI doesn't seem to notice that the restart has succeeded, and so you need to reload it.

Anyway, nits aside, I am surprised by and impressed with this product. So far we've served 55,000 requests, and it has "just worked" to a degree which has surprised me. Nice work, Sun Java System Web Proxy Server (urp) team! Technorati Tag:

Wednesday Apr 05, 2006

CPU Caps Alpha Release and Zones

Andrei just released a public Beta of his latest project-- CPU Caps, which is a new and very useful resource management feature for Solaris, and for zones.

Unlike CPU shares, CPU caps let you naturally limit CPU usage for a project or for a zone. My favorite part is that you talk to the system about these caps in terms of percentage of a CPU. So, a cap of "150" means "150%" or "never use more than 1 and 1/2 CPUs". Here's how to set a cap for a zone:

# zonecfg -z myzone
zonecfg:myzone> add rctl
zonecfg:myzone:rctl> set name=zone.cpu-cap
zonecfg:myzone:rctl> add value (priv=privileged,limit=150,action=deny)
zonecfg:myzone:rctl> end
zonecfg:myzone> exit
(As an aside, I think we need to make this syntax in zonecfg much easier, both for shares and caps. This is 6222025 RFE: make cpu shares a global property)

Another advantage of CPU caps is that they are active for all scheduling classes except for "RT" (realtime). We're really excited to have this feature (which hopefully will integrate soon) since we think it will make resouce management configurations for zones quite a bit simpler in many cases.

The CPU Caps website includes complete directions on how to try this feature out.

Technorati Tag: ,

Tuesday Mar 28, 2006

DTrace + Zones = Crazy Delicious

Last week I finished what was for me a tough piece of technical work-- making DTrace and Zones play nicely together.

This is pretty cool because it brings some of the observational power of DTrace to the folks deploying applications inside of non-global zones. In future Solaris Express and Community Release builds (those based on Nevada b37 and higher), you can use a subset of DTrace functionality as follows:

        # zonecfg -z myzone
        zonecfg:myzone> set limitpriv=default,dtrace_proc,dtrace_user
        zonecfg:myzone> \^D

        # zoneadm -z myzone boot

        # zlogin myzone
        myzone# dtrace -l

        myzone# plockstat -Ap `pgrep startd`

Note that either or both of the dtrace_proc and dtrace_user privileges may be granted to a zone, but dtrace_kernel may not be (zoneadm will enforce this). The lack of dtrace_kernel means that not every DTrace script will work, since kernel state is not available to DTrace inside of a zone; but we think this represents a good start.

Additional virtualization work has been done to ensure that data from other zones is not visible inside the zone, and to ensure that the interactions with other relevant privileges (proc_owner and proc_zone) behave as expected.

For those interested in how this was accomplished, the following bugs should be helpful:

4970596 RFE: should be able to run some DTrace programs in a zone
6356708 libdtrace should interrogate providers, open devices via /dev.
6388070 non-root non-global zone users can't get dtrace provider modules to load
6393431 dtrace_proc + proc_owner doesn't sufficiently enable destructive actions
All of this rests on David's work to make zone privileges configurable.
Configurable Privileges for Zones
4966416 RFE: zone privileges should be configurable
I'm also very grateful to Adam and Jonathan who codereviewed this work numerous times and patiently explained the intricacies of the DTrace privilege model...

Technorati Tag: , ,

Monday Mar 27, 2006

Nevada at 37

My talk at last week's SVOSUG meeting went well, I hope. At least, there was a good turnout. Thanks to everyone who stuck around! I've posted the presentation pretty much as given. Click the thumbnail below for the PDF version. Click here for the staroffice version.

PDF slides

It turns out to be a difficult talk for the presenter because it covers such a breadth of stuff. It demands a lot of the audience, as well: a lot of state about what Solaris is before Nevada. As I noted to the audience, this presentation attempts to be complete, but surely falls short. Hopefully I'll be able to fill in more information the next time I do an update.

Technorati Tag:

Tuesday Mar 21, 2006

Me, at SVOSUG, This Week

I'll be the featured speaker this month-- that's this Thursday at SVOSUG, speaking about What is Solaris Nevada? I plan to give a broad overview of the contents so far of the Nevada release. I'll also talk as much as I can about future work we have planned (I'm limited not by secrecy but by personal ability to absorb so much diverse material).

If you're looking for a broad overview of what's going on in the Solaris community, this talk might appeal to you. There's sure to be something for just about every UNIX interest, and I'll do my best to field whatever hard questions get tossed at me...

Here is the announcement with details. Or to quote Alan:

When: Thursday, March 23, 2006
Where: Sun's Santa Clara Campus Auditorium (upstairs)
What: "What is Solaris Nevada?"
Time: 7:30pm-10:00pm

After the talk, I plan to post the slides... so, watch this spot.

Thursday Mar 09, 2006

Zones Development: You're invited

On Friday, the Zones team met with an important ISV, one which is already supporting Solaris Zones. This ISV does a significant amount of what I'd call "deep" integration with the system: kernel code, user code, etc.

They (engineers, directors, managers were all present) seemed surprised to learn that we had started an OpenSolaris Zones Community at which we were regularly posting design proposals for our newest Zones features. We talked them through the following work:

While the meeting was in its way productive, I couldn't help but wonder: Why don't they just hang out (or point their feedreader at) zones-discuss AT opensolaris DOT org? Why isn't this an ongoing discussion? At some point during the meeting, the ISV requested that we add them to the mailing list (progress!). We told them that they could subscribe themselves just as easily. I wonder if they'll dare to have a conversation with us in the open?

Anyway, I think this ISV was really surprised when we invited them to participate in the conversation around new features, and help to define them. Honestly, I don't think they believed us.

So there you go-- tens of millions (I guesstimate) of dollars spent to bring Solaris into Open Source, and to create and maintain, and some of our biggest ISVs aren't present. If you were a customer of said ISV, wouldn't that upset you?. Please demand that your ISVs join the OpenSolaris community!

I think the surprise we were met with just further highlights that most traditional software vendors just "don't get" what they can gain from participation in open communities. Here's a chance to closely track emerging OS features and to influence them. Here's a place to rapidly raise and resolve issues with the people who can most efficiently address them. Here's a place where they can even contribute their own design proposals and code. That is to say, this is a way to save money and deliver features, performance and integration to the customer.

This also points up a failing in Sun's strategy-- as a company we need to be more engaged in bringing our partners to these communities. All too often, ISVs relay to us "things Sun told them" that sound like something you'd get from playing the telephone game. And as an engineering team, we need to constantly work to make it easy for folks to participate. To whit, we've added a new page to our site: Zones Project Documents, which points to the design docs themselves, as well as providing status about each.

Like I said: We've invited you to our house. Please come on over!

Friday Feb 17, 2006

What's New in Solaris Express 2/06 (Nevada Build 31)

Yesterday marked the release of Solaris Express 2/06 (or Nevada Build 31). Get it here. Among other things, about 1150 bugs were fixed. Wow. This release is pretty vast, with new and interesting features everywhere. If you're a desktop user, there's a lot to love: Realplayer, improved USB support, USB pilot sync, DVD burning support, much improved font handling and WiFi support. Let's dive in...

Notable New Features in Solaris "Nevada", Build 31 (2/2006)


  • The Solaris version of Real's RealPlayer was added for both SPARC and x86 platforms, in /usr/bin/realplay.
  • The dvd+rw-tools package was added [6346516]
  • The Gnome-pilot project integrated, and it is now possible to Sync PDAs via USB, including from Evolution [6262077] gpilotd is also provided.
  • Changes in the X client code have yielded much nicer looking fonts for JDS applications. (I'm a big fan of this fix!)
  • was upgraded to X11R6.9 RC 4
  • The nautilus cd-burner finally works [6210267]
  • In the printing subsystem, 'localhost' can now be used as a hostname for lpadmin instead of using a hardwired hostname-- this is useful if your laptop changes names (say, via DHCP) [6236627] [6222929] [6275641].

Storage Technologies

  • The st(7d) driver gets several updates: support for the StorageTek T10000 tape drive [6325893], and the IBM 3592 drive [6252753].
  • Support was added for the for Summit-E HBA, Emulex's PCI-E 4G Fibre Channel HBA [6333059] and the Pyramid-E HBA, Emulex's PCI-X 4G Fibre Channel HBA [6333054].
  • UFS picks up support for posix_fallocate(3c), a standard interface to reserve disk space for a file [4517427].
  • The ZFS team delivered numerous performance fixes, including:
    • [6297285] znode prefetching in zfs_readdir causes 5x performance degradation for 'ls'
    • [6347448] non ZFS_DEBUG kernels shouldn't call empty verify functions
    • [6347493] tar of 25K empty directory entries in ZFS takes 30+ seconds ...
    • [6347134] zfs_zaccess() is killing ZFS stat() performance
  • Many other ZFS bugs were fixed, including [6344651], [6344659], [6344695], [6345773], [6345826], [6347492], [6347421], [6348240], [6344272], [6366265], [6347491], [6347855], [6350421], [6345875] and quite a number more.
  • Additionally, a number of bugs in the ZFS gui were fixed.

x86/x64 Platform Support

  • A 64-bit glm driver for x64 was delivered. This driver supports LSI 53c810, 53c875, 53c876, 53C896 and 53C1010 SCSI chips. [5026812]
  • Compatibility with the USB controller on the Sony Z1WA, Sony Vaio PCG-V505DX and Acer Ferrari 4005 laptops (and probably on others) was improved-- in particular USB 2.0 ports should now work at full speed, rather than a USB 1.x speed. [6235370]
  • The ACPI interpreter was updated to the Intel ACPI CA 20050930 source drop
  • The gfx_private module was delivered for x86/x64. This module will be able to provide services to future graphics card drivers; it provides the ability to allocate buffers for DMA, to find PCI/AGP/PCI-E devices by a combination of vendor-id/device-id or PCI bus/device/fucntion, to read and write to PCI config spaces for devices not owned by the graphics driver, the ability to create a KVA mapping to an arbitrary contigous physical address range with the correct cache attributes, and the The ability to translate a KVA/UVA to physical address.

SPARC Platforms

  • LSI SAS 1064 support was enabled on Ontario (T2000) systems. Additionally, raidctl(1m) now supports RAID 0 on hardware controllers which support it.
  • libc_psr (processor-specific libc) was delivered for UltraSPARC-IV+ processors, providing a speed boost to memmove(), memcpy() and other memory intensive operations. memmove() is in some cases twice as fast.

Resource Management/Zones

  • A significant complaint about zones has been corrected with the fix for [5063672]. It is now easier to construct a minimized system which includes zones, without pulling in Java and other toolkits.
  • The Resource pools facility has been brought under the control of SMF via two new services, svc:/system/pools and svc:/system/pools/dynamic.


  • The Greyhound project integrated, providing an in-kernel SSL proxy. Greyhound simplifies and significantly accelerates the SSL/TLS protocol implementation by pushing the handshake and records processing into the kernel. The proxy supports the most commonly used cipher suites. Applications (e.g. web servers) may be enabled to off-load the handling of the SSL operations with those cipher suites to the proxy, and seamlessly fall-back to their existing user level SSL library for the others.
  • dirname and basename were rewritten as C programs, providing much improved performance.
  • A performance enhancement for multiprocessor systems called "soft rings" was implemented in the network driver framework ("Nemo"). This helps to spread the load of an incoming workload out across multiple CPUs more effectively.
  • MediaLib now provides libraries tuned for the UltraSPARC-T1 CPU, and MediaLib and libmvec received faster versions of sinf, cosf, sincosf and others.

Device Support

  • Support for Keyspan USB serial adapters was added. [6314455] [6357654]
  • Support for Prolific USB serial adapters was added. [6314504]
  • The ixgb (Intel 10 Gigabit) driver was updated to support Jumbo frames and hardware checksum offload. Additionally, the driver was ported to the Nemo Framework, so it picks up all of the benefits thereof, including vlans, etc. [6326737] [6326764] [6330766]
  • The chs(7d) and dbri(7d) drivers were EOF'd (removed).
  • The WiFi project, previously available on, was folded into the mainline release. This includes the command line wificonfig and the Atheros AR5212 802.11b/g driver (I'm using the wifi support to type this blog entry...).
  • The USB hub driver now includes support for power budgeting [4108775].
  • Support for Logitech mx900 mice was added.
  • Power management for the new Sun optical mouse was added. [6321149]
  • Ipod shuffle's should work again. [6346769]


  • The pktool (which manages PKCS#11 token object storage) command line interface has been updated to include alternate token support (such as is proved by the SCA-4000 card) and pktool's command line interface has been reworked.
  • Support for the Sun Crypto Accelerator 500 and 1000 cards was added via the dca(7d) driver was added. Previously, support for these cards was unbundled.
  • The kernel cryptographic API was updated to provide support for session based cryptographic functions.
  • The AES kernel cryptographic provider now supports CTR (counter) mode operation.

Fault Management Architecture (FMA)

  • The FMA Transport Layer was integrated; this extends the scope of FMA beyond a single fault region, and allows fault managers to cooperate with each other. This allows e.g. coordination between a fault manager running on a service processor with one in a Solaris instance. This is important because some error telemetry may be visible to the SP, and some to Solaris-- accurately diagnosing the fault requires access to all of the information.
  • FMA support for the UltraSPARC-T1 CPU and Memory subsystems was integrated. The T1 supports diagnosis of failures at the thread and core level, and the OS can offline failing components of the CPU as needed.
  • A more sophisticated page-retire system was implemented for big Sun-Fire servers (V1280, 2900, 4800, 4900, 6800, 6900, 15K, 25K). In particular, Solaris and the Service processor can now cooperate to track the serial numbers of DIMMs, so that more automated diagnosis and tracking of DIMM faults can be achieved. Additionally, information available from the service processor about UniBoard data path faults can now be gathered by Solaris and used by the fault manager to aid diagnosis, and to guide the isolation of the fault. On relevant platforms, a new datapath-retire diagnosis agent is provided.

OpenSolaris related activity

We have lots of community contributions this time around-- here's a rundown:
  • We're in the final stretches of our effort to clean up the source code to be cleanly compilable using gcc. In this release we've got 74 more bugs worth of gcc cleanup taken care of.
  • The long-awaited source tree split, which internally restructures the code based into "open" and "closed" trees, is complete. This is important because it makes it much easier to deliver the OpenSolaris source base to the community quickly and accurately. Mike Kupfer, who did this work, has written an extensive blog entry describing the work.
  • Contributed by Juergen Keil:
    [6304206] runtime linker may respect LANG and LC_MESSAGE more than LC_ALL
    [6311029] update pci interrupt line information after configuring pci interrupts
    [6337131] ehci_detach panics debug kernel with a failed assertion with ALi USB2.0 PCI card
    [6339683] SUNWvolr preinstall script broken, smf "smserver" service disabled
    [6366097] hidparser shouldn't use signed chars when computing max packet size
    [6317107] # key cannot be used in polled mode with a german layout ps/2 keyboard
  • Contributed by Rich Lowe:
    [4877457] dhcpconfig usage message incorrect
    [4931580] ufs_directio_kstat should be made KSTAT_TYPE_NAMED
    [6269833] ::prtconf -D
    [6294890] ::setenv dcmd dumps core if no target specified
    [6298859] server filtering in PPPoE is damaged
  • Contributed by Michael Berger:
    [6324600] comments in /usr/src/uts/i86pc/io/agpgart/agptarget.c are not correct

This work is licensed under a Creative Commons Attribution-ShareAlike 2.5 License.

Technorati Tag:

Thursday Jan 19, 2006

HP Supports Solaris 10

Here's something interesting, reported by The Inquirer: HP is now Supporting Solaris 10 on a wide range of its ProLiant line of server products. Among other things, 64-bit Solaris 10 is supported on HP's blade servers and a bunch of other platforms.

That's surely good news for all concerned!

Monday Jan 09, 2006

Dinner @ Babbo

I'm back from break and catching up, so I thought I'd share one of the highlight experiences of my holiday break: Dinner at Babbo in New York. Babbo is Mario Batali's signature restaurant.

I had called ahead about a week in advance, and discovered that there were no available reservations. So, hoping for the best, we arrived at the restaurant at a few minutes after 5pm on a cold friday night, just as the bar was opening. There was already a line, but we managed to get ourselves on the list, and were seated at a little after 5:30. While we waited I enjoyed a green apple bellini at the bar which was quite tasty.

Isabel and I ordered the Pasta Tasting Menu and were rewarded with five courses of interesting pasta:

Black Tagliatelle with Parsnips and Pancetta
This was perfectly cooked and very black tagliatelle with extremely thin slices of parsnip which I think had been deep fried. Small pieces of pancetta were also mixed in, and the whole was served in a tasty but unobtrusive sauce. The flavor and texture was varied throughout, and each mouthful was a little different. A great dish.
Baccala "Mezzalune" with Black Olive Butter
These half-moon shaped ravioli were stuffed primarily with salt cod, which was pretty assertive; the bits of black olive on scattered on top were really necessary to balance out the flavor.
Garganelli with "Funghi Trifolati"
This dish was a knockout. Garganelli are tubular pasta from northern italy made by rolling up little pasta squares. Mostly, this was a dish about execution: plain pasta, excellent mushrooms, perfect flat-leaf parsely and a very light sauce were the only ingredients. At the table, our server grated a small amount of aged goat cheese over the dish.
Fernando's Pyramids with Passato di Pomodoro
These braised-beef filled pyramids of pasta were tasty, but the standout was the excellent tomato sauce in which they were dressed.
Pappardelle Bolognese
This was a very large and luxurious tasting portion of beautifully prepared Pappardelle pasta with a rich meat sauce. The pasta was piled up on the plate in such a way that cutting through it with a fork yielded eight or ten layers of pasta all in one bite, which I found really great. It was a bit like a lasagna in a way. The only significant service hiccup of the night happened in this course; our server brought the food, and then instructed us to wait while she fetched the appropriate cheese to top it. She never returned, and we felt a bit foolish to have food getting cold on our plates while we waited for the cheese. Eventually we dug in. Following this course, what was left on our plates remained, cold, for a really long time.
Panna Cotta al Vincotto di Lampone
On to dessert! This panna cotta (which is a silky egg custard) was served in a tiny cup, and was topped with just a splash of a rich wine reduction, which helped to balance the fat in the custard. The Panna Cotta had an intense vanilla flavor, and we were happily surprised to discover that hundreds of little vanilla beans had settled to the bottom of the cup.
Tortina al Cioccolato con Meringa
After finishing the panna cotta, and this dish didn't dissapoint; it was a tiny chocolate torte topped by a tiny meringue puff, roughly in the shape of a Hershey's Kiss. What was really clever was that meringue was browned on top, but still soft and foamy.
Zucchini Spice Cake with Olive Oil Gelato / Pumpkin Cheesecake
We were a little food-fatigued by this point in the meal, and I think we both felt that these two desserts (Isabel got one, and I the other) were not as exciting as the rest.
We also shared a really nice bottle of wine; as best I can recall it was a 1989 Refosco dal pedunculo rosso di Cialla from the far north of italy, and it was a great selection thanks to the somelier.

All in all, a great meal. The meal was a christmas present from my father-- so, Thanks Dad!

Friday Dec 16, 2005

What's New in Solaris Express 12/05 (Nevada Build 27)

Tuesday marked the release of Solaris Express 12/05 (or Nevada Build 27). I'm a little late in blogging it, but here's a breakdown. Among other things, about 700 bugs were fixed.

Notable New Features in Solaris "Nevada", Build 27 (12/2005)

Storage Technologies

  • ZFS was integrated, a major milestone for the Nevada project. There's not much I can say about ZFS that hasn't been already said. Bryan's blog entry is a good starting point, or watch the demos which I made.
  • The "device in use checking" project integrated. This adds smarts to a variety of utilities to detect whether various devices are currently in use. Here is an example:
    # format
    Searching for disks...done
           0. c0t0d0 
    Specify disk (enter its number): 0
    selecting c0t0d0
    [disk formatted]
    Warning: Current Disk has mounted partitions.
    /dev/dsk/c0t0d0s0 is in use for live upgrade /. Please see ludelete(1M).
    /dev/dsk/c0t0d0s1 is currently used by swap. Please see swap(1M).
    /dev/dsk/c0t0d0s6 is in use for live upgrade /opt. Please see ludelete(1M).
    /dev/dsk/c0t0d0s7 is currently mounted on /aux0. Please see umount(1M).
    newfs(1m), mkfs(1m), swap(1m), and dumpadm(1m) are similarly updated.
  • A long standing PCFS nuisance, 1181439 RFE: DOS files with hidden bit are not seen when PCFS mounted has been fixed. [1181439]
  • EFI label support was added for IDE devices on SPARC and x86/x64.
  • UFS Filesystems with workloads using O_DSYNC and logging and NOT using forcedirectio are now faster. [6238533]

Networking Technologies

  • The Yosemite project was integrated. Yosemite merges UDP and IP processing into a single high performance UDP engine, adds UDP H/W checksum offload. Latency and packet drops are down, UDP throughput is up (as much as 2x!). As a side-effect, TCP loopback performance was also improved. TIBCO and NFS/UDP users should be particularly happy to have this change.
  • IPFilter can now filter IPv6 traffic [4951608]
  • /usr/sfw/bin/wget now supports large files [6215177]
  • VLANs are now supported on xge (Neterion 10Gbs) ethernet devices.

Desktop Enhancements

  • The Xorg 'nv' driver was updated to the latest and the XF86-VIA driver was made available to Xsun users.
  • Mozilla was patched through MFSA 2005-59.
  • Ghostscript ESPgs is upgraded to 8.15.1 and now supports opvp and other drivers for japanese printers [6333285]

Platform Enhancements

  • FMA (Fault Management) for the UltraSPARC-T1 CPU and Memory was added. This engine can diagnose failures in and offline individual strands or entire cores.
  • Memory Placement Optimization was enabled on V490 and V890 systems.
  • The power button on most x86 systems should now gracefully shut down the system [6326272]
  • Support for the RealTek 8169S gigabit ethernet chipset was added for SPARC and x86/x64.


  • PKCS#11 v2.20 was integrated, adding some new mechanisms.
  • Support for storing private keys into PKCS#11 keystores was added.
  • A new "session ID" selection option for auditreduce(1m) was added. [5071771]
  • Kerberos was resynced to MIT 1.4. [6224704]


  • Java was updated to 1.5.0_06.
  • Sendmail is upgraded to 8.13.5 [6326006]
  • Compatibility between SVM devices and zones is improved. [5044015] [6331370]
  • A series of DDI interfaces was marked "Obsolete" in order to encourage driver writers to move to new interfaces. These include: ddi_dev_nintrs(9f), ddi_get_iblock_cookie(9f), ddi_intr_hilevel(9f), ddi_add_intr(9f), ddi_remove_intr(9f), ddi_get_soft_iblock_cookie(9f), ddi_add_softintr(9f), ddi_remove_softintr(9f), ddi_trigger_softintr(9f), ddi_iblock_cookie_t, ddi_idevice_cookie_t, ddi_softintr_t, and ddi_idevice_cookie(9s).
  • AT&T FACE (face(1)) was removed; fmli(1) was declared to be "obsolete."

Opensolaris related activity

  • Juergen Keil contributed 6317110 svc.startd frees garbage in undefined locale
  • We're in the final stretches of our effort to clean up the source code to be cleanly compilable using gcc. In this release we've got 110 more bugs worth of gcc cleanup taken care of.

This work is licensed under a Creative Commons Attribution-ShareAlike 2.5 License.

Technorati Tag:

Sunday Dec 11, 2005

Back from LISA, off to Apachecon

After a productive but exhausting week at LISA 2005, I came back to the Bay Area for the weekend. For those who are looking for my LISA slides: I promise to post them soon!

Here are some things I learned at LISA:

  • People love our new hardware; at the show we demoed the new T2000 Server and the new x2100 and x4100 servers; we hung big price tags on the machines, and had a really positive reaction to their low price and serviceability features.
  • We need to redouble our efforts to make people aware that OpenSolaris isn't a marketing thing-- it's how we do our jobs.
We also owe a debt of gratitude to USENIX and the LISA organizers who made the experience smooth and professional.

Now it's late on Sunday evening, and Tabriz and I will leave for ApacheCon in just a few hours. We'll lead a BoF on OpenSolaris; following that, I plan to attend the "Apache Zones BoF" to learn about what the Apache community is doing with zones. We'll also hang out at the Sun booth on Monday and Tuesday. See you there, I hope!

Monday Dec 05, 2005

Off to LISA 2005

A horde of us will be heading to the USENIX LISA 2005 Conference this week. After last year's success we're psyched up and ready to go: We'll be offering a snazzy booth with some very nice demos of key technologies (ZFS, SMF, FMA, Containers, N1, and more), several BoF sessions, and talks by Radia Perlman, Bryan Cantrill, Liane Praza and much, much more. We've even planned everything to be well synchronized with the "NC05Q4" product launch by begging, wheeling and dealing (but mostly begging) to bring you some really cutting edge hardware.

We sincerely hope to see you there! This is a big event for the system administration community; as OS developers, we're really happy to get such a unique chance to exchange ideas with you.

Technorati Tag:


Kernel Gardening.


« July 2016