X

An Oracle blog about Dr Cloud's Flying Software Circus

Recent Posts

The UNIX®-Based Cloud

DraftBlogThe UNIX®-Based CloudOracle®Solariscontinues to evolve as the foundation for critical private cloudimplementations.  As the premier UNIXin the IT industry, certified against the exacting standards ofThe OpenGroup for enterprise-level operating systems, Solaris 11 enables Oraclecustomers and partners to provide the elasticity, security,scalability, and stability required for today's demanding CloudComputing requirements.As Chris Riggin, Enterprise Architect at Verizon, said at lastFall's Oracle OpenWorld, the cloud services enabled by Solarisprovide the massive scaling for Verizon's 135 million customers and180,000 employees needed to speed service delivery and to maintainVerizon's competitive edge.  Using Solaris' and SPARC'sinnovative virtualization technologies and Oracle-supported OpenStack,Verizon serves both customers and employees with a UNIX-based cloudinfrastructure that implements enhanced agility, superiorperformance, easy maintainability, and effective cost control.Solaris has continually led the evolution of UNIX as the primarychoice for enterprise computing.  Oracle's leadership in The Open GroupGoverning Board ensures that UNIX will maintain and extend itsprominent role in cloud computing.UNIX® is aRegistered Trademark of The Open Group.Oracle® Solaris is a RegisteredTrademark of Oracle Corporation.

The UNIXstyle="color: rgb(51, 51, 51); font-family: Georgia, 'Bitstream Charter', serif; font-size: 14px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing:normal;...

Oracle Solaris 11.2 Virtualization Options

Wow! What an amazing collection of new features in Oracle Solaris 11.2!You can read and hear about it hereI would like to focus on one small but important new feature that allowsyou greater choice in Solaris OS virtualization: Kernel Zones.You create and manage Kernel Zones much like other zones the way youdid it on Solaris 10 or earlier Solaris 11 releases. But now on 11.2you can run different Solaris 11 kernel versions within non-globalzones, similar to the earlier branded zones idea for Solaris 8and 9. Solaris 11.2 now provides a platform for Type II hypervisorlike support for different Solaris kernels.This means that you now have two choices for virtualizing multipleSolaris kernels on the same physical server. Use Logical Domains (LDoms)on the T- and M- servers to provide fully separated Solaris kernelsrunning directly on allocated SPARC cores, or use lighter weight kernel zones hostedon a single Solaris 11.2 global zone. And this provides intriguingvariations and combinations of virtualization-within-virtualization:zones within LDoms, for maximum flexibility of application containmentand deployment.Check out Marcus Flierl's video on Solaris 11.2 virtualization here, and start thinking about all the new ways to deploy test, dev, and production applicationsin virtualized Solaris environments.

Wow! What an amazing collection of new features in Oracle Solaris 11.2! You can read and hear about it here I would like to focus on one small but important new feature that allowsyou greater choice in...

Nebulous Analogies

Having done my doctoral research on analogies, including theirbenefits and misuses, I am often amused by the analogies that cropup in the field of computing.Starting long ago with von Neumann's "The Computer and the Brain"[1], computing analogies have both illuminated and confused manyimportant IT concepts. The use of the term "memory" for persistentdata storage, for example has a fairly clear and beneficial connectionto human recall concepts. Less clearly helpful are analogies tothinking and consciousness common in AI research, as well as thecurrent discussions around "cloud" computing. The correspondingcharacteristics of meteorological clouds and modern distributedcomputing are imprecise and misleading. It’s not clear how thatanalogy helps understand the critical technical concepts.Now we have yet another unhelpful analogy, “Fog Computing” [2].Attempting to characterize the “Internet of Things” [3] as anall-pervasive, obscuring “mist” explains nothing about the natureof ubiquitous, embedded computing services. And of course, computingvendors will jump at the chance to exploit the latest analogicalbuzzword to promote their products [4].It’s difficult to communicate anything without using analogies,since that’s how the human brain works — we think using analogies[5]. But we should be careful in selecting the source analogs whentrying to explain complex concepts. Poorly chosen sources canconfuse and limit thinking and can hinder solution development.Surely there are better source analogs than clouds and fog. The“web” is clearly better than the “cloud” in conveying the idea ofconnectivity. But what is the ideal analogy for computing servicesthat will eventually fill every corner of our daily lives, usingour always-connected devices like smartphones and tablets, and theembedded services in our homes, cars, businesses, and social media?I don’t think it’s atmospheric phenomena. And I’m not sure it’s the“invisible computer” analogy either [6]. It’s probably more likeoxygen [7], although that implies that we can’t live without it.Hmmm…maybe we can’t.[1] http://www.amazon.com/Computer-Silliman-Memorial-Lectures-Series/dp/0300181116[2] http://conferences.sigcomm.org/sigcomm/2012/paper/mcc/p13.pdf[3] http://en.wikipedia.org/wiki/Internet_of_Things[4] http://newsroom.cisco.com/release/1334100/Cisco-Delivers-Vision-of-Fog-Computing-to-Accelerate-Value-from-Billions-of-Connected-Devices[5] http://www.amazon.com/Surfaces-Essences-Analogy-Fuel-Thinking/dp/0465018475[6] http://www.amazon.com/The-Invisible-Future-Integration-Technology/dp/0071382240[7] http://oxygen.lcs.mit.edu/Overview.html

Having done my doctoral research on analogies, including their benefits and misuses, I am often amused by the analogies that crop up in the field of computing. Starting long ago with von Neumann's...

Brendan Gregg's "Systems Performance: Enterprise and the Cloud"

Long ago, the prerequisite UNIX performance book was AdrianCockcroft's 1994 classic, SunPerformance and Tuning: Sparc & Solaris, later updated in1998 as Javaand the Internet. As Solaris evolved to include the invaluableDTraceobservability features, new essential performance references havebeen published, such as SolarisPerformance and Tools: DTrace and MDB Techniques for Solaris 10and OpenSolaris (2006)  by McDougal, Mauro, and Gregg,and DTrace:Dynamic Tracing in Oracle Solaris, Mac OS X and FreeBSD(2011), also by Mauro and Gregg.Much has occurred in Solaris Land since those books appeared,notably Oracle'sacquisition of Sun Microsystems in 2010 and the demise of theOpenSolaris community. But operating system technologies havecontinued to improve markedly in recent years, driven by stunningadvances in multicore processor architecture, virtualization, andthe massive scalability requirements of cloud computing.A new performance reference was needed, and I eagerly waited forsomething that thoroughly covered modern, distributed computingperformance issues from the ground up. Well, there's a new classicnow, authored yet again by Brendan Gregg,former Solaris kernel engineer at Sun and now Lead PerformanceEngineer at Joyent.SystemsPerformance: Enterprise and the Cloud is a modern, verycomprehensive guide to general system performance principles andpractices, as well as a highly detailed reference for specific UNIXand Linux observability tools used to examine and diagnose operatingsystem behaviour.  It provides thorough definitions of terms,explains performance diagnostic Best Practices and "Worst Practices"(called "anti-methods"), and covers key observability toolsincluding DTrace, SystemTap, and all the traditional UNIX utilitieslike vmstat, ps, iostat, and many others.The book focuses on operating system performance principles andexpands on these with respect to Linux (Ubuntu, Fedora, and CentOSare cited), and to Solaris and its derivatives [1]; it is notdirected at any one OS so it is extremely useful as a broadperformance reference.The author goes beyond the intricacies of performance analysis andshows how to interpret and visualize statistical informationgathered from the observability tools.  It's often difficult toextract understanding from voluminous rows of text output, andtechniques are provided to assist with summarizing, visualizing, andinterpreting the performance data.Gregg includes myriad useful references from the system performanceliterature, including a "Who's Who" of contributors to this greatbody of diagnostic tools and methods.This outstanding book should be required reading for UNIXand Linux system administrators as well as anyone charged withdiagnosing OS performance issues.  Moreover, the book caneasily serve as a textbook for a graduate level course in operatingsystems [2].[1] Solaris 11, of course, and Joyent's SmartOS (developed fromOpenSolaris)[2] Gregg has taught system performance seminars for many years; Ihave also taught such courses...this book would be perfect for theOS component of an advanced CS curriculum.

Long ago, the prerequisite UNIX performance book was Adrian Cockcroft's 1994 classic, href="http://www.amazon.com/Sun-Performance-Tuning-Sparc-Solaris/dp/0131496425">SunPerformance and Tuning: Sparc &...

NIST Cloud Computing & Big Data Forum, Jan 15-17 2012

NIST Cloud Computing & Big Data Forum, Jan 15-17 2012On the second day of the NIST Cloud Computing & Big Data Forum, we had a real treat...the keynote speaker was Vint Cerf,Google's VP and Chief Internet Evangelist.Allocated a mere30 minutes, he actually spoke for more than 45, detailing his thoughtson Cloud Computing, Big Data, and related topics. He highlightedsome of the security issues concerning cloud computing, likethe problem of "leftovers" (data remaining after a virtualservice has been deprovisioned), and the need for strongauthentication of both user identities and trusted identifiers.He also emphasized the need for non-proprietary inter-cloud communication andcollaboration protocols, and mentioned a bit about Google'scloud services including a comment about their current100Gb OpenFlow-based infrastructure and their potentialneed for Terabit connectivity in their data centers. One interesting Big Data comment he made concerned the problem of feeding data fast enough into today'spowerful multicore processors, and suggested the memristor asa possible technology solution.Later in the conference at a panel on Big Data Use Cases,Veterans Affairs CTO Peter Levin gave a briefing on the VA's Blue Button system for accessing veterans'health care records, and its potential to grow to thousands of terabytes as genetic data is included, justone of many examples of Big Data projects discussedtoday. Presentations from the conferencewill be posted on the NIST Cloud Computing Web site.

NIST Cloud Computing & Big Data Forum, Jan 15-17 2012 On the second day of the NIST Cloud Computing & Big Data Forum, we had a real treat...the keynote speaker was Vint Cerf,Google's VP and Chief...

New Book: Oracle Exalogic Elastic Cloud Handbook

Oracle Exalogic Elastic Cloud Handbook, by Tom Plunkett, TJ Palazzolo,and Tejas Joshi, Oracle Press.The well-known characteristics and tiers of cloud computing havespawned myriad implementations by a host of vendors and systemintegrators. One of these, Oracle's Exalogic Elastic Cloud, part of Oracle's family ofEngineered Systems, is a keycomponent of Oracle's public and private cloud computing solutions,providing critical PaaS (Platform as a Service) features for clouddevelopers. These developers need guidance to take advantage ofExalogic's extensive capabilities, and the Oracle Exalogic ElasticCloud Handbook, written by three highly experienced Oracletechnologists, provides that guidance.Part One of the book covers Exalogic's hardware and softwarecomponents, and includes a very useful chapter on deployment examples,describing best practices for scalabiity, availability, backup andrecovery, and multi-tenant security, including integration withother Oracle Engineered Systems and products such as Exadata andstorage subsystems.Part Two is a thorough guide to Exalogic installation features,configuration and monitoring, packaged application software management,and scalable application development.The book also provides an extensive list of online resources,including pointers to Web sites, whitepapers, instructional videos,and other Oracle documentation.So, if you're planning to implement Exalogic as part of your cloudinfrastructure, or are considering such, you'll find lots of sageadvice and best practices in this handbook.

Oracle Exalogic Elastic Cloud Handbook, by Tom Plunkett, TJ Palazzolo, and Tejas Joshi, Oracle Press. The well-known characteristics and tiers of cloud computing havespawned myriad implementations by...

The Growing Importance of Network Virtualization

The Growing Importance of Network VirtualizationWe often focus on server virtualization when we discuss cloud computing, but just as often we neglect to consider some of the critical implications of that technology. The ability to create virtual environments (or VEs [1]) means that we can create, destroy, activate and deactivate, and more importantly, MOVE them around within the cloud infrastructure. This elasticity and mobility has profound implications for how network services are defined, managed, and used to provide cloud services. It's not just servers that benefit from virtualization, it's the network as well.Network virtualization is becoming a hot topic, and not just for discussion but for companies like Oracle and others who have recently acquired net virtualization companies [2,3]. But even before this topic became so prominent, Solaris engineers were working on technologies in Solaris 11 to virtualize network services, known as Project Crossbow [4].And why is network virtualization so important? Because old assumptions about network devices, topology, and management must be re-examined in light of the self-service, elasticity, and resource sharing requirements of cloud computing infrastructures. Static, hierarchical network designs, and inter-system traffic flows, need to be reconsidered and quite likely re-architected to take advantage of new features like virtual NICs and switches, bandwidth control, load balancing, and traffic isolation. For example, traditional multi-tier Web services (Web server, App server, DB server) that share net traffic over Ethernet wires can now be virtualized and hosted on shared-resource systems that communicate within a larger server at system bus speeds, increasing performance and reducing wired network traffic. And virtualized traffic flows can be monitored and adjusted as needed to optimize network performance for dynamically changing cloud workloads. Additionally, as VEs come and go and move around in the cloud, static network configuration methods cannot easily accommodate the routing and addressing flexibility that VE mobility implies; virtualizing the network itself is a requirement.Oracle Solaris 11 [5] includes key network virtualization technologies needed to implement cloud computing infrastructures. It includes features for the creation and management of virtual NICs and switches, and for the allocation and control of the traffic flows among VEs [6]. Additionally it allows for both sharing and dedication of hardware components to network tasks, such as allocating specific CPUs and vNICs to VEs, and even protocol-specific management of traffic.So, have a look at your current network topology and management practices in view of evolving cloud computing technologies. And don't simply duplicate the physical architecture of servers and connections in a virtualized environment…rethink the traffic flows among VEs and how they can be optimized using Oracle Solaris 11 and other Oracle products and services.[1] I use the term "virtual environment" or VE here instead of the more commonly used "virtual machine" or VM, because not all virtualized operating system environments are full OS kernels under the control of a hypervisor…in other words, not all VEs are VMs. In particular, VEs include Oracle Solaris zones, as well as SPARC VMs (previously called LDoms), and x86-based Solaris and Linux VMs running under hypervisors such as OEL, Xen, KVM, or VMware.[2] Oracle follows VMware into network virtualization space with Xsigo purchase; http://www.mercurynews.com/business/ci_21191001/oracle-follows-vmware-into-network-virtualization-space-xsigo[3] Oracle Buys Xsigo; http://www.oracle.com/us/corporate/press/1721421[4] Oracle Solaris 11 Networking Virtualization Technology, http://www.oracle.com/technetwork/server-storage/solaris11/technologies/networkvirtualization-312278.html[5] Oracle Solaris 11; http://www.oracle.com/us/products/servers-storage/solaris/solaris11/overview/index.html[6] For example, the Solaris 11 'dladm' command can be used to limit the bandwidth of a virtual NIC, as follows: dladm create-vnic -l net0 -p maxbw=100M vnic0

The Growing Importance of Network Virtualization We often focus on server virtualization when we discuss cloud computing, but just as often we neglect to consider some of the critical implications of...

Clouds Aroud the World

At the NIST Cloud Computing Workshop this week; representatives from Canada, China, and Japan presented on their cloud computing efforts. Some interesting points made:Canada: Building "Service Canada" cloud for all citizen services, but raised the issue of data location...cloud data must be within Canada border, so they will not focus on public clouds where they don't know or can't control data location.Japan: In response to the massive destruction of the Great East Japan Earthquake, Japan is building nation-wide cloud services to support disaster relief, data recovery, and support for rebuilding new communities.US Ambassador Philip Verveer discussed the need for international cooperation and standards development to enable interoperability of cloud services, keeping in mind cultural and political differences. Additionally, an industry panel reported on cloud standards development, including some actual interoperability testing at http://www.cloudplugfest.org. Much of the first two days of the workshop covered progress and action plans around the 10 High-Priority Requirements to Further USG Agency Cloud Computing Adoption. Thursday's sessions will cover the work of the various NIST Cloud Computing Working Groups on Reference Architecture and TaxonomyStandards Acceleration to Jumpstart the Adoption of Cloud Computing (SAJACC)Cloud SecurityStandards RoadmapBusiness Use Cases(see Working Groups of NIST Cloud Computing )

At the NIST Cloud Computing Workshop this week; representatives from Canada, China, and Japan presented on their cloud computing efforts. Some interesting points made: Canada: Building "Service...

What's a "Cloud Operating System"?

What's a "Cloud Operating System"?Oracle's recently introduced Solaris 11 has been touted as "The First Cloud OS". Interesting claim, but what exactly does it mean? To answer that, we need to recall what characteristics define a cloud and then see how Solaris 11's capabilities map to those characteristics.By now, most cloud computing professionals have at least heard of, if not adopted, the National Institute of Standards and Technology (NIST) Definition of Cloud Computing, including its vocabulary and conceptual architecture. NIST says that cloud computing includes these five characteristics:On-demand self-serviceBroad network accessResource poolingRapid elasticityMeasured serviceHow does Solaris 11 support these capabilities? Well, one of the key enabling technologies for cloud computing is virtualization, and Solaris 11 along with Oracle's SPARC and x86 hardware offerings provides the full range of virtualization technologies including dynamic hardware domains, hypervisors for both x86 and SPARC systems, and efficient non-hypervisor workload virtualization with containers. This provides the elasticity needed for cloud systems by supporting on-demand creation and resizing of application environments; it supports the safe partitioning of cloud systems into multi-tenant infrastructures, adding resources as needed and deprovisioning computing resources when no longer needed, allowing for pay-only-for-usage chargeback models.For cloud computing developers, add to that the next generation of Java, and you've got the NIST requirements covered. The results, or one of them anyway, are services like the new Oracle Public Cloud. And Solaris is the ideal platform for running your Java applications.So, if you want to develop for cloud computing, for IaaS, PaaS, or SaaS, start with an operating system designed to support cloud's key requirements…start with Solaris 11.

What's a "Cloud Operating System"? Oracle's recently introduced Solaris 11 has been touted as "The First Cloud OS". Interesting claim, but what exactly does it mean? To answer that, we need to recall...

The NIST Cloud Computing Forum & Workshops IV (Nov 2-4, 2011)

The new US CIO, Steve Van Roekel, along with senior researchers at NIST, hosted the fourth Cloud Computing Forum and Workshops this week ( http://www.nist.gov/itl/cloud/cloudworkshopiv.cfm ). One highlight was the release of the Draft Cloud Technology Roadmap with a call for public comments. See the Web site for the agenda and downloadable documents and presentations.There were international participants at the event, with much friendly discussion of "openness", "interoperability", and an idealistic "One Cloud" vision of a "Cloud Without Borders". A very hopeful perspective, but perhaps a bit overly optimistic one given the current political state of the world and various governments' control of Internet access and resources. One issue that concerns me in all this rush to cloud computing is the question of where the expertise will come from to design, build, and manage massive cloud infrastructures? Concepts such as parallel programming, scalability, virtualization, and cache management need to be integrated into CS curricula from the start, maybe even starting in high school but certainly at the undergraduate level. I don't yet see sufficient emphasis on those areas in the CS courses and textbooks offered by many universities. Without a continuous stream of knowledgeable graduates, the lack of cloud computing experience and expertise will slow the adoption of this transformative technology.Security and trust in the cloud remain primary concerns; the NIST Cloud Computing Security Working Group has released a draft publication outlining 17 key requirement areas for cloud security ( http://collaborate.nist.gov/twiki-cloud-computing/pub/CloudComputing/Documents/NIST_Security_Requirements_for_US_Government_Cloud.pdf ). Yet in spite of the current lack of mature security solutions and interoperability/development standards, it was still recommended that agencies start their cloud deployments with the expectation that expertise will evolve through experimentation, trial, and (inevitably) error.

The new US CIO, Steve Van Roekel, along with senior researchers at NIST, hosted the fourth Cloud Computing Forum and Workshops this week ( http://www.nist.gov/itl/cloud/cloudworkshopiv.cfm). One...

Java Gets Cloudy

Most of the books I've seen so far about cloud computingare full of advice, "shoulds" and "shouldn'ts" about cloud concepts and architecture, security recommendations, and policy compliance, but are notmuch in the "how" department. Of course, there are multipleperspectives from which to view the cloud -- end user, IaaS or PaaS provider, services broker, and, of course, developers. So, how do you actually build "cloud applications"?And what programming languages and APIs should developers use to build them? Well, there are some answers available.Recently published is Code in the Cloud: Programming the Google App Engine, by Mark C. Chu-Carroll of Google. Hestarts his book with cloud programming examples writtenin Python, but then jumps to Java and the Google WebToolkit, a very useful set of Java class libraries and widgets that generate fast JavaScript-based Web applications. But that's not all; JCP, the caretakers of the Javatechnical standards, recently approved the Java EE 7 Platform Java Specification Requestwhich will enable Java EE applications to support themulti-tenant and elastic features required for cloud computing solutions. Oracle's developers andcustomers, along with those of IBM, Red Hat, and even SAP, are pleased to see the continuingevolution and support of Java technology into "the Cloud".Hmmm..."Write Once, Run in the Cloud" has a nice ring to it,don't you think?

Most of the books I've seen so far about cloud computing are full of advice, "shoulds" and "shouldn'ts" about cloud concepts and architecture, security recommendations,and policy compliance, but are...

The Cloud is STILL too slow!

If you've been in the computing industry sufficiently long enough to remember dialup modems and other "ancient" technologies, you might be tempted to marvel at today's wonderfully powerful multicore PCs, ginormous disks, and blazingly fast networks.  Wow, you're in Internet Nirvana, right!  Well, no, not by a long shot.Considering the exponentially growing expectations of what the Web, that is, "the Cloud", is supposed to provide, today's Web/Cloud services are still way too slow.Already we are seeing cloud-enabled consumer devices that are stressing even the most advanced public network services.  Like the iPad and its competitors, ever more powerful smart-phones, and an imminent hoard of special purpose gadgets such as the proposed "cloud camera" (see http://gdgt.com/discuss/it-time-cloud-camera-found-out-cnr/ ).And at the same time that the number and type of cloud services are growing, user tolerance for even the slightest of download delays is rapidly decreasing.  Ten years ago Web developers followed the "8-Second Rule", (average time a typical Web user would tolerate for a page to download and render).  Not anymore; now it's less than 3 seconds, and only a bit longer for mobile devices (see http://www.technologyreview.com/files/54902/GoogleSpeed_charts.pdf).  How spoiled we've become!Google, among others, recognizes this problem and is working to encourage the development of a faster Web (see http://www.technologyreview.com/web/32338/). They, along with their competitors and ISPs, will have to encourage and support significantly better Web performance in order to provide the types of services envisioned for the Cloud.  How will they do this? Through the development of faster components, better use of caching technologies, and the really tough one - exploiting parallelism. Not that parallel technologies like multicore processors are hard to build...we already have them.  It's just that we're not that good yet at using them effectively.  And if we don't get better, users will abandon cloud-based services...in less than 3 seconds.

If you've been in the computing industry sufficiently long enough to remember dialup modems and other "ancient" technologies, you might be tempted to marvel at today's wonderfully powerful multicore...

Two new books on Multicore Programming and Virtualization

Underneath all the pretty user interfaces for cloud computing systems lie fundamental technologies that make all the self provisioning, elasticity, and scalability work.  Nothing is more crucial to scalability than the exploitation of parallelism at all levels, from the server architecture all the way down to the processor design.  Additionally, the power of parallelism is realized through virtualization, creating and running many operating system virtual machines on a single server to take advantage of modern multi-core processors.  So it is essential to understand the concepts and implementations of virtualization and the underlying processor technologies that support it.Daryl Gove, a senior software engineer at Oracle, has recently published Multicore Application Programming, covering the leading approaches to parallelization on Windows, Linux, and Oracle Solaris. Through practical examples, he illuminates the challenges involved in writing applications that fully utilize multicore processors, helping you produce applications that are functionally correct, offer superior performance, and scale well to eight cores, sixteen cores, and beyond.  You can't build scalable cloud architectures without understanding how to get the most out of such processors.Additionally, a team of Oracle software and hardware engineers has just published Oracle Solaris 10 System Virtualization Essentials.  This comprehensive book provides an accessible introduction to computer virtualization, specifically for the system virtualization technologies that use the Oracle Solaris or OpenSolaris operating systems, including:Using Dynamic Domains to maximize workload isolation on Sun SPARC systemsUsing Oracle VM Server for SPARC to deploy different Oracle Solaris 10 and OpenSolaris environments on SPARC CMT (chip multithreading) systemsUsing Oracle VM Server for x86 to deploy a server with heterogeneous operating systemsUsing Oracle VM VirtualBox to develop and test software in heterogeneous environmentsUsing Oracle Solaris Containers to maximize efficiency and scalability of workloadsIf you want to thoroughly understand virtualization on Oracle's systems in order to exploit it for consolidation and for cloud computing, this book is essential. 

Underneath all the pretty user interfaces for cloud computing systems lie fundamental technologies that make all the self provisioning, elasticity, and scalability work.  Nothing is more crucial to...

Solaris 11 Express

As a long-time Solaris and Linux technologist and the author of a book about OpenSolaris, I am very much interested in the future of operating systems.  Contrary to popular belief, operating systems are not dead and indeed are fertile ground for innovations in virtualization, security, observability, file systems, performance and scalability, and yes, even Cloud Computing.Oracle acquired Sun, along with Java and Solaris, earlier this year; since then they have not only maintained but have expanded and advanced the ongoing development of what is now called Oracle Solaris.  Developers, ISVs, and end users of Solaris have been justifiably anxious and impatient about its future.  Today, we have some very good news for them -- the release of Solaris 11 Express.Some of the most significant new technologies in Solaris 11 Express includethe Image Packaging System for software installation, updates, and patching,network virtualization and resource managementZFS dataset encryptionSolaris 10 branded containersand many other enhancements.  See the What's New in Oracle Solaris 11 Express document for details.My colleague at Oracle, Jim Laurent, has posted a blog entry showing you how to use VirtualBox to install and learn about Solaris 11 Express.  Also, at this year's LISA Conference, Oracle presented several BOF sessions on Solaris 11.So, to paraphrase Mark Twain, the report of the death of Solaris is an exaggeration.  Find it here, then go forth and learn!

As a long-time Solaris and Linux technologist and the author of a book about OpenSolaris, I am very much interested in the future of operating systems.  Contrary to popular belief, operating systems...

Nov 4 NIST Cloud Computing Forum, Day 1: "Cloud Computing is not a fad"

Attended the second NIST Cloud Computing Forum and Workshop II today.  Almost 400 registrants (but lots of no-shows, probably due to the awful weather today and the ugly DC Beltway traffic.Anyway, if you thought that cloud computing was just the latest media-driven marketing frenzy that would rapidly sink from the Peak of Inflated Expectations into the Trough of Disillusionment, never to return, think again.  The Federal CIO, Vivek Kundra, and all the scientists and industry guests at this conference, are rapidly driving Cloud Computing toward the Slope of Enlightenment through their efforts to define and promote technical and usage standards for this "next era of computing".Several distinguished panels of industry and government experts kicked off this 2-day conference, today outlining some big-picture successes and concerns, with tomorrow's sessions being more detailed...more about that tomorrow.  Kundra reminded attendees about the $80B that the federal government spends on IT each year on its 2000+ data centers.  He is specifying a "Cloud First" procurement policy in his recommendations for the 2012 FY federal budget.The first cloud panel, which included Oracle's Mark Carlson, tried to refute the common complaint that "there are no cloud computing interoperability standards", given that foundational cloud technologies such as virtualization already have relevant standards like OVF (see cloud-standards.org for more).  I asked the panel what cloud standards still need to be developed, and the general consensus focused on cloud computing APIs.  Interesting, in that Oracle just announced its submission of cloud APIs to the DMTF.  The Reference Architecture panel then debated the relevance and utility of reference architectures and reference implementations, but agreed that API standards are needed.NIST has published or will soon release several key cloud computing documents, including a virtualization security guide, and updates to the FedRAMP and SAJACC programs.Other topics were discussed today that will get more detailed treatment tomorrow.  But some interesting points were raised.  For example, Jim Reavis of the Cloud Security Alliance emphasized that Identity Management - for users, apps, and data - is the key technology that will determine the success or failure of cloud computing.  Another, non-technical, point was highlighted by the panel: federal CIOs won't be motivated to jump on the cloud computing bandwagon if the expected cost savings ultimately reduces their budgets!  Hmmmm....  But then Reavis stated that there will probably be no immediate savings during the transition to cloud computing anyway.Until tomorrow...

Attended the second NIST Cloud Computing Forum and Workshop II today.  Almost 400 registrants (but lots of no-shows, probably due to the awful weather today and the ugly DC Beltway traffic.Anyway, if...

Oracle OpenWorld: Cloudy with a 100% Chance of Sun

Oracle OpenWorld 2010 opened last night to great fanfare andexcitement.  Leading off the keynote talks were HP's Ann Livermoreand Dave Donatelli.  If the audience was expecting any referenceto recent HP/Oracle disagreements, they didn't get much.  Livermorereminded everyone how large the joint customer base is:  140,000customers representing nearly 1 million end users of Oracle softwareon HP hardware, and 40% of Oracle licenses. Donatelli several times, however, emphasized that HP is the "only company with it all...hardware,software, services, management".  Hmmm...what about Oracle now?  But hedid highlight some interesting technologies, such as HP's Blade SystemMatrix Backbone for Cloud.  Nigel Cook gave a demo of creating andprovisioning "Private Cloud Maps" using a drag-and-drop interface to deploy Oracle software on HP servers.Larry Ellison was the main keynoter, and he spoke the words "cloud computing"without his earlier dismissive comments, although he did remind the audience that cloud (distributed computing) technologies have been aroundfor decades and are being "reborn and rebranded".  He pointed out thata Web-based application like SalesForce.com is not really a cloud byhis definition, asserting that Amazon's EC2, with its virtualization,elasticity, and PaaS model agrees with his view of what cloud computingreally is.  He then highlighted Oracle's newly announced ExaLogic ElasticCompute Cloud, a "Cloud in a Box", providing highly scalable virtualizedLinux and Solaris operating environments atop an optimized Oracle VirtualMachine hypervisor, supporting extremely scalable Web middleware, all running on Sun/Oracle servers.No JavaOne/OpenWorld conference would be complete without a variety of celebrities and entertainers. This week-long event, with 41,000+attendees, will also feature Apollo Ono, Lance Armstrong, the BlackEyed Peas, Montgomery Gentry, and the Steve Miller Band.Check back to this blog later this week for more news about Oracle in the Cloud.

Oracle OpenWorld 2010 opened last night to great fanfare and excitement.  Leading off the keynote talks were HP's Ann Livermore and Dave Donatelli.  If the audience was expecting any referenceto...

Cloud Security Books

Nearly every survey asking what the top concerns are about cloud computing shows security issues at the top.  Little wonder then that in addition to the growing library of books about cloud computing in general, more books on cloud security are showing up; I've got three of these so far, with yet another on order:Cloud Security and Privacy: An Enterprise Perspective on Risks and Compliance, by Tim Mather, Subra Kumaraswamy, and Shahed Latif; O'Reilly Media Inc, 2009Cloud Computing: Implementation, Management, and Security, by John Rittenhouse and James Ransome; CRC Press 2010Cloud Security: A Comprehensive Guide to Secure Cloud Computing, by Ronald Krutz and Russell Vines; Wiley Publishing Inc, 2010Securing the Cloud: Cloud Computer Security Techniques and Tactics, by Vic Winkler, Syngress, 2011 (in progress)Each of the first three are excellent sources for understanding the concepts and vocabulary of cloud computing and the associated security issues.  They are full of excellent, albeit generic, advice on securing the massively scaled distributed computing architectures common to cloud computing, although they generally cover a critical topic -- virtualization security -- only lightly.What is needed now is more specificity -- detailed case studies, implementation and architectural specifications, and some hands-on examples of real cloud infrastructures and how they are secured.  So I hope the Syngress book, due out May 2011, will provide more than generic advice.

Nearly every survey asking what the top concerns are about cloud computing shows security issues at the top.  Little wonder then that in addition to the growing library of books about cloud computing...