Tuesday Feb 23, 2016

Long Command Lines Hidden No More. Hallelujah!


Most of us Solaris old-timers have railed about truncated output from ps, and the inability to get the whole command line (java processes are particularly susceptible to this).

I'm today happy to report this 'Fixed in Solaris 11 and Later'.


Wednesday Jan 27, 2016

Lots more FOSS added to Solaris 11!

Today Oracle released a set of Selected FOSS Component packages that can be used with/on Solaris 11.3. These packages provide customers with evaluation copies of new and updated versions of FOSS ahead of officially supported Oracle Solaris product releases.

These packages are available at the Oracle Solaris product release repository for customers running Oracle Solaris 11.3 GA. The source code used to build the components is available at the Solaris Userland Project on Java.net. The packages are not supported through any Oracle support channels. Customers can use the software at their own risk.

For more information, check out this blog post.

Tuesday Dec 08, 2015

Recent SPARC/Solaris Security Blog Posts

Over at the Oracle PartnerTech Blog, I've begun a series of posts on SPARC/Solaris Security, including threads on SPARC M7 cryptography and the benefits of IBM software using Solaris and SPARC for End-to-End Security. Check 'em out -- there are more on the way, too!

Friday Nov 13, 2015

Security - It's Not Just About Keeping Your Password Safe Anymore

Well, really, it never was. It's just that, nowadays, everyone needs to be aware and pro-active, especially enterprises.

So, recently my company, Oracle, had an intimate get-together in San Francisco. Maybe you've heard of it -- it's called "Oracle OpenWorld". And at that cozy little gathering our boss, a one Mr. Larry Ellison, spoke about the need for end-to-end Security. Everywhere. All the time. By default.

Always on, as it were.

Now, I don't usually comment on, or even pass along, things that come down from the C-Suite of my company. Because there are plenty of places to hear about it. Plenty of sales folk willing to talk to you about it, for example. Yes, our new servers powered by SPARC M7 and Solaris 11.3 are cool and the more secure than ever and have a raft of whizzy new features, and new security features, all the way down to the CPU level. But that's not what I'm doing. I'm doing something much simpler here. 

I simply wanted to say "Yes." It resonates with me, the grizzled, jaded veteran of thirty-five years (I dare not write that in numerals)  in the business. It's time. It's past time. It's not something "someone else should probably do." We all need to do it, lest those inconvenient breaches bring havoc to all our lives.

Whoa. That sounds deep and serious. Well, it is. Technology, no matter how cool, how enabling, how freeing -- can be hijacked and misused, and the potential negative impact can be just as severe, if not more, than the positive impact.

So, yeah. I'm going to be talking a bit more about this stuff starting today. In part because the combination of our platforms and our partners' software offerings can address this issue to a modest degree. In part because I work with some of those partners on these platforms, and have seen this need merge with this potential of late.

Imagine systems that encrypt your data without a huge performance penalty, without expensive hardware add-ons. Imagine systems that do that with record price-performance, with unrivaled availability, with the software frameworks and offerings you use in your enterprise. Imagine end-to-end security from the start.

Always on, as it were.

Sunday Aug 02, 2015

Solaris Home Fileserver - The Next Generation

Well, it's been five years since 1) Oracle acquired Sun, and 2) I last updated my home fileserver. At the behest of my manager, I wanted to write a little bit about the latest incarnation. Smaller, faster, with more storage and using less power. Of course. Moore's Law continues to be the Gift That Keeps on Giving.

I've been very happy with Solaris, ZFS and external USB disk drives to provide a cheap and reliable family fileserver, but the temptation of newer hardware eventually becomes impossible to resist. Earlier this year, I gave up and gave in.

My intent this time was to keep with the basic principles as before:

  • Green/low-power
  • Use Solaris
  • Increase storage capacity and performance

In the end, I moved off the Shuttle SFF line (there are so many more choices available in 2015), moved from USB2.0 to USB3.0, and changed out 3.5" powered external drives to larger 2.5" self-powered external drives. Performance is better, these disks spin down after a time (as did the previous disks), and power usage is lower. I'm using internal builds of Solaris, which seems to support every feature of the server except for the WiFi card (which I never intended to use).

Old Fileserver  New Fileserver

Shuttle X27D SFF
 Built-in dual-core Atom 330 CPU @ 1.6GHz
 2GB DDR2 memory
 2.5" 120GB internal SATA disk 

Gigabyte Brix GB-BXi3-4010
 Built-in Core i3-4010U @ 1.7GHz
 8GB DDR3L memory
 64GB mSATA flash drive
 Oracle Solaris

3 x Simpletech SimpleDrive 3.5"
500GB USB2.0 disk drives
3 x Western Digital My Passport Ultra 2.5"
1TB USB3.0 disk drives
26W idle
32W under load
15W idle
18W under load
Performance  ~14MB/s write (NFS)
 ~18MB/s read (NFS)

 ~ 6MB/s write (NFS)
(I am not yet sure why this is
so slow - stay tuned)

 ~ 83MB/s read (NFS)

 RAID-Z1 ZPool (1TB usable)  RAID-Z1 ZPool (2TB usable)
 5GB ZIL on mSATA flash drive
 SMB (builtin); AFP (freeware); NFS  SMB (builtin); AFP (freeware); NFS

Stay tuned as I try to figure out why NFS writes are so slow. 

Thursday Jul 26, 2012

New version of Oracle Solaris Pre-Flight Application Checker

Some very hard-working folks in my organization, Oracle Systems ISV Engineering, have just released a new version of the Solaris Pre-Flight App Checker. You can get it for free from the Solaris Download Page

As with the original release, this tool is the single easiest way to check your application for Solaris 11 compatibility issues while still running on Solaris 10. This latest release incorporates several improvements:

1. Fully globalized product, currently with support for English,  Simplified Chinese and Japanese 
2. Now detects issues due to static linking of system libraries
3. Now detects mutex alignment issues
4. Now checks usage of private kernel interfaces (binary as well source scanner) 
5. An improved script scanner to flag issues due to usage of removed, relocated commands as well as issues due to usage of new shell ksh93 (instead  of old ksh88 )

Friday Mar 23, 2012

Attention Developers: Announcing a New Solaris Webinar Series

We're launching a new bi-weekly free webinar series: Oracle Solaris 11 Developer Webinar Series. My ISVe colleagues and I will be presenting a variety of one-hour topics over the next few months.

I'm kicking off the series next Tuesday, March 27th at 0900PDT with a discussion of Solaris and Modern Packaging Technologies. Come check us out!

Webinar Series overview and schedule: here

Tuesday's packaging webinar page: here

Wednesday Dec 21, 2011

Oracle Solaris Binary Application Guarantee extended to Solaris 11

This is Good News.

The Oracle Solaris Binary Application Guarantee now covers both Oracle Solaris 10 and Oracle Soalris 11. Oracle has extended the program through 2013. The program covers a source code guarantee as well as a binary guarantee. Details can be found in the program description.

Tuesday Sep 23, 2008

Today's coolness: ZFS Snapshots and Reproducible test states

I had a lovely 'aha' moment today. This 'aha' is nothing new, except to me.  Today, I tried ZFS snapshots for the first time, and it made my life SO much easier! My thanks to colleague Tom Daly for the suggestion!

We're testing Drupal on Webstack on OpenSolaris. The MySQL database we're using totals about 20GB on disk - not big, but heretofore it was created via a script of MySQL commands, including lots of inserts. To populate the database to a 'fresh' state took about 50 minutes on a Sun SPARC Enterprise T5120.

"Why not try ZFS rollback," asks Tom, nonchalantly. Ding! Aha!

OpenSolaris uses ZFS for everything, even booting. It's the default filesystem type. Our database resides on a ZFS mount (in a Zone, no less, back-mounted from the global zone!). This is a perfect use of the ZFS 'snapshot' and 'rollback' commands. To wit:

First, we need re-instantiate the database only once, and get it to just the place we want as our 'unsullied starting-point' database. 

Time: 1 hour.

Snapshot the ZFS mount in the global zone (before the '@' is the ZFS volume, after is the snapshot name):

bash# zfs snapshot /tank2/db0/data@freshdb      
bash# zfs list -t snapshot
NAME                             USED  AVAIL  REFER  MOUNTPOINT
tank2/db0/data@freshdb              0      -  13.5G  

Time: 10 seconds

Test to your heart's content, mess up the database all your want. Ready for a fresh, unspoiled MySQL database? Well, just roll it back!

bash# zfs list -t snapshot
NAME                             USED  AVAIL  REFER  MOUNTPOINT
tank2/db0/data@freshdb           166M      -  13.5G  -

bash# zfs rollback /tank2/db0/data@freshdb

bash# zfs list -t snapshot
NAME                             USED  AVAIL  REFER  MOUNTPOINT
tank2/db0/data@freshdb              0      -  13.5G  -
Time: 8 seconds

Do this as many times as you need. Fresh databases in seconds, not upwards of an hour.

Just wanted to share...


Main Sequence: 1) an astronomy term denoting the lifecycle of a majority of known stars. 2) err @ Sun/Oracle: long-time (since 1988) Sun/Oracle veteran, still shining in an ever-changing high-tech universe


« July 2016