Wednesday Apr 20, 2016

Oracle Solaris VMs in the Oracle Cloud Compute Service

Over the past few months I've been helping to get Oracle Solaris available in the Oracle Cloud. In particular, the Oracle Cloud Compute Service is an Infrastructure as a Service (IaaS) offering that allows users to create VMs on demand using a self-service web portal. Not unlike OpenStack, users can choose from a variety of shapes based on the number of virtual CPUs (defined by Oracle CPUs) and memory to allocate to the VM. There are a number of pricing options from dedicated environments that are single tenant, unmetered and avoid any possible noisy neighbour effect, to shared, multi-tenant environments.

Creating a VM on the service is super easy and I've walked through a typical user experience at the following screencast:

To be consistent with the existing experience using the compute service with Oracle Linux, we've pre-configured a default opc user that you can use to log into your VM environment using your SSH public keys. We've made sure though that's we're also consistent with Oracle Solaris security best practices, so this user will be assigned the System Administrator privilege, and have access to the root role with an expired password of solaris_opc. We've also changed the default IPS publisher from the Oracle Solaris release repository to the support repository - since all users of the compute service will get a support entitlement to access the latest Support Repository Updates and file bugs against Oracle Solaris at no additional cost.

There's a couple of gotchas that are worth noting - in particular when you create a bootable storage volume separately to creating your VM instance. This is because the compute cloud service also supports the ability to create ephemeral storage volumes (storage volumes that are created and destroyed as you start and stop your VM). If you're wanting to update the VM with the latest SRU, you'll need to be careful during your instance creation, as shown in the following screencast:

So take the Oracle Cloud Compute Service for a spin! It's now extremely easy to launch new Oracle Solaris VMs there that you can use to run your application workloads and take advantage of all the unique, enterprise grade technologies in the platform.

Playing around with the Oracle Storage Cloud Service

As part of my work to bring Oracle Solaris into the Oracle Cloud Compute Service, I've had the opportunity to spend a little time playing around with the Oracle Storage Cloud Service. Put simply, this service provides secure, scalable object storage similar to other storage services out there such as Amazon S3 or Dropbox.

The documentation is pretty useful. Like most storage services, there's support for a variety of different interfaces - from a REST API, to a Java client library, and a number of 3rd party tools like OpenStack Swift.

In the rest of the blog, I'll demonstrate some of the basic operations you can do - for convience I'll log into a VM running Oracle Solaris in the Oracle Cloud:

$ ssh opc@X.X.X.X
Last login: Tue Mar 22 01:27:35 2016 from 121-73-133-192.
Oracle Corporation      SunOS 5.11      11.3    December 2015
opc@fa922d:~$ uname -a
SunOS fa922d 5.11 11.3 i86pc i386 i86pc
opc@fa922d:~$ virtinfo
NAME            CLASS     
xen             current   
non-global-zone supported 
opc@fa922d:~$ pkg info entire
          Name: entire
       Summary: entire incorporation including Support Repository Update (Oracle Solaris 11.3.4.5.0).
   Description: This package constrains system package versions to the same
                build.  WARNING: Proper system update and correct package
                selection depend on the presence of this incorporation.
                Removing this package will result in an unsupported system.  For
                more information see:
                https://support.oracle.com/rs?type=doc&id=2045311.1
      Category: Meta Packages/Incorporations
         State: Installed
     Publisher: solaris
       Version: 0.5.11 (Oracle Solaris 11.3.4.5.0)
 Build Release: 5.11
        Branch: 0.175.3.4.0.5.0
Packaging Date: January 14, 2016 09:32:35 PM 
          Size: 5.46 kB
          FMRI: pkg://solaris/entire@0.5.11,5.11-0.175.3.4.0.5.0:20160114T213235Z

We'll start by using the REST API. To find the service endpoint, we can log into the web portal and look at the REST Endpoint field as shown in the image below:

This gets us something like https://computepm.storage.oraclecloud.com/v1/Storage-computepm (which will include the identity domain that you're assoicated with). Once we have this, we can make a calls to the API based on a variation of this URL. We'll need to authenticate with the service first and get back a token that we'll use in subsequent REST calls. For that we'll need to set two headers: X-Storage-User and X-Storage-Pass, that is a combination of our identity domain, username, and password. In my case my identity domain is compute-pm and username is glynn.foster@oracle.com. Let's start by using curl with the verbose flags and defaulting to HTTP 1.0 (scroll the entries below to see the full content):

opc@fa922d:~$ curl -v -O -H "X-Storage-User: Storage-computepm:glynn.foster@oracle.com" -H "X-Storage-Pass: XXXXXXXX" https://computepm.storage.oraclecloud.com/auth/v1.0
*   Trying 129.152.32.56...
* Failed to set TCP_KEEPALIVE on fd 4
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0* Connected to computepm.storage.oraclecloud.com (129.152.32.56) port 443 (#0)
* successfully set certificate verify locations:
*   CAfile: none
  CApath: /etc/openssl/certs
* TLSv1.2, TLS handshake, Client hello (1):
} [174 bytes data]
* TLSv1.2, TLS handshake, Server hello (2):
{ [85 bytes data]
* TLSv1.2, TLS handshake, CERT (11):
{ [2861 bytes data]
* TLSv1.2, TLS handshake, Server finished (14):
{ [4 bytes data]
* TLSv1.2, TLS handshake, Client key exchange (16):
} [262 bytes data]
* TLSv1.2, TLS change cipher, Client hello (1):
} [1 bytes data]
* TLSv1.2, TLS handshake, Finished (20):
} [16 bytes data]
* TLSv1.2, TLS change cipher, Client hello (1):
{ [1 bytes data]
* TLSv1.2, TLS handshake, Finished (20):
{ [16 bytes data]
* SSL connection using TLSv1.2 / AES128-SHA
* Server certificate:
*        subject: C=US; ST=California; L=Redwood Shores; O=Oracle Corporation; CN=*.storage.oraclecloud.com
*        start date: 2015-08-07 00:00:00 GMT
*        expire date: 2016-10-05 23:59:59 GMT
*        subjectAltName: computepm.storage.oraclecloud.com matched
*        issuer: C=US; O=VeriSign, Inc.; OU=VeriSign Trust Network; OU=Terms of use at https://www.verisign.com/rpa (c)10; CN=VeriSign Class 3 Secure Server CA - G3
*        SSL certificate verify ok.
> GET /auth/v1.0 HTTP/1.1
> User-Agent: curl/7.40.0
> Host: computepm.storage.oraclecloud.com
> Accept: */*
> X-Storage-User: Storage-computepm:glynn.foster@oracle.com
> X-Storage-Pass: XXXXXXXX
> 
< HTTP/1.1 200 OK
< Date: Tue, 22 Mar 2016 02:31:44 GMT
< X-Auth-Token: AUTH_tk04c63cb4928e2aacb26f4506d6c9a331
< X-Storage-Token: AUTH_tk04c63cb4928e2aacb26f4506d6c9a331
< X-Storage-Url: https://us6.storage.oraclecloud.com/v1/Storage-computepm
< Content-Length: 0
< Server: Oracle-Storage-Cloud-Service
< 
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
* Connection #0 to host computepm.storage.oraclecloud.com left intact

We can see that we've successfully completed the authentication and the service has passed by a token indicated by the X-Auth-Token response header.

Within the storage service, we have a heirarchy of containers and objects. Containers is a user created resource and can hold any number of objects. An object is created typically when a file is uploaded to the service. Containers cannot be nested, but meta-data can be attached to both containers and objects to make searching and managing easier. To list the containers associated with my identity domain we call another API as follows:

opc@fa922d:~$ curl -0 -X GET -H "X-Auth-Token: AUTH_tk04c63cb4928e2aacb26f4506d6c9a331" https://computepm.storage.oraclecloud.com/v1/Storage-computepm
compute_images
compute_images_segments
incoming

We can list objects in the container by specifying the container we would like to query:

opc@fa922d:~$ curl -0 -X GET -H "X-Auth-Token: AUTH_tk04c63cb4928e2aacb26f4506d6c9a331" https://computepm.storagcloud.com/v1/Storage-computepm/compute_images
EBS1224-hadoop-seeded.img.tar.gz
Fedora-Cloud-Base-22-20150521.x86_64.tar.gz
JEOS_OL_6.6_10GB_RE-1.0.002-20141105-033705.tar.gz-1.2.400-20151103-170503.tar.gz
OVM_EL6U7_x86_64_EBSO_12.2.4_DB_PROD.tar.gz
...
s11_3_4_5_0-System.img.tar.gz

Let's try and download this Oracle Solaris image as follows:

opc@fa922d:~$ curl -O -X GET -H "X-Auth-Token: AUTH_tk04c63cb4928e2aacb26f4506d6c9a331" https://computepm.storage.oraclecloud.com/v1/Storage-computepm/compute_images/s11_3_4_5_0-System.img.tar.gz > s11_3_4_5_0-System.img.tar.gz
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100 1395M  100 1395M    0     0  88146      0  4:36:43  4:36:43 --:--:--  203k

Let's create a new container:

opc@fa922d:~$ curl -0 -X PUT -H "X-Auth-Token: AUTH_tk04c63cb4928e2aacb26f4506d6c9a331" https://computepm.storage.oraclecloud.com/v1/Storage-computepm/new-container
opc@fa922d:~$ curl -0 -X GET -H "X-Auth-Token: AUTH_tk04c63cb4928e2aacb26f4506d6c9a331" https://computepm.storage.oraclecloud.com/v1/Storage-computepm
compute_images
compute_images_segments
incoming
new-container

Let's push a new file into this container and verify it's there:

opc@fa922d:~$ curl -O -X PUT -H "X-Auth-Token: AUTH_tk04c63cb4928e2aacb26f4506d6c9a331" https://computepm.storage.oraclecloud.com/v1/Storage-computepm/new-container/new-file
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  1626    0     0  100  1626      0   3504 --:--:-- --:--:-- --:--:--  8424
opc@fa922d:~$ curl -0 -X GET -H "X-Auth-Token: AUTH_tk04c63cb4928e2aacb26f4506d6c9a331" https://computepm.storage.oraclecloud.com/v1/Storage-computepm/new-container
new-file

So rather than a raw set of HTTP requests, let's use something a little nicer. The Oracle Storage Cloud Service is compatible with the OpenStack Swift service, and so we can use the Python based swift client. We'll first need to install it into our VM:

opc@fa922d:~$ su -
Password: 
Oracle Corporation      SunOS 5.11      11.3    December 2015
root@fa922d:~# pkg install swiftclient
           Packages to install: 84
       Create boot environment: No
Create backup boot environment: No

DOWNLOAD                                PKGS         FILES    XFER (MB)   SPEED
Completed                              84/84     9622/9622    39.2/39.2  943k/s

PHASE                                          ITEMS
Installing new actions                   11229/11229
Updating package state database                 Done
Updating package cache                           0/0
Updating image state                            Done
Creating fast lookup database                   Done
Updating package cache                           1/1
root@fa922d:~# exit
opc@fa922d:~# which swift
/usr/bin/swift

To use the client, we'll need to set some environmental variables. Rather than setting the OS_* variables, we'll have to use the legacy ST_* ones for the 1.0 versioned API as follows:

opc@fa922d:~$ export ST_AUTH=https://computepm.storage.oraclecloud.com/auth/v1.0
opc@fa922d:~$ export ST_USER=Storage-computepm:glynn.foster@oracle.com
opc@fa922d:~$ export ST_KEY=XXXXXXXX

Now let's list the containers:

opc@fa922d:~$ swift list
compute_images
compute_images_segments
incoming
new-container

And list the objects of new-container:

opc@fa922d:~$ swift list new-container
new-file

We can get information about our file:

opc@fa922d:~$ swift stat new-container new-file
                  Account: Storage-computepm
                Container: new-container
                   Object: new-file
             Content Type: application/octet-stream;charset=UTF-8
           Content Length: 1626
            Last Modified: Tue, 22 Mar 2016 03:07:45 GMT
                     ETag: c3eaad86f6572bf9e52a9b0c16aa905c
            Accept-Ranges: bytes
                   Server: Oracle-Storage-Cloud-Service
               Connection: keep-alive
              X-Timestamp: 1458616064.51712
               X-Trans-Id: tx1f7a06307a7744909fe6a-0056f0b9b1ga
X-Last-Modified-Timestamp: 1458616064.51712

We can download a file as follows:

opc@fa922d:~$ swift download new-container new-file
new-file [auth 0.118s, headers 0.181s, total 0.181s, 0.026 MB/s]

Or upload a file into our container:

opc@fa922d:~$ swift upload new-container another-new-file
another-new-file
opc@fa922d:~$ swift list new-container
another-new-file
new-file

And finally, delete our container:

opc@fa922d:~$ swift delete new-container
another-new-file
new-file
opc@fa922d:~$ swift list
compute_images
compute_images_segments
incoming

Attaching and Detaching Storage Volumes in Oracle Cloud Compute Service

If you haven't spent much time on Oracle Solaris in the past few years you may be completely unaware that it has a completely different file system and volume manager. Gone are the days of struggling with disk configuration and setting up file systems. We have ZFS now and it's *amazing*. ZFS is a complete file system and volume manager with integrated data services such as encryption, compression and software RAID. It designed for the next generation data requirements such as big data in the cloud.

If you've signed up to the Oracle Cloud Compute Service you'll now be able to launch Oracle Solaris based VMs in this environment - an enterprise platform on demand. At some stage you'll probably want to create new storage volumes and attach them into your running instances. This is incredibly simple using ZFS, but to help you with the basics I've recorded two screencasts that might be of use.

Attaching Storage Volumes to Oracle Solaris VMs in Oracle Cloud Compute Service

Attaching and detaching storage volumes in Oracle Solaris VMs in Oracle Cloud Compute Service

So take an Oracle Solaris VM for a spin and let us know how you get on!

Tuesday Oct 27, 2015

New Oracle Solaris 11 Administration Handbook

One of the fun projects that I've worked on this year is co-writing a new Oracle Solaris 11 Administration Handbook with Harry Foxwell. I'm pleased to say that project has completed and the book is now available to buy at McGraw-Hill, Amazon, and on the shelves at the Oracle OpenWorld bookstore!

The book itself focused on Oracle Solaris 11.2 since it was the current release at the time, but is more than equally appropriate for Oracle Solaris 11.3 as well. I helped to write Chapter 3 on Lifecycle Management, Chapter 9 on Configuration Management, Chapter 10 Cloud and OpenStack, and content for a couple of other sections as well. The book also has an invaluable cheat sheet reference thanks to Joerg Moellenkamp. All in all, a very fun project to contribute to that I'm thankful for and nice to have a book to my name after years of writing about Oracle Solaris on the Oracle Technology Network.

Friday Oct 09, 2015

DevOps on Oracle Solaris 11

There's no doubting the popularity of the DevOps movement these days. We're seeing it in many of our customers as the need to move faster in their business becomes more important. More often than not, it's being combined with the move to cloud computing and self-service everything. The traditional application development model with infrastructural and organizational silos is dead....well, almost!

DevOps promotes an open culture of collaboration, merging these silos into central teams with a more agile development methodology. Everything from development to production is automated as much as possible, allowing applications to be continuously developed, built, and released into production. In this environment everything is monitored and measured allowing for faster feedback back into the development cycles, with many incremental changes over short time periods. While the key to success for a DevOps environment is really the work environment itself, we've certainly seen some changes to tools that have made such an agile methodology much, much easier.

Many folks connect DevOps with Linux on commodity x86 based systems in the cloud. Not necessarily so! In my latest technical article Automated Application Development and Deployment with DevOps on Oracle Solaris 11, I put a simple application pipeline together to demonstrate a typical DevOps environment on Oracle Solaris 11. In this article, we'll take a look at Git distributed version control, Apache Maven build automation tool, Jenkins continuous integration server, and Puppet configuration management. I'll also show some integration with IPS using a Maven IPS plugin to automatically generate new packages that can be quickly deployed on a successful test run.

Let me know what you think!

Wednesday Sep 09, 2015

Another OTN Virtual Sys Admin Day

Next week we'll be hosting our next Oracle Technology Network virtual technology summit event. This is an opportunity for folks to tune into a bunch of technical sessions, including content on DBaaS, Java, WebLogic, Oracle Solaris and ZFS storage, Puppet and Linux. For the Oracle Solaris session Duncan Hardie and I will be talking about some of the new things that we've introduced in Oracle Solaris 11.3, including OpenStack, Puppet and ZFS and how we're continuing to work to make Oracle Solaris a great cloud platform capable of both horizontal and vertical scale. Check out the rest of the agenda here.

We'll be running 3 separate events for different timezones - Americas, Europe and Asia/Pacific. Register now and join us!

Integrated technologies FTW

In the latest articles I've been writing, I've been trying to link some of the Oracle Solaris technologies together and show how they can be used for a more complete story. The nice thing about Oracle Solaris is that we really care about the integration between technologies - for example, Oracle Solaris Zones is pretty seamlessly linked with ZFS, the entire network space, IPS packaging, Unified Archives and SMF services. It's absolutely our point of differentiation, and it's a hell of a lot less frustrating an administration experience as a result. Linux really is a poor cousin that regard.

Which is why I was really thrilled to see Thorsten Mühlmann latest blog, Deploying automated CVE reporting for Solaris 11.3. He talks through how to provide regular reporting of CVE (Common Vulnerability Exploits) for his systems. Not only does he use the integrated CVE meta-data in IPS, a core part of our wider compliance framework, but he provides the integration in IPS and SMF to make this easily deployable across the systems he manages with Puppet. It's a really nice example of how to engineer things that are reliable, repeatable and integrated. Thanks Thorsten!

Tuesday Sep 01, 2015

Applying read-only protection with Immutable Zones

A while back, I wrote an article that focus on how you can achieve a secure and compliant application deployment from development, through test and production. This article took advantage of a number of Oracle Solaris technologies including Oracle Solaris Zones, Unified Archives, Immutable Zones, Automated Installer and the integrated compliance framework.

We've had a number of customers get really excited by Immutable Zones and being able to lock down their environments. Not only does this provide an additional layer of security, but also protects against the potential cost of human error and ensures that organisations can meet their compliance requirements routinely. Darren Moffat and Casper Dik have already written great blog entries on how to do this, but I've also recently published another How-To article on Applying read-only protection with Oracle Solaris Immutable Zones. In this article we cover immutable non-global and global zones, and show how we can make administrative changes such as applying critical security fixes using the Trusted Path. Hope you find it useful!

Friday Jul 31, 2015

Secure Remote RESTful Administration with RAD

I've written before about the work we've been doing to provide a set of programmatic interfaces to Oracle Solaris using RAD. This allows developer and administrators to administer systems remotely over C, Java, Python and REST based interfaces. For anyone wanting to get their hands dirty, I've written a useful article: Getting Started with the Remote Administration Daemon on Oracle Solaris 11.

One of the areas I didn't tackle in this initial article was providing secure REST based administration interfaces over TLS. Thanks to the help of Gary Pennington, we now have a new article: Secure Remote RESTful Administration with RAD. In this article we'll use the automatically generated self-signed certificates, but this could be easily changed to point to certificates that have been signed by a Certificate Authority.

With the various announcements that we've been making recently about Oracle joining the Open Container Initiative and bringing Docker into Oracle Solaris, we're in a great position of being able to design a platform to handle the next wave of cloud deployment and delivery - whether that's traditional enterprise applications or micro services. We see the huge advantage of streamlining IT operations and facilitating methodologies such as DevOps, and it's time to take Oracle Solaris into that next wave.

Monday Jul 13, 2015

Periodic and scheduled services with SMF

With the release of Oracle Solaris 11.3 Beta last week, we've introduced a metric ton of new features. I'm really excited by the direction Oracle Solaris has been taking ad we continue to modernise the platform, include software administrators and developers are using on other platforms, and generally ensure we're ready to support the next generation of applications and infrastructure. If you've not really been following along, I'd strongly suggest you download Oracle Solaris 11.3 and have a play.

Back in 2005, we took the brave step to move away from /etc/init.d and introduced the Service Management Facility (SMF) as the main way to manage application and system services. SMF provided us with automatic service dependencies, central logging, structured configuration management, reliable application restart in the event of hardware or software failures as part of the overall fault management architecture in Oracle Solaris, and a much, much easier way of administering services. Better still, we converted all the system services over to SMF straight away and improved startup performance as we could now graph service dependencies and identify issues. You can under estimate the significance of this work, especially if you've read the turbulent history of systemd.

That was then, and this is now. One of the exciting enhancements in Oracle Solaris 11.3 relates to SMF, the introduction of the periodic and scheduled services. In another bold move, we're hoping to knock cron off it's block. There's no doubt cron is a foundation of scheduling in UNIX and Linux environments, and will be for years to come. But with scheduled SMF services we take all the ability of cron and combine them with all the benefits of SMF.

Creating an SMF periodic service is easy, with a simple addition to your SMF manifest to describe a periodic method (or using svcbundle):

<periodic_method
    period='600'
    delay='30'
    jitter='60'
    exec='/usr/local/bin/db_check'
    timeout_seconds='0'>
    <method_context>
        <method_credential user='oracle' group='dba' />
    </method_context>
</periodic_method>
In the above snippet, we can see that we're executing /usr/local/bin/db_check every 10-11 minutes (as indicated by a jitter attribute of 60 seconds) with a maximum of 30 seconds delay after the service has been transitioned to the online state. We've also given it a method credential to run the script as the oracle user with dba group. The svc:/system/svc/periodic-restarter:default service instance will be responsible for restarting this service periodically.

Scheduled services are services that are run at a specific time, perhaps at an off-peak time. Similarly these are easy to create with a simple addition to your SMF manifest (or again by using svcbundle):

<scheduled_method
    interval='day'
    hour='2'
    minute='0'
    exec='/usr/local/bin/db_backup'
    timeout_seconds='0'>
    <method_context>
        <method_credential user='oracle' group='db' />
    </method_context>
</scheduled_method>
In the above snippet, we can see that we're executing /usr/local/bin/db_backup every day at 2am (as indicated by the hour and minute attributes). In this case the frequency is set as a default value of 1, meaning that we will run this every day. Like the previous example, we have given it a method credential to run the script as the oracle user with dba group. The svc:/system/svc/periodic-restarter:default service instance is also responsible for ensuring this services runs to its defined schedule.

One of the outstanding gaps with the Image Packaging System (IPS) was the ability to associate cron jobs during package install time by locating . Some other platforms have solved this with the introduction of /etc/cron.d using a process of self-assembly of the system's cron entries. We don't support this ability with the cron version included in Oracle Solaris 11. But now using periodic or scheduled services, administrators can simply install their SMF manifests into /lib/svc/manifest/site and restart the svc:/system/manifest-import:default service instance. You can achieve this with an IPS manifest fragment that uses an IPS actuator similar to the following:

file lib/svc/manifest/site/db-backup.xml \
    path=lib/svc/manifest/site/db-backup.xml owner=root group=sys \
    mode=0444 restart_fmri=svc:/system/manifest-import:default

So take the plunge and move your cron entries over to SMF today - you'll not regret it! Our plan is to convert the existing system cron entries over in future releases. For more information, see the following chapters in the excellent Oracle Solaris 11.3 Product Docs:

Wednesday Jul 08, 2015

Remote Administration with RAD and Oracle Solaris 11

As organisations look for increased agility in their IT operations, many are turning towards more cloud like environments with shared compute, network and storage, and the ability for self-service users to quickly provision new virtualised environments on demand. With this increased virtualization sprawl, it's imperative to have a set of tools to allow administrators to effectively manage these environments, ensure they remain highly available, secure and observable.

There's hundreds of tools that have been created to help administrators manage their environments more effectively. Many tools such as Puppet and Chef, have inspired administrators to shift legacy enterprise management models over towards more rapid, agile and 'dev ops' like models. In Oracle Solaris 11, we've worked hard to modernise the operating system to adapt to this change and transform it into a highly capable cloud platform. We've included tools like Puppet as a response to customer demand, but we've also created our own - in this case RAD.

RAD (or Remote Administration Daemon) provides a set of programmatic interfaces to allow administrators to manage Oracle Solaris 11 subsystems using Python, C, Java, and RESTful APIs. RAD is also intended for developers as a complete development framework for creating their own custom interfaces to manage systems. I've written a getting started article that covers the basics of RAD, including some examples of using a few of the Oracle Solaris RAD modules. RAD is a very strategic technology for us because it provides a standardised set of interfaces to allow Oracle and other 3rd parties to write their own management interfaces on top of RAD. In fact we've already used RAD extensively in our port of OpenStack to Oracle Solaris.

Getting Started with the Remote Administration Daemon on Oracle Solaris 11.

Oracle Solaris 11.3 Beta Now Available!

We've done it again! Oracle Solaris 11.3 beta has been released today! The beta program is a great opportunity to download the latest release, try it out, and give us some feedback.

We've crammed in hundreds of new features into this release including some of my favourites: an updated OpenStack distribution (Juno), live migration support for Oracle Solaris Kernel Zones and hosting them over NFS using shared storage, bigger compression ratios with LZ4 support in the ZFS file system, PVLAN support, REST APIs and additional RAD modules (see here), Hiera to allow easy variable substitution in your Puppet manifests, faster Oracle Database 12c startups and SGA resize with Optimised Shared Memory, and everything that goes into supporting Oracle's next generation systems based on the SPARC M7 processor including Application Data Integrity (ADI) that helps prevent illegal memory access during a malicious attack.

There's a lot more, so I'd encourage you to check out the Oracle Solaris 11.3 Beta What's New and see for yourself.

Wednesday Apr 29, 2015

Managing Oracle Solaris systems with Puppet

This morning I gave a presentation to the IOUG (Independent Oracle Users Group) about how to manage Oracle Solaris systems using Puppet. Puppet was integrated with Oracle Solaris 11.2, with support for a number of new resources types thanks to Drew Fisher. The presentation covered the challenges in today's data center, some basic information about Puppet, and the work we've done to integrate it as part of the platform. Enjoy!

Wednesday Feb 25, 2015

New Solaris articles on Oracle Technology Network

I haven't had much time to do a bunch of writing for OTN, but here's a few articles that have been published over the last few weeks that I've had a hand in. The first is a set of hands on labs that we organised for last year's Oracle Open World. We walked participants through how to create a complete OpenStack environment on top of Oracle Solaris 11.2 and a SPARC T5 based system with attached ZFS Storage Appliance. Once created, we got them to create a golden image environment with the Oracle DB to upload to the Glance image repository for fast provisioning out to VMs hosted on Nova nodes.

The second article I teamed up with Ginny Henningsen to write. We decided to write an easy installation guide for Oracle Database 12c running on Oracle Solaris 11, covering some of the tips and tricks, along with some ideas for what additional things you could do. This is a great complement to the existing white paper, which I consider an absolute must read for anyone deploying the Oracle Database on Oracle Solaris.

Enjoy!

Friday Aug 15, 2014

Mirroring IPS repositories

Out of the many changes introduced in packaging with the Oracle Solaris 11.2 release, one of really good ones was the introduction of a repository mirroring service. This provides administrators with an easy, automated way of mirroring repository contents. For example, let's say you had a package repository set up locally that was serving the clients in your data center. While we provide a few different ways to sync up the contents of this repository with the Oracle Solaris 11 support repository hosted by Oracle through the pkgrecv utility or incremental ISO images, it's a pretty manual process. Now it's a case of simply configuring and starting an SMF service, svc:/application/pkg/mirror:default.

I've written a short article on this new IPS feature - How to Set Up a Repository Mirroring Service with the Oracle Solaris 11 Image Packaging Service.

You'll also notice that I also include a sneaky mention of pkg exact-install, another new feature that allows administrators to essentially reset a system to a known software boundary. Bart Smaalders has already covered this in a great blog post.

About

To learn more about Oracle Solaris 11, check out an extensive list of resources including technical articles, cheat sheets and screencasts on Oracle Technology Network

Search

Archives
« May 2016
SunMonTueWedThuFriSat
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
    
       
Today