X

Recent Posts

General

Release of Oracle Solaris 11.3 Beta

Today is a very exciting day for the Solaris team: This morning we've released a beta for Solaris 11.3, less than a year after we released Solaris 11.2. With Solaris 11.2 we turned Solaris into a comprehensive cloud platform which includes virtualization, SDN and OpenStack. Since the release of Solaris 11.2 we've seen a rapid uptake of these new capabilities: A lot of customers a using Unified Archives for deploying their images, are taking advantage of the immutable root-file system, have started to deploy Kernel Zones and OpenStack and take advantage of the automated compliance reporting. The latter has become a lot easier since we are tracking the CVE meta data with IPS. We are getting a lot of good feedback on OpenStack: We recently even received a big compliment from one of the senior architects of one of our OpenStack competitors: He said that Solaris provides the best integration for OpenStack since the OpenStack services are mapped to the Solaris service management facility (smf) which provide automated restarting capabilities for all of the OpenStack services and since we've also tightly integrated it with our role-based access control capabilities in order to limit the privileges required for administering OpenStack. Solaris 11.3 is taking things to the next level by making Solaris the most advanced enterprise cloud platform. We are introducing a number of critical enhancements in the following areas:1. Security and Compliance: x Verified boot for Kernel Zonesx BSD Packet Filterx Tailoring of compliance policies2. Virtualization:x Secure (encrypted) live migration of Kernel Zonesx Zones on Shared Storage via NFSx Live reconfiguration of I/O resources3. OpenStack: There are a number of major enhancements:x Automated upgrades to the newer versions of OpenStackx Support for orchestration of services (Heat)x Support for bare metal provisioning (Ironic): This is already in S11.3 but not yet in the betaWe are also working on integrating DBaaS with Trove and Murano. On the latter I had provided an overview at the Vancouver OpenStack Summit back in May.4. Networking: x Private VLANsx Flows support for DSCP Marking 5. Deep integration with the Oracle stack, for instance: x Up to 6x faster DB restart and shut-down by leveraging the latest Virtual Memory Management(VM2) capabilitiesIn addition to that we are providing early access to the Free and Open Source Software (FOSS) components that we are shipping with Solaris.Of course these are just some of the highlights, there are a ton of other enhancements. Have fun exploring Solaris 11.3!Markus

Today is a very exciting day for the Solaris team: This morning we've released a beta for Solaris 11.3, less than a year after we released Solaris 11.2.With Solaris 11.2 we turned Solaris into a...

General

Oracle Solaris and OpenStack at Oracle Open World 2014

Another busy Oracle Open World week is over: For me this one was the busiest and most successful one ever. We had a record number of Solaris and OpenStack sessions. I've personally set a new record for the number of customer, analyst and partner meetings. In a lot of the sessions we had customers and partners co-present on the benefits they are seeing with the latest Solaris 11.2 features. It all started on Sunday with Larry Ellison's Keynote where he highlighted Oracle's focus on Cloud and the large portfolio of cloud offerings that Oracle now provides. Larry also provided a preview of the new features that the M7 processor is going to introduce next year. Aside from doubling the cores and increasing the clock speed it will also introduce a bunch of cutting edge Software in Silicon features which not only provide significant performance and efficiency gains for the Oracle DB, but also introduces the Application Data Integrity (ADI) feature which allows developers to write more stable code C and C++ code and also protects the Oracle DB as well as other applications from attacks like Heartbleed. This new capability in particular raised a lot of interest among customers and I got a lot of questions throughout the week. In my General Session I started out by highlighting how Solaris has evolved from a Server OS to a comprehensive cloud platform which includes the OS, the virtualization, the Software-Defined Networking (SDN) as well as a full distribution of OpenStack. The increased investment that Oracle is putting into Solaris has allowed us to drastically increase the pace of our development. With Solaris 11.2 we are seeing customers deploying Solaris at a large scale achieving productivity gains up to 16x compared to equivalent Redhat environments. Solaris 11.2 also helps customers keep their environment in compliance and allows them to automate their compliance reporting. See our Solaris site for more details. I also talked about the rapid market share gain that we are now seeing vs. IBM: In Q2 of fiscal 2014 SPARC/ Solaris gained 6.1% market share measured in WW revenue in the RISC/ UNIX market while AIX/Power lost 4.6%. This was the 4th quarter in a row where we gained market share. Not only is SPARC/Solaris winning over AIX/Power, we are increasingly seeing customers moving their workloads over from RHEL/ x86 environments.One of those customers is Morgan Stanley: I was very excited that Robert Milkowski from Morgan Stanley could join me and talked about their increased use of Solaris. He described how moving their OpenAFS environment over from Redhat to Solaris has allowed them to compress their data from 7 PB down to 2PB with huge savings for the firm. By taking advantage of the compression in ZFS they are able to reach compression rates between 3 and 20 while achieving better reliability and availability. He also described how the simplified life cycle management in Solaris 11 has allowed them to automate most of their patching. They have moved some of their in-house software into IPS resulting in additional simplification of their application life cycle management. They are also expanding the use of Solaris into their Sybase and KDB environment. Not only are we seeing a lot of momentum with customers, we are also seeing the Solaris ecosystem expanding: At the end of my session I was joined by Robert Jenkins, CEO of CloudSigma who announced the launch of their Solaris IaaS offering on both SPARC as well as x86. CloudSigma is seeing a lot of interest from customers in Solaris-based IaaS given the unique security as well as compliance capabilities that Solaris now offers. Leveraging the new kernel zones virtualization in Solaris 11.2 allows them to provide the highest levels of performance, security, compliance and availability.A lot of the other Solaris and OpenStack sessions also had customers and partners presenting. For instance, Chris Riggin from Verizon talked about their private cloud offering and their plans for OpenStack. Chris also described how their use of Solaris zones allows them to provide highly available Solaris IaaS at a significantly lower cost than RHEL/ VMware/ x86.We no longer look at it as just a mere OS, we now look at it as a comprehensive cloud platform: OS + OS Virtualization + SDN + Storage Virtualization plus Cloud Management tools, configuration, compliance reporting etc. all in one! It doesn't make sense to compare Solaris against RHEL, that's like comparing a spare part vs. a full solution. Solaris is the ideal platform for any kind of SaaS, PaaS (Oracle DB, Oracle Middleware, Oracle Java) as well as IaaS.I also shared some examples of what we are currently focusing on:1. Kernel Zones: There are a number of enhancements that are currently in the works, e.g. live migration.2. Zero Downtime Patching: This is very critical for customers who want to minimize their planned downtime. I frequently hear from customers that they are struggling to find the time to apply critical security fixes while meeting their uptime targets. We are working on enabling them to satisfy both of these requirements at the same time. 3. OpenStack: Solaris 11.2 provides all of the infrastructure required for IaaS. Our current focus is on going upstack and providing DBaaS as well as PaaS capabilities. In addition to that we are also working on additional automation of the undercloud deployment incl. configuration and authentication.4. Cloud Analytics: As customers are moving from a first generation cloud environment which still required a lot of manual intervention to a next generation cloud which includes Software Defined Networking and Storage, it becomes absolutely critical to have rich analytics capabilities that provide both high-level views of their environment, but also allow them to dig deep into each of their sub components if necessary. This is something that we are heavily investing in currently. Not to mention the 100s of other projects that I haven't listed here.Solaris is on a mission to kick butt! More to come...Markus

Another busy Oracle Open World week is over: For me this one was the busiest and most successful one ever. We had a record number of Solaris and OpenStack sessions. I've personally set a new...

General

Solaris on Pluribus Networks' Server Switches

While there has been a lot of talk about Software Defined Networking (SDN) the reality is that enterprise customers are still struggling to figure out how to make use of the existing solutions. Scalability in particular is a huge problem, both in terms of throughput performance as well as scalability across a large number of physical nodes. As I had mentioned in my Oracle Open World blog a couple of months ago, Solaris will be introducing a number of interesting Software Defined Networking (SDN) capabilities in this space later this year. Back in 2011 Solaris 11 introduced a number of cutting edge network virtualization capabilities in Solaris itself: The re-architecture of our L2 networking provides 1. Isolation of networking traffic using vNICS, 2. Resource Control for the networking traffic using flows 3. Virtual Networking services like load balancing, routing and fire walling as well as fine-grain stats (dlstat and flowstat) for everything that's going on in this virtual environment. All of this at near zero performance overhead and fully integrated with the Solaris zones and OVM virtualization (aka ldoms). With S11.2 we will be introducing a distributed virtual switch which means we are breaking down the limitation of a single Solaris instance and we will allow customers to create these virtual network across physical nodes. In this context we have been working with Pluribus Networks for a while and they have just certified Solaris 11 on their Freedom series Server-Switch platform. Instead of treating network devices as a black box they now become accessible to a Solaris administrator. Virtual Network Services can now be dynamically re-provisioned onto the network switch. Pluribus Networks' Netvisor which runs on Solaris 11 allows customers to get a detailed view of all of the flows in the network. With the release of Solaris 11.2 we'll have OpenStack available as a first-class citizen of Solaris to manage the compute, the network and the storage resources of a Solaris-based cloud. More details under: http://www.oracle.com/us/corporate/press/2132552 orhttp://www.4-traders.com/news/Pluribus-Networks-Integrates-Netvisor-Software-and-Freedom-Server-Switch-Platforms-With-Oracle-Solar--17908385/Very cool! Markus

While there has been a lot of talk about Software Defined Networking (SDN) the reality is that enterprise customers are still struggling to figure out how to make use of the existing...

General

Oracle now Corporate Sponsor of the OpenStack™ Foundation

I'm very excited that Oracle is now a Corporate Sponsor of the OpenStack™ Foundation. My team is getting close to code complete for making OpenStack™ work with Solaris. The initial plan is to integrate the Nova Compute, the Neutron Network and the Cinder Block Storage modules into Solaris and contribute the changes back to the upstream OpenStack™ code base. This will allow customers to use OpenStack™ to manage Solaris-based clouds, taking full advantage of the stability, efficiency, performance, scalability and security of Solaris. The initial focus will be on managing Solaris Zones as well as Kernel Zones which we are planning on releasing next year together with OpenStack. As a follow on we'll integrate additional OpenStack modules like the Swift. Since the release of Oracle Solaris 11 in November of 2011 over 4,000 customers have gone into production word-wide and run a wide range of different workloads on Solaris based IaaS, PaaS and SaaS clouds. This includes Oracle Corporation which runs a range of workloads including mission-critical ones like its Global Single Instance of its E-Business Suite on Solaris 11 based Oracle SuperCluster. Oracle Solaris provides industry-leading security, performance, scalability and observability for cloud-based deployments allowing customers to run their most demanding enterprise applications in private or public clouds. In addition to that Oracle Solaris provides a superior solution for providing cloud infrastructure through the combination of differentiating technologies such as:- ZFS with superior compression, deduplication and Copy-on-Write functionality- DTrace observability- Low risk, simplified infrastructure life cycle management with patch rollback- Zero overhead zones virtualizationMore details under: http://www.oracle.com/us/corporate/press/2079843Markus

I'm very excited that Oracle is now a Corporate Sponsor of the OpenStack™ Foundation. My team is getting close to code complete for making OpenStack™ work with Solaris. The initial plan is...

General

Impressions from Oracle Open World 2013

4 days of Oracle Open World are over now, one more to go! As always, I've had a super-busy week with over 2 dozen customer meetings and 1/2 dozen analyst meetings, not to mention partners and internal colleagues. Oracle Open World is by far my most productive week of the year and I thrive on that! The best summary of the last week is what I heard from one of the analysts from a major analyst firm: "We are seeing the Renaissance of SPARC and Solaris".It all started on Sunday with a customer advisory board in the San Francisco office. Some of my technical leads and I spent 1/2 day with key customers reviewing our key investments and getting their feedback on those. One of the customers gave a talk on their self-provisioning IaaS and PaaS cloud taking advantage of the latest S11 features. They are using a combination of Solaris zones as well as OVM SPARC in order to achieve super-high compression rates and drive the cost/VM well below what they can get with RHEL and VMWare on x86 hardware. Not to mention all of the other benefits of Solaris like higher up-time, security, super-efficient patching etc. Later that day I went to Larry Ellison's Opening Keynote. Larry did a great job highlighting how the new In-Memory capabilities of Oracle DB 12c will be taking advantage of the 32TB of DRAM that the newly released M6-32 has to offer. 3,072 threads on 384 cores! When we initially tested the Oracle DB on this large machine it took 2800s to fill a 30TB SGA when running Oracle DB 11g on S11.1. Working closely with the Oracle DB team we have been able to get this down to about 130s now! That's a 21x speed-up! We had to do a whole bunch of work on both sides to accomplish that! During my general session on Monday I started out by highlighting the accelerated pace of product development at Oracle reflected by the long list of new product releases since last year's OOW: Solaris 11.1 in October, the T5/M5-based systems in March, the refresh of SuperCluster to T5-8, the release of ZS3 (aka ZFSSA) in early September, the release of the M6, the M6 SuperCluster as well as the T5-8 Exalytics at OOW - what a line-up of new products in just 12 months! A great testament to the increased investment that Oracle is putting into the former Sun products! I continued to talk about the increased customer momentum behind Solaris 11 and our latest SPARC hardware. We now have over 4,000 customers running on Solaris 11. Allied Irish Bank is a great example: They consolidated a bunch of older Oracle databases running on older HP Itanium as well as IBM Power boxes onto Oracle DB 11gR2 on Solaris 11 and SPARC. This has allowed them to not only achieve consolidation rations of 10:1, but also provision 10x faster now. We also have a number of good examples of customers moving their RHEL/ VMWare/ x86 estate over to Solaris 11 and the latest SPARC hardware, increasing customer response times by 50% and getting 2x the performance out of the same number of Oracle licenses. Aside from external customers we also have Oracle IT as a major customer: Oracle currently runs its Global Single Instance of E-Business Suite on a SuperCluster taking advantage of all of the optimizations between the Oracle DB and Solaris as well as SPARC. So far they haven't seen any outages at all (I'm keeping my fingers crossed so I won't get woken up at 2 in the morning :-) ). Oracle IT is in the planning to switch over to the latest M6 SuperCluster over the next few months. Then Mike Montemorano from Verizon Wireless joined me. He did an excellent job explaining why Solaris is strategic for Verizon Wireless: Mike explained how Verizon Wireless has grown their number of physical SPARC servers by almost 50% over the past 4 years and the number of Solaris VMs by 5x. They recently deployed 30 T5-8s and 15 T5-4s to run their mission-critical IaaS cloud. Aside from pure economics he said that their mean time to resolution (MTTR) is 4-8x faster on Solaris compared to other platforms. I continued to talk about Solaris futures: Over the past couple of years we have greatly expanded the way we think about Solaris. We no longer look at it as just a mere OS, we now look at it as a comprehensive cloud platform: OS + OS Virtualization + SDN + Storage Virtualization plus Cloud Management tools, configuration, compliance reporting etc. all in one! It doesn't make sense to compare Solaris against RHEL, that's like comparing a spare part vs. a full solution. Solaris is the ideal platform for any kind of SaaS, PaaS (Oracle DB, Oracle Middleware, Oracle Java) as well as IaaS. Here are some of the highlights of what's coming in the next release: 1. kernel zones: With kernel zones customers will have to option to run different kernel patch levels across different zones while maintaining the simplicity of zones management. We'll also be able to do live migration of kernel zones. All of that across HW platforms, i.e. kernel zones will be available on both SPARC as well as x86. Key benefits of kernel zones: x Low overhead (Lots of optimizations because we run Solaris on Solaris)x Unique security features: Ability to make them immutable by locking down the root file systemx Integration with the Solaris resource management capabilities: CPU, memory, I/O, networkingx Fully compatible with OVM SPARC as well as native and S10 branded zonesx Comprehensive SDN capabilities: Distributed Virtual Switch and VxLAN capabilities2. Unified Template Builder: This will allow customers to go from any-to-any of the following: Bare metal, OVM, kernel zone, native zone. For instance: You'll be able to take a zones image and re-deploy it as a bare metal image, kernel zone or ldom. Or vice versa! Pretty powerful, huh? Unified templates also provide us with a great foundation to distribute key Oracle applications as a shrink-wrapped, pre-installed, pre-tuned an configured image where customers can specify at install time whether to turn them into a bare metal image, a zone, a kernel zone or an OVM. 3. OpenStack and Puppet: We are planning on integrating both of these into Solaris. This will allow customers to seamlessly integrate a Solaris/kernel zones or zones or OVM environment with other OpenStack platforms. I concluded by highlighting some of the differentiating features we are now available in Oracle DB 12c when running on Solaris 11.1: x Zero-downtime DB re-sizing x Full-stack analytics: Running on Solaris allows DBAs to quickly identify I/O outliers. For more details check out: https://blogs.oracle.com/solaris/entry/database_12c_and_solaris_dtracex RAC lock off-load into Solaris kernel: This reduces latency by about 30-40%. Not to mention the 100s of other features and improvements that I won't even mention here. Solaris is on a mission to kick butt! More to come...Markus

4 days of Oracle Open World are over now, one more to go! As always, I've had a super-busy week with over 2 dozen customer meetings and 1/2 dozen analyst meetings, not to mention partners and internal...

General

Solaris at OOW 2013

I'm looking forward to Oracle Open World in a couple of weeks from now. It's always a super-productive time for me where I get to interact with a large number of customers and partners in and end up learning a lot about how they use our products and which direction they are going. There will be a number of sessions as well as Hands-on Labs specifically focused on Solaris. During my keynote on Monday at 12:15pm I'll have an executive from a major US mobile provider joining me and talking about how they are taking advantage of Solaris 11 and the latest T5 hardware to run their IaaS cloud. I'll be talking about how we are taking Solaris from a traditional server OS to a full-fledged cloud platform which also includes the OS virtualization, the network virtualization/ SDN and also the integration with Storage. I'll also cover how we are leveraging industry-standard cloud management solutions for running Solaris-based SaaS, PaaS and IaaS clouds. Last but not least I'll be talking about some of the investments we are making to ensure that Solaris/SPARC is the best platform for Oracle, not just from a performance, but also from an observability, reliability as well as administrative point of view.You can find a more complete overview of all of the Solaris-related events at OOW here: https://blogs.oracle.com/solaris/Hope to see you there!Markus

I'm looking forward to Oracle Open World in a couple of weeks from now. It's always a super-productive time for me where I get to interact with a large number of customers and partners in and end up...

General

Crossbow BOF and hands-on workshop

Next week is going to be very exciting for me, Sun will have its big developer conferences, CommunityONE and JavaONE at the Moscone Center in San Francisco. Crossbow will be one of the main features discussed during John Fowler's keynote on Monday, June 1 at 9am and Sunay Tripathi is going to do a talk on Crossbow at 2:40pm, see Agenda .On Tuesday, June 2 at 5:30pm we'll then do a Birds of a Feather session at the Intecontinental Hotel right next to the Moscone Center. We'll have several early adopters describe their use cases and experience with Crossbow. All of the Crossbow engineers are going to be present and will be available to answer any questions and would like to hear your feedback. Right after the BOF, at around 7:30pm we'll do a hands-on workshop where participants can get started with creating virtual networks right then and there. Here are some more details: Introduction - Jeff Jackson, Sr. VP of Solaris (5 min)Overview of Crossbow and Open Networking - Sunay Tripathi and Nicolas Droux, Crossbow architects (20 min)Customer use case 1 - Xiaobo Wang, Francesca Puggioni, Veraz Networks (20 min)Customer use case 2 - Ben Rockwood, Joyent (20 min)Customer use case 3 - Richard Newman, Reliant Security (20min)Informal Q&A and discussion (40min)Starting at around 7:30pm:Hands-on Workshop - build your own virtual network on your laptop (60min)More details under: http://wikis.sun.com/display/OpenSolaris/Crossbow+BoF+at+CommunityOne+WestHope to see you there,Markus

Next week is going to be very exciting for me, Sun will have its big developer conferences, CommunityONE and JavaONE at the Moscone Center in San Francisco. Crossbow will be one of the main features...

General

Crossbow, quo vadis?

Sorry for showing off with my high school Latin here. Don't worry, that's about all I can remember. As I had mentioned in my blog about "Crossbow available on OpenSolaris", the Crossbow team has spent a lot of time last week on planning out the next projects to work on. With our push into Nevada in early December which became available in OpenSolaris in early January we now have a really powerful framework in place that allows not only really sexy network virtualization functionality, but also a highly scalable and performant networking stack. While we have already seen some significant latency reductions as well as improvements in Specweb throughput, I strongly believe that we can get quite a bit more performance out of the framework and also easily add more bells and whistles. While I'm not allowed to give out specific delivery dates on my blog (sorry, company policy), I'm still able to describe what' on our top priority list:Performance: 1. Better management of interrupt distribution: Our current interrupt distribution mechanisms are simply inadequate since they don't understand the concept of dynamic interrupt switching that Crossbow introduces, i.e. the ability to switch between interrupt and polling2. Dealing with NUMA: This is rather critical with growing the number of CPUs/chip going forward3. Scalability for SW classification: There is some potential for improvement there4. Move buffer mgmt into GLD: Right now the buffer management happens within the drivers. Moving the control point into the stack allows us to do a much better job of doing that. 5. Since IP Forwarding is going play a more important role for us in the future we are playing iwth the idea of creating a fast path for forwarding Features:1. Support of additional HW classification features x L2/L3: Combination of MAC address, VLAN, transport and FCOE x L4: Services, connections2. Additional integration with zones: There is some low hanging fruit here that would make it a lot easier for our zones users to create VNICs and specify bandwidth limits3. Integration with SR-IOV: This is also a rather obvious one that will give us better performance in a OS virtualized environment4. Analytics/ stats/ APIs: Both intra-stack as well as inter-machine x Utilization of MAC address slots x netstat/dladm stats per Rx/Tx ring basis x Soft ring stats: packets/sec, chain lengths x aggr multilevel reporting (unified + per port basis) x workload type on per link basis (link property) Aside from that we are also going to make the GLDv3 APIs public now that we have made the changes necessary for Crossbow. Anyhow, a lot to do, the right way to approach this is the right attitude: Yes, we can!Cheers,Markus

Sorry for showing off with my high school Latin here. Don't worry, that's about all I can remember. As I had mentioned in my blog about "Crossbow available on OpenSolaris", the Crossbow team has spent...

General

How to save on your commission when buying or selling a home

I'm starting to realize that the only thing I ever blog about is my work. Of course this is a big part of my life, but there are other interesting subjects that people may find useful. Especially here in the bay area I've found a lot of people complaining about the high real estate commissions that they end up paying when buying or selling a home. Of course this is a function of the ridiculously high prices that people end up paying when they buy houses. Just to put things in perspective, paying USD 1 million for a rather modest house in a good school district like Palo Alto or Menlo Park is nothing unusual here - welcome to the Bay Area! Since the commissions are a percentage of the value of a home the amount of commission goes up to some really high numbers: Typically a seller pays 5-6 % of commission, that equates to 50-60K in commission for the two realtors involved. When we bought our house a couple of years ago my wife and I already knew where we wanted to live and had even picked out the house by ourselves. So I didn't need the services of a buyer agent and tried to save the 3% buying agent commission. However, the house we wanted (and all the others that we had previously looked at) had their contract written such that a buying agent was required. The whole real estate industry seems like a big cartel to me and I wasn't willing to pay that much money for that little service that I required - call me a stingy German if you like. I looked around and the best I could initially find was ZipRealty who was willing to refund 20% of the 3% commission, that still leaves USD 24K for the buying agent for essentially helping me fill out some paperwork. After lots of searching around I finally found the following web site that allows you to let realtors bid down their commission, pretty cool really: www.homecommission.com Through that I found a buying agent who was willing to refund 70% of his commission to me, a nice chunk of money really! The bottom line: I guess I'll be a bit more picky when it comes to selling my house, since the right pricing and the right marketing can make a difference. But when it comes to buying a house I think paying the full commission when you pretty much know what you want is just a total waste of money - my 2 cents.Markus

I'm starting to realize that the only thing I ever blog about is my work. Of course this is a big part of my life, but there are other interesting subjects that people may find useful. Especially...

General

Crossbow available on OpenSolaris

FINALLY - Crossbow phase I is now available as IPS packages. Even though Crossbow was already integrated into build 105 of what we call Nevada (the code name for Solaris.Next), it took a while to convert it to IPS. The team has been slaving away for several months now, completing, testing and bug fixing the code that had already been available as a beta since March '08. It's quite amazing how much more effort goes into our code once you think you are done before the Solaris gate keeper agrees with that statement. Our test matrix is huge, we were testing various x86 and SPARC HW, various NICs on those drivers, we were testing Crossbow with Solaris Containers, with xVM, with ldoms, you name it. The result has paid off: We have only found a couple of minor bugs that we were able to fix instantly. With phase I we are making the core Crossbow framework available: Virtual NICs, flows and the ability to do resource control for those. There are a lot of interesting use cases as I already described in my previous blog about the beta release blog: http://blogs.sun.com/markusflierl/entry/crossbow_beta_is_out For more details check out the Crossbow web site on OpenSolaris. Here is where you can download the latest packages: On http://pkg.opensolaris.org/dev/en/index.shtml, go to "Browse packages", go to the pull-down menue and pick the latest build of OpenSolaris.We are now in the process of planning out the next phase. Additional performance enhancements are on top of our list, but we are also looking into expanding the feature set by adding bandwidth guarantees, flow control for SCTP and others. More to follow once we have a done our homework on that front. Markus

FINALLY - Crossbow phase I is now available as IPS packages. Even though Crossbow was already integrated into build 105 of what we call Nevada (the code name for Solaris.Next), it took a while...

General

Successful Crossbow beta results

By now we have received feedback from almost all of our Crossbow beta testers and it's been entirely positive so far. A number of folks who are currently running Solaris zones really like the Virtual NIC (VNIC) concept that allows them to consolidate several separate services onto a single machine while guaranteeing the isolation and performance of the VNIC. For hosting companies this means port consolidation, i.e. lower capital cost as well as lower port management cost. Another group likes the significantly reduced latency. In the case of one customer they were able to cut their end-to-end TCP and UDP latency down by more than 50% on their work load. We had generated some similar numbers in our labs before publishing the bits, but of course it's always great to see customers verifying your own numbers. Another beta tester is trying things like using the HW classification capabilities in the NIC to push down firewall functionality into the HW and so on. I'm curious to hear back from them in the next few weeks. At the same time the development team is slaving away to get Crossbow into Solaris. Still a few more bugs to be resolved and a bit more performance work ahead, but things are going rather well right now. Keep your fingers crossed!If you are interested in checking out Crossbow yourself, see:http://opensolaris.org/os/project/crossbow/snapshots/ Markus

By now we have received feedback from almost all of our Crossbow beta testers and it's been entirely positive so far. A number of folks who are currently running Solaris zones really like the Virtual...

General

Crossbow beta

After several months of the whole team burning midnight oil and working through weekends the Crossbow beta bits have been officially released today at noon! Of course everyone is very excited about that! There are 15 customers lined up who are interested in running Crossbow bits.The even more interesting part is that there is a software company in New York called Reliant Security that is running our bits in production to improve Payment Card Data Security for Merchants who are required to meet challenging PCI Data Security requirements:Reliant's Managed PCI System ("MPS") is a cost-effective solution for implementing PCI controls in remote merchant locations such as stores. Implementing PCI data security controls in store systems is a source of frustration for many merchants. New store systems requirements, including wireless networks, productivity applications, Voice over IP and guest access are falling into the scope of PCI, while security controls around these technologies have tightened. Traditional solutions for PCI compliance require complex and expensive integration of proprietary devices and software. MPS replaces complex multi-vendor security and networking solutions with a single low-cost appliance to meet PCI and store systems requirements in an integrated solution.Separately, Reliant and Sun confirmed the production rollout of MPS, including Crossbow components, across a 750-store specialty retail chain. With the support of the OpenSolaris Community, Reliant has been able meet a very aggressive production rollout schedule while maintaining the stability and cost-effectiveness of the solution in a demanding production environment.Crossbow provides the building blocks for network virtualization and resource control by virtualizing the stack and NIC around any service (HTTP, HTTPS, FTP, NFS, etc.), protocol or Virtual machine. Each virtual stack can be assigned its own priority and bandwidth on a shared NIC without causing any performance degradation. Crossbow is the next step in the evolution of Solaris networking stack and brings bandwidth resource control and virtualization as part of the architecture itself instead of the usual add-on layers which have heavy overheads and complexity."It was the leading-edge network virtualization features that drew us to OpenSolaris." said Richard Newman, Managing Partner of Reliant Security. "OpenSolaris provides the right balance of cost, functionality and resource utilization. Crossbow enables virtual network devices that allow us to allocate virtualized IP stacks and deliver QoS within our solution."Before going open source with Solaris Reliant Security wouldn't even have know about Project Crossbow until it's official release. With OpenSolaris Reliant Security was able to not only plan for the release of Project Crossbow, but to use it in production this early in the development process. Through the mailing lists on OpenSolaris.org our engineers can directly communicate with their engineers, get early feedback on our features and find out about defects. It's a win-win situation.See: http://www.reliantsec.net/about/new03.html for additional details.

After several months of the whole team burning midnight oil and working through weekends the Crossbow beta bits have been officially released today at noon! Of course everyone is very excited about...

General

Solaris at Oracle Open World 2014

Another busy Oracle Open World week is over: For me this one was the busiest and most successful one ever. We had a record number of Solaris and OpenStack sessions. I've personally set a new record for the number of customer, analyst and partner meetings. In a lot of the sessions we had customers and partners co-present on the benefits they are seeing with the latest Solaris 11.2 features. It all started on Sunday with Larry Ellison's Keynote where he highlighted Oracle's focus on Cloud and the large portfolio of cloud offerings that Oracle now provides. Larry also provided a preview of the new features that the M7 processor is going to introduce next year. Aside from doubling the cores and increasing the clock speed it will also introduce a bunch of cutting edge Software in Silicon features which not only provide significant performance and efficiency gains for the Oracle DB, but also introduces the Application Data Integrity (ADI) feature which allows developers to write more stable code C and C++ code and also protects the Oracle DB as well as other applications from attacks like Heartbleed. This new capability in particular raised a lot of interest among customers and I got a lot of questions throughout the week. In my General Session I started out by highlighting how Solaris has evolved from a Server OS to a comprehensive cloud platform which includes the OS, the virtualization, the Software-Defined Networking (SDN) as well as a full distribution of OpenStack. The increased investment that Oracle is putting into Solaris has allowed us to drastically increase the pace of our development. With Solaris 11.2 we are seeing customers deploying Solaris at a large scale achieving productivity gains up to 16x compared to equivalent Redhat environments. Solaris 11.2 also helps customers keep their environment in compliance and allows them to automate their compliance reporting. See our Solaris site for more details. I also talked about the rapid market share gain that we are now seeing vs. IBM: In Q2 of fiscal 2014 SPARC/ Solaris gained 6.1% market share measured in WW revenue in the RISC/ UNIX market while AIX/Power lost 4.6%. This was the 4th quarter in a row where we gained market share. Not only is SPARC/Solaris winning over AIX/Power, we are increasingly seeing customers moving their workloads over from RHEL/ x86 environments.One of those customers is Morgan Stanley: I was very excited that Robert Milkowski from Morgan Stanley could join me and talked about their increased use of Solaris. He described how moving their OpenAFS environment over from Redhat to Solaris has allowed them to compress their data from 7 PB down to 2PB with huge savings for the firm. By taking advantage of the compression in ZFS they are able to reach compression rates between 3 and 20 while achieving better reliability and availability. He also described how the simplified life cycle management in Solaris 11 has allowed them to automate most of their patching. They have moved some of their in-house software into IPS resulting in additional simplification of their application life cycle management. They are also expanding the use of Solaris into their Sybase and KDB environment. Not only are we seeing a lot of momentum with customers, we are also seeing the Solaris ecosystem expanding: At the end of my session I was joined by Robert Jenkins, CEO of CloudSigma who announced the launch of their Solaris IaaS offering on both SPARC as well as x86. CloudSigma is seeing a lot of interest from customers in Solaris-based IaaS given the unique security as well as compliance capabilities that Solaris now offers. Leveraging the new kernel zones virtualization in Solaris 11.2 allows them to provide the highest levels of performance, security, compliance and availability.A lot of the other Solaris and OpenStack sessions also had customers and partners presenting. For instance, Chris Riggin from Verizon talked about their private cloud offering and their plans for OpenStack. Chris also described how their use of Solaris zones allows them to provide highly available Solaris IaaS at a significantly lower cost than RHEL/ VMware/ x86.We no longer look at it as just a mere OS, we now look at it as a comprehensive cloud platform: OS + OS Virtualization + SDN + Storage Virtualization plus Cloud Management tools, configuration, compliance reporting etc. all in one! It doesn't make sense to compare Solaris against RHEL, that's like comparing a spare part vs. a full solution. Solaris is the ideal platform for any kind of SaaS, PaaS (Oracle DB, Oracle Middleware, Oracle Java) as well as IaaS.I also shared some examples of what we are currently focusing on:1. Kernel Zones: There are a number of enhancements that are currently in the works, e.g. live migration.2. Zero Downtime Patching: This is very critical for customers who want to minimize their planned downtime. I frequently hear from customers that they are struggling to find the time to apply critical security fixes while meeting their uptime targets. We are working on enabling them to satisfy both of these requirements at the same time. 3. OpenStack: Solaris 11.2 provides all of the infrastructure required for IaaS. Our current focus is on going upstack and providing DBaaS as well as PaaS capabilities. In addition to that we are also working on additional automation of the undercloud deployment incl. configuration and authentication.4. Cloud Analytics: As customers are moving from a first generation cloud environment which still required a lot of manual intervention to a next generation cloud which includes Software Defined Networking and Storage, it becomes absolutely critical to have rich analytics capabilities that provide both high-level views of their environment, but also allow them to dig deep into each of their sub components if necessary. This is something that we are heavily investing in currently. Not to mention the 100s of other projects that I haven't listed here.Solaris is on a mission to kick butt! More to come...Markus

Another busy Oracle Open World week is over: For me this one was the busiest and most successful one ever. We had a record number of Solaris and OpenStack sessions. I've personally set a new...

General

What's new in Solaris Networking

It's been a while since I last blogged - oh well, I guess having a 2 1/2-year old and a 10 month old in the house counts as an excuse. A lot has happened in the last few months. I've personally talked to a lot of customers and ISVs. Everyone is excited to see Crossbow moving along. A lot of people have signed up for the upcoming beta. I also see CrossBow as a key enabler for ISVs and OEMs trying to consolidate networking services on the same piece of HW. Being able to virtualize the networking interface and assigning dedicated networking bandwidths to those without losing any performance is huge. Combine that with an improved offering of networking services that we are planning to integrate into Solaris and you make it very easy for ISVs to provide additional value add to their customers. As a security ISV you'll be able to add basic routing or load balancing functionality to your product without any significant development effort. And vice versa. Of course we are not quite there yet, ipfilter and Quagga are in Solaris already today. But we'll need to look into additional services: Several ISVs are very interested in basic load balancing functionality. This would be a logical extension of what Solaris offers today. PBX is another candidate that's worth exploring. Somebody in SunLabs has ported Asterisk over to Solaris, that's certainly worth checking out. There is also a lot of interest from the security community. People are interested in snort in particular. There might be others that I just haven't explored yet. I guess we'll just have to do some more home work on this front. At any rate, it's extremely exciting to expand the features in Solaris beyond what we have traditionally been offering.Forwarding performance is another hot item right now. With project Surya which went into S10 08/07 we have increased the Solaris forwarding performance by about 30%. Since then we have been doing a lot of additional work in that area. We have been able to achieve an additional 50% gain with e1000g and we are currently working on our the Huron platform which is running the new Niagara 2 chip which already has two 10GBE Neptune NICs on the chip itself. On the ipfilter front we are currently working on implementing Layer 2 filtering as well as enabling multiple instances of the pfhooks APIs. This allows ISVs to run their own application in addition to ipfilter. Good progress has been made on the IOAT front. The plan is to get IOAT support into Solaris very soon. It looks like we are getting some solid performance gains with IOAT.The xVM project just integrated into Solaris. Shortly after the hypervisor copy functionality was added which speeds things up further. And of course Clearview, Network Automagic, R-Bridges as well as Brussels are moving along very nicely.

It's been a while since I last blogged - oh well, I guess having a 2 1/2-year old and a 10 month old in the house counts as an excuse.A lot has happened in the last few months. I've personally...

General

CrossBow and Neptune

All the stars seem to be lining up: Sun's T1000 and T2000 Chip Multi Threaded machines, the Neptune 10Gb NICs and CrossBow Network Virtualization and Resource Control: With CrossBow, Solaris will take full advantage of the the new virtualization functionality that Neptune 10 Gb NIC offers like hardware classification, multiple Receive/Transmit rings and DMA channels. This means the networking stack in Solaris is fully aligned with the networking hardware. Crossbow features include: \*- Ability to create Virtual NIC (VNIC) which is built on top of dedicatedresources like Rx/Tx rings, DMA channels, kernel queues and threadsand CPUs. On systems like Niagara and other hardware,this allows multiple Solaris Containers or Virtual machines to sharethe available B/W and host networking resources based on policiesor resource partitioning without any performance impact due to virtualization. - Parallelizing the networking workload across multiple Niagarathreads and cores using Neptune classifier to spread traffic tomultiple Receive and transmit rings while maintaining affinity betweenRx/Tx rings, Niagara threads, kernel threads and queues. - Ability to separate out services and protocols and providingdedicated resources (like Neptune Rx/Tx rings, DMA channels, kernelthreads and queues, and Niagara threads and cores) and dedicatedbandwidth (both limits and guarantees) over a common NIC without anyperformance penalties. Provides Quality of service to services thatneed it. CrossBow on OpenSolaris: Crossbow is one of the leading projects on OpenSolaris and has a largecommunity around it. The source code and binaries are available todayvia the OpenSolaris (http://opensolaris.org/os/project/crossbow/). CrossBowwill be available in Solaris by the end of this year. Pretty cool stuff! And with the upcoming next generation of Niagara chips the NIC will even be included on the board itself. This will give us additional performance boost.

All the stars seem to be lining up: Sun's T1000 and T2000 Chip Multi Threaded machines, the Neptune 10Gb NICs and CrossBow Network Virtualization and Resource Control: With CrossBow, Solaris will take...

General

Solaris for security ISVs and network appliances

With the recent and enhancements in the Solaris networking stack Solaris has become a very interesting player for ISVs and appliance vendors in the security appliance space. First of all the fact that Solaris is open source and lets ISVs and appliance vendors link their proprietary moduleswith the OpenSolaris source code without distributing the source code of these proprietary modules or having to worry about legal concerns is a big plus over other OSes Secondly, the recent and ongoing enhancements really put Solaris into the driver seat: Solaris has made a huge step forward in the network performance space: With FireEngine and Nemo the Solaris networking performance has gone up by some 50% The arrival of the packet filtering APIs that Darren Reed is work on will be improving the firewall performance on Solaris by about 20% (This is the number we are getting with ipfilter) Project Surya which is about to integrate into Solaris will greatly improve the forwarding performance There are a lot of new cool features in Solaris or coming out soon: Ongoing virtualization of the stack through Stack Instances as well as CrossBow will provide a much better control over the networking stack A prototype for Ethernet Bridging is already available through OpenSolaris. Pretty soon will be integrating a more advanced version based on the CrossBow virtual NIC concept Quagga is providing very cool routing functionality You can expect a lot more really cool stuff out of the Solaris networking group in the near future! Let me know if you are interested in participating!

With the recent and enhancements in the Solaris networking stack Solaris has become a very interesting player for ISVs and appliance vendors in the security appliance space.First of all the fact that...

General

CrossBow prototype available

Wouldn't that be cool: Being able to divide your physical Network Interface Card (NIC) into several virtual interface cards and having the ability to prioritize networking traffic and having full control over which service gets how much? - Stop dreaming! This vision has just become reality: My team just showed me a demo today that they have prepared for the SunLabs OpenHouse tomorrow: The demo is showing a client and a server both running Solaris. User 1 is running within a Solaris Container on the client and is receiving a video clip from the server. The quality of the video is very good because the client has enough networking bandwidth available. Then user 2 who is running out of a different container on that client is trying to do an ftp download from the server and eats up a lot of the networking bandwidth - the video comes to a grinding halt. But now we turn on CrossBow's networking bandwidth control, create a virtual NIC that is dedicated to the container who is downloading the video. To User 1 this now looks like having a dedicated physical machine with a dedicated NIC - pretty cool. And even better, CrossBow has implemented the resource control in the kernel itself, so there is no performance penalty when you run it - this could really change the way people in the data center think about networking bandwidth control today.For more details check out the project web site on OpenSolaris: http://www.opensolaris.org/os/project/crossbow/Markus

Wouldn't that be cool: Being able to divide your physical Network Interface Card (NIC) into several virtual interface cards and having the ability to prioritize networking traffic and having...

Oracle

Integrated Cloud Applications & Platform Services