Saturday Sep 03, 2016

Next Generation Solaris Technology at Oracle OpenWorld 2016

I'm very excited about OpenWorld 2016 which is starts on September 18: We will be providing a preview of the next release of Solaris and all the breakthrough capabilities that we'll be introducing to take enterprise computing to the next level. We will talk about our differentiating new security, compliance, life cycle management, global analytics, DevOps and container capabilities. During my General Session (Tuesday, September 20 at 11am at the Mariott Marquis hotel in SF) I will provide an overview of what's in the new release as well as the investments beyond.

In addition to that we have a number of deep dive sessions as well as hands-on labs that I can recommend. More details can be found here.

Don't miss out on it!


Tuesday Jul 07, 2015

Release of Oracle Solaris 11.3 Beta

Today is a very exciting day for the Solaris team: This morning we've released a beta for Solaris 11.3, less than a year after we released Solaris 11.2.

With Solaris 11.2 we turned Solaris into a comprehensive cloud platform which includes virtualization, SDN and OpenStack. Since the release of Solaris 11.2 we've seen a rapid uptake of these new capabilities: A lot of customers a using Unified Archives for deploying their images, are taking advantage of the immutable root-file system, have started to deploy Kernel Zones and OpenStack and take advantage of the automated compliance reporting. The latter has become a lot easier since we are tracking the CVE meta data with IPS. We are getting a lot of good feedback on OpenStack: We recently even received a big compliment from one of the senior architects of one of our OpenStack competitors: He said that Solaris provides the best integration for OpenStack since the OpenStack services are mapped to the Solaris service management facility (smf) which provide automated restarting capabilities for all of the OpenStack services and since we've also tightly integrated it with our role-based access control capabilities in order to limit the privileges required for administering OpenStack.

Solaris 11.3 is taking things to the next level by making Solaris the most advanced enterprise cloud platform. We are introducing a number of critical enhancements in the following areas:

1. Security and Compliance:
x Verified boot for Kernel Zones
x BSD Packet Filter
x Tailoring of compliance policies

2. Virtualization:
x Secure (encrypted) live migration of Kernel Zones
x Zones on Shared Storage via NFS
x Live reconfiguration of I/O resources

3. OpenStack: There are a number of major enhancements:
x Automated upgrades to the newer versions of OpenStack
x Support for orchestration of services (Heat)
x Support for bare metal provisioning (Ironic): This is already in S11.3 but not yet in the beta

We are also working on integrating DBaaS with Trove and Murano. On the latter I had provided an overview at the Vancouver OpenStack Summit back in May.

4. Networking:
x Private VLANs
x Flows support for DSCP Marking

5. Deep integration with the Oracle stack, for instance:
x Up to 6x faster DB restart and shut-down by leveraging the latest Virtual Memory Management(VM2) capabilities

In addition to that we are providing early access to the Free and Open Source Software (FOSS) components that we are shipping with Solaris.

Of course these are just some of the highlights, there are a ton of other enhancements.

Have fun exploring Solaris 11.3!

Friday Oct 03, 2014

Oracle Solaris and OpenStack at Oracle Open World 2014

Another busy Oracle Open World week is over: For me this one was the busiest and most successful one ever. We had a record number of Solaris and OpenStack sessions. I've personally set a new record for the number of customer, analyst and partner meetings. In a lot of the sessions we had customers and partners co-present on the benefits they are seeing with the latest Solaris 11.2 features.

It all started on Sunday with Larry Ellison's Keynote where he highlighted Oracle's focus on Cloud and the large portfolio of cloud offerings that Oracle now provides. Larry also provided a preview of the new features that the M7 processor is going to introduce next year. Aside from doubling the cores and increasing the clock speed it will also introduce a bunch of cutting edge Software in Silicon features which not only provide significant performance and efficiency gains for the Oracle DB, but also introduces the Application Data Integrity (ADI) feature which allows developers to write more stable code C and C++ code and also protects the Oracle DB as well as other applications from attacks like Heartbleed. This new capability in particular raised a lot of interest among customers and I got a lot of questions throughout the week.

In my General Session I started out by highlighting how Solaris has evolved from a Server OS to a comprehensive cloud platform which includes the OS, the virtualization, the Software-Defined Networking (SDN) as well as a full distribution of OpenStack. The increased investment that Oracle is putting into Solaris has allowed us to drastically increase the pace of our development. With Solaris 11.2 we are seeing customers deploying Solaris at a large scale achieving productivity gains up to 16x compared to equivalent Redhat environments. Solaris 11.2 also helps customers keep their environment in compliance and allows them to automate their compliance reporting. See our Solaris site for more details. I also talked about the rapid market share gain that we are now seeing vs. IBM: In Q2 of fiscal 2014 SPARC/ Solaris gained 6.1% market share measured in WW revenue in the RISC/ UNIX market while AIX/Power lost 4.6%. This was the 4th quarter in a row where we gained market share. Not only is SPARC/Solaris winning over AIX/Power, we are increasingly seeing customers moving their workloads over from RHEL/ x86 environments.

One of those customers is Morgan Stanley: I was very excited that Robert Milkowski from Morgan Stanley could join me and talked about their increased use of Solaris. He described how moving their OpenAFS environment over from Redhat to Solaris has allowed them to compress their data from 7 PB down to 2PB with huge savings for the firm. By taking advantage of the compression in ZFS they are able to reach compression rates between 3 and 20 while achieving better reliability and availability. He also described how the simplified life cycle management in Solaris 11 has allowed them to automate most of their patching. They have moved some of their in-house software into IPS resulting in additional simplification of their application life cycle management. They are also expanding the use of Solaris into their Sybase and KDB environment.

Not only are we seeing a lot of momentum with customers, we are also seeing the Solaris ecosystem expanding: At the end of my session I was joined by Robert Jenkins, CEO of CloudSigma who announced the launch of their Solaris IaaS offering on both SPARC as well as x86. CloudSigma is seeing a lot of interest from customers in Solaris-based IaaS given the unique security as well as compliance capabilities that Solaris now offers. Leveraging the new kernel zones virtualization in Solaris 11.2 allows them to provide the highest levels of performance, security, compliance and availability.

A lot of the other Solaris and OpenStack sessions also had customers and partners presenting. For instance, Chris Riggin from Verizon talked about their private cloud offering and their plans for OpenStack. Chris also described how their use of Solaris zones allows them to provide highly available Solaris IaaS at a significantly lower cost than RHEL/ VMware/ x86.

We no longer look at it as just a mere OS, we now look at it as a comprehensive cloud platform: OS + OS Virtualization + SDN + Storage Virtualization plus Cloud Management tools, configuration, compliance reporting etc. all in one! It doesn't make sense to compare Solaris against RHEL, that's like comparing a spare part vs. a full solution. Solaris is the ideal platform for any kind of SaaS, PaaS (Oracle DB, Oracle Middleware, Oracle Java) as well as IaaS.

I also shared some examples of what we are currently focusing on:
1. Kernel Zones: There are a number of enhancements that are currently in the works, e.g. live migration.
2. Zero Downtime Patching: This is very critical for customers who want to minimize their planned downtime. I frequently hear from customers that they are struggling to find the time to apply critical security fixes while meeting their uptime targets. We are working on enabling them to satisfy both of these requirements at the same time.
3. OpenStack: Solaris 11.2 provides all of the infrastructure required for IaaS. Our current focus is on going upstack and providing DBaaS as well as PaaS capabilities. In addition to that we are also working on additional automation of the undercloud deployment incl. configuration and authentication.
4. Cloud Analytics: As customers are moving from a first generation cloud environment which still required a lot of manual intervention to a next generation cloud which includes Software Defined Networking and Storage, it becomes absolutely critical to have rich analytics capabilities that provide both high-level views of their environment, but also allow them to dig deep into each of their sub components if necessary. This is something that we are heavily investing in currently.

Not to mention the 100s of other projects that I haven't listed here.

Solaris is on a mission to kick butt! More to come...


Saturday Apr 05, 2014

Don't miss the announcement of Solaris 11.2

It's very hard for me to find time for writing a blog these days: I've been quite busy working with my team on getting the final features into Solaris 11.2, making sure that we address any remaining critical defects while getting ready for the announcement of Solaris 11.2 in NYC on April 29. I find the latter particularly hard: Trying to squeeze all of the new capabilities of Solaris 11.2 into a 45 min preso feels like trying to squeeze four elephants into a VW Beetle.

The current plan for April 29 is to start by ringing the bell and open up the stock market in the morning followed by the announcement event after lunch at the Metropolitan Pavilion on 125 W. 18th Street in New York.

Solaris 11.2 is a huge step function: We are introducing a number number of key differentiators into Solaris. I'm very proud of what my team has delivered over the last couple of years!

Don't miss it! Here is the registration page.

Thursday Feb 06, 2014

Solaris on Pluribus Networks' Server Switches

While there has been a lot of talk about Software Defined Networking (SDN) the reality is that enterprise customers are still struggling to figure out how to make use of the existing solutions. Scalability in particular is a huge problem, both in terms of throughput performance as well as scalability across a large number of physical nodes.

As I had mentioned in my Oracle Open World blog a couple of months ago, Solaris will be introducing a number of interesting Software Defined Networking (SDN) capabilities in this space later this year. Back in 2011 Solaris 11 introduced a number of cutting edge network virtualization capabilities in Solaris itself: The re-architecture of our L2 networking provides 1. Isolation of networking traffic using vNICS, 2. Resource Control for the networking traffic using flows 3. Virtual Networking services like load balancing, routing and fire walling as well as fine-grain stats (dlstat and flowstat) for everything that's going on in this virtual environment. All of this at near zero performance overhead and fully integrated with the Solaris zones and OVM virtualization (aka ldoms). With S11.2 we will be introducing a distributed virtual switch which means we are breaking down the limitation of a single Solaris instance and we will allow customers to create these virtual network across physical nodes.

In this context we have been working with Pluribus Networks for a while and they have just certified Solaris 11 on their Freedom series Server-Switch platform. Instead of treating network devices as a black box they now become accessible to a Solaris administrator. Virtual Network Services can now be dynamically re-provisioned onto the network switch. Pluribus Networks' Netvisor which runs on Solaris 11 allows customers to get a detailed view of all of the flows in the network. With the release of Solaris 11.2 we'll have OpenStack available as a first-class citizen of Solaris to manage the compute, the network and the storage resources of a Solaris-based cloud.

More details under: or

Very cool!

Tuesday Dec 10, 2013

Oracle now Corporate Sponsor of the OpenStack™ Foundation

I'm very excited that Oracle is now a Corporate Sponsor of the OpenStack™ Foundation. My team is getting close to code complete for making OpenStack™ work with Solaris. The initial plan is to integrate the Nova Compute, the Neutron Network and the Cinder Block Storage modules into Solaris and contribute the changes back to the upstream OpenStack™ code base. This will allow customers to use OpenStack™ to manage Solaris-based clouds, taking full advantage of the stability, efficiency, performance, scalability and security of Solaris. The initial focus will be on managing Solaris Zones as well as Kernel Zones which we are planning on releasing next year together with OpenStack. As a follow on we'll integrate additional OpenStack modules like the Swift.

Since the release of Oracle Solaris 11 in November of 2011 over 4,000 customers have gone into production word-wide and run a wide range of different workloads on Solaris based IaaS, PaaS and SaaS clouds. This includes Oracle Corporation which runs a range of workloads including mission-critical ones like its Global Single Instance of its E-Business Suite on Solaris 11 based Oracle SuperCluster.

Oracle Solaris provides industry-leading security, performance, scalability and observability for cloud-based deployments allowing customers to run their most demanding enterprise applications in private or public clouds. In addition to that Oracle Solaris provides a superior solution for providing cloud infrastructure through the combination of differentiating technologies such as:
- ZFS with superior compression, deduplication and Copy-on-Write functionality
- DTrace observability
- Low risk, simplified infrastructure life cycle management with patch rollback
- Zero overhead zones virtualization

More details under:


Wednesday Sep 25, 2013

Impressions from Oracle Open World 2013

4 days of Oracle Open World are over now, one more to go! As always, I've had a super-busy week with over 2 dozen customer meetings and 1/2 dozen analyst meetings, not to mention partners and internal colleagues. Oracle Open World is by far my most productive week of the year and I thrive on that! The best summary of the last week is what I heard from one of the analysts from a major analyst firm: "We are seeing the Renaissance of SPARC and Solaris".

It all started on Sunday with a customer advisory board in the San Francisco office. Some of my technical leads and I spent 1/2 day with key customers reviewing our key investments and getting their feedback on those. One of the customers gave a talk on their self-provisioning IaaS and PaaS cloud taking advantage of the latest S11 features. They are using a combination of Solaris zones as well as OVM SPARC in order to achieve super-high compression rates and drive the cost/VM well below what they can get with RHEL and VMWare on x86 hardware. Not to mention all of the other benefits of Solaris like higher up-time, security, super-efficient patching etc.

Later that day I went to Larry Ellison's Opening Keynote. Larry did a great job highlighting how the new In-Memory capabilities of Oracle DB 12c will be taking advantage of the 32TB of DRAM that the newly released M6-32 has to offer. 3,072 threads on 384 cores! When we initially tested the Oracle DB on this large machine it took 2800s to fill a 30TB SGA when running Oracle DB 11g on S11.1. Working closely with the Oracle DB team we have been able to get this down to about 130s now! That's a 21x speed-up! We had to do a whole bunch of work on both sides to accomplish that!

During my general session on Monday I started out by highlighting the accelerated pace of product development at Oracle reflected by the long list of new product releases since last year's OOW: Solaris 11.1 in October, the T5/M5-based systems in March, the refresh of SuperCluster to T5-8, the release of ZS3 (aka ZFSSA) in early September, the release of the M6, the M6 SuperCluster as well as the T5-8 Exalytics at OOW - what a line-up of new products in just 12 months! A great testament to the increased investment that Oracle is putting into the former Sun products! I continued to talk about the increased customer momentum behind Solaris 11 and our latest SPARC hardware. We now have over 4,000 customers running on Solaris 11. Allied Irish Bank is a great example: They consolidated a bunch of older Oracle databases running on older HP Itanium as well as IBM Power boxes onto Oracle DB 11gR2 on Solaris 11 and SPARC. This has allowed them to not only achieve consolidation rations of 10:1, but also provision 10x faster now. We also have a number of good examples of customers moving their RHEL/ VMWare/ x86 estate over to Solaris 11 and the latest SPARC hardware, increasing customer response times by 50% and getting 2x the performance out of the same number of Oracle licenses. Aside from external customers we also have Oracle IT as a major customer: Oracle currently runs its Global Single Instance of E-Business Suite on a SuperCluster taking advantage of all of the optimizations between the Oracle DB and Solaris as well as SPARC. So far they haven't seen any outages at all (I'm keeping my fingers crossed so I won't get woken up at 2 in the morning :-) ). Oracle IT is in the planning to switch over to the latest M6 SuperCluster over the next few months.

Then Mike Montemorano from Verizon Wireless joined me. He did an excellent job explaining why Solaris is strategic for Verizon Wireless: Mike explained how Verizon Wireless has grown their number of physical SPARC servers by almost 50% over the past 4 years and the number of Solaris VMs by 5x. They recently deployed 30 T5-8s and 15 T5-4s to run their mission-critical IaaS cloud. Aside from pure economics he said that their mean time to resolution (MTTR) is 4-8x faster on Solaris compared to other platforms.

I continued to talk about Solaris futures: Over the past couple of years we have greatly expanded the way we think about Solaris. We no longer look at it as just a mere OS, we now look at it as a comprehensive cloud platform: OS + OS Virtualization + SDN + Storage Virtualization plus Cloud Management tools, configuration, compliance reporting etc. all in one! It doesn't make sense to compare Solaris against RHEL, that's like comparing a spare part vs. a full solution. Solaris is the ideal platform for any kind of SaaS, PaaS (Oracle DB, Oracle Middleware, Oracle Java) as well as IaaS.

Here are some of the highlights of what's coming in the next release:

1. kernel zones: With kernel zones customers will have to option to run different kernel patch levels across different zones while maintaining the simplicity of zones management. We'll also be able to do live migration of kernel zones. All of that across HW platforms, i.e. kernel zones will be available on both SPARC as well as x86. Key benefits of kernel zones:
x Low overhead (Lots of optimizations because we run Solaris on Solaris)
x Unique security features: Ability to make them immutable by locking down the root file system
x Integration with the Solaris resource management capabilities: CPU, memory, I/O, networking
x Fully compatible with OVM SPARC as well as native and S10 branded zones
x Comprehensive SDN capabilities: Distributed Virtual Switch and VxLAN capabilities

2. Unified Template Builder: This will allow customers to go from any-to-any of the following: Bare metal, OVM, kernel zone, native zone. For instance: You'll be able to take a zones image and re-deploy it as a bare metal image, kernel zone or ldom. Or vice versa! Pretty powerful, huh? Unified templates also provide us with a great foundation to distribute key Oracle applications as a shrink-wrapped, pre-installed, pre-tuned an configured image where customers can specify at install time whether to turn them into a bare metal image, a zone, a kernel zone or an OVM.

3. OpenStack and Puppet: We are planning on integrating both of these into Solaris. This will allow customers to seamlessly integrate a Solaris/kernel zones or zones or OVM environment with other OpenStack platforms.

I concluded by highlighting some of the differentiating features we are now available in Oracle DB 12c when running on Solaris 11.1:
x Zero-downtime DB re-sizing
x Full-stack analytics: Running on Solaris allows DBAs to quickly identify I/O outliers. For more details check out: x RAC lock off-load into Solaris kernel: This reduces latency by about 30-40%.

Not to mention the 100s of other features and improvements that I won't even mention here.

Solaris is on a mission to kick butt! More to come...


Tuesday Sep 10, 2013

Solaris at OOW 2013

I'm looking forward to Oracle Open World in a couple of weeks from now. It's always a super-productive time for me where I get to interact with a large number of customers and partners in and end up learning a lot about how they use our products and which direction they are going.

There will be a number of sessions as well as Hands-on Labs specifically focused on Solaris. During my keynote on Monday at 12:15pm I'll have an executive from a major US mobile provider joining me and talking about how they are taking advantage of Solaris 11 and the latest T5 hardware to run their IaaS cloud. I'll be talking about how we are taking Solaris from a traditional server OS to a full-fledged cloud platform which also includes the OS virtualization, the network virtualization/ SDN and also the integration with Storage. I'll also cover how we are leveraging industry-standard cloud management solutions for running Solaris-based SaaS, PaaS and IaaS clouds. Last but not least I'll be talking about some of the investments we are making to ensure that Solaris/SPARC is the best platform for Oracle, not just from a performance, but also from an observability, reliability as well as administrative point of view.

You can find a more complete overview of all of the Solaris-related events at OOW here:

Hope to see you there!

Tuesday Apr 05, 2011

Looking for talented engineers

Solaris Core Technology is hiring in all of the Solaris technology areas currently. We are looking for talented engineers with a passion for kernel-level programming. Please check out and search for "Solaris". Markus

Wednesday Oct 28, 2009

Berkeley Packet Filter and pf_packet in Solaris

Darren Reed recently delivered Berkeley Packet Filter and PF_PACKET into Solaris Nevada:

BPF is now as a supported option for the Solaris kernel. Support has been implemented for capturing packets at the link layer as well as at the IP layer. By using the IPNET device from Clearview Observability, BPF can be used to sniff packets local to the host (loopback & between zones) as well as those from "the wire" through interfaces supplied by Crossbow. In subsequent builds you can look forward to the libpcap shipped with Solaris being switched over from DLPI to BPF and updates to wireshark and tcpdump to support IPNET for loopback packet capture.

In addition to BPF, an implementation of PF_PACKET has now been added to Solaris. This provides both another mechanism to sniff packets from the network, with in-kernel filtering supported by BPF. Both raw and datagram PF_PACKET sockets have been included in this implementation of PF_PACKET for Solaris. Unlike BPF, PF_PACKET does not have access to loopback packets on Solaris.

Crossbow link protection attribute in Solaris Nevada

Eric Cheng recently integrated two interesting new features into Solaris Nevada, the Solaris.Next development gate:

1. Link protection -

this allows an administrator to prevent certain types of spoofed packets from being sent from a link. This is typically used in virtual environments (zones/domU) where individual domains can't be trusted to behave properly. In this phase, we deliver support for anti-spoofing of IP addresses (v4 only), mac addresses, and non-IP l2 frames.

2. flowadm remote_port attribute -

this allows flows to created with the 'remote_port' attribute. A flow is typically used for enforcing resource controls (e.g. bandwidth limit) on the type of traffic described by the flow.

More to come ...

Friday May 29, 2009

Crossbow BOF and hands-on workshop

Next week is going to be very exciting for me, Sun will have its big developer conferences, CommunityONE and JavaONE at the Moscone Center in San Francisco. Crossbow will be one of the main features discussed during John Fowler's keynote on Monday, June 1 at 9am and Sunay Tripathi is going to do a talk on Crossbow at 2:40pm, see Agenda .

On Tuesday, June 2 at 5:30pm we'll then do a Birds of a Feather session at the Intecontinental Hotel right next to the Moscone Center. We'll have several early adopters describe their use cases and experience with Crossbow. All of the Crossbow engineers are going to be present and will be available to answer any questions and would like to hear your feedback. Right after the BOF, at around 7:30pm we'll do a hands-on workshop where participants can get started with creating virtual networks right then and there. Here are some more details:

Introduction - Jeff Jackson, Sr. VP of Solaris (5 min)
Overview of Crossbow and Open Networking - Sunay Tripathi and Nicolas Droux, Crossbow architects (20 min)
Customer use case 1 - Xiaobo Wang, Francesca Puggioni, Veraz Networks (20 min)
Customer use case 2 - Ben Rockwood, Joyent (20 min)
Customer use case 3 - Richard Newman, Reliant Security (20min)
Informal Q&A and discussion (40min)

Starting at around 7:30pm: Hands-on Workshop - build your own virtual network on your laptop (60min)

More details under:

Hope to see you there, Markus

Wednesday Feb 04, 2009

Crossbow, quo vadis?

The Crossbow framework was recently integrated into OpenSolaris. It provides some really sexy network virtualization capabilities as well some significant performance improvements. Going forward there is a lot of work to do in this space to get additional performance as well as to add some more sexy features. [Read More]

Wednesday Jan 14, 2009

How to save on your commission when buying or selling a home

I'm starting to realize that the only thing I ever blog about is my work. Of course this is a big part of my life, but there are other interesting subjects that people may find useful. Especially here in the bay area I've found a lot of people complaining about the high real estate commissions that they end up paying when buying or selling a home. Of course this is a function of the ridiculously high prices that people end up paying when they buy houses. Just to put things in perspective, paying USD 1 million for a rather modest house in a good school district like Palo Alto or Menlo Park is nothing unusual here - welcome to the Bay Area! Since the commissions are a percentage of the value of a home the amount of commission goes up to some really high numbers: Typically a seller pays 5-6 % of commission, that equates to 50-60K in commission for the two realtors involved.

When we bought our house a couple of years ago my wife and I already knew where we wanted to live and had even picked out the house by ourselves. So I didn't need the services of a buyer agent and tried to save the 3% buying agent commission. However, the house we wanted (and all the others that we had previously looked at) had their contract written such that a buying agent was required. The whole real estate industry seems like a big cartel to me and I wasn't willing to pay that much money for that little service that I required - call me a stingy German if you like. I looked around and the best I could initially find was ZipRealty who was willing to refund 20% of the 3% commission, that still leaves USD 24K for the buying agent for essentially helping me fill out some paperwork. After lots of searching around I finally found the following web site that allows you to let realtors bid down their commission, pretty cool really:

Through that I found a buying agent who was willing to refund 70% of his commission to me, a nice chunk of money really!

The bottom line: I guess I'll be a bit more picky when it comes to selling my house, since the right pricing and the right marketing can make a difference. But when it comes to buying a house I think paying the full commission when you pretty much know what you want is just a total waste of money - my 2 cents.

Friday Jan 09, 2009

Crossbow available on OpenSolaris

Crossbow is available and officially supported on Sun's OpenSolaris distro, the basis for SolarisNext. [Read More]



« February 2017