Monday Feb 15, 2010

Installing Oracle 11gR2 for x86 on Solaris

Oracle 11gR2 for x86 on Solaris is a winning combination!

Good Stuff!

 Last week I wrote a blog regarding Oracle 10g on Solaris, the title was:

Installing Oracle 10g for x86 on Solaris

I got some feed back asking if this problem still comes up when installing Oracle 11gR2?

I am glad to say that Oracle 11gR2 has been released and I am happy to announce, the perceived Solaris 10 problem does not exist in Oracle 11gR2. The Oracle Installation Documentation has been corrected and updated to reflect that /etc/system parameters in Solaris 10 has been deprecated. Since Solaris 10 came out in 2005, it has been using this better and improve mechanism for managing system resources. The perceived problem was caused by the previous documentation for installing Oracle 10g. It still reflected making changes for system kernel parameters by modifying the /etc/systems file, which again has been deprecated in Solaris 10 since it came out. I am guessing the problem was initially caused because Oracle 10g came out before Solaris 10.

Today however, Oracle 11gR2 documentation reflects how to verify and use Solaris 10 Resource Management. It shows how to verify, to create and how to use and manage Solaris 10 resource projects with Oracle.   For more information and details regarding how to verify and set up Solaris 10 System Kernel parameters for Oracle 11gR2, please check the Oracle installation documentation as follows:

Oracle® Database

Quick Installation Guide 11g Release 2 (11.2) for Solaris Operating System (x86-64)

Once you get the install documentation, please scroll down to chapter 6 for details. Below is an example snippet of the chapter title including the introduction paragraph that discusses configuring system kernel parameters for satisfying Oracle 11gR2 pre-requisites:

6 Configuring Kernel Parameters on Solaris 10

On Solaris 10, verify that the kernel parameters shown in the following table are set to values greater than or equal to the recommended value shown. The table also contains the resource controls that replace the /etc/system file for a specific kernel parameter. As Oracle Database does not set project information when starting processes, some /etc/system processes that are deprecated but not removed must still be set for Oracle Database.

The installation documentation basically goes through the steps for verifying system kernel parameter pre-requisites for installing Oracle 11gR2 on x86 for Solaris (much like I did in my previous blog for Oracle 10g).  

So the installation should now be simple and straight forward. A happy installer makes for happy installations! Now go have some fun!

Wednesday Feb 10, 2010

Installing Oracle 10g for x86 on Solaris

Oracle 10g and Solaris 10 a great combination!

Like many things, I created this documented out of necessity.  It contains information found in the Oracle installation documentation and somethings not clearly documented.   The problem was literally getting my installation started.  I encountered this problem while trying to install Oracle on a Solaris virtual machine on the X86 platform.   What happen is Oracle was failing to install because the Oracle Installer was not seeing the required Oracle system kernel parameters it needed.

So is it a Solaris 10 bug?  Is it an Oracle bug?
Answer:  Neither

It is really a combination of things:

A)  Oracle 10g came out in 2003 and Sun has improved how system parameters are configured in Solaris 10 which came out in 2005 (Note - for some strange reason the Oracle 10g installer on SPARC systems does not fail)

B) It is a misunderstanding of how Solaris 10 works.  Not understanding how system parameters in Solaris 10 works can make things a little challenging to say the least.

It is my hope and my intent that this article will help to make your install go easier and help you avoid this confusion as you get started with your Oracle installation on Solaris.    

There are some things that you need to understand about Solaris 10 and Oracle 10g that may not be so straight forward at first glance.  For example in the old days when you needed to change system parameters in Solaris before installing an Oracle database you just edited the /etc/systems file.  This is well documented and what you will find it documented in the Oracle installation documentation.  This really works well for Solaris 8 and Solaris 9.   In Solaris 10 system parameters are set through a different mechanism using Solaris 10 resource management.  Solaris Resource Management makes use of and requires understanding Solaris Resource Control Projects; the intent here is to help you understand how to make those system kernel parameter changes required for Oracle.

The basis for my article and my gratitude go to Aziz for his blog that help me to get started (   So before we get too far ahead of ourselves, the following are the steps I followed to successfully install Oracle 10g on Solaris 10 X86.

Checked For Oracle Prerequisites And Install Requirements
Create Oracle Users, Groups & Profile
Configure Solaris 10 System Parameters Using Resource Control Projects
Run Oracle 10g Installer
Oracle Web Administration
Uninstall Oracle 10g

Checking Oracle Prerequisites and Install Requirements

Here we are just checking for the prerequisites found in the Oracle Installation Documentation.

Check Ram:
#/usr/sbin/prtconf | grep Memory

Check Swap:
# /usr/sbin/swap -s

Check /tmp is greater than 400mb:
# df -h /tmp

Check Solaris Version:
# uname -r

Check for required installed Solaris packages:
# pkginfo -i SUNWarc SUNWbtool SUNWhea SUNWlibm SUNWlibms SUNWsprot SUNWtoo SUNWi1of SUNWi1cs SUNWi15cs SUNWxwfnt

Check to nsswitch.conf configuration parameters:
# cat /etc/nsswitch.conf | grep hosts

Check host name:
# hostname

Create Oracle Users, Groups & .Profile

Create group name “dba”, oracle inventory group “oinstall” and “oracle” user according to your company standards, and if none, this is what I used for testing purposes.
Check to see if groups oinstall & dba exist, if they do not create them
# /usr/sbin/groupadd oinstall

# /usr/sbin/groupadd dba
Check to see if  Oracle user exists, if not create it
# useradd -u 101 -g 101 -G 100 -d /export/home/oracle -s /usr/bin/bash -c Oracle -m oracle
# id -a oracle
uid=101(oracle) gid=101(dba) groups=100(oinstall)

Then set oracle password
# passwd -r files oracle

Then use vi to edit the .profile and add the following
#vi /export/home/oracle/.profile
umask 022
ORACLE_BASE=/u01/app/oracle/ [replace with your Oracle base Directory]
ORACLE_HOME=/u01/app/oracle/10.2.0/db1 [replace with your Oracle home Directory]
ORACLE_SID=orcl [replace with your database]

Note: The above directory structure is what I used for installing Oracle 10g for my testing, please define your own or use your company standards as required.

Configure Solaris 10 System Parameters Using Resource Control Projects

As the root user, issue the following command to create a new resource project
#projadd oracle

Append the following line to the "/etc/user_attr" file.

#su – oracle
$ id -p
uid=101(oracle) gid=101(dba) projid=100(oracle)
$ prctl -n project.max-shm-memory -i project oracle
project: 100: oracle
NAME    PRIVILEGE       VALUE    FLAG   ACTION                       RECIPIENT
        privileged       254MB      -   deny
        system          16.0EB    max   deny     

To set the kernel system value for the shared memory parameter open another root shell and perform the following two commands,  make sure at least one terminal session is still logged in as the oracle user.  Then from the root user shell issue these commands to set shared memory to 4GB.

# prctl -n project.max-shm-memory -v 4gb -r -i project oracle
# projmod -s -K "project.max-shm-memory=(priv,4gb,deny)" oracle

The first dynamically resets the value, while the second makes changes to the "/etc/project" file so the value is persistent between reboots. To see changes to /etc/project perform the following

# cat /etc/project

Now to go back to the oracle shell command terminal and type the following again to see that the project information has been update to 4B for the shared memory kernel system parameter.

$ prctl -n project.max-shm-memory -i project oracle
project: 100: oracle
NAME    PRIVILEGE       VALUE    FLAG   ACTION                       RECIPIENT
        privileged       4.00GB      -   deny
        system          16.0EB    max   deny     
If you've performed a new default Solaris installation, it is likely that this is the only system kernel parameter you need to set is "max-shm-memory" for Oracle 10g.

Run Oracle 10g Installer

The Oracle installer seems for some reason acts as it does not recognize the system parameter set using resource control projects, so when asked to verify, do so and continue with installation, these are only warnings that you must confirm you have checked.  Performing the Oracle Installation is pretty simple and straight forward just perform the following to allow installer to set a display and then run the Oracle installer as shown in the Oracle Installation Documentation.
#su – oracle
$xhost +
$export DISPLAY=localhost;0.0
$ xhost +<your-remote-pc-ipaddress
$ cd /opt/oracle/[which ever directory you unzipped Oracle 10g install bits]

I created the directory structure as was documented above  in my .profile for the user oracle.   The instance for the database I created was named “orcl” and my SID is “orcl.”  Once the database has installed it will ask you to finalize the installation by opening a root terminal shell and running the following commands, the path of these will vary depending on what you used for you directory structure.  For my installion these scripts were located as follows.
Once the database installation has finished it will give you information of where things are at, allow you to set up Oracle Database Instance passwords and give information for doing Database Administration via the web-based Enterprise Manager database administration tool)

Oracle 10g Web Administration

To begin web administration simply navigate to : http://localhost:1158/em and log on as SYS.
If the web administrator services is down check that the listener is running, if not started, open a terminal shell and login as oracle and start listener and then start the web console.
# su – oracle
$ lsnrctl start

$ emctl start dbconsole

Uninstall Oracle 10g

Open terminal shell window and login as oracle user

Then remove all databases by running


Then stop oracle Database Web Console

$ORACLE_HOME/bin/emctl stop dbconsole

Then stop the Oracle listener

$ORACLE_HOME/bin/lsnrctl stop

Stop iSQL\*Plus

$ORACLE_HOME/bin/isqlplusctl stop

Stop Ultra Search

$ORACLE_HOME/bin/searchctl stop

Start Oracle Universal installer and deinstall Oracle home and products that you want to remove


Tuesday Apr 14, 2009

Cool video of Sun Unified Storage aka Amber Road!

Just saw a great intro video clip that shows the value of Open Storage and Sun Innovation. I loved the format, entertaining and to the point! Thanks Constantin!

Constantin Gonzalez Schmitz does a Top 5 video on cool features on the new Sun Unified Storage 7000 series.

Hope you enjoy the video clip as much as I did and you can find more information about Sun Unified Storage 7000 series here!

Friday Jun 27, 2008

"How do I know if I can virtualize my application using Sun Virtualization?"

Somebody asked me the other day, "How do I know when to use which Sun Virtualization Technology and how do I know if I can virtualize my application?" Well it depends on what problem your are trying to solve. The following are a some general rules of thumb that I use and I though I would share them with you.

Bare Metal Machine Running Solaris

\* Any Sparc Apps on Sparc Systems
\* Any X86 Apps on X86/X64 Systems

Solaris Containers (Zones)

\* Any Sparc Apps on Sparc Systems w/kernel restrictions
\* Any X86 Apps on X86/X64 w/kernel restrictions
\* There is only a single Solaris Kernel
\* Apps Restricted to user land type Apps
\* No Apps that need to talk directly to kernel or devices
\* Operating System Solaris 10
\* Sparc Branded Zones - Solaris 8, Solaris 9
\* X86 Branded Zones - Linux
\* Solaris 10 Containers can be run any where Solaris 10 is installed regardless (Bare Metal/LDoms/xVM Server)

xVM Logical Domains (LDoms)

\* Any Sparc Apps on T1 & T2 Systems
\* Solaris Operating System
\* There can be multiple Solaris Kernels (each thread can be a kernel)
\* Enterprise Grade Level Virtualization (RAS)
\* Type I Hypervisor Virtualization

xVM Server X86

\* Any X86 Apps on X86/X64
\* Multiple Operating Systems (Solaris X86, Windows & Linux)
\* Enterprise Grade Level Virtualization (RAS)
\* Type I Hypervisor Virtualization

xVM Virtual Box

\* Any X86 Apps on X86/X64
\* Multiple Operating Systems (Solaris X86, Windows & Linux)
\* Desktop/Laptop Grade Level virtualization for Software Development
\* Type II Hypervisor Virtualization

Also check out blogs for the following Subject Matter Experts:

For Solaris Containers go to Jeff Victor's blog
For xVM LDoms go to Jeff Savit's blog
For xVM X86 go to Bob Netherton's blog

Monday Mar 03, 2008

A little somethings about Sun's Solaris 10 implementation of Kerberos

The following are answers to some questions I researched for several of my customers regarding Sun Kerberos. I wrote this article thinking it might be helpful for someone else curious about Sun Kerberos. I am not going to call this a FAQ because this is really a point in time response as I will not be maintaining this overtime as you would a real FAQ. If you find this useful, by all means you can use it to start a FAQ if you so desire.

So what is Sun Kerberos?

It is a network authentication protocol and it was designed to provide strong authentication for client/server applications by using secret-key cryptography. Originally developed at the Massachusetts Institute of Technology (MIT), it has been included as part of the Solaris Operating Environment to provide strong authentication for Solaris network applications. Sun's Kerberos implementation before Solaris 10 was formerly know as the "Sun Enterprise Authentication Mechanism" (SEAM).

Kerberos in addition to providing a secure authentication protocol, also offers the ability to add privacy support (encrypted data streams) for remote applications such as ssh, telnet, ftp, rsh, rlogin, and other common Unix network applications. In a Solaris environment, Kerberos can also be used to provide strong authentication and privacy support for Network File System (NFS) filesystems, allowing secure and private file sharing across the network.

Question 1. Can Microsoft Active Directory (AD) act as the primary KDC for Sun Kerberos Clients?

Answer 1. Yes.

Question 2. It is my understanding that SEAM has a KDC that is not in Sun LDAP and is a separate repository.

Answer 2. True.

Question 3. Does SEAM require a KDC to be in the Sun LDAP server inorder to be integrated it with AD?

Answer 3. If the primary server is Active Directory, then the Solaris Kerberos clients will work fine and do not need a Sun LDAP server. Clients can get their Kerberos tickets using standard Kerberos protocols talking to AD or Linux or any other system that supports the standard Kerberos protocols.

Question 4. It is my understanding that Sun LDAP can be made to Synchronize with MS Active Directory.
Answer 4. If you only want your Solaris clients to be able to use AD as a KDC to issue tickets, then there is no need for LDAP sync unless you are trying to use AD as a naming service also.

Question 5. Can Sun Kerberos Clients be made to use AD Kerberos directly?

Answer 5. Yes, Solaris Kerberos clients can get tickets directly from an AD server. No special plugins are needed.

Question 6. I am confused on how this all works, please point me in the right direction and provide information such as Blueprints, whitepapers and roadmap.

Answer 6. For Solaris check out and bigadmin . As for OpenSolaris activity please check out the Kerberos project space on, there should be details posted there.

Qusetion 7. SEAM information on roadmap was confusing and not really clear. After chasing links around, It appears all the work is done on projects.

Answer 7. Correct. OpenSolaris is organized into "communities" and "projects". Projects are (mostly) where the actual programming/implementation is done.

Question 8. It looks like most all Kerberos projects were integrated into NV50 , so I am guessing all these
features have been available in Solaris 10 since 11/06?

Answer 8. You can't assume that. The next update to Solaris 10 in 2008 will have almost all of the enhancements/bug fixes which are currently in Nevada but not in Solaris 10. Just because something is in NV\*\* does not mean it is part of Solaris 10, backports are handled on a case-by-case basis. You should email "kerberos-discuss" at and ask the kerberos team directly about particular projects.

Question 9. Can you please confirm that this means that the information on kerberos web page
( is dated, when it eludes that MIT 1.6: client-side referrals (AD compatible) is only in NV.

Answer 9. Client-side referrals are only one small feature enhancing the AD compatibility already available, client-side referrals are not necessary for AD compatability – Solaris 10 clients should work fine with AD. The opensolaris website info is pretty recent and up to date.

Question 10. After googling around I found the following "how to" pdf on Solaris 10 & MS Active Directory (, which is based on NV68. Theoretically do you think this will work with Solaris 10 since projects Sparks/Winchester/Reno/Duckwater are done?

Answer 10. What is described will work fine with Solaris 10, I don't think that the OpenSolaris Sparks/Winchester projects are needed to get that level of interoperability working. One thing to remember is
that the kerberos page on ( ) is aimed at opensolaris/nevada development, information on S10 is normally found

Question 11. I want to use AD as a naming server instead of having a separate data store for users and hosts in
Answer 11. This is possible in that it requires administrating the AD server to create and maintain a separate schema RFC2307bis and I believe W2k3 R2 already has this schema by default, so if this is used then it would involve administrative steps in Solaris as outlined in the document mentioned above. The long term solution that requires no additional administration with AD and less administration on the Solaris clients involves projects such as Winchester (already integrated into snv), the creation of a separate name service back-end for AD (yet to be integrated), and kclientv2 (planned to integrate into snv_80).

Question 12. How do I change my AD password in Solaris?

Answer 12. Please look at the following bigadmin article - Changing Your Active Directory Password From a Solaris System , Mike Myers, September, 2004;
Description: Leveraging Kerberos, you can change your Windows Active Directory password from a system running the Solaris OS, with just a little configuration.

Question 13. What about Solaris 10 CIFS?

Answer 13. There is information at the OpenSolaris ( Projects for both CIFS server and client for Solaris. There is also information for Active Directory domain CIFS member server at URL: It describes a procedure to setup the Samba server included with Solaris 10 update 8/07 to serve as the CIFS volume server authenticating users against the ADS Domain Controller.

Question 14. Is there a SunEd Class about SEAM?

Answer 14. There is also a SunEd class called "Enterprise Security Using Kerberos and LDAP (SC-360)" you
may want to consider taking. Here is a brief description:

The Enterprise Security Using Kerberos course provides students with the knowledge and skills necessary to
deploy Kerberos in the enterprise and to secure enterprise deployments of Lightweight Directory Access Protocol (LDAP).

Question 15. Are there any books on Sun LDAP and Naming services?

There are two Sun Blueprint books:

Solaris and LDAP Naming Services : Deploying LDAP in the Enterprise

LDAP in the Solaris Operating Environment : Deploying Secure Directory Services

Thursday Feb 21, 2008

Project Black Box: The Sun Modular Data Center

I spent all day at a Sun Partner Event for Project Black Box,
Project Black Box is the Sun Modular Data Center S20 (Sun MD)

It is genius on how such a simple idea of placing a data center into a
standard ISO9000 shipping container is now a reality.  Yes these
containers can be moved by ships, trucks, or rail  anywhere in the
world.  The Sun MD has been placed on top of building, in parking
lots and remote places such as Siberia.

The Sun MD is basically a mobile data center that can be placed
anywhere, any time, any place.

The Sun MD is primarily consists of 8 standard 19 inch racks (7
computing racks and 1 networking rack).  These racks can be mixed
and match and can provide as much as 3 petabytes of storage or you and
provide less storage an provide more compute power for doing teraflops
of computing power. 

Each rack is cooled from front to back and
the container allows you to cut cooling costs as much as 40% as
compared to a regular data center.   This type of data center
is green and eco friendly, meaning that by deploying the Sun MD this
allows one to save money and is ecologically friendly because it uses
less power.

Here are some feature highlights:

  • 10X faster to deploy vs. traditional datacenter

  • Reduced capital expenses with incremental expansion

  • Global deployment capability & flexibility to redeploy as needed

  • 4X higher density per rack vs. typical datacenter

  • 40% lower cooling costs in 1/8th the space

  • This was my first time to see Sun MD and the first time for me to
    walk through one.  I would highly recommend if you have the
    opportunity to see one to go take a look at it next time there is a tour in your

    Saturday Feb 02, 2008

    Draft/Beta-Cookbook: Creating Solaris 10 Operating Environment Multiboot Laptop Part I

    The following is dated material but gives basic list of steps and my responses I used when I installed Nevada 45 (NV45) on my laptop.

    First thing I did of course was to burn myself a DVD of NV45.

    Then I put the NV45 DVD in my laptop and booted the DVD and from the grub menu I selected the "Solaris" and hit "ENTER".

    Next I selected "1" for the Solaris Interactive (default install)

    Then I pressed "ENTER" to accept the proposed configuration.

    For select a language I chose "1. English"

    Select "Non-networked"

    Give laptop a hostname

    Select "Use the NFSv4 domain derived by system"

    Select Time Zone "Geographic Continent/Country/Region"

    Select "Americas"

    Select "United States"

    Select "Central Time"

    Enter Time and Date

    Enter a root password

    Confirm Information

    Then for the "Installer Option" accept defaults and click on "Next"

    Specify Media and select "CD/DVD"

    Accept License

    Select "Initial Install"

    Select "Custom Install"

    Select "North America"

    For System Locale select "en_US.ISO8859-15"

    For Select Product take the default and just click on "Next"

    For Addition Products take the default and select "None"

    For Select Solaris Software Group take default and select "Entire Group"

    For Disk Selection take the default c0d0(bootdisk) and click on "Next"

    For Select Disk for FDISK Partition Customization select c0d0 and click on "Next"

    I laid out my disk as follows and I have an 80GB disk

    Partition 1 is my W2K and is 12 GB the rest of the disk I assigned to Partition 2 which is Solaris

    When asked to preseve data I selected "No"

    For Lay Out File Systems I selected "Modify"

    For c0d0 I performed the following for my Solaris Partition:

    / 10001 MB (This is my root file system for this instance of Solaris OE)

    SWAP 2048 MB (SWAP)

    /nv 10001 MB (This is a slice I will use for another NV instance)

    /tx 10001 MB (This is a slice I will use for a Trusted Extentions instance)

    /zfs 8001 MB (This will be a ZFS filesystem)

    /zfs2 8001 (This will be a ZFS filesystem

    /export 8221 MB (This will be my export data slice that I will eventually use mount between to which ever SolarisOE instance I am booting)

    When prompted at the Ready to Install Menu, review to ensure disk is laid out as you expect it to be, if it is then click on "Install Now"

    After system has installed all packages the system will automatically reboot. Since the DVD is still in the DVD ROM drive the laptop will try and boot off the DVD again, so ensure remove the DVD and reboot laptop manually.

    When system comes up login as root and you will see that all the slices you created (ie. /nv,/tx,/zfs, etc...) will all be mounted.

    How to multiboot a MacBook Pro with MacOS, Window XP and Solaris?

    I am new convert to Mac and before embarking on this adventure I knew nothing about MAC OS X.
    It was a bit of a challenge for me initially and frustrating as there are no cook books or
    how to guides with all the steps on how to multi-boot a Mac Book Pro. So the first thing I
    did was send out emails to different aliases and started to google things and read blogs to
    better understand what was going on or at least try to pick up enough information to make this
    thing work.

    I basically learned through trial and error which only got me so far and I am grateful to Allan Perry
    and Paul Mitchell for their blogs to help me get over the hump. Armed with
    "Alan Perry's Blog"
    "Paul Mitchell's Blog"

    I was able to get over my EFI boot partition problem. Everytime after installing MAC OS X,
    Windows XP and then I installed OpenSolaris something happen and would cause my EFI boot partition to
    get blown away and wiped it clean. Following the steps in Pauls blog allows you to fool Solaris so that
    it does not blow away and wipe clean the boot EFI partition.

    Word to the wise, please read Pauls blog carefully as it is easy to get ahead of
    yourself or skip steps that will come back to bite you, I got bit a couple of times myself and everytime
    it caused me to start over from scratch which was not fun.

    System Details
    Mac Book Pro 2.33 Intel Core 2 Duo with 2G RAM; Boot ROM Version MBP22.00A5.B01; SMC Version 1.12f5
    MacOS 10.4.9 has been installed on a single partition and the latest OS and Firmware have been installed using
    the Mac OS X "Software Upate" program version 2.0.8.

    I have a second MacOS instance + updates on a Maxtor OneTouch III 500GB external hard drive
    that supports Firewire 800 to make changes to my Internal HD and to copy back and restore data.
    I am also installing OpenSolaris Nevada Build 60 DVD and Windows XP Professional.

    Thursday Jun 28, 2007

    Resize Solaris Partition

    I have a laptop running OpenSolaris Nevada Build 65 and today I decided I wanted to play with ZFS on my laptop. But first, I decided that I needed to repartition my current Solaris partition table so that I could use my slices as if they were like separate disks so I could do mirroring, add and delete storage devices to my zpool etc... The following steps are what I did to repartition my Solaris partition table on my laptop.

    My current partitions:
    s0 /
    s1 /swap
    s3 /NV
    s7 /export/home

    slice 0 is for the root filesystem, slice1 is swap, slice3 is my alternate boot environment so I can use Live Upgrade and slice7 is my data.

    This is not a problem, I’ll just steal cylinders from Slice7, because this is a lot simpler than reinstalling. First let’s back up my data on Slice7 and then drop into single user mode by rebooting ("# reboot") and in the grub menu booted the system in "Solaris Failsafe".

    Then you get the question similar to this,

    Solaris Nevada snv_65 was found on /dev/dsk/c0d0s0.
    Do you wish to have it mounted-read-write on /a? [y,n]"

    Answer no, so you can resize Slice7 (I actually divided the number of slice7 cylinders by 4 so I could create four equal slices.

    # Do you wish to have it mounted-read-write on /a? [y,n] n

    Starting Shell.


    # format

    Searching for disks…done



    0. c0d0 <DEFAULT cyl 14565 alt 2 hd 255 sec 63>


    Specify disk (enter its number): 0

    selecting c0d0

    [disk formatted, defect list found]

    format> par

    partition> 7

    Part Tag Flag Cylinders Size Blocks

    7 unassigned wu 3076 - 14564 88.00GB


    Enter partition id tag[unassigned]:

    Enter partition permission flags[wm]:

    Enter new starting cyl[3076]:

    Enter partition size[2026160b, 430c, 429e, 989.34mb, 0.97gb]: 2872c

    partition> 7

    Part Tag Flag Cylinders Size Blocks

    7 unassigned wm 3076 - 5947 22.00GB (2872/0/0) 46138680

    I basically repeated the same thing for slices 6, 5 & 4; I made all four slices 22GB and then did label command with in partition menu to write map out to disk.

    I then rebooted and now I had 4 new slice I could play with using ZFS.

    My NEW partitions:
    s0 /
    s1 /swap
    s3 /NV
    s4 zfs
    s5 zfs2
    s6 zfs3
    s7 zfs4

    Saturday Mar 31, 2007

    OpenSolaris on Mac Book Pro (No cigar yet...)

    This is just a reflection at my first attempts at trying to make a dual boot Mac Book Pro with OpenSolaris Nevada Build 60. I got close but no cigar. The biggest problem I ran into I think was the warning sentence which is the last sentence for OpenSolaris bug id 6413235 which states:

    "Please be advised that using this workaround, if there are any GPT headers on the disk, they will be cleared."

    So I am guessing this is what is hosing my EFI boot partition, I will create a new entry when I do get it this working but just wanted to share what I have tried doing so far.

    1) Install MacOSX on MBP
    2) Run MacOSX update
    3) Download and Install Bootcamp

    4) Configured Bootcamp
    a) partitioned disk (50/50 MacOSX & MS Windows)
    b) skip creating drivers CD
    c) chose not to install windows and chose to reboot system

    5) After reboot, I tested to make sure that MacOSX runs normal

    6) Then I reboot and boot NV60 DVD
    a) I chose console install so I can get to command line option
    b) From command line I run Solaris format command to do an interactive fdisk
    c) While in interactive fdisk I Delete FAT32 Partition and Create Solaris Partition

    7) Then I reboot again to make sure I can still run MacOSX. It runs normal and still identifies disk0s2 as MS Data Partition (everything looks good)

    8) I now boot NV60 DVD again
    a) Go to console option
    b) Perform work around for OpenSolaris BugID 6413235
    c) Exit console which restarts my NV60 console mode installation
    d) Proceed with normal NV60 install with no problems

    9) System reboots and EFI/MBR information must get wiped as system does not know what to boot
    Again when everthing has been installed (MacOSX, updates, bootcamp,NV60) and after NV60 does its reboot all booting information in EFI/MBR partition is lost as I get a big "?" that shows up on the screen instead of my expect choice to boot Mac OS X or Windows.

    I can boot NV60 DVD and enter console and see that partitioning information looks good in Solaris. I run Solaris format command to get interactive fdisk and it tells me something like:

    Partition1 is unknown 200mb (bootcamp/EFI/MBR)
    Partition2 is unknown 54G (Mac OS X)
    Partition3 is Solaris 55G

    I then run partition command with print option and it is says something like:
    S1 is /
    S2 is SWAP
    S3 is /nv
    S4 is /tx
    S5 is /zfs
    S6 is /zfs2
    S7 is /export

    When I boot MacOSX DVD I can see partitions but the are all marked as untitled and unknown. So partitions are there but I cannot boot into NV60 or MacOSX, so my only option is to reinstall Mac OS X from scratch and start over.

    I know I can run Parallels or VMware Fusion and I have run both and my experience with both were not optimal as both functioned somewhat but performance and stability were issues for me.

    Friday Mar 30, 2007

    Mac Book Pro & Multiboot?

    Well I thought this was going to be simple but it has been more challenging than I could have imagined. There are rumors and blogs of people who have been playing with Intel Macs and Solaris and so this is what I started googling for in my effort to find a solution. Up until now, everything I have heard has been black magic as I have yet been able to figure out how to make a Mac Book Pro multiboot with Solaris or OpenSolaris. What I found out was that Solaris 10 does not work with multiboot and mosts information suggests that multiboot will work with OpenSolaris Nevada.

    My adventuring and search for a multiboot Mac Book Pro and Solaris solution eludes me sort of; as after building and rebuilding my Mac Book Pro through trail and error I finally got things sort of working but I do not completely understand understand how I got it working and in the process I broke Boot Camp. So back to the drawing board as I am starting from scratch again.

    I was able to get things going using Allan Perry's Blog ( and Paul Mitchell's Blog ( But I could not repeat Paul Mitchell's steps exactly because I kept running into partitioning errors when I did my Solaris install. I got around my problems by rebooting my system in Solaris Nevada and deleting my Solaris partition and recreating it again in the Solaris using the interactive fdisk and not performing the suggested fdisk work around. My "Mac Frankenstein" was now alive! A multiboot system with Mac OS X, OpenSolaris Nevada Build 60, and a corupted Windows XP install that I think could have fixed but did not want to waste my time as I have started from scratch again.

    When and if I ever get everything working again I will repost with all my steps once I better understand what I did.

    Thursday Mar 29, 2007

    Mac Book Pro & OpenSolaris (Solaris 10) Virtualization?

    I am trying to install Solaris 10 or OpenSolaris on my Mac Book Pro. I have talked to several colleagues and googled information regarding this and there is a lot of misinformation or incomplete information. Basically I found that there are two solutions, one is to create a multi-boot Mac Book Pro and the other is to use some kind of a virtualization solution.

    The simpler of the two is the virtualization option. There are two main virtualizations solutions most people are using. VMware has a beta product you can download for free called VMware Fusion for Mac OS X ( and then there is Parallels for Mac ( which costs about $79. Actually I downloaded Parallels first and started playing with the 30 day demo. I was not impress with Parallels as I found my system to be slow and the software to be intermitten. Meaning that my old laptop ran Solaris better, faster and was more reliable.

    Since I was not happy with this technology, I decided to download and run VMware Fusion. Fusion is in beta and runs in debuging mode. Even though debugging mode is turned on, it runs a little slower than Parallels but not much. In I had a little better experience using Fusion and like the fact that I could cut and paste between the virtual machine and my host machine.

    "All in All" my experience with virtual machines is they run slow and are tempramental. For example every once in a while, the virtual machine goes "out to lunch" or something as the Mac spinning rainbow wheel of death starts up and never stops, I eventually end up having to reboot my virtual machine.

    At this point, I am now convinced and think virtualization is a good idea, but the technology is still premature and is not there yet. So for now, I have decided to go back to the basics and will now try to do a dual boot or multiboot solution so I can run Solaris on bare metal which should have better performance.

    Excitement of finally getting a Mac!

    I just bought myself a Mac Book Pro. It looks really sharp and this is my first Mac. Lots of my friends and co-workers have had them for years I was just hesitant to cross over, but my constant problems with an aging laptop and forever rebuilding, reinstalling and rebooting windows and associated problems has made this choice pretty simple choice. As I have been wasting more time reinstalling window and trouble shooting windows problems than actually being able to be productive.

    The Mac Book Pro is not cheap and having to pay for it out of pocket was not fun, but compared to other laptops with the same type of quality components it ends up actually being cheaper to purchase a Mac.

    Now the exciting challenge is trying to make it work with Solaris 10 or OpenSolaris.

    Thursday Mar 08, 2007

    Idea's on when to zone and not to zone?

    Just some thoughts on when you might want to use zone and some ideas of how to introduce zones into your environment and culture!

    Solaris 10 containers is a new type of virtualization technology that can provide Solaris 10 customers with another choice for doing data center consolidation of your Solaris Operating Environment servers and services. Solaris 10 Containers can help you scale your services and improve system utilization by securely running multiple, software-isolated applications on a single system. Solaris Containers is composed of Solaris 10 Zones plus resource management. You can dynamically control application and resource priorities while improving resource utilization and reduce downtime, which in turn leads to lower solution costs.

  • Build customized, isolated zones each with their own IP address, file system, a single service or application, users associated with that service, and assigned resources to safely and easily consolidate systems.

  • Guarantee sufficient CPU and memory resource allocation to applications while retaining the ability to use idle resources as needed
  • Reserve and allocate a specific CPU or group of CPUs for the exclusive use of the zone, for example to limit licensing costs
  • Automatically recover from potentially catastrophic system problems by leveraging the combined functionality of Predictive Self Healing and Solaris Zones

  • When to deploy applications in Zones?

    As with any new technology there are trade-offs that should be considered before committing to any course of action. In the case of Solaris Zones it is pretty simple and straight forward:

    1. Are you upgrading on existing hardware or installing on new hardware?

    If you are installing on new hardware, install the latest Solaris 10 Operating Environment as a normal and then create Non- Global Zones (NGZ) as required for each user land application and service. If you are going to upgrade to Solaris 10 from a previous release and not change the hardware then the most efficient method to upgrade is to use Live Upgrade (LU). Once the new environment is installed you will be running Solaris 10 Zones by default because your upgraded environment will be running the Solaris 10 Global Zone (GZ) with the default Solaris Resource Manager (SRM) resources. This also means that by default your applications will be running in the GZ.

    Notes: A Solaris 10 Zones best practice is to run all user land services/applications (ie: Web, Database, etc.) each in their own NGZ and use the GZ primarily as a management zone only. So the next step after using LU is to create NGZ's and to migrate user land applications out of the GZ. Multiple services can be combined within a zone, if for example, their workload characteristics would benefit more from being within the same environment vs the benefits of isolation/security etcetera or if they must be within the same environment to function - ie: if they will not work on seperate servers, then they should be installed within the same zone, rather than separate zones.

    2. What about moving my application from the Global Zone to running correctly in a Non Global Zone?

    NGZ has a reduced set of privileges that may cause some applications to fail. Most user land applications will run in a NGZ. There are a few exceptions, and these are usually applications that try to talk directly to hardware, network devices or the kernel. All which if allowed would break the least privilege security model for zones. For example, a DHCP server, requires raw IP access to communicate with systems that don't have IP addresses. Since this privilege doesn't exist in a NGZ (at least until we get configurable privileges and per-Zone IP stacks planned in a future release of Solaris 10) then this type of application will not work in a NGZ. This can also be true for performance data collector agents.

    3. What about the process of creating a zone and the time needed to create a zone?

    The process of creating a zone is simple and straight forward. There are three kinds of zones, Sparse Root, Full Root, and customized zones that fall in between, basically the difference is the different degrees of sharing the file system from the GZ. A Sparse Root zone (the most desirable) is light weight and installs quickly because it basically runs a process that shares 4 existing GZ directories that are read only mounted from the GZ and copies very few files that add up to around 70Mb, which is roughly how much extra disk space is required to create a sparse zone (Oracle, for example, will install and runs well in a Sparse Root zone). The 4 directories inherited by Sparse Root zone that are shared from the GZ as read only are /usr, /lib, /sbin and /platform. A Full Root zone on the other hand is a copy of just about all the files in the GZ, which is usually greater than 3 GB). The best practice for creating zones is to create a sparse root zone when possible as it shares most of the operating system from the global zone through the use of the loopback filesystem (lofs) as read only mounts. Creating the sparse root zone usually takes less than 10 minutes to initialize the packages it needs for the new zone. A "verify" is run first to check that zone is configured correctly and it is ok, then run the install, and then boot the zone. Once we can see the sparse root zone is up and running, we can now login for the first time to the console of that zone and we can answer system identification questions to complete install. The system then reboots in a matter of seconds. All of this can be scripted. The main directories that are not lofs shared from the global zone are /etc and /var. Basically there are only 3 simple command to learn to create and manage zones: zonecfg, zoneadm and zlogin. Use zonecfg to create zone configuration files which include allocating system resources for zones; use zoneadm to install, uninstall, boot, halt and status zones; use zlogin to login to zone and manage via console.

    4. What about migrating my application?

    Majority of applications are simple and straight forward and do not require recompiling of any applications. The majority of applications do not try to directly manipulate hardware, network devices or the kernel and install normally without any problems. Installing applications in a NGZ is simple and works just as it did when you performed the install in the GZ. Once your applications are all migrated to their appropriate zones you will be able to manage these zones through a delegated admin for the individual zones or from the GZ or both, plus you gain all the benefits and features offered by using zones.

    A Couple Zone Best Practices

  • Use Solaris 10 GZ as a management Zone only and install all user land applications each in their own Sparse Root NGZs

  • Try to Mix and Match NGZ's each runing different types of services that have different workload characteristics to get better efficiency & utilization on the same physical machine. (ie: different I/O patterns, different peak processing times, etc.)

  • Provide dedicated servers for dedicated services in NGZs

  • Things to think about when deploying zones

  • Sizing & Resource Optimization

  • Server Consolidation

  • Application Isolation

  • Rapid Application Deployment

  • Application Availability

  • Sizing & Resource Optimization

    Solaris Zones can further enable customized security, performance or utilization requirements, through zone sizing. IT managers and system administrators also have the ability to run a zone bound to a specific set of CPUs. This ensures that applications assigned to these CPUs will have sole access to these resources and may benefit from lower licensing costs dependant on the application's licensing. (For example, Oracle licensing costs are lower using "Capped Zones" that only have access to run on a subset of the processors/cores physically installed on a given server).

    Delegated authority model - Solaris 10 gives the main system administrator sole control to assign portions of a system's resources to specific isolated zones. While local administrators do not have global control, they do have control over the applications and environments within their assigned zone.

    Fine Tune Performance - By allowing systems administrators to assign a zone to CPUs grouped on a single system board for example, Solaris 10 enables control over performance within the zone due to the locality between CPUs and their memory resources.

    Server Consolidation

    A primary objective of the Solaris 10 Operating System design is to deliver tools that help you do more with less by consolidating your applications onto fewer systems. Solaris Zones allow administrators to create multiple virtual environments on a single system so applications can safely run without endangering each other. As a result, companies can better consolidate applications onto fewer servers without concern for resource constraints, fault propagation, or security, making consolidation simple, safe, and secure. Administrators also gain tight control over allocation of system and network resources, significantly improving resource utilization.

    Application Isolation and Managing Resources

    With Solaris Zones, application(s) runing within that zone are running in their own private, isolated environment - separate from the underlying hardware - virtually eliminating error propagation, unauthorized access, and unintentional intrusions among Solaris Zones. Providing a fine granularity of control, Solaris Resource Manager enable administrators to ensure that all workloads have access to an appropriate amount of computing resources and that no workload is able to starve out other workloads unless authorized to do so. This resource management, called Solaris Resource Manager, uses the concept of Containers (introduced in Solaris 9) to group application(s) and resources. Solaris Resource Manager can be applied at the container level and/or at the Zone level (note that some Sun documentation, web sites, and personnel use the term Containers and Zones interchangeably, but they are different). Because resources are isolated and dedicated to a Solaris Zone and its applications rather than a complete system, highly efficient application consolidation is now possible. For example, Web servers typically listen to network port 80, and in order to do that they require root privileges, which entails a high security risk. To reduce these risks and run multiple Web servers per system, each Web server can run in a Solaris Zone and listen to its own unique port 80, operating in an isolated and secure manner.

    Rapid Application Deployment

    Developing new applications and services—and getting them operational as quickly as possible—can be a critical success factor for any business. Solaris Zones can speed application deployment by enabling applications to be developed, tested, and deployed on a single server without fear that they will impact one another. Private zone identities also make it possible to have multiple development versions of the same application on the same system. As a result, Solaris Zones can help lower costs by eliminating the need to purchase a new system for new releases or revisions. Multiple deployment scenarios can be tested with ease, and administrators can roll back to previous settings and configurations if needed.

    Application Availability

    As an increasing number of applications are consolidated onto a single server, the potential exists for underlying hardware or complex software problems to negatively affect a much wider range of users and services than in the past. In the case of an underlying hardware problem, the Predictive Self Healing functionality in Solaris 10 has been specifically designed to work with Solaris Zones to automatically detect and mitigate hardware problems before they occur. In the event of a complex software issue causing system and application availability issues, DTrace technology is Zone aware so it can view activities either in a Solaris Zone or across an entire system, giving system administrators the ability to determine the root cause of system issues as they happen (or proactively tuning an application) in real time on production systems.

    MARCH 5 Solaris 10 Boot Camp in San Diego, CA:

    This Solaris 10 Bootcamp is to give an introduction to some of the
    cool new features in Solaris 10 and to give a brief overview of this
    new exciting an innovative technology!


    Wences is interested in data center technologies including Web 2.0, Cloud Computing, Eco Computing, Solaris 10, OpenSolaris, Information Security and Server Virtualization.


    « August 2016