Thursday Sep 17, 2015

Virtualization Monitoring in Solaris Zones

Much has been written about the built-in virtualization capabilities of Oracle Solaris Zones, which allow users to isolate software applications and services using flexible, software-defined boundaries in Solaris.  Unlike hypervisor-based virtualization, Oracle Solaris Zones technology provides a very low-overhead, low-latency environment, which gives the appearance of multiple OS instances rather than multiple physical machines. This makes it possible to create hundreds (or even thousands) of zones on a single system, without the performance penalty which is inherent in hypervisor-based virtualization technologies.

As these Solaris Zones proliferate, it often can be necessary to restrict and monitor resource utilization of the virtual machines.  A NEW white paper has now been published (Virtualization Monitoring in Solaris Zones) doing exactly that!

This technical white paper describes the opportunities for restricting resource usage of Oracle Solaris Zones, and for monitoring the different zone types from within the global zone. 

The technical content of this white paper is divided into 5 separate Solaris zones environments:

1) Resource Controlling of Oracle Solaris Zones
2) Monitoring Default Zones in Oracle Solaris 11
3) Monitoring Oracle Solaris 10 Zones
4) Monitoring Oracle Solaris Kernel Zones (technical article)
5) Using OpenStack for Monitoring Oracle Solaris Zones

Monday Sep 01, 2014

Mobile Tornado Accelerates Product Deployment with Solaris Zones

Mobile Tornado is a long-standing partner and hardware OEM of Oracle which provides Instant Communication services for mobile devices, with a focus on enterprise workforce management.

“We have seen significant performance improvements running Solaris 11 with SPARC on Oracle software with Mobile Tornado's IPRS™ (Internet Protocol Radio Service) platform.”

Shlomo Birman, VP Delivery and Services, Mobile Tornado

In our ever-changing business environment where products are outdated quickly and on-premise integration cost is sky-rocketing, Time-to-Market (TTM) is becoming the key factor for a successful technology adoption by end-customers. Mobile Tornado asked Oracle ISV Engineering to help them with the design and implementation of a new rapid provisioning environment in-house in order to improve their TTM by reducing the time it takes to deploy their solution at the customer's premises.

[Read More]

Monday May 26, 2014

Security Access Control With Solaris Virtualization

Numerous Solaris customers consolidate multiple applications or servers on a single platform. The resulting configuration consists of many environments hosted on a single infrastructure and security constraints sometimes exist between these environments. Recently, a customer consolidated many virtual machines belonging to both their Intranet and Extranet on a pair of SPARC Solaris servers interconnected through Infiniband. Virtual Machines were mapped to Solaris Zones and one security constraint was to prevent SSH connections between the Intranet and the Extranet. This case study gives us the opportunity to understand how the Oracle Solaris Network Virtualization Technology —a.k.a. Project Crossbow— can be used to control outbound traffic from Solaris Zones.

[Read More]

Friday Apr 04, 2014

Oracle DB 12c runs best on Sparc

Oracle's vision of Engineered Systems is transforming into reality with every new product that Oracle is launching. Oracle Database 12c, which was launched in 2013, is an example on how Oracle software is optimized for Oracle Solaris SPARC. Oracle Database 12c is co-engineered with Solaris engineering team and Oracle’s world record SPARC T5 servers have best performance and maximum ROI.

Independent Software Vendors (ISV) who are developing applications using both Oracle DB 12c and Solaris are taking advantage of one core technology, one operating system, one virtualization tool for all the range of SPARC servers. An ISV application can boost its performance, flexibility and security just by using SPARC high numbers of cores and big memory, combined Oracle 12c/Solaris/SPARC multi-tenancy,  zones and LDoms light-weight virtualization technologies, SPARC and Solaris build-in encryption, etc.

Let’s take a look at how all this is translated into technical features. What makes Solaris and SPARC servers the best infrastructure for Oracle 12c enterprise databases?

[Read More]

Tuesday Jun 18, 2013

Moving Oracle Solaris 11 Zones between physical servers

As part of my job in the ISV Engineering team, I am often asked by partners the following question : is it possible to easily move a Solaris 11 Zone from a physical server to another?

The short answer is : YES ! The longer one comes with the following restrictions :

  • Both physical servers should be of the same architecture, x64 or SPARC (T-series and M-series systems are compatible).

  • Both physical servers should run Oracle Solaris 11.

  • The destination server should run at least the same or higher release of Solaris 11. This includes the SRU (Support Repository Update) level.

Given a physical server called “Source” hosting a Solaris 11 Zone called “myZone” on a ZFS filesystem, here are the steps to move the zone on another physical server called “Target” :
  1. Export the Zones configuration
    The zone needs to be configured on the destination server before it can be installed. The first step is to export the configuration of the Zone to a file:

    [Source]# zonecfg -z myZone export -f myZone.cfg

  2. Archive the Zone
    My favourite solution is to use the ZFS “send” functionality to archive the ZFS file system hosting the Zone in a single movable file, although this can also be achieved in other ways (cpio, pax)

    • Halt the Zone
      [Source]# zoneadm -z myZone halt

    • Take a recursive ZFS Snapshot of the rpool of the zone
      [Source]# zfs snapshot -r rpool/zones/myZone@archive

    • Archive the Zone using ZFS send (ZFS and cpio archives can be zipped using gzip or bzip2)
      [Source]# zfs send -rc rpool/zones/myZone@archive | bzip2 > /var/tmp/myZone.zfs.bz2
  1. Move the configuration and archive files to the destination server
    FTP, scp, NFS, removable hard drive, …

  2. Configure the zone on the destination server

    Depending on the configuration of the Targer server, you might need to tweak the zone configuration file before using it.

    [Target]# zonecfg -z myZone -f myZone.cfg

  3. Install the Zone

    If the zone is being installed in the same network, the zone configuration (IP address, DNS server, Gateway, etc) can be preserved using the "-p" option:

    [Target]# zoneadm -z myZone install -a myZone.zfs.bz2 -p

    If the Zone is being installed in a new network environment, using the "-u" option instead of "-p" will unconfigure the system. The Zone would need to be manually configured on the first boot. The configuration can be automatized during installation if a system configuration profile XML file is provided:

    # zoneadm -z myZone install -a myZone.zfs -u -c sc_profile.xml

    Quick Tip
    : To create a system configuration file, you can use the sysconfig program with option "create-profile":

    # sysconfig create-profile -o sc_profile.xml

    The configuration text wizard will walk you through the system configuration steps (same process as the first boot configuration wizard) but will not re-configure your system. It will simply create an output XML file with the defined system configuration. This files can then be manually tweaked if needed and act as a template for future use.

  4. Boot the Zone
    # zoneadm -z myZone boot

  5. You should now be able to log in the Zone which is the exact copy of the original Zone on the source server.

Obviously there are many more options and possibilities that go beyond the scope of this post. My intend was just to give a glimpse of what can be done, so don't hesitate to consult the documentation for more options.

Also, these simple steps cans be scripted to be made even more flexible and usable. Below are two scripts I have written for my own needs. There are only provided as an example and must not be considered as production ready scripts.





# This script creates a movable archive of an Solaris 11 Zone

# It take a single input parameter: The Zone name


BASE_DIR="$(pwd -P)"





SNAPSHOT=${ZONES_ROOT}/${ZONE_NAME}@`date '+%d_%m_%Y-%H:%M:%S'`

if [ if [ ! -d ${ARCHIVE_FOLDER} ] ; then
   mkdir -p ${ARCHIVE_FOLDER}

zoneadm -z ${ZONE_NAME} halt

zonecfg -z ${ZONE_NAME} export -f ${ARCHIVE_FOLDER}/${CONFIG_FILE}

# Take a ZFS Snapshot of the rpool of the zone
zfs snapshot -r ${SNAPSHOT}

# Archive the Zone using ZFS send
zfs send -rc ${SNAPSHOT} | bzip2 > ${ARCHIVE_FOLDER}/${ARCHIVE_FILE}

# Delete the snapshot used to create the archive
zfs destroy -r ${SNAPSHOT}





# This script deploys an archived Solaris 11 Zone

# It take a single input parameter: The Zone name



BASE_DIR="$(pwd -P)"




# Configure the Zone

# Install the Zone and configure the system
zoneadm -z ${ZONE_NAME} install -a ${ARCHIVE_FOLDER}/${ARCHIVE_FILE} -u

# Boot the Zone
zoneadm -z ${ZONE_NAME} boot


How open innovation and technology adoption translates to business value, with stories from our developer support work at Oracle's ISV Engineering.



« October 2015