Thursday Feb 04, 2016

Troubleshooting in an Oracle (Solaris) OpenStack Environment

Dave Miner has been leading a team who are responsible for managing the OpenStack based internal cloud for the Oracle Solaris engineering organization. With a large organization like this, having self-service access to physical system and virtual machines is critical for developer and test teams to work on the next generation features that will be included in Oracle Solaris. But this also gives us direct operational experience for OpenStack (and that's often not a happy place for many trying to manage OpenStack clouds). Through that experience, we hope to make life substantially better for our customers trying to deploy their own private clouds, by publishing best practices and developing features that we can integrate into the platform that OpenStack can take advantage of.

Dave's written a nice blog entry Troubleshooting I/O Load in a Solaris OpenStack Cloud where he's used the underlying OS features of Oracle Solaris to figure out why a number of guests were running slow. Thanks to DTrace (again!) and a number of performance monitoring utilities that take advantage of it, he was quickly able to figure out what was causing it. Worth a read, and an excellent reason why you should consider hosting some of your OpenStack environment on Oracle Solaris.

Monday Nov 30, 2015

Oracle at Gartner DC, Infrastructure and Operations Mgt Conference, Dec 7-10


Oracle is a Premier sponsor of the Gartner Data Center, Infrastructure & Operations Management Conferencethis December 7 – 10, 2015, in Las Vegas, NV. Attendees will have the opportunity to meet with Oracle experts in a variety of sessions, including demonstrations during the showcase receptions where they can discuss topics on Oracle’s Engineered Systems and many more of Oracle’s product offerings.

Oracle’s Solution Provider Session: New Thinking in Critical IT Infrastructure

Tuesday, December 8, 2015 
11:15 a.m. – 12:00 p.m. 

Speaker: Chuck Hollis 

IT services are moving to the cloud, that's a fact, but you will always have critical services that run in your data center. You need a new type of infrastructure that allows you to move seamlessly between traditional IT, private & public cloud. This session will feature executive thought leaders from Oracle and leading customers to share their experience in transforming IT infrastructure.

Oracle will be at the Conference Exhibition Hall C, Booth #411 on:

Exhibiting Date & Hours:

Monday, December 7th 

6 - 8 PM: Show floor hours

Tuesday, December 8th

12– 2 PM: Show floor hours

6 – 8 PM: Show floor hours

Wednesday, December 9th

12- 2 PM: Show floor hours

Come and talk to our experts about Oracle's OpenStack products.

    Register today. 

    Monday Aug 10, 2015

    Swift Object Storage with ZFS Storage Appliance

    Jim Kremer has written a new blog that shows you how to configure Swift to take advantage of an Oracle ZFS Storage Appliance. Jim walks step by step how to configure OpenStack Swift into a highly available cluster using an Oracle ZFS Storage Appliance as the backend storage over NFSv4.

    Jim summarizes the unique benefits that using a ZFS Storage Appliance brings to OpenStack environments over a typical Swift deployment:

    • Swift data will be stored on a ZFS filesystem as a backing store instead of XFS.
    • Storage will be accessed via NFS v4. Solaris NFS supports extended attributes and locking so it works great with Swift.
    • Each Solaris Swift instance will run the account server, container server and object server as well as the proxy server instead of having separate proxy servers and storage servers.
    • All of the Solaris Swift instances can access and share the same backend storage systems.
    • All the Solaris Swift servers will use the exact same Swift ring configuration.
    • Disaster recovery is supported with the built in remote replication available on the ZFS Storage Appliance.
    • Only one copy of data needs to be stored since ZFS supports different levels of mirroring as well as raidz.
    • ZFS automatically caches hot data in SSDs or in DRAM to increase reading hot blocks of data. A good example of such a workload is booting many VMs in a cloud computing environment.

    For more information, see Solaris Swift using ZFS Storage Appliance

    Tuesday Jul 28, 2015

    Migrating Neutron Database from sqlite to MySQL for Oracle OpenStack for Oracle Solaris

    Many OpenStack development environments use sqlite as a backend to store data. However in a production environment MySQL is widely used. Oracle also recommends to use MySQL for its OpenStack services. For many of the OpenStack services (nova, cinder, neutron...) sqlite is the default backend. Oracle OpenStack for Oracle Solaris users may want to migrate their backend database from sqlite to MySQL.

    The general idea is to dump the sqlite database. Translate the dumped SQL statements so that they are compatible with MySQL. Stop neutron services. Create MySQL database. Replay the modified SQL statements in the MySQL database.

    The details listed here are for the Juno release (integrated in Oracle Solaris 11.2 SRU 10.5 or newer) and Neutron is taken as an example use case.

    Migrating neutron database from sqlite to MySQL

    If not already installed, install MySQL

    # pkg install --accept mysql-55 mysql-55/client python-mysql

    Start the MySQL service
    # svcadm enable -rs mysql

    NOTE: If MySQL was already installed and running, then before running the next step double check that neutron database on MySQL is either not yet created or it is empty. The next step will drop the existing MySQL Neutron database if it exists on MySQL and create it. If the MySQL Neutron database is not empty then stop at this point. The following steps are limited to the case where MySQL neutron database and newly created/recreated.

    Create Neutron database on MySQL

    mysql -u root -p<<EOF
    DROP DATABASE IF EXISTS neutron;
    CREATE DATABASE neutron;
    GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' \
    IDENTIFIED BY 'neutron';
    FLUSH PRIVILEGES;
    EOF

    Enter the root password when prompted

    Identify that the Neutron services are online: # svcs -a | grep neutron | grep online | awk '{print $3}' \ > /tmp/neutron-svc
    Disable the Neutron services: # for item in `cat /tmp/neutron-svc`; do svcadm disable $item; done
    Make a backup of Neutron sqlite database:
    # cp /var/lib/neutron/neutron.sqlite \
        /var/lib/neutron/neutron.sqlite.ORIG
    Get the db dump of Neutron from sqlite:
    # /usr/bin/sqlite3 /var/lib/neutron/neutron.sqlite .dump \
           > /tmp/neutron-sqlite.sql

    The following steps are run to create a neutron-mysql.sql file which will be compatible with MySQL database engine.

    Suppress foreign key checks during create table/index
    # echo 'SET foreign_key_checks = 0;' > /tmp/neutron-sqlite-schema.sql

    Dump sqlite schema to a file
    # /usr/bin/sqlite3 /var/lib/neutron/neutron.sqlite .dump  | \  grep -v 'INSERT INTO' >> /tmp/neutron-sqlite-schema.sql

     

    Remove BEGIN/COMMIT/PRAGMA lines from the file.
    (Oracle Solaris sed does not support -i option and hence redireciting to a new file 
     and then renaming it to original file)
    # sed '/BEGIN TRANSACTION;/d; /COMMIT;/d; /PRAGMA/d' \ /tmp/neutron-sqlite-schema.sql \ > /tmp/neutron-sqlite-schema.sql.new \ && mv /tmp/neutron-sqlite-schema.sql.new \ /tmp/neutron-sqlite-schema.sql


    Replace some SQL identifiers that are enclosed in double quotes, 
    to be enclosed in back quotes
    e.g. "limit to `limit`
    # for item in binary blob group key limit type; do sed "s/\"$item\"/\`$item\`/g" \ /tmp/neutron-sqlite-schema.sql > /tmp/neutron-sqlite-schema.sql.new \ && mv /tmp/neutron-sqlite-schema.sql.new \ /tmp/neutron-sqlite-schema.sql; done

    Enable foreign key checks at the end of the file
    
    # echo 'SET foreign_key_checks = 1;' >> /tmp/neutron-sqlite-schema.sql 
    Dump the data alone (INSERT statements) into another file
    
    # /usr/bin/sqlite3 /var/lib/neutron/neutron.sqlite .dump \
    | grep 'INSERT INTO' > /tmp/neutron-sqlite-data.sql
    In INSERT statements table names are in double quotes in sqlite,
     but in mysql there should not be double quotes
    
    # sed 's/INSERT INTO \"\(.*\)\"/INSERT INTO \1/g' \
    /tmp/neutron-sqlite-data.sql > /tmp/neutron-sqlite-data.sql.new \
     && mv /tmp/neutron-sqlite-data.sql.new /tmp/neutron-sqlite-data.sql


    Concat schema and data files to neutron-mysql.sql
    
    # cat /tmp/neutron-sqlite-schema.sql \
    /tmp/neutron-sqlite-data.sql > /tmp/neutron-mysql.sql 
    Populate Neutron database in MySQL: # mysql neutron < /tmp/neutron-mysql.sql

    Specify the connection under [database] section of /etc/neutron/neutron.conf file:

    The connection string format is as follows:
    connection = mysql://%SERVICE_USER%:%SERVICE_PASSWORD%@hostname/neutron 
    For example:
    connection = mysql://neutron:neutron@localhost/neutron
    
    Enable the Neutron services:
    # for item in `cat /tmp/neutron-svc`; do svcadm enable -rs $item; done 
    
    Cleanup:
    
    # rm -f /var/lib/neutron/neutron.sqlite.ORIG \ /tmp/neutron-sqlite-schema.sql \ /tmp/neutron-sqlite-data.sql \   /tmp/neutron-mysql.sql 

    Details about translating SQL statements to be compatible with MySQL

    NOTE: /tmp/neutron-sqlite-schema.sql will have the Neutron sqlite database schema as SQL statements and /tmp/neutron-sqlite-data.sql will have the data in Neutron sqlite database which can be replayed to recreate the database. The sql statements in neutron-sqlite-schema.sql and neutron-sqlite-data.sql are to be MySQL compatible so that it can be replayed on MySQL Neutron database. A set of sed commands as listed above are used to create MySQL compatible SQL statements. The following text provides detailed information about the differences between sqlite and MySQL that are to be dealt with.

    There are some differences in the way sqlite and MySQL expect the SQL statements to be which are as shown in the table below:

    sqliteMySQL
    Reserved words are in double quotes: 
    e.g "blob", "type", "key", 
    "group", "binary", "limit"
    Reserved words are in back quotes: 
    e.g `blob`, `type`, `key`, 
    `group`, `binary`, `limit`
    Table name in Insert Statement 
    are in quotes 
    INSERT INTO "alembic_version"
     VALUES('juno');
    Table name in Insert Statement 
    are without quotes 
    INSERT INTO alembic_version
     VALUES('juno');

    Apart from the above the following requirements are to be met before running neutron.sql on MySQL:

    The lines containing PRAGMA, 'BEGIN TRANSACTION', 'COMMIT' are to be removed from the file.

     

    The CREATE TABLE statements with FOREIGN KEY references are to be rearranged (or ordered) in such a way that the TABLE name that is REFERENCED has to be created earlier than the table that is REFERRING it. The Indices on tables which are referenced by FOREIGN KEY statements are created soon after those tables are created. The last two requirements are not necessary if FOREIGN KEY check is disabled. Hence foreign_key_checks is SET to 0 at the beginning of neutron-mysql.sql and enabled again by setting foreign_key_checks to 1 before the INSERT statements in neutron-mysql.sql file.

    New Oracle University course for Oracle OpenStack!

    A new Oracle University course is now available: OpenStack Administration Using Oracle Solaris (Ed 1). This is a great way to get yourself up to speed on OpenStack, especially if you're thinking about getting a proof of concept, development or test, or even production environments online!

    The course is based on OpenStack Juno in Oracle Solaris 11.2 SRU 10.5. Through a series of guided hands-on labs you will learn to:

    • Describe the OpenStack Framework.
    • Configure a Single-Node OpenStack Setup.
    • Configure a Multi-Node OpenStack Setup.
    • Administer OpenStack Resources Using the Horizon UI.
    • Manage Virtual Machine Instances.
    • Troubleshoot OpenStack.
    •  

    The course is 3 days long and we recommend that you have taken a previous Oracle Solaris 11 administration course. This is an excellent introduction to OpenStack that you'll not want to miss!

    Sunday Jul 12, 2015

    Upgrading the Solaris engineering OpenStack Cloud

    Internally we've set up an OpenStack cloud environment for the developers of Solaris as a self-service Infrastructure as a Service solution. We've been running a similar service for years called LRT, or Lab Reservation Tool, that allows developers to book time on systems in our lab. Dave Miner has blogged previously about this work to set up the OpenStack cloud, initially based on Havana:

    While the OpenStack team were off building the tools to make an upgrade painless, Dave was patiently waiting (and filing bugs) before he could upgrade the cloud to Juno. With the tooling in place, he had the green light. Check out Dave's experiences with his latest post: Upgrading Solaris Engineering's OpenStack Cloud.

    As a reminder, OpenStack Juno is now in Oracle Solaris 11.2 SRU 10.5 onwards and also in the Oracle Solaris 11.3 Beta release we pushed out last week with some great new OpenStack features that we've added to our drivers.

    Tuesday Jul 07, 2015

    OpenStack Juno in Solaris 11.3 Beta

    It's been less than year since we announced availability of the Havana version of the OpenStack cloud infrastructure software as part of Solaris 11.2 and we've since continued to see what can only be described as a startling amount of momentum build in the OpenStack community. It's an incredibly exciting space for us, and for Oracle as a whole, as we watch the benefits of cloud based infrastructure and service management transform the way in which our customers run their Enterprises. 

    Fully automated self-service provisioning and orchestration of compute, network, and storage is a beautiful thing...empowering developers to self-provision in minutes the infrastructure needed to build, test or deploy applications without having to waste time trying to file tickets, procure systems, or wait on others. Administrators are able to view, and manage what would otherwise be a sprawl of compute, networking, and storage as an actual system. Rather than wasting time repeatedly servicing individual requests, they can instead focus their attention on managing the cloud 's resources as a pool, and ensuring smooth operation of services provided by the cloud.

    We've watched this transformation happen internally in Solaris Engineering as we've shifted from ad-hoc management of the test and development systems used, to managing that infrastructure as an OpenStack cloud. Utilization efficiency of our infrastructure has dramatically improved as Engineers who formerly "camped" on systems to ensure those environments would be available when needed no longer need to, since they can easily save and later re-deploy images of their development environment in minutes. Wasted time formerly spent hunting through lists of systems trying to find one that's free, working, and sufficient, is now spent getting actual work done, or better yet, drinking coffee!

    If you've been thinking you would like to get started learning about OpenStack, perhaps by experimenting and building yourself a small private cloud, there's really never been a better time. Especially since today we're very excited to announce that OpenStack Juno is now available to you as part of Oracle Solaris 11.3 Beta. You can start small, and in about 10 minutes install a Solaris Unified Archive that essentially is a fully configured OpenStack Cloud-In-A-Box. Deploy the OpenStack Unified Archive to a system, perform a few configuration steps (specific to your environment, e.g. SSH keys and such), and voila you have a functional OpenStack cloud that you can start learning how to operate.

    If you are more experienced with OpenStack and are looking to build a cloud system for your Enterprise that is powered by best of breed Solaris technologies, such as Solaris Zones, the ZFS file system, and Solaris SDN...and that leverages SPARC systems, x86 systems (or both) you'll appreciate how well we've integrated the worlds most popular open source cloud infrastructure software with the Solaris technologies you've come to know and trust.

    Within Solaris 11.3 Beta, we've integrated the Juno versions of the core OpenStack Cloud Infrastructure services: Nova, Neutron, Cinder, Swift, Keystone, Glance, Heat, and Horizon, along with the drivers enabling OpenStack to drive Solaris virtualization, and ZFS backed shared storage over iSCSI or FC (both from Solaris natively or via the ZFS Storage Appliance). Within OpenStack Horizon, you'll find an integrated Zones Console interface, and you can upgrade your 11.2 Havana based OpenStack cloud via IPS to Juno based Solaris 11.3 Beta.

    Post 11.3 Beta, we'll be very excited to introduce bare metal provisioning support for SPARC and x86 systems through OpenStack Ironic. In addition to being able to offer virtualized environments of varying sizes/configs (e.g. flavors) to cloud tenants, Ironic enables bare metal flavors to also be provided. We'll probably also have a few more exciting features to talk about as well. :) But in the meanwhile, we hope you enjoy OpenStack Juno on Solaris 11.3 Beta, and do let us know if you have any questions and/or run into any issues as we would be more than happy to help!

    Tuesday May 19, 2015

    Oracle Solaris gets OpenStack Juno Release

    We've just recently pushed an update to Oracle OpenStack for Oracle Solaris. Supported customers who have access to the Support Repository Updates (SRU) can upgrade their OpenStack environments to the Juno release with the availability of SRU 11.2.10.5.0 onwards.

    The Juno release includes a number of new features, and in general offers a more polished cloud experience for users and administrators. We've written a document that covers the upgrade from Havana to Juno for those on SRU 10.5 and SRU 11.5. The process to upgrade involves some manual administrator to copy and merge OpenStack configuration across the two releases, and upgrade the database schemas that the various services use. We've worked hard to provide a seamless automatic upgrade - this is now available from Oracle Solaris 11.2 SRU 12.5 onwards!

    -- Glynn Foster

    Join us at the Oracle OpenStack booth!

    We've reached the second day of the OpenStack Summit in Vancouver and our booth is now officially open. Come by and see us and talk about some of the work that we've been doing at Oracle - whether it's integrating a complete distribution of OpenStack into Oracle Linux and Oracle Solaris, Cinder and Swift storage on the Oracle ZFS Storage Appliance, integration with Swift and our Oracle HSM tape storage product, and how to quickly provision Oracle Database 12c in an OpenStack environment. We've got a lot of demos and experts there to answer your questions.

    The Oracle sponsor session is on today also. Markus Flierl will be talking about "Making OpenStack Secure and Compliant for the Enterprise" at 2:50-3:30pm Tuesday Room 116/117. Markus will talk about the challenges of deploying an OpenStack cloud while still meeting critical secure and compliance requirements, and how Oracle can help you do this.

    And in case anyone asks, yes, we're hiring!

    Friday May 15, 2015

    Database as a Service with Oracle Database 12c, Oracle Solaris and OpenStack

    Just this morning Oracle announced a partnership with Mirantis to bring Oracle Database 12c to OpenStack. This collaboration enables Oracle Solaris and Mirantis OpenStack users to accelerate application and database provisioning in private cloud environments via Murano, the application catalog project in the OpenStack ecosystem. This effort brings Oracle Database 12c and Oracle Multitenant deployed on Oracle Solaris to Murano—the first Oracle cloud-ready products to be available in the catalog.

    We've been hearing from lots of customers wanting to quickly deploy Oracle Database instances in their OpenStack environments and we're excited to be able to make this happen. Thanks to Oracle Database 12c and Oracle Multitenant, users can quickly create new Pluggable Databases to use in their cloud applications, backed by the secure and enterprise-scale foundations of Oracle Solaris and SPARC. What's more, with the upcoming generation of Oracle systems based on the new SPARC M7 processors, users will get automatic benefit of advanced security, performance and efficiency of Software in Silicon with features such as Application Data Integrity and the Database In-Memory Query Accelerator.

    So if you're heading to Vancouver next week for the OpenStack Users and Developers Summit, stop by booth P9 and P7 to see a demo!

    Update: (19/05/15) A technical preview of our work with Murano is now available here on the OpenStack Application Catalog.

    Thursday Apr 16, 2015

    OpenStack Swift on Oracle Solaris

    Jim Kremer has written a blog about the OpenStack object storage service Swift and how to set it up on Oracle Solaris. For Swift on Solaris we use the ZFS file system as the underlying storage, which means we can take advantage of things like snapshots and clones, data encryption and compression, and the underlying redundancy that the ZFS architecture provides with storage pools and mirroring.

    Read Jim's blog on How to get Swift up and running on Solaris.

    -- Glynn Foster

    Thursday Apr 09, 2015

    Oracle at OpenStack Summit in Vancouver - May 18-22

    Oracle is premier sponsor at OpenStack Summit in Vancouver, May 18-22. This year we will have experts from all of Oracle's OpenStack technologies including Oracle Linux and Oracle VM, Oracle Solaris, Oracle ZFS Storage Appliance, and Oracle Tape Storage Solutions. We will have informative sessions and booth to visit. Here's one of the Oracle sessions:

    Title:Making OpenStack secure and compliant for the enterprise

    Many Enterprises deploying OpenStack also need to meet Security and Compliance requirements. In this talk, you will learn how Oracle can help you address these requirements with OpenStack Cloud Infrastructure solutions designed to meet the needs of the Enterprise. Come learn how Oracle can help you deploy OpenStack solutions that you can trust to meet the needs of your enterprise, your customers, and the demands of mission-critical cloud services.

    Tuesday, May 19 from 2:50 p.m. to 3:30 p.m., Room 116 / 117

    We encourage you to visit the Oracle Booth # P9 for discussion with our OpenStack experts on your requirements and how best to adress your issues for smooth deployment. Marketplace hours and demos will be done on: 

    • Monday, May 18: 6:00pm – 7:30pm
    • Tuesday, May 19: 10:45am – 6:00pm
    • Wednesday, May 20: 9:00am – 6:00pm
    • Thursday, May 21: 9:00am – 4:10pm 

    Hope to meet you at OpenStack Summit!  

    Monday Mar 16, 2015

    OpenStack Summit Vancouver - May 18-22

    The next OpenStack developers and users summit will be in Vancouver. Oracle will again be a sponsor of this event, and we'll have a bunch of our team present from Oracle Solaris, Oracle Linux, ZFS Storage Appliance and more. The summit is a great opportunity to sync up on the latest happenings in OpenStack. By this stage the 'Kilo' release will be out and the community will be in full plan mode for 'Liberty'. Join us there and see what the Oracle teams have been up to recently!

    -- Glynn Foster

    Thursday Aug 21, 2014

    Solaris OpenStack Horizon customizations

    In Oracle Solaris OpenStack Havana, we have customized the Horizon BUI by modifying existing dashboard and panels to reflect only those features that we support. The modification mostly involves:

     --  disabling an widget (checkbox, button, textarea, and so on)
     --  removal of a tab from a panel
    --  removal of options from pull-down menus

    The following table lists the customizations that we have made.

    |-----------------------------+-----------------------------------------------------|
    | Where                       | What                                                |
    |-----------------------------+-----------------------------------------------------|
    | Project => Instances =>     | Post-Creation tab is removed.                       |
    | Launch Instance             |                                                     |
    |                             |                                                     |
    | Project => Instances =>     | Security Groups tab is removed.                     |
    | Actions => Edit Instance    |                                                     |
    |                             |                                                     |
    | Project => Instances =>     | Console tab is removed.                             |
    | Instance Name               |                                                     |
    |                             |                                                     |
    | Project => Instances =>     | Following actions Console, Edit Security Groups,    |
    | Actions                     | Pause Instance, Suspend Instance, Resize Instance,  |
    |                             | Rebuild Instance, and Migrate Instance are removed. |
    |                             |                                                     |
    | Project =>                  | Security Groups tab is removed.                     |
    | Access and Security         |                                                     |
    |                             |                                                     |
    | Project =>                  | Create Volume action is removed.                    |
    | Images and Snapshots =>     |                                                     |
    | Images => Actions           |                                                     |
    |                             |                                                     |
    | Project => Networks =>      | Admin State is disabled and its value is always     |
    | Create Network              | true.                                               |
    |                             |                                                     |
    | Project => Networks =>      | Disable Gateway checkbox is disabled, and its       |
    | Create Network =>           | value is always false.                              |
    | Subnet                      |                                                     |
    |                             |                                                     |
    | Project => Networks =>      | Allocation Pools and Host Routes text area are      |
    | Create Network =>           | disabled.                                      |
    | Subnet Detail               |                                                     |
    |                             |                                                     |
    | Project => Networks =>      | Edit Subnet action is removed.                      |
    | Network Name => Subnet =>   |                                                     |
    | Actions                     |                                                     |
    |                             |                                                     |
    | Project => Networks =>      | Edit Port action is removed.                        |
    | Network Name => Ports =>    |                                                     |
    | Actions                     |                                                     |
    |                             |                                                     |
    | Admin => Instnaces =>       | Following actions Console, Pause Instance,          |
    | Actions                     | Suspend Instance, and Migrate Instance are removed. |
    |                             |                                                     |
    | Admin => Networks =>        | Edit Network action is removed                      |
    | Actions                     |                                                     |
    |                             |                                                     |
    | Admin => Networks =>         | Edit Subnet action is removed                       |
    | Subnets => Actions          |                                                     |
    |                             |                                                     |
    | Admin => Networks =>         | Edit Port action is removed                         |
    | Ports => Actions            |                                                     |
    |                             |                                                     |
    | Admin => Networks =>         | Admin State and Shared check box are disabled.      |
    | Create Network              | Network's Admin State is always true, and Shared is |
    |                             | always false.                                       |
    |                             |                                                     |
    | Admin => Networks =>        | Admin State check box is disabled and its value     |
    | Network Name => Create Port | is always true.                                     |
    |-----------------------------+-----------------------------------------------------|

    Thursday Jul 31, 2014

    OpenStack Immutable VMs

    Solaris 11 brought us the ability to have Immutable non global Zones.  With Solaris 11.2 we have extended that capability so that it works with Kernel Zones, LDOMs (OVM SPARC) and bare metal global zones.

    Now what about deploying Immutable Zones via OpenStack ?

    The way to do this is to via the Flavors facility in Nova.

    From the OpenStack Dashboard (Horizon) navigate to the Admin-> Flavor page. We can either update an existing one of the Solaris flavours or create a new one.  Lets do this by creating a new one called 'Immutable Solaris non global Zone'

    Make sure you set the 'Flavor Access' to include the projects you want to use this.

    Then from the 'More' menu on the entry in the table select 'View Extra Specs'


    that will bring up a window like this one, since we are creating a new entry from scratch we have to also setup the type of zone this will be.

    Select Create and fill in the following to set a non global zone (if you wanted a kernel zone instead then change the value to solaris-kz):

    The do the same again and create a key/value pair for 'zonecfg:file-mac-profile' with the value being one of 'flexible-configuration,fixed-configuration,strict' eg:

    Thats it close the flavor window and now we can select this as a type when we deploy a new instance.

    If create a new VM instance using this flavor and look at the configuration of the zone that Nova is deploying for us we will see something like this:

    $ zonecfg -z instance-0000000f info
    zonename: instance-0000000f
    zonepath: /system/zones/instance-0000000f
    brand: solaris
    autoboot: false
    autoshutdown: shutdown
    bootargs: 
    file-mac-profile: fixed-configuration
    ...
    

    It is possible to set other zonecfg global scope settings here as well.  Currently the choice is limited to a fixed set but I'm hoping to change that to allow any of the known global scope settings.  This would allow using some of the more advanced Zone resource controls via an OpenStack Nova Flavor.

     -- Darren J Moffat

     
      
    About

    Oracle OpenStack is cloud management software that provides customers an enterprise-grade solution to deploy and manage their entire IT environment. Customers can rapidly deploy Oracle and third-party applications across shared compute, network, and storage resources with ease, with end-to-end enterprise-class support. For more information, see here.

    Search

    Archives
    « February 2016
    SunMonTueWedThuFriSat
     
    1
    2
    3
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
         
           
    Today