Wednesday Aug 15, 2012

SPARC SuperDuperCluster

Hi Folks!

Some of you may have noticed that I've been a little quieter than usual in the last year.

Is it because I've lost interest in patching, maintenance best practices, and improving our customers' lifecycle experience ?  Not a bit of it.

It's because my team and I have been rather busy - to put it mildly! - on developing the installation configuration utilities and maintenance updates for SPARC SuperCluster.

SPARC SuperCluster is so good, and the feedback from the already substantial customer base has been so positive, that I'm lobbying Marketing to rename it SPARC SuperDuperCluster.

Available in half rack (2 T4-4s, 3 Exadata Storage Cells) or full rack (4 T4-4s, 7 Exadata Storage Cells) configurations, both of which have a general purpose 7320 ZFSSA (ZFS Storage Appliance) and 3 Infiniband Switches, SPARC SuperDuperCluster is the prime example of the integrated Oracle Red Stack at its best.

It is a true example of an Engineered System, engineered with enhancements at every layer of the Red Stack to improve performance, robustness, and quality, from the phenomenal performance of the SPARC T4 chips, through to the excellent LDoms (Logical Domains) virtualization layer, enhancements such as RDSv3 support in Solaris as well as all the other great feature of Solaris 11 (and 10), to leveraging the phenomenal performance of Infiniband, Exadata Storage Cells and the 11gR2 database.

Seemingly paradoxically, SPARC SuperDuperCluster is both a highly flexible General Purpose "app" consolidation platform and an Engineered System, offering a wide variety of optimized configurations with various combinations of 11gR2 database domains, Solaris 11 General Purpose "app" domains, and Solaris 10 General Purpose "app" domains.

But how can SPARC SuperDuperCluster be both an Engineered System and offer extremely flexible configurations at the same time ?  That's easy.  The hardware layer and cabling is fixed in an optimized fashion (Engineered).  But what apps a customer chooses to run on SuperCluster, on how many LDoms and what memory/CPU is allocated to each is up to them, optimized for their needs (Flexible), rather than a one-size-fits-none approach.

SPARC SuperDuperCluster is more than just the hardware and software.  It's also the extraordinary cross-organizational team that has been built around it.  From the absolute cream of Services, Support, and Sustaining, to the architects and management from Performance Technologies, to the cooperation and deep engagement between engineering teams for each layer of the Oracle Red Stack, to my own small but extremely dedicated install configuration utility and maintenance update team, it's the people behind SPARC SuperDuperCluster which ensure its success. 

Feedback from the rapidly growing customer install base worldwide is extremely positive.  To find out more, please see the SPARC SuperCluster resource page.  You'll be hearing lots more about SPARC SuperDuperCluster at Oracle Open World this year - wow, it's nearly that time of year again! - but, for once, I won't be presenting myself.

I will be there and available to meet/talk either about Solaris 10 Patching, Solaris 11 SRUs (Support Repository Updates), or SPARC SuperDuperCluster.  I look forward to seeing you there!

Best Wishes,

Gerry.

Tuesday Nov 29, 2011

New Solaris 11 Customer Maintenance Lifecycle blog

Hi Folks,

On the basis that you can't have too much of a good thing, I've started a 2nd blog, the Solaris11Life blog , to enable me to blog about all aspects of the Solaris 11 Customer Maintenance Lifecycle, including policies, best practices, resource links, clarifications, and anything else which I hope you may find useful.

In my first post, I share my Solaris 11 Customer Maintenance Lifecycle presentation, which I gave at Oracle Open World and the recent Deutsche Oracle Anwendergruppe (DOAG) conference.

I'll be posting lots more there in the coming week as time allows, including secret handshake stuff on how to interpret IPS FMRI version strings.

In future, I'll post any Solaris 11 Customer Maintenance Lifecycle related material on the Solaris11Life blog, http://blogs.oracle.com/Solaris11Life , and any Solaris 10 or below material here on the Patch Corner blog, http://blogs.oracle.com/patch .

Best Wishes,

Gerry.

Tuesday Oct 18, 2011

Solaris 9 transitioning to Extended Support

Just a quick heads-up that Solaris 9 will transition to Vintage support (old sun terminology) / Extended support (Oracle terminology) at the end of this month.

Solaris 9 patches released from November 1, 2011, will have Vintage/Extended access entitlement by default, which means that only customers with an Extended Support contract for Solaris will be able to access them.

Updates to the Recommended Solaris 9 OS Patchset will cease at that time.

Pre-existing Solaris 9 patches (and the final version of the Recommended Solaris 9 OS Patchset) will remain available under normal "OS" entitlement - i.e. they can be accessed without an Extended Support contract.

For more details, see:

Lifetime Support Policy brochure, especially pages 27 to 31

How Patches and Updates Entitlement Works, DocID 1269292.1

Best Wishes,

Gerry

Tuesday Sep 27, 2011

I'm Presenting at Oracle OpenWorld and I Hope to See You There

I hope to see you next week at Oracle OpenWorld in San Francisco.

Pete Dennis, Isaac Rosenfeld, and I will be giving a presentation on the Solaris 11 Customer Maintenance Lifecycle, which will provide an introduction to how we expect customers to maintain Solaris 11 systems, comparing and contrasting it to the Solaris 10 experience.

I believe the compelling advantages of ZFS Root Snapshots and Image Packaging System (IPS) have the potential to dramatically improve our customers' maintenance experience.

I'm sure you, like me, will be delighted to hear that there will be no patches and no patching in Solaris 11.  Neither is there a need to use technologies like Live Upgrade to provide a safety net - it's all baked into core Solaris 11 for you.

It's my intention to provide customers with much more up front guidance on how best to maintain Solaris 11, so customers don't need to figure out their maintenance strategy from scratch.

But we also remain committed to providing the flexibility to meet individual customer's needs and special circumstances.

So if you're at OpenWorld, please come along and hear Pete, Isaac, and I introduce you to the Solaris 11 maintenance lifecycle:

3:30pm, Tuesday, Oct 4th

Moscone South, Room 200

Pete Dennis and I will also be presenting at the Deutsche Oracle Anwendergruppe (DOAG) conference in N├╝rnberg in November 15-17, so if we don't see you at OpenWorld, we hope to see you there.

I really want to get your feedback on our current plans - what you like, what you don't like, and what we can improve.  So come along and let me know.

Best Wishes,

Gerry.

Tuesday Feb 15, 2011

Using My Oracle Support for Hardware Products

My colleagues in Services are running Best Practice Webinars on knowledge searching and how to find Firmware, Storage updates, and Oracle Solaris patchsets.

The next sessions for patching are this Thursday, Feb 18th, at 9AM MT (U.S. Mountain Time) and 5PM MT.  If you miss these, don't worry, there's more being hosted through to the end of April 2011.  See below.

Log into MOS and see https://support.oracle.com/CSP/main/article?cmd=show&type=NOT&doctype=SYSTEMDOC&id=1282218.1 for details.

Here's the blurb:

Our new seminar series titled "Using My Oracle Support for Hardware Products" covers a variety of topics focused on using My Oracle Support to service your hardware products. The seminar series includes five Advisor Webcast topics for customers using Solaris or Sun Hardware. The topics are repeated throughout the schedule. The schedule  runs from 8 February through 28 April.  To see the schedule and to register for a session, please review Advisor Webcasts: My Oracle Support - Best Practices for Hardware Customers

    \* Best practice on knowledge searching and how to find Firmware, Storage updates, and Oracle Solaris patch sets
    \* Hardware Asset and Automated Service Request (ASR) Management
    \* Automatic Service Request from end to end
    \* Proactive Hardware Service Portal
    \* My Oracle Support - Hardware Service Request

Oracle support experts will be on hand to present these topics and answer questions about best practices in using My Oracle Support for servicing your supported hardware products.

Tuesday Oct 12, 2010

Oct 2010 Solaris OS CPU now available

The October 2010 Solaris OS CPU (Critical Patch Updates) containing all available Security, Data Corruption, and System Availability fixes are now available from My Oracle Support (MOS) and SunSolve.

See http://www.oracle.com/technetwork/topics/security/alerts-086861.html and in particular Document 1446032.1 on My Oracle Support (MOS), http://support.oracle.com, which includes CVE mappings for Oracle Sun products. 

To access the Solaris OS CPUs on MOS, login, select the "Patches & Updates" tab and in the "Patch Search" box, click on "Product or Family (Advanced Search)".  Select "Solaris Operating System" from the product drop down menu, select the Release(s) you are interested in, e.g. "Solaris 10 Operating System", select "Type" and "Patchset" from the drop down menus on the next line, and click "Search".  This will show all the available patch clusters and bundles for your search criteria.  The October 2010 CPUs have titles of the form "CPU OS Cluster 2010/10".

The Solaris OS CPUs are archived copies of the Solaris OS Recommended Patch Clusters.  See http://blogs.sun.com/patch/entry/solaris_critical_patch_updates_cpus for further details.

Best Wishes,

Gerry Haskins
Director, Software Patch Services

Tuesday Jul 13, 2010

Solaris Critical Patch Updates (CPUs)

It's Oracle standard practice to release quarterly Critical Patch Updates (CPUs) containing security fixes.  These scheduled releases enable customers to plan maintenance windows.

Solaris now conforms to this practice and Solaris OS CPUs are now available.

The Solaris OS CPU is an archived snapshot of the Solaris OS Recommended Patch Cluster.

Please note that the Solaris OS bug fixing processes have not changed.  Security and other bugs continue to be fixed as soon as possible, patches containing such fixes for the Solaris OS will continue to be released as quickly as possible, and they will continue to be included in the Recommended Solaris OS Patch Clusters as soon as they become available. 

The Solaris OS CPU simply provides another, archived, patch collation option for customers.

See http://www.oracle.com/technetwork/topics/security/alerts-086861.html and in particular Document 1446032.1 on My Oracle Support (MOS), http://support.oracle.com, which includes CVE mappings for Oracle Sun products. 

Notes:

  1. The CPUs were created on July 6th and released on July 13th.
  2. Solaris 8 is in Vintage support so no patch clusters are updated for Solaris 8.  Instead, the above document lists Solaris 8 patches released in the last quarter which address Security issues.  A Solaris 8 Vintage support contract is needed to access some of them.
Update: CVE to patch mappings are now available for the Solaris CPU from July.  Please see http://blogs.sun.com/security/entry/cpu_july_2010

Friday Jan 29, 2010

Important new features in latest PatchFinder release

Firstly, please allow me to get something off my chest:

HALLELUJAH!!!

It's been a long wait and we're finally there!

I, for one, am tickled pink.

There's likely be a lot of changes for all of us in the coming months, some good, some maybe controversial to some folk, but I passionately believe that Oracle will bring much needed commercial sense which will ensure that Solaris and Sun-Oracle hardware continues to innovate like hell to provide the solutions you, our customers, need.  So strap yourselves in, the fun is about to begin!

But much more than the red Oracle logo has changed on PatchFinder today.

I want to let you know about two key new features which I believe significantly improve our customers' patch searching experience:

Search for Patches which deliver New Security Fixes 

The PatchFinder "Security Filter" now differentiates between patches which introduce a new security fix (shown by the "NS" symbol in search returns) and patches which simply deliver any security fix, either new or pre-existing (shown by the "S" symbol in search returns). 

Up until now only the latter was available, which made it difficult for customers to differentiate between patch revisions which deliver new security fixes and patch revisions which simply re-deliver old security fixes.

The "New Security Fix" search option under "Security Filter" should typically be used in combination with the "Show Obsolete" option so that you can see all patch revisions delivering new security fixes.  Otherwise you'll just see the subset of patches which are contain both new security fixes and are not obsoleted.

Solaris OS Patches which deliver (or redeliver) security fixes will continue to be added to the "Recommended" Patch Clusters as before, along with OS patches which deliver (or redeliver) Data Corruption or System Availability fixes, the latest patch utility patches, and any other patches required by the above.

Solaris OS Patches which deliver new security fixes will continue to be be added to the Sun Alert Patch Clusters as before, along with OS patches which deliver new Data Corruption or System Availability fixes, the latest patch utility patches, and any other patches required by the above.

But with this New Security Fix option in PatchFinder, you can now find all (6-2 digit PatchID) patches for all products which deliver new security fixes, not just Solaris OS patches.

BTW: This "New Security Fix" feature has actually been in PatchFinder since the last release in December, but this is the first opportunity I've had to blog about it.

Search for patches by the objects they deliver

You can now search for patches by the objects they deliver. 

For example, type "/usr/bin/vi" into the "File Included" search box, filter the search using the other search options if desired ( e.g. select "Solaris 10" under "OS Release" ), and PatchFinder will return the patches which deliver "/usr/bin/vi".  

This is useful if you are having problems with a particular utility or object and want to find if any patches are available for it.  Then reading the CR synopses listed in the README for the appropriate patches returned may help you figure out if the patch is likely to address the problem you are experiencing.

Try searching for "zoneadmd", or "genunix", for example.

Remember, if you enter something like "vi" or "ls" in the "File Included" search box, you'll get all objects which contain those strings in their pathnames, so a well qualified search such as "/usr/bin/vi" or "/usr/bin/ls" may be more useful.

Watch out for symlinks, e.g. on Solaris 10:

$ whence patchadd/usr/sbin/patchadd
/usr/sbin/patchadd
$ ls -l /usr/sbin/patchadd
lrwxrwxrwx   1 root     root          16 May 15  2009 /usr/sbin/patchadd -> ../lib/patch/pdo\*
So on Solaris 10, search for "/usr/lib/patch" rather than "/usr/sbin/patchadd" to find patch utility patches.  FYI, 'pdo' is the preprocessor to 'patchadd' on Solaris 10 and both are contained in /usr/lib/patch.  Alternatively, just search for "patchadd".

I hope you find these new PatchFinder features useful.   A lot of work went in behind the scenes, especially on ensuring the accuracy of the "New Security Fix" flag.  I'd like to thank my colleagues, Brian, Julien, Slim, Mark, Don, and the rest of the team for making these enhancements a reality.  Nice work guys!

About

This blog is to inform customers about patching best practice, feature enhancements, and key issues. The views expressed on this blog are my own and do not necessarily reflect the views of Oracle. The Documents contained within this site may include statements about Oracle's product development plans. Many factors can materially affect these plans and the nature and timing of future product releases. Accordingly, this Information is provided to you solely for information only, is not a commitment to deliver any material code, or functionality, and SHOULD NOT BE RELIED UPON IN MAKING PURCHASING DECISIONS. The development, release, and timing of any features or functionality described remains at the sole discretion of Oracle. THIS INFORMATION MAY NOT BE INCORPORATED INTO ANY CONTRACTUAL AGREEMENT WITH ORACLE OR ITS SUBSIDIARIES OR AFFILIATES. ORACLE SPECIFICALLY DISCLAIMS ANY LIABILITY WITH RESPECT TO THIS INFORMATION. ~~~~~~~~~~~~ Gerry Haskins, Director, Software Lifecycle Engineer

Search

Categories
Archives
« April 2014
MonTueWedThuFriSatSun
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
    
       
Today