Wednesday Apr 16, 2014

Oracle Solaris 11.2 Launch in NY

2 quick updates:

1) We have been working on a set of significant cloud-centric enhancements in Oracle Solaris, to be launched at an in-person Oracle Solaris 11.2 event in New York on April 29th.  Please use this link to register for attendance.  There will also be a web event; stay tuned for more on that here

2) I have been doing some experimenting with a set of new blog themes and frameworks, see if you like them

That's about it for now... 

Thursday Feb 13, 2014

Oracle Solaris 11 Integrated Load Balancer

The Oracle Solaris 11 Networking technologies portfolio provides an in-kernel L3/L4 load balancer, with support for multiple load-balancing algorithms.  It has built-in health-check capabilities and is configured and managed using the ilbadm(1M) command.  We also provide support for Virtual Router Redundancy Protocol (VRRP), which offers high-availability of routers through redundancy and fail-over -- which can be used with the Integrated Load Balancer (ILB) to provide additional redundancy for it.  VRRP is configurable with the vrrpadm(1M) command.

Just wanted to let everyone know that today, as part of ongoing Oracle Solaris Networking collateral development,  a new Oracle Solaris Hands-on Lab has become available on OTN.

Deploying the Oracle Solaris Integrated Load Balancer in 60 Minutes

This lab demonstrates how the Integrated Load Balancer feature of Oracle Solaris is engineered with Oracle Solaris Networking technologies to quickly and easily deliver value out of a bundled load-balancing system.

All of our Oracle Solaris Hands-on Labs are accessible from

Monday Dec 16, 2013

DSCP QoS tagging of DNS traffic in Solaris

A huge telco customer recently shared their desire to support DSCP marking of their core network infrastructure, specifically they asked if there's a way to do this in Solaris? Sure there is! Since DSCP marking is enforced by the router,  they wanted to know how to make their Solaris 10 systems conform to this. (Why Solaris 10 and not Solaris 11? Because their current roll-out reflects systems deployed before Solaris 11 came out) - AND they wanted to do this by the end of the year.  Given the opportunity and the fast-approaching deadline, I looked into this further by jointly teaming up with Krishna Yenduri of our Solaris network developer team, a team that focuses on network protocols and related cloud/virtualization technologies. Wanted to share what needs to be configured - and how easy it actually is.

So the customer inputs were:

  • Application: ISC BIND 
  • Requirement: Every DNS packet has to be tagged with value of 32, every DNS query needs to be tagged. 
  • Platform: x86 systems, Sun x4270 M2 servers running Solaris 10 

DSCP marking is supported in Solaris's implementation of support of IPQoS.  It is one of the most used features of IPQoS -- we have a number of scenarios of uses of Sun Ray servers where this has been deployed.   The way to configure IPQoS in Solaris 10 is thru the ipqosconf(1M)  interface.  Solaris 10 comes with a couple of sample config files located in /etc/inet/ipqosconf*, which show how to use the DSCP marking rules.  

If the need is to limit the marking to just the outgoing DNS queries, use the 'dport' parameter (that indicates the destination port), and set it to 53, as shown in the complete example that follows. Alternatively, if the need is to limit the marking to the outgoing DNS response, use the 'sport' parameter in the filter definition.

Contents of /etc/inet/ipqosinit.conf

fmt_version 1.0

# Mark the DSCP with code point AF32, 011100 = 28
action {
       module dscpmk
       name markAF32

       params {
               global_stats true
               next_action continue
               dscp_map {
               dscp_detailed_stats false

action {
       module ipgpc
       name ipgpc.classify

       params {
               global_stats true

       class {
               name myclass
               next_action markAF32
               enable_stats true

       class {
               name default
               next_action continue
               enable_stats false

       filter {
               name myfilter
               class myclass
               # DNS response
               sport 53
               direction { LOCAL_OUT }

The file gets saved as:   /etc/inet/ipqosinit.conf

Then the following operation instantiates the contents of the config file: 

# /usr/sbin/ipqosconf -s -a /etc/inet/ipqosinit.conf

and there is NO need to reboot.

How would you verify this?

If you're looking at the IPv4 network traffic, you would use:

#snoop -V -d <ipif-name> dst 53

This would show the IP header with the TOS value of '0x70', since the TOS value of 0x70 is the DSCP value of decimal 28).

Here's an example: 

host1 -> IP  D=XXX.XX.XXX.XX S=YY.YYY.YY.YYY LEN=74, ID=19461, TOS=0x70, TTL=255

Kindly note that 'TOS' is the same as the DSCP field - it happens to be an older RFC format and snoop(1M) does not know how to interpret it as DSCP, however ethereal/wireshark/tshark can perform such an interpretation properly (in case you'd be looking to verify the DSCP field value).

If you're handling IPv6 network traffic, beware that DSCP appears as a different field name: 'Traffic class' and if you're using wireshark, you should expect to see something like this:

Internet Protocol Version 6, Src: fe80::21b:21ff:fe88:fcd4 (fe80::21b:21ff:fe88:fcd4), Dst: fe80::21b:21ff:fe87:8d78 (fe80::21b:21ff:fe87:8d78)
    0110 .... = Version: 6
        [0110 .... = This field makes the filter "ip.version == 6" possible: 6]
    .... 0111 0000 .... .... .... .... .... = Traffic class: 0x00000070
        .... 0111 00.. .... .... .... .... .... = Differentiated Services Field: Assured Forwarding 32 (0x0000001c)
        .... .... ..0. .... .... .... .... .... = ECN-Capable Transport (ECT): Not set
        .... .... ...0 .... .... .... .... .... = ECN-CE: Not set
    .... .... .... 0000 0000 0000 0000 0000 = Flowlabel: 0x00000000
    Payload length: 33
    Next header: TCP (6)
    Hop limit: 60
    Source: fe80::21b:21ff:fe88:fcd4 (fe80::21b:21ff:fe88:fcd4)
    [Source SA MAC: IntelCor_88:fc:d4 (00:1b:21:88:fc:d4)]
    Destination: fe80::21b:21ff:fe87:8d78 (fe80::21b:21ff:fe87:8d78)
    [Destination SA MAC: IntelCor_87:8d:78 (00:1b:21:87:8d:78)]

For more information, please consult the System Administration Guide for IP Services - for Solaris 10 that book is located here:

For more general Oracle Solaris 11 How-To examples and content, please check this site out:

Monday Dec 02, 2013

NYC Tech Party 2013

Hey all, 

We are happy to help sponsor this year's NYC Tech holiday party, in co-operation with some of New York's technical users communities.

- The Annual NYC Tech Meta-Party - 

When: 7:00 PM until exit(-1), Monday, December 9, 2013

Where: the entire Suspenders Bar and Restaurant

111 Broadway, in downtown Manhattan

Various NYC technical user groups are joining forces to hold another holiday party to remember!

Check out the RSVP info at the tech event meetup page 

Various groups include:

- DebianNYC (New York Debian Local Group)
- DrupalNYC (Drupal New York City)
- Erlang NYC (Erlang New York City)
- Lopsa-NYC (League of Professional System Administrators New York City Chapter)
- LispNYC (New York City Lisp User Group)
- NYC*BUG (New York City *BSD User Group)
- NYC-Clojure (NYC Clojure Users Group)
- nycdevops (New York City Devops Meetup Group)
- NYC-OCaml (The NYC OCaml Meetup)
- NY-Haskell (New York Haskell Users Group)
- NY-Scala (New York Scala)
- PuppetNYC (New York Puppet User Group)
- SFLC (Software Freedom Law Center)
- TA3M (Techo Activist Third Mondays)
- UNIGROUP (New York City's Unix User's Group)

Everyone of all types of expertise and interests are welcome.  The party starts at 7 PM and will continue until at least 10 PM.  It is the ideal networking opportunity of the season, and a chance to connect with old friends and make new ones.

Here's to celebrating accomplishments of 2013 and welcoming new successes in 2014!

See you there!

Saturday Nov 02, 2013

How to safely reboot via First Boot script

With the cost and performance benefits of the SPARC T4 and SPARC T5 systems undeniably validated, the banking sector is actively moving to Solaris 11.  I was recently asked to help a banking customer of ours look at migrating some of their Solaris 10 logic over to Solaris 11.  While we've introduced a number of holistic improvements in Solaris 11, in terms of how we ease long-term software lifecycle management, it is important to appreciate that customers may not be able to move all of their Solaris 10 scripts and procedures at once; there are years of scripts that reflect fine-tuned requirements of proprietary banking software that gets layered on top of the operating system. One of these requirements is to go through a cycle of reboots, after the system is installed, in order to ensure appropriate software dependencies and various configuration files are in-place. While Solaris 10 introduced a facility that aids here, namely SMF, many of our customers simply haven't yet taken the time to take advantage of this - proceeding with logic that, while functional, without further analysis has an appearance of not being optimal in terms of taking advantage of all the niceties bundled in Solaris 11 at no extra cost.

When looking at Solaris 11, we recognize that one of the vehicles that bridges the gap between getting the operating system image payload delivered, and the customized banking software installed, is a notion of a First Boot script.  I had a working example of this at one of the Oracle OpenWorld sessions a few years ago - we've since improved our documentation and have introduced sections where this is described in better detail.   If you're looking at this for the first time and you've not worked with IPS and SMF previously, you might get the sense that the tasks are daunting.   There is a set of technologies involved that are jointly engineered in order to make the process reliable, predictable and extensible.

As you go down the path of writing your first boot script, you'll be faced with a need to wrap it into a SMF service and then packaged into a IPS package. The IPS package would then need to be placed onto your IPS repository, in order to subsequently be made available to all of your AI (Automated Install) clients (i.e. the systems that you're installing Solaris and your software onto).    

With this blog post, I wanted to create a single place that outlines the entire process (simplistically), and provide a hint of how a good old "at" command may make the requirement of forcing an initial reboot handy. The syntax and references to commands here is based on running this on a version of Solaris 11 that has been updated since its initial release in 2011 (i.e. I am writing this on Solaris 11.1)

Assuming you've built an AI server (see this How To article for an example), you might be asking yourself: "Ok, I've got some logic that I need executed AFTER Solaris is deployed and I need my own little script that would make that happen. How do I go about hooking that script into the Solaris 11 AI framework?" 

You might start here, in Chapter 13 of the "Installing Oracle Solaris 11.1 Systems" guide, which talks about "Running a Custom Script During First Boot".  And as you do, you'll be confronted with command that might be unfamiliar to you if you're new to Solaris 11, like our dear new friend: svcbundle

svcbundle is an aide to creating manifests and profiles.  It is awesome, but don't let its awesomeness overwhelm you. (See this How To article by my colleague Glynn Foster for a nice working example).  In order to get your script's logic integrated into the Solaris 11 deployment process, you need to wrap your (shell) script into 2 manifests -  a SMF service manifest and a IPS package manifest.  ....and if you're new to XML, well then -- buckle up :-)

We have some examples of small first boot scripts shown here, as templates to build upon. Necessary structure of the script, particularly in leveraging SMF interfaces, is key. I won't go into that here as that is covered nicely in the doc link above.   

Let's say your script ends up looking like this (btw: if things appear to be cut-off in your browser, just select them, copy and paste into your editor and it'll be grabbed - the source gets captured eventhough the browser may not render it "correctly" - ah, computers).


# Load SMF shell support definitions
. /lib/svc/share/

# If nothing to do, exit with temporary disable
completed=`svcprop -p config/completed site/first-boot-script-svc:default`
[ "${completed}" = "true" ] && \
    smf_method_exit $SMF_EXIT_TEMP_DISABLE completed "Configuration completed"

# Obtain the active BE name from beadm: The active BE on reboot has an R in
# the third column of 'beadm list' output. Its name is in column one.
bename=`beadm list -Hd|nawk -F ';' '$3 ~ /R/ {print $1}'`
beadm create ${bename}.orig
echo "Original boot environment saved as ${bename}.orig"

# ---- Place your one-time configuration tasks here ----
# For example, if you have to pull some files from your own pre-existing system:
/usr/bin/chmod 755 /var/tmp/$SCRIPTS_THAT_GOT_PULLED_DOWN_IN_STEP_ABOVE
# Clearly the above 2 lines represent some logic that you'd have to customize to fit your needs.
# Perhaps additional things you may want to do here might be of use, like
# (gasp!) configuring ssh server for root login and X11 forwarding (for testing), and the like...
# Oh and by the way, after we're done executing all of our proprietary scripts we need to reboot
# the system in accordance with our operational software requirements to ensure all layered bits
# get initialized properly and pull-in their own modules and components in the right sequence,
# subsequently.
# We need to set a "time bomb" reboot, that would take place upon completion of this script.
# We already know that *this* script depends on multi-user-server SMF milestone, so it should be
# safe for us to schedule a reboot for 5 minutes from now. The "at" job get scheduled in the queue
# while our little script continues thru the rest of the logic. 
/usr/bin/at now + 5 minutes <<REBOOT
# ---- End of your customizations ----

# Record that this script's work is done
svccfg -s site/first-boot-script-svc:default setprop config/completed = true
svcadm refresh site/first-boot-script-svc:default

smf_method_exit $SMF_EXIT_TEMP_DISABLE method_completed "Configuration completed"

 ...and you're happy with it and are ready to move on. Where do you go and what do you do?

The next step is creating the IPS package for your script. Since running the logic of your script constitutes a service, you need to create a service manifest. This is described here, in the middle of Chapter 13 of "Creating an IPS package for the script and service". 

Assuming the name of your shell script is, you could end up doing the following:

$ cd some_working_directory_for_this_project

$ mkdir -p proto/lib/svc/manifest/site

$ mkdir -p proto/opt/site

$ cp proto/opt/site

 Then you would create the service manifest  file like so:

$ svcbundle -s service-name=site/first-boot-script-svc \
-s start-method=/opt/site/ \
-s instance-property=config:completed:boolean:false -o \

first-boot-script-svc-manifest.xml described here, and place it into the directory hierarchy above.

But before you place it into the directory, make sure to inspect the manifest and adjust the appropriate service dependencies.  That is to say, you want to properly specify what milestone should be reached before your service runs.  There's a <dependency> section that looks like this, before you modify it:

<dependency restart_on="none" type="service"
            name="multi_user_dependency" grouping="require_all">
            <service_fmri value="svc:/milestone/multi-user"/>         

So if you'd like to have your service run AFTER the multi-user-server milestone has been reached (i.e. later, as multi-user-server has more dependencies then multi-user and our intent to reboot the system may have significant ramifications if done prematurely), you would modify that section to read: 

<dependency restart_on="none" type="service"
            name="multi_user_server_dependency" grouping="require_all">
            <service_fmri value="svc:/milestone/multi-user-server"/> 

Save the file and validate it:

$ svccfg validate first-boot-script-svc-manifest.xml

Assuming there are no errors returned, copy the file over into the directory hierarchy:

$ cp first-boot-script-svc-manifest.xml proto/lib/svc/manifest/site

Now that we've created the service manifest (.xml), create the package manifest (.p5m) file named: first-boot-script.p5m

Populate it as follows:

set name=pkg.fmri value=first-boot-script-AT-1-DOT-0,5.11-0
set name=pkg.summary value="AI first-boot script"
set name=pkg.description value="Script that runs at first boot after AI installation"
set name=info.classification value=\
    "org.opensolaris.category.2008:System/Administration and Configuration"
file lib/svc/manifest/site/first-boot-script-svc-manifest.xml \
    path=lib/svc/manifest/site/first-boot-script-svc-manifest.xml owner=root \
    group=sys mode=0444
dir  path=opt/site owner=root group=sys mode=0755
file opt/site/ path=opt/site/ \
    owner=root group=sys mode=0555

Now we are going to publish this package into a IPS repository. If you don't have one yet, don't worry. You have 2 choices: You can either  publish this package into your mirror of the Oracle Solaris IPS repo or create your own customized repo.  The best practice is to create your own customized repo, leaving your mirror of the Oracle Solaris IPS repo untouched.  From this point, you have 2 choices as well - you can either create a repo that will be accessible by your clients via HTTP or via NFS.  Since HTTP is how the default Solaris repo is accessed, we'll go with HTTP for your own IPS repo.   This nice and comprehensive How To by Albert White describes how to create multiple internal IPS repos for Solaris 11. We'll zero in on the basic elements for our needs here:

We'll create the IPS repo directory structure hanging off a separate ZFS file system, and we'll tie it into an instance of pkg.depotd. We do this because we want our IPS repo to be accessible to our AI clients through HTTP, and the pkg.depotd SMF service bundled in Solaris 11 can help us do this. We proceed as follows:

# zfs create rpool/export/MyIPSrepo

# pkgrepo create /export/MyIPSrepo

# svccfg -s pkg/server add MyIPSrepo

# svccfg -s pkg/server:MyIPSrepo addpg pkg application
# svccfg -s pkg/server:MyIPSrepo setprop pkg/port=10081
# svccfg -s pkg/server:MyIPSrepo setprop pkg/inst_root=/export/MyIPSrepo
# svccfg -s pkg/server:MyIPSrepo addpg general framework
# svccfg -s pkg/server:MyIPSrepo addpropvalue general/complete astring: MyIPSrepo
# svccfg -s pkg/server:MyIPSrepo addpropvalue general/enabled boolean: true
# svccfg -s pkg/server:MyIPSrepo setprop pkg/readonly=true
# svccfg -s pkg/server:MyIPSrepo setprop pkg/proxy_base = astring: http://your_internal_websrvr/MyIPSrepo
# svccfg -s pkg/server:MyIPSrepo setprop pkg/threads = 200
# svcadm refresh application/pkg/server:MyIPSrepo
# svcadm enable application/pkg/server:MyIPSrepo

Now that the IPS repo is created, we need to publish our package into it:

# pkgsend publish -d ./proto -s /export/MyIPSrepo first-boot-script.p5m

If you find yourself making changes to your script, remember to up-rev the version in the .p5m file (which is your IPS package manifest), and re-publish the IPS package.

Next, you need to go to your AI install server (which might be the same machine) and modify the AI manifest to include a reference to your newly created package.  We do that by listing an additional publisher, which would look like this (replacing the IP address and port with your own, from the "svccfg" commands up above):

<publisher name="firstboot">
  <origin name=""/>

 Further down, in the  <software_data action="install">  section add:


Make sure to update your Automated Install service with the new AI manifest via installadm update-manifest command.  Don't forget to boot your client from the network to watch the entire process unfold and your script get tested.  Once the system makes the initial reboot, the first boot script will be executed and whatever logic you've specified in it should be executed, too, followed by a nice reboot. When the system comes up, your service should stay in a disabled state, as specified by the tailing lines of your SMF script - this is normal and should be left as is as it helps provide an auditing trail for you.   Because the reboot is quite a significant action for the system, you may want to add additional logic to the script that actually places and then checks for presence of certain lock files in order to avoid doing a reboot unnecessarily. You may also want to, alternatively, remove the SMF service entirely - if you're unsure of the potential for someone to try and accidentally enable that service -- eventhough its role in life is to only run once upon the system's first boot.

That is how I spent a good chunk of my pre-Halloween time this week, hope yours was just as SPARCkly^H^H^H^H fun!    8-)

Friday Sep 20, 2013

#solaris at OOW2013

If you're attending Oracle OpenWorld in San Francisco next week, be sure to stop by and say hello. I'll be around the DEMOgrounds area as well as speaking at these 2 sessions:

Why Oracle Solaris Is the Best UNIX for Oracle Database and Oracle WebLogic [CON7513]

Come learn why IBM and HP customers are moving to Oracle Solaris on SPARC for running Oracle Database and Oracle WebLogic. This session discusses the unique optimizations in Oracle Solaris 11 for the Oracle stack that have led to 18 world records on real-world benchmarks for Oracle’s SPARC T5 processor and Oracle Solaris. Learn about the most-efficient and most cost-effective way to virtualize Oracle Database or Oracle WebLogic. See how easy it is to update and manage multitenant environments. The session also discusses how Oracle Solaris simplifies private cloud deployments of your software.

Monday, Sep 23, 3:15 PM - 4:15 PM at the Westin San Francisco Hotel

Why Oracle Fusion Middleware Runs Best on Oracle Solaris [CON7278]

Oracle Solaris brings enterprise-class reliability, availability, and serviceability (RAS) features to the entire Oracle Fusion Middleware suite. From development to deployment, the performance and scalability of Oracle Solaris deliver compelling business advantages. This session focuses on how Oracle Solaris, with integrated Java and virtualization features, can safely and efficiently consolidate multiple application tiers, reducing space and power requirements in the data center. The session also reviews how Oracle Solaris, the first cloud OS, is at the core of Oracle’s engineered systems, delivering platform and software services into public and private clouds.

Tuesday, Sep 24, 12:00 PM - 1:00 PM at the Westin San Francisco Hotel

Please see the rest of the Oracle Solaris sessions planned

Hope to see you there!

Monday Sep 09, 2013

מיין יידיש טשערנאָוויץ Любимый город Черновцы

And now for something completely different ...

Having experienced emigration at a young age, I often long for that feeling of coming back to the town where I was born; walking the streets I used to walk to school and back, to the local stores and the stadium and back, and finally to the city's central train junction (but not back, yet).   Having matured to appreciate the answer to the question of "why?", there probably couldn't have been a more appropriate time of the year for last night's event to occur.   This Sunday's performance at this year's festival at The Millenium Theater really comes close to getting me "there". Warning: knowledge of Yiddish and Russian is helpful.  

Huge thanks,  Mom (sings), Dad (lyrics), and, naturally, Mr. Boris Berlin (composer and pianist).   

Friday Sep 06, 2013

DTrace NYC 9/2013

Hey New York/New Jersey/Connecticut techies --
We have members of the Oracle Solaris DTrace engineering team coming to NYC for Voice of the Customer sessions.  They'll be available from Monday through Thursday the 16th-19th of September. 
We want to talk to system administrators/UNIX engineering folks, and management, who are currently using, or plan to use, DTrace.  

We are also looking to talk to Solaris centric development teams to explore how DTrace might benefit them, whether or not they currently use DTrace. This is an area of focus for us and we'd like to ensure we deliver the best development platform in the industry.  

Let me know if you'd like to participate and provide input on the future development of DTrace while understanding current development efforts.

Tuesday Jul 09, 2013

Oracle Database 12c runs best on Solaris

Oracle has released Oracle Database 12c. There are dozens of years and thousands of man hours of joint development between Solaris and Oracle Database engineers, resulting in unique performance capabilities provided by the operating system. Check out why Oracle database runs best on Solaris and make sure to tune-in to a webcast on Wednesday July 10th at noon (Eastern)!

Friday Jun 07, 2013

Tune-in in June #SolarisNYC

Bart Smaalders and Darren Moffat, senior Oracle Solaris developers - led by Markus Flierl, VP of Solaris Core Kernel development, are meeting with customers next week in New York.  In a joint effort with local UNIX usergroup leads from the NYC-area we've organized a Solaris event on Wednesday night that everyone's invited to. Kindly see the announcement below (please follow instructions to RSVP for access through building security).  

There will also be a second event, on June 20th, (mentioned further below) where I'll be going over feature highlights in the most recent release of Oracle Solaris.


Its "Solaris Month" at Unigroup with TWO Solaris meetings planned...

Please note, we are going to have to run the RSVPs one meeting
at a time.  The first round of RSVPs will be for the special
Solaris Kernel Engineers Joint Meeting next week.  Then the
second round of RSVPs will be for our main June Solaris 11.1
Release Meeting.




    Topic:  Oracle/Sun Solaris Kernel Engineers Meeting

 Speakers:  Panel of Solaris Kernel Engineers,
            Oracle/Sun <>

            The panel should include:
            Markus Flierl,   VP of Solaris Core Kernel Development,
                             formerly Solaris Networking Lead.
            Bart Smaalders,  Snr. Developer, Solaris IPS, Performance.
            Darren Moffat,   Snr. Developer, Solaris Security.
            Isaac Rozenfeld, Solaris Product Management.

     When:  WEDNESDAY 12-JUN-2013

    Where:  D.E. Shaw Research    (** SPECIAL MIDTOWN LOCATION **)
            Tower 45, 39th Floor, Large Conference Room (to the left)
            120 West 45th Street  (between 6th & 7th Avenues)
            Midtown Manhattan, NYC

     Time:  6:30 - 7:00 PM   Registration, Unigroup and LOPSA-NYC
            7:00 - 9:30 PM   Solaris Kernel Engineers Panel Discussion

     Cost:  Free - No Charge for this Joint meeting.

  Oracle/Sun Kernel Engineers are in town next week, and we are
  planning a special joint meeting with LOPSA-NYC in Midtown NYC,
  at LOPSA-NYC's normal meeting location at D.E. Shaw Research.

  This will be a free/no-charge meeting, open to the public,
  but we do have a maximum capacity on the meeting room, so it
  will be first come first serve.  (We do expect to have plenty
  of room for everyone.)

  The FIRST round of Unigroup RSVPs will be for THIS special
  Solaris Kernel Engineers meeting.  Please hold off on RSVPs
  for our SECOND Solaris 11.1 Release meeting, happening later in
  the month on our regular 3rd Thursday meeting day.

  These RSVPs will go to building security at D.E. Shaw and
  Building Security at the front desk WILL REQUIRE your Photo ID.

  Use the Unigroup RSVP link below for both meetings.

  Note: Food Service for this meeting is not finalized yet
        (probably will be pizza + soft drinks).

  For information about LOPSA-NYC, visit:

  Thanks to LOPSA-NYC and D.E. Shaw Research for hosting this meeting.



    Topic:  Oracle/Sun Solaris 11.1 Release Meeting

  Speaker:  Isaac Rozenfeld,
            Solaris Product Management,
            Oracle/Sun <>

     When:  Thursday, June 20th, 2013    (*** 3rd Thursday ***)

    Where:  The Cooper Union  <>
            School of Engineering    (*** New Building ***)
            41 Cooper Square      (3rd Ave @ 7th St, bet. 6th & 7th Sts)
            East Village, Manhattan
            New York City
            Meeting Room: 505_CS     (5th Floor)

     Time:  6:15 PM - 6:30 PM  Registration
            6:30 PM - 6:45 PM  Ask the Wizard, Questions,
                               Answers and Current Events
            6:45 PM - 7:00 PM  Unigroup Business and Announcements
            7:00 PM - 9:30 PM  Main Presentation

     Cost:  See the Meeting+Membership Fee Schedule Below.


  June 2013 is Solaris Month at Unigroup, with two Solaris meetings



  Most Unigroup meetings are open to the public!

  To REGISTER for this event, please RSVP by using the Unigroup
  Registration Page:

  This will allow us to automate the registration process.
  (Registration will also add you to our mailing list.)
  Please avoid Emailed RSVPs.

  Please continue to check the Unigroup web site and meeting page,
  for any last minute updates concerning this meeting.  If you
  registered for this meeting, please check your Email for any last
  minute announcements as the meeting approaches.  Also make sure
  any anti-spam white-lists are updated to _ALLOW_ Unigroup traffic!
  If you block Unigroup Emails, your address will be dropped from
  our mailing list.

  Also, if you have an interest in Unigroup, be sure to receive
  Unigroup information DIRECTLY from Unigroup, via direct receipt
  of Emails and by visiting the Unigroup Web Site.  NO OTHER SOURCE
  provides timely, accurate and complete Unigroup information.

  Please RSVP as soon as possible, preferably at least 2-3 days
  prior to the meeting date, so we can plan the food order.
  RSVP deadline is usually the night before the meeting day.

  Note: RSVP is requested for this location to make sure the guard
        will let you into the building.  RSVP also helps us to
        properly plan the meeting (food, drinks, handouts,
        seating, etc.) and speed up your sign-in at the meeting.
        If you forget to RSVP prior to the meeting day, you may
        still be able to show up and attend our meeting, however,
        we cannot guarantee what building security will do if
        you are "not on the list".



  Topic:  Solaris 11.1 Release Meeting

  Introduction & Description of Talk:

  Solaris 11.1 Operating System Topics

  Outline of the Talk:

  - What's New in Solaris 11.1
  - To-be-announced

  References & Web Resources:

  Oracle/Sun Solaris:

  Unixman Solaris Blog:


  Speaker Biography:

  Isaac Rozenfeld, from Oracle/Sun, has presented Solaris and
  OpenSolaris topics to Unigroup on various occasions.


  Company Biography:

  For information about Oracle/Sun, visit



  Addison-Wesley Professional/Prentice Hall PTR, and O'Reilly have
  been kind enough to provide us with review copies of some of their
  books, which we will continue to raffle off as giveaways at our
  meetings.  The publishers always ask that the persons receiving
  the books provide a review and/or feedback about their books.

  Unigroup would like to thank both companies for the support
  provided by their User Group programs.

  As always, all of the books will be available for review at the
  start of the meeting.

  We hope to have copies of Oracle/Sun Solaris Install Media too.


  Fee Schedule:

  Unigroup is a Professional Technical Organization and User Group,
  and its members pay a yearly membership fee.  For Unigroup members,
  there is usually no additional charges (ie. no meeting fees) during
  their membership year.  Non-members who wish to attend Unigroup
  meetings are usually required to pay a "Single Meeting Fee".

      Yearly Membership (includes all meetings):      $ 50.00
      Student Yearly Membership (with current! ID):   $ 25.00
      Non-Member Single Meeting Fee:                  $ 20.00
      Non-Member Student Single Meeting (with! ID):   $  5.00

    * Payment Methods: Cash, Check, American Express.

    ! Students: We are looking for proof that you are
      currently enrolled in classes (rather than working
      full-time), and as such, your Student ID should show
      a CURRENT date.  We have been presented Student IDs
      containing NO dates whatsoever, and in the
      current environment, perpetual/non-expiring access
      to university facilities just does not feel right.
      If your ID contains no date, please bring
      additional proof of current enrollment.  Thanks,

  NOTE: Simply receiving Unigroup Email Announcements does
        NOT indicate membership in Unigroup.

  Members: Remember to bring your Unigroup membership card with
           you to the meeting, to confirm your yearly renewal date!



  Complimentary Food and Refreshments will be served.

  This normally includes "wraps" such as turkey, roast beef,
  chicken, tuna and grilled vegetables as well as assorted salads
  (potato, tossed, pasta, etc), cookies, brownies, bottled water
  and assorted SOFT beverages.



    The Cooper Union  <>
    School of Engineering  (*** New Building ***)
    41 Cooper Square (3rd Avenue @ 7th St, between 6th & 7th Streets)
    East Village, Manhattan
    New York City, 10003
    Meeting Room: ** (See Above, Room Changes Month-to-Month)

  Located on the East side of Cooper Square.  Look for the
  new building with the non-traditional appearance.
  Entrance is at the corner of 3rd Avenue and 7 Street.

  Building lobby sign-in is required at the guard's desk.
  Enter the building, check in with the guard at the lobby for
    directions to Unigroup (the room varies from month-to-month).

  Nearest mass transit stations are:
    '6'           to Astor Place (stops right at The Cooper Union),
                  then walk 1 block East and 1 block South.
    'R'           to 8th Street, then walk about 2 blocks East
                  then 1 block South.
    '4/5/6/R/N/Q' to Union Square, then walk South and East.
    'B/D/F/V'     to Broadway-Lafayette, then walk North and East,
                  or take the new transfer to the uptown '6'.

  Free street parking in the area becomes available at 6pm.

  There are also parking lots on Broadway, at (or just south of)
    Astor Place (8th Street).


  Please mark this meeting on your calendar and join us!
  Please tell your friends about Unigroup!



  ** Formal Thank You's to our previous speakers will appear
     in an upcoming announcement.  Unigroup issues a "Thank You"
     to all our speakers and sponsors!

  Our thanks goes to The Cooper Union School of Engineering,
  and its staff, for hosting our meetings.



  a) CloudCamp at Cloud Expo NYC

     Date:  Tue, Jun 11, 2013  (**DATE CHANGED**)

     Time:  5:30pm - 9:30pm

     Where: Javits Convention Center, NYC
            Meeting Room To-be-determined.

     For information and complimentary online registration visit:

     ** As in prior years, it looks like CloudCamp attendees receive a
        complimentary Cloud Expo pass!

  b) Cloud Computing Expo / Big Data Expo

     Dates: Mon, Jun 10, 2013
            Tue, Jun 11, 2013
            Wed, Jun 12, 2013

     Where: Javits Convention Center, NYC

     For information and registration visit:

     ** Also see CloudCamp Event above.  Many complimentary VIP codes
        have materialized on the web in the past week.



  We have a series of meetings in the works:

  - Planning: Solaris 11.1 Release Meeting
  - Planning: Building a Data Server with Oracle/Sun ZFS
  - Planning: Oracle/Sun VirtualBox
  - Planning: DataCenter Field-Trip
  - Planning: Real-Time Hardware Acceleration: FPGAs, DSPs and GPUs
  - Planning: Hadoop Clusters
  - Planning: DNS / Dynamic DNS
  - Planning: Fibrechannel and Infiniband Storage
  - Planning: IPsec and VPNs  (possibly 2 meetings)
  - Planning: Trading with the FIX Protocol
  - Planning: Cloud and Grid Computing
  - Planning: Unix/Linux Authentication
  - Planning: NO SPAM!
  - Planning: Crypto / PKI / GPG-PGP
  - Planning: Anti-Virus
  - Planning: The latest on *BSD (FreeBSD/NetBSD/OpenBSD)
  - Unix/Linux/BSD Clusters and Clustered Databases
  - Patching and Updating Unix/Linux/BSD (rpm. yum, yast, etc.)
  - Building Custom Kernels Unix/Linux/BSD
  - Linux Clustering Part 3: Beowulf
  - Building a Firewall using FreeBSD and Linux
  - LAMP Part 2 - PHP/Python
  - Unix 40th+ Birthday Celebration
  - Samba
  - High Performance Internet Servers / Web Acceleration
  - Unix Office Tools: Word Processors, Spreadsheets, Accounting Packages.
  - GNU Development Environments
  - iSCSI, and other new peripheral technologies
  - Java and/or JavaScript Programming

  ** Unigroup Needs Speakers!!
  Please let us know about any other meeting topics that you may be
  interested in.  Potential speakers on Unix/Linux/BSD related
  technology topics should please contact the Unigroup Board.



  Unigroup is one of the oldest and largest Unix User's Groups serving
  the Greater New York City Regional Area since the early 1980s.
  Unigroup is a not-for-profit, vendor-neutral and member funded
  volunteer organization.  Unigroup holds regular and special event
  meetings throughout the year on technical topics relating to Unix
  and the Unix/Linux/BSD User Community.

  Unigroup holds regular meetings planned for (at a minimum) the Third
  THURSDAY of Odd Months.  We generally try to hold Field Trip or
  Vendor Specific Meetings on the Even Months, although we do have the
  ability to hold monthly meetings at our regular meeting location.

  Planned regular meeting dates are (usually 3rd Thursdays):
    06/12/2013, 06/20/2013, 07/18/2013, 09/19/2013, 11/21/2013, ...
  Also watch for Special Event meetings and "Field Trips" to the
  facilities of local hardware and software vendors.

  = For Unigroup Information, Events and Meeting Announcements be sure to =
  = visit our World Wide Web Home Page:                                   =
  =                                         =

Wednesday May 01, 2013

Configuring swap in Automated Installer

I was recently asked to help a customer in their deployment efforts of a SPARC SuperCluster environment for Oracle applications. The question was "How can we configure a different size for a swap device when provisioning Solaris 11?". The answer was clearly "through the Automated Installer (AI) manifest", but exactly what needed to be changed was something that required proper syntax. Looking at the AI manifest that's configured on the existing install service (via: installadm export ...) does allow you to dump the existing AI manifest into a file for further manipulation. The goal is to determine exactly what bits need to be inserted, and where, and then run a combination of installadm update-manifest ... to populate the contents of the AI install service with the contents of the manipulated file.

Here is the bolded <zvol> syntax that needs to be inserted into the AI manifest file, that configures the swap size of 48GB on a newly installed system. It needs to go in the section before the boot environments are defined.

  <zpool name="rpool" is_root="true">      
          <filesystem name="export" mountpoint="/export"/> 
          <filesystem name="export/home"/>   
<zvol name="swap" action="create" use="swap"> 
           <size val="48gb" />

       <be name="solaris"/> 

You can get more details on the overall process of updating AI services with installadm in this How-To document

Monday Apr 15, 2013

Solaris and Python

Loved being at last month's PyCon2013 in Santa Clara, CA. For many on our team this hadn't been the first Python conference, but it was the first time we were actually showcasing how Python lends itself to being a language of choice for systems programming and development of Oracle Solaris. We had about a dozen folks from the Solaris deployment technologies teams attend sessions, talk with exhibitors and attendees, and discuss how Solaris provisioning and software lifecycle management tools are written in Python.

Rick Ramsey, our OTN mechanic, caught up with Drew Fisher of the Solaris Deployment team to discuss benefits of choosing Python for developing OS installation tools. 

We are also looking for Python coders to grow our Deployment team in Solaris. Hear from Martin Widjaja, a manager of the Solaris Install team below:

And here are some of the photos from the event, courtesy of Martin himself.  Unfortunately not all team members who were at the event actually made it to the "photo shoot"; here are a few of the folks in action besides me, BJ Wahl, Swati Sarraf, Danek Duvall, Karen Tung, Jesse Butler, Ginnie Wray.

Tuesday Apr 09, 2013

Ready.Set.Move: Solaris 10 to Solaris 11

As you begin to consider moving from Solaris 10 to Solaris 11, remember to check out the End of Feature Notices we posted here, in order to help you plan properly. Example: If you have SunOS 4 binaries you're running on Solaris 11, you'd need to run them in Solaris 10 Zones (that in turn run on top of Solaris 11).

Thursday Apr 04, 2013

Deploying an application in Solaris 11

My colleague Glynn Foster recently recorded a youtube tutorial, showing how an application can be deployed in Oracle Solaris 11 whilst taking advantage of core OS capabilities, such as IPS, SMF and, of course, virtualization via Zones. Hardware abstraction and virtualization are hot and so why not take advantage of this concept when considering a deployment scenario -  not just from cost-savings and multi-tenancy point of view but just as importantly: security, isolation and management.

Glynn takes his time to provide a thorough explanation to anyone who might be entering the world of Solaris 11 and is interested in seeing how things can be put together. Glynn goes over IPS components such as actuators, facets, variants, mediators, a family of pkg* commands, reviews SMF elements such as manifests, profiles, and svcbundle, as well as ties everything into building a zone and performing basic resource management on how the zone consumes network bandwidth.   Grab a snack and set aside 30 minutes for a joyride of your work day :-)

Wednesday Apr 03, 2013

New ISV applications for Solaris 11


We interrupt your regularly scheduled program to make the following announcement:

Folks working in our ISV engineering group have recently shared some new developments; there's a number of new 3rd party applications have been released with support for Oracle Solaris 11 just this March'13

    * HP; GlancePlus 11.10; SPARC, x64
    * HP; Performance Agent 5.0, 11.10; SPARC, x64
    * Oracle; Oracle Cloud File System (ACFS,ASM Cluster File System) PSU5; SPARC, x64
    * Holland House; Unispool;SPARC, x64
    * AKI GmbH; PrinTaurus for ERP Systems; SPARC, x64
    * Symantec; Storage Foundation Cluster File System 6.0.3; SPARC, x64
    * Symantec; Storage Foundation for Oracle 6.0.1; SPARC, x64
    * Symantec; Storage Foundation for Oracle RAC 6.0.3; SPARC, x64
    * Symantec; Storage Foundation for Unix 6.0.3; SPARC, x64
    * Symantec; Veritas Cluster Server (VCS) 6.0.3; SPARC, x64
    * Symantec; VeritasVolume Replicator (VVR) 6.0.3; SPARC, x64

 You can keep up with similar announcements on our PartnerTech blog


Isaac Rozenfeld is a Product Manager for Oracle Solaris; current responsibilities include the portfolio of networking and installation technologies in Solaris, with a focus on easing the overall application deployment experience

You can follow Isaac on Twitter @izfromsun


« April 2014
Tech Reference

No bookmarks in folder