In this talk we will demonstrate a new concept called Immutable Service
Containers built upon the OpenSolaris OS and discuss how ISCs offer a
compelling security advantage by pre-integrating security functionality
and refactoring how services can and should be delivered. Step by step,
we will deconstruct and demonstrate what makes an ISC tick using a
real-world deployment scenario. Come see why ISCs on Solaris are an
excellent platform for secure service delivery!
Glenn Brunette is a Distinguished Engineer and Chief Security
Architect at Sun Microsystems. For over 15 years, Glenn has architected
and delivered security solutions for a wide range of customers and
industries. Currently, as a member of Sun's Chief Architect's Office,
Glenn leads Sun's security initiatives for Cloud Computing and other
highly-scalable and dynamic environments. Glenn develops architectures,
patterns, best practices, and tools enabling improved security for
Cloud Computing and other highly-scalable, dynamic environments.
The Alligator meets the Terminator: Caiman, AI, and the other 998 ways
of installing OpenSolaris
The presentation will give an overview over the state of the art in the
world of OpenSolaris installation. Developers who might be familiar
with the traditional interactive and JumpStart installation methods can
find out about the shiny new installation techniques.
Starting with the initial graphical interactive "Caiman" installer,
OpenSolaris can now be installed in a more or less "hands-off" fashion,
too. However, both this "Automated Installer" and the interactive
text-based console installer are very much work in progress.
The AI eats XML manifests, which seems a bit daunting and complicated
but it's not so bad if the developer sticks to a few simple rules and
has a good template.
Package repositories provided via the Image Packaging System are the
basis of every OpenSolaris installation. Operations on packaged objects
are initiated through actuators, and software instances can be
assembled leveraging the Service Management Framework. The interaction
and workflow between these components is shown in a few short examples.
The distribution builder is also briefly described. Finally,
particularly for software and package developers, we will spend a few
minutes on tips and tricks to speed up installation-test-edit cycles
and installation debugging.
There aren't really a thousand ways of installing OpenSolaris, but
there is certainly more choice for the developer than just a few months
ago. This presentation attempts to empower the developer to make
informed choices for her or his OpenSolaris installation method.
Volker A. Brandt is an IT consultant specialising in Solaris system and
infrastructure development based in Meckenheim, Germany. Past Sun and
Solaris experience has included almost everything from assisting a
small two-server shop to building a large disaster recovery environment
based on many enterprise systems across several data centers. He has
worked on software for automating package generation, Solaris OS
installation, package deployment and software distribution. He has held
training classes and hands-on workshops on many Solaris-related topics,
as well as basic Unix instruction classes and Perl programmer coaching.
The author has been using Free and Open Source Software for twenty-five
Leveraging current hardware capacities has become one of the major topics
in current IT business.
Designing tools for deploying network virtualization and effectively
controlling virtual network environments from the perspective of
network capacities raised demand for a project called Crossbow. With
this technology we could effectively control how an application accesses
the network and decide how much bandwidth it could use. Also, we
could dynamically allocate bandwidth resources, giving an
application surplus if needed from other applications
whose network resources are underutilized.
is done by creating Virtual Network Interface Cards (VNICs) and
dedicating each of them to the different applications we want to deploy.
In this presentation we'll show how Crossbow technology works in
practice deployed on OpenSolaris.
About speaker Uros Nedic: Education: Univ. of Belgrade, Faculty of Elec. Eng., Dept. of Telecommunications, MSc holder degree.
Previous work experience: BTExact (British Telecommunications Research Company), Adastral Park, Ipswich, UK
Current work: Trend Consulting, UK based IT consulting company - working in Belgrade Branch Office, Serbia.
This talk explains the basic elements of the ZFS filesystem and the
corresponding structures in the on-disk format.
ZFS belongs to a new generation of filesystems, which are able to keep
up with the pace of the developing disk subsystems and new challenges in
data processing. But how does it work?
Transactions are implemented with COW; the talk explains which data
structures from uberblock over the internal tree to the leaf nodes on
the disk are modified during that. Some applications like databases emit
a high number of synchronous writes which have to be implemented
differently; ZFS keeps the integrity with the ZFS Intent Log.
The tasks of the Data Management Unit (DMU) and the Storage Pool
Allocator (SPA) are explained and why ZFS is able to optimize better
than traditional filesystems. The structures mantained by DMU and SPA
Directories and other mappings are implemented with ZAP (ZFS Attribute
Processor) and variants (micro-ZAP). It is explained how it works and
where it is used.
Free space in ZFS is mantained with regard to the blocks still in use by
snapshots. The talk explains how this works over multiple disks.
ZFS can use SSDs in the critical areas for faster log writing (aka
LOGZILLA) and for fast access to frequently read data (aka READZILLA).
ZFS caching algorithm ARC implements this.
Gnome Desktop Environment is shipped with OpenSolaris by default. Gnome,
like any other large software system has been hitting with performance
issues, some annoying and some not so obviously visible. The idea is to
use the power of DTrace to form a framework to enable tracing of
I propose to do this by adding USDT probes into some of the core modules
of Gnome like glib, gtk and gio/gvfs. Adding probes in glib namely in
the g_malloc()/ g_free() interface lets us analyse the sizes of objects
that are being allocated in Gnome. Since USDT probes are enabled on a
per-process basis, we can get a process-wise chart of object sizes of
all gnome applications. This gives us a good idea on what are the sizes
of memory request each gnome application is making. Probes in gtk,
enables us to analyse the time taken to initialize and destroy an
object(by adding probes in corresponding class_init/class_finalize and
obj_init/obj_finalize functions). It also allows us to track what is the
Mean Life Time of objects used by gnome applications, through the gtk
type interface. Probes in gio/gvfs will let us compute the latencies
involved in file I/O in Gnome better. The probes can help us compute the
time taken to handle various URIs and understand better the
bottlenecks, if any.
With the above setup in place, I plan to write scripts that will
aggregate "useful" data and deliver it in a meaningful form. This
proposal is inspired by the observability and the near zero probe effect
that DTrace offers.
The traditional performance measurement concerns of the Gnome community
are listed here: http://live.gnome.org/GnomePerformance Most of them
listed, would be solved directly with above framework in place or with
small extensions of the framework.
Krishnan Parthasarathi works as a Sustaining Engineer at Sun Microsystems, Bangalore, for the
Desktop Environment on Solaris/ OpenSolaris. Work involves fixing bugs
in various components of Gnome on OpenSolaris release version and
There are two parts of this talk: First one is focusing mostly on the IPS GUI and it's new/planned features such as web install, publisher auto discovery, history support and lots of other features. The users and developers will get an overview about the development aspects of the IPS GUI project from behind the scenes. This includes usability studies and automated tests, which includes DTrace for python. In the second part speaker will explain the benefits of working with multiply boot environments using OpenSolaris Package Manager and beadm(1) CLI.
Michal Pryc presents at OSDEVCON 2009. Michael, a Sun engineer, has enjoyed working on the OpenSolaris desktop since mid-2006, in particular, the key project: Package Manager. Previously, Michal developed Java platform-based games and performed administrative tasks for several years. Away from the computer, depending on the place and time of the year, he plays sports: gliding, sailing, skiing, and badminton. For Michal it's the third time, when he will attend OpenSolaris Developer Conference, previously in Berlin and Prague.
This talk walks you through the implementation of a simple SMF service. What sounds "simple" at first, develops a life of its own when you consider installation/de-installation, security considerations, error handling and debugging, and of course unexpected little bugs and shortcomings. Finally, we add a GUI to our service by discovering the OpenSolaris Visual Panels project. This "lessons learned" talk is intended to be a practical roundup of things to consider for developers interested in integrating with SMF. Presented by Constantin Gonzalez, a Principal Field Technologist with Sun Microsystems, Germany. Together with Wolfgang Stief, he heads the Munich OpenSolaris User Group. In addition to OpenSolaris, he also spends time with Web 2.0, Cloud Computing, CPU and System Architectures and other geeky stuff. OSDEVCON, October 2009, Dresden