Thursday August 26, 2004
Thursday August 26, 2004
The Pump Don't Work 'Cause the Vandals Took the Handles
Whether you are trying to figure out why the pump "don't
work" or you are trying to protect the pump from the iVandals out
in the real world, Solaris 10 can help you deal with these and many
other situations.
DTrace
is known as the technology which provides concise answers to
arbitrary questions. It has been used within Sun and by our
customers to improve the performance of the operating system and
applications alike and to help find the root cause of bugs which
previously were difficult, if not near impossible to find using
traditional debugging techniques. It allows such analysis, safely, on
production systems without requiring recompilation of the operating
system or the application and without having to recreate the production
environment where a problem has been observed.
Zones
can help isolate application environments from one another such that
even if one becomes a privileged user in one of the application
environments, the damage one can cause on purpose or inadvertently is
isolated to that one zone or container. The degree of isolation is
such that each zone can be rebooted independently without affecting any
other zones on the system or the machine as a whole (and the zones boot
very quickly - for example, on a
Sun Fire V60x
a zone can boot in as little as eight seconds, from a halted state to
login prompt.)
Finally, the
Predictive Self-Healing
technology can help customers maximize the availability of their
computing resources, and to handle faults that may occur whether in
software or in hardware. In the past, typically problems resulted in a
number of messages appearing in the system log which left both
customers and often service personnel scratching their heads, trying to
make sense of these symptoms. Predictive Self-Healing instead observes
generated error events or telemetry and once sufficient
telemetry has been been obtained, diagnosis engines can generate
a single fault event to agents which can respond to the
diagnosed fault.
Not too long ago, a number of engineers who designed these new
frameworks participated in three
Sun Expert Exchanges
where over a live chat system we were able to answer technical
questions about these features and get valuable feedback from
customers. The transcript of the DTrace exchange in which
Adam
and
Bryan
and others participated can be found
here.
About a month later,
Andy
and
Dan
and I participated in an exchange on Zones which not only was a great
deal of fun but provided us with a lot of interesting input and we hope
was helpful to both current zones users and interested parties alike.
The transcript for that exchange is available
here.
And about a week ago, some of the architects of the Predictive Self
Healing functionality participated in their own exchange and its
transcript is available
here.
Transcripts from other Expert Exchanges are available as well
here
under Archives and registration is open for a number of other
planned sessions including one on ZFS (The Zettabyte Filesystem) and
the many fundamental security enhancements that have been made to
Solaris 10.
Technorati Tag:
Containers
Technorati Tag:
Solaris
Technorati Tag:
Virtualization
Technorati Tag:
Zones
( Aug 26 2004, 10:26:17 PM PDT )
Permalink
Comments [1]
Friday August 06, 2004
What's New Pussycat?
Support for
Zones
was initially released in the Software Express for Solaris 2/04
release. Since then, we have been working on adding a number of
enhancements as well as fixing a number of bugs that have been
reported. Of course, the definitive source for what has changed in
each of the Solaris releases can be found in that release's
Solaris What's New
document. However, I thought it might be useful to summarize the Zones
enhancements that have been released since February and what is coming
in the upcoming Software Express for Solaris release.
In the Software Express for Solaris 7/04 release, support for Zones
being
NFSv4
clients was added. In that particular build, the default NFS version
was still three (3) but this can be changed by editing the file
/etc/default/nfs and uncommenting and changing the
NFS_CLIENT_VERSMAX parameter to 4. For more information,
please see the
nfs(4)
manual page. Note that in the upcoming Software Express for Solaris
release, the default NFS version will be four (4) although the system
will negotiate a lower version as necessary.
On a similar note, the statistics reported by
nfsstat(1M)
have been virtualized on a per-zone basis.
With the power of the
Tecla command-line editing library,
the
zonecfg(1M)
command now supports command line editing, command history and tab
completion within interactive mode. This new functionality can make it
far easier to enter or edit a zone's configuration. In addition, each
user can customize their own particular set of key bindings through the
file .teclarc in their home directory.
One of the other new features in this release is the ability to specify
a richer set of file systems through
zonecfg(1M)
Previously, the administrator could specify a restricted set of file
systems such as
lofs(7FS)
or
tmpfs(7FS).
This restriction to a large degree is lifted in this release, allowing
the administrator to specify file systems like
ufs(7FS).
For example, consider this update to the configuration of the zone
myzone:
global# zonecfg -z myzone
zonecfg:myzone> add fs
zonecfg:myzone:fs> set dir=/source
zonecfg:myzone:fs> set special=/dev/md/dsk/d4
zonecfg:myzone:fs> set raw=/dev/md/rdsk/d4
zonecfg:myzone:fs> set type=ufs
zonecfg:myzone:fs> end
zonecfg:myzone> commit
zonecfg:myzone> exit
global#
What we have added to the configuration is a UFS file system that will
automatically be mounted as /source when the zone is booted.
The partition used is a
Solaris Volume Manager
metadevice that was created and initialized from within the global
zone.
Finally, the Software Express for Solaris 7/04 release includes two
enhancements to the
ps(1)
command to add zone information to any current command output and to
filter information based on one or more zones. The new -Z
option adds a ZONE column to any report generated by
ps(1)
while the -z zidlist option prints only those processes belong
to the zones specified in the comma-separated zidlist (zones can
be listed either by name or by their ID number.)
In the upcoming Software Express for Solaris release, there are three
additional enhancements being introduced for Zones. As a teaser, I
will briefly describe them now and cover them later in more depth when
the release is made available.
When
resource pools
have been enabled, the first enhancement more accurately reports the
processor resources available to a zone and their statistics as
reported by commands such as
iostat(1M)
,
mpstat(1M)
,
vmstat(1M)
,
psrinfo(1M)
and
sar(1).
In a similar manner, library routines such as
getloadavg(3C)
and
sysconf(3C)
(the latter when invoked for _SC_NPROCESSORS_CONF or
_SC_NPROCESSORS_ONLN) only return information for the
processors in the set a particular zone is bound to.
In addition, a new
resource control
has been introduced, zone.max-lwps, which allows a global zone
administrator to limit the number of lightweight processes or LWPs that
can be created inside a zone. From within the zone itself, another new
resource control, project.max-lwps, can be used to further
divide the total number of LWPs amongst the
projects
defined in the zone.
Finally,
Solaris Auditing
can now be configured for zones in a number of different ways. The
global zone administrator can specify whether the whole system should
be audited as a whole or whether each zone can be audited separately.
In the latter case, each zone has its own audit configuration and that
zone's administrator can configure and process their audit trails
independently from the other zones on the system.
We welcome hearing about your experiences or problems with using Zones
and of any feature enhancements you would like to see.
Technorati Tag:
Containers
Technorati Tag:
Solaris
Technorati Tag:
Virtualization
Technorati Tag:
Zones
( Aug 06 2004, 08:51:15 AM PDT )
Permalink
| Archives | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Links | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OpenSolaris Distributions
BeleniX marTux NexentaOS SchilliX Solaris Express, Developer Edition BigAdmin System Administration Portals DTrace Predictive Self-Healing Solaris Containers (Zones) Planets Planet OpenSolaris Planet Solaris Planet Sun |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Referrers | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
Today's Page Hits: 34 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||