Solaris 11.2 What's New
Upcoming SlideShare
Loading in...5
×

Like this? Share it with your network

Share

Solaris 11.2 What's New

  • 700 views
Uploaded on

Oracle Solaris 11.2 - Engineered for Cloud ...

Oracle Solaris 11.2 - Engineered for Cloud
Oracle Solaris provides an efficient, secure and compliant, simple, open, and affordable solution for
deploying your enterprise-grade clouds. More than just an operating system, Oracle Solaris 11.2 includes
features and enhancements that deliver no-compromise virtualization, application-driven software-defined
networking, and a complete OpenStack distribution for creating and managing an enterprise cloud, enabling
you to meet IT demands and redefine your business.
For more information: http://www.oracle.com/technetwork/server-storage/solaris11/overview/beta-2182985.html

More in: Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
No Downloads

Views

Total Views
700
On Slideshare
679
From Embeds
21
Number of Embeds
3

Actions

Shares
Downloads
46
Comments
0
Likes
3

Embeds 21

http://www.slideee.com 13
https://blogs.oracle.com 5
https://www.linkedin.com 3

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Oracle Solaris 11.2 what’s new Orgad Kimchi Principal Software Engineer ISV Engineering Oracle
  • 2. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.2 THE FOLLOWING IS INTENDED TO OUTLINE OUR GENERAL PRODUCT DIRECTION. IT IS INTENDED FOR INFORMATION PURPOSES ONLY, AND MAY NOT BE INCORPORATED INTO ANY CONTRACT. IT IS NOT A COMMITMENT TO DELIVER ANY MATERIAL, CODE, OR FUNCTIONALITY, AND SHOULD NOT BE RELIED UPON IN MAKING PURCHASING DECISION. THE DEVELOPMENT, RELEASE, AND TIMING OF ANY FEATURES OR FUNCTIONALITY DESCRIBED FOR ORACLE'S PRODUCTS REMAINS AT THE SOLE DISCRETION OF ORACLE.
  • 3. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.3 Agenda  OpenStack Overview  Software Defined Networking (SDN)  Unified Archives  Kernel Zones  Observability & Monitoring  Installation and Software Management  Data Management  Security
  • 4. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.4 Oracle Solaris – Engineered for Cloud Oracle Solaris brings enterprise to OpenStack  #1 enterprise platform – designed for mission critical apps  Immense workload scalability  Assured data integrity  Secure by design  Production safe observability Enterprise Ready Cloud Agility  Zero-overhead virtualization  Agile, self-service environments  Full VM lockdown  Application driven SDN  Scalable data management  Automated compliance monitoring and reporting
  • 5. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.5 COMPLETE. SDNVirtualization OpenStackOS Solaris 11.2
  • 6. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.6 Drivers for Enterprise Cloud Computing  Business responsiveness and agility – Rapid resource & application provisioning – Seamless scale up and scale out  Simplified administration – Better capacity planning and asset utilization – Centralized monitoring and reporting  Business protection – Integrated workload and data redundancy What factors are causing a shift towards the cloud?
  • 7. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.7 Cloud Implementation Challenges  Months to deploy  Complex updates  Incompatible with compliance rules  Insufficient High Availability  Prohibitive virtualization overhead
  • 8. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.8 OpenStack Overview  Open Source Cloud Software – Foundation for IaaS, PaaS and SaaS  Combines compute, network and storage resources – Web portal for cloud admins and self-service users – Cloud services exposed through APIs What is OpenStack? Data Center Resources Single Management Pane
  • 9. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.9 Integration with Oracle Solaris Compute Virtualization Cloud Networking Cloud Storage Image Deployment Cloud Management Cloud APIs Zones & Kernel Zones Elastic Virtual Switch ZFS File System Unified Archives Nova Neutron Cinder & Swift Glance Horizon
  • 10. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.10 Core Oracle Solaris Technology Solaris Features a Foundation for OpenStack
  • 11. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.11 Oracle Solaris Enterprise OpenStack Cloud Management x86 x86 x86 Shared Storage Horizon
  • 12. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.12 Networking & Application Engineered Together  Application-driven network SLAs – Application flows across SaaS, PaaS, IaaS layers – Oracle 12c  Pluggable Databases  RAC Heartbeats – Java 8, WebLogic  Builtin – Applications get SLAs without change Application-Driven SDN – No Compromise Solaris SDN
  • 13. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.13 Virtual Switching  Use etherstubs instead of physical NICs  Build virtual switches that are independent from any hardware  As many as you want on a single host  A virtual switch is created automatically when VNICs are configured  Virtual switches allow VNICs to communicate with each other and with hosts on the network
  • 14. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.14 Multi-tenant Virtual Networks Elastic Virtual Switches (EVS)
  • 15. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.15 Elastic Virtual Switch in the Cloud  Elastic Virtual Switch (EVS) allow you to manage multiple virtual switches that are spread across several physical machines most typical in a cloud environment. Building on the network virtualization and SDN capabilities included in Oracle Solaris 11,  EVS helps simplify administration by managing these virtual switches as a single virtual switch, including the management of network traffic between VMs, MAC and IP addresses, VLANs and VXLANs, and enforcing service level agreements across the network through resource control management
  • 16. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.16 Network Resource Control  Set bandwidth limit on a VNIC (virtual link speed)  QoS integrated in the core stack, no separate component to configure  Constrain the CPUs used by VNICs or data links by CPU ids or pool names  Integrated with Solaris resource management and zones # dladm create-vnic -l net0 -p maxbw=100M vnic0
  • 17. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.17 Controlling and Observing Flows Control the Un-Controllable  Bandwidth limits can be applied to traffic flows specified by the administrator; this includes datalinks in non-global zones  Managed by flowadm(1M) and specified by source and destination IP addresses, protocol, port number, etc.  Flows can be observed in real time with flowstat(1M), or a history can be obtained using extended accounting
  • 18. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.18 Datalink Multipathing
  • 19. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.19 VXLAN Create Layer-2 segments on top of an IP network– Layer-2 packets are encapsulated within IP packets  Allows greater number of VXLANs vs traditional VLANs  Fabric independence, relies on IP only  EVS can use VXLANs to implement virtual switches– Hides details of VXLAN management # dladm create-vxlan -p address=1.1.1.1,vni=101 vxlan1 # dladm create-vnic –l vxlan1 vnic0
  • 20. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.20 Application-Driven SDN Example - Oracle RAC without Expensive Switches ApplicationDriven Network Fabric
  • 21. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.21 Flows Enhancements in Solaris 11.2
  • 22. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.22 ApplicationDriven Software Defined Networking  A new socket level flow API allows applications to directly prioritize its own traffic through a series of network flows,leading to optimized application performance and r educe any adverse impact of resource contention This application -driven software defined networking, from application through to storage, along with administrative driven flows help to ensure service level agreements are maintained within a data center or cloud environment
  • 23. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.23 Reflective Relay
  • 24. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.24 Rapid Application Deployment Agile application provisioning in the cloud with Unified Archives Fast archive creation, instant deployment Unified Archives Create Clone Archive 2XFASTER PROVISIONING Agile Apps
  • 25. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.25 Secure, Compliant Application Deployment Agile application provisioning in the cloud with Unified Archives Unified Archive 2XFASTER PROVISIONING Securely Deploy Develop and Test Create Unified Archive Securely Deploy into Production Lock Down Host and Global File System Generate Reports for Compliance Optimized for Compliance from Dev through Production
  • 26. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.26 Fast and Reliable Disaster Recovery Integrated disaster recovery with Unified Archives Fast system archive creation, full recovery in minutes 2XFASTER RECOVERY System Back System A System A’ Disaster RecoveryUnified Archives System Backup
  • 27. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.27 Total Archive Portability Seamless image transforms Archive and deploy across systems and virtualization boundaries 100% UNPRECEDENTED FLEXIBILITY Archive portability
  • 28. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.28 Unified Archive  Simplified Administation – archiveadm(1m) utility  Oracle Virtual Archive (OVA) with multi-system definition – OVF : Descriptor and Manifest – ZFS send/receive streams  Disconnected system support – Bootable ISOs or USB images Simple to Administer
  • 29. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.29 Creating Unified Archive is Simple One line to create an Archive
  • 30. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.30 Deploying Unified Archive is Simple Two line to deploy in a Zone
  • 31. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.31 Unified Archive Integration with OpenStack Compute Virtualization Cloud Networking Cloud Storage Image Deployment Cloud Management Cloud APIs Zones & Kernel Zones Elastic Virtual Switch ZFS File System Unified Archives Nova Neutron Cinder & Swift Glance Horizon
  • 32. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.32 Solaris Kernel Zones  Near zero Virtualization Overhead  Independent patching and updating  Instant switch between zones, kernel zones, bare-metal and OVM  Optimized booting off of shared storage via NFS, FC or iSCSI  SDN, Distributed Virtual Switch  Zone images encrypted on shared storage  Immutable root file system  Live reconfiguration A New Type of Zone with its own Kernel iSCSI 1 InfiniBand Fabric 10GbE Network iSCSI N S11.2 Virtual Router S11.2 S11.x S12
  • 33. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.33  Kernel Zones can be configured, installed and booted with the existing zonecfg(1M) and zoneadm(1M) commands  For example, to create an install a Kernel Zone: # zonecfg -z newzone create –t SYSsolaris-kz # zoneadm –z newzone install Kernel Zones
  • 34. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.34 Live Zone Re-configuration  Support for the dynamic re-configuration of local zones.  Now the following configuration changes do not require a zone reboot. Resource controls and pools Network configuration Adding or removing file systems Adding or removing virtual and physical devices
  • 35. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.35 Read-Only Global Zones  Recent releases of Solaris have support for Immutable Non-Global Zones already. Solaris 11.2 extends the immutable zone support to Global Zones. Immutable zones will have a read-only zone root.  Make a Global Zone Read-Only/Immutable by: # zonecfg -z global set file-mac-profile=fixed-configuration
  • 36. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.36 Installing Packages across multiple Non-Global Zones from the Global Zone  -r option of pkg can be used to install/update/uninstall software packages into/in/from all non-global zones from the global zone.  Use -Z option along with -r to exclude a zone in applying the package operation. Similarly use -z along with -r to apply the intended package operation only in a specific zone
  • 37. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.37 Multiple Boot Environments for Solaris 10 Zones  Multiple BE support has been extended to Solaris 10 Zones in this release. This feature is useful when performing operations such as patching within an Solaris 10 environment running on a Solaris 11 system
  • 38. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.38 Automated Zone Renaming  Support for more convenient Oracle Solaris Zone renaming is introduced with a new sub command rename to zoneadm(1M)  This new sub-command allows for easier zone renaming for zones in a ‘con figured’ and ‘installed’ state.
  • 39. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.39 Installation and Software Management  Users/customers who wish to have their OS installed with minimal set of required system packages for running most of the applications in general, can just install solaris-minimal-server package and not worry about anything else such as removing unwanted packages. # pkg install pkg:/group/system/solaris-minimal-server
  • 40. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.40 Installation and Software Management  Oracle Database Pre-requisite Package  Solaris 11.2 frees up the users from the burden of checking and installing individual [required] packages by providing a brand new package called oracle-rdbms-server-12cR1-preinstall.  Users just need to install this package for a smoother database software installation later. # pkg install pkg:/group/prerequisite/oracle/oracle-rdbms-server-12cR1- preinstall
  • 41. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.41 Installation and Software Management  Mirroring a Package Repository  11.2 provides the ability to create local IPS package repositories and keeps them in synch with the IPS package repositories hosted publicly by Oracle Corporation. The key in achieving this is the SMF service svc:/application/pkg/mirror.  The following webpage has the essential steps listed on a high-level. How to Automatically Copy a Repository From the Internet  Another enhancement is the cloning of a package repository using -- clone option of pkgrecv command.
  • 42. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.42 Baseline Installations with IPS  A new subcommand exact-install has been added to pkg(1) to allow administrators to easily revert to a baseline installation. This is useful when needing to get a system into a baseline state without having to manually uninstall a large number of packages.  The result of the pkg exact-install command is an image with only the specified packages and their dependencies installed. Any currently installed packages that are not specified on the pkg exact-install command line and are not a dependency of the specified packages are removed
  • 43. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.43 Synchronous svcadm  When you use the -s the svcadm enable command just returns when the state transition has completed. In our example we would use svcadm enable -s apache22. As we artificially delayed the startup of the Apache, the svcadm command should run at least 10 seconds. Let's check this:  # ptime svcadm enable -s apache22  real 11.137908105  user 0.012195633  sys 0.018084807
  • 44. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.44 SMF stencils  The Service Management Facility (SMF) has been enhanced through the addition of SMF Stencils.  These allow service developers and administrators to easily map configuration properties stored in the SMF repository to application specific configuration (stored in /etc for example).  A stencil file, created using a new tool called svcio(1), provides information for how to create the application configuration file and is associated with the service. From there, SMF takes control and regenerates configuration for all stencil aware services before running the start or refresh SMF methods
  • 45. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.45 SMF Easy Log Viewing  Administrators can now easily view SMF logs directly from svcs(1) . Using the –L option, administrators can view the latest 10 lines of service logs directly from the command line.  # more `svcs –L smtp`
  • 46. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.46 Installation and Software Management  Secure End To End Provisioning  This release supports secure end To end provisioning using the Automated Installer, from system boot using SPARC WAN boot through to secure installation from IPS package repositories. By protecting the communication and configuration between installation server and client systems, administrators can now ensure complete security across their provisioning/updating environment
  • 47. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.47 Interactive Automated Installer Manifest Creation and Management  A new interactive browser interface is introduced that allows you to easily create Automated Installer (AI) manifests that can be used on an AI server.  By stepping through a series of screens, you can quickly create a new manifest that describes the disk layout, ZFS datasets,
  • 48. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.48 Advanced Configuration in Automated Installer  Support for the configuration of multiple network interfaces using the Automated Installer has  Another enhancement for Automated Installer allows passing pre- generated SSH public keys through an SMF profile using the user_account/ssh_public_keys property group/property for population within the admin user’s $HOME/.ssh/authorized_keys Support for provisioning Kerberos clients using the Automated Installer.
  • 49. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.49 Observability  Network traffic diagnostics:  A brand new command, ipstat(1M), reports IP traffic statistics.
  • 50. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.50 Monitoring  Another new command, tcpstat(1M), reports TCP and UDP traffic statistics. Up until 11.1, it is not so straight-forward to figure out what process created a network endpoint -- one has to rely on a combination of commands such as netstat, pfiles or lsof and proc filesystem (/proc) to extract that information. Solaris 11.2 attempts to make it easy by enhancing the existing tool netstat(1M). Enhanced netstat(1M) shows what user, pid created and control a network endpoint. -u is the magic flag.
  • 51. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.51 ptime  ptime -mp shows the full set of microstate accounting statistics for the lifetime of a given process. prstat -m also reports the microstate process accounting information, but the displayed statistics are accumulated since last display every interval seconds. # ptime -mp 39235 real 428:31:25.902644700 user 2:06:32.283801209 sys 16:37.056999418 trap 2.250539737 tflt 0.000000000 dflt 2.018347218 kflt 0.000000000 lock 96013:52:37.184929717 slp 14349:50:02.286168683 lat 3:11.510473038
  • 52. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.52 Memory Access Locality Characterization and Analysis  Solaris 11.2 introduced another brand new tool, numatop(1M), that helps in characterizing the NUMA behavior of processes and threads on systems with Intel Westmere, Sandy Bridge and Ivy Bridge processors.  If not installed by default, install the numatop package as shown below. # pkg install pkg:/diagnostic/numatop
  • 53. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.53 Performance related  Starting with 11.2, ZFS synchronous write transactions are committed in parallel, which should help improve the I/O throughput.  Database startup time has been greatly improved in Solaris 11 releases -- it's been further improved in 11.2. Customers with databases that use hundreds of Gigabytes or Terabyte(s) of memory will notice the improvement to the database startup times. Other changes to asynchronous I/O, inter-process communication using event ports etc., help improve the performance of the recent releases of Oracle database such as 12c.
  • 54. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.54 Bootable USB Media  Solaris 11.2 introduces the support for booting SPARC systems from USB media. Use Solaris Distribution Constructor (requires distribution- constructor package) to create the USB bootable media, or copy a bootable/installation image to the USB media using usbcopy(1M) and dd(1M) commands.  Oracle Hardware Management Pack  Oracle Hardware Management Pack is a set of tools that are integrated into the Solaris OS distribution, that show the existing hardware configuration, help configure hardware RAID volumes, update server firmware, configure ILOM service processor, enable monitoring the hardware using existing tools etc., Look for pkg:/system/management/hmp/hmp-* packages.
  • 55. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.55 Few other interesting packages:  Parallel implementation of bzip2 : compress/pbzip2 NVM Express (nvme) utility : system/storage/nvme-utilities Utility to administer cluster of servers : terminal/cssh
  • 56. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.56 Miscellaneous  Java 8  Java 7 is still the default in Solaris 11.2 release, but Java 8 can be installed from the IPS package repository.  eg.,  # pkg install pkg:/developer/java/jdk-8 <-- Java Development Kit # pkg install pkg:/runtime/java/jre-8 <-- Java Runtime
  • 57. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.57 IT Automation with Puppet  The popular IT automation software, Puppet, has been included in Oracle Solaris 11.2 Beta .  Puppet helps you manage IT infrastructure by automating repetitive tasks, deploying critical applications rapidly, and proactively managing changes required in a system. Puppet automates tasks such as provisioning, configuration, compliance, and software management.  Puppet can scale from simple deployments to complex infrastructure, from on-premise to loud deployments. With enhanced support for Oracle Solaris technologies
  • 58. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.58  Engineered to Manage Big Data – 3x Less VM storage overhead – Guaranteed data integrity – Instant VM snapshot and cloning  Simplified Administration – Integrated file system and volume management – Integrated data services Reliable Data in the Cloud Integrated and scalable data management with ZFS
  • 59. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.59 Data Management  Progress Reporting with ZFS Send Streams  You can include a progress report and estimated size of your ZFS send stream during the transfer process.  Estimate the ZFS send stream size: # zfs send –rnv pool/opt@snap1 sending from @ to pool/opt@snap1 sending from @ to pool/opt/vol1@snap1 estimated stream size: 10.1G  Monitor the stream size during transfer process: # zfs send pool/opt@snap1 | pv | zfs recv tank/opt 8.58GB 0:02:37 [95.7MB/s]
  • 60. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.60  Secure multi-tenant environments – Guaranteed VM integrity – Read-only VM lockdown – Complete network isolation – Secure key management – Fine grained authentication  Optimized for end-to-end lifecycle – 2x faster end-to-end encryption Secure VM Lifecycle Secure end-to-end cloud deployment for tenants
  • 61. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.61  Simple risk mitigation – 10x simpler to administer – Fully compliant out of the box  Comprehensive cloud monitoring and reporting – Compliance checking automation – Always on auditing Designed for Compliance Easy navigation of regulatory policies and procedures
  • 62. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.62 Solaris Compliance Reporting  compliance(1M) command – Assess: compare system state against a policy – Report: Generate human readable HTML report with remediation instructions  Currently single node, plan for multi node via RAD & Oracle EM  Included Policies: – Solaris Baseline (153), Solaris Recommended (185), PCI- DSS (191)  Authoring tool for SCAP (XCCDF/OVAL) in future release. Install Maintain Comply
  • 63. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.63 Compliance Report Example PCI-DSS Fragment
  • 64. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.64  https://blogs.oracle.com/solaris/  https://blogs.oracle.com/zoneszone  https://blogs.oracle.com/c0t0d0s0/  https://blogs.oracle.com/mandalika/  https://blogs.oracle.com/droux/  https://blogs.oracle.com/gman/  https://blogs.oracle.com/vreality/  https://blogs.oracle.com/darren/  https://blogs.oracle.com/yenduri/ Acknowledgement 64
  • 65. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.65
  • 66. Copyright © 2014, Oracle and/or its affiliates. All rights reserved.66