Solaris 10 Knowledge Share


Published on

Solaris 10 SMF, Virtualization, Dtrace, Etc.

Published in: Technology, Business
1 Comment
  • Very good knowledge
    Are you sure you want to  Yes  No
    Your message goes here
No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Solaris 10 Knowledge Share

  1. 1. Solaris 10 Features. Overview of changes. Overview of new features implemented on Solaris 10. Gaston Benetrix, January 2008.
  2. 2. What’s New in Solaris 10. § Each new release of Solaris brings about changes at the client, server, and system levels. These changes affect users, administrators, and developers in different ways. The following features have been released for the first time with Solaris 10: § N1 containers, allowing systems to be logically partitioned into zones with specific functions. Containers can be “booted” within a few seconds, ensuring high availability. § Resource management changes, ensuring that specific limits can be set on resource usage by applications, preventing “runaway” applications from bringing a system to its knees. § Integrated firewall technology, not requiring a separate install. § Support for smart card authentication. § Kernel instrumentation through dynamic tracing, allowing system fine-tuning and problem identification (DTRACE). § Binary compatibility between different Solaris versions and Linux, and source compatibility between different Solaris platforms. § Failure prediction of hardware components, ensuring that they can be replaced before impacting on system performance. § Also, Solaris 10 brought to light “Solaris Management Facility” and “Solaris Zones”.
  3. 3. Service Management Facility. § SMF Architecture: – Unified repository for configuration of service startup behavior • URI string for Fault Managed Resource Identifier • Managed states (Uninitialized, Offline, Online, Disabled, Degraded, Maintenance) • Dependency management for services – Definitions stored as XML documents • Profiles • Manifests
  4. 4. Service Management Facility. § Services – Milestone, device, system, system/security, network, application, application/management, application/security, site, platform § Milestones – Milestones replace the “runlevel” methodology • Name-services:default, devices:default, single-user:default (runlevel 1), multi-user:default (runlevel 2), multi-user- server:default (runlevel 3)
  5. 5. Service Management Facility. § Service Components: – Start/Stop mechanism – Monitor/Restart mechanism – Configuration properties – Error management § /etc/init.d/* and /etc/rc*.d/* are legacy components but will continue to be supported.
  6. 6. Service Management Facility. § Profiles – /var/svc/profile – A profile is an XML document containing the service profile, including general settings and configuration information § Manifests – /var/svc/manifest – A manifest is a list of pertinent data including the service name, start/stop methods, and dependencies
  7. 7. Service Management Facility. § svc.startd – start/stop daemon § svc.configd – configuration daemon § inetd – delegated restarter – The inetd daemon performs the same functions as before, but is implemented differently. It is now part of SMF and runs only within that facility.
  8. 8. Service Management Facility. § Commands: – svcs – displays current state of system services – svcprop – shows properties associated with a service instance – svcadm – used to manipulate the state of services and to specify the milestone to which the machine would be brought (legacy: runlevel)
  9. 9. Solaris Containers: Zones. § Current virtualization technologies. – Domains and Partitions • SunFire domains • IBM LPARS – Virtual Machines • IBM VM • VMware – Operating System Partitions • FreeBSD Jails • Linux Vservers § Solaris Zones are Operating System Partitions
  10. 10. Solaris Containers: Zones. § Zones provide separate virtualized operating system environments that are derived from a Global Zone § Multiple zones can share file systems, processors, and network interfaces § Scaling and sharing can be configured on an as- needed basis § Individual zones gain files and configurations from the Global Zone
  11. 11. olaris Containers: Zones. (in detail) § Solaris Containers consist of a set of technologies that help system administrators increase resource utilization by consolidating multiple applications onto a single system. With Solaris Containers technology, administrators can specify the percentage of physical system resources each application receives, as well as isolate each application in its own virtual environment with its own hostname, IP address(es), users, file system, and more. By providing isolation between software applications or services using flexible, software-defined boundaries, Solaris Containers create an execution environment within a single instance of the Solaris OS and provide: § Full resource containment and control for more predictable service levels. § Software fault isolation to minimize fault propagation and unplanned downtime. § Security isolation to prevent unauthorized access as well as unintentional intrusions.
  12. 12. Solaris Containers: Zones. § Zone Types: – Global Zone • All Solaris 10 installations contain a Global Zone • Only the Global Zone is bootable from the system hardware • The Global Zone contains the complete installation of Solaris, and can contain additional software not installed via packages – Local Zones • Local Zones contain a subset of the complete operating system, and can contain non-shared packages • Local Zones have no awareness of other zones • A Local Zone cannot install, manage, or uninstall itself or any other zone For more information about zones, go to:
  13. 13. Solaris Containers: Types of Zones.
  14. 14. Solaris Containers: Zones. § Zone Daemons – zoneadmd • Manages zone booting and shutting down • Allocates zone ID and starts the zsched process • Sets zone-wide resource controls • Allocates devices, including plumbing the virtual interfaces for the zones • Manages filesystems incuding sharing – zsched • zsched manages thread management per-zone • Kernel threads doing work on behalf of the zone are owned by zsched
  15. 15. Solaris Containers: Zones. § Zone File Systems – Sparse Root Model • Minimal number of files from the global zone • Shared files mounted via read-only loopback file systems – Whole Root Model • No dependency on shared filesystems • Allows superior customization • Local zones cannot be NFS servers!
  16. 16. Solaris Containers: Zones. § Zone Networking – Zones have visibility to each other via network interfaces – Only the Global Zone Administrator can modify the interface configuration and routes – IPMP is configurable in the Global Zone, and IPMP can be extended to Local zones, allowing failover in the event of an interface failure
  17. 17. Solaris Containers: Zones. § Dynamic Resource Pools – Allows pooling of resources for access by zones – Controlled by poold • pooladm –e enables pool facility • poolcfg configures pool resources
  18. 18. Solaris Containers: Zones. The physical memory used by a group of processes can be constrained through the resource capping features of the Solaris OS. The resource capping daemon occasionally calculates the amount of physical memory used by these processes. If the value exceeds a specified limit, the kernel pages out some of the pages owned by the processes. These actions occur independently of the kernel and other resource management controls. Resource capping can be combined with zones to constrain the amount of physical memory used by processes in zones, or by entire zones. To configure physical memory constraints: § Create a project for each set of processes of the zone to manage. § Specify a maximum physical memory amount for the project, as it is currently controllable. § Enable resource capping: Resources are capped by project
  19. 19. Solaris Containers: Zones. § Package management – Packages can be installed for all zones, or one zone (pkgparam) – Kernel patches cannot be installed for single zones § Global Zone – Packages can be installed only in the Global Zone, or in the Global Zone and all Local zones § Local Zones – Packages can only be installed to the current zone if SUNW_PKG_ALLZONES=false § To upgrade the OS, it is necessary to rebuild all zones after the OS upgrade is complete!
  20. 20. Dynamic Tracing Facility: DTrace. § Features – Enables dynamic modification of the system to record arbitrary data – Promotes tracing on live systems – Cannot induce fatal failure! – Allows tracing of kernel and user-level programs – Functions with low overhead during trace, and zero overhead if tracing is not being performed
  21. 21. Dynamic Tracing Facility: Dtrace. § The Solaris DTrace facility is a comprehensive dynamic tracking facility that gives you a new level of observerability into the Solaris kernel and user processes. § DTrace helps you understand your system by permitting you to dynamically instrument the OS kernel and user processes to record data that you specify at locations of interest, called, probes. Each probe can be associated with custom programs that are written in the new D programming language. All of DTrace’s instrumentation is entirely dynamic and available for use on your production system. § For more information, see: the dtrace(1M) man page and the Solaris Dynamic Tracing Guide.
  22. 22. Dynamic Tracing Facility: Dtrace. § Probes – A probe is a program location or activity – for example, every system clock tick – to which DTrace can bind a request to perform a set of actions, such as recording a stack trace, a timestamp, or the argument to a function – Probes are defined using the D programming language – Probes are passed to a DTrace consumer – the primary DTrace consumer is the dtrace command – Probes are made available by a provider, identifying the module and function, and have names
  23. 23. Dynamic Tracing Facility: Dtrace. § Providers – Function Boundary Tracing (fbt) traces entry and return of every kernel function – syscall traces Solaris system calls – lockstat traces kernel primitives for lock contention and hold times – plockstat traces user-level primitives for lock contention and hold times – sched traces scheduling events – profile enables a configurable-rate timer interrupt – dtrace provides pre- and post-processing capabilities – pid enables fbt within processes and instruction tracing in the virtual address space – Other providers include sdt, vminfo, sysinfo, proc, mib, io, and fpuinfo
  24. 24. Dynamic Tracing Facility: Dtrace. § Consumers – dtrace is the primary consumer • Other consumers are rewrites of previously existing utilities such as lockstat – No limit on concurrent consumers – DTrace handles multiplexing
  25. 25. Dynamic Tracing Facility: Dtrace. § Advantages – DTrace allows system administrators to gather far more information than was previously possible in a running system – Boundary traces allow system administrators to conclusively indicate lock states, memory leaks, and other conditions that degrade the system, and identify the sources of the calls that cause the problems – DTrace allows fine-grained data gathering by programmers to identify tuning opportunities
  26. 26. Additional Information. § Sun Cluster. § Sun N1 Service Provisioning System. § Sun Management Console. (Sun MC / Symon). § Java Application Server.
  27. 27. Sun Cluster. § Sun Cluster’s highly-available environment ensures that critical applications are available to end users. The system administrator’s job is to make sure that Sun Cluster is stable and operational. § Administration Tools: You can perform administrative tasks on Sun Cluster by using a Graphical User Interface (GUI) or by using the command-line. The following section provides an overview of the GUI and command-line tools. § Graphical User Interface: Sun Cluster supports Graphical User Interface (GUI) tools that you can use to perform various administrative tasks on your cluster. These GUI tools are SunPlex™ Manager and, if you are using Sun Cluster on a SPARC based system, Sun Management Center. § Command-line Interface: You can perform most Sun Cluster administration tasks interactively through the scsetup(1M) utility. Whenever possible, administration procedures in this guide are described using scsetup.
  28. 28. Sun N1 Service Provisioning System. The Sun N1 Service Provisioning System software is an enterprise-class software platform that automates the deployment, configuration, and analysis of applications in data centers. The provisioning software applies an object-oriented approach to: § Application components. § Tasks that IT operators perform on application components: configuration, deployment, and analysis. This object-oriented approach ensures that all the intelligence about an application is automatically taken into account every time that application is acted upon. This consistency makes data center operations more accurate and less prone to error. Through knowledge of what an application requires as a whole, IT operators gain unprecedented control over applications and data center operations. § The provisioning system can help you perform the following tasks: § Automate and manage software rollouts, patches, and upgrades. § Develop models of your existing deployment processes. § Determine what software is installed on your hosts. § Compare the configurations of hosts. § Monitor and maintain documented and consistent configurations.
  29. 29. Sun Management Center. Sun Management Center software is an open, extensible system monitoring and management solution. Sun Management Center has the following features: § System Management: Monitors and manages the system at the hardware and operating system levels. § Monitored hardware: includes boards, tapes, power supplies, and disks. § Operating System Management: Monitors and manages operating system parameters that include load, resource usage,disk space, and network statistics. § Application and Business System Management: Provides enabling technology to monitor business applications such as trading systems, accounting systems, inventory systems, and control systems. § Scalability: Provides an open, scalable, and flexible solution to configure and manage multiple management administrative domains. These domains consist of many systems and span across an enterprise. Administrators can configure the software in a centralized or distributed fashion so that theproduct supports multiple users.
  30. 30. Sun Management Center. § This solution uses Simple Network Management Protocol (SNMP), the JavaTM Remote Method Invocation (RMI), and the Hypertext Transfer Protocol (HTTP). § These tools enable Sun Management Center to provide integrated, comprehensive enterprise-wide management of Sun products and their subsystems, components, and peripheral devices.
  31. 31. Sun Java Application System. The Sun Java System Application Server is a J2EE-compliant platform for deploying enterprise Java applications, in conjunction with existing CGI and Netscape Server API (NSAPI) applications. By integrating all server-side application support under a single service regime, it is possible to minimize administration overhead, achieve better scaling through tight integration, and provide combined monitoring and event notification support. Historically, server-side applications providing back-end and middleware services have used front-end presentation layers, in the form of HTML pages, JSP pages, applets, and applications to give users combined access to numerous data sources. By implementing business logic using the J2EE model, you can avoid the pitfalls associated with multiprocess applications, such as those written for use withWeb servers that support CGI, by using Java’s multithreading capabilities. Enterprise JavaBeans (EJBs) are one of the key technologies supported by J2EE. These distributed components are of three varieties: • Stateless session beans Store data and perform operations that are not stateful • Stateful session beans Store data and perform operations that are stateful. • Entity beans Allow object operations to be easily mapped onto relational database tables.
  32. 32. Sun Java Application System. (Cont.) By using stateful session beans to support user sessions, entity beans to persist data, and stateless session beans to provide a low-overhead interface to entity beans, you can build entire applications on the EJB infrastructure. While the myriad layers and parameters associated with an EJB deployment can be mind-boggling, fortunately the Sun Java System Application Server provides advanced deployment tools to ease and automate many aspects of this process. By implementing a distributed object platform, server-side applications can be expanded to span across multiple servers and clusters, improving scalability and reducing bottlenecks. Although most Java application servers support the J2EE specification, given the wide variety in licensing costs, it’s important to understand what features set the Sun Java System Application Server apart from the competition.
  33. 33. Sun Java Application System. (Cont.) Performance is the number one goal of the Sun Java System Application Server: in addition to featuring multithreading within Java applications that it’s hosting, the Sun Java System Application Server uses multithreading internally. In addition, some tasks can be executed in parallel by using multiple threads. Alternatively, multiprocessing is supported by virtue of data and process sharing across multiple systems: as an application grows, various tasks can be assigned to specific servers. For example, one server might handle authentication, while another might process all JDBC requests to a database server. One reason for implementing applications in this way is that not all servers required to run an application may be located in the same subnet: indeed, it is likely that an authentication server would sit outside a firewall, while a database server would be the most difficult system to access externally. Since Java, CGI, NSAPI, and other server-side technologies can be handled by the same application server, rather than by several independent servers, it follows that performance improvements can be obtained by integration, since only one server needs to be running.
  34. 34. Sun Java Application System. (Cont.) The Sun Java System Application Server provides high availability by supporting failover of stateful session beans. This means that if a system that is storing data for an interactive user session crashes for some reason, another server can recover the beans and continue. This is particularly useful when running applications that persist data in stateful session beans for long periods - since entity beans and stateless session beans do not store user state in the same way as stateful session beans, this reduces a key risk in supporting EJB technology. Asimilar facility is provided for Common Object Request Broker Architecture (CORBA) clients that connect through to EJBs.
  35. 35. Sun Java Application System. (Cont.) Object caching is performed by the Sun Java System Application Server at several levels, to ensure efficient resource usage. This includes caching of JDBC connections to all databases, caching of JSP and HTML output, and various other tasks. While this approach has the inherent risks of object mismatching and incorrect retrieval, the caching features of the Sun Java System Application Server are generally robust, and can be switched on or off if desired. In addition, the Sun Java System Application Server features some preemptive strategies for streamlining data processing operations, including being able to view result sets before they have been completely retrieved from a database table. The Sun Java System Application Server is a highly scalable system: it works on single- CPU systems runningWindows, as well as on high-end E10000 systems running Solaris, with 64 CPUs. In addition to making optimal use of a single system’s resources, the Sun Java System Application Server is able to scale across multiple systems, making the potential pool of CPU resources virtually unlimited. Since the Sun Java System Application Server uses its own Distributed Data Synchronization (DSync) system to share data among its configured servers, any overhead involved in swapping tasks across different systems is minimized.
  36. 36. Sun Java Application System. (Cont.) No additional installation or reconfiguration is required—new servers are added using the Sun Java System Application Server Administration Tool as required. Once you have added new servers to the pool of available systems, load balancing across all systems is performed automatically, without your intervention, by using round-robin and other algorithms for computing load sharing. This does not require external load balancing, as the load-balancing function is integrated within the application server. Security is a key concern for application services, and the Sun Java System Application Server provides the best set of security offered in the J2EE market, since it is integrated with the Sun Java System Directory Server. By using LDAP for authentication and authorization, and single sign-on across all supported applications, you can reduce security risks significantly. The Sun Java System Application Server supports JDBC and database access by using the standard Java SQL API, as well as a Unified Integration Framework API, that further abstracts vendor-specific operations from individual JDBC drivers. The Sun Java System Application Server supports DB2, Informix, Oracle, Sybase, and SQL Server, by supplying highly optimized, multithreaded drivers that work with a single transaction manager, which coordinates many low-level activities required to process transactions. In addition, the Sun Java System Application Server now features an integrated version of the PointBase database, which has support for relational and object storage. PointBase has its own JDBC driver, and can be used during development and testing without a thirdparty database being present.
  37. 37. Bookmarks. § Sun Cluster. § Sun N1Service Provisioning System. § Sun Management Console. § Sun Java Enterprise System. § SMF. – – § Zones. – – § Dtrace. – –