VDCF is a management tool for virtualizing and monitoring Solaris environments. It allows centralized installation, operation, migration, monitoring, security, hardening and disaster recovery of Solaris zones, LDoms, and bare metal servers. VDCF provides simplicity, standardization, and high availability for private clouds. It has been in production use since 2006 to virtualize and manage Solaris environments.

1. 1
Solaris Private Cloud
using
JomaSoft VDCF
Marcel Hofstetter
hofstetter@jomasoft.ch
Solaris“
CEO / Enterprise Consultant
JomaSoft GmbH
Version 1.1 (09.06.2020)

2. 2
About JomaSoft
Engineering company founded July 2000
Solaris Full Service: SPARC Server, Software
development, consulting, ops, troubleshooting
Product VDCF (Virtual Datacenter Cloud Framework)
Installation, Management, Monitoring, Security/Compliance,
Hardening and DR on Solaris 10/11, Virtualize using LDoms
and Solaris Zonen
VDCF is used in Production since 2006

3. 3
VDCF – Virtual Datacenter Cloud Framework
Management Tool for BareMetal, LDoms and Zones
Installation, Operation, Migration, Monitoring,
Security/Compliance, Hardening and DR/Failover
Supports Solaris 10 + 11 on SPARC/x86
In productive use since 2006
Centrally installed with database
Dynamic Virtualization
Live / Cold Migration and Failover
Resource Configuration and Monitoring
Agility for your Enterprise Private Cloud
For Admin by Admins

4. 4
VDCF - Goals
Central view and control of the virtual data center
Standardization: uniform System configuration
As easy as possible for the System administrator
Consistent interfaces for admins (Solaris 10 and 11)
Avoid mistakes: Fully automated Installation & Migration
Flexible: Hardware can be mixed, VDCF adapts the configuration
when migrating
Reduce Complexity: Layer above Solaris / Hide the details
„Best Practices“ are integrated ongonig into the product
Cheap and easy solution for failover and DR

5. 5
Datacenter Architecture

6. 6
Dynamic Virtualization

7. 7VDCF Management Server
Private Cloud using VDCF
VDCF DB
Repository
Scripts
Files
Software Packages
OS Install & Updates
Solaris 11 IPS Repo
(OS Software / Updates)
Unified Archives
(Golden Images)
Virtual
Environments
(Zones/LDoms)
App Deployment
& Updates
Configs and Dependencies

8. 8VDCF Management Server
VDCF Node / Solaris
VDCF – Realtime Informationen
SAN LUNsVDCF DB
Repository
Cronjob: repos_update
Visible Disk/LUNS
patchadm
vpkgadm
pkgs
patches
rcmon
zonestat (VDCF)
zones
Object states
Resource usage
Installed Patches
Installed Packages
diskadm
Hardware States hwmon
ZPOOL, SMF, SWAP,
LunPath, Compliance
osmon
smf
zpools
System data VDCF command

9. 9
VDCF – Samples (1/4)
-bash-4.4$ cdom -c show name=s0003
Server Information
ORCL,SPARC-S7-2 Socket: 2 VCPUs: 128 x SPARC-S7 4267MHz on 16 Cores (8 Thr/Core)
Domain Information Ldom: 3.6.2.0.5 CDom Patch: 4.17.0.1.3.0 (U4.SRU17)
Type Name State OS Cores VCPUs RAM/GB CPU% RAM% Comment
NODE s0003 ACTIVE - 16 128 126.25 100 100 S7-2 Server Cdom
CDOM primary ACTIVE 11 2 16 16.0 12 12
GDOM (summary) - 4 42 75.0 32 59
GDOM g0045 ACTIVE 10 0 6 6.0 4 4 s10 publ ipmp
GDOM g0048 ACTIVE 11 0 4 20.0 3 15 imported gdom
GDOM g0062 ACTIVE 11 1 8 15.0 6 11 ZFS cloning
GDOM g0075 ACTIVE 11 1 8 10.0 6 7 VDCF mit repo
GDOM g0103 ACTIVE 11 2 16 24.0 12 19 KZone testing
LEFT - - - 8 70 35.25 54 27
Domain Services Name Owner Interface Usage
Disk Service (VDS) primary-vds0 primary
Console Service (VCC) primary-vcc0 primary
Network Switch (VSW) access-vsw0 primary i40e1 PUBLIC
Network Switch (VSW) backup-vsw0 primary ixgbe0 BACK
Network Switch (VSW) management-vsw0 primary i40e0 MNGT

10. 10
$ vpkgadm -c show_server name=service/network/ssh
Package: service/network/ssh - OpenSSH servers and SSH (Secure Shell)
PKG-ID : solaris/service/network/ssh@7.7.0.1-11.4.7.0.1.3.0
Version: 7.7.0.1-11.4.7.0.1.3.0 is installed on:
Name Type PatchLevel Comment
g0047 Node 4.8.0.1.5.0 (U4.SRU8) Marcel: db 19c
g0048 Node 4.10.0.1.3.0 (U4.SRU10) imported ldom with s10 brands
Old Apache / SMF running?
$ osmon -c show_smf search=apache22 | grep online
g0057 Node svc:/network/http:apache22 online
g0062 Node svc:/network/http:apache22 online
v0158 vServer svc:/network/http:apache22 online
VDCF – Samples (2/4)
Which Software Versions are installed?

11. 11
VDCF – Samples (3/4)
Is my Environment consistent?
-bash-4.1$ cpool -c check name=default
ERROR: ComputePool default (Default ComputePool) is not consistent:
Disks not registered on Node <g0043>:
6001438012599B620001100001D30000 v0165_oradata (ZPOOL)
6001438012599B62000110000F040000 g0055 (GDOMROOT)
Systems with identical Package-Level / Kernel: 3.19.0.5.0 (U3.SRU19)
Nodes: g0058 s0024
Systems with identical Package-Level / Kernel: 3.24.0.4.0 (U3.SRU24)
Nodes: g0055 g0081 g0043
VLAN 20 on Network type PUBLIC missing for
Nodes: s0024
VLAN 20 is in use by
vServer: v0171
GDom: g0055
Network type BACKUP missing for
Nodes: s0024
Network type is used by
GDom: g0055

12. 12
VDCF – Samples (4/4)
Where can I migrate my Solaris Servers to?
-bash-4.1$ vserver -c show name=v0137 candidates
vServer Node cPool Patch-Level Comment
v0137 g0058 default 3.19.0.5.0 (U3.SRU19) Demo Zone1
Potential Nodes is candidate Disk access Net access Packages
g0054 (U3.SRU20) YES [upgrade] ok ok nok
g0081 (U3.SRU24) YES [upgrade] ok ok nok
g0098 (U3.SRU19) NO ok nok(VLAN) nok
s0024 (U3.SRU19) YES ok ok ok
-bash-4.4$ gdom -c show name=g0085 candidates
Name rState CDom cPool VCPUs Core RAM/GB Comment
g0085 ACTIVE (RUNNING) s0022 cdoms 4 0 6.0 VDCF Proxy
Potential CDoms is candidate Disk Net CPU/RAM CPU Sup Node Information
s0003: YES ok ok ok ok ORCL,SPARC-S7-2
s0021 [live]: YES ok ok ok ok ORCL,SPARC-T4-1

13. 13
VDCF – Compliance Assess (S11)
Automated Compliancecheck over your data centre
Centralized Solaris Compliance Report

14. 14
VDCF – Hardening (S11)
Standardized Hardening of Systems
Closes Security Holes
Individual Hardening Profiles based
on the Compliance Reports
-bash-4.4$ more /var/opt/jomasoft/vdcf/conf/compliance/baseline.hardening
OSC-12510: Service svc:/network/nfs/fedfs-client:default is in disabled state
OSC-63005: Service svc:/network/rpc/gss is enabled only if Kerberos is configured
OSC-93005: User home directories have appropriate permissions
OSC-34010: Service svc:/application/cups/in-lpd:default is in disabled state
OSC-85000: The maximum number of waiting TCP connections is set to 1024
OSC-99011: Service svc:/system/rad:remote is in enabled state

15. 15
VDCF - MonitoringVDCF - Monitoring
How is the state of my Hardware?
-bash-4.4$ hwmon -c show
Current Hardware State
Node Model Console Soft State HW State Last Change Last Update
s0003 ORCL,SPARC-S7-2 ILOM OS-RUN OK 2019-10-21 09:32:37 2019-10-30 13:45:00
s0006 SUNW,Sun-Fire-V240 ALOM OS-RUN FAULTED 2018-06-23 07:45:02 2019-10-30 13:45:01
Where are issues in my OS (SMF, zpools, filesystems, SAN Paths) ?
-bash-4.4$ osmon -c show
-----------------------------------------------------------------------------------------------------
VDCF Monitoring Report from g0069
Date: 22.10.2019 17:08:43
-----------------------------------------------------------------------------------------------------
Datasets with usage over warn threshold
Server Type Dataset Dataset-Type State Size/GB Used warn-over
g0075 Node g0075_ips ZPOOL ONLINE 199.0 87% 85%
SMF with state: degraded,maintenance
Server Type SMF-Name (FMRI) State
v0170 vServer svc:/application/puppet:master maintenance

16. 16
SPARC Server Life Cycle

17. 17
VDCF - main benefits
Simplicity
Deploy and manage Virtual Solaris Environments without a deep Solaris
knowledge using only a handful of intuitive VDCF commands
Standardization
Zones and LDoms are deployed using supported Solaris technologies,
managed in a standard way and able to be deployed and available for
use in minutes rather than hours.
Availability / Recovery
VDCF allows manual or automatic control of server migration or fail-
over leading to improved options in availability, disaster recovery and
performance.

18. 18
Questions?
Product white papers and documentation online
https://www.jomasoft.com/vdcf/#js-docu
Webcast / Demo Videos
https://www.youtube.com/user/JomaSoftVideo

19. 19
Ending Slide
Marcel Hofstetter
hofstetter@jomasoft.ch
Solaris“
CEO / Enterprise Consultant
JomaSoft GmbH
https://twitter.com/marcel_jomasoft
https://jomasoftmarcel.blogspot.com
https://www.linkedin.com/in/marcelhofstetter