solaris 10, sun mc & n1sps features

8/3/2019 Solaris 10, SUN MC & N1SPS features.

1/37

Solaris 10 Features.

Overview of changes.

Overview of new features implemented onSolaris 10.Gaston Benetrix, January 2008.


2/37

Whats New in Solaris 10.

Each new release of Solaris brings about changes at the client, server, and system levels.These changes affect users, administrators, and developers in different ways. Thefollowing features have been released for the first time with Solaris 10:

N1 containers, allowing systems to be logically partitioned into zones withspecific functions. Containers can be booted within a few seconds, ensuringhigh availability.

Resource management changes, ensuring that specific limits can be set onresource usage by applications, preventing runaway applications from

bringing a system to its knees.

Integrated firewall technology, not requiring a separate install.

Support for smart card authentication.

Kernel instrumentation through dynamic tracing, allowing system fine-tuningand problem identification (DTRACE).

Binary compatibility between different Solaris versions and Linux, and sourcecompatibility between different Solaris platforms.

Failure prediction of hardware components, ensuring that they can be replacedbefore impacting on system performance.

Also, Solaris 10 brought to light Solaris Management Facility and Solaris Zones.


3/37

Service Management Facility.

SMF Architecture:

Unified repository for configuration of service startupbehavior

URI string for Fault Managed Resource Identifier

Managed states (Uninitialized, Offline, Online, Disabled,Degraded, Maintenance)

Dependency management for services

Definitions stored as XML documents

Profiles

Manifests


4/37


Services

Milestone, device, system, system/security, network,application, application/management,

application/security, site, platform

Milestones

Milestones replace the runlevel methodology

Name-services:default, devices:default, single-user:default(runlevel 1), multi-user:default (runlevel 2), multi-user-server:default (runlevel 3)


5/37


Serv ice Component s:

Start/Stop mechanism

Monitor/Restart mechanismConfiguration properties

Error management

/ etc/ ini t .d/ * and / etc/ rc* .d/ * are legacycomponent s but w ill cont inue to be support ed.


6/37


Profiles

/var/svc/profile

A profile is an XML document containing the serviceprofile, including general settings and configurationinformation

Manifests

/var/svc/manifestA manifest is a list of pertinent data including the service

name, start/stop methods, and dependencies


7/37


svc.startd start / st op daemon

svc.configd configuration daemon

inetd delegated restart erThe inetd daemon performs the same functions as

before, but is implemented differently. It is now part ofSMF and runs only within that facility.


8/37


Commands:

svcs displays current state of system services

svcprop shows properties associated with a serviceinstance

svcadm used to manipulate the state of services and tospecify the milestone to which the machine would bebrought (legacy: runlevel)


9/37

Solaris Containers: Zones.

Current vir t ualizati on technologies.

Domains and Partitions

SunFire domains

IBM LPARS

Virtual Machines

IBM VM

VMware

Operating System Partitions

FreeBSD Jails

Linux Vservers

Solaris Zones are Operat ing System Part it ions


10/37


Zones provide separate virtualized operating systemenvironments that are derived from a Global Zone

Multiple zones can share file systems, processors, andnetwork interfaces

Scaling and sharing can be configured on an as-needed basis

Individual zones gain files and configurations from theGlobal Zone


11/37

olaris Containers: Zones. (in detail)

Solaris Containers consist of a set of technologies that help system administratorsincreaseresource utilization by consolidating multiple applications onto a single system.With Solaris Containers technology, administrators can specify the percentage ofphysical system resources each application receives, as well as isolate eachapplication in its own virtual environment with its own hostname, IP address(es),users, file system, and more.By providing isolation between software applications or services using flexible,software-defined boundaries, Solaris Containers create an execution environmentwithin a single instance of the Solaris OS and provide:

Full resource containment and controlfor more predictable service levels.

Software fault isolationto minimize fault propagation and unplanned downtime.

Security isolationto prevent unauthorized access as well as unintentionalintrusions.


12/37


Zone Types:

Global Zone

All Solaris 10 installations contain a Global Zone

Only the Global Zone is bootable from the system hardware

The Global Zone contains the complete installation of Solaris, and cancontain additional software not installed via packages

Local Zones

Local Zones contain a subset of the complete operating system, and cancontain non-shared packages

Local Zones have no awareness of other zones A Local Zone cannot install, manage, or uninstall itself or any other zone

For more information about zones, go to:http://www.blastwave.org/docs/Solaris-10-b51/DMC-0002/dmc-0002.html


13/37

Solaris Containers: Types of Zones.


14/37


Zone Daemons

zoneadmd

Manages zone booting and shutting downAllocates zone ID and starts the zsched process Sets zone-wide resource controlsAllocates devices, including plumbing the virtual interfaces

for the zones Manages filesystems incuding sharing

zsched

zsched manages thread management per-zone Kernel threads doing work on behalf of the zone are owned

by zsched


15/37


Zone File Syst ems

Sparse Root Model

Minimal number of files from the global zone

Shared files mounted via read-only loopback file systems

Whole Root Model

No dependency on shared filesystems

Allows superior customization

Local zones cannot be NFS servers!


16/37


Zone Netw ork ing

Zones have visibility to each other via network interfaces

Only the Global Zone Administrator can modify theinterface configuration and routes

IPMP is configurable in the Global Zone, and IPMP can beextended to Local zones, allowing failover in the event ofan interface failure


17/37


Dynamic Resource Pools

Allows pooling of resources for access by zones

Controlled by poold

pooladm e enables pool facility

poolcfg configures pool resources


18/37


The physical memory used by a group of processes can be constrained through theresource capping features of the Solaris OS. The resource capping daemonoccasionally calculates the amount of physical memory used by these processes. Ifthe value exceeds a specified limit, the kernel pages out some of the pages ownedby the processes. These actions occur independently of the kernel and otherresource management controls.

Resource capping can be combined with zones to constrain the amount of physicalmemory used by processes in zones, or by entire zones. To configure physicalmemory constraints:

Create a project for each set of processes of the zone to manage. Specify a maximum physical memory amount for the project, as it is currently

controllable.

Enable resource capping: Resources are capped by project


19/37


Package management

Packages can be installed for all zones, or one zone (pkgparam)

Kernel patches cannot be installed for single zones

Global ZonePackages can be installed only in the Global Zone, or in the Global

Zone and all Local zones

Local Zones

Packages can only be installed to the current zone if

SUNW_PKG_ALLZONES=false To upgrade the OS, it is necessary t o rebuild all

zones aft er t he OS upgrade is complete!


20/37

Dynamic Tracing Facility: DTrace.

Features

Enables dynamic modification of the system to recordarbitrary data

Promotes tracing on live systems

Cannot induce fatal failure!

Allows tracing of kernel and user-level programs

Functions with low overhead during trace, and zerooverhead if tracing is not being performed


21/37

Dynamic Tracing Facility: Dtrace.

The Solaris DTrace facility is a comprehensive dynamic tracking facilitythat gives you a new level of observerability into the Solaris kernel anduser processes.

DTrace helps you understand your system by permitting you todynamically instrument the OS kernel and user processes to record datathat you specify at locations of interest, called,probes. Each probe can beassociated with custom programs that are written in the new Dprogramming language.

All of DTraces instrumentation is entirely dynamic and available for useon your production system.

For more information, see:the dtrace(1M) man page and the Solaris Dynamic Tracing Guide.


22/37


Probes

A probe is a program location or activity for example, everysystem clock tick to which DTrace can bind a request to perform aset of actions, such as recording a stack trace, a timestamp, or theargument to a function

Probes are defined using the D programming language

Probes are passed to a DTrace consumer the primary DTraceconsumer is the dtracecommand

Probes are made available by a provider, identifying the module andfunction, and have names


23/37


Providers

Function Boundary Tracing (fbt) traces entry and return of every kernelfunction

syscalltraces Solaris system calls

lockstattraces kernel primitives for lock contention and hold times

plockstattraces user-level primitives for lock contention and hold times

schedtraces scheduling events

profileenables a configurable-rate timer interrupt

dtraceprovides pre- and post-processing capabilities

pidenables fbt within processes and instruction tracing in the virtualaddress space

Other providers include sdt, vminfo, sysinfo,proc, mib, io, and fpuinfo


24/37


Consumers

dtraceis the primary consumer

Other consumers are rewrites of previously existing utilities

such as lockstat

No limit on concurrent consumers DTrace handlesmultiplexing


25/37


Advantages

DTrace allows system administrators to gather far moreinformation than was previously possible in a running

system

Boundary traces allow system administrators toconclusively indicate lock states, memory leaks, andother conditions that degrade the system, and identify

the sources of the calls that cause the problemsDTrace allows fine-grained data gathering by

programmers to identify tuning opportunities


26/37

Additional Information.

Sun Cluster.

Sun N1 Service Provisioning System.

Sun Management Console. (Sun MC / Symon).

Java Application Server.


27/37

Sun Cluster.

Sun Clusters highly-available environment ensures that critical applications areavailable to end users. The system administrators job is to make sure that Sun Cluster is stable andoperational.

Administration Tools:

You can perform administrative tasks on Sun Cluster by using a Graphical User Interface (GUI) or by

using the command-line. The following section provides an overview of the GUI and command-line tools.

Graphical User Interface:

Sun Cluster supports Graphical User Interface (GUI) tools that you can use to perform variousadministrative tasks on your cluster. These GUI tools are SunPlex Manager and, if you are using SunCluster on a SPARC based system, Sun Management Center.

Command-line Interface:

You can perform most Sun Cluster administration tasks interactively through the scsetup(1M) utility.Whenever possible, administration procedures in this guide are described using scsetup.


28/37

Sun N1 Service Provisioning System.

The Sun N1 Service Provisioning System software is an enterprise-class software platform thatautomates the deployment, configuration, and analysis of applications in data centers.

The provisioning software applies an object-oriented approach to:

Application components.

Tasks that IT operators perform on application components: configuration, deployment, andanalysis.

This object-oriented approach ensures that all the intelligence about an application isautomatically taken into account every time that application is acted upon. This consistencymakes data center operations more accurate and less prone to error. Through knowledge ofwhat an application requires as a whole, IT operators gain unprecedented control overapplications and data center operations.

The provisioning system can help you perform the following tasks:

Automate and manage software rollouts, patches, and upgrades.

Develop models of your existing deployment processes.

Determine what software is installed on your hosts.

Compare the configurations of hosts.

Monitor and maintain documented and consistent configurations.


29/37

Sun Management Center.

Sun Management Center software is an open, extensible system

monitoring and management solution.

Sun Management Center has the following features:

System Management : Monitors and manages the system at the hardware andoperating system levels.

Monitored hardw are: includes boards, tapes, power supplies, and disks. Operating System Management : Monitors and manages operating system

parameters that include load, resource usage,disk space, and network statistics.

Applicat ion and Business System Management : Provides enablingtechnology to monitor business applications such as trading systems, accountingsystems, inventory systems, and control systems.

Scalability: Provides an open, scalable, and flexible solution to configure andmanage multiple management administrative domains. These domains consist ofmany systems and span across an enterprise.

Administrators can configure the software in a centralized or distributed fashion sothat theproduct supports multiple users.


30/37

Sun Management Center.

This solution uses Simple Network ManagementProtocol (SNMP), the JavaTM Remote MethodInvocation (RMI), and the Hypertext Transfer Protocol

(HTTP). These tools enable Sun Management Center to

provide integrated, comprehensive enterprise-widemanagement of Sun products and their subsystems,

components, and peripheral devices.


31/37

Sun Java Application System.

The Sun Java System Application Server is a J2EE-compliant platform for deploying

enterprise Java applications, in conjunction with existing CGI and Netscape ServerAPI (NSAPI) applications. By integrating all server-side application support under asingle service regime, it is possible to minimize administration overhead, achievebetter scaling through tight integration, and provide combined monitoring andevent notification support. Historically, server-side applications providing back-endand middleware services have used front-end presentation layers, in the form ofHTML pages, JSP pages, applets, and applications to give users combined access tonumerous data sources. By implementing business logic using the J2EE model, youcan avoid the pitfalls associated with multiprocess applications, such as thosewritten for use withWeb servers that support CGI, by using Javas multithreadingcapabilities.

Enterprise JavaBeans (EJBs) are one of the key technologies supported by J2EE.

These distributed components are of three varieties: Stateless session beans Store data and perform operations that are not stateful

Stateful session beans Store data and perform operations that are stateful.

Entity beans Allow object operations to be easily mapped onto relational databasetables.


32/37

Sun Java Application System. (Cont.)

By using stateful session beans to support user sessions, entity beans to

persist data, and stateless session beans to provide a low-overheadinterface to entity beans, you can build entire applications on the EJBinfrastructure. While the myriad layers and parameters associated withan EJB deployment can be mind-boggling, fortunately the Sun JavaSystem Application Server provides advanced deployment tools to ease

and automate many aspects of this process. By implementing adistributed object platform, server-side applications can be expanded tospan across multiple servers and clusters, improving scalability andreducing bottlenecks.

Although most Java application servers support the J2EE specification,given the wide variety in licensing costs, its important to understandwhat features set the Sun Java System Application Server apart fromthe competition.


33/37


Performance is the number one goal of the Sun Java System Application Server: inaddition to featuring multithreading within Java applications that its hosting, theSun Java System Application Server uses multithreading internally.In addition, some tasks can be executed in parallel by using multiple threads.

Alternatively, multiprocessing is supported by virtue of data and process sharingacross multiple systems: as an application grows, various tasks can be assigned tospecific servers.

For example, one server might handle authentication, while another might processall JDBC requests to a database server. One reason for implementing applications inthis way is that not all servers required to run an application may be located in thesame subnet: indeed, it is likely that an authentication server would sit outside afirewall, while a database server would be the most difficult system to access

externally.Since Java, CGI, NSAPI, and other server-side technologies can be handled by thesame application server, rather than by several independent servers, it follows thatperformance improvements can be obtained by integration, since only one serverneeds to be running.


34/37


The Sun Java System Application Server provides high availability by

supporting failover of stateful session beans.

This means that if a system that is storing data for an interactive usersession crashes for some reason, another server can recover the beansand continue.

This is particularly useful when running applications that persist data instateful session beans for long periods - since entity beans andstateless session beans do not store user state in the same way asstateful session beans, this reduces a key risk in supporting EJB

technology.

Asimilar facility is provided for Common Object Request BrokerArchitecture (CORBA) clients that connect through to EJBs.


35/37


Object caching is performed by the Sun Java System Application Server at severallevels, to ensure efficient resource usage.

This includes caching of JDBC connections to all databases, caching of JSP andHTML output, and various other tasks.While this approach has the inherent risks of object mismatching and incorrectretrieval, the caching features of the Sun Java System Application Server aregenerally robust, and can be switched on or off if desired.In addition, the Sun Java System Application Server features some preemptive

strategies for streamlining data processing operations, including being able to viewresult sets before they have been completely retrieved from a database table.

The Sun Java System Application Server is a highly scalable system: it works onsingle- CPU systems runningWindows, as well as on high-end E10000 systemsrunning Solaris, with 64 CPUs.In addition to making optimal use of a single systems resources, the Sun Java

System Application Server is able to scale across multiple systems, making thepotential pool of CPU resources virtually unlimited.

Since the Sun Java System Application Server uses its own Distributed DataSynchronization (DSync) system to share data among its configured servers, anyoverhead involved in swapping tasks across different systems is minimized.


36/37


No additional installation or reconfiguration is requirednew servers are added using the Sun Java

System Application Server Administration Tool as required.Once you have added new servers to the pool of available systems, load balancing across all systems isperformed automatically, without your intervention, by using round-robin and other algorithms forcomputing load sharing.

This does not require external load balancing, as the load-balancing function is integrated within theapplication server. Security is a key concern for application services, and the Sun Java System

Application Server provides the best set of security offered in the J2EE market, since it is integrated

with the Sun Java System Directory Server.By using LDAP for authentication and authorization, and single sign-on across all supportedapplications, you can reduce security risks significantly.

The Sun Java System Application Server supports JDBC and database access by using the standardJava SQL API, as well as a Unified Integration Framework API, that further abstracts vendor-specificoperations from individual JDBC drivers.

The Sun Java System Application Server supports DB2, Informix, Oracle, Sybase, and SQL Server, bysupplying highly optimized, multithreaded drivers that work with a single transaction manager, whichcoordinates many low-level activities required to process transactions.

In addition, the Sun Java System Application Server now features an integrated version of thePointBase database, which has support for relational and object storage. PointBase has its own JDBCdriver, and can be used during development and testing without a thirdparty database being present.


37/37

Bookmarks. Sun Cluster.

Sun N1Service Provision ing System. Sun Management Console.

Sun Java Enterprise System.

SMF. http://www.oreillynet.com/pub/a/sysadmin/2006/04/13/using-solaris-smf.html

http://www.sun.com/blueprints/0206/819-5150.pdf

Zones.

http://www.sun.com/bigadmin/content/zones/

http://www.blastwave.org/docs/Solaris-10-b51/DMC-0002/dmc-0002.html

Dtrace.

http://www.sun.com/bigadmin/content/dtrace/

http://users.tpg.com.au/adsln4yb/dtrace.html

solaris 10, sun mc & n1sps features

Documents