Blog

Press Review #19

Jan 08, 2013 | 6 minutes read
Share this:

Tags: Press

Here is a little press review mostly around Oracle technologies and Solaris in particular, and a little lot more:

By introducing the offline client, customers with Oracle Linux Premier or Oracle Linux Premier Limited support can create a local intranet yum repository that creates a local mirror of the ULN ksplice channel and just use the yum update command to install the latest ksplice updates. This will allow customers to have just one server connected to the oracle server and every other system just have a local connection.

In this article and the next, we will cover some enabling technologies for virtualization. Here, we discuss IT resource management as an enabling technology for virtualization.

Release        GA Date         Premier Support Ends    Extended Support Ends   Sustaining Support Ends
Solaris 10      Jan 2005        Jan 2018                Jan 2021                Indefinite
Solaris 11      Nov 2011        Nov 2021                Nov 2024                Indefinite

Comment réduire efficacement les coûts d'une infrastructure de serveurs sous Solaris 10 ? En les consolidant !! Cela va de soi, la forte utilisation des zones en est un très bonne exemple. Oui mais... Pourquoi ne pas utiliser les nouvelles possibilités qui s'offrent à nous : Un serveur sous Solaris 11 et des brandZ Solaris 10.

Je vous présente deux exemples rapides de migration d'environnements Solaris 10 physique (P2V) et Solaris 10 zone (V2V) sur un serveur Solaris 11.

At Joyent we run a high-performance public cloud based on two different virtualization technologies: Zones and KVM. We have historically run Xen as well, but have phased it out for KVM on SmartOS. My job is to make things go fast, which often means using DTrace to analyze the kernel, applications, and those virtualization technologies. In this post I’ll summarize their performance in four ways: characteristics, block diagrams, internals, and results.

"TPM" stands for "Trusted Platform Module," a hardware device that provides many security functions, including storage of encryption keys. [...] In Solaris 11.1, Wyllys Ingersoll added the ability to migrate keys from one TPM to another TPM. TPM migration is is especially useful when upgrading hardware, migrating a system to a new platform, or after reinitializing the TPM. The following describes this new feature.

Way back in Solaris 8 we introduced an extensible database, user_attr(4), where we could maintain the security attributes of each user. Originally the database included just three properties: roles, auths, and profiles. [...] Since then we have been adding new properties in each Solaris release, while preserving backward compatibility in both the file /etc/user_attr and the corresponding LDAP schema. To avoid dealing with an alphabet full of new options, we standardized on the -K option, which can be used to set the values of any property.

Stefan Hinker discuss different IO options for both disk and networking and give some recommends on how you to choose the right ones for your environment. A couple hints about performance are also included.

Heinz-Wilhelm Fabry and Stefan Hinker show how to use encryption and other security mechanisms throughout the red stack to deploy a quite well secured database.

In the past decade, Oracle has acquired about 90 companies. And out of all of those deals, Larry Ellison recently cited the 2009 acquisition of Sun Microsystems as “the most strategic and profitable acquisition Oracle has ever made.”

The ZFS code in illumos has gained another differentiator thanks to the hard work of Saso, who integrated LZ4 improved compression into our code base.

Image Packaging System (IPS) is a single tier packaging architecture which in Oracle Solaris 11, and other Oracle Sun products such as Oracle Solaris Cluster 4.x, replaces the previous SVR4-based dual tier packaging and patching architecture.

In a nutshell, SPARC/Solaris customers are looking at a predictable long-term future of improved and very competitive performance and price-performance scaling for Oracle hardware, especially when coupled with Oracle software in its “engineered systems.” Oracle and IBM will remain in a strong competition for performance and price-performance across a variety of workloads, and competitive pressures will ensure a decade of strong systems platforms for high-end UNIX workloads regardless of the eventual fate of HP’s Itanium platforms.

The configuration described in this article enables the protection of guest domains from planned and unplanned downtime by automating the failover of a guest domain through restart on an alternate cluster node. Automated failover provides protection in case there is a component outage or the guest domain needs to be migrated for preventive maintenance.

In Solaris 11.1 we added the early stages of our (security) Compliance framework. We have (like some other OS vendors) selected to use the SCAP (Security Content Automation Protocol) standard from NIST. There are a number of different parts to SCAP but for Compliance reporting one of the important parts is the OVAL (Open Vulnerability Assesment Language) standard. This is what allows us to write a checkable security policy and verify it against running systems.

Japanese IT giant and long-time Sparc partner with Sun Microsystems and now Oracle has let slip the details on its "Athena" line servers based on its own sixteen-core Sparc64-X processors, which bear the same code-name inside Fujitsu. And it looks like Oracle is going to be reselling them, too.

This article describes how to evaluate Oracle Solaris 11—without having to install it on the bare metal—by importing it into Oracle VM VirtualBox, configuring it, exploring basic administrative tasks, and connecting to the network.

Depuis Solaris 11 update 1, le chain loader utilisé pour les plateforme x86 est GRUB2. Le fichier de configuration présent dans GRUB (menu.lst) est remplacé par un nouveau fichier nommé grub.cfg. L'édition de ce fichier est normallement déconseillé, du coup la mise à jour s'effectue via la commande bootadm.

Loadable kernel modules allow you to add code to a running Linux kernel. Oracle's Unbreakable Enterprise Kernel provides signed kernel modules to further protect the kernel. This article explains how to use this feature.

Ci-joint la procédure de création pas-à-pas des principales repo pour Solaris 11. Rien de plus simple... vous allez voir !

... an Oracle ACE! The thrills. The glory. The fame. Who can resist? Turns out sysadmins can.

Oracle Linux provides two complimentary technologies for patching and updating the operating system. [...] This is where Ksplice enters the picture. It is a technology that allows you to apply critical fixes to the Linux kernel at run time, without the need to reboot your system. This is a feature that is unique to Oracle Linux.