Enterprise Software

Getting familiar with some of the new features of Solaris 10

Solaris 10 is the latest version of Sun's venerable flavor of Unix. Sun has gone a long way to add new features to it. In this article, Jonathan Sinclair points out some of them.

Solaris 10, the latest release of the operating system from Sun MicroSystems includes many upgraded and enhanced features and a few brand new features. This article will focus on a few of the new features of the operating system.

Solaris 10 is available on both x86 platforms and Sparc platforms. The implementation of the operating system is the same on each platform. The modular architecture of the operating system allows Sun to implement the operating system quickly and efficiently on new platforms. According to Sun, less than 5% of the operating system code is contained in the platform specific modules. This means the operating system will be the same regardless of the underlying hardware platform.

Below is an explanation of some of the larger new features of Solaris 10.

Solaris Containers

Solaris Containers, or containers for short, are one of the new features found in Solaris 10. Containers allow an administrator to partition the resources of a single hardware server for multiple application uses. Containers are a feature which provides a real advantage to the system administrator configuration, security, and resource allocation on hardware platforms.

Containers become a software boundary for any application on the hardware server. The container configuration specifies the amount of resource in terms things such as; processor usage, number of threads, number of processes, and amount of memory.

The advantage of the container is it not only acts as a throttle for resource usage it also completely isolates the resources from other containers. The isolation works in the other direction as well, all other containers are isolated safely from each other.

This isolation goes all the way to the level of independent address spaces, independent network identifications such as host name and IP address, and independent name spaces. The container looks to a user and to applications as a complete and separate instance of Solaris 10.

An administrator can run two containers which each have a version of the same application. Those applications can run in parallel, and be used be separate users. Users can log in to each container and run the applications at the same time, as though they were on two separate servers. The time savings, and equipment savings for a development environment is enormous. The power users of an application are able to do direct side by side comparisons of the current version and the version which is ready to be released. Once testing is completed the containers can be reconfigured dynamically to bring the new version of the application on line.

One important capability of containers, as mentioned above, is isolation. Not only are applications able to run in separate virtual instances of the operating system, but those instances are prevented from interfering with one another.

For example, imagine three containers running on a single hardware server. For simplicity sake each container will be assumed to be assigned 1/3 of the resources of processors, disks, memory and network bandwidth. Container 1, known as PROD, is the production Webserver with all Web applications. Container 2, known as TEST, is the test Webserver, which has all the Web applications including one new application. Container 3, known as DEV, is the development environment which includes a Webserver and all applications which are in development.

For example, assume that PROD is critical and must remain on line and available to customers. A user is testing using TEST, and the developers are building new applications in DEV. The developer finishes new code and begins to run it. The new code causes the Web server in DEV to crash. The crash was severe enough to hang the operating system.

If DEV had not been in Container 3, the operating system for the hardware server would have to have been rebooted. But in the example, Container 3 is the only operating system image that is affected. The user testing applications in TEST is still working, and the mission critical Web server in PROD is still working.

The developer requests the operating system be rebooted in DEV and continues on without affecting anyone else.

An addition feature of containers and the underlying management software for them is the ability to dynamically allocate resources. Using the example from above, if the load on PROD becomes more than 75% of the available resources, you can allocate more resources from the other containers. It would be possible to allocate 1/2 of the network bandwidth of DEV to PROD when the load reached 75%. This can happen automatically, based on preset levels.

Dynamic Tracing

Dynamic Tracing, or Dtrace, is another new feature of Solaris 10. Dtrace is a dynamic system meant to allow application tracing on running mission critical systems. Dtrace is a set of tools which allow real time monitoring of running applications and the operating system.

Dtrace includes built-in probes and a programming language known as the D programming language. Developers can set probes to watch specific events and report variables, or values, or execution paths.

Dtrace is not meant to replace traditional debugging and root cause analysis, but rather supplement the efforts. Often times a problem can't be reproduced on a test system. Dtrace gives developers the opportunity to see the running system with the problem, and delve into the problem with out affecting the running system.

For example, often times performance issues or aberrant behavior of software is caused by data the programmers were not expecting to handle. To duplicate a problem it may be necessary for the developers to load many hundreds of gigabytes of data into another system. It many cases the developers do not have access to systems large enough to duplicate the necessary data.

Dtrace gives the developer the opportunity to use standard probes and create Dtrace programs which can monitor the system with the live data. Once the error occurs you can load only the necessary data elements and further trouble shoot the issue.

When Dtrace is added to an application or to the operating system, no recompiling or rebooting is necessary. The Dtrace probes are able to be run in real time. This further gives the developer a chance to analyze the available data, and request more, without taking down an application or the entire system.

One of the largest benefits of Dtrace goes beyond finding issues which are causing downtime. Because Dtrace is so low impact on the system, and allows direct analysis of running systems, it can be used to improve the performance of just about any system.

You can monitor system level functions such as disk access and network bandwidth usage, as well as the memory use of an application. With that sort of data available from the running system, developers and administrators are able to modify applications and system parameters to improve over all through put for applications and the system.

Dtrace provides a large suite of tools and customization to developers and administrators to fix issues and improve performance with low over head cost to the system.

ZFS file system

Solaris 10 includes several improvements in both local and network file systems management. The new file system technology known as ZFS is the largest new feature. ZFS takes a new approach to disk and volume management that is instantiated as file systems visible to the operating system. ZFS includes features which increase reliability of data and decrease the administration tasks for file system management.

ZFS integrates the transactional approach data base management systems use for data integrity preservation. Data is written into new data blocks, even on update, before the pointers which represent the data are updated. In that way the data is safely written to the new location before the reference to the old location is removed.

This technique provides several advantages, just like database management systems. If there's a problem, you can roll back changes to the data, since the original data still exists. This provides a higher level of data consistency and assures accuracy of the data. In addition you can back up and restore to a point in time if desired.

The management concept of the ZFS file system is different than traditional file systems. ZFS provides one large pool of storage which all file systems are able to share. That is all physical disks are pooled together and file systems can take advantage of any available space in the pool.

This approach eliminates the logical disk layer which most volume management systems require. In that way file systems built on ZFS can grow beyond the initial projected amount of space.

You can also allow a file system to grow, or contract, without having to be taken out of service. Many applications reach a point of growing beyond data initial data projections, causing down town for customers. ZFS can eliminate the need to rebuild a file system onto a larger volume, but allowing the file system to grow when necessary.

The ability to partition file systems based on need, from one large storage pool helps utilize space more effectively. The data space is less fragmented when the pool of disks is shared between applications.

Even though ZFS is a very different file system management and administration environment than traditional file system management and volume management, the APIs which allow access to the disk subsystem are still POSIX compliant, meaning no application changes will be necessary.

Some changes under the Sun

Although this article only focused on a few the very large changes to Solaris 10, there are many new features, and many enhanced features which make Solaris 10 one of the most complete operating systems available today.

One other set of features worth noting briefly is the security enhancements and new features which are available. Many of the features which were previously only available in the highly secured Trusted Solaris versions are available as part of Solaris 10. This includes built in encryption algorithms and User Rights Management and Role Based Access Control.

Traditionally UNIX has been a security risk for many businesses. All UNIX vendors have tightened the available security systems, and closed down potential security holes in the operating systems. With Solaris 10, Sun has brought the military level security options to every business.

While the changes have been large and have improved Solaris greatly, Sun stands by the compatibility with older versions of Solaris, so upgrading to Solaris 10 is usually not complicated for the administrator of systems.

Editor's Picks

Free Newsletters, In your Inbox