With a solid new IP stack, virtualization and developer tools, Sun's revamped OS is a superb product that still needs a few finishing touches.
The wait is over for Solaris 10 -- it's finally here. Solaris 10 03/05 GA was released on February 1, 2005, and is available for free download from Sun's Web site. Now I know you have read plenty of reviews of Solaris 10 since Sun's "launch" of it on November 15, 2004, but those were based on code that was still in beta development with promised features yet to be finished. I downloaded the latest Solaris 10 from Sun's Web site and gave it spin in our Real World Labs at Syracuse University.
The first thing I noticed is that Solaris 10 is missing ZFS, even though it was "launched" back in November. ZFS would be the first 128-bit platform-agnostic file system that has virtually no file system size limitation. I would love to tell you more about how it performed, but early estimates say it won't be available until Q3 of this year.
Despite this initial disappoint, the features that are included certainly put a grin on my face. Sun has made some revolutionary additions to its operating system, including DTrace (Dynamic Tracing), Solaris Containers (a.k.a. zones) and a complete rewrite of its TCP/IP stack (codenamed FireEngine). As expected, Solaris 10 runs on 32- and 64-bit SPARC hardware from Sun, but would you have guessed that x86 and x64 hardware are supported as well? Solaris 10 will now run on commodity Intel x86 architecture machines and on AMD Opteron- and Intel Xeon-based 64-bit systems.
Installing Solaris 10 has not changed much over previous installations of Solaris. I installed the new code on a Sun Fire 280R SPARC-based machine as well as on a Sun Fire v20z AMD Opteron machine and put them to the test. On each platform, I performed the same tests, ensuring commands worked similarly on each platform. Sun's position of allowing Solaris to run on different platforms is a huge plus for the company, as SPARC-based processors are now lagging behind those from other manufacturers in terms of features like multi-core processors and processor speed (1.2-Ghz maximum).
DTrace is an application that has no predecessors. Simply put, there's nothing like it out there in any OS. It allows you to trace every aspect of a process running on the Solaris kernel. DTrace can peak inside the kernel and follow a running application as it opens files, accepts user input and opens network connections; it can tell you everything a process is doing.
Solaris developers will find this utility very useful. Using DTrace, you can find performance bottlenecks in your application and write your code to better utilize the resources available. It may even bring back those good ol' days when software developers wrote efficient code instead of relying on faster hardware to run inefficient software. After learning DTrace, Solaris admins may also be able to stop using truss and lsof to find problems with their machines. DTrace has a very structured language and complex command-line syntax, so take your time and learn it. It will be useful in the long run.
Using various Solaris container commands like zonecfg and zoneadm, I later created a zone used to test Web applications.
Click to Enlarge
One of the problems administrators face is attempting to get good utilization of resources. It does not make financial sense to have a machine with four processors and 8 GB of RAM when you are using only a quarter of it 90 percent of the time. Solaris 10 now brings OS virtualization to the Solaris camp, allowing you to create isolated software environments on one Solaris kernel.
I created two containers in both the 280R and v20z machines for my tests. Container creation was straightforward, and in my tests consisted of naming the container, setting it to start automatically and giving it an IP address. Container startup and shutdown are lightning fast--under 15 seconds in all my tests. With containers, server consolidation will become more feasible, administration will become easier and you will get better utilization across all hardware platforms.
Solaris 10 also includes a completely rewritten TCP/IP stack. In previous versions of Solaris, TCP/IP across multiple CPUs was not very efficient and lagged behind the faster performing TCP/IP stack on Linux. This complete rewrite gives better performance to all network applications--Web services, in particular, is seeing huge improvements despite many short-lived connections.
Using various SMF utilities, I was able to disable Sendmail. After verifying the process was stopped, I enabled the service. /etc/init.d/servicename start|stop no longer works for most services in Solaris 10.
Other improvements include a service-based startup facility named SMF (Service Management Facility). SMF removes the rc startup script conventions in Solaris and creates a more Windows-like services framework. SMF allows multiple services to start up concurrently, reducing the boot time of a Solaris 10 server dramatically.
Solaris 10 now includes ipf (IP Filter), an open-source host-based firewall that replaces Sun's SunScreen firewall service. NFS has been updated to v4 of the protocol, a welcome improvement in security and file locking. Shared memory, semaphores and other System V IPC (InterProcess Communication) configurations are now dynamic--no more /etc/system edits requiring a reboot. The mail system was updated to Sendmail 8.13 and includes support for the mail filter interface.
Overall, Solaris 10 is a much-needed improvement to Sun's flagship operating system. But should you upgrade all of your Sun machines next month? Probably not. Although DTrace, Solaris containers and the many other improvements are compelling reasons to do so, I say wait a couple of quarters until ZFS is integrated and the enthusiasts work out those initial bugs.
Christopher T. Beers is a Unix Systems Engineer at Syracuse University. Write to him at email@example.com.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.
Digital Transformation Myths & TruthsTransformation is on every IT organization's to-do list, but effectively transforming IT means a major shift in technology as well as business models and culture. In this IT Trend Report, we examine some of the misconceptions of digital transformation and look at steps you can take to succeed technically and culturally.