[H-GEN] Solaris zones/chroot/vmware

Adrian Sutton adrian at intencha.com
Tue Dec 7 18:25:06 EST 2004


Hi James,
Thanks for your input.  Our previous sysadmin knew nothing about UNIX 
and we no longer have a sysadmin at all so the solaris box has been 
badly neglected as you noted.  I'm considering taking it on as a 
project to learn more about Solaris and actually get some value out of 
out e250.

> If you want Zones (N1 Grid Containers if you want to talk
> to a marketroid) then you'll need Solaris 10. Currently
> available via Solaris Express (www.sun.com/software/solaris)
> as a free download. (If you want the privilege of logging
> bugs with Sun then we'll charge you some money ;>)

I've been attempting to play with the x86 version of Solaris 10 at home 
to learn about it some more but it doesn't seem to support my hardware 
well.  I'll probably have to take home one of the SunBlades and play 
with it.

> If you're happy with chroot then you can do that in Solaris 8
> or 9. Ditto with vmware.

chroot probably isn't an option because it doesn't provide "virtual 
ports".  Most of the software we need to run tries to bind to port 80 
and while this could be configured it's difficult enough to get most 
enterprise software working let alone make sure that all the right 
config files are changed to use the new port number.

vmware is the kind of thing I expect we'll need to set up, I'm not sure 
what options are available in this area - hence my post.

> There is also qemu http://fabrice.bellard.free.fr/qemu/ which
> you can use for multiple different OS versions.

This sounds like a potential option.  The price is ideal but it failed 
to compile on my OS X box - hopefully I'll have better luck on a 
Solaris box when I get a chance to try it there.

We're also investigating the potential of giving each developer a copy 
of VMWare to run locally and having a collection of testing images.  It 
may be possible to use this setup for our enterprise app server 
integrations as well.

> Your kernel patch is about 20 revs behind and more than 18
> months old. This is bad. Very bad. I understand why you might
> not have patched the system, but you do need to take into
> account what you're missing out on. You can get the current
> patch cluster for Solaris 8 from sunsolve.sun.com (and you
> do have a support contract, don't you?)

I knew it was out of date but with no sysadmin that's to be expected.  
It does everything we've needed it to perfectly well so far without 
being upgraded so we haven't touched it (it is fully hidden behind a 
NAT firewall etc with only trusted users having access to it in any way 
shape or form).  I've spent some time looking at what patches we need 
to apply to bring it up to date this morning and it's going to be a 
long process to apply them all and make sure nothing breaks.  The 
actual upgrade will probably have to wait until I'm familiar enough 
with Solaris and have documented the system well enough that I could 
set it up from scratch if it all went haywire.

> [now I'm wearing my "spruik Solaris 10" hat]
>
> Apart from that you should definitely be getting your
> app(s) running on Solaris 10 -- use the zones and use
> dtrace to see what your code is spending its time doing.
> Oh, and Solaris10 boots a _lot_ faster than Solaris 8 or
> 9 -- something like 2x faster is what I've personally
> experienced, and it's getting faster all the time.

I'd be surprised if any of the systems we currently rely on wouldn't 
run on Solaris 10 (bugzilla, scarab and jetty with cocoon).  The apps 
we actually develop do run on Solaris 10 quite well (they're Java 
based) and we officially support Solaris 8+ as well as a bunch of other 
OSs.

> If you want an idea of how many zones you can run on a
> sunblade100, check out John Clingan's blog at
> http://blogs.sun.com/roller/page/jclingan and in particular
> http://blogs.sun.com/roller/page/jclingan/20041201

I've seen them - crazy stuff.

> James C. McPherson

And before anyone comments, yes I know our server infrastructure is a 
total mess and really needs to be fixed.  If anyone wanted to volunteer 
their time to fix it let me know. :)

Regards,

Adrian Sutton.
----------------------------------------------
Intencha "tomorrow's technology today"
Ph: 3420 4584 0422236329
35 Prenzler St
Upper Mount Gravatt 4122
Australia QLD
www.intencha.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 186 bytes
Desc: This is a digitally signed message part
URL: <http://lists.humbug.org.au/pipermail/general/attachments/20041208/567cf8a1/attachment.sig>


More information about the General mailing list