Col’s Tech Stuff

As promised on Friday, I’ve taken the plunge and tested applying the latest patch cluster to a fresh Solaris 10u5 installation running 10 zones using the new zones parallel patching feature.

To speed things up and to try and prevent any problems I performed the following steps:

1. Jumpstarted the OS (SUNWCuser cluster)
2. Applied patches 125555-04 and 119254-66 (gives us the parallel functionality)
3. Created a basic sparse-root zone without any networking
4. Cloned the zone 9 more times
5. Create an alternate BE using live upgrade so I had two identical boot environments

Once I had the machine setup, I booted into single user mode (so all zones will be in the “installed” state) and set off the first cluster installation using the default options (ie no parallel application).

I then rebooted into single user mode on the alternate boot environment, set num_proc to 10 and applied the patch cluster again.

How’s this for a significant difference in time:

Continue reading ‘Installing the Recommended Patch Cluster With Zones Parallel Patching’

I work with a couple of guys who are quite stuck in their ways and are quite reliant on old tools, one of which is xclipboard(1).

Unfortunately, Gnome comes with it’s own clipboard manager, so when you try to run xclipboard, you get the following:

Of course, ps(1M) will show no clipboard related processes running. This is because the functionality is performed by Gnome itself, I believe, as part of the functionality of gnome-settings-daemon.

One of my colleagues gave me the challenge of getting xclipboard working on Gnome on OpenSolaris/Nevada, ie Gnome 2.6, and I found it quite easy to do in the end.

The trick is to tell Gnome not to perform this functionality anymore as follows:

Continue reading ‘HOWTO: Use xclipboard With Gnome’

If you’re running a fair few non-global zones on Solaris 10, you’ll know full well how painfully slow the patching process is. Well, I’m please to say “not any more”.

The Zones Parallel Patching feature was officially released on Tuesday and is contained in the latest Solaris 10 patch utilities patch, 119254-66 (SPARC) and 119255-66 (x86).

Getting the functionality is simple: just apply the patch as you would any other patch. Taking advantage of it is a different thing.

By default the behaviour is as before: NO parallel patching takes place. But it’s easily changed by setting “num_proc” to the number of non-global zones to be patched in parallel in the /etc/patch/pdo.conf file.

Prior to this feature, each non-global zone was patched sequentially. With this feature invoked, the global zone continues to be patched first, but then the non-global zones can be patched in parallel, leading to significant performance gains in patching operations on zones systems.

While the performance gain is dependent on a number of factors, including the number of non-global zones, the number of on-line CPUs, the speed of the system, the I/O configuration of the system, etc., a significant performance gain (up to 300% has been reported) can be expected for patching the non-global zones.

Continue reading ‘Solaris Zones Parallel Patching’

I think one of the best features of Solaris is the Live Upgrade mechanism. This really useful feature can be used for upgrading and patching with very little impact on the server. This means you can patch or upgrade your production system, whilst it’s still in production, and only schedule a short outage for the reboot needed to activate the new patched/upgraded environment. Live upgrade also has the added benefit that you can roll back to a known good boot environment in the event something goes wrong.

Sadly, it’s not always a bed of roses when it comes to using live upgrade as things change with patches and new bugs are discovered and fixed, however most problems can be easily avoided with a little bit of pre-planning.

Continue reading ‘The Key to Live Upgrade Success’

I was a little early this morning with my post about upgrading as technically OpenSolaris 2009.06 hadn’t been released. Well it has now. Check out the official release announcement for a different “What’s New and links to the various downloads.

Oh yes, and SPARC support is now officially included too.

Links of interest for 12 May 2009 - 1 Jun 2009:

• Sun Security Toolkit at OpenSolaris.org - The SST (aka JASS) is now open source (under CDDL) and available for OpenSolaris too.
• Parallel Patching for Solaris 10 - Chris Armes’s Weblog - This is a godsend if you've got a system with a lot of zones that needs patching. You can expect patch for patchadd for this sometime in June so you can get parallel patching before S10u8
• What’s New in OpenSolaris 2009.06 - The presentation slides used by Peter Dennis at Community One
• Sun seeks to build world’s biggest App Store around Java - Now this would be brilliant if Sun manages to pull it off. It may start off being Windows only to start off with, but as it's Java, there's no good reason it can't become available for OS X, Linux or even OpenSolaris.
• Pirate Bay Founder Devises DDo$ Attack - What a genius idea.

The pkg repositories have now been updated to included the 2009.06 pkgs (What’s New preso - PDF). There is no need to perform a clean install, you can just use the Update Manager GUI to update your OpenSolaris 2008.11 release to 2009.06.

There is one teeny weeny issue that you may encounter - the Update Manager GUI may tell you that there are no new pkgs available. Sadly, the solution isn’t clear or intuitive from the GUI: you need to update the SUNWipkg pkg first. The CLI is clearer about this and tells you that you need to update this pkg when you attempt to upgrade using “pfexec pkg image-update”.

So to update via the GUI, quickly fire up a terminal and run:

$ pfexec pkg install SUNWipkg

This will update the package tool and once complete, you can then return to the Update Manager GUI to perform the upgrade.

Thanks to the beauty of ZFS and OpenSolaris’s upgrade procedure, a new boot environment will be created, updated and made the default BE (only if the upgrade is successful). Your old boot environment will still be available if you want to go back at a later stage.

I’ve you’ve been using the dev repositories, you’re not likely to hit this issue now as you would have hit it in the past already. I believe this issue is now resolved too.

I’ve just pushed out a new revision of HB-Cumulus. This isn’t a major update, rather another maintenance update in which I’ve:

• Updated tagcloud.swf to that provided with WP-Cumulus 1.20, which includes the following relevant fixes:
  “Fixed the mouse pointer not changing to a hand when hovering tags.”
  “Adds Turkish language support to the Flash movie.”
• Like the WP-Cumulus plugin, I’ve also added a “Compatibility” option. When this is enabled, the plugin will not use the SWFObject Javascript to embed the Flash.

You can get the latest revision from the HB-Cumulus project page.

As this is a new release, I’ve closed comments on the 1.2 post. If you encounter any problems, please ensure you update to rev 1.3 and if the problem still exists, leave a comment here.

Finally the “behind the scenes” details of Sun’s little dating game (ie hawking itself off) have been made public in the proxy statement Sun is required to file as part of the acquisition.

The Register gives a summarized explanation of the shenanigans if you don’t want to read through the whoooole looooong proxy report.

One thing that is encouraging about this disclosure is Oracle will effectively become Sun’s sugar daddy as the following question and answer states:

Q: What is the transaction?

A: Sun and Oracle have entered into a definitive agreement pursuant to which, subject to the terms and conditions of the merger agreement, Oracle will acquire Sun through the merger of a wholly-owned subsidiary of Oracle with and into Sun. Sun will be the surviving corporation (which we refer to as the surviving corporation) in the merger and will continue as a wholly-owned subsidiary of Oracle.

This is also encouraging and I hope it remains this way indefinitely. This should allow Sun to continue innovating like it has for all these years, but now with a firm hand holding onto the purse strings (and hopefully having a hand in getting rid of some of the cruft in Sun’s upper management).

I suspected this would be the case as the Sun name and brand is still very valuable and powerful and Oracle can now use both brands to it’s full advantage. Time will tell how well this works.