Friday, November 27, 2015

Solaris 11: The pkg Repositories

[Solaris Logo, courtesy former Sun Microsystems]

Abstract:

Packaging has long been the basis of modern Operating Systems, dating back to AT&T System V. Solaris adopted SVR4 packaging, when Sun Microsystems started growing from an Operating System needing a compiler to a production Operating System to be deployed. SVR4 Packaging was originally based upon the concept of a Stream (recorded upon Sequential Block infrastructures likes Tape) or a Tree (recorded Random Block infrastructures like Disk.) Sun Microsystems was astutely aware that "http" protocol was not much different from a "tape", where a stream of data was pulled down, and they upgraded SVR4 to support HTTP repositories with encryption and license keys. Somewhere along the way, Sun lost their way, and created a proprietary packaging system with fewer capabilities, called IPS, based upon the new command "pkg"... but Oracle is making the best of it.

[former OpenSolaris logo]

The "pkg" Repository

The concept of a Package Repository with the Image Packaging System was introduced with OpenSolaris. The repository would be served up through a web server and secured with certificates.




[Oracle Logo, courtesy Oracle Corporation]

Oracle pkg Repositories

There are two kinds of Oracle “pkg” repositories:
1.       Non-production Release Repository
Designated as: http://pkg.oracle.com/solaris/release/
2.       Production Support Repository
Designated as: https://pkg.oracle.com/solaris/support/


The document describing the Solaris 11.2 Package Publisher info:
http://docs.oracle.com/cd/E36784_01/html/E36802/gijmo.html

Checking Repository

The newly installed OS is using the Oracle Package Publisher defaults to the Release Repository.
sun9876/root# pkg publisher
PUBLISHER                   TYPE     STATUS P LOCATION                           
solaris                     origin   online F http://pkg.oracle.com/solaris/release/

Additional detail can be reviewed about Oracle’s “solaris” release publisher:
sun9876/root# pkg publisher solaris

            Publisher: solaris
                Alias:
           Origin URI: http://pkg.oracle.com/solaris/release/
              SSL Key: None
             SSL Cert: None
          Client UUID: 6367a630-fbe6-11e3-8701-5bf522237f54
      Catalog Updated: August 18, 2015 04:44:20 PM
              Enabled: Yes

To check the current OS Release and Update – note: installed is Solaris 11.2 (0.175 is Solaris 11) SRU 0

sun9876/root# pkg info entire
          Name: entire
       Summary: Incorporation to lock all system packages to the same build
   Description: This package constrains system package versions to the same
                build.  WARNING: Proper system update and correct package
                selection depend on the presence of this incorporation.
                Removing this package will result in an unsupported system.
      Category: Meta Packages/Incorporations
         State: Installed
     Publisher: solaris
       Version: 0.5.11
 Build Release: 5.11
        Branch: 0.175.2.0.0.42.0
Packaging Date: June 24, 2014 07:38:32 PM
          Size: 5.46 kB
          FMRI: pkg://solaris/entire@0.5.11,5.11-0.175.2.0.0.42.0:20140624T193832ZZ


To check the Oracle Release Repository – note: available is Solaris 11.2 (0.175 is Solaris 11) SRU 1
sun9876/root# pkg info -r entire
          Name: entire
       Summary: Incorporation to lock all system packages to the same build
   Description: This package constrains system package versions to the same
                build.  WARNING: Proper system update and correct package
                selection depend on the presence of this incorporation.
                Removing this package will result in an unsupported system.
      Category: Meta Packages/Incorporations
         State: Not installed
     Publisher: solaris
       Version: 0.5.11
 Build Release: 5.11
        Branch: 0.175.2.1.0.2.1
Packaging Date: September 23, 2014 10:49:40 PM
          Size: 5.46 kB
          FMRI: pkg://solaris/entire@0.5.11,5.11-0.175.2.1.0.2.1:20140923T224940Z

There are 148 updates available from the Oracle Release repository.
sun9876/root# pkg list -u | wc -l
     148

To list the updates available:
sun9876/root# pkg list -u | head
NAME (PUBLISHER)                                  VERSION                    IFO
archiver/gnu-tar                                  1.27.1-0.175.2.0.0.42.1    i--
compress/bzip2                                    1.0.6-0.175.2.0.0.42.1     i--
compress/gzip                                     1.5-0.175.2.0.0.42.1       i--
compress/p7zip                                    9.20.1-0.175.2.0.0.42.1    i--
compress/pbzip2                                   1.1.6-0.175.2.0.0.42.1     i--
compress/pixz                                     1.0-0.175.2.0.0.42.1       i--
compress/unzip                                    6.0-0.175.2.0.0.42.1       i--
compress/xz                                       5.0.1-0.175.2.0.0.42.1     i--
compress/zip                                      3.0-0.175.2.0.0.42.1       i—

A dry-run of the update shows 8 packages updates available with release, and size - no reboot required.
sun9876/root# pkg update -nv
            Packages to update:         8
     Estimated space available: 275.69 GB
Estimated space to be consumed:  65.63 MB
       Create boot environment:        No
Create backup boot environment:       Yes
          Rebuild boot archive:        No

Changed packages:
solaris
  consolidation/sunpro/sunpro-incorporation
    0.5.11,5.11-0.175.2.0.0.37.0:20140414T130238Z -> 0.5.11,5.11-0.175.2.1.0.4.0:20140728T200719Z
  consolidation/userland/userland-incorporation
    0.5.11,5.11-0.175.2.0.0.42.1:20140623T010405Z -> 0.5.11,5.11-0.175.2.1.0.2.0:20140723T184045Z
  developer/assembler
    0.5.11,5.11-0.175.2.0.0.37.0:20140414T130241Z -> 0.5.11,5.11-0.175.2.1.0.4.0:20140728T200720Z
  entire
    0.5.11,5.11-0.175.2.0.0.42.0:20140624T193832Z -> 0.5.11,5.11-0.175.2.1.0.2.1:20140923T224940Z
  system/library/c++-runtime
    0.5.11,5.11-0.175.2.0.0.37.0:20140414T130401Z -> 0.5.11,5.11-0.175.2.1.0.4.0:20140728T200722Z
  system/library/math
    0.5.11,5.11-0.175.2.0.0.37.0:20140414T130409Z -> 0.5.11,5.11-0.175.2.1.0.4.0:20140728T200728Z
  system/library/mmheap
    0.5.11,5.11-0.175.2.0.0.23.0:20130916T153150Z -> 0.5.11,5.11-0.175.2.1.0.4.0:20140728T200732Z
  system/library/openmp
    0.5.11,5.11-0.175.2.0.0.37.0:20140414T130412Z -> 0.5.11,5.11-0.175.2.1.0.4.0:20140728T200733Z

To update from 11.2.0 to 11.2.1 (which was the latest at the time of this article publishing):
sun9876/root# pkg update

Management through Ops Center

If the operating system instance is managed through Ops Center, the publisher repositories are changed, and patching can be done centrally.

Ops Center server is the local proxy, holding patches & packages from Oracle
sun5582/dh127087$ pkg publisher
PUBLISHER                   TYPE     STATUS P LOCATION                           
solaris                     origin   online F https://oracle-oem-oc-mgmt-sun9999:8002/IPS/
cacao                       origin   online F https://oracle-oem-oc-mgmt-sun9999:8002/IPS/
mp-re          (non-sticky) origin   online F https://oracle-oem-oc-mgmt-sun9999:8002/IPS/
opscenter                   origin   online F https://oracle-oem-oc-mgmt-sun9999:8002/IPS/

The operating systems managed through Ops Center can be patched remotely or can be patched through the command line, using Ops Center server as the supported package repository.

Conclusions

While the detour that Sun Microsystems took, taking packaging back a couple decades, Oracle started to make the best of it. With the release of Ops Center, to manage the Solaris cloud components to automatically configure the pkg components and provide a continuous feed of packages for their Operating System and Firmware, Oracle has been making some sweet lemonade from their lemons.

Wednesday, November 25, 2015

Joyent: Encapsulating Linux through Docker into a Zone


[Solaris 11 Launch image, courtesy Oracle]

Abstract:

Virtualization has been available in the UNIX OS world. The creation of users in a time sharing environment, to isolate executable threads from one another as well as protect files in an underlying file system started the journey. The creation of the Virtual File System, where disks could me mounted anywhere in a file system tree (instead of drive letter) revolutionized computing to allow those systems to grow in the shared environment! The creation of "chroot" so an application could run in it's own file system space, made an application "feel" like it is on a dedicated system. The merging of SVR4 into Solaris created a robust multi-processor infrastructure to host multi-user and  multi-tenant systems. The creation of Zones under SVR4 Solaris 10, further extrapolated the original concepts of the UNIX "chroot", isolating CPU, Memory, Users, Storage - effectively making a single instance of the Solaris OS truly multi-tenant. The creation of Branded Zones for Linux and Solaris came later, offering entire operating systems to be encapsulated under Intel and SPARC Solaris systems. Newer proprietary technologies continue to enter the horizon.

[Oracle Linux, courtesy Oracle]
The Linux Problem

People participating in the Linux ecosystem are interested in creating new raw environments,  isolated to their operating system under proprietary Intel processors, to supply a reasonable replacement for mature infrastructure. These replacements constitute very long efforts, which often never really get completed. Veterans understand the benefit of good engineering and can often take systems "to the next level." Vendors like Oracle had taken Linux, ran their applications on top of it, and supplied the patches necessary to keep Linux stable.

Joyent: Zones(KVM and Linux)

Former employees of Sun Microsystems continue to do the heavy lifting in the industry. Network Management wrote about Joyent's efforts to port KVM into Solaris Zones under their SmartOS, based upon Illumos. Illumos originated from Sun Microsystem's OpenSolaris project (which became the basis of Oracle's Solaris 11.)

[Solaris Zone/Container concept, courtesy former Sun Microsystems]

Joyent: Zones(Docker and Linux)

One might expect that Cloud companies who are obsessed with Virtualization like Joyent would continue their quest for a "better cloud". In 2015, Joyent released a presentation on the porting of Docker to encapsulate Linux into a Zone... using the same SmartOS based upon Illumos, which found it's roots in Sun Microsystem's OpenSolaris.



For Joyent, The Cloud means chasing every container technology and integrating it into SmartOS, to give their customers choice, while simultaneously utilizing their infrastructure as efficiently as possible.

Conclusion

SVR4 UNIX and Sun Solaris developers have a long history of virtualization. The success story of Joyent in "Cloud" environments continues to lead the market in vision, taking things which were good but raw, and rolling them into mature facilities which continues to make the computing industry grow!