Monday, May 18, 2020

Building OpenJDK 13 and OpenJDK 14 on Solaris 11

Building OpenJDK 13 and OpenJDK 14 on Solaris 11

Abstract:

Java was created by Sun Microsystems and delivered a platform to build compatible platform & set of services which applications could be built upon, regardless of CPU Architecture or Vendor Operating System. This promise exists today.

Building OpenJDK

Java was Open Sourced by Oracle. In a previous article, it was discussed how JDK 8 is used to build both OpenJDK 11 & OpenJDK 12. Further efforts have been exercised, some half year later, to build OpenJDK 13 and OpenJDK 14 on modern operating systems like Oracle 11.


Conclusions:


Java continues to demonstrate it's relevance as an platform to maintain existing Managed Services and Enterprise based applications. As long as Java continues to offer a multi-platform and multi-operating system based, it will have a long life!

Thursday, May 7, 2020

Oracle WebLogic Server 14.1.1

[WebLogic Server Logo, Courtesy Oracle Corporation[

Oracle WebLogic Server 14.1.1

Abstract:

There have been a variety of Middleware Technologies that have existed over the years. There popular products like: GlassFish, Oracle SOA, and WebLogic. This article discusses WebLogic.

New Release!

Oracle Product Manager Will Lyons has announced a WebLogic Server 14.1.1 Middleware!

Some Pre-Requisites

Oracle Solaris 11.2 11.3 are supported, but Solaris 11.4 (aka Solaris 12) is recommended.
Long Term Support of Java SE 8 and Java SE 11 life cycle are available, Java EE 8 extensions are also supported, and testing is under way for Jakarta EE 8.

Conclusions

It is time to get on the upgrade train, for those who are running with WebLogic, to provide a stable & secure environment to perform messaging between various components in the cloud or in the enterprise.





Wednesday, April 22, 2020

Oracle SPARC Solaris Virtual Seminar April 2020


Oracle SPARC Solaris Virtual Seminar April 2020

Abstract:

Systems Vendors normally produce overviews for infrastructure on a yearly basis. Oracle is no different. A virtual seminar has been made available for Solaris 11.4 on SPARC Systems.

Overview:

This blog article is not to detail the virtual seminar, but highlights why one may wish to view the seminar. The seminar is a little over 2 hours, covering several major points: Solaris 11.4, Solaris Dashboard. Solaris Compliance

Who was involved?

Joost Pronk

Senior Principal Product Strategy Manager - Oracle


Joost Pronk currently is the CTO for Oracle Solaris Product Management at Oracle, where he leads the team of product managers responsible for all the different Oracle Solaris areas. In the past he was the Virtualization Strategist where he worked on unifying and communicating Sun Microsystem's end to end virtualization strategy and offerings across desktops, servers, storage, networking. Previous to this role, Joost has been in Solaris product team for more than a decade driving product management for virtualization in the Solaris operating system. Joost is a frequent speaker at industry conferences for operating systems, virtualization, security, and systems management.

Martin Müller

Senior Principal Software Engineer - Oracle

Martin Mueller works as a Senior Principal Software Engineer in Oracle's Infrastructure Technology department. He is part of the product management group and specializes in performance questions and the Oralce Solaris operating system. Previously he focused on performance related aspects of SPARC CPUs in Oracle's Microelectronics group, mainly studying real customer workloads on current and future Oracle CPUs. He joined Oracle with the acquisition of Sun Microsystems by Oracle where he held various technical presales roles. He holds a master degree in Physics.

Renato Ribeiro

Sr. Director, Systems Product Management at Oracle Corporation - Oracle

 Renato Ribeiro is Sr. Director, Systems Product Management at Oracle Corporation. He is responsible for product definition, release and business strategy for servers and Oracle Solaris. In over a decade working at Oracle and Sun Microsystems, he has gained extensive expertise in applying computing technologies to databases and applications in enterprise environments, especially in mission critical, large scale deployments. He has led teams and projects in virtualization, cloud systems, server performance analysis, high-performance computing, and integrated systems. He holds a Ph.D. from Stanford University.

Features:

Solaris Serviceability - Martin Mueller

A tremendous amount of effort had gone into adding Observability, Virtualization, Security, and Data Management enhancements into Solaris 11.4

Solaris Observability - Martin Mueller

StatsStore

Service runs all the time:
svc:/system/sstore:default
cli access:
# sstore

WebUI

http access:
https://{server}:6787/
Manual Pages:
# man sstore
# man sstoreadm
Package to add Documentation:
system/management/webui/webui-docs

REST API

Remote Administration Daemon
RAD Remote
svcadm:
svc:/system/rad:remote
http access:
https://{server}:6788

Solaris Compliance

Package

The package is available in 11.3 SRU 35 and later
# pkg install compliance update-check

Commands

Verify ehc-update check is available:
# compliance list
Run ehc-update check:
# compliance assess -b ehc-update
Verify Assessment is generated:
# compliance list
Create Report:
# compliance report

Multi-Node Configuration:
# compliance roster 
Central Collector Report Summary:
# compliance report -f summary
Customize Profiles:
# compliance tailor -t



Oracle's SPARC System Portfolio and Plans - Renato Ribiero

Optimized for: Database, Java, Security, Availability

Performance

Performance is universally higher for encrypted frameworks

Security in Silicon

Fastest & most efficient in the market.
M8 is the only CPU to perform SHA-3 acceleration on-chip
Silicon Secured Memory
Colors memory so there is no ability to break into memory of other colors

Fully Encrypted Datacenter:
Data at Rest, Data at Motion, Data verified in Checksum

SQL in Silicon

Available in 12c and newer
Oracle DB In-Memory option in the Oracle RDBMS in both Rows & Columns


SPARC Roadmap

Enhanced Fujitsu M12 to arrive in 2021 with additions planned for beyond.


Solaris Roadmap

Solaris 11 continues to be projected to be supported Oracle into at least 2034 and beyond.

Conclusions:

SPARC and Solaris continue to be updated by hardware partner Fujitsu and software partner Oracle. While Oracle did not explicitly say so, it appears that Oracle is now going to be more of a software vendor as Fujitsu will start wearing the "big boy pants" with hardware, in the future. The market looks forwards to decades of patching and advancements!

Monday, March 2, 2020

An Open Letter to Oracle for SPARC & Solaris





[Solaris Logo, courtesy Sun Microsystems]

An Open Letter to Oracle for SPARC & Solaris

Abstract:

The Market had always wanted revolutionary improvement from systems and operating systems, in order to produce cost of ownership improvements and a competitive against other software players. Many promises were made from Sun Microsystems, some were carried out by Oracle after acquisition, but there are still many needed features that must be completed.








SPARC M8 Laundry List

There is really not much that is desired, with Oracle producing an amazing Hardware Architecture with Software Stack to run on top. With a processor running at 5GHz, 32 cores per socket, 8 threads per core, and 4 instructions per clock cycle, hardware crypto-decrypt units, hardware decompression engines, Java streams accelerators, and Oracle RDBMS [numbers & query] accelerators - what else could be needed?


SPARC Trademark

The SPARC Trademark appears to be getting watered down, lately. More press releases are needed for the architecture, to exercise the rights of the holder, for legal purposes. The organization has seemingly gone mostly dormant, for the past number of years, with new Oracle partners in the SPARC environment not contributing press releases through the international organization. This needs to end. People offering emulation need to be participants in the trade group and contribute their dues, which are very small.









[Flash Card, courtesy Sun Microsystems]

Hardware

With competing organizations, like IBM, now owning Red Hat Linux, Oracle is left with the most scalable hardware in the market, with access to only a few select larger customers. The hardware reach must go downward, which IBM now has with their RedHat Linux on single board computers.


From a hardware perspective, scaling small for Makers and scaling big for Industry is needed:
- Intel CPU has proven itself as a terribly risky proposition to RISC, with never ending streams of security vulnerabilities - a commitment to secure SPARC is needed more than ever!
- Optane / QuantX / 3D XPoint NVRAM from Intel / Micron must be accommodated in a useful way, perhaps a native chassis interfaces controlled by firmware for persistent ARC, L2ARC replacement, or SLOG intent log replacement.
- a shrink of die, if for nothing else than re-adding future integration
- - network integration to a SPARC die for makers less expensive storage nodes
- - cross-bar switch for vertical scalability in single chassis for SMP systems
- - InfiniBand endpoint, for glue-less MPP integration or engineered systems
- - Memory, for inexpensive Compute Nodes in an engineered system
- a hardware compression engine has always been missing, to make 100% compressed datasets as native as 100% encrypted datasets
- 1 TB addressability per socket is a good start, but there needs to be a drive towards 2TB or 4TB of memory per socket, to work with ever increasing datasets.
- an Open Source 1x core 8x thread implementation, single board SPARC platform for Makers
- an Open Source OpenFirmware implementation to be used on a single board SPARC platform, for Makers
- an active push into the Universities & High Schools with single boards running Open Firmware and Solaris




If Oracle wishes to stay relevant, they must be more than a hardware knock-off company and start feeding the market with desire for their products from the lowest levels.






[RedHat and IBM logos, courtesy IBM]

Software

With competing organization, like IBM, now owning RedHat Linux, Oracle is left with the most scalable OS in the market (Solaris), with Engineered Systems based upon a knock-off version of IBM RedHat Linux. The software reach must go downward & broader with Solaris.
- Open Firmware needs to be re-released & re-spec'ed by the IEEE, so makers to have a future
- promises for rebootless-patching via K-Splice on SPARC must be delivered, as K-Splice has less of a future with similar rebootless patching now available on Linux (from other competitors like IBM, who own the OS that Oracle Linux is a knock-off of)
- promises for ZFS to expand out to a true horizontally scalable clustered filesystem need to be fulfilled, so perhaps small Solaris single boards can be combined for horizontal scalability
- A small version of Solaris, to run on small SPARC single boards, for makers
- A decision to support Java on SPARC, for makers to code in.
- A small Oracle RDBMS, to run on a SPARC single board, for makers, to make Oracle RDBMS relevant in today's computing environment
- Cooperation or Commissioning of Open Source Solaris alternatives, like Illumos, to run in the Maker environment, or ZFS Clustering, to maintain relevance to emerging human resource base.


When people come out of school today, they do not think of Oracle as a provider of anything. Software is a way to change this, and not by merely someone who copies IBM's operating system.




SPARC Solaris Cloud

Oracle released Solaris 11, as the First Cloud OS, yet only customers are building clouds with it.
- It is long overdue for Solaris 11 ZFS to provide block storage to Oracle cloud
- It is long overdue for Oracle RDBMS and Apps to run in Oracle Cloud under Solaris 11
- It is long overdue for LDom's to be available in a SPARC Cloud
- It is long overdue for Cold and Live Migrations of LDoms and Zones to an Oracle Cloud
- It is long overdue for Storage Migration of LDoms and Zones to an Oracle Cloud


This is not rocket science, as customers do a lot of it today, but it is time for Oracle to monetize on the Cloud with SPARC & Solaris, instead of refusing to provide visible cloud solutions to customers.








Your Own Destiny

It is written: Without Vision, The People Perish. A maker's dream might be a shrink of the M8 processor, with 1x core comprised of 8x threads, and the rest of the die filled with an ethernet & raw memory. A secondary version holding a crossbar on-die & headers on the board, so boards can be stacked on one another, similar form-factor to a Raspberry Pi, to create a scalable SMP platform. Allow OpenFirmware and Solaris to reside on it, while adding Oracle RDBMS on it, for educational purposes, and small business as a mini Oracle Database Machine (charge per additional board, aggregate ethernets for increased throughput.) End the dependence upon Intel & IBM & licensing other processors for the future - drive your own destiny. Facilitate third-parties to drive the hobby & educational & MPP markets (i.e. Illumos.org & unixpackages.com) while concentrating on the




Conclusion

The industry had watched, with great anticipation, the union of Oracle and Sun Microsystems. The creation of the fastest processors on the market, from SPARC family & a fabulous Solaris 11 OS has been the apex of computing, but resting  since 2017 is insufficient. A minor amount of investment or even just partnership with existing Open Source organizations is all that is needed to take Oracle to the next level - sustainability of Oracle SPARC, Oracle Solaris, and Oracle RDBMS for the next generation. With so many very good RDBMS's in the Open Source market on top of the Linux that Oracle copies from IBM RedHat, Oracle must decide to be a leader again, rather than a shell of a copy of competitors. Without advancing SPARC & Solaris, anyone can do what Oracle does.





Friday, February 28, 2020

Fujitsu: Updates SPARC Solaris Roadmap



[Solaris Logo, courtesy Sun Microsystems]

Fujitsu: Updates SPARC Solaris Roadmap

Abstract:

SPARC has been an Open CPU Architecture, from the day Dave Patterson from UC Berkeley proposed what would become the SPARC architecture and became the industry-leading 64-bit microprocessor. Sun Microsystems engineers worked with Dave to define the SPARC architecture. Many manufacturers like Sun Microsystems, Fujitsu, and later Oracle briefly produced, and definitively produced the longest lasting 64-bit architecture in the market. Fujitsu continues to update their SPARC Roadmap!
 
 



[SPARC64 & Solaris Roadmap, courtesy Fujitsu Canada]

SPARC64 & Solaris Roadmap for 2020

In 2017, Fujitsu release a new hardware platform called the M12, with what was the fastest silicon in the world! The platform included Physical Domains, which allow for Physical Domains to get moved & split between various chassis when a system failure occurs. The industry was looking forward to an update to some of the finest system firmware in existence!






[SPARC64 & Solaris Roadmap, courtesy Fujitsu Global]

SPARC64 & Solaris Roadmap 2021

Fujitsu promised to have an updated SPARC64 chassis in 2020, It appears that chassis has slipped to 2021. One of the things this author requested of Oracle for their future Tx-2 Chassis was larger memory footprint. If we could see a Tx-2 chassis of 4TB or 8TB, that would be enough to bring these platforms ahead for the next 4-5 years, since processor speeds have topped-out, for the most part, or even decreased, on competing architectures, due to their inherent insecure instruction sets.




Conclusions

Oracle & Fujitsu had taken the market a very long way with SPARC architecture, with competitors still light years behind. The platforms are still the fastest in the market, file system most advanced in the industry, and firmware the most capable. There is a short wish-list that is needed, to fill some gaps, but that is for another blog entry.






Tuesday, December 31, 2019

SSH Timeout Across a Firewall

SSH Timeout Across a Firewall

Abstract:

Firewalls represent a "choke point" between a Data Center and The Internet. The function of the Firewall is to protect the Data Center from unauthorized & malicious access. This "choke point" also typically terminate socket connections which have been idle for extended periods of time, to reduce unnecessary connections which need to be statefully inspected. This termination of idle sockets will sometimes stop the normal functioning of administrative sessions over SSH where longer running interactive jobs (i.e. backups, software installs, manual data loads, etc.) and corrupt databases. KeepAlive functionality in SSH can be engaged to inhibit this behavior.

What is the Error?

When a firewall terminates the connection, the client connecting to the Solaris Server in the remote Data Center may exhibit the following error message:

Received disconnect from 153.74.10.10: 2: Timeout, your session not responding.

And the connection is terminated.

In an outsourced Data Center environment, a controlling TTY over SSH connection was being terminated, when idle for 10 minutes, while manually running an interactive backup script (which produced no output to the controlling TTY over an SSH during the copy of a significant quantity of data across a WAN connection.)

What is a KeepAlive?

A KeepAlive packet is normally a 0 byte packet, sent along an open SSH session, on a regular interval, to keep a firewall from assuming the connection is idle, during longer periods of non-interactivity.

Even though it is a null byte packet, that does not add any additional data to the text sent or received by the application, the additional null byte packet has headers which are seen by the firewall, and keep the firewall from terminating the session because no traffic was seen.

How to Configure KeepAlive

Under Solaris 11.3, there is a system-wide configuration file which can be updated, on the server receiving the connections. By default, KeepAlive functionality is disabled under Solaris 11.3

SUN0101/root# egrep '(KeepAlive|ClientAlive)' /etc/ssh/sshd_config
# KeepAlive specifies whether keep alive messages are sent to the client.
#KeepAlive yes
ClientAliveCountMax 0
ClientAliveInterval 600


The following adjustment will enable KeepAlives to be sent every 120 seconds, while forcing a disconnection after 240 seconds, without responses (so the firewall is always getting data, and a truly idle connection will beterminated by SSH server, instead.)

SUN0101/root# egrep '(KeepAlive|ClientAlive)' /etc/ssh/sshd_config
KeepAlive yes
ClientAliveCountMax 2
ClientAliveInterval 120


A backup should be done to the original file, in case it needs to be rolled back.
Console access to the system will be needed, to perform the roll back, if ssh is mis-configured.

How to Enable KeepAlive

Changing the configuration file will not enable changes for new sessions, nor make changes to open sessions. If you wish to enable the change for new sessions, refresh the config through the services.

SUN0101/root# svcs ssh
STATE          STIME    FMRI                    .
online         May_03   svc:/network/ssh:default


SUN0101/root# svcadm refresh svc:/network/ssh:default


Any existing ssh sessions will be timed out by the firewall, within the configured limit.
Any new ssh session will not be timed out by the firewall, with the keep alive enabled.
Any new ssh session, which goes into an abnormal state where the client does not respond, will be terminated by the SSH service, in 2 minutes.

Conclusions

Network Management of Solaris Systems in Cloud based Data Centers is still quite usable, when firewalls are deployed by Cloud Providers and clean up idle connections.  These types of environments have long been used in mission critical arenas, with secured servers residing in DMZ's and ISZ's - so a remote data center with a perimeter firewall is just "old hat".

Monday, November 11, 2019

Building OpenJDK Under Solaris SPARC and x64

[logo, courtesy OpenJDK]

Building OpenJDK Under Solaris SPARC and x64

[Duke Thinking]

Abstract:

There has been must discussion regarding Java and Solaris, both SPARC, Intel x86, and AMD x64. Oracle had released Java into the wild, under a fast continuous release plan, and paid support plans for long term releases. OpenJDK is the reference release of JavaSE since Java 7. Once concern in the industry has been, how to we compile the latest versions of Java, and this has been discussed in detail by various authors to be cited.
[Duke Plugging]

Building OpenJDK 12 under Solaris:

Guest Author Petr Sumbera had published an article on Oracle's Solaris Blog on how to compile your own version  of OpenJDK 12. What is interesting is that it uses an existing JDK to perform that process!

To compile OpenJDK 12, SPARC Solaris requires JDK 8 under Intel Solaris and JDK 11 under SPARC Solaris. In addition, you will need Oracle Solaris Studio 12.4.

[Duke Drawing]

OpenJDK on SPARC Solaris:

In  March 2019, Oracle Author Martin Mueller also published an article on Building OpenJDK Java Releases on Oracle Solaris/SPARC. In addition, you will need Oracle Solaris Studio 12.4. This article may help in the build of of OpenJDK for SPARC.

[Duke Plumbing]

OpenJDK on Intel or AMD Solaris:

In February 2019, Birkbeck College, Computer Science Department, Author Andrew Watkins also published an article on Building OpenJDK 12 on Solaris 11 x86_64. This followed on his October 2018 article on  Building OpenJDK 11 on Solaris 11 x86_64. This followed on his September 2018 article on Building OpenJDK 10 on Solaris 11 x86_64. These articles may help in the building of OpenJDK for Intel or AMD systems.

Conclusions:

The availability of the latest Java, license & support free, is available if one wants to roll their own. If commercial support is desired, Java can can still be acquired from Oracle with a Long Term Support (LTS) contract.