Review of Solaris Express

Solaris is the Unix variant produced by Sun Microsystems and is the result of over 20 years of continuous development. It is the only Unix variant that can run on commodityIntel PC hardware as well as Sun and Fujitsu hardware using Sparc and UltraSparc processors. Sun makes many changes to Solaris, some of them are big news and many are not. It is usually a system administrator that finds out about a new command or an undocumented command or feature (like the -k switch for netstat). This review is about two different installs of Solaris Express on different hardware to show some of the many features of the new release.

Solaris Express is the first product of Sun’s Software Express program, where administrators and users can download monthly releases and test-drive the newest Sun software products. This is available for both Sparc and Intel versions of Solaris Express. This review is of Solaris Express releases 8/03 through 11/03.

Reduced Networking Support Installation of Solaris Express

I used my Ultra 30 as the machine for a standard CD ROM install of Solaris Express; this
machine has the following hardware:

250 MHz UltraSparc II CPU
1024 MB of memory (16 x 501-2480 64 MB DIMMs)
2 x 9 GB IBM DDRS 903170 SCSI hard disks
Creator 3D frame buffer
ViewSonic A90 19″ monitor
Integrated hme 10/100 Ethernet adapter
Sun Type 6 keyboard and mouse

The first step is to turn on the machine and press Stop-A, this gets you to the OpenBoot
Prompt or OBP. Load the Software 1 of 2 CD into the drive then issue the following command at
the OBP:

boot cdrom

The CD is read and loads the installer loads into memory, if the hardware you intend to
install Solaris Express is supported the install will continue. If you have 32-bit
hardware (sun4d or sun4m architecture) the install will fail. According to the message
printed on screen during the install on my Ultra 2, support for UltraSparc I CPU’s will
be dropped in future releases (this review is based on the 9/03 release). Since I am using
supported hardware the installer loads and I am prompted for the following information:

Language (9 choices, I chose English)

Locale (you have 59 choices, I chose U.S.A. (en_US. ISO8859-1)

Once this is done, the install changes from command line to graphical. Like Solaris 9 Sun
has not come up with a replacement to the TWM (Tab Window Manager) to something slicker. You will
be prompted for the following information:

Will the system be networked?

Will you be using DHCP?

Host name

IP Address

System part of a subnet?

Netmask?

Enable IPv6?

Default Route? Here you have the option of Having Solaris detect it on reboot, to
specify one, or you have no default route. I selected to specify one and typed the
IP address in.

Configure Kerberos Security?

Name Service? Your choices are NIS+, NIS, DNS, LDAP, and none.

Time Zone (Country)

Country or Region

Time Zone

Date and Time

Now the Solaris Interactive Installation program loads and you have two install options,
either Standard or Flash. To take advantage of a Flash install you would have had to
create a Flash Archive (using Solaris Flash) of an existing system of similar hardware
and either have a JumpStart server or a web server configured for Flash Installs, a tape
drive, or a CD of a Flash Archive. I pressed F2 for Standard since I do not have a
configured JumpStart or web server.

You will be asked if you want the system to reboot automatically or not.
If the Installation Program detects a previous Solaris installation you will be prompted
to either Upgrade or to select an Initial Install of Solaris. In this case I chose an
Initial Install of Solaris. The next screen will prompt you for additional Geographic
Regions you might want to support. I pressed F2 to continue since I do not want support
for other Regions. New to Solaris Express is the screen Select System Locale in which you
have the following choices:

POSIX C

U.S.A. (en_US.ISO8859-1) (I chose this option)

U.S.A. (en_US.ISO8859-15)

With Solaris, you have a choice of the system is installed by choosing install clusters;
each cluster adds more software and functionality (and more security holes). The install
clusters are as follows:

Reduced Networking Core System Support (new to Solaris Express)

Core System Support

End User System Support

Developer System Support

Entire Distribution

Entire Distribution plus OEM Support

I tried a Reduced Networking Core System Support install just to see what would be
installed. This is a new feature of Solaris Express that Sun feels will appeal
to system administrators building firewalls, DNS servers, and other machines where nothing
more than the minimal OS is required. This install cluster uses the Software 1 of 2 CD only
(like the Core System Support install cluster) except it does not install the following:

Console Frame Buffer support

FTP server or client

Telnet server or client

Secure Shell server or client (this is on the Software 2 of 2 CD)

No sendmail support

Routing support for IPv6

Volume Management (ability to mount CD ROM, Zip, jaz, and floppy drives automatically)

What it does install is interesting though, but not surprising since Sun determines what
is necessary and leaves it up to the system administrator to determine what to remove:

Audio Drivers

X11 ISO8859-1 and ISO8859-15 Codeset Support (the install cluster does not support X)

Kerberos Version 5 support (specified no support for Kerberos)

NIS Support (specified no Name Service)

USB Support (an Ultra 30 does not have USB ports)

WAN boot support

And as part of every install of Solaris you get the following installed:

Sun GigaSwift Ethernet Adapter Driver

Sun RIO 10/100 Mb Ethernet Drivers

Sun FCIP IP/ARP over FibreChannel Device Driver

Sun FCP SCSI Device Driver

Sun Fibre Channel Transport layer

Qlogic ISP 2200/2202 Fibre Channel Device Driver

A total of 43 packages were installed, this is a vast improvement over previous versions
of Solaris where the Core System Support cluster had to be selected to get a minimal
system and you always got far more than you wanted. After the reboot I logged in as root,
set the root password (on the Reduced Networking and Core installs the root password is not
set until after the system is installed and rebooted). I then added myself as a user in the
sysadmin group and started looking around. The major detractor to this install cluster is no
remote connectivity whatsoever! I had to install 6 packages to get Secure Shell support
(SUNWsshcu, SUNWsshdr, SUNWsshdu, SUNWsshr, SUNWsshu, SUNWzlib). And this is on 2 CD’s, zlib
on the first and the rest on the second. Sun should include the SSH packages on the first CD
so that they are installed with all clusters, not just Developers Support and higher install
clusters. At least now the SSH built into Solaris does not require SUNWbash (the bash shell)
as a dependency.

Security minded system administrators try to reduce the system to only the absolute
necessary packages for the system to operate. However, you have to be careful when removing
packages, this is the result after removing WAN Boot support (SUNWwbsup) and trying to use the
pkginfo command:

pkginfo | grep SUNWwbsup

ld.so.1: pkginfo: fatal: libwanboot.so.1: open failed: No such file or directory

Any attempt to reinstall the package failed with the same error, so a complete reinstall
is in order (the nice thing about test boxes). There has been some lively discussion in
the past about what is necessary on a Solaris system, this web site goes into detail about
what constitutes a minimal Solaris build and who makes the claims:

http://www.mgmg-interactive.com/mgmg/

If this install was automated using JumpStart, Secure Shell and other packages could have been
added as necessary. Then after the install was completed the administrator could create a Solaris
Flash image to clone the installation on any number of machines using tape, a web server, NFS
server, or a bootable CD. For someone who wants to minimize a system to make it more secure I
would recommend getting to know the pkginfo, pkgchk, and ldd commands.

Full Distribution Installation of Solaris Express

I installed Solaris Express on my Ultra 2 next, which has the following hardware:

2 x 300 MHz UltraSparc II CPU’s

1536 MB of memory (8 x 501-3136 and 8 x 501-2480)

2 Sun StorEdge Multipack 12 disk external enclosures

2 Sun S/WIS Fast Wide SCSI/ Fast Ethernet cards (501-2739)

2 Quantum Atlas V 18 GB SCSI disks

6 IBM DPSS-309170M 9 GB SCSI disks

Sun Type 5 keyboard and mouse

The installation of Solaris Express is the same as above except the following:

1. Since there are three network interfaces, you have a choice as to which interface
is primary. In this instance I chose hme0 (the system board integrated interface) as
the primary.

2. With this system having two external disk enclosures and 8 hard disks, you can
choose which disk will be the boot drive. I chose the first drive on the first
controller (c1t2d0), an 18 GB Quantum Atlas V as the boot drive.

3. A Full Distribution installation has 628 packages which includes:

a. IPlanet Directory Server (LDAP)
b. Apache web server
c. Sun ONE Application Server
d. BOOTP/DHCP Server
e. Fair Share Scheduler
f. Sun ONE Message Queue
g. Kerberos Server
h. Solaris Volume Manager (the replacement for Solstice DiskSuite)
i. Solaris Management Console
j. Samba SMB/CIFS fileserver
k. Web Based Enterprise Management services (WBEM)
l. Support for NIS and NIS+
m. sendmail (based on version 8.12)
n. BIND (based on version 8.3.3)

The difference between a Full Distribution and Full Distribution with OEM Support is
that the Full Distribution with OEM Support installs specific drivers and utilities
for running Solaris on Fujitsu hardware (Sparc) and HP/Compaq hardware (Intel). There
is a lot of software installed, and depending on the function of the machine most of
it can be removed.

Partitioning of the disk is as follows:
c1t2d0s0 / 1536
c1t2d0s1 swap 2048
c1t2d0s3 /var 3072
c1t2d0s4 /usr 3072
c1t2d0s5 /opt 1024
c1t2d0s6 /export/home 6244

This leaves 437 MB of free space for Solaris Volume Manager state database replicas. Each
replica consumes 8 MB of disk space; this is a 100% increase over the replica size with
Solstice Disk Suite that shipped with Solaris 8 and earlier. I also tend to give partitions
a lot of space; it is better to give them too much than too little.

I mirrored the root disk and then created three mirrors for the installation of Oracle 9i. I
modified /etc/system with these lines:

set md_mirror:md_resync_bufsz=2048
set maxphys=0x400000

The first line creates buffers for faster resynchronization of disks and the second sets
aside four megabytes of memory for disk buffers. I also modified /kernel/drv/sd.conf with
this line:

sd_max_xfer_size=0x400000;

This sets the maximum data transfer rate to 4 MB as opposed to the default 1 MB. Reads and
writes were observed to be faster (I did not measure this using any synthetic benchmark).

Installation of Oracle 9i

One of the new features of Solaris Express is the dynamic configuration of System V IPC
parameters. Without making any changes or adding any parameters to /etc/system I attempted
to start Oracle and got the following messages:

ERROR:
ORA-01034: ORACLE not available
ORA-27101: shared memory realm does not exist
SVR4 Error: 2: No such file or directory

To verify that it was not a configuration issue I put the following lines in /etc/system and
rebooted the machine:

set shmsys:shminfo_shmmax=1073741824
set shmsys:shminfo_shmmin=1
set shmsys:shminfo_shmmni=100
set shmsys:shminfo_shmseg=10
set semsys:seminfo_semmns=2000
set semsys:seminfo_semmsl=1000
set semsys:seminfo_semmni=100
set semsys:seminfo_semopm=100
set semsys:seminfo_semvmx=32767

I was able to start the database successfully with the modifications to /etc/system, so I
removed them and rebooted the machine and used the various resource management commands to
set these parameters dynamically. Here are the values before modification:

process.max-msg-messages syslog=off [ deny ] process.max-msg-qbytes syslog=off [ deny ] process.max-sem-ops syslog=off [ deny ] process.max-sem-nsems syslog=off [ deny ] project.max-shm-memory syslog=off [ no-basic deny ] project.max-shm-ids syslog=off [ no-basic deny ] project.max-msg-ids syslog=off [ no-basic deny ] project.max-sem-ids syslog=off [ no-basic deny ]

Using the Solaris Management Console GUI (SMC) I created a project called Oracle and assigned
users and groups to the project. The parameters above could not be added or modified from SMC.
I then ran the following commands to setup the parameters necessary to run Oracle (not all of
them are shown); the results are shown below as the user oracle without the database active:

# newtask -p oracle

# id -p
uid=300(oracle) gid=301(oinstall) projid=100(oracle)

# prctl -n project.max-shm-memory -i project oracle
2184: ksh
project.max-shm-memory [ no-basic deny ] 386320384 privileged deny 18446744073709551615 system deny [ max ]

# prctl -n project.max-shm-ids -i project oracle
2184: ksh
project.max-shm-ids [ no-basic deny ] 128 privileged deny
16777216 system deny [ max ]

Once I had made the changes I stated the database without any problems. What I found interesting
is that the values I modified on the command line were not shown in SMC for either the project
or the task. I am hoping this is something that will be fixed in the future. I will admit that I
am new to the use of projects in Solaris, but I could not make the modifications I made to allow
Oracle to run from SMC.

Impressions

I went to bring up the system to set it up as a JumpStart server and instead of logging in through
CDE, I chose a command line login and started receiving warnings about ttymon and the console.
Typing commands was difficult, but I managed to init 6 the machine and got it back to running CDE.
This is the behavior I noticed with the 11/03 release. This should be fixed in later releases.

Scanning through /var/adm/messages I found the following entries:

Oct 5 09:22:45 robert3 unix: [ID 673563 kern.info] NOTICE: Kernel Cage is ENABLED
Oct 5 09:23:47 robert3 pseudo: [ID 129642 kern.info] pseudo-device: ramdisk1024
Oct 5 09:23:47 robert3 genunix: [ID 936769 kern.info] ramdisk1024 is /pseudo/ramdisk@1024

For those of you familiar with Dynamic Reconfiguration (DR) you would only see these messages
on a machine that supports DR such as a 4500, 6500, E10K, etc. (neither of the machines I used
support DR). The second and third entries indicate that all system memory has been placed into
a ramdisk. This is part of a yet to be implemented feature called Solaris Containers, where the
administrator can separate applications into containers where the application has their own
resources and cannot be affected by changes to another container. Parts of this technology is
available now through Solaris Resource Manager, Solaris Bandwidth Manager and Fair Share Scheduler.
I look forward to the inclusion of this technology to Solaris.

And these:

Nov 18 19:46:17 robert2 genunix: [ID 408822 kern.info] NOTICE: hme0: no fault in device; service available
Nov 18 19:46:17 robert2 genunix: [ID 611667 kern.info] NOTICE: hme0: Internal Transceiver Selected.
Nov 18 19:46:17 robert2 genunix: [ID 408822 kern.info] NOTICE: hme0: no fault external to device; service available
Nov 18 19:46:17 robert2 genunix: [ID 611667 kern.info] NOTICE: hme0: 100 Mbps full duplex link up

This set of messages concerns the onboard interface (hme0) on my Ultra 30, previous to Solaris
Express you had to issue ndd -get commands to see this information. I like this and hope this is
a feature that Sun intends to keep.

Gnome

I have used Gnome on Solaris (both x86 and Sparc) since Sun introduced it to Solaris 8, and
although it has come a long way since the version 1.4 days I still find it a resource hog as
compared to the Common Desktop Environment (CDE). This is based on my observations and use of
Gnome on the following hardware and frame buffers or video cards that support 24-bit color:

1. Sparc 20 MP (2x 125 MHz HyperSparc processors) with 448 MB of RAM and the CG14 frame buffer

2. Sparc 5 85 MHz with 256 MB of RAM and S24 and GX (8-bit) frame buffers

3. Dual 500 MHz Celeron PC with 1 GB of RAM using a ATI XPert 98 AGP card

4. Sun Blade 100 with 256 MB of RAM and the PGX64 frame buffer

5. Sun Ultra 1 Creator with a 167 MHz UltraSparc I processor and 512 MB of RAM and a Creator 2D frame buffer

6. Sun Ultra 2 with 2x 300 MHz UltraSparc II processors and 1536 MB of RAM and a Creator 2D frame buffer

7. Sun Ultra 30 with a 250 MHz UltraSparc II processor and 1 GB of RAM and a Creator 2D frame buffer

The dual processor machines (except for the Sparc 20) performed very well and on anything less than
24-bit color looks terrible. Running Gnome on my Ultra 30 I watch the screen being drawn as it comes
up and the CPU utilization drops from 31% to 1.7% over a period of a minute! I also experimented with
themes since Gnome supports them. I downloaded three themes from themes from themes.freshmeat.net:

aqualightblue-gtk2-default

aquaos-metacity-default-2.0

aquax-gtk2-default-1.0-rc1

glacier-gtk-default-2.9

Unfortunately the themes did not quite work yet on Gnome in Solaris as they work on Linux. Using
the aquax-gtk2-default, aquax-gtk2-default-1.0-rc1, aquaos-metacity-default-2.0, and
glacier-gtk-default-2.9 I did not get the Window Frames I should have got using the theme.
What I ended up with that worked was the AquaX Widget Theme and AquaOS Window Frames. The other
aspect I found interesting is the CPU utilization at idle, for Gnome it was between 2.7 and 2.9%
with one terminal window open running prstat. The CPU utilization of a CDE session with one dtterm
open running prstat is 0.1%. If you intend to do anything that requires immediate response graphically,
either have fast hardware or use CDE. I am sure that some will have issues with my choice of hardware,
but what I am using Solaris on is typical, it might not be the “latest and greatest” but they work. Many
shops still employ some of the equipment I use; it depends on just how much horsepower you need.

For many Gnome provides what they need over CDE and Sun should continue development of Gnome, I
spend the vast majority of my time at the command line (workplace security limitations). And in
the places where I could use a GUI it was CDE, and CDE performs very well. It is a matter of personal
preference; I prefer CDE and the command line.

Conclusion

I have used Solaris for several years and Sun continually adds new functionality. Although I could
not possibly test all of the new features of Solaris Express, what I did use for the most part works.
And I am sure the parts that have did not work, as they should be fixed before the FCS release. I like
Sun providing administrators the opportunity to review the latest Solaris technologies and “shake things
out”. The ability to install and actually use Oracle is a pleasant surprise on what could be considered
a development release.