Oracle Solaris 11 Systems Architecture Final
description
Transcript of Oracle Solaris 11 Systems Architecture Final
-
Oracle Solaris 11 Principles and Architecture Sales Training
Lesson 2: Systems Architecture Oracle Solaris 11
-
2
Learning Goals
After completing this lesson, you should be able to:
Recognize the type of hardware on which the solution or
product runs.
Outline the system requirements needed to build the solution.
Describe the system architecture model.
List key architectural strengths and advantages.
List any architectural weaknesses (real or perceived).
Describe talking points to address weaknesses.
List and describe the value-add for Reference Architectures
which contain Solaris 11.
-
3
Oracle Solaris 11 Integrated Technologies
Boot Environment
ZFS
IPS
Security
Zones
AI
Resource Management
Network Virtualization
Ops Center
Cluster
-
4
Ops Center Supports Key Oracle Solaris 11 Technologies
AI / Manifests Deploy Default Manifests within the same Ops Center deployment plan
interface.
IPS
Leverage Ops Center to control a local IPS MSR and gain insight to
changes via reports and agentless IPS management and provisioning.
Manage and manipulate the IPS repositories. Load in and sync to local
customized repositories.
SMF
Obtain insight into service awareness over just process awareness.
Observe and control the relationship of operating system daemons and
connection/utility points. Connect services to PIDs and enter OS
Analytics.
ZFS/BE Take snapshots of boot environments and turn them into active boot
environments.
Network V12N Manage bandwidth and priority control over NICs
DTrace / FMA Explore process performance through OS Analytics while subscribing
to FMA events.
-
5
Oracle Solaris 11 System Requirements
Disk Space
Live Media (x86): 5 GB (7 GB Recommended) Text Installer (SPARC, x86): 2.5 GB (4.5 GB Recommended) Automated Installer (SPARC, x86): 2.5 GB (13 GB Recommended)
Memory 1 GB (2 GB Recommended)
Architectures1 Oracle SPARC M and T series systems Oracle x86 systems (64-bit only) Non-Oracle x86 systems (64-bit only)
Locales and
Languages2 Oracle Solaris 11 supports over 200 locales.
Note: Application Availability Tracker (FTR): http://furl.oraclecorp.com/kj76
1 See Oracle Solaris OS: Hardware Compatibility Lists at
http://my.oracle.com/site/pd/sss/products/solaris/index.htm
2 See Oracle Solaris 11 System Requirements documentation for complete list of locales and
languages at http://my.oracle.com/site/pd/sss/products/solaris/index.htm
-
PROPERTIES
On passing, 'Finish' button: Goes to Next Slide
On failing, 'Finish' button: Goes to Next Slide
Allow user to leave quiz: After user has completed quiz
User may view slides after quiz: At any time
User may attempt quiz: Unlimited times
-
7
Oracle Solaris 11 Top Architectural Features and Functionality
Image Packaging System
Automated Installer
Oracle Solaris ZFS
Virtual Networks and Oracle Solaris Zones
Oracle Solaris Security
-
8
Image Packaging System Overview
-
9
How IPS Works: Software Update Process
CLI: pkg (1) Desktop: Package Manager
Update Manager
Default Repository
Server
Client
Oracle IPS default repository: http://pkg.oracle.com/solaris/release/
-
10
How IPS Works: Software Update Process
CLI: pkg (1) Desktop: Package Manager
Update Manager
Default Repository
Server
Client
Local Repository
Local repository: Configured on your local network
-
11
How IPS Works: Software Update Process
CLI: pkg (1) Desktop: Package Manager
Update Manager
Server
Client
Local repository: Configured on your local network
Default Repository publisher:
solaris
Local Repository publisher:
xxxxxx
-
12
How IPS Works: Installing and Managing Packages
IPS downloads packages.
IPS checks manifest.
Administrator requests package.
1
2
3
-
13
How IPS Works: Updating the Operating System
New Boot Environment
Client
Update Manager
Default Repository
OS Updates
Update Request
1
2
3
-
14
How IPS Works: Boot Environments
A boot environment (BE) is a bootable instance of an
Oracle Solaris 11 operating system image.
Multiple boot environments can be maintained on a
system.
BEs make updating software a low-risk operation.
BEs can have different software versions installed.
-
15
New Boot Environment Creation Example
Two boot environments
One boot environment OS Update
1 3 2
OS
-
16
IPS Interface Options
IPS supports the following interfaces:
Command-line
GUI
Package Manager
Update Manager
You can use IPS CLI and GUI interfaces to:
Find out what packages are currently on the system
Search for packages
Display information about packages, their contents, and publishers
Install, update, and uninstall packages
-
17
Package Management CLI Commands
Package Management Task IPS Command
Display package state and version
information
pkg list
Display package information pkg info
Display contents of a package pkg contents
Install package updates pkg update
Install package pkg install
Verify package installation pkg verify
Search for a package pkg search
Uninstall a package pkg uninstall
-
18
Package Manager GUI Overview
-
19
Update Manager Overview
To use Package Manager to update the operating system:
Click the Updates button.
or
Select the Package > Updates menu option.
-
20
Update Manager Overview
-
21
Boot Environment Administration
In Oracle Solaris 11, system administrators can:
Lists the boot environments currently on the system
Create a new boot environment
Rename an existing, inactive boot environment
Activate an existing, inactive boot environment
Destroy an existing, inactive boot environment
BE management utilities:
beadm command
Package Manager
-
22
BE Management beadm Commands
BE Management Task beadm Command
Display a list of the boot environments
on the system
beadm list
Create a new boot environment beadm create
Rename an existing, inactive boot
environment
beadm rename
Activate an existing, inactive boot
environment
beadm activate
Destroy an existing, inactive boot
environment
beadm destroy
-
23
BE Management with Package Manager
-
24
Ops Center Leverages Boot Environments
Minimize Exposure to Change
Fast Downtime
Leverage Modern File Systems
Also Controlled via Policies
-
25
IPS Strengths
Modernized software management with integrated
patching
Provides automatic dependency tracking
Updates software quickly and efficiently
Ensures safe system upgrades through boot
environments
Easily accessible network-based package repositories
that can be mirrored
Support for legacy SVR4 packages
-
26
IPS Weaknesses IPS requires a mindset change.
The syntax of setting up publishers, mirrors, local
repositories, etc., is new for most people.
IPS is not OS-independent.
- Many middleware and application products are not
installable using IPS.
- This restriction impacts non solaris publishers and repositories as well.
Install scripting is hard with IPS.
Analysis is slow with IPS.
-
PROPERTIES
On passing, 'Finish' button: Goes to Next Slide
On failing, 'Finish' button: Goes to Next Slide
Allow user to leave quiz: After user has completed quiz
User may view slides after quiz: At any time
User may attempt quiz: Unlimited times
-
28
IPS For More Information
Oracle Solaris 11 Package Management with IPS: http://www.oracle.com/technetwork/server-
storage/solaris11/technologies/ips-323421.html
Product Documentation: http://docs.oracle.com/cd/E23824_01/index.html
-
29
Automated Installer Overview
AI automates the installation of the OS on one or
more SPARC and x86 systems over a network.
AI uses an installation manifest to install systems.
The installations differ in architecture, software
packages, disk capacity, network configuration, and
other parameters.
-
30
Automated Installer Components
AI server: Provides the install service that contains the installation instructions for the client system
Client system to be installed: Accesses the IP address information from the DHCP server
DHCP server: Provides the initial IP addresses and boot information
IPS repository: Provides the software packages that are identified in the AI manifest file to the client system
-
31
Types of AI Manifests
Default AI manifest: Is an installation manifest that has
no criteria associated with it
Custom AI manifest: Provides installation criteria for a
specific client
Criteria file: Allows client-specific installation instructions
to be associated with AI services
-
32
Default AI Manifest (default.xml) pkg:/entire@latest pkg:/group/system/solaris-large-server
-
33
AI Installation Server Requirements
Hardware Requirement
Disk space Approximately 0.75 GB additional disk space for each
AI installation service after Oracle Solaris 11 OS has
been installed
Memory Recommended minimum: 1 GB
Software Requirement
Operating system Oracle Solaris 11 must be installed.
IP address A static IP address must be used.
Router
The default route must be set.
DHCP DHCP must be set up.
IPS repository The repository must be set up locally.
-
34
Automated Installation Process for a Customized Installation
2
1
4
3
-
35
How the Automated Installer Works
-
36
System Configuration Profile Specifies client system configuration as a set of
configuration parameters in the form of an SMF profile
Applied during the first boot of the system after
installation
Allows configuration of anything configurable via smf(5)
properties
Allows multiple sets of system configuration instructions
for each install service
Allows for multiple SC profiles to be associated with
each client
Is added to the svcname install service using the installadm create-profile command
-
37
System Configuration Profile Example
(comments omitted)
-
38
How AI Installs Non-Global Zones Non-global zones are installed using the configuration
element in the AI manifest.
After global zone installation and reboot, the zones self-assembly SMF service (svc:/system/zones-
install:default) configures and installs each non-
global zone per the AI manifest.
If the zone is configured with autoboot=true, the
system/zones-install service boots the zone after the
zone is installed.
-
39
Automated Installer Strengths Integrated into the OS
Simplifies complexity of installation and reduces initial
and ongoing costs of deploying Oracle Solaris reliably
Can provision Oracle Solaris 11 zones as part of its base
functionality
Provides an intuitive installation service
management interface to manage different
installation services across different architectures
Offers derived manifest functionality to enable
dynamic parameter changes in AI Install manifest
Can convert Oracle Solaris 10 Jumpstart rules and
profiles to AI manifests
-
40
Automated Installer Weaknesses
AI is very different from Jumpstart.
AI requires XML knowledge.
Jumpstart rules, profiles, and configuration files
must be converted to AI criteria, AI manifests, and
SMF system configuration profiles.
AI requires a specific DHCP configuration.
For more information, see Transitioning From
Oracle Solaris 10 Jumpstart to Oracle Solaris 11
Automated Installer:
http://docs.oracle.com/cd/E23824_01/index.html
-
PROPERTIES
On passing, 'Finish' button: Goes to Next Slide
On failing, 'Finish' button: Goes to Next Slide
Allow user to leave quiz: After user has completed quiz
User may view slides after quiz: At any time
User may attempt quiz: Unlimited times
-
42
Automated Installer For More Information
Simplified Installation and Cloud Provisioning with Oracle Solaris 11:
http://www.oracle.com/technetwork/server-
storage/solaris11/technologies/modernizedinstaller
-461041.html
Product Documentation: http://docs.oracle.com/cd/E23824_01/index.html
-
43
Oracle Solaris ZFS Overview
Integrated file and volume management
Data protection with replication and migration
Data security with industry standard encryption
Space savings with deduplication and compression
Encryption Deduplication Replication / Migration
Compression Integrated File and Volume Management
-
44
ZFS: Integrated File and Volume Management Eliminates partitions, provisioning, wasted bandwidth, and
stranded storage
Enables multiple file systems to draw from a common
storage pool
Accounts Receivable
Accounts Payable
Financial Marketing Documentation
Storage Pool
Financial Reports
(property=compressed)
-
45
ZFS: Data Protection with Redundancy Mirrored storage pool configuration
RAID-Z storage pool configuration
Self-healing data in a redundant configuration
Dynamic striping in a storage pool
Stripe 1
RAID-Z Device
Stripe 2 Data
RAID-Z Device
Stripe 1
Mirror Device
Stripe 2
Mirror Device
Data
-
46
ZFS: Data Protection with Migration Shadow migration enables file systems to be migrated
from:
A local or remote ZFS file system to a target ZFS file system
A local or remote UFS file system to a target ZFS file system
Shadow migration process is as follows:
Administrator creates an empty ZFS file system.
Administrator sets the shadow property on an empty ZFS file
system to point to the file system to be migrated.
Data from file system to be migrated is copied over to the
shadow file system in the background while normal operations
occur.
# zfs create -o shadow=file:///rpool/old users/home/shadow
-
47
ZFS: Data Security with Industry Standard Encryption
ZFS encryption is integrated with the ZFS command set.
An encryption policy can be set when a ZFS file system is
created, but the policy cannot be changed.
The encryption policy on a new file system is enabled by setting the encryption property to on: encryption=on
ZFS encryption is inheritable to descendent file systems.
ZFS encryption uses the Oracle Solaris Cryptographic
Framework, which gives it automatic access to:
Hardware assisted cryptographic acceleration
Optimized encryption algorithms # zfs create -o encryption=on hrpool/home/reports Enter passphrase for hrpool/home/reports': xxxxxxx Enter again: xxxxxxxx
-
48
ZFS: Space Savings with Deduplication
The ZFS deduplication property (dedup) removes redundant
data from ZFS file systems as the data is being written.
When the deduplication property is enabled, duplicate data
blocks are removed synchronously to data as the data is
written.
The property is enabled by setting the deduplication property to on: dedup=on
Deduplication is performed across the entire ZFS storage
pool but only on the datasets that have deduplication
enabled.
Deduplication can be used in combination with ZFS
compression and encryption.
# zfs set dedup=on rpool/home
-
49
ZFS: Space Savings with Compression
The ZFS compression property is used to enable and
disable compression for a file system.
The compression property is disabled by default.
The property is enabled by setting the compression property
to on: compression=on
The values are on, off, lzjb, gzip, and gzip-N.
Enabling compression on a file system with existing data
compresses only new data.
The compression ratio is inherited by child file systems.
# zfs set compression=on datapool/software/solaris # zfs get -r compression datapool NAME PROPERTY VALUE SOURCE datapool compression off default datapool/software compression off default datapool/software/solaris compression on local datapool/software/solaris/ar compression on inherited from datapool/software/solaris
-
50
ZFS Strengths Unparalleled, end-to-end data integrity
Unlimited data capacity
Built-in modern data services
Integrated file and volume management
Data protection with replication and migration
Data security with industry standard encryption
Space savings with deduplication and compression
RAID support
ZFS as root file system
Integrated with zones, IPS, and SMF
BEs for safe system upgrades
Backups with ZFS snapshots and clones
-
51
ZFS Weaknesses Customers believe that ZFS is only designed for JBOD,
not for enterprise-class storage.
Tuning recommendations http://www.solarisinternals.com/wiki/index.php/ZFS_Evil_Tuning_Guide#
Cache_Flushes
Customers have the impression that ZFS uses a lot of
memory.
Memory recommendations: http://www.solarisinternals.com/wiki/index.php/ZFS_Best_Practices_Gui
de#System.2FMemory.2FSwap_Space
ZFS is hard to tune to use with the Oracle database.
Best practices/considerations: http://www.solarisinternals.com/wiki/index.php/ZFS_for_Databases
ZFS does not offer device removal from a pool.
-
PROPERTIES
On passing, 'Finish' button: Goes to Next Slide
On failing, 'Finish' button: Goes to Next Slide
Allow user to leave quiz: After user has completed quiz
User may view slides after quiz: At any time
User may attempt quiz: Unlimited times
-
53
Oracle Solaris ZFS For More Information
Oracle Solaris 11 ZFS Technology:
http://www.oracle.com/technetwork/server-
storage/solaris11/technologies/zfs-338092.html
Product Documentation: http://docs.oracle.com/cd/E23824_01/index.html
ZFS Best Practices Guide: http://www.solarisinternals.com/wiki/index.php/ZFS_Be
st_Practices_Guide
Encryption Deduplication Replication /
Migration Compression Integrated File and
Volume Management
-
54
Network Virtualization with Oracle Solaris Zones Network virtualization and virtual networks
Virtual network components
Zone configuration using VNICs
Resource management for both zones and the virtual
network
Zone system resource monitoring (zonestat)
Networking highlights
-
55
Network Virtualization and Virtual Networks
Network virtualization
Is the process of combining hardware network
resources and software network resources
Provides efficient, controlled, and secure sharing of
network resources
Virtual networks
External networks: Several local networks administered
by software as a single entity
Internal networks: One system using virtual machines
or zones that are configured over at least one
pseudonetwork interface
-
56
Virtual Network Components
System
VNIC 1 VNIC 2 VNIC 3
Virtual Switch
Zone 1 Zone 2 Zone 3
Switch
NIC
Internet
-
57
Zone Configuration Using VNICs
Step 3: Configure the
zones to use the
VNICs.
Step 2: Create the
VNICs.
Step 1: Create the
virtual switch or
etherstub.
System
VNIC 1 VNIC 2 VNIC 3
Virtual Switch
Zone 1 Zone 2 Zone 3
-
58
Zone Configuration Using VNICs Example
# zonecfg -z hrzone hrzone: No such zone configured
Use 'create' to begin configuring a new zone.
zonecfg:hrzone> create zonecfg:hrzone> set zonepath=/zones/hrzone zonecfg:hrzone> set autoboot=true zonecfg:hrzone> set ip-type=exclusive zonecfg:hrzone> add net zonecfg:hrzone:net> set physical=vnic1 zonecfg:hrzone:net> end zonecfg:hrzone> verify zonecfg:hrzone> commit zonecfg:hrzone> exit #
-
59
System Resource Allocation to a Zone
To allocate system resources to a zone, perform the
following steps:
Specify a subset of the systems processors that should be dedicated to a zone while it is running.
Limit the amount of CPU resources that can be
consumed by a zone.
Control the allocation of available CPU resources
among zones, based on their importance.
Limit the amount of physical memory.
-
60
System Resource Allocation Management to a Zone System resource allocation to a zone can be controlled
by:
Resource pools: Used primarily to manage CPU
usage
Resource capping: Used to regulate physical
memory consumption
Process scheduling: Used to control the allocation of
available CPU resources to processes
-
61
Network Resource Control
Set bandwidth limit on a
VNIC (virtual link speed)
QoS integrated in the core
stack, no separate
component to configure
Constrain the CPUs used
by VNICs or data links by
CPU ids or pool names
Integrated with Solaris
resource management
and zones
# dladm create-vnic -l net0 \ -p maxbw=100M vnic0
-
62
Controlling and Observing Flows Bandwidth limits can be
applied to traffic flows
specified by the
administrator; this includes
datalinks in non-global zones
Flows are managed by flowadm(1M) and specified
by source and destination IP
addresses, protocol, port
number, etc.
Flows can be observed in
real time with flowstat(1M), or a history
can be obtained using
extended accounting.
-
63
Highly Available VNICs
Link Aggregation provides
transparent failover and
increased throughput to
VNICs and zones.
Compliant with IEEE 802.3ad
IP Multipathing (IPMP) can
also be used but needs to be
configured from within zones.
-
64
Zone System Resource Monitoring
# zonestat -r network 1 1 Collecting data for first interval...
Interval: 1, Duration: 0:00:01
NETWORK-DEVICE SPEED STATE TYPE
aggr1 2000mbps up AGGR
ZONE TOBYTE MAXBW %MAXBW PRBYTE %PRBYTE POBYTE %POBYTE
global 1196K - - 710K 0.28% 438K 0.18%
e1000g0 1000mbps up PHYS
ZONE TOBYTE MAXBW %MAXBW PRBYTE %PRBYTE POBYTE %POBYTE
[total] 7672K - - 6112K 4.89% 1756K 1.40%
global 5344K 100m* 42.6% 2414K 1.93% 1616K 1.40%
zoneB 992K 100m 15.8% 1336K 0.76% 140K 0.13%
zoneA 1336K 50m 10.6% 950K 1.07% 0 0.00%
e1000g1 1000mbps up PHYS
ZONE TOBYTE MAXBW %MAXBW PRBYTE %PRBYTE POBYTE %POBYTE
global 126M - - 63M 6.30% 63M 6.30%
etherstub1 n/a n/a ETHERSTUB
ZONE TOBYTE MAXBW %MAXBW PRBYTE %PRBYTE POBYTE %POBYTE
[total] 3920K - - 0 - 0 -
global 1960K 100M* 1.96% 0 - 0 -
zoneA 1960K 50M 3.92% 0 - 0 -
-
65
Networking Highlights
Manual and Automatic Networking
Default Names for Datalinks
InfiniBand, Enabled and Optimized
Load Balancing
Link Protection
Bridging and Tunneling
IP Observability
IP Multipathing
IPMP Administration through ipadm(1M)
IPMP Transitive Probing for Less Restrictive
Availability
-
PROPERTIES
Allow user to leave interaction: Anytime
Show Next Slide Button: Show upon completionCompletion Button Label: Next Slide
-
67
Ops Center Network Virtualization
Automatically leverages
NIC-level virtualization
with zones
Exposes throughput and
priority control over pipes
Allows for a virtualized
workload that needs a
dedicated TCP/IP stack
while sharing the same
kernel
-
68
Virtual Networks and Oracle Solaris Zones Strengths Virtual Networks
Built-in, low latency
Easy to configure and administer
Network resource controls
Oracle Solaris Zones Secure, rapid application deployments
Integrated with IPS, AI, ZFS, and virtual networks
Immutable zones
Delegated administration
Solaris 10 Zones on Oracle Solaris 11
System resource controls
Together Fully simulate production environments
-
69
Virtual Networks and Oracle Solaris Zones Weaknesses A lot has changed on the network side (specifically the
networking commands), which requires customers to
change how they have done things for years.
Customers do not understand the advantages of virtual
networking. They see the technology as disruptive.
Customers can easily overload a server if the amount of
total traffic on all virtual networks exceeds the physical
capabilities of the NICs.
Customers are not clear as to the differences between
each of the virtualization technologies and which
technology is better suited to address their specific issues.
-
PROPERTIES
On passing, 'Finish' button: Goes to Next Slide
On failing, 'Finish' button: Goes to Next Slide
Allow user to leave quiz: After user has completed quiz
User may view slides after quiz: At any time
User may attempt quiz: Unlimited times
-
71
Virtual Networks and Oracle Solaris Zones For More Information Oracle Solaris 11 Networking Virtualization
Technology:
http://www.oracle.com/technetwork/server-
storage/solaris11/technologies/networkvirtualization-
312278.html
Product Documentation: http://docs.oracle.com/cd/E23824_01/index.html
-
72
Oracle Solaris Security Overview
Security is managing risk
Security is a very high priority in Oracle Solaris 11.
Oracle Solaris security technologies protect data,
applications, users, and the OS from external and
internal threats.
Oracle Solaris is developed using the Oracle Software
Security Assurance process.
-
73
Oracle Solaris Security: Data Protection ZFS protects data with:
Data redundancy with mirrored and RAID-Z storage pool configurations
Self-healing data in redundant storage pool
configurations
Data encryption
Access control lists (ACLs)
-
74
Oracle Solaris Security: Application and User Containment
-
75
Oracle Solaris Security: Immutable Zones Configuration Options
/, /usr,
/lib,
/etc /var other
None Writeable Writeable Writeable Writeable
Flexible Read-only Writeable Writeable Read-only
Fixed Read-only Read-only Writeable Read-only
Strict Read-only Read-only Read-only Read-only
By default, a zone is configured to have a writable root
dataset.
Using the zonecfg utility and the file-mac-profile
property, a zone can be configured with one of the options
presented in the table below.
-
76
Oracle Solaris Security: Insider Attacks Risk Reduction
Users
Roles
Rights Profiles
Supplementary Rights Profiles
Commands with Security Attributes
Authorizations Privileges
RBAC controls user access
to tasks based on roles and
rights profiles.
Root is a role by default.
Process rights management
uses privileges to restrict
processes at the command,
user, role, or system level.
-
77
Oracle Solaris Security: Outsider Attacks Risk Reduction Authentication services
Secure by default - SSH only network
accessible service post install
Kerberos
PAM local authentication
SSH PKI
LDAP naming service
Active Directory client
Network services protection
Security by Default networking profile
IP Filter firewall
TCP wrappers
Labeled IPsec/IKE
-
78
Oracle Solaris Security: Compliance Assistance
Logging
Must be set up
Troubleshoot
user/application
problems
Auditing
Audit on by default
Monitor/record
specific, security-
related events
-
79
Oracle Solaris Security: Mandatory Access Control with Trusted Extensions Mandatory access control creates mandatory security
policies outside of user control
Oracle Solaris 11 introduces these enhancements:
Per-label and per-user credentials
Per-zone encryption key for each label of every user's home
directory
New command, tncfg(1M), to create, modify and display
configuration of networking properties related to Trusted
Extensions
Security labels on ZFS datasets
-
80
Oracle Solaris Security Strengths and Weaknesses Strengths
Provides an assured system because security is integrated, not bolted on
Protects data at rest and in motion with discretionary and mandatory
access control, data encryption, and integrity protection
Contains applications and users by using zones, privileges, and role-
based access control
Reduces risk of insider attacks using role-based access control and
process rights management
Reduces risk of outsider attacks with authentication services and
network service protection
Assists in compliance with auditing and logging
Provides mandatory access control with Trusted Extensions
Weakness: Security features must be configured locally (or via AI).
-
PROPERTIES
On passing, 'Finish' button: Goes to Next Slide
On failing, 'Finish' button: Goes to Next Slide
Allow user to leave quiz: After user has completed quiz
User may view slides after quiz: At any time
User may attempt quiz: Unlimited times
-
82
Oracle Solaris Security For More Information Oracle Solaris 11 Security:
http://www.oracle.com/technetwork/server-
storage/solaris11/technologies/security-422888.html
Product Documentation: http://docs.oracle.com/cd/E23824_01/index.html
-
83
Oracle Solaris Cluster High Availability and Disaster Recovery Solution for Solaris
Multi-site
stretched/campus cluster
Enables high availability of mission-critical applications and services
Limits outages with automatic failover procedures
Protects enterprise data integrity and services reliability
From local data center high availability to multi-site, multiple clusters disaster recovery
In physical and virtual IT environments
Local data
center cluster Multi-site, multiple clusters
-
84
Monitors health of the cluster components
Servers, Storage, Network OS, Virtual Machines Applications
Tolerates any failure Exploits hardware redundancy Uses robust software algorithms
Heartbeats, Membership Cluster Configuration Resource Group Manager
Recovers cluster infrastructure and applications
Protects data integrity Quorum Fencing
Oracle Solaris Cluster Robust High Availability Architecture
-
85
Oracle Solaris Cluster and Key Oracle Solaris 11 Technologies
Kernel
integration
Deep integration with Oracle Solaris 11 for fastest, load resilient fault
detection and recovery
IPS
Unified installation experience
Error-free software updates
Automatic patch dependencies resolution
BE
Instant snapshot and rollback
Lower risk updates
AI Common provisioning tool
Easy full stack, multi-node installation
ZFS High availability for Oracle Solariss built-in file system
Zones
Outage protection for virtualized applications, native or Solaris 10
zones
Policy based management for customized recovery behavior
Increased security with zones based delegated administration
extended to virtual cluster
-
86
Oracle Solaris Cluster Oracle Integration for Mission-Critical Clouds HA
(optional)
-
87
Oracle Solaris Cluster Additional Resources
Oracle Solaris Cluster web pages http://www.oracle.com/us/products/servers-storage/solaris/cluster-067314.html
http://www.oracle.com/technetwork/server-storage/solaris-cluster/index.html
Oracle Solaris Cluster Internal web site http://my.oracle.com/site/pd/sss/products/solaris/cluster/index.htm
Oracle Solaris Cluster Community on MOS https://communities.oracle.com/portal/server.pt/community/oracle_solaris_cluster/393
Oracle Solaris Cluster Partner web site http://www.oracle.com/partners/secure/engage-with-oracle/solaris-cluster-product-info-
076306.html
Download Evaluation and Development http://www.oracle.com/technetwork/server-storage/solaris-cluster/downloads/index.html
Documentation http://www.oracle.com/technetwork/server-storage/solaris-
cluster/documentation/index.html
-
88
Oracle Solaris 11 System Architecture Value Add
Physical
Storage Pools
Cloud
Virtual Switch Virtual Switch
VNIC Virtual NIC VNIC
Logical Domain Logical Domain
Virtual Storage
Virtual Networking
Virtual Servers
Oracle Solaris 11
Oracle Solaris 11 with Oracle Enterprise Manager 12c is the best
solution to manage both virtual and physical infrastructures.
-
89
Built for Clouds
-
90
Ops Center vDC (Virtual Datacenter)
Leverage SPARC and
Solaris
Little exposure to
technology in use
Enforce resource
allocations: CPU, MEM,
Storage, Network
-
91
Best for Enterprise Applications
-
92
Engineered for Oracle
-
93
Additional Resources
Oracle Solaris 11 Product Page (External)
http://www.oracle.com/us/products/servers-storage/solaris/solaris11/overview/index.html
Oracle Solaris on Oracle Technology Network (External)
http://www.oracle.com/technetwork/server-storage/solaris11/overview/index.html
Oracle Solaris Documentation
http://docs.oracle.com/cd/E23824_01/index.html
Oracle Optimized Solutions
http://www.oracle.com/oos/
-
94
Additional Resources (Continued)
Oracle Solaris App Availability Checker (FTR) Internal Only
http://furl.oraclecorp.com/kj76
Oracle Solaris Product Management Internal Page http://my.oracle.com/site/pd/sss/products/solaris/index.htm
Oracle Solaris Information for Partners http://www.oracle.com/partners/en/knowledge-zone/server-
storage/solaris-050760.html
Oracle Solaris blogs: blogs.oracle.com
Oracle Solaris on Twitter: @ORCL_Solaris
Oracle Solaris on Facebook: facebook.com/oraclesolaris
Oracle Solaris Insider Group on LinkedIn
-
95
The following areas were covered in Lesson 2:
System Architecture:
Oracle Solaris 11 System Requirements
Oracle Solaris 11 Top Architectural Characteristics,
Strengths, and Weaknesses
Oracle Solaris 11 System Architecture Value Add
Conclusion
-
96
Lesson 2: Systems Architecture
Lesson 3: Market Definitions and Trends
Next Steps
Built for clouds
Best for enterprise applications
Engineered for Oracle