First Look At Solaris 10Last update: 02-25-2005
by Narayan Newton
SourceSun Microsystems has recently released Solaris 10. It is currently free, as in beer, and most of it is promised to be released under an OSI approved license in the second quarter of 2005. Most everyone reading this probably knows all of that. The release and subsequent open sourcing of Solaris 10 has caused quite an uproar in the Open Source community and the IT industry as a whole. Linux advocates have been fighting Solaris advocates on forums across the Internet. The zealotry and misrepresentation from both sides has been really quite impressive. However, I am a BSD user. I am not on either side and will do my best to allow neither zealotry nor misrepresentation into this review.
Please continue reading after you have stopped laughing.
All political issues aside, Solaris 10 is a very impressive OS. It has some features no other operating system can claim and some that are not necessarily new, but have been implemented in an excellent way. This is not to say it is perfect. There are definitely things I dislike and areas that seem quite unpolished.
One of those aforementioned unpolished areas is the installation routine. It can be assumed that Solaris will not be installed by a novice. Even so, the Solaris install is painful and brings with it memories of Windows 2000 installs of old. This is not because its difficult, it is not. The installation is simply unwieldy. My main complaints are the following:
* You must partition, install a small base system and reboot to finish the install. I expect an OS to be installable without a reboot.
* For the first section of the install there is a web browser in the background, but for unknown reasons there is no browser in the second section.
* You have to switch CD's during the install, which is fine, but you can't just switch and walk away. You have to wait for it to read the CD and display another screen and then press next. There is probably a reason for this, but I just find it annoying.
Issues like these make the installation routine seem unfinished and just don't fit with the overall quality of the OS.
Upon booting Solaris for the first time, you are greeted by dtlogin. This is the default graphical login manager for Solaris and plainly has CDE roots. At this point, there is a drop-down menu in which you can choose to go back to a console login or choose which wm/dm to enter, both CDE and JDS3 are options. I am sure CDE has many great features and I know that some people love it. However, I am not one of them. JDS3 on the other hand is a nicely polished GNOME desktop. The theme and general feel is much improved over Sun's earlier versions. Nothing is very remarkable about JDS3, except network browsing. I have never seen any GNOME desktop do as well with windows and NIX network browsing.
There are things I dislike about JDS. As a media player, Sun has chosen the “Java Media Player.” This program has no redeeming factors. XMMS or Rhythmbox would be much better choices. They also tapped Mozilla to be the web browser, not Firefox. With FF gaining more and more attention, this choice makes very little sense to me. However, those are my only complaints about JDS3 and they are small ones.
Nobody is considering Solaris 10 because of JDS3 or its installation routine. They are looking at it because of new features like DTrace, Zones and the new Service Management Framework. Indeed, it has been quite awhile since we have seen a release of any OS with as many large features as Solaris 10.
DTrace
One of the main new features in Solaris 10 is DTrace, a dynamic instrumentation system. DTrace consists of a scripting language, named D (not to be confused with the fledgling D Programming Language), and loadable kernel modules named “providers.” When called upon, these “providers” track and report system information. DTrace has several features that separate it from other similar systems:
* It is dynamic. DTrace has no effect on system performance when not in use. Only those providers that are needed by a particular command are loaded and used. This means if you want to collect data on the scheduler, DTrace will not be collecting data on the IO system as well. This greatly improves performance over those systems that collect a huge amount of unneeded data.
* It can instrument both the kernel-level and user-level.
* It is safe. DTrace will not allow you to damage the system through its use. Some may find the idea of anything being “totally safe” rather amusing. However, this appears to be true. Time will tell if it holds up, but for the moment I have no evidence to the contrary.
* It is adaptable. DTrace really is more a scripting language then it is a tool like truss or top. This has its downside and upside. The disadvantage is that it is not a small thing to learn. Most will probably never use DTrace directly, but instead use programs written in D. There are already some of these and there will eventually be many more. The advantage to this is that its not limited like top or truss. Supposedly the test of a well-designed program is that people use it for things the author never thought of. DTrace passes this test with flying colors.
DTrace will inevitably be compared to similar systems. These include The Linux Trace Toolkit (LTT) and Dprobes. These systems may grow into something equivalent to DTrace, but at the moment they are not even close. LTT is not dynamic and has only around 45 points of instrumentation to avoid a large performance penalty. Comparing that to Dtrace:
# DTrace -l | wc -l
36110
Dprobes is much more advanced, but has problems as well. It is dynamic, but lacks some of the advanced features of the D language and is not safe. You can definitely bring down a machine with a badly written Dprobes script. It also supposedly performs poorly on multiple CPUs.
One interesting DTrace script I found is seeksize.d. This script tracks the offset value of seek requests to the discs, per process. I have never been able to see this information before and it is really quite interesting, although somewhat shocking. The script was written by Brendan Gregg, who has produced many DTrace scripts that review system information from shell use to socket statistics. [http://users.tpg.com.au/adsln4yb/dtrace.html]
seeksize.d in action
Zones
If you have used FreeBSD Jails, Solaris Zones are going to sound very familiar. They are based on the same basic concept. Both can be considered somewhat like a heavy-duty chroot. Each Zone or Jail is a virtual OS, complete with IP address, separate configuration and even a separate package DB (zones can also share a DB). Now, this may seem like exactly what UserModeLinux or Xen do, but it isn't. The difference is that all the Zones/Jails share one kernel.
In Xen or UML, the sub-machines are full OS's, kernel and all. They run on vm-like layer over the actual kernel. The advantage to this is security; it is very difficult to break out of a virtual server setup in this way. The disadvantage is speed; running all these different kernels has a large performance hit. This is why FreeBSD Jails were thought of in the first place and Sun has gone that direction with Zones.
It is theoretically possible to break out of a Jail or Zone. In fact, there have been security vulnerabilities in the past that allow processes to do just that. It is of course up to the System Administrator to balance these issues. Personally, I would rather be able to run a large number of Jails/Zones and take the minimal security risk.
Service Management Framework
SMF (The Service Management Framework) is Solaris 10's replacement for the aged sysV init. I have mixed feelings about SMF. It is definitely a step forward, but it adds a level of complexity that was not there before. The idea behind it is fairly simple and SMF can be logically split into several parts:
* Startups scripts. These are very like the normal scripts you see in every UNIX implementation
* XML manifests. This is where things get different. Every service has an XML file that holds information about the service. What other services does it depend on? What services does it not depend on, but are recommended? All these relationships and more are stored in the manifests.
* svcs. The svcs command is one of the main interfaces to SMF. It can tell you what services are started, which are stopped and even what services failed to start and why. For example, if service A depends on service B and you have stopped service B, svcs might tell you that service A has failed because service B is stopped.
* svcadm. This is the administrative tool for SMF. You can add, delete, stop and start services here.
* init. The init systems works a bit differently on Solaris 10 because of all this. If a service fails to start or crashes, it will be restarted. Also, if you stop a service that another service depends on, that service will also be stopped. Likewise, if you start a service that depends on several others, they will all be started. Also, the dependency system allows init to start multiple services in parallel.
My concern about SMF is that its not as transparent as a system like rc.d on NetBSD/FreeBSD or even the old sysV init. It is still fairly easy to understand, but there is a level of “magic” that wasn't there before. Maybe my concerns are baseless? I don't know. It will be interesting to watch how users react to the new system.
Along with new features, there have been improvements made to the general OS, many having to do with speed. Solaris has been given the nickname “Slowlaris” in the past. With Solaris 10, Sun has worked hard to make that name no longer applicable.
One of the areas where Solaris needed improvement was the network stack. I have no experience with it personally, but apparently the old version was not a great performer, especially on multiple CPUs. Sun has decided to fix this Old-Testament style. Solaris 10 features an entirely new stack named FireEngine. Built to improve performance and prepare for future networking technology (faster Ethernet), FireEngine includes some very interesting threading technology that should reduce resource contention. [3]
Another improvement to Solaris is the X86 support. Solaris has supported this architecture before, but both speed and stability were sorely lacking. This has changed with Solaris 10. All the machines I installed Solaris 10 on were X86 and, besides the obvious sparse driver support, it worked very well. With Sun committing to the AMD Opteron (an X86-like platform), the opening of Solaris and the energy Sun has appeared to expend on making X86 a “tier 1” platform, it can be safely assumed that support for this architecture isn't going to be disappearing.
The experience of actually using Solaris 10 as a day-to-day OS is rather interesting. I installed and used 3 versions of Solaris 10, two betas and the final. I tested them on my laptop, but mostly used them on my desktop machine. The features of Solaris 10 make it sound like the long lost brother of sliced bread and, to some extent, I found this to be correct. Solaris 10 can do things no other OS can and its very fast. However, there are some significant hurdles to using Solaris when you come from Linux or BSD. It is very different. This cannot be repeated enough. If you have ever made the switch from Linux to BSD or the other way, you know how little differences can really make it difficult. In Solaris, the differences are not little.
The first time I booted Solaris, I was a bit worried. It was quite a slow boot. I had to use this thing while reviewing it and as I watched the login prompt finally appear, I was starting to wonder if I was going to need a book while Mozilla started. They have fixed this in the final release, but I needn't have worried at the time either. The Solaris boot may have been slow, but thats the only element of the system were that word applied.
I have yet to see a set of benchmarks that everyone likes and I don't have any skill in that area to begin with. Therefore, I won't be attempting to give the good reader numbers on Solaris 10's speed. Suffice to say that you cannot use the OS as a desktop without noticing it. Mozilla starts fast, GNOME is snappy and and I had at least 5 things compiling while listening to music with no skipping.
This does not mean all users will find Solaris 10 the gift from god it is sometimes portrayed as. There are many differences when coming from other NIX. Some are very minor and some are very not. These differences range from the purely personally unsettling to build breaking, linker error making monsters from hell.
The first difference you will notice is that the default shell is the Bourne shell. Not bash, but the POSIX Bourne shell. Coming from BSD, this wasn't so shocking. The total lack of a /root directory was rather shocking, but even that could be understood fairly readily. What I kept coming up against though, was how many places things were installed. The BSD tools are installed in /usr/ucb, the GNU tools in /usr/sfw, Solaris development tools in /usr/ccs, /usr/X11 contains Xorg and /usr/X contains openwin. These are just examples, there are many more. I am not saying this is a bad thing, but balancing your PATH that much takes getting used to.
Something else you may notice, is an almost total lack of audio drivers. While I am willing to forgive Solaris for not having a lot of drivers for X86 because of its youth, the total lack of support in this area is too glaring to not mention. The Open Sound System supports Solaris and works very well, but this must be addressed at some point. X86 Solaris users should not be forced to go to 4Front to get audio support.
While I am on the subject of drivers, I should mention that hardware support on X86 is not great. I am convinced this will improve, but for the moment I would only use Solaris 10 on very common hardware. As for laptops, its not ready yet. The version of Solaris released to the public does not include wireless support. However, I gather from the Sun blogs that an internal build now does include wireless drivers, so this should not be a permanent problem.
A developer will notice other differences with Solaris. While some Open Source software will choke on BSD or even some Linux distributions, a large number will blow a fuse on Solaris. Some just require little tweaks to get working, while others require trench warfare. Both NetBSD's pkgsrc and the Blastwave (www.blastwave.org) software distribution help to make this tolerable. With the coming OpenSolaris, I expect this to improve as they attract more developers.
Speaking of developers, there are many goodies hidden in Solaris 10 that may lure them over. Obviously, DTrace has the potential to greatly help developers, but there are other utilities that are also very useful. One thing I found while looking for a Solaris alternative to valgrind was mdb and libumem. Mdb is the Solaris Modular Debugger and is exactly what it sounds like. Libumem is a user-land slab allocator[4] introduced in Solaris 9. What is interesting is that these two tools work together. [5]
This is how it works. The developer compiles his/her code like normal, but instead of executing it with a debugger s/he sets some environment variables:
UMEM_DEBUG=default
UMEM_LOGGING=transaction
LD_PRELOAD=libumem.so.1
then executes the code. The developer tests it out like normal, but then opens up another terminal, uses gcore to to get a core dump of the program and uses MDB to examine the core dump. MDB will then let you find memory leaks, browse stacks, find corrupt buffers and even double frees. More info about libumem and MDB is available here: [
access1.sun.com]
There are many little tools like this hidden all over Solaris. The pTools are another prime example of this. These are a set of utilities that extract information from the /proc file system. Among other things, these tools include:
* prstat: a replacement for top
* pldd: prints the dynamic libs linked into running processes (including those added with dlopen)
* pwdx: prints the cwd of the given process
* pstop: stops the given process
* prun: the reverse of pstop
There is also the Solaris Management Console, a “toolbox” of administration utilities such as user management, patch management and performance monitoring. There are too many of these little utilities and small features hidden throughout the system to mention or simply find.
In conclusion...
Solaris 10 is a rather amazing OS. I learn quickly, but I was hard pressed to even tap the surface of Solaris. It is very fast, has new features that are revolutionary and old features that are not very well known, but deserve to be. Its hardware support could, and I think will, be improved, some software will be difficult to compile and it can be difficult to use at times when coming from other NIX. However, any relatively knowledgeable user should give it a shot. You may be impressed.
Sources:
1. [
www.sun.com]
2. [
www.opersys.com]
3. [
www.sun.com]
4. [
srl.cs.jhu.edu]
5. [
access1.sun.com]
Notes:
Certain sites really helped in writing this. In no particular order these were:
BigAdmin: [
www.bigadmin.com]
The Blog of Ben Rockwood: [
www.cuddletech.com]
PlanetSolaris: [
www.planetsolaris.org]
BlastWave: [
www.blastwave.org]
Written by Narayan Newton – Mad Penguin™ Systems Administrator
Sun, Sun Microsystems and Solaris are Registered Trademarks of Sun Microsystems, Inc. Linux is a Registered Trademark of Linus Torvalds.
Creative Commons LicenseThis work is licensed under a Creative Commons License.