A Look at Solaris 10 and Sun's Dual Core Fire V40z
by Kristopher Kubicki on June 29, 2005 4:00 PM EST- Posted in
- Systems
Getting a Feel for Solaris 10
Solaris has always had the edge over Linux when it comes to scalability; SunOS had its roots in big iron. As a FreeBSD user first and a Linux user second (and a Windows user a distant third), a lot of things felt very familiar inside Solaris 10. Sun's Java Desktop System, JDS, is immediately recognizable as a SUSE derivative. We won't touch on JDS too much in the next couple pages, but instead focus on the underlying kernel and some Solaris's more interesting and original features.
As we mentioned earlier, scalability is a big issue but if anyone can tackle that obstacle, it's Sun. Sun spent a lot of time getting Solaris 10 ready for x86, and as you will see in our benchmarks section, the "Slowlaris" moniker might be dead. Solaris 10 features a new scheduler that allows per-CPU optimizations as well as faster string functions, SSE2 support and new x86_64 specific libc system calls. Granted, we would like to see some SSE3 optimizations as well, but these features sound pretty good for now.
One of the neatest, unexpected features in Solaris 10 was Zones; also known as N1 Grid Containers. Zones behave very similar to UserMode Linux (UML); each Zone is a virtual instance of Solaris 10 with it's own IP address and user land. However, Zones are different because each virtual OS shares the base kernel. This is a huge performance boost for the virtual operating system because each instance is not constantly waiting for resources like in UML; they can just demand them when necessary. Zones can be configured to only utilize a specified amount of resources as well. Of course the downfall to this is if a single Zone is compromised, the whole system is effectively compromised. Fortunately, compromising a Solaris 10 system is not an easy task either; additional Process Rights Management and User Rights Management are prevalent in Solaris 10.
David Comay from Sun writes:
- One of the design goals of Zones was to ensure that if a single zone *was* compromised that the whole system would *not* also be compromised. We believe that we achieved that to a very large extent in Solaris 10. From an isolation perspective, the primary weakness is that there is a single kernel and if a user program somehow trips over a kernel bug and causes the system to panic, then of course, that affects the whole system. But from a security perspective, someone who is a privileged user (namely, root) in a zone can only cause damage to that zone and *not* the system as a whole. The virtualization that Zones provides ensures that they're not able to see, affect or modifyprocesses and their data running in other zones on the system.
Dynamic Tracing (DTrace) was another heavily hyped feature of Solaris 10, and rightfully so. DTrace, and it's scripting language D, allow an administrator or a developer to observe and debug problems in a production system with very little overhead. The problem with traditionally debugging tools like gdb, truss, pstack and ptrace is several fold:
- We need to either monitor everything on the system, or only very specific processes - it would be impossible to trace every process on the system
- We can only view a core dump of a snapshot in time - often times administrators and developers have transient problems
- Usually, a program like gdb needs to halt or stop the system - in a production server this isn't acceptable
- A poor debugging routine can actually be more detrimental than helpful - debugging a system incorrectly can actually bring it down, which is totally unacceptable at times
DTrace can effectively do the same as truss, pstack or ptrace but it can also be used on a production system without completely crippling it via "Probes" that are inserted all over the OS. Sun's DTrace introduction conference explains some of DTrace's functionality in a 40 minute session for those really interested in all of it's features. It's kind of like installing 30,000 debug statements all over the kernel, and allowing the admin to collect data from these probes whenever they would like via DTrace.
Solaris is really a developer's dream. During the V40z's brief stay in our labs, we actually used the machine extensively for development of our RTPE software platform; partially because the V40z is 10 times more powerful than our entire RTPE cluster, but partially because of DTrace, MDB and libumem. Using some of the examples from the DTrace introduction above, we were able to use the analyzer to isolate instances where some of our RTPE bots were getting preempted for supposedly no reason at all. Kudos to that team at Sun!
Just a few weeks ago Sun opened Solaris 10 to all with OpenSolaris; Sun's partially open sourced version of Solaris under the CDDL license. OpenSolaris now provides much of the OS core for modification, but not the entire OS just yet. According to the OpenSolaris roadmap, crypto and storage drivers should be available soon, which would be a great step forward for the entire FOSS community.
Facebook
Twitter
RSS
47 Comments
View All Comments
kbsartain - Thursday, June 30, 2005 - link
The Database benchmarks are likely bottlenecked on storage. Attach a high-speed array with multiple disks, and the scaling would be much more linear vs. 2-way.ceefka - Thursday, June 30, 2005 - link
It would be nice if other Opteron-builders would add to the test so we can get an idea of how well the Opteron is implemented.I'd say webspace is best served with dualcore Opterons. 90% gain! Holy moly!
#23 I have worked as a temporary at Sun in The Netherlands in 1987 when they were about to release their 4/ series. Their 3/ machines were already considered top notch then. They offered workstations with an optical mouse that moved over a special gridpad and full color screens. That was really something special then. No AMD CPUs at that time.
To be perfectly honest as well, I also didn't know them before I worked there ;-)
sprockkets - Thursday, June 30, 2005 - link
SuSE Linux Enterprise not enterprise enough for u?KristopherKubicki - Thursday, June 30, 2005 - link
hondaman: This is why we used SLES this time around instead of RH9. Unfortunately the previous single-core V40z tests were all done a few months ago when we had that machine.Kristopher
Xenoterranos - Thursday, June 30, 2005 - link
Wow, I wish my company had a use for a system like that. I'd take a paycut just to be able to play with it for a while... damned fine enginering on both Sun and AMD's part. And to be prefectly honest, I never really payed Sun that much attention until they started using AMD procs. Everyone else needs to get with the program and give AMD the market share they deserve...oh wait...I'll stop there.slashbinslashbash - Thursday, June 30, 2005 - link
#21: Read the comments and you'll find your answer.Kristopher: Page 7, "Apache Benchmarks" text:
"It's also interesting to note the difference between Solaris 10 and SLES 9 here. As the threads increased, there was a wider gap between performance of the Solaris configuration and the SLES configuration in favor of Solaris."
The graph on that page shows the opposite, with SLES outperforming Solaris.
finbarqs - Thursday, June 30, 2005 - link
wait why the xbox360/ps3 article taken down?hondaman - Thursday, June 30, 2005 - link
can you swap suse with a real enterprise os like rhel?themelon - Thursday, June 30, 2005 - link
I guess I should have kept reading.Sorry.
I have one of the v40's in my lab with 4 of the 875's. Very nice machine.
Doormat - Thursday, June 30, 2005 - link
Does anyone know if the v20zs were dual core-capable? I heard that if you negotiate with sun (go to sun's ebay sale for the v20z), you can get really good deals. I'd love to just get two 270s if/when the prices come down.