Sigil.us

OpenSolaris :: 2009.6 (111a)

After setting up several new machines with intention of migrating them to the official release in June, I have to say this is the best OSOL release ever!

• IPS is snappier
• CIFS sharing seems to work a LOT better
• I am not sure if it is better driver support or what but disk and network IO seem to be that much better (Areca, intel)
• The whole OS just seems more polished

Anyway I will write more as I continue to work on my platform, but if this is an indication of what we can expect of future OSOL releases, I predict a bright future indeed! Great job to everyone working on the project!

Read More

Sun :: Support Contract Pricing

Seriously WTF.

My story:

I need a patch for Sun Java Messaging Server, the patch is a private patch, it fixes random crashes by the dispatcher. Basically a very necessary patch in that if the dispatcher crashes you stop receiving mail.

I am trying to get a support contract so I can gain access to sunsolve and get the patch.

This will be day 2 of waiting to hear back from Sun on pricing for this product. NO WONDER SUN IS HAVING FINANCIAL WOES, I AM READY TO SPEND AND NONE OF THE SALES REPS KNOW WTF THE SUPPORT CONTRACT COSTS.

This is why I have used only full and open products in the past. If there is an issue I can find it in an open bug DB, searching sunsolve for patches is just plain crap. I can also attempt to fix the issue myself, I am no C god, but I can and have fixed some pretty complex issues in the past and been up and running again in a day if not hours.

Truly this has been a frustrating process, and I just wish the sales person would call me back and take my money.

Read More

OpenSolaris + Sun Communications Suite

This post is about my experiences and thoughts relating to installing and running sun comms suite on OpenSolaris, and it’s suitability as an email platform in general.

INSTALLATION

The following components installed happily on OpenSolaris with minimal tweaking (mostly the creation of symlinks to NSS and TLS libs).

• Sun Directory Server Enterprise Edition.
• Sun Messaging Server
• Sun Calendar Server

These components I probably could have gotten to run but it was such a battle dealing with the Identity suite that I opted to just load the App Server and all the components that required it on a RedHat system (yeah I know yuck right?).

• Sun Java Application Server Enterprise Edition
• Sun Identity Suite – Access Manager
• Delegated Administrator
• Convergence
• Sun Instant Messaging Server

It looks like the developers are eliminating the requirement to have access manager installed for the version 7 release.

Overall I am pleased with the platform, some notes:

Messaging Server

I love it. It is very fast, and has all the features I have ever wanted and more. I don’t particularly care for the configuration file syntax but it is tolerable and to be truthful the default install is so decent that you really don’t have to do too much outside of say UBE and virus filtering/policy. I like the way channels and the dispatcher work. I like being able to create seperate process pools for various channels.

Convergence

Is really awesome, there are some small ui issues but it is easily the best webmail/webcal client out there. If it had message threading it would be perfect.

Indentity Suite Access Manager

This thing is a beast. Easily the most difficult component to get working. I am really not sure how I feel about SSO for my type of deployment yet. I think given the option I would rather not deal with this component, and would rather just see it eliminated and setup ldap query caching or something.

Delegated Administrator

I am satisfied with the command line environment. IM provisioning is about halfway finished. The web interface is decent but not great. Over all it is not as customizeable as I would like. There is also very little documentation about writing plugins or modifying the JSP and XML templates to facilitate more advanced needs. I really wish that the commcli servlet interface was documented. I have never worked with servlets in Java before, and I have only written a couple small apps in the language, so perhaps I am missing something here. I suppose I could load the servlet class files up in an IDE and see if I can extract the method names and parameters. It would be nice if I could build my own flex based interface and just not use the web based DA.

Application Server

This is an irritation for me, there is a bug that causes the admin user to stay logged in for some reason. Going through sun’s site there is an update to go from 9.1 to the new glass fish EE server. Guess what the Solaris version of the patch is non pay, the redhat version is pay. I guess I don’t understand this. Is this standard practice with sun and their products that run on 3rd party OS’s? Had I known this I would have just dealt with the pain of a standard Solaris install.

SSL

SSL was a major PAIN IN THE ASS to get working on all services. I understand that all the components are setup to be distributed accross multiple systems (my deployment uses 6) but having seperate key stores for each component, and much worse different keystore formats, is a pain to deal with. JKS just plain sux. I had to use a 3rd party tool to import a key that was not generated in the current key store because the standard tool set doesn’t import keys into JKS, only certs.

Future Plans

I like where sun is going with the comms platform. Reworking the calendar server, implementing caldav and carddav is HUGE.

My Future Plans With Comms

I really want my mail platform to be as open and self supportive as possible. This is only acheivable with fully open components. I also want the entire thing running on OpenSolaris with as many of the stock packages as possible. After version 7 comes out I want to eliminate the access manager from my deployment, and provision directly from the LDAP system. I will then attempt to switch from the Java System LDAP server to OpenDS. This actually doesn’t look to be that difficult. With that finished I would like to switch to the OpenSolaris packaged version of GlassFish if possible. As far as Delegated administrator I would like to replace the web interface with a flex based web app and either directly provision in the LDAP directory or interface with the commcli server.

I would really like it if native OpenSolaris packages could be provided for comms, but if they never are I think I can engineer a satisfactory solution on my own and still take advantage of the toolset.

Read More

OpenSolaris Bible

I am quite pleased! This is probably the best OS reference book I have ever purchased. The chapters cover material that you want to know, as opposed to say my RHEL reference that is comprised of so many chapters of crap that I couldn’t care less about.

Anyway if you buy one book about OpenSolaris, I think this should be it.

Read More

OpenSolaris :: Long term deployments

I have no problems using OpenSolaris for my storage systems. Upgrading them to a new release every 6 months is no big deal no matter what sort of pain is involved.

However I am thinking about a deploying OpenSolaris for mail use. My questions are:

1. There is now a release repository, is upgrading from one release to another using IPS painful? I have yet to attempt it.
2. What sort of issues will I run into attempting this?
3. I see some people have been successful at running com suite on OpenSolaris, should I attempt this? Or would this be an exercise in futility.
4. Will we ever see the Suns Enterprise software in the /extra repository?

Thanks in advance for any responses.

Read More

Solaris :: Less Suck Now

I am a huge fan of OpenSolaris, I believe this project will fix the nightmare that is currently the enterprise Solaris distribution. The question is when.

I believe there is still debate on how the OpenSolaris package management changes and installer will make it back into Solaris proper. Does anyone know what the story is?

I wouldn’t care however it doesn’t appear that Sun is going to support its Java Communications Suite on OpenSolaris proper. What are Sun’s plans for this? Being able to install any of the comm suite or enterprise suite components with IPS would be a huge win.

If anyone could point me in the right direction that would be great.

In the mean time I am going to work on a minimal JumpStart configuration that will install a minimal Solaris package set with the packages needed to run comm suite, and have a decent working shell environment.

Read More

ZFS :: File System Awesomeness

I have been building NAS/SAN systems lately for our company’s remote backup product. We started out using Nexenta’s storage appliance software which utilizes ZFS. After using it for quite some time I think I am going to migrate to OpenSolaris as soon as the November release is available. It turns out that after learning about and using ZFS I really don’t need the web interface to accomplish my objectives.

Some of the great things about ZFS:

1. Not having to have RAID cards to use RAID
2. Being able to add storage to a storage pool with out screwing around with a volume manager
3. The ability to import existing storage pools
4. Infinite snapshots that occupy minimal amounts of storage space
5. The ability to use ZFS send and recv to incrementally replicate file systems over SSH links
6. Online error correction, better than RAID data protection
7. Simple pool and file system management
8. Online file system compression and encryption
9. Virtual block device support

Couple this with OpenSolaris’s native in kernel CIFS and iSCSI server and you have the most inexspensive enterprise storage solution ever.

Truly an admins dream. Unfortunately Linux folks most likely will never see ZFS integrated with the Linux kernel. Hope is not lost however, in 3-4 years Oracle’s BTRFS will be complete and seems to have a similar feature set.

In the BSD camp, it seems the FreeBSD community has done a pretty decent job integrating ZFS. There are only a couple of features missing at present and it appears to be stabilizing.

Dragonfly BSD of course has Matt Dillon’s HAMMER file system which I have been following quite closely. I will probably play with it some more in a couple of releases.

Of course the reason I do not typically use the BSD OS’s in production environments is due to the lack of a binary update system for the base distribution. I like to be able to update quickly and update often, and patching and compiling updates from source is far too time consuming. (OpenBSD being the exception).

With Snow Leopard we should see ZFS make its official debut on the Mac platform, I guess time will tell.

While I would like to see this file system integrated with more open source OS’s I am quite content to stick with OpenSolaris for my storage systems.

UPDATE

Oh and Sun, great work on the 7000 series storage appliances, the implementation is completely sublime. I just wish that I could afford one

Read More