Archives By Date

NOTE TO OUR READERS:

This archive page is being superseded by the new Sun BluePrints Wiki page. Articles posted after February 2008 are not reflected here. Please refer to the new site: http://wikis.sun.com/display/BluePrints

NOTE TO OUR READERS:

Sun BluePrints OnLine articles are maintained in this archive for the benefit and historical reference of our readers. Details of the recommendations set forth in these articles may not reflect Sun's latest hardware and software releases. Caution, careful analysis and common sense should be exercised when applying these Sun BluePrints articles to newer products and software releases.

• Optimize MySQL Server on Sun x64 Servers and Storage
  - by Luojia Chen

  With the addition of MySQL to its software portfolio, Sun now offers an integrated LAMP (Linux, Apache, MySQL, Perl) or SAMP (Solaris Operating System, Apache, MySQL, Perl) software stack that runs on the entire range of Sun's x64 servers and storage systems. Together, these hardware and software components give enterprises the ability to deploy on open, scalable platforms with low total cost of ownership. This Sun BluePrints article provides an overview of the integrated Sun platform, outlines the steps for optimizing MySQL Server on Sun x64 servers, and describes benchmark results for solutions with Sun Fire X4100 servers.

• Cryptographic Solutions for Financial Services: Using the Sun Crypto Accelerator 6000 Card
  - by Serge Nadon and Joel Weise

  The Sun Crypto Accelerator 6000 PCI-E card (SCA 6000 card) is a combined cryptographic accelerator and Hardware Security Module (HSM) that can be used to accelerate Secure Sockets Layer (SSL) and IPSec sessions, as well as perform arious financial services related cryptographic functions. Qualified as a FIPS 140-2 level 3 device, the SCA 6000 card is designed to prevent the disclosure or corruption of cryptographic keying material, intermediate cryptographic results, or other sensitive data. A direct key loading interface is incorporated to enable the secure entry of keying material. Since sensitive keying material does not cross system, network, or application boundaries, potential avenues of interception and attack are eliminated.

  The security of a cryptographic device is dependent upon not only the anti-tamper circuitry and design of the device itself, but also the processes and procedures used to initialize the device, and perform key management and application level transactions. This Sun BluePrints article assumes a working knowledge of financial services and contemporary security issues, and discusses some control mechanisms. It describes some of the processes and procedures needed to make the SCA 6000 card available to an application performing financial services transactions such as PIN management and verification, and card verification.

• Balancing System Cost and Data Value With Sun StorageTek Tiered Storage Systems for Oracle Transaction Processing Applications
  - by Jeffrey T. Wright

  Tiered storage architectures reduce cost without affecting business operations by matching data resources with storage resources. Because Oracle databases control data placement through tablespaces and quantify data access requirements through accounting tools, storage architectures can be customized to an Oracle instance by correlating storage device configuration with the data from Oracle accounting tools. For transaction processing systems running on Fibre Channel disks, the most important design heuristic is the read response time for a given effective I/O rate. The engineering data presented in this Sun BluePrints article shows how to determine the most appropriate heuristic for Oracle transaction processing systems, and how to apply this heuristic to meet specific data access requirements.

• Tuning Symantec Brightmail AntiSpam on UltraSPARC T1 and T2 Processor-Powered Servers
  - by Alan Yoshida, Ramin Moazeni and Steve Gaede

  No email problem is more troublesome or visible than unsolicited bulk email, commonly known as spam. Spam can have a huge impact on employee productivity, and because it also can serve as a vehicle to deliver malicious content including viruses, worms, and phishing attacks, many organizations tackle the spam problem as a first step in implementing a comprehensive email security strategy. The combination of Symantec Brightmail AntiSpam (SBAS) software and the UltraSPARC T1 and T2 processors is particularly well suited to the demanding task of spam filtering: The UltraSPARC T1 and T2 processors are built to handle highly threaded, network throughput oriented applications, and Symantec Brightmail AntiSpam just such an application.

  This Sun BluePrints article provides background information on SBAS software and UltraSPARC T1 and T2 processor-powered servers, the configurations used for performance measurements, the challenges presented by benchmarking anti-spam software, and the actual steps used to tune the hardware/software combination to achieve the reported performance levels. This article was originally published in October 2006 and reflected performance on the Sun Fire / Sun SPARC Enterprise T2000 server. It has been updated to reflect more recent measurements comparing a Sun Fire / Sun SPARC Enterprise T1000 server to a Sun SPARC Enterprise T5120 server using virtually the same tuning parameters.

• Solaris Operating System Hardware Virtualization Product Architecture
  - by Chien-Hua Yen

  Although the concept of virtualization is not new, virtualization has recently become a well-accepted means to consolidate servers and reduce the costs of hardware acquisition, energy consumption, and space utilization. Server virtualization can be implemented at different levels on the computing stack, including the application level, operating system level, and hardware level. Hardware level virtualization allows a system to run multiple OS instances; with less sharing of system resources than OS level virtualization, hardware virtualization provides stronger isolation of operating environments. Hardware virtualization has become popular because of increasing CPU power and low utilization of CPU resources in the IT data center.

  This blueprint provides a comprehensive examination of hardware virtualization, particularly as it applies to Sun platforms. It explores the underlying hardware architecture and software implementation. Great emphasis has been placed on the CPU hardware architecture limitations for virtualizing CPU services and their software workarounds, with details on the software architecture for implementing three types of virtualization: CPU virtualization, Memory virtualization, and I/O virtualization. It examines three important implementations in detail: Sun xVM Server, Logical Domains, and VMware's relevant products, culminating in a comprehensive comparison of these important solution.

• Installing Microsoft Windows Server 2008 on Sun x64 Servers
  - by Todd Creamer, John Lindquist, Myka Maceraeg, William Schweickert

  Microsoft's next generation Windows Server operating system — Microsoft Windows Server 2008 – is scheduled for release in early 2008. Many organizations are currently running tests on pre-release versions of the software. This blueprint details the workarounds needed to install pre-release versions of Windows Server 2008 on Sun Fire and Sun Blade servers, including step-by-step details on where to get additional required software from Sun. This article is provided to assist in the evaluation of the pre-release version. Note that pre-release versions of software should not be deployed in production environments.

• Using the Cryptographic Accelerators in the UltraSPARC T1 and T2 Processors
  - by Ning Sun, Chi-Chang Lin

  This Sun BluePrints article demonstrates how the combination of the Solaris 10 Operating System and the UltraSPARC T1 and T2 processors can be used in a secure Web site. It provides a brief overview of SSL technology, as well as an introduction to the Solaris Cryptographic Framework. The remainder of the document describes how these cryptographic features can be configured and used by common security applications, such as Apache, the Sun Java System Web Server, and secure Java technology applications. An earlier version of this Sun BluePrints article detailed the cryptographic capabilities of the UltraSPARC T1 processor. This updated version includes discussions of the new cryptographic features of the UltraSPARC T2 processor.

• Energy Efficiency Strategies: Sun Server Virtualization Technology
  - by Jeff Savit

  Virtualization technology is a key to transforming an IT organization's server, storage, and network devices into a shared, global pool of resources. This can help reduce space, power, and cooling requirements while simultaneously helping make datacenters more flexible and agile. The two server virtualization technologies discussed in this Sun BluePrints article – Solaris Containers and Logical Domains – are of particular importance because of the low overhead they impose on the host server platform.

  Solaris Containers abstracts a single Solaris OS instance into multiple containers, giving the appearance of a dedicated OS instance to each container. Solaris Containers is an excellent virtualization technology when a number of applications can run on the same OS instance. Logical Domains are used to partition the server CPU and memory, abstracting the hardware itself to multiple guest operating systems. Logical Domains can be used to support multiple OS instances on the same server, and each Solaris OS instance can also support multiple containers. With the ability to use each of these technologies independently, or in conjunction, Sun customers have a powerful set of tools for server virtualization in their datacenters.

• Beginners Guide to LDoms: Understanding and Deploying Logical Domains for Logical Domains 1.0 Release
  -by Tony Shoumack

  This blueprint is intended to assist the reader in gaining an understanding of how to easily and effectively deploy Sun's Logical Domains, or LDoms, technology. It will help the reader determine how and where to use logical domains to the greatest effect using best practices. It discusses strategies for deploying logical domains on the Sun Fire T1000 and T2000 systems, the first systems to offer Logical Domain support, and the various best practices for these platforms. The guide works through step-by-step examples that include the commands to set up, deploy, and manage logical domains and looks at commonly asked questions and advanced techniques.

  This updates the original article, first published in February, 2007. In addition to additions and corrections, it reflects availability of the Logical Domains 1.0 release.

• Sun N1 Grid Engine Software and the Tokyo Institute of Technology Super Computer Grid
  -by Minoru Hamakawa

  One of the world's leading technical institutes, the Tokyo Institute of Technology (Tokyo Tech) created the fastest supercomputer in Asia, and one of the largest outside of the United States. Using Sun x64 servers and data servers deployed in a grid architecture, Tokyo Tech built a cost-effective, flexible supercomputer that meets the demands of compute- and data-intensive applications. Built in just 35 days, the TSUBAME grid includes hundreds of systems incorporating thousands of processor cores and terabytes of memory, and delivers 47.38 trillion1 floating-point operations per second (TeraFLOPS) of sustained LINPACK benchmark performance and 1.1 petabyte of storage to users running common off-the-shelf applications. Based on the deployment architecture, the grid is expected to reach 100 TeraFLOPS in the future. This Sun BluePrints article provides an overview of the Tokyo Tech grid, named TSUBAME. The third in a series of Sun BluePrints articles on the TSUBAME grid, this document provides an overview of the overall system architecture of the grid, as well as a detailed look at the configuration of the Sun N1 Grid Engine software that makes the grid accessible to users.

• Optimizing Oracle's Siebel Applications on Sun Fire Servers with CoolThreads Technology
  -by Khader Mohiuddin

  This Sun BluePrints article provides tuning and optimization knowledge and techniques for Oracle's Siebel 7.x eBusiness Application Suite on the Solaris platform. All the techniques discussed in this document are lessons learned from a series of performance tuning studies conducted under the auspices of the Siebel Platform Sizing and Performance Program (PSPP). The tests conducted under this program are based on real world scenarios derived from Oracle's Siebel customers, reflecting some of the most frequently used and critical components of the Oracle eBusiness Application Suite. Tips and best practices guidance based on the combined experience of Oracle and Sun is provided for field staff, benchmark engineers, system administrators, and customers interested in achieving optimal performance and scalability with Siebel on Sun installations.

• Patching Mirrored Systems with the Solaris Live Upgrade Software
  -by Jeff Smith

  Applying operating system patches is often time consuming and disruptive. In fact, most patching techniques require systems and disks to be taken offline for the patching process. The Solaris Live Upgrade software enables administrators to stage patches without impacting running systems, and minimize the actual downtime associated with patching to the time needed to reboot the system. This Sun BluePrints article discusses how the Solaris Live Upgrade software can be used to patch mirrored systems and rollback to the pre-patched environment should the need arise. While this article focuses on Sun systems incorporating SPARC processors that run the Solaris 8, 9, and 10 Operating System (OS), the procedures can be used on x86 and x64 systems as well. However, device naming conventions may be different on these systems. It is important to note that the procedures outlined in this document assume knowledge of the Solaris Volume Manager software and experience with patching the Solaris Operating System on Sun servers.

• Sun's High-Performance and Reliable Web Proxy Solution
  -by Ning Sun

  As individuals and businesses depend on the Web more than ever to conduct business, rapid and reliable content retrieval is critical. Reducing wait time improves productivity and increases user satisfaction. Web proxy technology has emerged as an effective solution to improve performance, help ensure content availability and enhance network security by caching and filtering Web content. The combination of Sun SPARC Enterprise servers with CoolThreads technology and the Sun Java System Web Proxy Server software provides a compelling foundation for a robust Web proxy solution. Sun SPARC Enterprise T1000 and T2000 servers include the UltraSPARC T1 processor with CoolThreads technology, offering six or eight cores with four threads per core. The Sun Java System Web Proxy Server software is highly threaded and takes advantage of the large number of threads supported by Sun UltraSPARC T1 processors with CoolThreads technology. Together, these products provide a highly scalable solution that accommodates a large number of requests, addresses peak loads, and provides future headroom for growth. This document explores the use of a Sun SPARC Enterprise T1000 server and the Sun Java System Web Proxy Server software as a replacement for an existing Web proxy implementation that used the SQUID Web proxy server software deployed on x86 servers.

• Slipstreaming Sun Fire x64 Servers Drivers in Windows 2003 Server Product CD
  -by Pierre Reynes, Vic Pantaleon

  This blueprint provides a clear method for performing unattended Windows 2003 Server installations from CD on Sun Fire x64 servers. While performing a CD-based installation on Sun Fire servers, the Windows Server 2003 setup utility requires pressing <F6> on the keyboard and providing a floppy disk with the LSI Mass Storage Drivers (MSDs). Once the installation process is completed, additional device drivers not included on the Windows CD must then be manually installed. This process, documented in the Sun Fire Windows installation manual, requires the usage of an external USB floppy drive or of the IP-based virtual floppy provided by the Service Processor. This can become a time consuming process if frequently repeated. The intent of this document is to provide techniques, known as "drivers slipstreaming", that eliminate human interaction during Windows installation from CD on Sun Fire x64 servers, making it fully unattended if so desired.

• Tokyo Tech Tsubame Grid Storage Implementation
  -by Syuuichi Ihara

  This blueprint describes the storage architecture of the Tokyo Institute of Technology TSUBAME grid. The Tokyo Institute of Technology is of the world's leading technical institutes, and recently created the fastest supercomputer in Asia, and one of the largest supercomputers outside of the United States. By deploying Sun Fire x64 servers and data servers in a grid architecture, Tokyo Tech built a cost-effective and flexible supercomputer consisting of hundreds of systems, thousands of processors, terabytes of memory and a petabyte of storage that supports users running common off-the-shelf applications. This is the second of a three-article series. It describes the steps to install and configuring the Lustre file system within the storage architecture.

• Introduction to Dynamic Reconfiguration and Capacity on Demand for Sun SPARC Enterprise Servers
  -by Nick Kloski

  Dynamic Domains, Dynamic Reconfiguration (DR), and Capacity on Demand (COD) provide technology that lets organizations effectively manage server resources in a highly available and cost-effective fashion. Sun SPARC Enterprise servers provide enhancements over previous-generation implementations of these technologies, building upon over 10 years of experience with Dynamic Reconfiguration. These enhancements give organizations more flexibility in the granularity of components available for Dynamic Reconfiguration, while adding new options to the process. This article discusses updates to these important technologies as they apply to Sun's newly announced SPARC Enterprise Server products, including an overview of the eXtended System Board (XSB), descriptions of the different ways that it can be configured specific new capabilities of DR, and enhancements to Capacity on Demand (COD).

• Architecting Availability and Disaster Recovery Solutions
  -by Tim Read

  IT departments typically run four broad classes of service in the data centre: mission critical, business critical, business operational and administrative services. Which service falls into which category is normally agreed between the business units and the IT department by determining the importance of various business processes and how these map on to IT systems. Each class, and possibly individual services, will have service level agreement (SLAs). In turn, these demand different levels of protection against failure, whether caused by hardware or software problems, administrative error, data loss or corruption or disasters of various sorts. Problems that make the data unavailable, through hardware or software failure, require a different solution to those that make the underlying data itself unavailable, either through corruption or deletion.

  This blueprint, first published in April, 2006, has been newly updated to reflect Sun's latest server and storage products.

• Sun Customer Ready HPC Cluster: Reference Configurations with Sun Fire X4100, X4200, and X4600 Servers
  -by Jeff Lu

  The reference configurations described in this paper are starting points for building Sun Customer Ready HPC Clusters configured with the Sun Fire X4100, X4200, and X4600 families of servers. The configurations define how Sun Systems Group products can be configured in a typical grid rack deployment. This document describes configurations using Sun Fire X4100 and X4100 M2 servers with a Gigabit Ethernet data fabric and with a high-speed InfiniBand fabric. In addition, this document describes configurations using Sun Fire X4200, X4200 M2, X4600, and X4600 M2 servers with an InfiniBand data fabric. These configurations focus on single rack solutions, with external connections through uplink ports of the switches.

  These reference configurations have been architected using Sun's expertise gained in actual, real-world installations. Within certain constraints, as described in the later sections, the system can be tailored to the customer needs. Certain system components described in this document are only available through Sun's factory integration. Although the information contained here could be used during an integration on-site, the optimal benefit is achieved through Sun Customer Ready System integration.

• Sun Virtual Desktop Access Kit for VMware
  -by Dirk Grobler, Warren Ponder

  The Sun Virtual Desktop Access Kit for VMware is an add-on component that integrates with Sun Desktop Infrastructure products and VMware Infrastructure 3 (VI3). In this context VI3 is the infrastructure to manage and execute virtual desktops. This is also known as Virtual Desktop Infrastructure (VDI). The Virtual Desktop Access Kit (VDA Kit) is the integration software between the access and virtualization tiers of the Sun Desktop Virtualization Solution. The integration between Sun's Desktop Infrastructure products and VMware's Virtual Infrastructure enables delivery of a dynamic and robust end-to-end desktop virtualization solution.

  This blueprint outlines the feature set and value of the Sun Virtual Desktop Access Kit for VMware, discussing how it integrates with the access and virtualization tiers of the Sun Desktop Virtualization Solution. A reference architecture is explained through a number of examples.

• Beginners Guide to LDoms: Understanding and Deploying Logical Domains
  -by Tony Shoumack

  This blueprint is intended to assist the reader in gaining an understanding of how to easily and effectively deploy Sun's Logical Domains, or LDoms, technology. It will help the reader determine how and where to use logical domains to the greatest effect using best practices. It discusses strategies for deploying logical domains on the Sun Fire T1000 and T2000 systems, the first systems to offer Logical Domain support, and the various best practices for these platforms. The guide works through step-by-step examples that include the commands to set up, deploy, and manage logical domains and looks at commonly asked questions and advanced techniques.

  This document has been updated July, 2007 and reflects availability of the Logical Domains 1.0 release.

• Sun Customer Ready HPC Cluster: Reference Configurations with Sun Fire X2200 M2 and X2100 M2 Servers
  -by Jeff Lu

  The reference configurations described in this blueprint are starting points for building Sun Customer Ready HPC Clusters configured with Sun Fire X2100 M2 and X2200 M2 servers. The configurations define how Sun Systems Group products can be configured in a typical grid rack deployment. This document describes configurations in detail using Sun Fire X2100 M2 and X2200 M2 servers with a Gigabit Ethernet data fabric, as well as configurations using Sun Fire X2200 M2 servers with a high-speed InfiniBand fabric. These configurations focus on single rack solutions, with external connections through uplink ports of the switches.

  These reference configurations have been architected using Sun's expertise gained in actual, real-world installations. Within certain constraints, as described in the later sections, the system can be tailored to the customer needs. Certain system components described in this document are only available through Sun's factory integration. Although the information contained here could be used during an integration on-site, the optimal benefit is achieved through Sun Customer Ready System integration.

• The Tokyo Institute of Technology Supercomputer Grid: Architecture and Performance Overview
  -by Nobu Hashizume

  One of the world's leading technical institutes, the Tokyo Institute of Technology (Tokyo Tech) created the fastest supercomputer in Asia, and one of the largest outside of the United States. Using Sun x64 servers and data servers deployed in a grid architecture, Tokyo Tech built a cost-effective, flexible supercomputer that meets the demands of compute and data-intensive applications. Built in just 35 days, the TSUBAME grid includes hundreds of systems incorporating thousands of processor cores and terabytes of memory, and delivers 47.38 trillion floating-point operations per second (TeraFLOPS) of sustained LINPACK benchmark performance and 1.1 petabyte of storage to users running common off-the-shelf applications. Based on the deployment architecture, the grid is expected to reach 100 TeraFLOPS in the future.

  This article provides an overview of the Tokyo Tech grid, named TSUBAME. The first in a series of Sun BluePrints articles on the TSUBAME grid, this document discusses the requirements and overall system architecture of the grid, as well as the tuning performed to achieve high LINPACK benchmark performance results.

• Remote Monitoring of Sun x64 Systems using ipmitool and ipmievd
  -by Eric Markwardt

  The Integrated Lights Out Manager (ILOM), included in Sun's enterprise-class x64 servers, provides an abundance of information on hardware related events, status, and error conditions. This information can be a valuable asset, enabling administrators to proactively monitor systems and quickly respond to situations that might affect system availability. However, aggregating information from multiple servers distributed throughout an organization and responding in an automated manner can be a challenge, especially as the number of managed servers increases.

  Administrators can choose from a range of tools to help expedite system maintenance. Fully-featured enterprise system management solutions, such as the Sun N1 System Manager, IBM Tivoli, and HP OpenView software, provide many capabilities. But these solutions can be more costly and complex to set up, and may require additional training to gain proficiency. More basic open-source tools, such as ipmitool and ipmievd, provide a simpler command-line interface and can be used to monitor servers and aggregate any detected errors into a centralized location for further processing.

  This document focuses on using these open source tools ipmitool and ipmievd to interface with the ILOM, query hardware-related status of local and remote servers, and automatically aggregate events into a centralized log file.

• Developing and Tuning Applications on UltraSPARC T1 Chip Multithreading Systems
  -by Denis Sheahan

  Traditional processor design has long emphasized the performance of a single hardware thread of execution, and focused on providing high levels of instruction-level parallelism. These increasingly complex processor designs have been driven to very high clock rates (frequencies), often at the cost of increased power consumption and heat production. Unfortunately, the impact of memory latency has meant that even the fastest single-threaded processors spend most of their time idle, waiting for memory. Complicating this tendency, many of today's complex commercial workloads are simply unable to take advantage of instruction-level parallelism, instead benefiting from thread-level parallelism.

  This Sun BluePrints article describes techniques that system architects, application developers, and performance analysts can use to assess the scaling characteristics of an application. It also explains how to optimize an application for chip multithreading, in particular for systems that use UltraSPARC T1 processors. This article discusses the following topics:

  • Processor physical characteristics
  • Performance characteristics
  • Classes of commercial applications
  • Assessing performance on UltraSPARC T1 processor-based systems
  • Scaling applications with chip multithreading
  • Tuning for general performance
  • Accessing the modular arithmetic unit and encryption framework
  • Minimizing floating-point operations and VIS instruction

  This article has been updated from the original December 2005 publication to include important information about Cooltools, a set of tools created to improve the ease of use of UltraSPARC T1 systems. Thee tools encompass a wide range including development, debugging, tuning and deployment of applications.

• Migrating Sun Java System Messenger Express Personal Address Book Using the pab2abs.pl Utility
  -by Sarma Vempati

  The Messenger Express Web-based email client includes a Personal Address Book (PAB) application for storing and managing user's personal information, such as email addresses and phone numbers. Sun Java System Communications Express, the unified Web client introduced in Sun Java Enterprise System 2004Q2 supersedes Messenger Express and Calendar Express. Communications Express also includes Address Book Store (ABS) that provides all of the functionality of PAB and is better integrated with mail and calendar components.

  When upgrading from Messenger Express (also known as Webmail) to Communications Express, you need to migrate users' PAB entries to ABS. (This migration does not occur automatically as part of the upgrade process.) A new tool, pab2abs.pl, has been made available that provides improved performance over the earlier migration tool, runMigrate.sh. This article describes how you can use the pab2abs.pl tool to either migrate a single or a few users, or to migrate your entire PAB database.

• Methods to Differentiate Sun Fire X4100 and X4200 from Sun Fire X4100 M2 and X4200 M2
  -by Pierre Reynes

  Sun's new M2 models of the Sun Fire X4100 and Sun Fire X4200 Servers appear almost identical to the previous models, posing a challenge for the systems manager to differentiate them. This richly illustrated article explains how to quickly and correctly identify them, either physically or remotely.

• The Sun BluePrints Guide to Solaris Containers: Virtualization in the Solaris Operating System
  -by Harry J. Foxwell, Menno Lageman, Joost Pronk van Hoogeveen, Isaac Rozenfeld, Sreekanth Setty and Jeff Victor

  With the release of the Solaris 10 Operating System (OS), Sun has taken a big step towards delivering functionality that can help address many of the challenges IT organizations face as they look to consolidate and virtualize the environment. Sun's next advancement in server virtualization is a concept called Solaris Containers technology. This Sun BluePrints Collection of previously published articles has been thoroughly updated and consolidated into a single book format. It provides an overview of the resource management concepts and technologies that comprise Solaris Containers, and explains how to create, use, and integrate Solaris Containers within a system and infrastructure. Emphasis is placed on explaining each concept and providing detailed examples that can be used to create more effective environments and effect better resource utilization.

• Application and Database Server Consolidation on the Sun Fire X4600 Server using Solaris Containers
  -by Kevin Kelly
  

  The combined capabilities of the Sun Fire X4600 server and Solaris Containers technology afford considerable promise as a consolidation platform. The Sun Fire X4600 server provides high performance, optimized energy efficiencies, and unparalleled scalability and virtualization options. Solaris Containers provide an isolated and secure runtime environment for applications, enabling multiple services to run efficiently and without conflict on the same platform.

  This paper explores the use of a Sun Fire X4600 server as a consolidation platform for multiple database and Java 2 Platform, Enterprise Edition (J2EE platform) application servers. It describes the processes and methodologies used in the consolidation, and details the steps used to configure the Solaris Containers. In addition, this paper describes the J2EE application server workload testing used to determine the effectiveness of this approach and validate the benefits of consolidating these services on a single system.

• Tuning Symantec Brightmail AntiSpam on the Sun Fire T2000 Server
  -by Alan Yoshida, Ramin Moazeni and Steve Gaede
  

  Note that this article has been updated and given a new title to reflect additional information on the newer T2 Processor: Tuning Symantec Brightmail AntiSpam on UltraSPARC T1 and T2 Processor-Powered Servers

• GRUB and the Solaris Operating System on x86 Platforms - A Guide to Creating a Customized Boot DVD
  -by John Cecere

  GRUB, the open source GRand Unified Bootloader, has been used for years in Linux and various versions of BSD as the standard file system-aware boot loader for open source operating systems. GRUB's implementation in the Solaris OS is similar to the implementation in these other operating systems. One major difference in the Solaris OS implementation of GRUB is the ability to traverse a UFS, the standard file system used in the Solaris OS. The UFS code for GRUB was written by Sun and is available as open source via the OpenSolaris initiative. This article describes GRUB and its implementation for the Solaris Operating System on x86 Platforms. It provides a sequence of procedures that can be followed to customize a DVD using this framework.

• Deploying Sun Java Enterprise System 2005-Q4 on the Sun Fire T2000 Server Using Solaris Containers
  -by Sreekanth Setty
  

  Consolidating enterprise infrastructure services that run on multiple servers to the Sun Fire T2000 platform using the Sun Java Enterprise System (Java ES) and Solaris Containers can simplify management, improve performance, and increase the efficiency of delivering enterprise infrastructure services. This article discusses how to consolidate enterprise infrastructure services onto a single Sun Fire T2000 server using Java ES software. In addition, this paper describes best practices that have resulted from performance testing different deployment scenarios of the Java ES on a Sun Fire T2000 server. Tests show that deploying the Java ES using Solaris Containers can support nearly three times the number of users supported by a deployment that does not use Solaris Containers.

• Working with Solaris Containers and the Solaris Service Manager
  -by Joost Pronk van Hoogeveen
  Solaris Containers and Predictive Self-Healing technologies work together by creating separate execution environments, each with its own namespace and assigned resources. Each environment can have its own self-healing personalities that can be changed, copied, and reloaded as needed. These technologies enable administrators to determine the current state of the environment, making it easier to use the Solaris OS for consolidation efforts. This article provides an inside look on what the Solaris 10 OS has to offer, as well as ideas on how to get started and put these new features to work, with technologies such as Solaris Containers, Solaris Predictive Self Healing and Solaris Service Management Facility. Emphasis is placed on illustrating how these functionalities can be used to create isolated environments customized for specific applications.
  
  
• Solaris Containers Technology Architecture Guide
  -by Jeff Victor
  This Sun BluePrints article is a must-read for those looking to find new ways to reduce IT infrastructure costs and better manage end user service levels. While costs from managing vast networks of servers and software components continue to escalate, existing server consolidation and virtualization techniques do not adequately provision applications and ensure shared resources are not compromised. The Solaris Containers technology addresses this void by making it possible to create a number of private execution environments within a single instance of the Solaris OS. This paper provides suggestions for designing system configurations using powerful tools associated with Solaris Containers, guidelines for selecting features most appropriate for the user's needs, advice on troubleshooting, and a comprehensive consolidation planning example.
  
  

Back to Top

• Architecting Availability and Disaster Recovery Solutions
  -by Tim Read
  IT departments typically run four broad classes of service in the data centre: mission critical, business critical, business operational and administrative services. Which service falls into which category is normally agreed between the business units and the IT department by determining the importance of various business processes and how these map on to IT systems. Each class, and possibly individual services, will have service level agreement (SLAs). In turn, these demand different levels of protection against failure, whether caused by hardware or software problems, administrative error, data loss or corruption or disasters of various sorts. Problems that make the data unavailable, through hardware or software failure, require a different solution to those that make the underlying data itself unavailable, either through corruption or deletion.
  
  Services considered mission critical require technical solutions that include both a service availability and a disaster recovery component as part of a full business continuity plan (BCP). The 'best practice' data centre infrastructure design patterns for many of the pieces needed for such solutions: local area networks, storage area networks, systems management, security, provisioning and clustering are described in detail in the 'Data Centre Reference Implementation' white paper.
  
  This document discusses the options for meeting the SLAs for mission and business critical services with particular reference to the Sun Cluster software. Where multiple solutions exist, the underlying complementary technologies: disk mirroring, data replication, transaction monitors and database replication techniques, are examined to highlight the trade-offs that must be made when using certain hardware and software combinations.
  
  The broader topic business continuity involves the consideration of more than just system availability and disaster recovery. This white paper does not cover any aspects of the disaster planning required for telecommunications, staffing or physical infrastructure, such as buildings, desks, etc.
  
  This blueprint, first published in April, 2006, has been updated in 2007 to reflect Sun's latest server and storage products.
  
  
• The Service Delivery Network: A Case Study
  -by Mikael Lofstrand, Jason Carolan
  Secure messaging has emerged as a core IT service. Most organizations today rely upon e-mail as a mission-critical application that serves key business processes and transports proprietary and confidential business information among authorized users. The case study in this article shows how to use Sun's Service Delivery Network (SDN) to guide the design of a secure, service-optimized network architecture for an example secure e-mail application. Secure e-mail was chosen for this case study because it is a familiar application that is relatively simple to describe and understand, allowing the reader to focus on the use of SDN rather than the details of an application. Note, however, that the SDN approach can be used to design network architectures that support almost any kind of application or service.
  
  
• Privilege Bracketing in the Solaris 10 Operating System
  -by Glenn Brunette
  In IT security, the well-known “least privilege” principle states that: “Every program and every user of the system should operate using the least set of privileges necessary to complete the job.” This Sun BluePrints OnLine article describes how to use the Process Rights Management feature of the Solaris 10 Operating System to implement this principle for any given software program.
  
  Process Rights Management allows software developers to write privilege-aware programs that run with only the privileges they need, dropping those that are not needed or are no longer required. Further, using a programming technique called privilege bracketing, a developer can control exactly when a privilege or set of privileges is active or in effect.
  
  Software developers can use the privilege bracketing technique to ensure that a program is running with privilege only when that privilege is required. This is accomplished by placing privileged software operations between code that effectively enables and disables specific privileges. Using the methods described in this article, software developers will be able to develop privileged programs that are more secure and resilient to flaws because the use of privilege within the code can be more tightly controlled.
  
  

Back to Top

• Using the Cryptographic Accelerator of the UltraSPARC T1 Processor
  -by Ning Sun, Pallab Bhattacharya
  Note that this article has been updated and given a new title to reflect additional information on the newer T2 Processor: Using the Cryptographic Accelerators in the UltraSPARC T1 and T2 Processors By Ning Sun, Chi-Chang Lin
  
  
• Understanding the NIS to LDAP Service (N2L) Architecture
  -by Michael Haines, Baban Kenkre
  This article discusses Network Information Service (NIS) to LDAP transition service (N2L service) support for NIS clients based on naming information stored in the Sun Java System Directory Server 5.2 software. This approach enables a complete transition from the NIS naming service to the LDAP naming service. It includes detailed installation, configuration, and operational information needed to create a supportable instance of the NIS/LDAP Transition Gateway product offering. While the NIS to LDAP transition product is designed to work with any RFC2307bis-compliant directory (LDAP) server, Sun only supports the N2L Service in conjunction with the Sun Java System Directory (LDAP) Server 5.1 and 5.2 software.
  
  
• The Solaris Fingerprint Database - A Security Validation Tool for Solaris Environment System Files
  -by Vasanthan Dasan, Alex Noordergraaf, Lou Ordorica, Glenn Brunette
  This article describes the Solaris Fingerprint Database (sfpDB), a security tool that enables users to verify the integrity of files distributed with the Solaris Operating Environment. By validating that these files have not been modified, administrators can determine whether their systems have, or have not, been hacked and had trojaned malicious replacements for system files installed.
  
  This is an updated version of the original Sun BluePrints publication, published in May 2001. This document has been updated to support the Solaris 10 Operating System and includes numerous other additions, clarifications, and references.
  
  

Back to Top

• Service Management Facility (SMF) in the Solaris 10 OS
  -by Rob Romack
  A significant challenge in today's data centers is the demand for increased service levels in environments that feature increasing complexity. The Solaris 10 Operating System (OS) introduces a new foundation that improves service levels by detecting and correcting component failures while simplifying systems management. This foundation — known as Predictive Self-Healing — includes new technologies that Sun has incorporated into its hardware and software products to maximize availability in the event of system faults. Overall, Predictive Self-Healing simplifies system administration and helps to contribute to a lower total cost of ownership (TCO) in the data center.
  
  A key component of Predictive Self-Healing is the new Service Management Facility (SMF) in the Solaris 10 OS. SMF is designed to simplify the management of system and application services. It delivers new and improved ways to control services, and tries to restart failed services automatically. In addition, SMF allows administrators to define the relationships between services. It is now possible to define a service that is dependent on other services — a dependent service will not run unless the other services that it requires are already running. Through a set of new administrative interfaces, SMF allows services to be easily and consistently configured, enabled, and controlled, at the same time providing better visibility of errors and improved debugging capabilities to resolve service-related problems quickly when they occur.
  
  This BluePrints article is intended for system administrators. It introduces the functionality provided by the Service Management Facility and demonstrates the use of new SMF administrative commands. It assumes that the reader has a reasonable level of knowledge of the Solaris OS (in particular, of OS versions prior to Solaris 10), or of other UNIX systems in general. The article makes the assumption that the reader is not already familiar with SMF or other specifics of the Solaris 10 OS.
  
  
• Privilege Debugging in the Solaris 10 Operating System
  -by Glenn Brunette, Darren Moffat
  The traditional UNIX privilege model is based on the concept of a super-user. In this model, the system associates all of its privileged operations with the root account or — more precisely — the user identifier (UID) 0. All other UIDs are considered unprivileged by the operating system. This “all or nothing” approach to privilege delegation means that any application that must perform a privileged operation, such as a binding to a reserved network port (for example, one whose port number is less than 1024), must be started as root.
  
  Starting applications in this manner, however, is inherently risky because it means that the application will have privilege to do anything on the system. Administrators are forced to trust the applications to use only the privileges that they need and only in the ways that are expected. Consequently, disaster could ensue should the application not manage its use of privilege safely, or should the application be misconfigured or exploited in some way.
  
  This Sun BluePrints article describes how to profile applications and services in order to determine which Solaris 10 privileges they attempt to use. With this information, organizations can then restrict those applications and services so that they are granted only the absolutely necessary privileges that they need to fulfill their intended purpose.
  
  
• Toward Systemically Secure IT Architectures
  -by Glenn Brunette
  The convergence and availability of greater numbers of computers, mobile phones, PDAs, and other devices are fueling new opportunities and new styles of sharing, participation, and commerce. Traditional organizational and network boundaries continue to blur and fade as organizations find new ways of engaging their customers, partners, suppliers, and employees. Furthermore, the delivery of services is becoming more streamlined, as associations among components and data become more dynamic in response to “just in time” business decisions. Unprecedented levels of access and sharing are fast becoming the norm and helping to fuel what is being called “the Participation Age.”
  
  Security risk accompanies all of the benefits that these opportunities offer — risk that cannot and must not be ignored. Attacks on IT resources can now be executed on a global basis, using the Internet or other communications networks, at speed and on a scale previously unknown. News of identity theft, industrial espionage, and the ever-present insider threat is rapidly increasing. While many of the common attack methods have largely not changed over the last ten years, their impact has been amplified as a result of a significantly increased number of potential targets, increased levels of dependence and connectivity among targets, and heightened levels of attack automation, making the attacks easier to configure and execute on a global scale.
  
  This Sun BluePrints OnLine article addresses the need for strong security guarantees in increasingly dynamic and flexible information technology (IT) environments. The Sun Systemic Security approach applies time-tested security principles, architectural patterns, and iterative refinement policies to weave security controls and assurances more systemically throughout an IT environment. Using a pattern-based approach and a focus on iterative refinement, organizations can transform their existing legacy deployments into resilient architectures that meet not only their security, privacy, and compliance needs, but also satisfy other business goals, such as increased agility, flexibility, efficiency, and availability. In fact, this approach can be used to help drive the adoption of new service and utility-based compute architectures.
  
  
• Consolidating Legacy Applications onto Sun x64 Servers
  How to move Microsoft Windows NT Applications onto Sun x64 Servers using VMware ESX Server
  -by Marshall Choy
  IT organizations wishing to continue to run applications on the Microsoft Windows NT Server operating system have faced a limited number of choices given the increasing lack of support for their aging hardware, and the lack of drivers for current hardware. The ability of VMware ESX Server to host these operating system environments and their applications on state-of-the-art, high-performance hardware platforms like the Sun Fire V40z server gives IT organizations a new class of options. Not only can they use virtualization to run their applications on current, supported hardware — they can leverage the greater processing power, memory capacity, and disk storage of today's servers to consolidate multiple PC server environments onto a single platform. Now IT organizations can upgrade their hardware platforms, and use the upgrade process also to address their power, space, and cooling issues, while exploiting the economies of scale that consolidation brings.
  
  This Sun BluePrints article describes in step-by-step fashion how one such application — an Apache Web server running on the Windows NT Server operating system — could be consolidated onto ESX Server running on a Sun Fire V40z server with no changes to the application or its configuration. The importance of this exercise is not the application itself. It is the fact that the only changes to the disk image imported by the physical-to-virtual process were to install drivers for the virtual network interface and display devices supported by the virtual machine environment. Once an application is consolidated into the virtual environment in this way, it can securely share a single platform with multiple instances of Windows operating systems and the applications that they host. Because each virtual machine provides an idealized environment to the guest operating system, the disk images created by the consolidation process are portable. So as this consolidation technique becomes proven in any given IT organization, PC workloads can be re-distributed among a growing number of servers by moving virtual disks and virtual machine configuration files.
  
  

Back to Top

• Developing and Tuning Applications on UltraSPARC T1 Chip Multithreading Systems
  -by Denis Sheahan
  

  Traditional processor design has long emphasized the performance of a single hardware thread of execution, and focused on providing high levels of instruction-level parallelism. These increasingly complex processor designs have been driven to very high clock rates (frequencies), often at the cost of increased power consumption and heat production. Unfortunately, the impact of memory latency has meant that even the fastest single-threaded processors spend most of their time idle, waiting for memory. Complicating this tendency, many of today's complex commercial workloads are simply unable to take advantage of instruction-level parallelism, instead benefiting from thread-level parallelism.

  This Sun BluePrints article describes techniques that system architects, application developers, and performance analysts can use to assess the scaling characteristics of an application. It also explains how to optimize an application for chip multithreading, in particular for systems that use UltraSPARC T1 processors. This article discusses the following topics:

  • Processor physical characteristics
  • Performance characteristics
  • Classes of commercial applications
  • Assessing performance on UltraSPARC T1 processor-based systems
  • Scaling applications with chip multithreading
  • Tuning for general performance
  • Accessing the modular arithmetic unit and encryption framework
  • Minimizing floating-point operations and VIS instruction

  This article has been updated from the original December 2005 publication to include important information about Cooltools, a set of tools created to improve the ease of use of UltraSPARC T1 systems. Thee tools encompass a wide range including development, debugging, tuning and deployment of applications.

  
  
  
• Consolidating the Sun Store onto Sun Fire T2000 Servers
  -by Casey Costley, Srinivasa Bodicharla, Brad Coates, Yunas Nadiadi and Ragu Venkatesan
  Many data centers today are at or near capacity in terms of space, power, and cooling, even as they are compelled to provide secure and available services that will scale into the future. Faced with real hard limits on real estate, power, and thermal capacity, data center managers are increasingly changing the ways they evaluate infrastructure. Performance in particular must be viewed in an envelope of space, power, and dissipated heat--with performance per watt, performance per square foot, and performance per rack unit of paramount importance.
  
  Sun faces these same demands and constraints in its own Information Technology (IT) and is actively seeking effective solutions. In particular, Sun is deploying architectures and strategies to consolidate its own mission-critical SunStore application, using commercially available technology to run Sun-on-Sun. Based on the UltraSPARC T1 processor with CoolThreads technology, the new Sun Fire T2000 server offers an effective consolidation platform for these efforts, complemented by the flexibility of Solaris Containers partitioning technology from the Solaris 10 Operating System.
  
  Providing a unique insight into Sun's own operations and adoption of new products and technologies, this article discusses the existing SunStore architecture and describes a timely real-world consolidation effort. In addition to architecture and configuration information, an analysis of anticipated savings in power, cooling, and space is also provided.
  
  
• Web Consolidation on the Sun Fire T1000 using Solaris Containers
  -by Kevin Kelly
  Reducing the costs of IT infrastructure and improving the manageability and efficiency of web services pose significant challenges for many organizations in today's economic climate. Recent studies describe the challenges IT managers face administering the proliferation of x86-based servers used to run web services applications. Those reports reveal that using large number of x86-based systems can increase space and power consumption, as well as cost and asset management overhead. In addition, many of these x86-based systems run a mixture of operating system and application software leading to increased management complexity and potential security concerns.
  
  Faced with these challenges, many organizations are attracted by the idea of consolidating web and application services from multiple x86-based servers to a smaller number of high-performance servers. This approach strives to help simplify management, improve performance, and increase the efficiency of delivering web services. The combined capabilities of the Sun Fire T1000 server and Solaris Containers technology in particular offer significant promise as a web-tier consolidation platform. The Sun Fire T1000 server offers high aggregate throughput performance in a small, power-efficient footprint. Solaris containers provide a complete, isolated, and secure runtime environment for applications, enabling multiple web servers to run safely and efficiently on the same platform.
  
  This paper explores the configuration and testing of the Sun Fire T1000 server as a web-tier consolidation platform. It discusses methodologies used to consolidate multiple web servers onto a single Sun Fire T1000 server, and explains the steps used to configure the Solaris Containers. In addition, to determine the effectiveness of this approach, testing was performed to evaluate the consolidated Sun Fire T1000 system against a baseline configuration of current Xeon servers, a popular choice as web server platform.
  
  
• Creating a Customized Boot CD/DVD for the Solaris Operating System for x86 Platforms
  -by John Cecere, Dana Fagerstrom
  This article explains the mechanics of the boot process on the Solaris Operating System for x86 platforms so that you understand what is needed to create a customized CD/DVD. It discusses both the hard disk and CD/DVD boot processes, and points out the differences between the two.
  
  There are a number of practical applications for this topic, including:
  • Jumpstart Software — The feature in Solaris that allows access to Solaris installation media and configuration rules over a network
  • Diagnostics — The ability to create a bootable CD for the purpose of diagnosing system problems without accessing or modifying the copy of the operating system that is installed on the target system
  • Restoration — The ability to create a bootable CD with tools that aid in the repair and restoration of a down system
  • Diskless clients that cannot do PXE booting—PXE is a DHCP-based network-based installation technology similar to Solaris Jumpstart. Some older x86-based system are incapable of using PXE
  • Canned Firewall—The creation of a bootable CD that starts Solaris on a system configured with multiple network interfaces. A preset ipf configuration is then used to establish a network firewall on that system.
  This article begins by examining the layout of a hard disk in the x86 architecture and the components on it that are used for booting. It then describes the pieces that are unique to a CD boot. Finally, this article puts the pieces together and creates an image file that can be burned to CD.
  
  
• Using iSCSI Multipathing in the Solaris 10 Operating System
  -by Aaron Dailey, Scott Tracy
  This article describes how to use Internet Small Computer Systems Interface (iSCSI) multipathing in the Solaris 10 Operating System. Implementing iSCSI in a storage solution provides two important benefits: it can increase storage availability via fail-over protection and also increase scalability and throughput via link aggregation.
  
  This article describes different approaches to implementing multipathing between an iSCSI initiator and an iSCSI target device. It reviews the reasons for multipathing, describes the different approaches that Solaris supports, discusses the trade-offs between those approaches, and provides recommendations for specific configurations.
  
  This article contains discussions about: the iSCSI Protocol, iSCSI Support in Solaris 10 Update 1 and Solaris 10 Multipathing Options for iSCSI Devices.
  
  

Back to Top

• Slicing and Dicing Servers: A Guide to Virtualization and Containment Technologies
  -by Harry J. Foxwell, Issac Rozenfeld
  Part of an emerging family of containment technologies, server virtualization is designed to help reduce server sprawl — the proliferation of individual hardware servers and accompanying management and resource allocation problems. Today, IT managers and executives are starting to consider a variety of virtualization and containment technologies available on Microsoft Windows, Linux, the Solaris Operating System and other environments. There is also renewed interest among industry and academic researchers in this area, as virtualization is a key technology in the deployment of both computational and business service grid architectures. However, significant confusion remains regarding the terminology and techniques involved, as well as the trade-offs among the range of current solutions.
  
  This article focuses on the motivation behind server-oriented containment and virtualization — secure, efficient, and cost-effective workload management — and discusses the concepts, vocabulary, and techniques currently available to help achieve it. Other forms of virtualization, such as those used for storage and networks, are not discussed. Directed at IT managers, CIOs, and CTOs responsible for computer resource allocation decisions, this article assumes general familiarity with IT infrastructure and management issues, and provides an overview of various solutions. Detailed technical knowledge of the techniques presented is not required. The first section reviews the requirements and challenges of workload management. Subsequent sections discuss the origins of virtualization and containment, currently available solutions and trade-offs, and a brief discussion of future technologies.
  
  
• Scheduler Policies for Job Prioritization in the N1 Grid Engine 6 System
  -by Charu Chaubal
  Grid engine technology powers collections of network-connected servers, called grids, providing efficient use of computing resources. The N1 Grid Engine 6 software, the newest version of Sun's resource management solution, includes the core services for establishing and managing a grid environment, and provides policy-based workload management and dynamic provisioning of application workloads for increased productivity. This article describes the tools and techniques for resource management that are available in the N1 Grid Engine 6 software, and explains how to use them effectively. It discusses the prioritization policies in the N1 Grid Engine 6 software, describes how they fit with the new resource aggregation methods, and makes recommendations for how to map real-life resource allocation schemes to N1 Grid configurations.
  
  The article addresses the following topics:
  • How the N1 Grid Engine 6 system implements job scheduling
  • The various scheduling policies that can be employed in an N1 Grid
  • An example scenario providing fair share use of resources with prioritization of jobs
  • Illustrates how to automatically determining priorities based on job requirements
  • Explains how to provide prioritization of jobs in combination with preemption of lower priority
  
  
  
• Protecting Investments Through Technology Advancements
  -by Brian Down
  With businesses becoming increasingly dependent on IT infrastructure, IT organizations are constantly seeking new ways to implement these vital assets in a cost-effective manner that supports business goals. At the same time, budget pressures are pushing organizations to find ways to protect technology investments and ensure they provide good value over time. Indeed, because IT assets depreciate, it is important they provide value—business flexibility, agility, and efficiency—for as long as possible, and be easy to replace when the time comes. This Sun BluePrints article explains what it means to protect IT investments, and what you need to consider when protecting them. It also illustrates how Sun's platform of UltraSPARC processor-based servers running the Solaris Operating System can be used to build an infrastructure with investment protection built-in.
  
  

Back to Top

• Configuring Multiboot Environments on Sun x64 Systems with AMD Opteron Processors
  -by Barton Fiske
  This Sun BluePrints article gives detailed procedures for configuring Sun x64 workstations with AMD Opteron processors to boot more than one operating system from the same physical hard drive. This capability is referred to throughout this article as “multiboot.” Specifically, the three major operating systems in use today — the Solaris Operating System, Linux, and Windows operating systems — can be deployed on a single system disk, and configured to allow a user to choose between the different operating systems at boot time. Multiboot capability should not be confused with available virtualization technology that allows simultaneous operation of multiple operating systems (such as VMware, Xen, or other approaches).
  
  
• Updating BIOS and Firmware on Sun Fire V20z and Sun Fire V40z Servers Using Microsoft Windows 2000, Microsoft Windows XP, and Microsoft Windows Server 2003
  -by Pierre Reynes
  In an era of tight IT budgets, many organizations are challenged to optimize existing computing resources. To help this effort, Sun x64 servers give enterprises the freedom to choose from a variety of operating systems, including the Solaris Operating System, SuSE Linux, Red Hat Linux and Microsoft Windows. By keeping the BIOS and firmware up-to-date on these systems, organizations are better able to experience increased performance and take advantage of the latest technology.
  
  This Sun BluePrints article provides detailed instructions on how to perform BIOS and Service Processor updates on Sun x64 servers running the Solaris OS or Linux environments. It is intended for organizations running Sun Fire V20z or Sun Fire V40z servers and Microsoft Windows 2000, Microsoft Windows Server 2003, or Microsoft Windows XP operating environments. It provides step-by-step instructions for updating the BIOS and Service Processor from a system running any of these Microsoft operating environments. In particular, it describes how to share the NSV files with the appropriate permissions, mount the Server Message Block (SMB) share from the Service Processor (SP) on the Sun Fire V20z or Sun Fire V40z server, and perform the update.
  
  
• Sun's Pattern-based Design Framework: The Service Delivery Network
  -by Jason Carolan and Mikael Lofstrand
  The Service Delivery Network (SDN) is the approach that Sun uses to design service optimized network architectures for customer and in-house implementations. This approach consists of basic network building blocks, common network design patterns, integrated network components, and industry best practices that together are carefully blended in response to a customer's business and technical goals. The SDN provides a set of network connectivity, routing, load balancing, and advanced security mechanisms that, when applied in combination, result in flexible network infrastructure designs that provide high performance, scalability, availability, security, flexibility, and manageability.
  
  The primary goal of the SDN is simple:
  
  Service delivery at any time, from anywhere, to any device.
  
  A service optimized network architecture focuses on the services provided over the network to the end user, rather than the enabling technologies or their related components. By virtualizing resources and understanding the core services offered directly to end users, as well as the other data center services that support these end user services, organizations can take advantage of a true service-driven architecture.
  
  

Back to Top

• Enforcing the Two-Person Rule Via Role-Based Access Control in the Solaris 10 Operating System
  -by Glenn Brunette
  Whether discussing physical or logical access controls, organizations have for years applied the practice of the two-person rule to help secure IT assets. Using the two-person rule is an optional approach for organizations wanting to protect access to key data sets, or to restrict who may perform sensitive or high impact operations on a system.In many circumstances, however, more traditional IT security controls are likely appropriate. Using the two-person rule is most often reserved for restricting the most sensitive IT security operations performed within an organization. Whether and where a given organization could apply the two-person rule depends on its policies, architecture, processes, and requirements.
  
  This Sun BluePrints cookbook describes how to use Solaris Role-Based Access Control (RBAC) in the Solaris 10 Operating System (Solaris OS) to enforce the two-person rule in IT security.
  
  
• Using Host Groups and Cluster Queues in the Sun N1 Grid Engine 6 System
  -by Charu Chaubal
  Grid engine technology is currently used to power thousands of grids, collections of network-connected servers, providing more efficient use of computing resources. The N1 Grid Engine 6 software, the newest version of Sun's resource management solution, includes the core services for establishing and managing a grid environment, and provides policy-based workload management and dynamic provisioning of application workloads for increased productivity. This article discusses abstracting collections of resources within the N1 Grid environment using cluster queues and host groups, and explains how these features can be used to simplify administration and implement scheduling policies.
  
  
• Auto Diagnosis and Recovery Enhancements for Sun Fire Midrange Servers Updated for Firmware Release 5.19.0
  -by Tricia Wittsack
  Beginning with firmware release 5.15.0 for the System Controller (SC), several enhancements were made to improve the availability serviceability, diagnosability, and repair characteristics of Sun Fire midrange servers. These enhancements provided in the system controller firmware, combined with enhancements to the Solaris Operating System (Solaris OS), implement auto diagnosis and recovery capabilities that can increase system uptime, decrease system outages, improve system resiliency when a hardware fault occurs and minimize service interruptions. These enhancements automate many processes and procedures which required human intervention prior to firmware version 5.15.0. Firmware version 5.19.0 and the appropriate Solaris OS with all relevant kernel updates and patches are required to fully benefit from these enhancements.
  
  This document is useful for support personnel and assumes a basic technical knowledge of the Sun Fire midrange servers.
  
  

Back to Top

• Automating Initial Setup and Management of Sun Fire V20z and V40z Servers
  -by Jacques Bessoudo
  Many compute- and network-centric applications can benefit from pools or grids of smaller, horizontally-scaled servers due to their lower initial cost, flexibility, scalability, and performance for certain tasks. However, installing and managing tens or hundreds of servers in a consistent manner can be time consuming and prone to errors that further increase the time required to manage large pools of servers. Fortunately, many administrative tasks can be easily automated using the integrated service processor in the Sun Fire V20z and V40z servers.
  
  There are three areas of setup and management of the Sun Fire V20z and V40z server's service processor that are usually performed manually--where automated scripts can save time and can eliminate errors:
  
  * Service processor setup
  * Service processor management
  * Server (BIOS) and service processor firmware updates
  
  This article describes a method for helping system administrators save time by automating these processes and running them on multiple systems simultaneously. It details the steps for creating scripts to automate these tasks and run them in parallel and includes examples of several of the more common tasks.
  
  
• Creating Self-Balancing Solutions with Solaris Containers
  -by David Collier-Brown
  Transactions of some kind are an integral part of every organization, and must be completed on time if the business is to operate effectively and efficiently. Chaos, and damage, can be caused if critical transactions are not handled correctly. Today, IT managers often try to break workloads into chunks and process them with separate program instances in the hope that they can distribute the workload across the instances and keep pace with demand. This technique has its drawbacks. What happens when one instance fails to finish in time? Worse, what if the business is growing, and every month the number of lagging instances increases? How are system administrators supposed to figure out which instance is going to be late the next time?
  
  System administrators need to find ways to balance workloads across computing resources. With Solaris 10, Solaris Containers were further enhanced to include a new facility, Solaris Zones, which can be used to create a virtual environment that enables the management of unbalanced load problems. This Sun BluePrints article presents several techniques for dealing with unexpected load changes, and provides best practices for employing Solaris Containers in this effort.
  
  
• Restricting Service Administration in the Solaris 10 Operating System
  -by Glenn Brunette
  This Sun BluePrints Cookbook describes how to use the Solaris 10 Service Management Facility (SMF) to require specific authorizations for certain types of operations. Using this capability, it is possible to delegate access to core service management functions based on the concept of least privilege--if a user or service does not strictly need to have some degree of privilege, then that privilege should not be granted. SMF allows organizations to have much finer grained access control policies than was possible before the Solaris 10 Operating System.
  
  

Back to Top

• Solaris Containers--What They Are and How to Use Them
  -by Menno Lageman
  Over the years businesses have been building large-scale information systems to solve business problems, with a focus on building scalable and highly available IT infrastructures that can adapt change. Providing sufficient availability and performance for business applications was the primary driver for these efforts. Today, the need to protect technology investments and provide the same service levels at a lower price point is shifting the focus to reducing IT infrastructure cost and improving end user service level management. To help this effort, the Solaris Operating System includes Solaris Containers, a mechanism that provides isolation to safely and securely share resources between software applications or services using flexible, software-defined boundaries.
  
  This Sun BluePrint article discusses the challenges organizations face in dealing with resource and workload management. Solaris Containers, and their constituent technologies (projects, resource pools, Zones) are introduced and explained. Practical examples that show these technologies solving resource and workload management problems are demonstrated.
  
  
• Limiting Service Privileges in the Solaris 10 Operating System
  -by Glenn Brunette
  This Sun BluePrints Cookbook describes how to use the Solaris 10 Service Management Facility (SMF) to start a service at boot time (or at any later time) with reduced privileges. This is accomplished by setting the user, group, and set of privileges used to start the service. This article describes how to accomplish this in a practical context using a real service as an example.
  
  
• Sun Fire Midrange Server Update Best Practices Update for Firmware 5.18.x
  -by Ken Kambic and James Hsieh
  This is an update to the several other versions of the same titled document. It will provide guidance for the reader on the implementation of the features added from 5.14.0 to 5.18.0. The document will also include the information presented in the earlier versions of the document.
  
  

Back to Top

• Using Computer Forensics When Investigating System Attacks
  -by Joel Weise and Brad Powell
  This Sun BluePrints Online article describes how to use computer forensics when investigating attacks on a computer system. Computer forensics is an approach that helps investigators identify the source of an attack on an organization's systems and helps with assessing and recovering from any damage resulting from such an attack.
  
  Computer forensic investigations must be conducted in such a way that the information collected could be introduced as evidence in a court of law during the criminal prosecution of the attacker. Failure to follow guidelines for handling evidence might preclude an organization from being able to successfully prosecute the attacker(s). Although not all computer-forensic investigations lead to prosecution, organizations should always collect evidence using a methodology that can stand up in a court of law.
  
  
• Predictive Fault Monitoring in Sun Fire Servers
  -by Dave Re and Kumar Loganathan
  This document describes several new Predictive Fault Monitoring features in Sun's enterprise class Sun Fire server platforms (V1280-E25K) and in Sun's Solaris operating system (Solaris OS), including discussion about how these features operate and what action should be taken based on their output. The intention of this Sun BluePrints document is to educate the reader on the functionality of these features so that the reader can use these new features to increase overall uptime in Sun's enterprise class systems.
  
  
• Integrating BART and the Solaris Fingerprint Database in the Solaris 10 Operating System
  -by Glenn Brunette
  This Sun BluePrints Cookbook describes how to quickly and easily authenticate BART, "the Solaris 10 Operating System Basic Audit and Reporting Tool", manifests using the Solaris Fingerprint Database (sfpDB). Using this process, you can determine whether there exist any files within the BART manifest that have been modified from the way in which they were shipped by Sun. This information is crucial when deciding how much trust can be placed in the validity of the files at the time the BART manifest was generated.
  
  

Back to Top

• Migrating From Tru64 UNIX to the Solaris Operating System
  -by Ken Pepple, Brian Down and David Levy
  Using a fictional case study, this Sun BluePrint article illustrates the methodology, tools, and best practices used to migrate a Tru64 environment to the Solaris environment. This study examines the migration of a simple, custom-written application that used a Sybase database to store information about a company's inventory as well as client-specific data. This application was converted to run under the Solaris Operating System (Solaris OS) and was integrated with directory services. Additionally, the database vendor was changed from Sybase to Oracle. This article provides an overview of the Tru64 Unix operating environment; discussions of 64-bit computing and clustering architectures; descriptions of justifying, architecting, and implementing the migration; and suggestions for managing the new Solaris environment.
  
  
• Migrating from HP/UX Platform to the Solaris Operating System
  -by Ken Pepple, Brian Down and David Levy
  Using a fictional case study that draws from several actual customer migration projects, this Sun BluePrint article illustrates the methodology, tools, and best practices used to migrate an HP/UX environment to the Solaris environment. The most significant of these projects, for a large health care insurance provider based in the United Kingdom, involved migrating a commercial-off-the-shelf (COTS) integrated-accounts solution to the Solaris Operating System (Solaris OS), and enhancing it to support their risk-underwriting and claims-processing business functions. This article provides an overview of the case study; descriptions of justifying, architecting, and implementing the migration; suggestions for managing the new Solaris environment; and a summary of the successful results of the migration.
  
  
• Automating Solaris 10 File Integrity Checks
  -by Glenn Brunette
  This Sun BluePrints Cookbook describes how to centralize and automate the collection of file integrity information using the following Solaris features:
  
  * Secure Shell
  * Role-based Access Control (RBAC)
  * Process Privileges
  * Basic Auditing and Reporting Tool (BART)
  
  Each of these features can be quickly and easily integrated to centralize and automate the process of collecting file fingerprints across a network of Solaris 10 systems.
  
  
• N1 Grid Architecture Realized: Measurable Requirements
  -by Jason Carolan, Scott Radeztsky, Paul Strong and Ed Turner
  This article discusses using the Sun architecture methodologies to translate customer business drivers and stated functional and operational requirements into a measurable Critical to Quality (CTQ) baseline for architectural analysis and solution testing. This article is the entire fifth chapter of the Sun BluePrints book N1 Grid Realized: Preparing, Architecting, and Implementing Service-Centric Data Centers.
  
  

Back to Top

• Operations Management Capabilities Model
  -by Edward Wustenhoff, Michael J. Moore, and Dale H. Avery
  Successful IT management cannot be purchased out-of-the-box. The implementation of a robust IT management infrastructure is as much an exercise in organizational change as it is a technology implementation. IT management must be enhanced in an evolutionary manner, over time, through the application of a continuous improvement methodology that addresses the combination of people, process, and tools components.
  
  The Sun Microsystem's Operations Management Capabilities Model (OMCM) is a comprehensive, continuous improvement methodology for IT management that provides a practical framework and measurable roadmap for enhancing IT management. The OMCM helps organizations define, measure, and thoroughly assess their current and desired IT capability.
  
  The OMCM is based on the Sun IT Management Framework (Sun ITMF), which defines the three core different aspects--people, processes, and tools--of an organization's IT management infrastructure. The OMCM encompasses IT management best practices at all levels of the IT environment, mapping IT management disciplines to the architecture used to implement them. The OMCM provides the basis of assessment for the purpose of determining where best to invest in IT resources in support of key business needs.
  
  
• Configuring JumpStart Servers to Provision Sun x86-64 Systems
  -by Pierre Reynes
  Organizations are constantly challenged to deploy systems throughout the enterprise with consistent and reliable configurations. Solaris JumpStart technology provides a mechanism for fully automating the Solaris Operating System (Solaris OS) installation process. With the ability to locate installation information over the network or from a local CD-ROM drive, and use customized profiles, JumpStart facilitates the rapid and consistent deployment of Solaris OS-based systems.
  
  Many organizations have relied on UltraSPARC/Solaris platforms for years, and use JumpStart technology for operating system deployment. With the introduction of Sun x86-64 based systems, organizations are now seeking ways to use existing JumpStart servers to deploy the Solaris OS and Linux operating environment on Sun x86-64 based systems. This article describes how to modify existing JumpStart servers to support the deployment of the Solaris OS and Linux operating environment on Sun x86-64 based systems, as well as how to use standard Linux installation tools for configuring Sun x86-64 based systems.
  
  

Back to Top

• Understanding the Benefits of Implementing Oracle RAC on Sun Cluster Software
  -by Kristien Hens and Michael Loebmann
  In solutions that implement Oracle RAC and Sun Cluster software, the flexibility and power of Sun's cluster solution can add structure and maintainability to various underlying hardware components. This article describes the benefits of an Oracle RAC and Sun Cluster solution.
  
  This article is the complete second chapter of the Sun BluePrints book, "Creating Highly Available Database Solutions: Oracle Real Application Clusters (RAC) and Sun Cluster 3.x Software," by Kristien Hens and Michael Loebmann, is now available at our Sun BluePrints publication page, amazon.com, and Barnes & Noble bookstores. This article targets an intermediate audience.
  
  

Back to Top

• Service Provisioning with Resource Management
  -by Sam Antwi
  The Solaris 9 Resource Management (Solaris 9 RM) offers a more granular, elegant, and flexible solution to Solaris Operating System (Solaris OS) platform resource sharing and control. It provides support for a predictable approach to guaranteed service level commitment, even in environments where resources are contested by multiple stacked application service workloads or where maximizing system resource utilization is paramount. This Sun BluePrint shows how to apply Solaris 9 RM for service provisioning, with a particular focus on three application service workloads: Sun ONE Web Server, BEA WebLogic, and Oracle9i.
  
  

Back to Top

• Ethernet Autonegotiation Best Practices
  -by Steve Hodnett and Jim Eggers
  Issues related to network performance, delays, jumpstart problems and link failures due to incorrect ethernet link speed and duplex settings are becoming more common due to outdated Ethernet link policies adopted by many administrators. This is largely due to misunderstanding of Ethernet autonegotation standards and experiences with older ethernet drivers and switches.
  
  This article details Sun's recommendation to leave Ethernet autonegotiation enabled (default) when connecting Solaris Operating System 100Mb and 1000Mb Ethernet NICs to switches and hubs that are IEEE 802.3 compliant. Customers are unnecessarily setting 100Mb and 1000Mb ethernet interfaces parameters in /etc/system and driver.conf, or using ndd, without fully understanding the possible ramifications and negative results.
  
  
• Increasing Storage Area Network Productivity
  -by Scott Tracy and Ken Gibson
  This article describes the Sun StorEdge SAN Foundation software (SFS) features that allow dynamic and persistent recognition of storage and configuration changes without rebooting servers running the Solaris Operating System.
  
  
• Data Center Availability Features for High-End Servers
  -by Vasant Butala
  This article describes the System Management Services (SMS) 1.4.1 software features that enhance the availability of Sun's high-end servers, the Sun Fire E20K/E25K and Sun Fire 15K/12K servers. This paper is useful for support personnel who have a basic knowledge of high-end server systems.
  
  

Back to Top

• Using pGINA to Authenticate Users in Microsoft Windows Environments
  -by Dave Pickens and Kent Price
  This article addresses a common challenge -- how to authenticate users in a mixed environment running the Solaris and Microsoft Windows operating systems. This article describes how you can use pGINA software with a variety of authentication plug-ins to authenticate users to a unified authentication scheme. The pGINA software also provides a way to avoid deployment of Microsoft Active Directory. The article is intended for technical people who are interested in directory services and the integration of Microsoft Windows into a heterogeneous environment. This article is valuable to technical readers of any level.
  
  
• Using Solaris Resource Manager With Sun Ray
  -by Marcel Guerin
  This article describes best practices for managing system resources for Sun Ray users. Based on an actual customer scenario, this article provides recommendations for integrating and using the Solaris Resource Manager software to fairly distribute system resources when users insert and remove their smart cards from Sun Ray desktop units. Sample scripts associated with this article are available from the Sun BluePrints Scripts & Tools web site via the SDLC download service. This article and the scripts are intended for an audience with intermediate to advanced knowledge on this topic.
  
  
• Best Practices for Deploying the Sun StorADE Utility
  -by Michael Monahan
  "Best Practices for Deploying the Sun StorADE Utility", the Sun BluePrints OnLine article for January 2004 has been updated for the newest version of the Sun Storage Automated Diagnostic Environment utility (StorADE 2.3). StorADE enables centralized monitoring of most Sun storage products. This article covers StorADE features, how it works, and provides best practice recommendations for its deployment. This article is intended for anyone involved in managing Sun storage devices, from an architectural, deployment, or administration perspective. This article is ideal for a reader seeking introductory technical information on StorADE software.
  
  
• IPsec--A Secure Deployment Option
  -by Regunathan Rajaiah
  This article addresses the problem of protecting data traffic between systems. The document uses working examples to explain how to configure IPsec to protect data, to create keys, and to troubleshoot implementations. The article targets an intermediate reader and also addresses the trade-offs in implementing IPsec.
  
  

Back to Top

• Global Grid Connectivity Using Globus Toolkit With Solaris Operating System
  -by Chong-Wee Simon See and Gabriel Ghinita
  This article describes how to integrate grid computing with Globus Toolkit software for a site using Sun N1 Grid Engine software (formerly Sun Grid Engine) as a local resource manager. This article provides background information and step-by-step instructions for installing, configuring, integrating, and testing Globus Toolkit software with Sun N1 Grid Engine software on x86 architecture using the Solaris 9 Operating System.
  
  
• N1 Grid Architecture Realized: Strategic Flexibility
  -by Ed Turner, Paul Strong, Jason Carolan and Scott Radeztsky
  Any architectural solution must first solve the basic IT problems of cost and complexity. Then, it must strive to develop the business and IT linkage to its fullest extent. That is the central theme of the Sun N1 Grid architectural solution, and it is articulated in the concept of strategic flexibility.
  
  
• Solaris Operating System Availability Features
  -by Tom Chalfant
  Processor off-lining is a feature whereby a processor is removed from use by Solaris in response to one or more L2 cache errors. Page retirement is a feature whereby a page of memory is removed from use by Solaris in response to repeated ECC errors within a memory page on a DIMM. This paper provides detailed discussion regarding the algorithm, implementation, kernel tunables, and the messages you are likely to see on a system running the appropriate kernel updates.
  
  
• Performing Network Installations Without a Local Boot Server
  -by John S. Howard
  In some instances, it might be necessary or advantageous to boot an installation client from local boot media, such as a CD or DVD, but have the Solaris product installed from a JumpStart (or installation) server. This article describes the system startup and installation processes for the Solaris Operating System and explains how to modify them to change the location from which the Solaris product is installed.
  
  

Back to Top

• Building OpenSSH--Tools and Tradeoffs, Updated for OpenSSH 3.7.1p2
  -by Jason Reid
  This article updates the information in the January 2003 Sun BluePrints OnLine article, "Building OpenSSH--Tools and Tradeoffs". This article contains information about gathering the needed components, deciding the compile-time configuration decisions, building the components, and finally assembling OpenSSH. The script file, "Building OpenSSH Tools TAR", provides tools that simplify the packaging and deployment of the OpenSSH tool on the Solaris Operating Environment. This article targets an advanced audience.
  
  
• Sun Fire Midrange Server Auto Diagnosis and Recovery Features
  -by Tricia Wittsack and Peter Gonscherowski
  This document describes the availability enhancements on Sun Fire midrange systems with the new firmware releases. The Auto Diagnose Engine (ADE), the "Domain Hang Recovery" and the "panic-reboot loop" prevention additions are explained. System Administrators who want to familiarize themselves with the new features or want to get a better understanding of the changes will benefit from reading this document. This article targets an advanced audience and requires knowledge of Sun Fire midrange systems.
  
  
• Maximizing the Performance a Gigabit Ethernet NIC Interface
  -by Francesco DiMambro
  This article describes how to get the greatest benefits from your Ethernet NIC interface. It includes information on the tools that can help you achieve the best results from that interface, as well as a section on troubleshooting. This article targets an advanced reader.
  
  
• Building a Bootable DVD to Deploy a Solaris Flash Archive
  -by John S. Howard
  This article provides techniques to augment a DVD-ROM-based installation with the services and behaviors typically provided by a JumpStart server. The techniques presented in this article can be used when you need to perform an automated installation of a Solaris Flash archive, but are unable to use a JumpStart server. This article describes a procedure to create a bootable installation DVD-ROM with a complete software stack on a DVD that you can use to perform a standardized and fully automated installation of the software stack from the DVD.
  
  This article also examines the structure of a bootable Solaris OS DVD and provides information about modifying installation behaviors to perform an automated install of a Solaris Flash archive from a DVD.
  
  

Back to Top

• Data Center Best Practices for High-End Servers (March 2004) (This article is temporarily unavailable, please check back - 06/05)
  -by Vasant Butala
  This article provides best practices for installing, configuring, securing, and maintaining availability and performance for the Sun Fire 15K server. Although the Sun Fire 12K server, Sun Enterprise 20000 server, and Sun Enterprise 25000 server are not addressed separately, the best practices here apply as well to these servers. Additionally, reference materials for topics not covered in this article such as environment and domain configuration are provided. Throughout this article, best practices are described fully, then summarized in Tips for quick reference. This article requires an intermediate reader level.
  
  
• Understanding Tuning TCP
  -by Deepak Kakadia
  This article describes some of key Transport Control Protocol (TCP) tunable parameters related to performance tuning. More importantly, it describes how these tunables work, how they interact with each other, and how they impact network traffic when they are modified. This article requires an advanced level reader.
  
  
• Supporting Multiple Page Sizes in the Solaris Operating System
  -by Richard McDougall
  The Solaris 9 Operating System contains a feature to enable the use of larger memory page sizes for the heap and stack segments of a program. The use of larger page sizes is often able to deliver significant performance gain for a large range of applications. This article explains how to engage the MPSS feature and how to analyze the performance effect. This article requires an intermediate to advanced level reader.
  
  
• APPENDICES - Supporting Multiple Page Sizes in the Solaris Operating System Appendix
  -by Richard McDougall
  This appendix supports the article "Supporting Multiple Page Sizes in the Solaris Operating System"
  
  
• Dynamic Reconfiguration for High-End Servers: Part 1--Planning Phase
  -by Holger Leister and Daniel Ellison
  This article is part one of a two-part series about planning and implementing Sun Fire 15K/12K server Dynamic Reconfiguration (DR). Part one provides an introduction to Sun Fire 15K/12K server DR and details the planning phase. This article is a primer for the second article titled "Dynamic Reconfiguration for High-End Servers: Part 2--Implementation Phase." This article requires an intermediate to advanced level reader.
  
  
• Dynamic Reconfiguration for High-End Servers: Part 2--Implementation Phase
  -by Holger Leister and Daniel Ellison
  This article is part two of a two-part series about planning and implementing Sun Fire 15K/12K server Dynamic Reconfiguration (DR). Part 2 describes the implementation of DR operations and presents best practices for successfully deploying DR operations. This article is a follow-up to the first article title "Dynamic Reconfiguration for High-End Servers: Part 1--Planning Phase." This article requires an intermediate to advanced level reader.
  
  

Back to Top

• Taming Your Emu to Improve Application Performance
  -by Richard McDougall
  The Solaris 9 Operating System contains a feature to enable the use of larger memory page sizes for the heap and stack segments of a program. This article explains how to use this feature to deliver significant performance gain for a large range of applications. This article addresses a reader with an intermediate to advanced knowledge level.
  
  Sun BluePrints OnLine March and April editions will feature additional, very comprehensive articles on this subject.
  
  
• Sun Ray Deployment On Shared Networks
  -by Mike Oliver, Raja Doraisamy, Bob Doolittle, Kent Peacock, Gerard Wall, and Gary Sloane
  With the growing popularity of the Sun Ray thin client computing model and its increasing acceptance in business and research settings, there has been considerable demand for a more detailed description of best practices for deployment on varied existing network topologies. This article describes several common topologies and provides deployment hints and instructions not yet covered in the product documentation. This article is ideal for advanced network administrators.
  
  
• Sun Fire 15K/12K Auto Diagnosis and Recovery
  -by Vasant Butala
  This article describes the new System Management Services (SMS) 1.4 software features that enhance Sun Fire 15K/12K system availability. This document is useful for support personnel who have a basic knowledge of the Sun Fire 15K/12K systems. This article requires a reader with an intermediate to advanced knowledge level.
  
  
• LDAP Triggers: A Framework for Sun Java System Directory Server
  -by Nicola Venditti
  This article describes how to implement SQL-like triggers in a Sun Java System Directory Server. The example scenario shows how to extend the server using the Plug-in API. This article is primarily directed at expert developers and architects who want to understand issues related to developing and deploying the Sun Java System Directory Server extension, implemented with plug-ins and extended operations.
  
  

Back to Top

• Best Practices for Deploying the Sun StorADE Utility
  -by Christian Cadieux and Mike Monahan
  This article discusses the Sun Automated Diagnostic Environment (StorADE) utility. The StorADE utility provides centralized monitoring and diagnostics for most Sun storage product offerings. The first part of this article provides an overview and describes how to plan a StorADE deployment. The second part provides step-by-step installation information with best practice recommendations for StorADE configuration; whether the environment contains complex storage area networks (SANs), or straightforward direct-connect devices. This article is intended for IT architects, administrators, and anyone looking for an introductory article on a storage monitoring utility.
  
  
• Solaris Operating System Availability Features
  -by Thomas M. Chalfant
  The processor offlining feature enables a processor to be removed from use by Solaris in response to one or more L2 cache errors. The page retirement feature enables a page of memory to be removed from use by Solaris in response to repeated ECC errors within a memory page on a DIMM. This paper provides detailed discussion regarding the algorithm, implementation, kernel tunables, and messages you are likely to see on a system running the appropriate kernel updates. This article is ideal for an intermediate to advanced reader.
  
  
• Dynamic Reconfiguration and Oracle 9i Dynamically Resizeable SGA
  -by Erik Vanden Meersch and Kristien Hens
  This article explains how Oracle 9i can operate in combination with Sun's dynamic reconfiguration (DR). It provides a brief overview of DR, intimate shared memory (ISM), dynamic intimate shared memory (DISM), and dynamically resizable system global area (SGA), and explains how these technologies fit together. In addition, this article provides step-by-step details for configuring Oracle relational databases on Sun Fire servers so that the DR capabilities of the Sun platform can be maximized. This article requires an intermediate reader. The features described in this article should be used with the Solaris 9 OS Update 2 and newer.
  
  
• Design, Features, and Applicability of Solaris File Systems
  -by Brian Wong
  The Solaris Operating System includes many file systems, and more are available as add-ons. Deciding which file system to apply to a particular application can be puzzling without insight into the design criteria and engineering tradeoffs that go into each product. This article offers a taxonomy of file systems, describes some of the strengths and weaknesses of the different file systems, and provides insight into the issues you should consider when deciding how to apply the set of file systems that are available for specific applications. This article requires an intermediate reader.
  
  
• Securing the Sun Fire 12K/15K System Controller
  -by Alex Noordergraaf, Steven Spadaccini and Dina Nimeh
  This article provides recommendations on how to securely deploy the Sun Fire 12K and 15K system controllers (SC). These recommendations apply to environments where security is a concern, particularly environments where the uptime requirements of the SC and/or the information on the Sun Fire server is critical to the organization. This article is one in a series that provides recommendations for enhancing security of a Sun Fire system. After securing the SC, we recommend that you use the "Securing the Sun Fire 12K and 15K Domains" article to secure the SC domains. This article includes updates related to System Management Services (SMS) version 1.4.
  
  
• Securing the Sun Fire 12K/15K Domains
  -by Alex Noordergraaf, Steven Spadaccini and Dina Nimeh
  This article documents security modifications that you can implement on Sun Fire 12K and 15K domains without adversely affecting their behavior. The configuration changes in this article enable Solaris Operating Environment (OE) security features and disable potentially insecure services and daemons. This article is one in a series that provides recommendations for enhancing security of a Sun Fire system. Before securing the domains, we recommend that you use the "Securing the Sun Fire 12K and 15K System Controllers" article to secure the system controllers. This article includes updates related to System Management Services (SMS) version 1.4.
  
  

Back to Top

• Performance Forensics
  -by Bob Sneed
  The health care industry has well-established protocols for the triage, diagnosis, and treatment of patient complaints, while the resolution of system-performance complaints often seems to take a path that lacks any recognizable process or discipline. This article draws from lessons and concepts of health care delivery to provide ideas for addressing system-performance complaints with predictable and accurate results. Specific tools from the Solaris Operating System are discussed. This article is applicable to all audience levels.
  
  
• Enterprise Network Design Patterns: High Availability
  -by Deepak Kakadia, Sam Halabi, and Bill Cormier
  This article describes how to create highly available network designs, using Sun technologies and network switching/routers. Its content is geared for an advanced reader.
  
  

Back to Top

• Migrating to the Solaris Operating System: Migrating From Tru64 UNIX
  -by Ken Pepple, Brian Down, and David Levy
  This article presents a fictional case study that illustrates the methodology, tools, and best practices used to migrate a Tru64 environment to a Solaris environment.
  BR> This article is the complete tenth chapter of the Sun BluePrints book, "Migrating to the Solaris Operating System", by Ken Pepple, Brian Down, and David Levy, which is available at our Sun BluePrints publication page, amazon.com, and Barnes & Noble bookstores. This article targets an intermediate audience.
  
  
• Hardware Replication Challenges
  -by Selim Daoud
  This article describes the challenges of keeping valuable hardware-replicated data safe. Being able to access and manipulate the cloned data is crucial and often neglected. This article describes the different types of data replication and the procedure to access a hardware-replicated set of data. This article targets an intermediate audience.
  
  
• Solaris Volume Manager Performance Best Practices
  -by Glenn Fawcett
  Compelling new features such as soft partitioning and automatic device relocation make the Solaris Volume Manager software a viable candidate for storage management needs. Solaris Volume Manager software features enhance storage management capabilities beyond what is handled by intelligent storage arrays with hardware RAID. Now Solaris Volume Manager software is integrated with the Solaris Operating Environment (Solaris OE) and does not require additional license fees. This article provides specific Solaris Volume Manager tips for system, storage, and database administrators who want get the most of Solaris Volume Manager software in their data centers. This article targets an intermediate audience.
  
  
• Tuning ORACLE to Minimize Recovery Time: For Solaris Operating System on SPARC
  -by James Mauro
  This article provides recommendations for tuning ORACLE on SPARC processor-based systems running the Solaris Operating System (Solaris OS) to minimize recovery in the event of a system or database failure. This article is relevant for any audience level.
  
  
• Securing Web Applications through a Secure Reverse Proxy
  -by Anh-Duy Nguyen
  This article describes recommended practices for setting up the Sun ONE Proxy Server software to represent a secure content server to outside clients, preventing direct, unmonitored access to your server's data from outside your company. This article uses recommended practices to secure your web applications behind a firewall and leverage access and authentication using the Sun ONE platform products.
  
  This article assumes an intermediate reader who is familiar with installing and configuring the Sun ONE Proxy Server. It also assumes that the reader can configure the firewall router to allow a specific server on a specific port access through the firewall without allowing any other machines in or out.
  
  
• Securing Linux Systems With Host-Based Firewalls: Implemented With Linux iptables
  -by Ge' Weijers
  This article provides information and recommendations for securing Linux operating systems with host-based firewalls. This article aims to provide readers with a template for constructing a host-based firewall that provides a useful layer of protection against the risks of exposing a system to internal and/or external users. Additionally, readers can gain an understanding of construction methods for host-based firewalls in general and Linux-based firewalls in particular. This article targets an intermediate audience.
  
  

Back to Top

• Solaris Operating System and ORACLE Relational Database Management System Performance Tuning
  -by Ramesh Radhakrishna
  This article focuses on the performance problems at the Resource Tier (database server). The assumption is that the database server is a Sun server running an ORACLE Relational Management System (RDBMS). The article requires a general knowledge of Solaris Operating System (Solaris OS) and Oracle RDBMS system administration. It is written for beginner- and intermediate-level system administrators responsible for Sun systems, and for Sun's customer engineers, and database administrators responsible for tuning Oracle databases.
  
  
• Sun ONE Portal Server 6 Best Practices
  -by Christian Candia
  This article presents the best practices for high availability, security, and scalability that commonly have significant success on a Sun ONE Portal Server software solution. In addition, the article includes guidelines for creating a Sun ONE Portal Server software solution that can be easily supported. This article is ideal for the advanced reader.
  
  
• Network Design Patterns: N-Tier Data Centers
  -by Deepak Kakadia and Richard Croucher
  This article describes design concepts and principles that can be extremely valuable in the construction of optimal Sun ONE N-Tier Data Center architectures. When trying to deliver complete and optimal solutions, there is a void on how to assemble the various Sun ONE components to craft a complete working system. This paper describes in detail how to assemble the various building blocks of an N-Tier system.
  
  
• Sun Fire 6800/4810/4800/3800 Systems Auto Diagnosis and Recovery Enhancements
  -by Peter Gonscherowski and Tricia Wittsack
  This article describes the Sun Fire 6800/4810/4800/3800 systems availability enhancements provided in the system controller (SC) firmware versions 5.15.0 and 5.15.3 releases and the Solaris OE kernel updates. This document is useful for support personnel, who have a basic technical knowledge of the Sun Fire 6800/4810/4800/3800 systems.
  
  Enhancements have been added to both the Solaris Operating Environment (Solaris OE) and the Sun Fire firmware release 5.15.3. Improved auto diagnosis of hardware failures and system recovery are now available. These enhancements achieve increased availability and better serviceability of the Sun Fire 6800/4810/4800/3800 systems. Both firmware version 5.15.3 and either the Solaris 8 OE kernel update 24 or Solaris 9 OE kernel update 5 are required to benefit from these enhancements.
  
  
• Desktop Architecture Selection Guide
  -by Howard Carlton
  This article examines some of the main business drivers behind the current trend towards adoption of thin client desktop solutions. The article provides useful insights on the benefits and drawbacks of the various candidate components for an alternative desktop environment. It also provides guidelines on non-functional requirements and project life-cycle approaches. This article is targeted to an introductory reader.
  
  
• Responding to a Customer's Security Incidents--Part 4: Processing Incident Data
  -by Vijay Masurkar
  This fourth article focuses on authenticating, preserving, and processing the incident data. Only the salient points for best practices that should be executed in processing the incident data are discussed here. These practices are typically preceded by a recovery phase and are only starting points for a more detailed analysis for building a policy with the associated processes and procedures. This article is targeted to an advanced reader.
  
  

Back to Top

• Migrating to the Solaris Operating System: Migration Strategies
  -by Ken Pepple, Brian Down, and David Levy
  This article defines the most important terms in migration, and differentiates between these terms. In addition, it presents migration strategies, the benefits and risks of each strategy, and the appropriateness of each strategy for various situations. This article is ideal for a beginning to intermediate audience.
  
  This article is the complete third chapter of the Sun BluePrints book, "Migrating to the Solaris Operating System", which will be available at the Sun BluePrints Publication page, the amazon.com website, and Borders and Barnes & Noble bookstores at the end of October, 2003.
  
  
• Responding to Customer's Security Incidents--Part 3: Following Up After an Incident
  -by Vijay Masurkar
  The third in a five-part series, this article focuses on following up after an incident and presents the best practices that should be executed in the follow-up phase. These topics include acquiring incident data, resorting to legal actions when deemed necessary, and conducting post-incident activities such as taking inventory of the affected assets, assessing the damage, and capturing the lessons learned. This article is intended for advanced readers such as computer security managers, security policy developers, system administrators, and other related staff, who are responsible for the creation or operation of a computer security incident response policy and service.
  
  
• Deploying the Solaris Operating Environment Using a Solaris Security Toolkit CD
  -by Steven Spadaccini
  The Solaris Security Toolkit is a collection of shell scripts combined to form a flexible and extensible framework for rapidly deploying hardened platforms running the Solaris Operating Environment. The Toolkit is, however, quite versatile and can be used for much more than just hardening a system. This article discusses how the Toolkit can be used to construct a bootable CD, based on Sun's JumpStart framework, for building and configuring new systems. This article is authored for intermediate and advanced system administrators.
  
  
• Part I: Minimizing Domains for Sun Fire V1280, 6800, 12K, and 15K Systems
  -by Nicholas O'Donnell and Alex Noordergraaf
  This article is the first part of a two-part series that provides information and recommendations for minimizing domains for Sun Fire V1280, Midframe, 12K, and 15K systems. This part provides background information, describes the concept of qualifying a minimized Solaris configuration for an application, covers how to automate installations using JumpStart technology, and details a recommended methodology for minimizing a system. This article is targeted toward an advanced audience.
  
  
• Part II: Minimizing Domains for Sun Fire V1280, 6800, 12K, and 15K Systems
  -by Nicholas O'Donnell and Alex Noordergraaf
  This article is the second part of a two-part series and provides information and recommendations for minimizing domains for the Sun Fire V1280, Midframe, 12K and 15K systems. This part describes the package configurations needed for the various applications, describes the profiles produced for performing JumpStart installations of domains, and provides a case study as an example of applying the minimization methodology to an application. This article is targeted toward an advanced audience.
  
  
• Using the LDAP to NIS+ Gateway
  -by Tom Bialaski and Michael Haines
  There are two approaches that you can take when transitioning from NIS+ to LDAP-based services. One approach is to replace your naming service clients with the Secured LDAP Client. The second approach is to keep your current NIS+ clients, and deploy a transition tool to gain access to LDAP naming service data. The first approach is covered in chapter four of the just released Sun BluePrints book, "LDAP in the Solaris Operating Environment -- Deploying Secure Directory Services", by Michael Haines and Tom Bialaski. The second approach, using the NIS+ to LDAP Gateway, is discussed in this article. This article is intended for IT architects and administrators who have deployed an earlier version of the directory server software, and who are interested in upgrading to the Sun ONE Directory Server 5.2 software version.
  
  This Sun BluePrints book is scheduled for publication in the Fall of 2003 and will be available at the Sun BluePrints Publication page, the amazon.com website, and Borders and Barnes & Noble bookstores.
  
  
• Sun ONE Messaging Server Practices and Techniques for Enterprise Customers
  -by Dave Pickens
  Often times a messaging server implementation isn't properly monitored for "soft" faults or warnings until it's too late. This article, a chapter from the new Sun BluePrints book, "Sun ONE Messaging Server, Practices and Techniques for Enterprise Customers", provides insight and guidance into methods for monitoring the Sun ONE Messaging Server. This article is ideal for a beginning to intermediate audience.
  
  This new book will be available at Sun BluePrints Publication page, the amazon.com website, and Borders and Barnes & Noble bookstores in September 2003.
  
  

Back to Top

• Building Secure Sun Fire Link Interconnect Networks Using Sun Fire 15K and Sun Fire 12K Servers
  -by Joe Higgins and Steven Spadaccini
  Deploying a secure distributed computer system can be difficult. This article describes how to install and deploy the Sun Fire Link product so that it can be securely managed and operated. The article documents the software architecture and steps needed to secure the Sun Fire Link interconnect. The commands used in configuration steps are either Fire Link Manager (FM) or Solaris Operating Environment (Solaris OE) tools. The article also includes a section on how to create, configure, and secure a Sun Fire Link fabric. This article requires a general knowledge of Solaris OE system administration and is written for advanced system administrators.
  
  
• Linux Overview for Solaris Users
  -by John Cecere
  This article provides a technical overview of the Linux operating environment and compares and contrasts it with the Solaris Operating Environment (Solaris OE). The purpose of this article is to quickly familiarize advanced system administrators with the Linux OE and to provide a reference for Solaris to Linux usage. This article is for intermediate and advanced readers who are experienced with the Solaris OE and are tasked with deploying, servicing,maintaining, and using Linux-based systems.
  
  
• The IT Utility Model--Part II
  -by Emlyn Pagden
  This article is the second part of a two-part series and provides solutions for implementing and maintaining a utility model within a service provider or data center environment. This article also discusses the required financial management systems, and describes the application software and hardware required to support each of the solution areas of a utility model. This article is targeted to an advanced audience.
  
  
• Sun Fire V1280/Netra 1280 Server Considerations for Improving RAS
  -by Kumar Loganathan
  This article provides recommendations and highlights important aspects in the configuration, administration, and servicing of the Sun Fire V1280 and Netra 1280 servers. This article is ideal for an advanced system administrator looking to address RAS issues.
  
  
• Sun ONE Portal Server and Lotus iNotes Integration Recipe
  -by Rob Baker
  This article describes a best-practices approach to integrating the latest version of Lotus iNotes with the Sun ONE Portal Server 6.0 software. This article covers Lotus iNotes configuration, advanced portal configuration, and how to coordinate both products so that they complement each other in a successful, secure-portal deployment. This article is intended for integrators, administrators, and Sun Professional Services personnel. You should have familiarity with portal administration before performing the procedure in this article.
  
  
• Transition Guide--Upgrading From the iPlanet Directory Server 5.1 Software to the Sun ONE Directory Server 5.2 Software
  -by Tom Bialaski and Michael Haines
  The information in this article is derived from an upcoming Sun BluePrints book, "LDAP in the Solaris Operating Environment -- Deploying Secure Directory Services," by Michael Haines and Tom Bialaski. This book is scheduled for publication in the Fall of 2003.

  That book and this article cover the recently released Sun ONE Directory Server 5.2 software, which introduces several significant features, including support for the Secured LDAP Client. This article discusses important differences in the packaging, installation, and configuration of the Sun ONE Directory Server 5.2 software as compared with the previous version. This article also discusses how to configure the software to support Secured LDAP Clients. This article is intended for IT architects and administrators who have deployed an earlier version of the directory server software, and who are interested in upgrading to the Sun ONE Directory Server 5.2 software version.
  
  

Back to Top

• Securing Sun Linux Systems: Part I, Local Access and File Systems
  -by Glenn Brunette, Michael Hullhorst, and Ge Weijers
  This article is the first part of a two-part series that provides recommendations for securing the Sun Linux 5.0 operating system. This part provides recommendations for securing local access and file systems. The information in this article applies only to the Sun Linux 5.0 distribution, although some of the techniques or recommendations might apply to other Linux distributions. This article is ideal for a reader with a beginner to Intermediate level of expertise.
  
  
• Securing Sun Linux Systems: Part II, Network Security
  -Glenn Brunette, Michael Hullhorst, and Ge Weijers
  The second in a two-part series, this article provides recommendations for securing the Sun Linux 5.0 operating system. This part provides specific recommendations for network security. The information in this article applies only to the Sun Linux 5.0 distribution, although some techniques or recommendations may apply to other Linux distributions. This article is ideal for a reader with a beginner to Intermediate level of expertise.
  
  
• Using filesync for Disaster Recovery, Business Continuance, and Mobility
  -by John Rosander
  The Solaris Operating Environment filesync(1) command can be used for disaster recovery, business continuance, and mobility. This article details how to use the filesync(1) command to synchronize directories between Sun servers, and between Sun servers and Linux laptops. This article is ideal for a reader with an intermediate level of expertise.
  
  
• Sun Grid Engine, Enterprise Edition-Configuration Use Cases and Guidelines
  -by Charu Chaubal
  This article describes a set of use cases for configuration of Sun Grid Engine, Enterprise Edition 5.3 (Sun ONE GEEE) software. It is meant to be a starting point from which intermediate to advanced Sun One GEEE software administrators can create a customized configuration for their particular environment. It is important to realize that each environment has unique requirements, and that the greatest benefits of the Sun ONE GEEE software policy module are obtained by fine-tuning a configuration once the results of the initial configuration have been assessed. Moreover, as the environment evolves and the needs of the enterprise change, additional tuning on an ongoing basis will probably be appropriate. This article assumes the reader has some familiarity with the features and parameters of Sun ONE GEEE.
  
  
• The IT Utility Model--Part I
  -by Emlyn Pagden
  This article is part one of a two-part series that describes the current business requirements for a utility model, and discusses the current commercial and political issues faced when implementing one. Both financial and technical aspects are covered, from detailing what a utility model is and why it is needed, to describing the mechanism required for capturing compute resource consumption to accurately bill customers. The intended audience for this article is IT Architects, Finance staff, and Executive officers. This article is targeted for an advanced level of expertise.
  
  
• Sun Fire 15K/12K Server Preferred Practices
  -by Lee Lustig
  Many documents about configuring Sun Fire servers have been written at Sun Microsystems. This article consolidates the information in those documents to derive a set of preferred practices you can quickly reference while planning an implementation. This article addresses preferred practices at a high level, referencing supporting documentation when a more in-depth technical discussion is warranted. This article is targeted for an introductory level of expertise.
  
  
• Capacity Planning as a Performance Tuning Tool--Case Study for a Very Large Database Environment
  -by Gamini Bullumille and Marcos Bordin
  This article discusses the performance and scaleability impact due to severe CPU and I/O bottlenecks in a very large database (over 20 terabytes). It describes the methodologies used to collect performance data in a production environment, and explains how to evaluate and analyze the memory, CPU, network, I/O, and Oracle database in a production server by using the following tools:

   - Solaris Operating Environment (Solaris OE) Standard UNIX tools
   - Oracle STATSPACK performance evaluation software from ORACLE Corporation
   - Trace Normal Form (TNF)
   - TeamQuest Model software from Team Quest Corporation
   - VERITAS Tool VxBench from VERITAS Corporation
  

  The article is intended for use by intermediate to advanced performance tuning experts, database administrators, and TeamQuest specialists. It assumes that the reader has a basic understanding of performance analysis tools and capacity planning. The expertise level of this article is intermediate to advanced.
  
  

Back to Top

• Using the Sun ONE Application Server 7 to Enable Collaborative B2B Transactions
  -by Michael Wheaton
  This Sun BluePrints OnLine article describes a design for a comprehensive Web services application architecture that enables businesses to publish, find, and execute collaborative B2B workflows with trading partners. It describes how businesses should capture their offerings in a declarative Web services format and decouple them from the tightly bound code that exists in point-to-point solutions.
  
  This article is written for system architects and professional service engineers who have a solid understanding of Web services technologies, including WS-I Basic Profile and electronic business eXtended Markup Language (ebXML) specifications. This article is targeted to the introductory level of expertise.
  
  
• Role Based Access Control and Secure Shell--A Closer Look At Two Solaris Operating Environment Security Features
  -by Thomas M. Chalfant
  To aid the customer in adopting better security practices, this article introduces and explains two security features in the Solaris operating environment. The first is Role Based Access Control and the second is Secure Shell. The goal is to provide you with enough information to make an effective decision to use or not use these features at your site as well as to address configuration and implementation topics. This article is targeted to the intermediate level of expertise.
  
  
• Solaris Operating Environment Network Settings for Security: Updated for Solaris 9 Operating Environment
  -by Alex Noordergraaf
  This article describes network settings available within the Solaris Operating Environment (Solaris OE) and recommends how to adjust network settings to strengthen the security posture of Solaris OE systems.
  
  This article updates the original article to include changes for Solaris 9 OE. These additions and modifications are incorporated into an updated "nddconfig" script available from http://www.sun.comtools/. This article is ideal for all levels of expertise.
  
  
• Using NTP on the Sun Fire 15K/12K Server
  -by Jason Beloro
  This article addresses the time skew issues for the Sun Fire 12K/F15K server and explains how the system controllers and domains can be configured as NTP clients to external servers. A sample configuration is also provided. This article is targeted to the intermediate level of expertise.
  
  
• Consolidation Methodology
  -by David Hornby and Ken Pepple
  A proven methodology is critical to the success of a consolidation project. This article outlines the major phases of the consolidation methodology developed by Sun Professional Services. If you are considering, or have already begun, a consolidation project for your data center, you can use the methodology presented in this article to get a consolidation effort underway.
  
  This article is the complete fourth chapter of the Sun BluePrints book, Consolidation in the Data Center, by David Hornby and Ken Pepple (ISBN #0-13-045495-8). The later chapters in this book address the feasibility, assessment, architecture, implementation, and management phases in detail.
  
  

Back to Top

• An Architecture for Creating and Managing Integrated Software Stacks
  -by John S. Howard
  Creating and managing complex, integrated system software stacks are some of the most challenging and time-consuming tasks facing data center managers. This article examines the challenges of these tasks and provides an architecture for software stack creation and management.
  
  
• Sun Cluster 3.0 Series: Guide to Installation--Part 2
  -by Chris Dotson
  This Sun Cluster implementation guide reviews the Sun Cluster concepts and components important to the specific installation procedures. This guide also describes the methods of constructing a Sun Cluster, and provides procedures for installing the cluster software onto each node and configuring the disks. This article is teh second part in a two-part series. "Sun Cluster 3.0 Series: Guide to Installation--Part 1" was a Sun BluePrints article in April 2003.
  
  
• Sun ONE Portal Server and Microsoft Exchange Integration Cookbook
  -by Rob Baker
  This article, written in the form of a cookbook, as well as related scripts, provide you with information and tools necessary to integrate Microsoft Exchange 2000 SP3, with the Sun Open Net Environment (Sun ONE) Portal Server software. This article can help portal administrators solve portal server integration problems caused by new underlying technologies introduced by Microsoft in Exchange 2000 SP3, specifically for integration with the portal server Netlet and rewriter components.
  
  You need knowledge of both products prior to attempting this integration. Extensive familiarity with HTML 4.x, JavaScript, CSS, XML, and XSL is also important to fully understand the implications of changes suggested by this article. To download the scripts for this article, see the Sun BluePrints Scripts and Tools page and click on Exchange Integration Cookbook Scripts.
  
  
• Integrating the Secure Shell Software
  -by Jason Reid
  This article discusses integrating Secure Shell software into an environment. It covers replacing rsh(1) with ssh(1) in scripts, using proxies to bridge disparate networks, limiting privileges with role-based access control (RBAC), and protecting legacy TCP-based applications. This article is the entire fifth chapter of the upcoming Sun BluePrints book "Secure Shell in the Enterprise" by Jason Reid, which will be available in June 2003.
  
  
• Auditing System Security
  -by Alex Noodergraaf and Glenn Brunette
  This article describes how to audit (validate) a system's security using the Solaris Security Toolkit software. You can use the information and procedures in this article to maintain an established security profile after hardening. For systems that are already deployed, you can use this information to assess security before hardening.
  
  This article is the entire sixth chapter of the upcoming Sun BluePrints book, "Securing Systems With the Solaris Security Toolkit", by Alex Noodergraaf and Glenn Brunette (ISBN 0-13-141071-7), which will be available in early July 2003.
  
  

Back to Top

• Responding to Customer's Security Incidents--Part 2: Executing a Policy
  -by Vijay Masurkar
  This article is the second in a series that discusses a policy of security incident responses. The article describes the policy best practices and execution features - evaluation, containment, and eradication of and recovery from a security incident - for responding to a customer's incident within the policy scope. Part one of this series, "Responding to Customer's Security Incidents (Part 1): Establishing Teams and a Policy" was a March 2003 Sun BluePrints OnLine article.
  
  
• Configuring the Secure Shell Software
  -by Jason M. Reid
  This article provides recommendations for configuring two specific Secure Shell implementations for the Solaris Operating Environment (Solaris OE): OpenSSH and the Solaris Secure Shell software. The Solaris Secure Shell software is a component of the Solaris 9 OE release. OpenSSH is also available for previous Solaris OE releases. For information on building OpenSSH, consult the January 2003 Sun BluePrints OnLine article, "Building OpenSSH Tools and Tradeoffs."
  
  
• Sun Cluster 3.0 Series: Guide to Installation--Part 1
  -by Chris Dotson
  Part one of a two-part series, this article guides the reader through preparation and setup, prior to deployment of a Sun Cluster system. Sun's preferred methodology for installing Sun Cluster software, Sun's Enterprise Install Services (EIS) processes, are presented.
  
  
• Building a Global Compute Grid - Two Examples Using the Sun ONE Grid Engine and the Globus Toolkit
  -by Charu Chaubal & Radoslaw Rafinski
  Currently, much research activity is based around the implementation of advanced resource sharing networks, which are geographically distributed. Much of this research has taken advantage of the Globus Toolkit, an open source toolkit provided by the Globus organization. In this Sun BluePrints article, the problem of building a compute grid using the Globus Toolkit and how it can best be integrated with Sun ONE Grid Engine are discussed. Two case studies in the academic arena are presented.
  
  
• Sun Fire 6800/4810/4800/3800 Auto Diagnosis and Recovey Features
  -by Peter Gonscherowski
  This article describes the Sun Fire 6800/4810/4800/3800 system availability enhancements provided in the system controller (SC) firmware version 5.15.0 release and Solaris 8 kernel updates. Version 5.15.0 of the system controller (SC) firmware introduces several new features to improve the availability, serviceability, diagnosability, and repair characteristics of Sun Fire 6800/4810/4800/3800 systems.
  
  

Back to Top

• Responding to Customer's Security Incidents--Part 1: Establishing Teams and a Policy
  -by Vijay Masurkar
  This article is the first of a series of articles that discuss building teams, establishing a security incident response policy, and executing it. The article is intended to provide highlights and best practices information about computer security incident response, building teams to process security incidents, and developing important factors in establishing a security incident response policy framework. The primary audience consists of computer security managers, security policy developers, system administrators, and other related staff responsible for the creation or operation of a computer incident response team and/or a computer security incident response (CSIR) policy and service.
  
  
• Provisioning in Replicated, Mission-Critical Environments
  -by Jay Daliparthy and James Falkner
  This article introduces the concepts and best practices for using Solaris Flash and Solaris Live Upgrade technologies to perform quick, consistent, controlled, and reproducible Solaris Operating Environment installations and upgrades. Creating, archiving, and deploying a Flash archive is covered along with how to create and manage multiple boot environments.
  
  
• Writing an Authentication Plug-in for a Sun ONE Directory Server
  -by Nicola Venditti
  The Sun ONE Directory Server has an advanced application program interface (API) for writing plug-ins that extend the directory server's functionality. In this article, information is provided for a better understanding of the tasks involved in writing a plug-in. The impact and benefit plug-ins can provide to the directory server is explained. In addition, a sample preoperation plug-in is provided.
  
  
• Avoiding Common Performance Issues When Scaling RDBMS Applications With Oracle9i Release 2 And Sun Fire Servers
  -byGlenn Fawcett
  There are a handful of common performance issues that arise when trying to scale Oracle database applications on Solaris Operating Enironment. These issues are sometimes difficult to identify and address. This paper incorporates the experiences of Sun's Strategic Application Engineering group in tuning Oracle RDBMS systems on a variety of workloads. There are accompanying document, Avoiding Common Performance Issues When Scaling RDBMS Applications With Oracle9i Release 2 And Sun Fire Servers Appendices, that supplements the information in this article.
  
  
• APPENDICES - Avoiding Common Performance Issues When Scaling RDBMS Applications With Oracle9i Release 2 And Sun Fire Servers Appendices
  -by Glenn Fawcett
  These are the appendices for the article Avoiding Common Performance Issues When Scaling RDBMS Applications With Oracle 9i Release 2 And Sun Fire Servers (March 2003)
  
  

Back to Top

• Securing the Sun Fire 12K and 15K System Controllers
  -by Alex Noordergraaf and Dina Nimeh
  This article provides recommendations on how to securely deploy the Sun Fire 12K and 15K system controllers (SC). These recommendations apply to environments where security is a concern, particularly environments where the uptime requirements of the SC and/or the information on the Sun Fire server is critical to the organization.
  
  
• Securing the Sun Fire 12K and 15K Domains
  -by Alex Noordergraaf and Dina Nimeh
  This article documents security modifications that you can implement on Sun Fire 12K and 15K domains without adversely affecting their behavior. The configuration changes in this article enable Solaris Operating Environment (Solaris OE) security features and disable potentially insecure services and daemons.
  
  
• Securing the Sun Cluster 3.x Software
  -by Alex Noordergraaf
  To provide a robust environment where Sun Cluster 3.x software can be deployed, very specific requirements are placed on the configuration of the Solaris Operating Environment (Solaris OE). This article describes how to secure the Solaris OE and the Sun Cluster 3.x software. Before the release of Sun Cluster 3.0 (12/01) software, no secured configurations were supported. This article includes updates for Sun Cluster 3.1 software.
  
  
• Building Secure Sun Fire Link Interconnect Networks Using Midframe Servers
  -by Joe Higgins
  This article describes how to install and deploy the Sun Fire Link interconnect so that it can be securely managed and operated. The software architecture and the steps to secure the Sun Fire Link interconnect software are documented.
  
  
• Understanding Gigabit Ethernet Performance on Sun Fire Servers
  -by Jian Huang
  The recent network-centric computing has been exercising tremendous pressure on servers' network performance. With the increasing popularity of gigabit Ethernet, especially the availability of lower-cost copper-based gigabit Ethernet adapters, the question of how Sun's servers perform in this arena has become one of the most important issues that Sun engineering teams are trying to address. This paper presents an overview of the performance of the new Sun GigaSwift Ethernet MMF Adapter card on a Sun Fire server in terms of TCP/IP networking.
  
  Most of the previous effort on TCP/IP network performance has been focused on bulk-transfer traffic, which imposes on servers a continuous flow of packets with sizes equal to the Maximal Transfer Unit (MTU) of the underlying carrier.
  
  In the client-server computing environment, however, not all requests from clients, nor all replies from the servers are constantly large. The traffic of small packets, whose size is below that of the MTU of the carrier, is also very commonly seen. Hence, this paper investigates the performance of both the bulk-transfer and small-packet traffic on a Sun Fire 6800 server.
  
  In addition to presenting a performance picture, this paper also takes the initiative to study the root cause of the behavior of Sun servers by revealing some of the implementation details of the Solaris Operating Environment (Solaris OE). A set of tuning parameters that affect TCP/IP network performance is discussed and some tuning recommendations is given.
  
  

Back to Top

• A Patch Management Strategy for the Solaris Operating Environment
  -by Ramesh Radhakrishnan
  Managing software patches is complex and time consuming. This article offers a high-level strategy for managing patches in a variety of different types of compute environments that are running on the Solaris operating environment. This article divides the patch management process into seven phases, each of which can be tailored to suit your distinct IT environment. This article does not discuss the step-by-step process of installing Solaris OE patches, but instead addresses higher-level concepts that can be used with any patch installation utility. This article is intended for IT managers, IT architects, lead system administrators, and anyone interested in developing a patch management strategy.
  
  
• BluePrint for Benchmarking Success
  -by Hans Joraandstad and Barbara Perz
  This article provides best practices for benchmarking and it's ideal for those using benchmarking to gather information that will help make a decision on which computer to buy.
  
  
• Building OpenSSH--Tools and Tradeoffs
  -by Jason M. Reid
  This article updates much of the information in the July 2001 Sun BluePrints OnLine article, "Building and Deploying OpenSSH for the Solaris Operating Environment". The article contains information about gathering the needed components, making the compile-time configuration decisions, building the components, and finally assembling the OpenSSH environment.
  
  
• Configuring Databases Using Soft Links
  -by Carlos Godinez
  This article explains the advantages of using symbolic (soft) links when configuring databases and provides techniques and examples for using them. This article presents information that will enable you to manage database configuration efficiently and accurately.
  
  
• System Management Services Software: An Inside Look
  -by Tom Chalfant
  This article addresses some of the more advanced topics of System Management Services (SMS) software including the Management Network (MAN) and SMS security. In addition, it provides insight to a new security feature that enables you to use secure shell for file synchronization between system controllers (SCs).
  
  

Back to Top

• Modeling Sun Cluster Availability
  -by Ira Pramanick
  Modeling the availability of software systems is an extremely difficult task that has not been accomplished successfully to any degree of accuracy until now. This article describes the approach taken to model specific Sun Cluster stacks, including the service layer. This modeling methodology combines black-box measurements with white-box analysis to arrive at an availability model for a system. The methodology facilitates extrapolation of the model to other stacks that differ in well-defined ways. It also entails setting availability budgets of various layers in the stack.
  
  
• A Strategy for Managing Performance
  -by John Brady
  This article addresses the importance of adopting and executing a thorough performance management strategy in your compute environment. Managing performance puts you in the position of being proactive and in control of your compute resources, not vice versa, while saving revenue at the same time. This article offers suggestions for developing a performance management strategy that enables you to predict and correct potential performance problems, to control resources, to track changes for capacity planning and to consolidate resources.
  
  
• Solaris Operating Environment Security: Updated for Solaris 9 Operating Environment
  -by Alex Noordergraaf and Keith Watson
  This article provides recommendations on how to secure a Solaris Operating Environment (Solaris OE). Securing a Solaris OE system requires that changes be made to its default configuration. The changes outlined in this article address the majority of the methods that intruders use to gain unauthorized or privileged access to an improperly configured system. Implementing the changes recommended in this article requires planning, testing, and documentation to be successful in securing a computing environment.
  
  
• Trust Modeling for Security Architecture Development
  -by Donna Andert, Robin Wakefield, and Joel Weise
  Information technology architects must build applications, systems, and networks that match ordinary users' expectations of trust in terms of identity, authentication, service level agreements, and privacy. This article describes the vocabulary of trust relationships and demonstrates the practical importance of using trust modeling to formalize the threshold for risk.
  
  
• Understanding Solaris 9 Operating Environment Directory Services
  -by Tom Bialaski
  This article examines the differences between the Solaris 8 Operating Environment (Solaris OE) Lightweight Directory Access Protocol (LDAP) Client and the Solaris 9 OE Secured LDAP Client, and explains how to support them on the same directory server. In addition, this article details troubleshooting tips for common implementation problems.
  
  
• Performance Oriented System Administration
  -by Bob Larson
  In most cases, using the default configuration for an operating system helps ensure that cascading effects don't overly complicate system tuning and maintenance. In some cases, however, you might need to tune a system. This article explains the algorithms and heuristics surrounding the most important tunables and describes several kernel tunables and the algorithms behind them.
  
  

Back to Top

• Minimizing the Solaris Operating Environment for Security: Updated for Solaris 9 Operating Environment
  -by Alex Noordergraaf
  This article provides tips, instructions, and preferred practices for minimizing the Solaris Operating Environment (Solaris OE) to increase system security. It focuses on operating system (OS) installation practices for minimizing and automating Solaris OE installations. It provides a simple, reproducible, and secure application installation methodology.
  
  
• Designing Highly Available Architectures: A Methodology
  -by Erik Vanden Meersch
  This article presents a methodology for discussing availability requirements for Information Technology (IT) systems. This methodology focuses on the interaction between system vendors and customers at the early stage of a project and defines the minimum information that should be exchanged to design an architecture that will satisfy the availability requirements of the future owner of the system.
  
  
• Internet Protocol Network Multipathing (Update)
  -by Mark Garner
  This article looks at the features of Internet Protocol network multipathing and the steps required to configure it for network adapter resilience.
  
  This article is an update to the IPMP article published in November 2002. This revision addresses Bug ID: 4451678, "Synopsis: in.mpathd does not accurately detect interface failures in active-standby config". This problem is resolved by applying patch 108528-15 and above. This problem was fixed in the Solaris 9 Operating Environment.
  
  
• Managing Shared Storage in a Sun Cluster 3.0 Environment With Solaris Volume Manager Software
  -by Kristien Hens and Peter Dennis
  Traditionally, VERITAS Volume Manager (VxVM) has been the volume manager of choice for shared storage in enterprise-level configurations. In this article, a free and easy-to-use alternative, Solaris Volume Manager software, which is part of the Solaris 9 Operating Environment (Solaris 9 OE) is explored. This mature product offers similar functionality to VxVM. Moreover, it is tightly integrated into the Sun Cluster 3.0 software framework and, therefore, should be considered to be the volume manager of choice for shared storage in this environment.
  
  
• Campus Clusters Based on Sun Cluster Software
  -by Harmut Streppel
  This article describes how to use Sun Cluster 3.0 software as part of a comprehensive disaster recovery solution to ensure continuous service availability. This article provides guidelines to consider when deploying a campus-cluster solution and offers helpful tips for setting up sound administrative practices.
  
  
• A New Open Resource Management Architecture in the Sun HPC ClusterTools Environment
  -by Steve Sistare
  This article presents a new architecture for the integration of the Sun HPC ClusterTools parallel computing environment with distributed resource management systems such as the Sun Grid Engine system. The architecture enables a tight integration to be achieved with multiple distributed resource management systems in a uniform and extensible framework, which means that any of the popular management systems may be used to launch and monitor Sun MPI parallel jobs. Unlike previously available loose integrations, tight integrations allow a resource manager to accurately measure resources used by the parallel processes, to terminate jobs that exceed resource limits, and to generate accurate accounting information for multi-process jobs Tight integrations are implemented with Sun Grid Engine software, PBS, and LSF. Correct resource accounting with this tight integration is demonstrated and launching and debugging Sun MPI jobs using each system is detailed.
  
  
• Memory Hierarchy in Cache-Based Systems
  -by Ruud Van Der Pas
  This article will help the reader understand the architecture of modern microprocessors by introducing and explaining the most common terminology and addressing some of the performance related aspects. Written for programmers and people who have a general interest in microprocessors, this article presents introductory information on caches and is designed to provide understanding on how modern microprocessors work and how a cache design impacts performance.

  Despite improvements in technology, microprocessors are still much faster than main memory. Memory access time is increasingly the bottleneck in overall application performance. As a result, an application might spend a considerable amount of time waiting for data. This not only negatively impacts the overall performance, but the application cannot benefit much from a processor clock-speed upgrade either. One method for overcoming this problem is to insert a small high-speed buffer memory between the processor and main memory. Such a buffer is generally referred to as cache memory, or cache for short.

  
  
  

Back to Top

• Sun Fire Midframe Server Best Practices for Firmware Update 5.13.x
  -by James Hsieh
  This article is an update to the October 2001 Sun BluePrints OnLine article, Sun Fire Midframe Servers Best Practices for Administration, and includes updated information for connecting and configuring the Sun Fire system controller (SC) and introduces SC administration concepts, platform security, and error analysis and diagnosis. This article update also introduces new features available with the 5.13.x firmware release for the Sun Fire SC, which further improve on the reliability, availability, and serviceability of Sun Fire Midframe Servers.
  
  
• Configuring Boot Disks With Solaris Volume Manager Software
  -by Erik Vanden Meersch and Kristien Hens
  This article is an update to the April 2002 Sun BluePrints OnLine article, Configuring Boot Disks With Solstice DiskSuite Software. This article focuses on the Solaris 9 Operating Environment, Solaris Volume Manager software, and VERITAS Volume Manager 3.2 software. It describe how to partition and mirror the system disk, and how to create and maintain a backup system disk. In addition, this article presents technical arguments for the choices made, and includes detailed runbooks.
  
  
• Managing Data Centers With Sun Management Center Change Manager
  -John S. Howard
  Deploying and updating software are two of the most challenging and time consuming tasks facing datacenter managers. The Sun Management Center (Sun MC) Change Manager software provides a framework and tools for quickly and efficiently deploying, replicating, updating, and managing software over a large number of systems. This article presents techniques and best practices for using Sun Management Center Change Manager software.
  
  
• HPC Administration Tips and Techniques
  -by Omar Hassaine
  This article gives an introduction to the features introduced in the latest Sun HPC ClusterTools 4 software, including best practices for configuration and mixed clusters. It describes how to configure a checkpointing and migration environment using both Sun Grid Engine and Condor standalone checkpointing libraries. This article also includes discussion about administrative best practices.
  
  
• Extending Authentication in the Solaris 9 Operating Environment Using Pluggable Authentication Modules (PAM): Part II
  -by Michael Haines and Joep Vesseur
  This article is part two of a two-part series and details the PAM application programming interface (API) and the PAM service provider interface (SPI). Also included are procedures on how to effectively write PAM modules when using the Solaris 9 Operating Environment (Solaris 9 OE). By writing these PAM service modules, it is possible to extend the capability of the Solaris 9 OE authentication mechanisms in a number of different ways.
  
  Part one, Extending Authentication in the Solaris 9 Operating Environment Using Pluggable Authentication Modules (PAM): Part I, was published in the September 2002 issue of Sun BluePrints Online.
  
  
• ORACLE Middleware Layer Net8 Performance Tuning Utilizing Underlying Network Protocol
  -by Gamini Bulumulle
  This article discusses performance optimization and tuning of SQL*Net based on an arbitrary UNP which could be TCP/IP, SPX/IP or DECnet. SQL*Net performance can be maximized by synchronization with tunable parameters of the UNP, for example, buffer size. This article explain how total SQL*Net transaction performance can be divided into components of connect time and query time, where Total SQL*Net (Net8) Transaction Time = Connect Time + Query Time. Connect time can be maximized by calibration of tunable parameters of SQL*Net and the UNP when designing and implementing networks. Query time is typically affected by database tuning parameters which are outside the scope of this article. However, database tuning parameters, which impact network performance, are discussed.
  
  

Back to Top

• Enterprise Network Design Patterns: High Availability
  -by Deepak Kakadia, Sam Halabi, and Bill Cormier
  High availability considerations extend well beyond individual servers in today's enterprise. Ultimately, availability is only as good as the networking infrastructure. This article presents the key issues, explores available network topologies and protocols, and makes recommendations for their application in creating a highly available network.
  
  
• Consolidation in the Data Center
  -by Ken Pepple and David Hornby
  Data center consolidation is about reducing the number of devices you have to manage and reducing the number of ways you use to manage them. This article introduces various types of consolidations you can perform - servers, applications, storage, shared services, networks, and people resources - and describes some of the benefits of each type of consolidation.
  
  
• Extending Authentication in the Solaris 9 Operating Environment Using Pluggable Authentication Modules (PAM): Part I
  -by Michael Haines
  This article is the first of a two-part series that offers a technical overview of how the Solaris 9 Operating Environment implementation of Pluggable Authentication Modules (PAM)PAM works. This article demonstrates straightforward methods for configuring PAM to accommodate site-specific security policy requirements and examines the PAM architecture and its components.
  
  
• Resource Management in the Solaris 9 Operating Environment
  -by Stuart J. Lawson
  The Solaris Resource Manager (Solaris RM) enables the resources of a single instance of the operating environment to be shared in an arbitrarily fine-grained manner, among consolidated or partitioned applications or system users. The Solaris RM can be used such that a guaranteed level of service can be given, where appropriate. In this article, Stuart Lawson describes the three core resource management approaches in the Solaris 9 Operating Environment and offers best practices for setting up a resource management framework.
  
  
• Sun Fire Systems Design and Configuration Guide
  -by Nathan Wiger and Roger Blythe
  This article details key features of the Sun Fire product line and presents a process you can follow to determine which server best meets your needs. An excerpt from the new Sun BluePrints book, "Sun Fire Systems Design and Configuration Guide" by Nathan Wiger and Roger Blythe, this article provides best practice design consideration, rules of thumb, and sample server configurations.
  
  
• Introduction to the Cluster Grid - Part 2
  -by James Coomer and Charu Chaubal
  Grid computing is a rapidly emerging technology that can be implemented through the use of the Sun Cluster Grid software stack. In the second part of a two-part series, this article takes the next step in describing the Sun Cluster Grid design phase which includes information gathering, design decisions, installation and management considerations, and example implementations.
  
  

Back to Top

• Monitoring and Tuning Oracle - Chapter 22, Part II
  -by Allan N. Packer
  Building on his July 2002 Sun BluePrints OnLine article, Allan continues to provide more best practices for Oracle monitoring using utlbstat/utlestat scripts and to recommend parameter settings for OLTP and DSS environments. Issues ranging from load performance to dynamic reconfiguration and Oracle recovery are also examined. Additional Oracle monitoring and tuning recommendations are available in his recently released book "Configuring and Tuning Databases on the Solaris Platform."
  
  
• Sun StorEdge[tm[ Instant Image 3.0 and Oracle8i Database Best Practices
  -by Art Licht
  A methodology for implementing the Sun StorEdge Instant Image 3.0 Point-In-Time (PIT) copy technology to perform non-intrusive and efficient backup operations on Oracle8i databases, without impacting business operations is presented. A method customers can use to repurpose the PIT Oracle8i data for parallel business processes is also included.
  
  
• Customizing JumpStart Framework for Installation and Recovery
  -by John S. Howard and Alex Noordergraaf
  Techniques to augment a CDROM-based installation with the services and behaviors provided by a JumpStart server are detailed in this article. These techniques are suitable to situations when a hands-free Solaris Operating Environment (Solaris OE) installation is necessary but when a JumpStart server cannot be used. This article is a chapter from the Sun BluePrints book, "JumpStart Technology: Effective Use in the Solaris Operating Environment", ISBN# 0-13-062154-4.
  
  
• Windows NT Server Consolidation and Performance Improvements with Solaris PC NetLink 2.0 Software
  -by Don DeVitt
  This article focuses on best practices to help data center managers meet cost reduction goals in supporting multiple users accessing servers through PC clients. New features in Solaris PC NetLink 2.0 software that improve performance and add new options for consolidating Windows NT servers are discussed.
  
  
• Introduction to the Cluster Grid - Part 1
  -by James Coomer and Charu Chaubal
  Grid computing is a rapidly emerging technology which can be implemented today through the use of the Sun Cluster Grid software stack. Part one of this two part series provides an introduction to grid architecture, and discusses how the architecture can be applied to existing compute environments using the Sun Cluster Grid software stack. Full treatment of the cluster grid design and implementation will be provided in the September BluePrints Online article, "Introduction to the Cluster Grid - Part 2".
  
  
• Sun's Quality, Engineering, and Deployment (QED) Test Train Model
  -by George Wood
  The why and how of Sun's integration and interoperability testing process, known internally as the Solaris OE Train, are explained in this article. This long conducted software testing program supports each Solaris Operating Environment (Solaris OE) release and have recently been expanded to include rigorous integration and interoperability testing of key third party software from VERITAS Software and Oracle Corporation, as well as Sun Open Net Environment (Sun ONE) software.
  
  

Back to Top

• Monitoring and Tuning Oracle - Chapter 22, Part I
  -by Allan N. Packer
  Database expert, Allan N. Packer, shares more database best practices from his recently-released book "Configuring and Tuning Databases on the Solaris Platform" (ISBN# 0-13-083417-3). In this article, Allan examines ways of managing Oracle behavior, changing tunable parameters, calculating the buffer cache hit rate, and discusses Oracle monitoring using the utlbstat/utlestat scripts.
  
  
• Reducing the Backup Window With Sun StorEdge Instant Image Software
  -by Selim Daoud
  Building on last month's article "LAN-Free Backups Using the Sun StorEdge Instant Image 3.0 Software," this article discusses the advantages and methods of using a point-in-time (PIT) type of backup system versus a more traditional backup approach that requires extended downtime.
  
  
• Securing the Sun Fire 12K and 15K System Controllers, Updated for SMS 1.2
  -by Alex Noordergraaf and Dina Nimeh
  This article provides recommendations on how to securely deploy the Sun Fire 12K and 15K system controllers (SC). This article is one in a series that provides recommendations for enhancing security of a Sun Fire system. After securing the SC, we recommend that you use the following July 2002 Sun BluePrints OnLine article, "Securing the Sun Fire 12K and 15K Domains," to secure SC domains.
  
  
• Securing the Sun Fire 12K and 15K Domains, Updated for SMS 1.2
  -by Alex Noordergraaf and Dina Nimeh
  Building on the prior article "Securing the Sun Fire 12K and 15K System Controllers," this article provides recommendations for enhancing the security of a Sun Fire system that you can implement on Sun Fire 12K and 15K domains without adversely affecting their behavior. The configuration changes presented in this article enable Solaris Operating Environment (OE) security features and disable potentially insecure services and daemons.
  
  
• Sun ONE Portal Server 3.0 Rewriter Configuration and Management Guide
  -by Rob Baker
  This comprehensive article provides best practices and deployment guidelines for the Sun ONE Portal Server 3.0 product, with a specific emphasis on the rewriter component of the Secure Remote Access Gateway (SRAP). The SRAP is a portal server add-on that enables end users to securely access enterprise web content using only a standard web browser with a Java virtual machine. The article highlights best practices for the SRAP and presents methods for configuring it to leverage existing corporate intranet content while enabling flexibility for future growth. These practices will allow users to fully utilize this unique feature of the Sun ONE Portal Server product.
  
  
• An Information Technology Management Reference Architecture Implementation
  -by Edward Wustenhoff
  A follow-up to the June 2002 Sun BluePrints OnLine article "An Information Technology Management Reference Architecture," and the fifth in a series by Edward Wustenhoff on data center management infrastructure, this article focuses on the implementation of the management infrastructure. As a case study, the implementation of an IT management reference architecture in the Authorized iForce Ready Center (iFRC) program that displays an IDC Mail and Messaging Architecture is presented and the technical aspects and details of the its management and organization (M&O) architecture deployment are described.
  
  

Back to Top

• Drill-Down Monitoring of Database Servers - Chapter 21
  -by Allan N. Packer
  Database expert, Allan N. Packer, shares database best practices from his recently-released book, "Configuring and Tuning Databases on the Solaris Platform", ISBN# 0-13-083417-3. In this article, Allen presents a process for identifying and resolving problems with the performance of database servers.
  
  
• Securing LDAP Through TLS/SSL--A Cookbook
  -by Stefan Weber
  Deploying secure Lightweight Directory Access Protocol (LDAP) connections is becoming more demanding. This article details the steps on how to set up the Sun Open Net Environment (Sun ONE) Directory Server software so that it can be accessed securely from command line tools.
  
  
• Securing the Sun Fire Midframe System Controller
  -by Alex Noordergraaf and Tony M. Benson
  Securely deploying the Sun Fire Midframe System Controller (SC) is crucial. This article offers recommendations on building a separate and private SC network, to which the insecure protocols required to manage an SC are restricted.
  
  
• LAN-Free Backups Using the Sun StorEdge Instant Image 3.0 Software
  -by Art Licht
  As data grows in size and backup windows shrink, performing backups across the LAN is no longer the ideal method. This article gives an overview of LAN and SAN backup practices and includes procedures for performing LAN-free backups.
  
  
• Network Storage Evaluations Using Reliability Calculations
  -by Selim Daoud
  This article uses a case study to introduce concepts and calculations for systematically comparing redundancy and reliability factors as they apply to network storage configurations.
  
  
• An Information Technology Management Reference Architecture
  -by Edward Wustenhoff
  Building on Edward's prior Sun BluePrints OnLine articles, found at Archive by Subject, this article describes the results of a proof-of-concept process to create an IT management reference architecture that displays IDC mail and messaging, as conducted at Sun's iForce Ready Center.
  
  

Back to Top

• How Hackers Do It: Tricks, Tools, and Techniques
  -by Alex Noordergraaf
  Learn how to build and maintain secure systems and implement preventive solutions against the common tricks, tools, and techniques used by hackers to gain unauthorized access to Solaris Operating Environment systems.
  
  
• Enterprise Management Systems Part II: Enterprise Quality of Service (QoS) Provisioning and Integration
  -by Deepak Kakadia with Dr. Tony G. Thomas, Dr. Sridhar Vembu, and Jay Ramasamy of AdventNet, Inc.
  Building on the concepts of how to best manage services in Service Driven Networks, this second article of the two-part series describes how to integrate Sun Management Center 3.0 software and AdventNet WebNMS 2.3 software to provision end-to-end services and provide a complete solution that can effectively manage a multivendor environment. The first article in this series can be found at: http://www.sun.combrowsesubject.html.
  
  
• Solaris Operating Environment LDAP Capacity Planning and Performance Tuning
  -by Steve Lopez
  Experienced System Administrators can increase the performance and scalability of Netscape Directory by utilizing the key practice methodologies presented in this article. These include key practices for the capacity planning of the LDAP naming service on the Solaris Operating Environment, as well as performance tuning examples and exercises. The other articles in this series can be found at: http://www.sun.combrowsesubject.html.
  
  
• Metropolitan Area Sun Ray Services
  -by Lars Persson
  Expand into new lines of business and drastically reduce the actual and hidden costs of ownership of the desktop PC device by implementing these preferred practice recommendations for deploying Sun Rays over a Metropolitan Area Network.
  
  
• Deployment Considerations for Data Center Management Tools
  -by Edward Wustenhoff
  Build a better management infrastructure by understanding more about the basic building blocks, architecture, and key design elements of a complete Systems Management Tools Framework, as presented in this first article in a two-part series.
  
  
• Securing the Sun Cluster 3.0 Software
  -by Alex Noordergraaf
  Reduce susceptibility to attacks and increase the reliability, availability, and serviceability of systems that run Sun Cluster 3.0 software by implementing the recommendations for configuring the Solaris Operating Environment and supported agents detailed in this article.
  
  
• Cluster Column:
  IMPLEMENTATION GUIDE:
  Guide to Installation-Part II: Sun Cluster 3.0 Software Management Services
  -by Chris Dotson and Steve Lopez
  The second in a two-part series, this module details the tasks that must be performed to install the Solaris Operating Environment on each cluster node during a Sun Cluster 3.0 software installation. The first module in this series can be found at: http://www.sun.combrowsesubject.html.
  
  

Back to Top

• Using Live Upgrade 2.0 With JumpStart Technology and Web Start Flash
  -by John S. Howard
  In this final installment of his three-part series on Solaris Live Upgrade 2.0 (LU) technology, John S. Howard provides recommendations and techniques for integrating LU with the JumpStart software framework and the Solaris Web Start Flash software. The first two articles in this series can be found at: http://www.sun.combrowsesubject.html.
  
  
• Service Level Agreement in the Data Center
  -by Edward Wustenhoff
  Building on the definitions, processes, and best practices supporting the Service Level Management (SLM) process presented in the first article in this two-part series, this article explores Service Level Agreements (SLAs). Best practices for keeping SLAs simple, measurable, and realistic--thus avoiding the most common pitfalls of overpromising and underdelivering on agreements--are detailed and templates are provided that illustrate the translation of SLA principles to real-world examples. The first article in this series can be found at: http://www.sun.combrowsesubject.html.
  
  
• Enterprise Management Systems Part I: Architectures and Standards
  -by Deepak Kakadia, Dr. Tony Thomas, Dr. Sridhar Vembu and Jay Ramasamy
  The first in a two-part series focused on managing services in Service Driven Networks (SDNs), this article presents a summary of typical architectures and a clarification of the standards to help the reader better understand the implementations of various third-party vendor EMSystems solutions.
  
  
• Sun Fire 3800-6800 Servers Dynamic Reconfiguration
  -by Peter Gonscherowski
  A general overview of Dynamic Reconfiguration (DR), its implementation on Sun Fire 3800-6800 servers, and best practice guidelines for DR with Sun Management Center or the command line are provided.
  
  
• Storage Resource Management: A Practitioner's Approach
  -by Stevan Arbona and Joe Catalanotti
  Storage resource management (SRM) best practices are presented, with a particular focus on the positive impact that SRM can have on controlling costs by increasing operational efficiency.
  
  
• Configuring Boot Disks With Solstice DiskSuite Software
  -by Erik Vanden Meersch and Kristien Hens
  How to partition the system disk, mirror it, and create and maintain a contingency boot disk are presented. Topics include two-, three-, and four-disk configurations, their associated runbooks, and the SUNBEsdm package with scripts.
  
  
• Cluster Column:
  IMPLEMENTATION GUIDE:
  Guide to Installation-Part I: Sun Cluster Management Services
  -by Chris Dotson and Steve Lopez
  This module contains the tasks that must be performed for installation of Sun Cluster 3.0 software. These tasks include setting up the administrative workstation, configuring the Sun Cluster 3.0 software cluster, implementing best practices, performing design verifications, and administering a two-node Sun Cluster 3.0 hardware cluster.
  
  

Back to Top

• Enterprise Quality of Service (QoS) Part II: Enterprise Solution using Solaris Bandwidth Manager 1.6 Software
  -by Deepak Kakadia
  Deepak's article is the second in a two-part series that focuses on Quality of Service (QoS) issues. This article explores possible approaches to deploying an Enterprise Quality of Service solution using Solaris Bandwidth Manager 1.6 software. It also presents an integrated close-loop solution using Sun Management Center 3.0 software, which exploits API's offered by both products and creates a policy-based QoS solution for the enterprise.
  
  
• Securing the Sun Enterprise 10000 System Service Processors
  -by Alex Noordergraaf
  Security of high-end systems, such as the Sun Enterprise 10000 servers, is of critical concern to customers deploying such systems in their environments. This article provides a documented and fully supported solution for protecting the weakest links in the security of the Sun Enterprise 10000 server--the system service processors (SSPs).
  
  
• Using Live Upgrade 2.0 With a Logical Volume Manager
  -by John S. Howard
  Part two of a three-part series by John S. Howard, this article addresses best practices for upgrading systems, specifically using Live Upgrade 2.0 (LU 2.0) with a logical volume manager. As system administrators know, system upgrades can be time-consuming and error-prone processes. Further, mission-critical systems or datacenter systems typically cannot afford to be taken down for much time to test patches and execute software upgrades. While the examples in this article use VERITAS Volume Manager (VxVM), the concepts and high-level procedural steps are the same whether you use LU 2.0 with Solstice DiskSuite software.
  
  
• Service Level Management in the Data Center
  -by Edward Wustenhoff
  Service Level Management (SLM) provides the methodology and discipline for measuring overall system performance parameters and forms the basis for implementing service level agreements (SLAs). This article presents a basic definition of SLM, details the SLM process, and provides best practices for using SLM. Tasks described include all aspects of gathering the metrics needed, at all platform layers, to evaluate compliance with SLAs and to ensure continuous improvement in overall system performance. Future articles from this author will investigate best practices surrounding SLAs.
  
  
• Application Performance Optimization
  -by Börje Lindh
  This article provides a brief introduction to optimization on the Solaris Operating Environment. To explore this subject in more detail, refer to Rajat Garg's and Ilya Sharapov's Sun BluePrints book, Techniques for Optimizing Applications, published July 2001(ISBN 0-13-093476-3).
  
  
• Cluster Column:
  Introduction to SunTone Clustered Database Platforms
  -by Ted Persky and Richard Elling
  While there appears to be unanimous consent in the industry that integrated hardware and software platforms are needed, there is not a similar agreement of what, exactly, constitutes an integrated stack, particularly in the area of clusters and high availability. Further, people want to know what best practices they should embrace and which services they should provide. This article details the benefits that can be derived from a clustered Oracle database software stack that has been integrated to best practices and is ready to deploy. The examples in this article highlight Sun's soon-to-be-released Clustered Database Platform 280/3.
  
  

Back to Top

• Server Virtualization Using Trusted Solaris 8 Operating Environment
  -by Glenn Faden
  Building on the concepts presented in his follow-on article, Maintaining Network Separation with Trusted Solaris 8 Operating Environment, expands on the techniques of configuring labeled networks to show how the Trusted Solaris Operating Environment can be deployed by a network service provider to support multiple customers within a single infrastructure. Through the use of the appropriate Trusted Solaris Operating Environment functionality, each customer can have its own virtual server or community. This article describes best practices for administrative procedures and configuration files that are required to set up fully contained communities.
  
  
• Enterprise Quality of Service (QoS): Part I - Internals
  -by Deepak Kakadia
  In a two-article series, distinguished Sun BluePrints author works to clear the confusion surrounding QoS by explaining what it is, how it is implemented, and how to use it in an enterprise. This month's part one article details the basics surrounding the "what" and "how" of implementation, as well as the internals of QoS. Be sure to return to Sun BluePrints OnLine next month for his second article which will focus on how to deploy QoS in an enterprise.
  
  
• Managing Solaris Operating Environment Upgrades with Live Upgrade 2.0
  -by John S. Howard
  Performing an upgrade of an operating system and the associated system software is one of the most time-consuming and error prone tasks facing system administrators. Compounding the upgrade process is the reality that most mission-critical or datacenter systems cannot afford to be taken down for any length of time to test patches and execute software upgrades. This article, part one of a three-part series, focuses on how Live Upgrade (LU) provides a mechanism to manage and upgrade multiple on-disk Solaris Operating Environments without taking the systems down. LU provides a framework to upgrade and work within multiple on-disk environments and reboots into the new Solaris Operating Environment after completion of changes to the on-disk software images.
  
  
• Managing Systems and Resources in HPC Environments
  -by Omar Hassaine
  Written for the compute-intensive site administrator and user, this article highlights the benefits, presents preferred practices, and provides useful recommendations for using enterprise server tools and features available in commercial environments.
  
  
• Establishing an Architectural Model
  -by John V. Nguyen
  This article is the complete third chapter of the upcoming Sun BluePrints book, Designing ISP Architectures, ISBN 0-13-045496-6. This article introduces an architectural model as a framework for designing platform-independent ISP architectures, based upon expertise and Sun best practices for designing ISP architectures. Ideal for IT architects and consultants who design ISP architectures, John's complete book will be available beginning March 2002 through www.sun.com/books, amazon.com, and Barnes & Noble bookstores.
  
  
• Cluster Column:
  Automating Sun Cluster 3.0 Data Service Setup
  -by Tom Bialaski
  After installing Sun Cluster 3.0 software and performing basic cluster configuration, the next task is to set up the applications or data services for the application to run on the cluster. This procedure involves a number of steps, many of which need to be performed from the command line. Others such as creating a resource group, can be performed through the SunPlex GUI. Because these steps require executing complicated commands or traversing through several GUI screens, it is advantageous to write scripts that can simplify and automate the data service and configuration process. Scripts are also a valuable tool to capture work completed in a test environment to ensure consistent deployment on the production network. In addition, scripts are useful to enable less-experienced system administrators to perform complex configuration tasks, or to rebuild systems for multiple testing purposes. To highlight how to architect such scripts, this article illustrates best practices in deploying the HA-NFS data service, for which the agent is contained on the Sun Cluster 3.0 Data Services CD-ROM.
  
  

Back to Top

• Data Center Design Philosophy
  -by Rob Snevely
  This article is from the entire first chapter of the Sun BluePrints book, Enterprise Data Center Design and Methodology, (ISBN 0-13-047393-6), which is available beginning January 30th through www.sun.com/books, amazon.com, and Barnes & Noble bookstores.
  
  This article lays the foundation for addressing challenges of data center design, through a presentation of the more important design issues, priorities, and philosophies. The article concludes with a summary of the ten most important design guidelines.
  
  
• Configuring OpenSSH for the Solaris Operating Environment
  -by Jason M. Reid
  The network environment was never safe. As more users connect to open networks for remote access, the risks of compromising systems and accounts increase. Secure network tools such as OpenSSH counter the threats of password theft, session hijacking, and other network attacks. These tools require planning, configuration, and integration. This article deals with server and client configurations, key management, and integration into existing environments for the Solaris Operating Environment (OE).
  
  (NOTE - See the Sun BluePrints article "Configuring Secure Shell Software" by Jason M. Reid, April 2003 for additional and updated information.)
  
  
• Issues in Selecting a Job Management System
  -by Omar Hassaine
  This article addresses the problems usually faced when selecting the most appropriate job management system (JMS) to deploy at HPC sites. The article describes the three most popular offerings available on the Sun platform and provides a classification of the most important features to use as a basis in selecting a JMS. A JMS comparison and useful set of recommendations are included.
  
  
• Securing Sun Fire 15K Domains
  -by Alex Noordergraaf and Dina Kurktchi
  This article describes how the Solaris Operating Environment can be hardened on a Sun Fire 15K domain. Included are recommendations on how the Solaris Operating Environment image running on the Sun Fire 15K domains should be configured in secure environments.
  
  
• Cluster Column:
  IMPLEMENTATION GUIDE:
  Guide to Installation - Hardware Setup
  -by Chris Dotson and Steve Lopez
  This article provides hardware configuration and installation procedures for each component of a Sun Cluster 3.0, two-node cluster. Procedures include commands required to configure the cluster hardware and best practices for achieving higher availability and/or performance for the two-node cluster. Sun's Cluster Platform 220/1000, featuring redundant Sun Enterprise 220R servers and Sun StorEdge D1000 disk arrays, Terminal Concentrator, and the Sun Cluster 3.0 Administration Workstation is examined. Note: This article is available in PDF format only.
  
  

Back to Top

• The Intelligent Architectures Design Philosophy
  -by John S. Howard
  This article introduces the design philosophy and tenets of the Intelligent Architectures (IA) approach to systems architecture: a philosophy centered on the use of archetypes - original models after which similar things are patterned. This article presents the IA archetypes in brief, as well as rules and recommendations for combining archetypes to design systems and datacenters.
  
  
• Developing a Security Policy
  -by Joel Weise and Charles R. Martin
  Security policy development is a frequently overlooked component of overall security architectures. This article details the importance of security policies and the basic steps involved in their creation.
  
  
• Configuring Boot Disks
  -by John S. Howard and David Deeths
  This article is the fourth chapter of the Sun BluePrints book titled Boot Disk Management: A Guide For The Solaris Operating Environment (ISBN 0-13-062153-6), which is available through www.sun.com/books, amazon.com, and Barnes & Noble bookstores.
  
  This chapter presents a reference configuration of the root disk and associated disks that emphasizes the value of configuring a system for high availability and high serviceability. This chapter explains the value of creating a system with both of these characteristics, and outlines the methods used to do so.
  
  
• Sun Cluster 3.0 12/01 Security: with the Apache and iPlanet Web and Messaging Agents
  -by Alex Noordergraaf, Mark Hashimoto and Richard Lau
  This article takes a first step in providing secured configurations for Sun Cluster 3.0 software by describing how three specific agents can be deployed in a secured configuration that is supported by Sun Microsystems. Sun Cluster 3.0 software is used by organizations to provide additional assurance that mission-critical services will be available despite unexpected hardware or software failures.
  
  
• Cluster Column:
  Building Sun based Beowulf Cluster
  -by Börje Lindh
  This article explains how you can build compute clusters from Sun Microsystems components that competes with Beowulf clusters and above.
  
  

Back to Top

• Sizing Sun Ray Servers Running Windows Applications with SunPCi IIpro Coprocessor Cards
  -by Don DeVitt
  This paper addresses the task of sizing a server capable of supporting Wintel based applications on a Sun Ray Server utilizing Sun Pci IIpro co-processor cards. The paper integrates the the informationof several previously published documents and sizing tools to determine a baselineconfiguration. The paper also suggests many best practice options for configuring the server.
  
  
• Securing the Sun Fire 15K System Controller
  -by Alex Noordergraaf and Dina Kurktchi
  This Sun BluePrints OnLine article provides specific recommendations on how the security of the Sun Fire 15k System Controller (SC) can be improved. These recommendations include specific recommendations on how the Solaris Operating Environment (Solaris OE) image running on the SC should be configured in secured environments.
  
  
• Application Troubleshooting: Alternate Methods of Debugging
  -by Chris Duncan
  What to do when applications are crashing or hanging is a critical issue for any software user. Few people will have the resources and skill set to debug the application directly using a source code debugger. In many cases source code debugging may not even be an option. This paper will discuss a variety of options open to a Solaris Operating Environment user to narrow down the causes and scope of a application failure. The article discusses programs such as truss, proc tools and features of the Solaris runtime linker.
  
  
• WebStart Flash
  -by John S. Howard and Alex Noordergraaf
  The Solaris Operating Environment Flash installation component extends JumpStart technology by adding a mechanism to create a system archive, a snapshot of an installed system, and installation of the Solaris Operating Environment from that archive. This article introduces the concepts and best practices for a Flash archive, describes the master machine, and suggested storage strategies, and provides a complete example of creating a Flash archive and installing a Web server with Flash.
  
  
• Cluster Column:
  Cluster and Complex Design Issues
  -by Richard Elling and Tim Read
  This is the entire first chapter from the Sun BluePrints Book Designing Solutions with Sun Cluster 3.0. In it, the authors examine how failures occur in complex systems and show methods that contain, isolate, report, and repair failures. Special considerations for clustered systems are discussed, including the impact of caches, timeouts, and the various failure modes, such as split brain, amnesia, and multiple instances.
  
  

Back to Top

• Kerberos Network Security in the Solaris Operating Environment
  -by Wyllys Ingersoll
  This article describes how to correctly and securely configure Kerberos in the Solaris Operating Environment. It provides best practices and recommendations.
  
  
• Sun StorEdge T3 Array: Installation, Configuration and Monitoring Best Practices
  -by Ted Gregg
  In order to fully realize the benefits of the capabilities built into the Sun StorEdge T3 array, it must be installed, configured, and monitored with best practices for RAS. This article details these best practices. It includes both Sun StorEdge T3 array configuration and host system configuration recommendations, along with brief descriptions of some of the available software installation and monitoring tools.
  
  
• Sun Fire Midframe Server Best Practices for Administration
  -by James Hsieh
  This article introduces best practices to maintain a Sun Fire server for mission-critical environments. It includes details of connecting the System Controller (SC), SC Administration Concepts for the Sun Fire Midframe Server, Platform Security, and Error Analysis and Diagnosis.
  
  
• Cluster Column:
  Writing Scalable Services With Sun Cluster 3.0 Software
  -by Peter Lees
  This article provides an introduction to the supporting features in the Sun Cluster 3.0 product release. It also describes both the technical requirements that must be considered when designing and programming an application to the most effective use of the cluster framework. This article also details some of the tools available for creating scalable resources.
  
  

Back to Top

• Using NTP to Control and Synchronize System Clocks - Part III: NTP Monitoring and Troubleshooting
  -by David Deeths and Glenn Brunette
  This article is the third in a series of three articles that discuss using Network Time Protocol (NTP) to synchronize system clocks. The goal of this article is to provide an effective understanding of NTP troubleshooting and monitoring.
  
  
• Sun Fire Midframe Server Configuration Best Practices
  -by James Hsieh
  This article introduces best practices that take advantage of the new features, capabilities, and technologies of the Sun Fire server. These practices will aid in configuring a Sun Fire system for mission critical applications.
  
  
• Securing Systems with Host-Based Firewalls - Implemented With SunScreen Lite 3.1 Software
  -by Martin Englund
  This article provides a discussion of why host-based firewalls can be an effective alternative to choke-point based firewalls or an additional layer of security in an environment. Details are then provided on how to implement a host-based firewalls using Sun's free host-based firewall software - SunScreen SecureNet Lite.
  
  
• Securing the Sun Fire Midframe System Controller
  -by Alex Noordergraaf and Tony Benson
  This article provides detailed recommendations on how to securely integrate the new Sun Fire Midframe systems into your environment.
  
  
• Cluster Column:
  Robust Clustering: A Comparison of Sun Cluster 3.0 versus Sun Cluster 2.2 Software
  -by Tim Read and Don Vance
  This article provides a technical comparision between Sun's most recent version of its clustering software and the previous version. The newest version includes numerous new features, which are examined in depth.
  
  

Back to Top

• Using NTP to Control and Synchronize System Clocks - Part II: Basic NTP Administration and Architecture
  -by David Deeths and Glenn Brunette
  This is Part 2 of a three-article series that discusses how to use Network Time Protocol (NTP) to synchronize system clocks. This article explains the basics of client and server administration, covering various client/server configurations, as well as authentication and access control mechanisms. This article also provides a number of suggestions for an effective NTP architecture.
  
  
• Public Key Infrastructure Overview
  -by Joel Weise
  This article removes some of the mystique, fear and misconceptions with Public Key Infrastructures (PKI), by providing an overview of what it is, how it works, why and when it should be used, and the benefits it can provide. After reading this article individuals should be better able to determine their requirements for a PKI and what features they need for their particular business.
  
  
• IP Network Multipathing
  -by Mark Garner
  IP Network Multipathing allows a server to have multiple network adapters connected to the same subnet. This article looks at the features of IP Network Multipathing and the steps required to configure it for network adapter resilience.
  
  
• Cluster Column:
  Cluster Platform 220/1000 Architecture-A Product from the SunTone Platforms Portfolio
  -by Enrique Vargas
  This article will provide customers a better understanding of this product capabilities by presenting its hardware and software architecture as well as best practices used in integrating the design.
  
  

Back to Top

• Automating LDAP Client Installations
  -by Tom Bialaski
  The article explains how to configure a native LDAP client at installation time, which is a new feature in Solaris 8 Operating Environment U3. The basics of sysidtools and creating a sysidcfg file for hands-off installation is covered along with how they relate to LDAP. Hard to find (non-documented) tips are provided to avoid common pitfalls.
  
  
• Building and Deploying OpenSSH on the Solaris Operating Environment
  -Jason M. Reid and Keith Watson
  This article describes the build and deployment processes for OpenSSH on Solaris Operating Environment. There are several components that must be built prior to building OpenSSH itself. Each necessary component is listed and described along with recommendations on build options. Openssh itself is a flexible tool with several options that affect integration into a site's security policy. These options are explored. Issues of packaging and deployment are also addressed.
  
  
• System Performance Management: Moving from Chaos to Value
  -Jon Hill and Kemer Thomson
  This article presents the rationale for formal system performance management from a management, systems administrative and vendor perspective. It describes four classes of systems monitoring tools and their uses. The article discusses the issues of tool integration, "best-of-breed versus integrated suite" and the decision to "buy versus build."
  
  
• Using NTP to Control and Synchronize System Clocks - Part I: Introduction to NTP
  -David Deeths and Glenn Brunette
  This article is the first of a series on the Network Time Protocol (NTP). NTP allows synchronizing clocks on different network nodes, which is critical in today's networked world. This first article provides an overview of why time synchronization is important and introduces basic NTP concepts.
  
  

Back to Top

• Supporting Microsoft Windows 2000 Server Applications from Sun Enterprise Servers
  -by Don DeVitt
  This article explores using multiple SunPCi II Pro cards running on Sun Enterprise servers to support Microsoft Windows 2000 Server applications. New SunPCi II Pro hardware and software now support multiple cards in one Sun Enterprise server. Benchmarks and Sizing information for a Windows 2000 Terminal Server environment are discussed.
  
  
• The Solaris Security Toolkit - Quick Start
  Updated for Toolkit version 0.3
  -by Alex Noordergraaf and Glenn Brunette
  This article provides an administrator with the information critical to getting the Solaris Security Toolkit installed and running as quickly as possible. None of the details included in Internals or Configuration and Installation are included.
  
  
• The Solaris Security Toolkit - Release Notes
  Updated for Toolkit version 0.3
  -by Alex Noordergraaf and Glenn Brunette
  This article provides the Toolkit user with a discussion of the new features, enhacements, and and changes included in version 0.3 of the Solaris Security Toolkit.
  
  
• The Solaris Security Toolkit - Installation, Configuration, and Usage Guide
  Updated for Toolkit version 0.3
  -by Alex Noordergraaf and Glenn Brunette
  This article focuses on the configuration and installation information of the Solaris Security Toolkit. This is a more in-depth discussion of the installation, configuration, and usage aoptions available in the Toolkit than in the Sun BluePrints OnLine article titled Solaris Security Toolkit - Quick Start Guide.
  
  
• The Solaris Security Toolkit - Internals
  Updated for Toolkit version 0.3
  -Alex Noordergraaf and Glenn Brunette
  This article focuses on the internals of the Toolkit. Each directory, file, and script included with the Toolkit source is discussed. Each of these components of the Solaris Security Toolkit are discussed to provide the reader with a detailed understanding of how the different Toolkit components function and interact.
  
  

Back to Top

• (This aticle is no longer available!)
  Running Multiple Solaris Operating Environment Naming Services on a Client
  -by Tom Bialaski
  The native LDAP client installation program assumes that you will not be running another naming service on your client. Some customers, who I have worked with, do not want to disable NIS when they configure native LDAP. This can be done, but there is no readily available document which describes how to do it. The article not only describes this procedure, but also highlights best practices for running NIS and LDAP together.
  
  
• Datacenter Naming Scheme
  -by Mark Garner
  Eighty percent of outages are allegedly the result of people or process issues. An intuitive and informative naming scheme can define and highlight the composition and function of components within a service infrastructure. The article looks at the merits of such a naming scheme and includes an example system for servers, storage, networks and cables that may help reduce operational error.
  
  
  
  

Back to Top

• Sun StorEdge T3 Dual Storage Array Part 3 - Basic Management
  -by Mark Garner
  The final article in the series looks at the configuration of basic management and monitoring functions on the T3 array. It concludes with example Expect scripts that could be used as a starting point for automating your own T3 installations.
  
  
• Demystifying the Directory Information Tree (DIT)
  -by Tom Bialaski
  Understand how NIS data is stored in the LDAP Directory Information Tree (DIT) helps you develop a directory topolgy that works best for you. This article introduces LDAP terminology and concepts which relate to the DIT and draws an analogy to terminology used to describe the UNIX® UFS filesystem. Examples are provided which show different options for storing NIS data.
  
  
• Solaris Operating Environment Security - Updated for Solaris 8 Operating Environment
  -by Alex Noordergraaf and Keith Watson
  This article discusses how system and network security can be dramatically improved on a Solaris Operating Environment (Solaris OE) system. Specific security recommendations are made for Solaris OE versions 2.5.1 through 8. This revised version, of the original Solaris OE Security Sun BluePrints published in January of 2000, incorporates all security-related updates in Solaris 8 OE.
  
  
• Building a JumpStart Infrastructure
  -by Alex Noordergraaf
  This article discussed how the core JumpStart components interract. Recommendations on how to structure the JumpStart server are provided in addition to step by step instructions on how to get a basic automated JumpStart environment up and running as quickly as possible.
  
  

Back to Top

• Sun StorEdge T3 Dual Storage Array Part 2 - Configuration
  -by Mark Garner
  This second article in the series addresses the installation and configuration of a T3 array partner group. It covers how two single arrays would be reconfigured to form a partner group, how the new devices are created on the host and how VERITAS Volume Manager integrates into the solution.
  
  
• Customizing the JumpStart Boot Image for Recovery
  -by John S. Howard
  This article includes techniques and recommendations for creating a recovery platform by augmenting the Solaris OE boot image (mini-root). This article will also examine the boot and installation processes by demonstrating how to adapt those processes for system recovery.
  
  
• Building a Bootable JumpStart Installation CD-ROM
  -by John S. Howard
  This article presents an examination of the structure of a bootable Solaris Operating Environment (Solaris OE) CD-ROM and procedures for how to create a bootable JumpStart installation CD-ROM. This CD can be used to complete a standardized, hands-free Solaris OE installation in environments where the disk space or networking constraints do not allow for a JumpStart server.
  
  
• Maintaining Network Separation with Trusted Solaris 8 Operating Environment
  -by Glenn Faden
  Glenn Faden describes how Mandatory Access Control (MAC) can be used to provide concurrent access to two isolated networks without compromising the separation.
  
  

Back to Top

• Sun StorEdge T3 Dual Storage Array Part 1 - Installation, Planning and Design
  -by Mark Garner
  This article looks at the planning and design requirements for the installation of a Sun StorEdge T3 Array partner group. It is the first of three articles which address planning and design, configuration and basic management of a Sun StorEdge T3 Array.
  
  
• Auditing in the Solaris 8 Operating Environment
  -by William Osser and Alex Noordergraaf
  The use of the Solaris 8 Operating Ennvironment auditing (BSM) has never been well understood. This article presents an auditing configuration optimized for the Solaris 8 OE. The recommended configuration will audit activity on a system without generated gigabytes of data every day. In addition, the configuration files are available for download from http://www.sun.comtools.
  
  
• IP Network Multipathing
  -by Mark Garner
  This article looks at the features of IP Network Multipathing, a recent addition to the Solaris Operating Environment, and the steps required to configure it for network adapter resilience.
  
  
• Using dsimport to Convert NIS Maps to LDAP Directory Entries
  -by Tom Bialaski
  This article describes a method to import your NIS maps into an LDAP directory using the dsimport utility. Use of this tool rather than a homegrown one or one found in the public domain is a best practice because it is complete, tested, and verifiable.
  
  

Back to Top

• Storage Area Networks: A blueprint for Early Deployment
  -by Brian Wong
  This paper surveys the applications to which Storage Area Networks (SANs) aspire, the available SAN technology-and its limitations-and attempts to prepare users for forthcoming technology, so that they can deploy real operational storage in data centers without further delay.
  
  
• Sun/Oracle Best Practices
  -by Bob Sneed
  In this paper, Best Practice concepts are first defined, then specific high-impact technical issues common with Oracle in the Solaris Operating Environment are discussed.
  
  
• MR System for Rapid Recovery
  -by John S. Howard
  This article is an introduction to the MR system for rapid recovery. As the system uptime requirements have become more exacting, the length of time it takes to boot these larger and more complex systems has grown. By implementing MR on your JumpStart servers it may be possible to reduce the number of reboots required during a system recovery or service event. This minimization of reboots will speed recovery and service time as well as enable the system administrator to use datacenter tools during system recovery procedures.
  
  
• Planning for Large Configurations of Netra t1 Servers
  -by Stan Stringfellow - Special to the Sun BluePrints OnLine
  This article examines a wide range of management and serviceability issues that should be considered when planning a large (and possibly geographically disbursed) server farm consisting of Netra t1 servers. The use of the Netra alarms and lights-out management (LOM) module is discussed in some detail. Consideration is also given to several other topics, including the power and cooling issues that arise when up to 32 Netra t1 servers are mounted within a single rack or cabinet.
  
  

Back to Top

• Directory Server Security
  -by Tom Bialaski
  This article provides an overview of what the LDAP security model consists of and what security changes need to be made to accommodate the Solaris Operating Environment naming service requirements.
  
  
• Planning to Fail
  -by John S. Howard
  This article presents design guidelines and "best practices" for the selection and configuration of system software such as Veritas Volume Manager, Dynamic Mulit-pathing, Dynamic Reconfiguration, and Live Update. It also focuses on which versions and combinations of these software tools result in viable configurations, and which combinations to avoid.
  
  
• Updated (11/01) Solaris Operating Environment Network Settings for Security Updated for Solaris 8 Operating Environment
  -by Keith Watson and Alex Noordergraaf
  This article updates the original Solaris Operating Environment Network Settings for Security article published December 1999 to include security specific IPv4 and IPv6 options added in Solaris 8 Operating Environment. These additions and modifications have been incorporated into an updated nddconfig script available on http://www.sun.comtools.
  
  
• High Availability Best Practices
  -by Enrique Vargas
  This article introduces best practices that assist in minimizing the impact of people and processes in the datacenter which helps to achieve higher availability goals.
  
  

Back to Top

• Directory Server Indexing
  -by Tom Bialaski
  Indexing plays an important role in optimizing the performance of a directory server. Both types of indexing discussed in this article, attribute and Virtual List View (VLV), should be deployed when configuring a directory server to support the native LDAP naming service which is included in the Solaris 8 Operating Environment.
  
  
• Sharing NFS and Other Remote File Systems via Solaris PC NetLink Software
  -by Don DeVitt
  This article offers best practice solutions for sharing NFS and remote file systems via Solaris PC NetLink software. These solutions help your enterprise avoid potential conflicts that may arise when allowing access to remote files using the Solaris PC NetLink software.
  
  
• Updated Solaris Operating Environment Minimization for Security: A Simple, Reproducible and Secure Application Installation Methodolgy Updated for Solaris 8 Operating Environment
  -by Alex Noordergraaf
  This article updates the original OS Minimization article's required package listings for Solaris 8 Operating Environment and 64bit UltraSPARC II hardware
  
  
• High Availability Fundamentals
  -by Enrique Vargas
  This article emphasizes configuration elements that impact a single server availability to help system administrators arrive at a hardware configuration that best matches their availability requirements.
  
  
• Updated
  -by Alex Noordergraaf and Glenn Brunette
  In parallel with the "JASS" Toolkit version 0.2 release all three articles describing the "JASS Toolkit have been updated and revised to document new updates and functionality.
  

  JumpStart Architecture and Security Scripts for the Solaris Operating Environment - Part 1

  JumpStart Architecture and Security Scripts for the Solaris Operating Environment - Part 2

  JumpStart Architecture and Security Scripts for the Solaris Operating Environment - Part 3

  
  
  

Back to Top

• Wide Thin Disk Striping
  -by Bob Larson
  In this article, the technique of using stripes to distribute data and indexes over several disks is described. The article also contains the recommendations to use wide-thin stripes to maximize operational flexibility while minimizing complexity.
  
  
• Building Secure N-Tier Environments
  -by Alex Noordergraaf
  This article provides recommendations on how to architect and implement secure N-Tier ecommerce environments.
  
  
• Implementing LDAP in the Solaris Operating Environment
  -by Tom Bialaski
  This article provides an overview of LDAP implementation. LDAP is an industry standard interface that is more than just a protocol. This article provides an explanation of the LDAP models and their actual implementation. Since the installation and configuration of Solaris Native LDAP is quite complex this article provides a foundation for understanding the fundamental principles involved.
  
  
• Administering Sun Cluster 2.2 Environments
  -by David Deeths
  David Deeths discusses the fundamentals and best practices of installing, configuring, and managing a Sun Cluster 2.2 environment. He also offers many tips for effective cluster administration and how to increase and maintain a high level of system availability.
  
  

Back to Top

• Sun StorEdge T3 Single Storage Array Design and Installation
  -by Mark Garner
  Mark provides a roadmap for the cinfirguration of a single Sun StorEdge T3 Storage Array. It addresses: Prerequisites, Storage Layout Design, Implementation, Configuration, and Basic Management.
  
  
• Online Backups Using the VxVM Snapshot Facility
  -by John S. Howard
  Complete and accurate backups performed in a timely fashion are crucial to every datacenter. This article presents a procedure utilizaing the snapshot facility of the Veritas Volume Manager software which enables the System Administrator to perform timely, complete and accurate online backups with minimal impact to the user or applications.
  
  
• Sun HPC ClusterTools Software Best Practices
  -by Omar Hassaine
  This article discusses the Best Practices for successfully configuring, installing and using the Sun High Performance Computing (HPC) ClusterTools software. It also covers the current status of the Sun HPC ClusterTools in the field and briefly describes the archtecture.
  
  
• JumpStart Architecture and Security Scripts for the Solaris Operating Environment - Part 3
  -by Alex Noordergraaf
  This article is third in a three part series describing an automated toolkit for implementing the security modifications documented in earlier Sun BluePrints onLine articles. In conjuction with this final article the toolkit itself is being made freely available.
  (See "November 2000" for updated version)
  
  

Back to Top

• Toward a Reference Configuration for VxVM Managed Boot Disks
  -by Gene Trantham and John S. Howard
  Gene and John outline the fundamental procedures typically followed in a boot disk encapsulation and the problems this default encapsulation introduces. A best practice for VxVM installation, root disk encapsulation and a reference configuration is presented.
  
  (See the Sun BluePrints book Boot Disk Management: A Guide for the Solaris Operating Environment by John S. Howard and David Deeths ISBN # 0-13-062153-6 for updated information about the topics detailed in this article.)
  
  
• Exploring the iPlanet Directory Server NIS Extensions
  -by Tom Bialaski
  Tom discusses how to implement a phased deployment using the Solaris Extensions for Netscape Directory Server 4.11.
  
  
• JumpStart Architecture and Security Scripts for the Solaris Operating Environment - Part 2
  -by Alex Noordergraaf
  This article is part two of a three part series that presents the JumpStart Architecture and Security Scripts toolkit. We continue with an in-depth review of the configuration files, directories, and scripts used by the toolkit to enhance the security of Solaris Operating Environment systems. This series is a must read for anyone interested in upgrading the security of their site.
  (See "November 2000" for updated version)
  
  
• SCSI-Initiator ID
  -by David Deeths
  Changing the SCSI-initiator ID is necessary for cluster configurations that share SCSI devices between multiple hosts. This article walks you through the process, and also provides an excellent background on SCSI issues in clustered systems.
  
  

Back to Top

• JumpStart Architecture and Security Scripts for the Solaris Operating Environment - Part 1
  -Alex Noordergraaf
  This article is part one of a three part series presenting the JumpStart Architecture and Security Scripts tool (Toolkit) for the Solaris Operating Environment. The Toolkit is a set of scripts which automatically harden and minimize Solaris Operating Environment systems. The modifications made are based on the recommendations made in the previously published Sun BluePrints OnLine security articles.
  (See "November 2000" for updated version)
  
  
• An Introduction to Live Upgrade
  -by John S. Howard
  John provides an introduction and overview of Live Upgrade and also provides techniques and best practices for the usage of Live Upgrade.
  
  
• VxVM Private Regions: Mechanics and Internals of the VxVM Configuration Database
  -by Gene Trantham
  Gene discuss the functions of the VxVM public and private regions, the configuration database, and the special considerations for root disk encapsulation.
  
  
• Disaster Recovery Requirements Analysis
  -by Stan Stringfellow - Special to Sun BluePrints OnLine
  Stan discusses how to successfully implement a disaster recovery program through careful and exhaustive disaster recovery requirements analysis. He also provides a disaster recovery requirements analysis form that can serve as the basis for an iterative negotiation process that helps all parties to arrive at realistic expectations and well-understood disaster recovery service level agreements.
  
  

Back to Top

• Scrubbing Disk Using the Solaris Operating Environment Format Program
  -Rob Snevely
  Rob explains how to effectively scrub disks on a Solaris Operating Environment system, using the format utility.
  
  
• Using Solaris Resource Manager with Solaris PC NetLink Software - Part 2
  -by Don DeVitt
  Don presents part 2 of this article in which he includes an experiment that is performed to determine a useful range of shares that can be allocated to the Solaris PC NetLink software by the Solaris Resource Manager software.
  
  
• JumpStart Mechanics: Using JumpStart for Hands-Free Installation for Unbundled Software - Part 2 Automatic Encapsulation of the Root Disk
  -by John S. Howard
  John provides procedures to fully automate the initial configuration of Sun Enterprise Volume Manager and automate encapsulation of the boot disk using JumpStart.
  
  
• Architecting a Service Provider Infrastructure for Maximum Growth
  -by Stan Stringfellow - Special to Sun BluePrints OnLine
  Stan introduces the first of a new series of Sun BluePrints OnLine articles that will examine the issues involved with building scalable and highly available service provider infrastructures. ISPs, ASPs, NSP's corporate Web services, Telco services, and digital wireless network services all benefit from the principles that will be discussed in these series of articles.
  
  
• The Art of Production Environment Engineering
  -by Bill Walker
  Bill addresses the production environment needs of the datacenter using the International Organization for Standardization (ISO), Fault Configuration Application Performance Security model (FCAPS) Information Technology Infrastructure Library framework (ITIL), a basic IT reference model, and the SunReady Methodology's roadmap to production.
  
  

Back to Top

• Static Performance Tuning
  -by Richard Elling
  Richard discusses a class of problems that can affect system performance which is not dynamic by nature, and cannot be detected by conventional dynamic tuning tools.
  
  
• JumpStart Mechanics: Using JumpStart Application for Hands-Free Installation of Unbundled Software - Part 1
  -by John S. Howard
  John discusses automating and standardizing the installation of the Solaris Operating Environment along with the associated unbundled software products and datacenter management tools.
  
  
• Using Solaris Resource Manager with Solaris PC NetLink Software - Part 1
  -by Don DeVitt
  Don discusses the use of Solaris PC NetLink with Solaris Resource Manager.
  
  
• Veritas VxVM Storage Management Software
  -by Gene Trantham
  Gene explains the underlying actions VxVM during boot disk encapsulation, and details the mechanism by which it seizes and manages a boot device.
  
  

Back to Top

• Trouble-shooting the Computer Browser Server with Solaris PC NetLink Software
  -by Don DeVitt
  Don discusses trouble-shooting network browsing with Solaris PC NetLink software.
  
  
• Tales from the Trenches: The Case of the RAM Starved Cluster
  -by Richard Elling
  Richard discusses how Veritas File System (VxFS) affects memory on a Solaris Operating Environment server. He also describes a real world example of the interactions between the Solaris Operating Environment Version 2.5.1, VxFS Version 2.3.1, and user applications.
  
  
• Upgrading Your Environment to Solaris 8 Operating Environment
  -by Computer Systems, Solaris Productization and Marketing
  This article displays how administrators can upgrade quickly to the Solaris 8 Operating Environment by proactively testing applications and using Solaris JumpStart.
  
  
• Building Longevity into Your Solaris Operating Environment Applications
  -by Computer Systems, Solaris Productization and Marketing
  This article discusses specific steps that developers can take to improve the longevity of their applications. It also introduces evolutionary new features and interfaces that Sun offers in the Solaris 8 Operating Environment release.
  
  
• A Rapid Restore Solution for Disaster Resiliency
  -by Raza Hussain
  Raza gives a quick and efficient method for using point in time images to minimize the potential of data loss and expedite the restoration of business to normal.
  
  

Back to Top

• Scenario Planning - Part 2
  -by Adrian Cockcroft
  Presents part two of the Scenario Planning article and explains how to follow-up a simple planning methodology based on a spreadsheet that is used to break down the problem and experiment with alternative future scenarios.
  
  
• Solaris 8 Additions to sysidcfg
  -by Rob Snevely
  Shows you how to do fully hands-off installations of the Solaris 8 Operating Environment. He also discusses how to use Jumpstart and sysidcfg to provide uniform Solaris Operating Environment installations and save you time.
  
  
• Operating Environment: Solaris 8 Installation and Boot Disk Layout
  -by Richard Elling
  Discusses Solaris WebStart, a new Java-based procedure that simplifies installation of the Solaris 8 Operating Environment. Richard also recommends a boot disk layout for desktop and small workgroup servers.
  
  
• Fast Oracle Parallel Exports on Sun Enterprise Servers
  -by Stan Stringfellow - Special to Sun BluePrints OnLine
  Gives a script that performs very fast Oracle database exports by taking advantage of parallel processing on SMP machines. This script can be invaluable for situations where you need to perform exports of large mission-critical databases that require high availability.
  
  
• SSP Best Practices
  -by John Howard
  Presents best practice procedures and configurations for the SSP and backup SSP. In addition, an overview of the MR system for rapid recovery of systems or domains.
  
  

Back to Top

• NIS to LDAP Transition: Exploring
  -by Tom Bialaski
  Examines technologies that help increase availability during the transition from legacy Solaris Operating Environment directory services to LDAP based ones.
  
  
• Rapid Recovery Techniques: Auditing Custom Software Configurations
  -by Richard Elling
  The fourth article in a series that covers rapid recovery techniques for the Solaris Operating Environment.
  
  
• Managing the Solaris PC NetLink Registry
  -by Don DeVitt
  Highlights the importance of documenting and managing changes to the Solaris PC NetLink registry and establishing procedures for maintaining the state server.
  
  
• Scenario Planning - Part 1
  -by Adrian Cockcroft
  Discusses scenario planning techniques to help predict latent demand during overload periods. In this part 1 he explains how to simplify your model down to a single bottleneck.
  
  

Back to Top

• Rapid Recovery Techniques for Solaris Operating Environment
  -by Richard Elling
  Discusses the Solaris Operating Environment software registry, the ease of building packages, and the use of these packages in an automated installation environment.
  
  
• Upgrading the Solaris PC NetLink Software
  -by Don DeVitt
  Highlights some of the subtle upgrade options that many system administrators will want to be aware of as they move from one version of Solaris PC NetLink software to the next.
  
  
• Sun Enterprise 10000 Server Floating Tape Library Solution
  -by Enrique Vargas
  Presents the fourth article in the Dynamic Reconfiguration (DR) series.
  
  
• Solaris Operating Environment Security
  -by Alex Noordergraaf and Keith Watson
  This article splits the discussion of the Solaris Operating Environment system security into two parts.
  
  

Back to Top

• Observability
  -by Adrian Cockcroft
  Discusses Capacity Planning and Performance Management techniques.
  
  
• Clustering LDAP Directory Servers
  -by Tom Bialaski
  Explore deployment of Sun Cluster software to create an environment for LDAP based directory services that are highly available for both read and write access.
  
  
• Rapid Recovery Techniques: Repairing File Ownership and Mode
  -by Richard Elling
  The second article in a series that will discuss rapid recovery techniques for the Solaris Operating Environment.
  
  
• Setting Up a Solaris Operating Environment Install Server and the Solaris JumpStart Feature
  -by Rob Snevely
  A walkthrough on setting up an install server.
  
  
• Tracing Resource Consumption of Solaris PC NetLink Software Users
  -by Don DeVitt
  Shows the Solaris Operating Environment commands and the Solaris PC NetLink software commands for determining which PC clients are consuming resources via Solaris PC NetLink software.
  
  
• Solaris Operating Environment Minimization for Security: A Simple, Reproducible and Secure Application Installation Methodology
  -by Keith Watson and Alex Noordergraaf
  Discuss OS minimization as a technique for reducing system vulnerabilities; a simple method for duplicating these installations on large numbers of servers is also introduced.
  (See "November 2000" updated for Solaris 8 OE)
  
  
• Updated (11/01) Solaris Operating Environment Network Settings for Security
  -by Keith Watson and Alex Noordergraaf
  Discuss the many low-level network options available within Solaris and their impact on security.
  (See "December 2000" updated for the Solaris 8 Operating Environment)
  
  

Back to Top

• Availability - What It Means, Why It's Important, and How to Improve It
  -by Richard McDougall
  Explains various aspect of availability.
  
  
• JumpStart: NIS and sysidcfg
  -by Rob Snevely
  How to use JumpStart technology to allows automation of the install process.
  
  
• Policy-Based Networks
  -by Jean-Christophe Martin
  Explores the network policy concept in greater depth, and see how it is implemented in the Solaris Bandwidth Manager software.
  
  
• Rapid Recovery Techniques: Exploring the Solaris Software Registry
  -by Richard Elling
  Discuss how to use processes to recover from errors caused by people.
  
  
• Solaris Directory Services: Past, Present and Future
  -by Tom Bialaski
  Looks at the high availability features of currently supported Solaris Operating Environment directory services (NIS, NIS+, DNS) and contrasts them with LDAP's high availability features.
  
  
• Workgroup Server PCI RAID Solution - The Sun StorEdge SRC/P Controller
  -by Don DeVitt
  Covers SRC/P basic description and performance considerations in the Sun Enterprise 450 server.
  
  
• Processing Accounting Data into Workloads
  -by Adrian Cockcroft
  Extends the information about Solaris operating system accounting to include code examples that extract the data in a usable format and pattern match it into workloads.
  
  

Back to Top

• Starfire Server DR-Detach and DR-Attach Requirements
  -by Enrique Vargas
  Provides a complete list of Starfire Server prerequisites for enabling attach and detach operations on any system board.
  
  
• SunPCi Supporting Highly Available PC Applications with Solaris
  -by Don DeVitt
  Creating a highly available environment for supporting PC applications, using the newly introduced SunPCi card.
  
  
• Modelling the Behavior of Solaris Resource Manager Software
  -by Enterprise Engineering
  How Solaris Resource Manager software achieves dynamic resource consumption by using a fair share CPU scheduling algorithm.
  
  
• Solaris Resource Manager: Resource Assignment
  -by Richard McDougall
  This article explains how users are assigned resource lnodes and under what circum-stances they change to ensure that resource limits are allocated correctly.
  
  

Back to Top

• High Availability: Boot/Root/Swap
  -by Jeannie Johnstone Kobert
  Ways to mirror your system disk to prevent system failure.
  
  
• PC Interoperability: Transitioning to Solaris PC NetLink 1.0
  -by Don DeVitt
  Don takes you through step-by-step on setting up the PC NetLink.
  
  
• Resource Management: Load Sharing Facility
  -by Tom Bialaski
  How LSF can be used as a resource management tool for running technical batch applications such as simulations.
  
  
• Resource Management: Solaris Bandwidth Manager
  -by Evert Hoogendoorn
  Evert explains the benefits of Solaris Bandwidth Manager.
  
  
• Resource Management: DR Requirements for I/O Device Drivers
  -by Enrique Vargas
  Covers the device driver functions that are required to fully support the DR framework.
  
  

Back to Top

• Resource Management: An Overview of Methodology
  -by Adrian Cockcroft
  An in-depth overview on Service Level Definitions and Interactions and Resource Management Control Loop.
  
  
• Resource Management: Dynamic Reconfiguration
  -by Enrique Vargas
  The fundamentals of Dynamic Reconfiguration.
  
  
• Resource Management: Managing NFS Workloads
  -by Richard McDougall, Adrian Cockcroft and Evert Hoogendoorn
  Demonstration of the usage and management of NFS.
  
  
• Resource Management: Solaris Resource Manager
  -by Richard McDougall
  Overview and examples of Solaris Resource Manager functions.
  
  
• Resource Management: Solaris Resource Manager - Decay Factors and Parameters
  -by Richard McDougall
  More on Solaris Resource Manager with the Decay Factors and Parameters.
  
  
• Resource Management: Solaris Resource Manager - Decay and Scheduler Parameters
  -by Richard McDougall
  Continues with the topic of Solaris Resource Manager Decay.
  
  

---

  to the top  |     back to home

---