 |
 |
|
| Home > | Next > |
| | | | | ||||||||||||||||||||||||||||||||||||
|
|
|
Fast Track to Solaris 10 Adoption: Solaris Grid ContainersGeneral InformationPlease click on a question below or download a pdf version.
Q: Can you explain the features of Solaris Grid Containers? A: To get the whole story, check the main Solaris 10 OS Web site — there's a feature article on Solaris Grid Containers linked there. The short take: you can divide any system that can run Solaris 10 into multiple application environments — literally thousands per system. Each container looks to apps and users like its own OS instance, with its own nodeName, net address, process table, memory management and so on. One other major feature is what it does not have, which is system overhead; there is no significant performance impact associated with containers. Another key benefit is the dramatic reduction of management complexity associated with consolidating multiple applications on one OS instance. Q: Does the Solaris Grid Container feature cost extra, or is it included with the Solaris 10 OS? A: Solaris Grid Containers is a part of the Solaris 10 OS and is included in the price of that product. Q: Just to be clear, are Zones and Solaris Grid Containers the same thing? A: The concept of Zones was introduced in the Solaris 9 OS with the Solaris Resource Manager. Solaris Grid Containers elevates the capabilities of these techniques. Some of the nomenclature is a bit confusing; hopefully the technical documents are helpful in sorting this out. A: This is almost a two-part question — I think VxFS would be an example of an app that would run in the global zone, providing services to all containers. But generally speaking, we expect that vendors licensing on a per-CPU basis will see containers the same way as they do domains, since a container can be tied to specific CPUs and this assignment cannot be changed from within the container. This is how Oracle, for example, defines a "hard partition" today, so it would make sense for them to extend the same licensing policy to containers. A: If you lose the root password to your zone, the global zone administrator can easily reset it, since the global zone administrator can always login to the zone using zlogin(1M), usually even when the zone is damaged. This makes zones ideal for hosted and managed environments where users might be prone to losing their passwords or making other similar mistakes. A: The primary use case for Solaris Grid Containers is for server consolidation; customers are using it to reduce the number of servers in their data centers and the costs associated for managing them. Q: What other kind of metrics are you tracking for this feature? Performance? A: Performance is certainly one metric (and of course that really tracks right back to savings) — by not imposing a significant system overhead, we allow customers to do more with the systems they buy. Ease of administration and security would be two other areas in which we think containers can be beneficial. Q: When do you expect 64-bit technology to be in full swing? A: The first big 64-bit technology wave was really in the mid-to-late 90s. That's when you saw "big iron" move to 64 bits in a big way, for large databases, image analysis, design, and so on. The second wave is now. You're seeing even high-volume client systems going beyond 1GB of memory on a regular basis; we're all hitting the wall on 32-bit addressability, especially in the x86 world. This is why we're excited about AMD64, which lets customers take advantage of existing 32-bit x86 apps with extremely high, economical performance, but now can add in 64-bit applications and/or work within a system address space the readily breaks the 32-bit barrier. Q: Are you using the terms "zones" and "containers" interchangeably? A: Great question. The terminology is consistent, but can be tough to sort out. Here goes: A "zone" is a way of partitioning the system to provide namespace and security isolation. The end effect is something similar to a virtual machine. A "container" (or Solaris Grid Container) is really a superset of zones, Solaris Resource Manager, and some other technologies, adding up to a highly partitioned system. So you can think of zones as one of the specific technologies that make up our overall container strategy. Q: Is "Live Upgrade" integrated into the Solaris 10 OS and if it is, is it zone "aware"? A: Live Upgrade came in the Solaris 8 OS and remains in through the Solaris 10 OS. Currently (i.e., what you see via Software Express), it is not zone-aware, but plans are to make it so by the release of the Solaris 10 OS at the end of this year. A: I guess maybe you're thinking about Solaris Grid Engine? That's a separate product, and I believe it has the features you're talking about. Q: Are Solaris Grid Containers similar to logical partitions? A: On a broad level, yes. LPARs, Dynamic System Domains, and Solaris Grid Containers all provide virtual partitioning on a single system. We think containers, especially in combination with domains, provides many advantages. A: The major advantages of containers are: runs on any system, no system performance hit, dramatically simplified management, thousands of containers on a system vs.10 per CPU with Micro-Partitioning. Q: How does this compare to VMware? A: VMware virtualizes the physical machine (creating a "virtual machine" that can run stock operating systems), and runs a separate OS instance on each VM. With containers, we are running a single OS instance, and creating isolated application environments on top of that — basically virtualizing the OS environment rather than the physical machine. Since we're not introducing new layers of software between the process and the physical hardware (container boundaries are implemented using the same OS checks already existing for cross-process security), containers have none of the performance issues present with a VM. In addition, a system with containers has only a single OS instance to administer (patch, upgrade, etc.). Q: What kind of adoption are you seeing for Solaris Grid Containers? A: We're seeing massive interest. One of the unexpected responses we're seeing is that customers running even just a single application on a system are considering running it in a container because of the high degree of security, and fault and resource isolation this can add to their existing environments. Q: What are the common hurdles in IT organizations in getting people to use Solaris Grid Containers? A: It's a new approach to an old problem, so the biggest hurdle will probably be mindset. Our experience has been that "money talks" — when people realize how much money they can save with this technology, they'll be eager to try it out. We've seen significant adoption among finance and telecom customers. Q: Will the Solaris OS get a GUI update, and are you considering integrating the new 3D interface? A: The Solaris 9 OS introduced GNOME support; in the Solaris 10 OS this will be enhanced significantly with the delivery of the GNOME-based Java Desktop System on the Solaris OS as well as Linux. Integrating 3D functionality such as what's been demonstrated with Project Looking Glass is still under discussion. A: Probably the best way to gauge what will be available at GA will be to track what's already in the Software Express releases. Although any feature list being discussed is subject to change until it's truly released, anything that's already integrated into the early Solaris 10 OS builds stands a very good chance of being at GA. A more formal roadmap of features would need to be discussed with your Sun support team under NDA. Q: How soon is the Solaris 10 OS for AMD64 going to be available? A: There will be one release date for both platforms; we will ship at the end of this calendar year. Q: How do you compare zones with IBM'S LPAR technology? A: Although both allow running applications in isolation on the same hardware, these are very different technologies. Zones support multiple applications within the same operating system instance; there's one kernel, one set of patches, etc., and a user in the "global zone" has visibility into the entire system (across all zones). In addition, multiple zones can share the same physical hardware (CPUs, memory, I/O, etc.). LPARs (and Sun's Domains) partition the physical machine, allowing a separate operating system instance to run on each partition. The degree of isolation is greater; however, it means more OS instances to manage and a lower degree of sharing. A: Grid containers is really the combination of both the resource management features available in the Solaris 9 OS (extended and improved in the Solaris 10 OS), as well as the isolation and security features provided by the Zones facility in the Solaris 10 OS. You can use each independently, but we feel that the combination provides the fullest solution.
| | ||||||||||||||||||||||||||||||||||||
