SlideShare a Scribd company logo

Illumos — LOPSA SD

Brian Bennett
Brian Bennett

Tracing the history of illumos through the origins of Unix, BSD, Solaris, and OpenSolaris; and exploring the feature set of this fully modern Unix system.

Technology
1 of 28
Download to read offline
illumos
 The State of Fully Modern Unix brian.bennett@joyent.com @bahamat
illumos in a Nutshell • Is an open source descendent of OpenSolaris • …which itself was a branch of Solaris Nevada • …which was the name of the release after Solaris 10 • …and was open but is now closed • …and is itself a descendent of Solaris 2.x • …but it can all be called “SunOS 5.x” • …but not “SunOS 4.x” — that’s different • …which came from Unix
Unix Family Tree
Unix Family Tree
Unix: Grandfather of Open Source • At the dawn of computing software was seen as having no commercial value • Computers came with operating systems and operating systems came with source code • Prohibited from entering the computing industry by the 1956 consent decree, AT&T initially could not commercialize Unix • Sixth Edition was widely circulated among universities • The culture of freely shared source code is what made Unix thrive • Graduating from universities to the enterprise, by 1983 Unix was available from about 60 different vendors
The Proprietary Middle Ages • The breakup of AT&T in 1982 changed things for Unix, with the consent decree lifted, Bell Labs began to strongly commercialize it • The GNU Manifesto and Free Software Foundation were created in direct opposition to this proprietary environment • In 1991, at the height of the Unix Wars, Linux was first made available under the GNU GPL v2 license • The 1992 USL v. BSDi lawsuit cast a cloud of uncertainty around BSD code • Nature abhorring a vacuum, Linux inherited the spirit of freedom classically enjoyed by Unix users • Meanwhile hardware vendors all but abandoned Unix, mobilizing a strategy around Windows NT, all except Sun
Solaris • The rise of Linux and x86 micros forced the market price of OS acquisition to zero, it became clear that open sourcing Solaris was the right business decision for Sun • Solaris had always been a loss-leader for Sun; the company made money from complementary goods (hardware, support, etc.) • Moreover, open sourcing the system would assure that Solaris innovations would transcend products and become advances in the state of the art • As early as the late ’90s, there was serious talk within Sun of open sourcing Solaris • In 2004 Jonathan Schwartz, then CEO of Sun, made it a priority
OpenSolaris • In January 2005, OpenSolaris was born when Dtrace became the first of the system to be open sourced, from its very first release • Unfortunately, not all elements of Solaris could be open sourced; some contracts prevented some small (but important) bits from being open sourced • To allow for such proprietary drivers, Sun developed a file- based copy-left license, the Common Development and Distribution License (CDDL) • The rest of the OS was open sourced in June 2005 and was developed in the open from that point — changes to the OS were open sourced as they integrated
The Death of OpenSolaris • Ailing Sun was bought by Oracle in 2009, with the acquisition closing in February 2010 • It became clear that Oracle had absolutely no interest in OpenSolaris • Despite that it would be obviously stupid, there was even a move within Oracle to close the system • Throughout 2010 there was a mass exodus of Solaris talent away from Oracle
The Birth of illumos • Starting in the summer of 2010, Garrett D’Amore at Nexenta — with help from Rich Lowe, Jason King and others — began the process of either writing the closed bits from scratch or porting them from BSD • By early August, an entirely open system was booting • Dubbed “illumos” (from illuminare, Latin for illuminate) and made available August 3, 2010 • Notably, the announcement included both code and a working demo — leading with technology, not rhetoric • illumos was not intended to be a fork, but rather an entirely open downstream repository of OpenSolaris
The Silent Death of OpenSolaris • On Friday, August 13th, 2010 an internal memo was circulated by the putative Solaris leadership: We will distribute updates to approved CDDL or other open source-licensed code following full releases of our enterprise Solaris operating system. In this manner, new technology innovations will show up in our releases before anywhere else. We will no longer distribute source code for the entirety of the Solaris operating system in real-time while it is developed, on a nightly basis. • This was never publicly announced; updates just silently stopped on August 18th, 2010. • And it was a lie anyway: Solaris 11 was released on November 9, 2011 — and there was no source release
The Phoenix • illumos is what Sun intended it to be, a fully open and free operating system • Oracle (silently) forked Solaris by leaving the community • Oracle's abandonment of the community only strengthens illumos’ position as the repository of record for Solaris technologies and the future of the platform • By refusing to take part in the community, Oracle is denying themselves features developed in the community • Today illumos embodies the spirit of, and is the proper successor to Solaris
illumos Differentiators • Dtrace & MDB • ZFS • Zones • LX-brand • Fault Management Architecture & Service Management Facility • Crossbow • Role Based Access Control & Least Privilege • KVM
DTrace & MDB • DTrace is a magician that conjures up rainbows, ponies and unicorns — and does it all entirely safely and in production! • Instruments all software, applications, databases, web servers, the operating system kernel and device drivers • Allows you to ask arbitrary questions about what the system is doing and find the answer • Only as hard as you think it is — D syntax inspired by awk and C • MDB, the modular debugger • Trivially identify the cause of crashes
ZFS • 128-bit, copy on write filesystem • Pooled Storage • End to end data integrity • Self healing, with sufficient replicas • Transactional writes, always consistent on disk (no fsck!) • Snapshots & clones, send & receive • Lightweight filesystem creation with arbitrary mount points • Block oriented zvols
Zones • Inspired by BSD Jails, aped by Linux • Takes the concept of jails to its fullest logical conclusion, an entire virtual operating system • Zones provide strong isolation, no process running in a non- global zone, even one with superuser credentials is allowed to view or affect activity in other zones • No virtualization overhead — apps run at full speed, executing on bare metal • In 2014, encouraged by initial work from illumos community member David Mackay, Joyent reintroduced LX-brand zones, allowing Linux binaries to run unmodified on SmartOS
Predictive Self-Healing • Fault Manager (FMA) • Errors are detected and sent to the Fault Manager (fmd) • Fmd dispatches error reports to the diagnosis engine • Faults are automatically corrected, or actionable reports raised to administrators • Service Manger Facility (SMF) • Milestones and Service dependencies • Services identified by Fault Management Resource Identifier (FMRI) • Faulted (crashed) services are automatically restarted • Unhealthy services are raised to administrators
Crossbow: Network Virtualization • Physical interfaces, VNICs, VLANs, etherstubs (virtual switch), link aggregation, 802.1D bridges, IP tunneling, network overlay (VxLAN) • Physical interfaces are also etherstubs for attaching VNICs • Interface independent etherstubs can be created, to which VNICs can be attached • VNICs can be shared or exclusive IP • Restrict • MAC spoofing • IP spoofing • DHCP spoofing • Non-IP traffic
Role Based Access Control • Fine grained privilege control • Profiles — a named set of privileges granted to a role or user • Roles — similar to users, but can’t log in directly; assume a role to gain privileges • E.g., a profile allowing administration of the Apache SMF service would not allow a user to run httpd and bind to port 80.
KVM • Originally ported from Linux in 2010 • See, GPL & CDDL code can live together! • Run foreign operating systems in a Virtual Machine • Linux • FreeBSD • Windows • Etc. • KVM instances run inside a special KVM-brand zone
illumos Distributions • NexentaStor — From Nexenta. Commercial distribution aimed at storage appliances. Closest spiritual successor to Fishworks/Sun Storage. • OmniOS — From OmniTI. A minimalist base OS geared towards server class systems. Closest spiritual successor to Solaris 10, path of least resistance to move from closed to open Solaris. • OpenIndiana — Derived from the original Sun OpenSolaris reference distribution, suitable for use on servers and desktops. Aims to be binary compatible with Solaris 11. • OpenSXCE — An up-to-date distribution in sync for SPARC and x86. Supports everything between Ultra-1 (1995) to everything that came to market before 2011. • SmartOS — From Joyent. Designed for cloud computing. It includes a read-only platform image, port of KVM, and LX-brand zones. • Tribblix — SVR4 packaging, providing a retro feel with modern components
illumos Distributions • NexentaStor — From Nexenta. Commercial distribution aimed at storage appliances. Closest spiritual successor to Fishworks/Sun Storage. • OmniOS — From OmniTI. A minimalist base OS geared towards server class systems. Closest spiritual successor to Solaris 10, path of least resistance to move from closed to open Solaris. • OpenIndiana — Derived from the original Sun OpenSolaris reference distribution, suitable for use on servers and desktops. Aims to be binary compatible with Solaris 11. • OpenSXCE — An up-to-date distribution in sync for SPARC and x86. Supports everything between Ultra-1 (1995) to everything that came to market before 2011. • SmartOS — From Joyent. Designed for cloud computing. It includes a read-only platform image, port of KVM, and LX-brand zones. • Tribblix — SVR4 packaging, providing a retro feel with modern components
SmartOS • Read-only platform image • Boot from USB or PXE • Upgrade? Downgrade? Just boot to the desired platform image • Global zone is for zone management • Everything else runs in a zone • KVM in a reduced privilege zone • SmartOS zones use pkgsrc (pkgin) from NetBSD for packages (>14,000 packages, on par with Debian)
SmartDataCenter • Orchestration stack for a datacenter of SmartOS Compute Nodes • Up and running in about 30 minutes • Robust API and Web UI • Open source! MPLv2 license • All the code is on github • github.com/joyent/sdc • Joyent Public Cloud is entirely managed with SmartDataCenter • Download and run it yourself • https://us-east.manta.joyent.com/Joyent_Dev/SmartDataCenter
Docker Revolution • Docker has used the rapid provisioning + shared underlying filesystem of containers to allow developers to think operationally • Developers can encode dependencies and deployment practices into an image • Images can be layered, allowing for swift development • Images can be quickly deployed — and redeployed • Docker will do to apt what apt did to tar
Docker Frustrations • Linux container runtime vulnerabilities require running containers in VMs or on single tenant hardware • Managing VM or hardware life cycles adds complexity to deployments • Running containers in VMs erases the performance advantages of containerized OS virtualization • Network implementation is host-centric, making it difficult to connect containers on different hosts • Managing multiple Docker hosts increases complexity
Joyent Triton • Run Docker images natively in SmartOS zones • No VM, no overhead — the way God intended! • Datacenter presented as a single Docker host, no hosts to manage • Each container gets its own exclusive IP stack, with optional global IP • Resource isolation, hardened security context, dedicated networking all solved by Zones 10 years ago • Native SmartOS debugging (dtrace, mdb) along side Linux native binaries • In JPC, LX-brand GA since April, Docker GA coming soon • Or today in your own datacenter Beta
Thank You! • http://www.illumos.org/ • http://www.joyent.com/ • http://www.smartos.org/ • http://www.omniti.com/ • http://www.openindiana.org/ • irc.freenode.net • #illumos • #smartos • #omnios

Recommended

Fork Yeah! The Rise and Development of illumos
Fork Yeah! The Rise and Development of illumosFork Yeah! The Rise and Development of illumos
Fork Yeah! The Rise and Development of illumos
bcantrill
 
Concurrency Control for Parallel Machine Learning
Concurrency Control for Parallel Machine LearningConcurrency Control for Parallel Machine Learning
Concurrency Control for Parallel Machine Learning
jeykottalam
 
Open Solaris 2008.05
Open Solaris 2008.05Open Solaris 2008.05
Open Solaris 2008.05
Angad Singh
 
Ch4 Threads
Ch4 ThreadsCh4 Threads
Ch4 Threads
mayacendana
 
Chapter 14 - Protection
Chapter 14 - ProtectionChapter 14 - Protection
Chapter 14 - Protection
Wayne Jones Jnr
 
System protection in Operating System
System protection in Operating SystemSystem protection in Operating System
System protection in Operating System
sohaildanish
 
The dream is alive! Running Linux containers on an illumos kernel
The dream is alive! Running Linux containers on an illumos kernelThe dream is alive! Running Linux containers on an illumos kernel
The dream is alive! Running Linux containers on an illumos kernel
bcantrill
 
First Seminar
First SeminarFirst Seminar
First Seminar
Chudack
 

Recommended

Fork Yeah! The Rise and Development of illumos
Fork Yeah! The Rise and Development of illumosFork Yeah! The Rise and Development of illumos
Fork Yeah! The Rise and Development of illumos
bcantrill
 
Concurrency Control for Parallel Machine Learning
Concurrency Control for Parallel Machine LearningConcurrency Control for Parallel Machine Learning
Concurrency Control for Parallel Machine Learning
jeykottalam
 
Open Solaris 2008.05
Open Solaris 2008.05Open Solaris 2008.05
Open Solaris 2008.05
Angad Singh
 
Ch4 Threads
Ch4 ThreadsCh4 Threads
Ch4 Threads
mayacendana
 
Chapter 14 - Protection
Chapter 14 - ProtectionChapter 14 - Protection
Chapter 14 - Protection
Wayne Jones Jnr
 
System protection in Operating System
System protection in Operating SystemSystem protection in Operating System
System protection in Operating System
sohaildanish
 
The dream is alive! Running Linux containers on an illumos kernel
The dream is alive! Running Linux containers on an illumos kernelThe dream is alive! Running Linux containers on an illumos kernel
The dream is alive! Running Linux containers on an illumos kernel
bcantrill
 
First Seminar
First SeminarFirst Seminar
First Seminar
Chudack
 
Introduction and history of linux
Introduction and history of linuxIntroduction and history of linux
Introduction and history of linux
SHUBHA CHATURVEDI
 
History of linux
History of linuxHistory of linux
History of linux
Adarsh Kr Sinha
 
Open solaris
Open solarisOpen solaris
Open solaris
elisapalmero
 
Open solaris
Open solarisOpen solaris
Open solaris
zarinamhaey
 
Open solaris
Open solarisOpen solaris
Open solaris
janeth carolino
 
Open Solaris
Open SolarisOpen Solaris
Open Solaris
eizelle calim
 
Open Solaris
Open SolarisOpen Solaris
Open Solaris
eizelle calim
 
Open solaris
Open solarisOpen solaris
Open solaris
elisapalmero
 
Open solaris (final)
Open solaris (final)Open solaris (final)
Open solaris (final)
chikie asido
 
Open solaris (final)
Open solaris (final)Open solaris (final)
Open solaris (final)
chikie asido
 
Open solaris (final)
Open solaris (final)Open solaris (final)
Open solaris (final)
liannemonique vergara
 
Opensolaris 100511031132-phpapp02
Opensolaris 100511031132-phpapp02Opensolaris 100511031132-phpapp02
Opensolaris 100511031132-phpapp02
Paul Rene Vergara
 
Open Solaris (FInal)
Open Solaris (FInal)Open Solaris (FInal)
Open Solaris (FInal)
Airel Atendido
 
Opensolaris 100511031132-phpapp02
Opensolaris 100511031132-phpapp02Opensolaris 100511031132-phpapp02
Opensolaris 100511031132-phpapp02
Paul Rene Vergara
 
Manta: a new internet-facing object storage facility that features compute by...
Manta: a new internet-facing object storage facility that features compute by...Manta: a new internet-facing object storage facility that features compute by...
Manta: a new internet-facing object storage facility that features compute by...
Hakka Labs
 
Open solaris
Open solarisOpen solaris
Open solaris
Airel Atendido
 
Opensource os
Opensource osOpensource os
Opensource os
Shambhu Kondagoli
 
Opensource os
Opensource osOpensource os
Opensource os
Shambhu Kondagoli
 
"Sun Open Source Universe" by Vassilis Boulogiorgos @ eLiberatica 2008
"Sun Open Source Universe" by Vassilis Boulogiorgos @ eLiberatica 2008"Sun Open Source Universe" by Vassilis Boulogiorgos @ eLiberatica 2008
"Sun Open Source Universe" by Vassilis Boulogiorgos @ eLiberatica 2008
eLiberatica
 
Windows V/S Linux OS - Comparison
Windows V/S Linux OS - ComparisonWindows V/S Linux OS - Comparison
Windows V/S Linux OS - Comparison
Hariharan Ganesan
 
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Victor Rentea
 

More Related Content

Similar to Illumos — LOPSA SD

Open solaris (final)
Open solaris (final)Open solaris (final)
Open solaris (final)
chikie asido
 
Open solaris (final)
Open solaris (final)Open solaris (final)
Open solaris (final)
chikie asido
 
Opensolaris 100511031132-phpapp02
Opensolaris 100511031132-phpapp02Opensolaris 100511031132-phpapp02
Opensolaris 100511031132-phpapp02
Paul Rene Vergara
 
Opensolaris 100511031132-phpapp02
Opensolaris 100511031132-phpapp02Opensolaris 100511031132-phpapp02
Opensolaris 100511031132-phpapp02
Paul Rene Vergara
 
Manta: a new internet-facing object storage facility that features compute by...
Manta: a new internet-facing object storage facility that features compute by...Manta: a new internet-facing object storage facility that features compute by...
Manta: a new internet-facing object storage facility that features compute by...
Hakka Labs
 
"Sun Open Source Universe" by Vassilis Boulogiorgos @ eLiberatica 2008
"Sun Open Source Universe" by Vassilis Boulogiorgos @ eLiberatica 2008"Sun Open Source Universe" by Vassilis Boulogiorgos @ eLiberatica 2008
"Sun Open Source Universe" by Vassilis Boulogiorgos @ eLiberatica 2008
eLiberatica
 

Similar to Illumos — LOPSA SD (20)

Introduction and history of linux
Introduction and history of linuxIntroduction and history of linux
Introduction and history of linux
 
History of linux
History of linuxHistory of linux
History of linux
 
Open solaris
Open solarisOpen solaris
Open solaris
 
Open solaris
Open solarisOpen solaris
Open solaris
 
Open solaris
Open solarisOpen solaris
Open solaris
 
Open Solaris
Open SolarisOpen Solaris
Open Solaris
 
Open Solaris
Open SolarisOpen Solaris
Open Solaris
 
Open solaris
Open solarisOpen solaris
Open solaris
 
Open solaris (final)
Open solaris (final)Open solaris (final)
Open solaris (final)
 
Open solaris (final)
Open solaris (final)Open solaris (final)
Open solaris (final)
 
Open solaris (final)
Open solaris (final)Open solaris (final)
Open solaris (final)
 
Opensolaris 100511031132-phpapp02
Opensolaris 100511031132-phpapp02Opensolaris 100511031132-phpapp02
Opensolaris 100511031132-phpapp02
 
Open Solaris (FInal)
Open Solaris (FInal)Open Solaris (FInal)
Open Solaris (FInal)
 
Opensolaris 100511031132-phpapp02
Opensolaris 100511031132-phpapp02Opensolaris 100511031132-phpapp02
Opensolaris 100511031132-phpapp02
 
Manta: a new internet-facing object storage facility that features compute by...
Manta: a new internet-facing object storage facility that features compute by...Manta: a new internet-facing object storage facility that features compute by...
Manta: a new internet-facing object storage facility that features compute by...
 
Open solaris
Open solarisOpen solaris
Open solaris
 
Opensource os
Opensource osOpensource os
Opensource os
 
Opensource os
Opensource osOpensource os
Opensource os
 
"Sun Open Source Universe" by Vassilis Boulogiorgos @ eLiberatica 2008
"Sun Open Source Universe" by Vassilis Boulogiorgos @ eLiberatica 2008"Sun Open Source Universe" by Vassilis Boulogiorgos @ eLiberatica 2008
"Sun Open Source Universe" by Vassilis Boulogiorgos @ eLiberatica 2008
 
Windows V/S Linux OS - Comparison
Windows V/S Linux OS - ComparisonWindows V/S Linux OS - Comparison
Windows V/S Linux OS - Comparison
 

Recently uploaded

TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Victor Rentea
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
ChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps ProductivityChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps Productivity
VictorSzoltysek
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
UiPathCommunity
 
The Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and InsightThe Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and Insight
Safe Software
 
API Governance and Monetization - The evolution of API governance
API Governance and Monetization - The evolution of API governanceAPI Governance and Monetization - The evolution of API governance
API Governance and Monetization - The evolution of API governance
WSO2
 
UiPath manufacturing technology benefits and AI overview
UiPath manufacturing technology benefits and AI overviewUiPath manufacturing technology benefits and AI overview
UiPath manufacturing technology benefits and AI overview
DianaGray10
 

Recently uploaded (20)

TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 
ChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps ProductivityChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps Productivity
 
Design and Development of a Provenance Capture Platform for Data Science
Design and Development of a Provenance Capture Platform for Data ScienceDesign and Development of a Provenance Capture Platform for Data Science
Design and Development of a Provenance Capture Platform for Data Science
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
Modernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using BallerinaModernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using Ballerina
 
The Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and InsightThe Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and Insight
 
ADP Passwordless Journey Case Study.pptx
ADP Passwordless Journey Case Study.pptxADP Passwordless Journey Case Study.pptx
ADP Passwordless Journey Case Study.pptx
 
API Governance and Monetization - The evolution of API governance
API Governance and Monetization - The evolution of API governanceAPI Governance and Monetization - The evolution of API governance
API Governance and Monetization - The evolution of API governance
 
WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...
WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...
WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...
 
Top 10 CodeIgniter Development Companies
Top 10 CodeIgniter Development CompaniesTop 10 CodeIgniter Development Companies
Top 10 CodeIgniter Development Companies
 
UiPath manufacturing technology benefits and AI overview
UiPath manufacturing technology benefits and AI overviewUiPath manufacturing technology benefits and AI overview
UiPath manufacturing technology benefits and AI overview
 
Decarbonising Commercial Real Estate: The Role of Operational Performance
Decarbonising Commercial Real Estate: The Role of Operational PerformanceDecarbonising Commercial Real Estate: The Role of Operational Performance
Decarbonising Commercial Real Estate: The Role of Operational Performance
 
Quantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation ComputingQuantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation Computing
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
Choreo: Empowering the Future of Enterprise Software Engineering
Choreo: Empowering the Future of Enterprise Software EngineeringChoreo: Empowering the Future of Enterprise Software Engineering
Choreo: Empowering the Future of Enterprise Software Engineering
 

Illumos — LOPSA SD

  • 1. illumos
 The State of Fully Modern Unix brian.bennett@joyent.com @bahamat
  • 2. illumos in a Nutshell • Is an open source descendent of OpenSolaris • …which itself was a branch of Solaris Nevada • …which was the name of the release after Solaris 10 • …and was open but is now closed • …and is itself a descendent of Solaris 2.x • …but it can all be called “SunOS 5.x” • …but not “SunOS 4.x” — that’s different • …which came from Unix
  • 5. Unix: Grandfather of Open Source • At the dawn of computing software was seen as having no commercial value • Computers came with operating systems and operating systems came with source code • Prohibited from entering the computing industry by the 1956 consent decree, AT&T initially could not commercialize Unix • Sixth Edition was widely circulated among universities • The culture of freely shared source code is what made Unix thrive • Graduating from universities to the enterprise, by 1983 Unix was available from about 60 different vendors
  • 6. The Proprietary Middle Ages • The breakup of AT&T in 1982 changed things for Unix, with the consent decree lifted, Bell Labs began to strongly commercialize it • The GNU Manifesto and Free Software Foundation were created in direct opposition to this proprietary environment • In 1991, at the height of the Unix Wars, Linux was first made available under the GNU GPL v2 license • The 1992 USL v. BSDi lawsuit cast a cloud of uncertainty around BSD code • Nature abhorring a vacuum, Linux inherited the spirit of freedom classically enjoyed by Unix users • Meanwhile hardware vendors all but abandoned Unix, mobilizing a strategy around Windows NT, all except Sun
  • 7. Solaris • The rise of Linux and x86 micros forced the market price of OS acquisition to zero, it became clear that open sourcing Solaris was the right business decision for Sun • Solaris had always been a loss-leader for Sun; the company made money from complementary goods (hardware, support, etc.) • Moreover, open sourcing the system would assure that Solaris innovations would transcend products and become advances in the state of the art • As early as the late ’90s, there was serious talk within Sun of open sourcing Solaris • In 2004 Jonathan Schwartz, then CEO of Sun, made it a priority
  • 8. OpenSolaris • In January 2005, OpenSolaris was born when Dtrace became the first of the system to be open sourced, from its very first release • Unfortunately, not all elements of Solaris could be open sourced; some contracts prevented some small (but important) bits from being open sourced • To allow for such proprietary drivers, Sun developed a file- based copy-left license, the Common Development and Distribution License (CDDL) • The rest of the OS was open sourced in June 2005 and was developed in the open from that point — changes to the OS were open sourced as they integrated
  • 9. The Death of OpenSolaris • Ailing Sun was bought by Oracle in 2009, with the acquisition closing in February 2010 • It became clear that Oracle had absolutely no interest in OpenSolaris • Despite that it would be obviously stupid, there was even a move within Oracle to close the system • Throughout 2010 there was a mass exodus of Solaris talent away from Oracle
  • 10. The Birth of illumos • Starting in the summer of 2010, Garrett D’Amore at Nexenta — with help from Rich Lowe, Jason King and others — began the process of either writing the closed bits from scratch or porting them from BSD • By early August, an entirely open system was booting • Dubbed “illumos” (from illuminare, Latin for illuminate) and made available August 3, 2010 • Notably, the announcement included both code and a working demo — leading with technology, not rhetoric • illumos was not intended to be a fork, but rather an entirely open downstream repository of OpenSolaris
  • 11. The Silent Death of OpenSolaris • On Friday, August 13th, 2010 an internal memo was circulated by the putative Solaris leadership: We will distribute updates to approved CDDL or other open source-licensed code following full releases of our enterprise Solaris operating system. In this manner, new technology innovations will show up in our releases before anywhere else. We will no longer distribute source code for the entirety of the Solaris operating system in real-time while it is developed, on a nightly basis. • This was never publicly announced; updates just silently stopped on August 18th, 2010. • And it was a lie anyway: Solaris 11 was released on November 9, 2011 — and there was no source release
  • 12. The Phoenix • illumos is what Sun intended it to be, a fully open and free operating system • Oracle (silently) forked Solaris by leaving the community • Oracle's abandonment of the community only strengthens illumos’ position as the repository of record for Solaris technologies and the future of the platform • By refusing to take part in the community, Oracle is denying themselves features developed in the community • Today illumos embodies the spirit of, and is the proper successor to Solaris
  • 13. illumos Differentiators • Dtrace & MDB • ZFS • Zones • LX-brand • Fault Management Architecture & Service Management Facility • Crossbow • Role Based Access Control & Least Privilege • KVM
  • 14. DTrace & MDB • DTrace is a magician that conjures up rainbows, ponies and unicorns — and does it all entirely safely and in production! • Instruments all software, applications, databases, web servers, the operating system kernel and device drivers • Allows you to ask arbitrary questions about what the system is doing and find the answer • Only as hard as you think it is — D syntax inspired by awk and C • MDB, the modular debugger • Trivially identify the cause of crashes
  • 15. ZFS • 128-bit, copy on write filesystem • Pooled Storage • End to end data integrity • Self healing, with sufficient replicas • Transactional writes, always consistent on disk (no fsck!) • Snapshots & clones, send & receive • Lightweight filesystem creation with arbitrary mount points • Block oriented zvols
  • 16. Zones • Inspired by BSD Jails, aped by Linux • Takes the concept of jails to its fullest logical conclusion, an entire virtual operating system • Zones provide strong isolation, no process running in a non- global zone, even one with superuser credentials is allowed to view or affect activity in other zones • No virtualization overhead — apps run at full speed, executing on bare metal • In 2014, encouraged by initial work from illumos community member David Mackay, Joyent reintroduced LX-brand zones, allowing Linux binaries to run unmodified on SmartOS
  • 17. Predictive Self-Healing • Fault Manager (FMA) • Errors are detected and sent to the Fault Manager (fmd) • Fmd dispatches error reports to the diagnosis engine • Faults are automatically corrected, or actionable reports raised to administrators • Service Manger Facility (SMF) • Milestones and Service dependencies • Services identified by Fault Management Resource Identifier (FMRI) • Faulted (crashed) services are automatically restarted • Unhealthy services are raised to administrators
  • 18. Crossbow: Network Virtualization • Physical interfaces, VNICs, VLANs, etherstubs (virtual switch), link aggregation, 802.1D bridges, IP tunneling, network overlay (VxLAN) • Physical interfaces are also etherstubs for attaching VNICs • Interface independent etherstubs can be created, to which VNICs can be attached • VNICs can be shared or exclusive IP • Restrict • MAC spoofing • IP spoofing • DHCP spoofing • Non-IP traffic
  • 19. Role Based Access Control • Fine grained privilege control • Profiles — a named set of privileges granted to a role or user • Roles — similar to users, but can’t log in directly; assume a role to gain privileges • E.g., a profile allowing administration of the Apache SMF service would not allow a user to run httpd and bind to port 80.
  • 20. KVM • Originally ported from Linux in 2010 • See, GPL & CDDL code can live together! • Run foreign operating systems in a Virtual Machine • Linux • FreeBSD • Windows • Etc. • KVM instances run inside a special KVM-brand zone
  • 21. illumos Distributions • NexentaStor — From Nexenta. Commercial distribution aimed at storage appliances. Closest spiritual successor to Fishworks/Sun Storage. • OmniOS — From OmniTI. A minimalist base OS geared towards server class systems. Closest spiritual successor to Solaris 10, path of least resistance to move from closed to open Solaris. • OpenIndiana — Derived from the original Sun OpenSolaris reference distribution, suitable for use on servers and desktops. Aims to be binary compatible with Solaris 11. • OpenSXCE — An up-to-date distribution in sync for SPARC and x86. Supports everything between Ultra-1 (1995) to everything that came to market before 2011. • SmartOS — From Joyent. Designed for cloud computing. It includes a read-only platform image, port of KVM, and LX-brand zones. • Tribblix — SVR4 packaging, providing a retro feel with modern components
  • 22. illumos Distributions • NexentaStor — From Nexenta. Commercial distribution aimed at storage appliances. Closest spiritual successor to Fishworks/Sun Storage. • OmniOS — From OmniTI. A minimalist base OS geared towards server class systems. Closest spiritual successor to Solaris 10, path of least resistance to move from closed to open Solaris. • OpenIndiana — Derived from the original Sun OpenSolaris reference distribution, suitable for use on servers and desktops. Aims to be binary compatible with Solaris 11. • OpenSXCE — An up-to-date distribution in sync for SPARC and x86. Supports everything between Ultra-1 (1995) to everything that came to market before 2011. • SmartOS — From Joyent. Designed for cloud computing. It includes a read-only platform image, port of KVM, and LX-brand zones. • Tribblix — SVR4 packaging, providing a retro feel with modern components
  • 23. SmartOS • Read-only platform image • Boot from USB or PXE • Upgrade? Downgrade? Just boot to the desired platform image • Global zone is for zone management • Everything else runs in a zone • KVM in a reduced privilege zone • SmartOS zones use pkgsrc (pkgin) from NetBSD for packages (>14,000 packages, on par with Debian)
  • 24. SmartDataCenter • Orchestration stack for a datacenter of SmartOS Compute Nodes • Up and running in about 30 minutes • Robust API and Web UI • Open source! MPLv2 license • All the code is on github • github.com/joyent/sdc • Joyent Public Cloud is entirely managed with SmartDataCenter • Download and run it yourself • https://us-east.manta.joyent.com/Joyent_Dev/SmartDataCenter
  • 25. Docker Revolution • Docker has used the rapid provisioning + shared underlying filesystem of containers to allow developers to think operationally • Developers can encode dependencies and deployment practices into an image • Images can be layered, allowing for swift development • Images can be quickly deployed — and redeployed • Docker will do to apt what apt did to tar
  • 26. Docker Frustrations • Linux container runtime vulnerabilities require running containers in VMs or on single tenant hardware • Managing VM or hardware life cycles adds complexity to deployments • Running containers in VMs erases the performance advantages of containerized OS virtualization • Network implementation is host-centric, making it difficult to connect containers on different hosts • Managing multiple Docker hosts increases complexity
  • 27. Joyent Triton • Run Docker images natively in SmartOS zones • No VM, no overhead — the way God intended! • Datacenter presented as a single Docker host, no hosts to manage • Each container gets its own exclusive IP stack, with optional global IP • Resource isolation, hardened security context, dedicated networking all solved by Zones 10 years ago • Native SmartOS debugging (dtrace, mdb) along side Linux native binaries • In JPC, LX-brand GA since April, Docker GA coming soon • Or today in your own datacenter Beta
  • 28. Thank You! • http://www.illumos.org/ • http://www.joyent.com/ • http://www.smartos.org/ • http://www.omniti.com/ • http://www.openindiana.org/ • irc.freenode.net • #illumos • #smartos • #omnios