Each new release of Solaris brings about changes at the client, server, and system level. These changes affect users, administrators, and developers in different ways. For example, Solaris 9 introduces a completely new multithreading library. This will affect users of multithreaded applications, such as Java servlets, by increasing response time and reducing errors. It will affect system administrators, who will need to update LD_LIBRARY_PATH variables and check the dependencies of existing libraries. It will also affect developers, who will need to recode some existing multithreaded applications as well as adjust to coding with a new API.
The following sections discuss products and services released for the first time with Solaris 9.
The Resource Manager extends a number of existing tools that provide for monitoring and allocation of system resources to various tasks and services. This is particularly useful in high-end systems, where a large pool of resources can be allocated to specific processes. Although the existing nice command allows priorities to be set on specific processes, and prstat displays the resources used by each process, the Resource Manager is an integrated toolkit, featuring a scheduler, and accounting and billing tools. Again, although accounting tools are supplied as part of the standard Solaris toolkit, they have never been integrated with useful real-time monitoring tools. The Resource Manager also features a command-line interface and optional GUI for configuring and monitoring resource allocation and usage.
In addition to the lxrun binary execution environment for Solaris Intel, a number of libraries are now provided as part of the standard Solaris distribution to ensure that Linux applications can be linked and executed under Solaris. These libraries include glib, GTK+, JPEG, Tcl/Tk, libpng, libtif, and libxml12. These enhancements will improve interoperability between Linux and Solaris SPARC systems.
The iPlanet Directory Server (iDS) is a commercial-grade LDAP solution for providing directory storage and access for hundreds and thousands of users. LDAP extends traditional Solaris directory service tools, such as NIS+, by using the standard LDAP protocol. iDS provides developers with C and Java APIs to create LDAP-compatible applications, so that they can maintain a single repository of authentication and identification data. In addition, iDS can be integrated with other iPlanet products, such as the proxy server, to ensure that Internet users have managed, rather than unfettered, access to the Internet during work hours.
Although software RAID support has been previously provided in Solaris through Solstice Disk Suite (SDS), this product has now been superseded by Volume Manager (VM). VM supports RAID levels 0, 1, and 5, and allows a wide range of mirroring and striping facilities. Cross-grade and migration tools are also available to assist SDS users who are currently using metadevices as their primary virtual file systems for boot and nonboot disks and their associated slices.
Live Upgrade allows a Solaris system to continue running while components of its operating system are upgraded. This is particularly useful in production environments, where system downtime costs money and customers, particularly on shared platforms like the StarFire. A separate boot environment is constructed during runtime, after which the system is rebooted with the new configuration, thereby minimizing downtime.
In a move that defies the trend towards bloatware, Sun has actually reduced the size of the minimal installation, so that the system can be installed faster and with fewer of the optional features installed. This is particularly important where single- or limited-purpose servers are concerned, because they require only the base operating system packages, and one or two options that may be installed at a later time.
Improvements have been made in the processes used to allocate virtual memory by swapping to disk. The previous 8K limit has now been removed—basically, any page size that is supported by your hardware will be supported under Solaris. This means that memory-intensive applications should see improved performance, particularly where they used virtual memory to support their operations.
Solaris provides advanced lightweight process support in the form of threads. Threads are used by multithreaded applications, such as the Java Virtual Machine (JVM), to support many small parallel operations being performed simultaneously, without requiring the spawning of multiple processes. The new libthread supersedes previous versions, improving speed, and making the most of modern multitasking CPUs.
Virtual private network (VPN) technology is also provided with Solaris 9, using IPSec. IPSec is compatible with both IPv4 and IPv6, making it easier to connect hosts using both new and existing networking protocols. IPSec consists of a combination of IP tunneling and encryption technologies to create sessions across the Internet that are as secure as possible. IP tunneling makes it difficult for unauthorized users (such as intruders) to access data being transmitted between two hosts on different sites. This is supported by encryption technologies and an improved method for exchanging keys, using the Internet key exchange (IKE) method. IKE facilitates interprotocol negotiation and selection during host-to-host transactions, ensuring data integrity. By implementing encryption at the IP layer, it will be even more difficult for rogue users to “pretend” to be a target host, intercepting data with authorization.
Although secure shell (SSH) has been provided for several years at www.ssh.com for Solaris, Sun has finally released OpenSSH, which is integrated into Solaris 9. OpenSSH allows terminal sessions to be encrypted using public-key cryptography to ensure that packets exchanged across the network cannot be easily decrypted, even if they are intercepted by a hostile third party. OpenSSH is a vast improvement over traditional remote access tools, such as telnet, and all sites should now switch off telnet in favor of OpenSSH.
Solaris provides WBEM tools to ease the administrative burden of managing multiple servers and networks in a production environment. WBEM tools make use of Internet protocols and data descriptors, like HTTP and XML, to ensure that networks and servers can be managed using a unified, single method.