Given that BART is awesome and no one seems to embrace it due to, perhaps, perceptions of complexity that are unfounded, I sought to implement a simple solution to bring BART to the masses. I call it bartlog

Quite simply, bartlog is a BASH wrapper around BART and logger which is run from cron on any schedule you like and reports any changes to syslog. Setup is simple, download bartlog and copy into /usr/sbin or whereever you prefer, then download bart.rules and copy into /etc. Now run bartlog from cron every hour or day or whatever you like.

The script is simple and intended to be tweeked, modified and made as l337 as you like. What it does is creates a BART manifest (record of files and MD5 checksums) for those directory structures specified in the bart.rules file. The first time it runs it just creates a manifest and exits. The second time you run it it creates a new manifest and then compares it against the previously created one. If it doesn't find any changes it just replaces the old manifest with the new one, this avoids you getting repetitiously alerted. However, if it does find a change it sends the change to syslog, so that its stored with your normal logs viewed either by running dmesg or reading /var/adm/messages. By default I'm using the syslog audit.err priority because by default Solaris sends those messages to /var/adm/messages, however if you are deploying this in a production environment I'd recommend using audit.warn instead and then modifying /etc/syslog.conf to send those warnings to a secure centralized syslog server. If you complete the solution with Splunk you could have a centralized, searchable log of all changes to critical files on which you could report, respond or alert on.

I use a one hour interval on my home workstation. Here's my syslog following a new user addition:

root@quadra ~$ dmesg
...
Jun 25 11:01:58 quadra root: [ID 702911 audit.error] BART Reports Change: /etc/.pwd.lock mtime 4a218d04 4a43b0bd 
Jun 25 11:01:58 quadra root: [ID 702911 audit.error] BART Reports Change: /etc/opasswd size 968 985 mtime 49fa4236 4a218d2b contents fc27c5b28b3a248b6c6129aa9aed7329 2200107fc7128d5cd38de333bea4500f 
Jun 25 11:01:58 quadra root: [ID 702911 audit.error] BART Reports Change: /etc/ouser_attr mtime 4a04a741 4a218d01 
Jun 25 11:01:58 quadra root: [ID 702911 audit.error] BART Reports Change: /etc/passwd size 985 1022 mtime 4a218d2b 4a43b0ac contents 2200107fc7128d5cd38de333bea4500f 640da69537a35046571b4fda1def10d1 
Jun 25 11:01:58 quadra root: [ID 702911 audit.error] BART Reports Change: /etc/shadow size 708 783 mtime 4a218d04 4a43b0bd contents f83158dffddc124dab2f22a979338695 6ba7d42600da8d4fc9b8a92f4bf0afe7 
Jun 25 11:01:58 quadra root: [ID 702911 audit.error] BART Reports Change: /etc/user_attr mtime 4a218d01 4a43b0ac 

So I hope this fills the hole. Anyone running a Solaris system at home can download these two files, add to cron and be off and running. No hassle, no maintenance. All the love, none of the pain. If your running a system where bart isn't installed, just install SUNWbart from IPS or the install media.

While its not a sexy feature of Solaris, panics are extremely important things. The reality is that sh*t happens, it just does. When it does happen you want to collect as much information about the event as possible to fix the problem that resulted in badness. Therefore, the advantage of a panic over a crash is a crash dump which can be analyzed for the cause. This is why panics are a very good thing indeed. As I like to say, "If you've gotta crash, fine, but you'd better give me a reason!"

This blog entry is interested in the 1% of Solaris issues that don't result in a panic, but you wish would. In between the concepts of a "crash" and a "panic" is that dreaded situation we call "hung". A "hung" or "locked" or "wedged" system is one that is still running, technically, but is otherwise unusable. Typically this is the result of the kernel being ok but the userland stack being trashed beyond repair. Perhaps the two most common causes of this are abuse cases such as memory/swap exhaustion or fork bombs, where the kernel is still running but processes can't spawn to let you see whats happening. The normal way to deal with this is to reboot the system, either via IPMI or sending some poor soul (typically, you) down to the data center to unceremoniously press the big button.

So here's the problem with rebooting a system in a bad way.... it doesn't panic, meaning you might get the system back up post-reboot but you have no idea what happened unless something in the logs tips you off. If there are no relevant logs entries you have to simply shrug and pray that it doesn't happen again. So what can you do about it? On SPARC systems you'd hit "STOP-A" and sync the box. But, what about Solaris/X86.... what do you do then?

Thankfully there are three very handy ways of dealing with such situations. They can be combined or used individually. Lets take them in turn.

Please note! This entry applies only to Solaris/X86!

Panic on NMI

Intel introduced a concept of Non-Maskable Interrupts a long while back. These NMI's are extremely high priority and can not be blocked by the OS. While I've had trouble fully researching them, the most common use is to kick an otherwise unresponsive system into a "diagnostic" mode. On some systems its implemented as a jumper, others a button, yet other IPMI or SP commands. In the case of Solaris/X86 there are two tunables that can cause the OS to react to NMI; one causes a panic, yet another causes the system to drop into a kmdb session for live debugging. By default Solaris will simply output a message to console saying an NMI was received but otherwise do nothing.

The first of these two tunables can be added to /etc/system, it is not dynamic. You must reboot for it to take effect, it is:

set pcplusmp:apic_panic_on_nmi=1

Once this is added and the system rebooted the receipt of an NMI will cause an immediate panic followed by reboot. The most common way to invoke this behavior would be via the IPMI command: ipmitool -I lanplus -H somehost -U root chassis power diag. Remember, if you get a seriously stuck system your going to reboot the box anyway, typically via IPMI, so instead of using "power cycle" you choose "power diag" and have some tasty data to dig through (or send to Sun).

I like to call this feature "panic on demand". :)

Enter kmdb On NMI

In addition to, or instead of, the panic option above, we can use the following tunable to drop the system into the kmdb kernel debugger on NMI receipt:

set pcplusmp:apic_kmdb_on_nmi=1

If it follow the panic option above it'll panic and then drop into the debugger, which is the best option. But please know that this only will work if you have kmdb loaded at boot time by adding the -k kernel argument via your bootloader (ie: GRUB). If your working with a production system this might not be something you want hanging over your head all the time and thus a more developer oriented solution in my mind. If your writting drivers you'll certainly want to keep kmdb loaded, but everyone else will more likely prefer the "panic and reboot" option above.

Snooping; The Deadman Watchdog Timer

Ever watch or read The Abyss? There was a mini-sub that would automatically float to the surface with surveillance tapes and such, if a timer wasn't reset every 12 hours, in hopes that if anything went wrong there would at least be a partial record of events. Watch dog timers are a similar concept... the kernel uses some means to determine function and if it ceases to function the white flag is waived and it panics.

While its rare, the comment in code (line 163) is the best explanation: "Setting "snooping" to a non-zero value will cause a deadman panic if snoop_interval microseconds elapse without lbolt increasing. The default snoop_interval is 50 seconds."

So we simply add the following tuning(s) to /etc/system:

set snooping=1
set snoop_interval=90000000

The first line enables snopping. The second line changes the default 50 second interval to 90 seconds. I don't see any reason that 50 seconds isn't long enough, but if you want to be paranoid and use a 5 minute interval you can, just change 300 seconds to microseconds and reboot to lock it in.

Snooping has been safe in all my testing to date, but obviously it will feel risky to the casual sysadmin, so this is not something I'd enable by default. If, however, you have a system that mysteriously goes into a dead hang in the middle of the night, this is a better option than being woken up just to testify that it did actually reboot and you still have no idea why. :)

Poking NMI

As stated, the best way to poke NMI once your ready for it is via IPMI (tested on Sun and Dell):

# ipmitool -I lanplus -H somebox -U root chassis power diag

If you have a moderately recent version of ILOM you can poke the /SP/diag/generate_host_nmi value like so:

-> cd /SP/diag
/SP/diag

-> show

 /SP/diag
    Targets:
        snapshot

    Properties:
        generate_host_nmi = (Cannot show property)
        state = disabled

    Commands:
        cd
        set
        show

-> set generate_host_nmi=true
Set 'generate_host_nmi' to 'true'

What Next?

One you've got a dump things are on the uptick, but given that you may not be a kernel developer, and if your wise have no desire to become one, you have some options. The first is to send the panic to Sun and hope they come back with a good answer. The second is to use this as your opportunity to dig deep into the guts of Solaris and learn something interesting. I recommend reading my blog entry some time ago: Solaris Core Analysis, Part 1: mdb and Part 2: Solaris CAT, reading The Solaris Operating System on x86 Platforms: Crashdump Analysis Operating System Internals (PDF), getting the latest SolarisCAT, and if possible attending one of Max Bruning's courses.

Finally, a shout out to my p33ps in #opensolaris IRC for their help in assisting with my testing and research on NMI, in particular "LONGCAT".

From a OpenSolaris perspective there were a great number of fantastic talks. Of special interest was emerging technologies that have tremendous disruptive potential, such as COMSTAR and Crossbow. As a major advocate of Crossbow I was glad that it go so much attention, especially in the CommunityOne General Session (ie: Morning Keynote).

Of course, the most important aspect of events like this is the people themselves. I missed a lot of sessions I wanted to attend due to "hallway chatter". The personalities collected there is amazing. I can't even make a list its so long.

This was the first year I actually stayed in a hotel for the show. That makes things all the more interesting. For instance, there was a Sun Employee party at 9PM on Monday. I suddenly realized how many of my friends are Sun employees. After unsuccessfully attempting to crash the party with John Plocher he and I hung and talked for a while untill he headed home. Then I was adrift... so I hit my hotel room, settled in and set out for dinner. Walking out of my hotel, on the sidewalk, was Max Bruning! Both of us were taken aback and he agreed to let me buy him a beer at the bar we were standing in front of.

Talking with Max is a unique and special treat. He is an amazing trainer, that comes though clearly. Unlike most uber-geeks there is no ego or superiority in him. You can talk with him about gaps in your knowledge and he'll start talking about it in depth in a totally non-threatening way. This is something rare at conferences, where you feel like you have to hide your inabilities for fear of a swift degrading reprimand. Besides, how many people do you meet that you can talk freely about ZFS and Solaris Kernel internals with? I can't tell you how much I valued the hour or two I got to talk with him. Once I got home I attacked some pending post-mortems with a renewed gusto. I only caught the last 1 hour of his Deep Dive session, but it was incredibly useful. I'll post the video link as soon as its available.

As for my talks... I did 3, as I noted prior to the conference in this blog. My talks went pretty well. I opted to go the "entertaining and informative" route. The comments on each were pretty positive. In retrospect I could have done a lot of refining in my delivery, but for these types of events its always difficult to guess at the audience, so I shoot for the middle and go high energy to at least be fun to listen to. ;)

Anyway.... most of the talks were video taped and will be appearing online next week. (Post-processing takes a while.) Sun wanted live feeds on things, but weren't able to get it done through their AV people.

Of interest to the community might have been the OpenSolaris Town Hall, a chance to grill the OGB as a panel. That session was not taped, but nothing happened. The OGB updated the community on what they are working on (all of which is available on the web) and opened the floor to questions. The problem was that it was at the same time that beer was being served at the CommunityOne party and most people seemed more interested in the beer than politics... consiquently there were no questions, perhaps because anything that should be said already has been. The vibe was that of resignation to the whole process and trust in the direction that Madam Michelle Olsen is going. Whats to discuss? So the event wrapped up quickly.

Thanks to everyone who went and participated. A special thanks to Teresa Giacomini, Lynn Rohrer, Markus Flierl, and especially Deirdre Straughan for allowing me the privilege of participating in such an excellent event.

• Presenting a 50 minute ZFS talk on Monday June 1st, focusing on features and application.
• Presenting a 20 minute Use Case for Crossbow at the Crossbow BOF Monday evening.
• Presenting a 2 hour zero-to-hero Becoming a ZFS Ninja "deep dive" on Tuesday.

Lots of quality goodies at the show. If you have any suggestions for storage topics I should cover in my 50 minute session please let me know. I want to make sure I'm helping people learn, not just rambling like a marketing droid.

Here's what irritates me.... they keep beating on this "the box is dead" drum. That slogan is misleading at best, and hypocritial at worst. Hypocritical because one of the products they sell based on the Nirvanix SDN is a gateway NAS software solution called Cloud NAS, which is really just a FUSE module for the SDN. So I think what they really mean is "their box is dead... ours is great." A much more truthful slogan might be that "disk is dead", as you could call their CloudNAS box a "diskless storage server".

There is really a lot of confusion in the cloud space between what is available as a common protocol storage solution (NFS, CIFS, iSCSI, etc) versus some API based solution like Nirvanix or S3. Are you going to run Exchange on Nirvanix? No, although you might backup Exchange to a service offered by some company which as its backed uses the Nirvanix SDN.

The same problem exists for S3... people commonly claim they use S3 for all sorts of things, but more often than not, they aren't using S3 at all... rather they are buying a service from someone who themselves uses S3 as the backend store. It's misleading and confusing to new consumers and busy IT pro's who can't keep up all the time.

So, Nirvanix is a great solution for any of you currently unhappy with S3's scalability.... but, the box is not dead. Not by a long shot. Just a lot of marketing hype that confuses potential customers from fully understanding what the product really is.

If you are in the real world, not developing your own applications, and are interested in real storage protocols that anyone can use out of the box, go check out Zetta (currently in beta). Zetta is currently planning to offer multi-protocol access (NFSv3,v4, CIFS, WebDav, SFTP, with more to come) on a pay-for-what-you-use model. No setup, just mount and go.... that is the way it ought to be.

Perhaps the best way to distinguish the two approaches is based on audience...
• If you're a (web) developer who just wants a way to store data that you don't own... consider Amazon S3 or Nirvanix SDN.
• If you're a SysAdmin who wants a remote data store that inter-operates with your existing infrastructure... go Zetta.
• ... alternatively, if you want local storage that actually works and is easy to use, get an open storage platform.

Just as an aside... Sun knows how to smash stuff that's actually working and continues to work. Far more entertaining than beating up eBay scrap systems in a field.

VDev Read-Ahead Cache (SPA)

When reading data from spinning media, the bulk of the service time is spent positioning the disk head. Once the head is in place, actually reading data is super speedy. To capitalize on this reality, ZFS's vdev_cache is a virtual device read ahead cache. There are 3 tunables:

• zfs_vdev_cache_max: Defaults to 16KB; Reads smaller than this size will be inflated to zfs_vdev_cache_bshift.
• zfs_vdev_cache_size: Defaults to 10MB; Total size of the per-disk cache
• zfs_vdev_cache_bshift: Defaults to 16; this is a bit shift value, so 16 represents 64K. If you reduce the value to 13 it represents 8K.

So the idea is that if you go to all the trouble of moving the disk head(s) around to get some data, you might as well make it worth your while. If its a large I/O its just put into the cache until someone comes back for it, but if its a small I/O, just grab a bit more data while your already there and cache it just in case. Due to this design, even if you don't come back for that data later, you aren't loosing much if anything... you already had to accept the latency for the I/O anyway. The data is stored in a per-vdev (typically a physical disk) cache of 10MB. Unlike ARC, this is an old-school LRU (Least Recently Used) cache which just rolls data through. This cache applies only to reads, its a read-ahead cache, not a write cache (if you want that, see ZIL).

If you dig around in the code this read-ahead cache is implemented in the zfs_zfetch_* functions. Here is a sample dtrace script to watch it in action:

#!/usr/sbin/dtrace -qs


/* 
 * Used for monitoring vdev_cache (per-disk block prefetch)
 *   vdev_cache_read(); Returns 1 on cache hit, errno on miss.
 *   vdev_cache_allocate(); Creates new cache entry in LRU
 *   vdev_cache_write(); Update cache entry on write
 *   vdev_cache_evict(); Evict entry to make room for new...
 *   vdev_cache_purge(); Purge cache.
 */

fbt:zfs:vdev_cache_read:entry
{
	self->io_offset = args[0]->io_offset;
	self->io_size = args[0]->io_size;
	self->vdev_guid = args[0]->io_vd->vdev_guid;
	self->start = timestamp;
}

fbt:zfs:vdev_cache_read:return
/self->io_offset/
{
	printf("%s: %d read %d bytes at offset %d: %sn", probefunc, self->vdev_guid, self->io_size, self->io_offset, args[1] == 0 ? "HIT" : "MISS"); 
}

Here's what it looks like when it runs. Please note the long int is the GUID (Global Unique Identifier) of the disk in question, useful for figuring out whether I/O's are the the same disk or multiple:

vdev_cache_read: 14901677279437128904 read 131072 bytes at offset 138394293760: MISS
vdev_cache_read: 14901677279437128904 read 131072 bytes at offset 138394555904: MISS
vdev_cache_read: 16158491400258519295 read 65536 bytes at offset 138394489856: MISS
vdev_cache_read: 16158491400258519295 read 129536 bytes at offset 138394948608: MISS
vdev_cache_read: 16158491400258519295 read 84992 bytes at offset 138395151360: MISS
vdev_cache_read: 16158491400258519295 read 40960 bytes at offset 138395281408: MISS
vdev_cache_read: 14901677279437128904 read 131072 bytes at offset 138394686976: MISS

Please note, I offer the above script for those looking to better understand the internals of vdev_cache, not as a production tool.

Now here's the kicker... once upon a time the read-ahead cache cached all data blocks, but the performance hit was such that almost all I/O got pushed to 64K and the cache rolled over way too fast. So in Nevada Build 70 (snv_70) it was augmented to only cache on meta-data requests. In the ZIO pipeline, one of the stages is pulling the block pointer, at which point it will see if its meta-data, and if not it sets a DONT_CACHE flag.

Along with the snv_70 changes, kstats were added. The kstats are aggregated for all vdev_caches, so you don't get per disk granularity, but they can be handy (or at least interesting) observability points:

benr@quadra ~$ kstat -p zfs:0:vdev_cache_stats
zfs:0:vdev_cache_stats:class    misc
zfs:0:vdev_cache_stats:crtime   23.410498211
zfs:0:vdev_cache_stats:delegations      9960
zfs:0:vdev_cache_stats:hits     12725
zfs:0:vdev_cache_stats:misses   20865
zfs:0:vdev_cache_stats:snaptime 886853.023016843

So, you can tune the read-ahead cache, but should you? The answer is almost universally no. Of the 3 values above the only one I've seen tuned is bshift, changing from 16 to 13, thus only inflating writes to 8K. This should only be done if I/O is very expensive and extremely random and if your running snv_70 or older. NFS or Mail Servers are examples, or if your using iSCSI over a slow link.

File-Level Prefetch (DMU)

While the vdev read-ahead cache is implemented within the ZFS IO pipeline in the SPA layer, file level prefetch occurs up in the DMU layer and feeds data to the ARC (Adaptive Replacement Cache, the pool wide read cache). When you hear about ZFS's intelligent prefetch, this is what they are talking about.

The prefetch is pretty simple, in a nutshell if read a block we prefetch the next block. If you read that block we just prefetched, we go and grab 2 blocks. Got those blocks? Grab 3. Its more intelligent than this, but you get the idea. This can go all the way up to prefetching 256 blocks at a time. This behavior really benefits sequential read streams, where the data is being prefetched in the ARC before you actually need it which means more efficient disk I/O and faster response. It actually gets even more complex than this, because it can determine if multiple co-linear streams are being prefetched and collapse them into a single strided prefetch. If you've seen the ZFS: The Last Word in File Systems presentation, this whats happening when multiple users watch the Matrix.

Tuning file-level prefetch is straight forward... you can leave it on (default) or turn it off via zfs_prefetch_disable. Should you? No, not unless your workload is extremely random, and always random. Because ZFS prefetches intelligently, the overhead is minimal because if it's not useful it won't ever prefetch much. If you're doing random access to 8K or smaller files on iSCSI, you should benchmark with it turned off, otherwise let it be. In my experience disabling prefetch, even on heavily loaded systems, had little or no impact on reducing random physical disk I/O. When in doubt, keep it enabled.

Can you monitor file level prefetch? Of course! Look for the dmu_zfetch() functions, which are called out to be dbuf_read() calling out to dbuf_prefetch and then to the various dmu_zfetch_*() functions. Here is an example script:

#!/usr/sbin/dtrace -qs 


/* This should look at the arguments to dmu_zfetch_fetch */
fbt:zfs:dmu_zfetch_fetch:entry 
{ 
        self->object = args[0]->dn_object;
        self->blockid = arg1;
        self->blocks  = arg2;
        self->start = timestamp;
        printf("Prefetching object %d from dataset %s : %d blocks for blockid %dn", 
			args[0]->dn_objset->os_dsl_dataset->ds_dir->dd_object,
			args[0]->dn_objset->os_dsl_dataset->ds_dir->dd_myname, 
			arg2, arg1); 
}


fbt:zfs:dbuf_prefetch:entry
{
	printf("  zfetching object %d block %d (%d bytes) from dataset %sn", 
			args[0]->dn_objset->os_dsl_dataset->ds_dir->dd_object,
			arg1,
			args[0]->dn_datablksz,
			args[0]->dn_objset->os_dsl_dataset->ds_dir->dd_myname  );
}

This script will watch for dbuf_prefetch to request a bunch of prefetch blocks, and then the dmu_zfetch_fetch function which actually goes and gets them:

Prefetching object 53 from dataset benr : 2 blocks for blockid 41
  zfetching object 53 block 41 (131072 bytes) from dataset benr
  zfetching object 53 block 42 (131072 bytes) from dataset benr
Prefetching object 53 from dataset benr : 3 blocks for blockid 43
  zfetching object 53 block 43 (131072 bytes) from dataset benr
  zfetching object 53 block 44 (131072 bytes) from dataset benr
  zfetching object 53 block 45 (131072 bytes) from dataset benr
Prefetching object 53 from dataset benr : 4 blocks for blockid 46
  zfetching object 53 block 46 (131072 bytes) from dataset benr
  zfetching object 53 block 47 (131072 bytes) from dataset benr
  zfetching object 53 block 48 (131072 bytes) from dataset benr
  zfetching object 53 block 49 (131072 bytes) from dataset benr
Prefetching object 53 from dataset benr : 4 blocks for blockid 50
  zfetching object 53 block 50 (131072 bytes) from dataset benr
  zfetching object 53 block 51 (131072 bytes) from dataset benr
  zfetching object 53 block 52 (131072 bytes) from dataset benr
  zfetching object 53 block 53 (131072 bytes) from dataset benr
Prefetching object 53 from dataset benr : 5 blocks for blockid 54
  zfetching object 53 block 54 (131072 bytes) from dataset benr
  zfetching object 53 block 55 (131072 bytes) from dataset benr
  zfetching object 53 block 56 (131072 bytes) from dataset benr
  zfetching object 53 block 57 (131072 bytes) from dataset benr
  zfetching object 53 block 58 (131072 bytes) from dataset benr
...

Both these forms of prefetch add up to a very good way to maximize I/O activity. Are they perfect for every situation? No, the most common complain tends to be by databases which strictly work in fixed 8K blocks and manage their own caches very effectively. If you think you have such a case, file-level prefetch can be tuned on the fly using mdb, I encourage you to play with it and see what is best for your workload, but when in doubt leave it enabled. In common usage, both vdev read-ahead and file level prefetch can help make sure the I/O you may do has already been done and is sitting ready for you in DRAM.

On June 2nd, I'll be giving a 2 hour zero-to-hero talk on ZFS to give you Ninja like skills. Here is a brief outline of the talk:

• Creating Pools & Layout Schemes (RAID)
• Pool Maintenance & Handling Physical Devices in Solaris
• Creating Filesystem Datasets
• Manipulating Dataset Properties
• Creating Volume Datasets
• Snapshots
• Replication (zfs send/recv)
• Backup Considerations & Methodology
• Sharing Filesystem Datasets with NFS
• Sharing Filesystem Datasets with CIFS
• Sharing Volume Datasets with iSCSI
• Intro to Related Technologies: COMSTAR, Cloud & Virtualization Applications, SNDR Replication, etc.

This is a deep dive talk with the intention of being comprehensive, so if your new to ZFS please join us, but more especially, if you've got some ZFS experience but think you might have some gaps or want to learn about aspects you may have missed or topics not found in the manuals, this is the place to really hone your ninja skills.

My talk is the 2nd in a 4 session track . I'll follow Chris Armes who will talk about deployment, then following me is Nick Solter (co-author of The OpenSolaris Bible) to talk about OpenHA Cluster, and Jerry "The Man" Jelinek (another co-author of The OpenSolaris Bible) to talk about Containers (aka: Zones) and Virtualization.

Despite what you may have read, this deep dive is free. Please, come one come all and hone your OpenSolaris skills and have some fun. This is an excellent opportunity for free training, don't pass it up! And this is real training... we're focusing on teaching skills, not just presenting marketing slides... you will learn something. :)

Becoming a ZFS Ninja... part of an all day OpenSolaris Track.... CommunityOne San Franciso.... June 2nd.... be there!

ONStor is offering two configs:

• The LS 2130: 4 Intel Cores, 8GB of RAM, 2 Gigabit Ethernet ports, up to 48 disks.
• The LS 2150: Which doubles the specs of the 2130, offering 8 Intel Cores, 16GB of RAM, 4 Gigabit Ethernet ports, and up to 96 disks.

Both configurations offer a 10Gb Ethernet option and utilize 3U 15 Disk (3.5") enclosures for expansion. Frankly, based on the pictures on the site it appears to simply be re-badged Dell PowerEdge 2950 and PowerVault SAS arrays in a pre-configed format. Like other players in this space your paying for the integration and support of a turn-key solution as opposed to going the hard-core do-it-yourself route.

ONStor is a quality brand in the storage industry and I'm glad to see them capitalizing on the power of ZFS. Certainly NexentaStor has a solid lead on them, but the more players we have the better for everyone... there is enough storage business to go around.

... and its named Pantera.... how can you not love that?

I haven't actually tried the ONStor, but if anyone from the company wants to send me a demo unit I'd be more than happy to write up a solid review on it. ;)

There are enough of you reading this who took the input "need" and "chair" to produce the thought "Buy an Aeron!" that I felt compelled to look into it. I've never liked following the crowd, so when Aeron's became all the rage in '99 I was put off by it. The big bubble bust only seemed to benefit geeks in one way... a lot of Areon chairs flooded the market as companies who'd just ordered hundreds of them went bust. The result was that the uber-expensive and exclusive chair become far more commonly possessed and I think opened the expensive chair market wide open.

So in examining my variety of choices in quality office chairs I've come to think even more broadly about my home office. I've worked from home for over 3 years now, but frankly I never actually made changes to my setup as a result. Being a geek I've always required a dedicated room as an office/den, if for no other reason to keep all the noise confined.

This led me to reflect on something I call the "two paths to glory". That is, every geek seems to need to one-up those around them and somehow differentiate and prove their geekdom... this is done in one of two ways:

1. More is More: These are the guys with a deep wallet that always have the fastest processors, biggest screens, flashy furniture, etc.
2. Less is More: The geek who does the most with the least (and generally brags about it). The more obscure your setup the better.

In the old days this divided nicely along OS lines. The Windows and Mac guys would boast about their MacWorld or PC World top rated gadgets. The UNIX/Linux guys would boast about their SGI Indigo2 or 486 running Linux on a 14" screen and how that was all you really needed. Recently, especially with the proliferation of affordable, powerful laptops the less-is-more crowd has tended toward a MacBook Pro... no office, no network, just a MacBook Pro and some wifi, if it can't be done with that it doesn't need doing.

So the lines blur when you work full time from home, suddenly your not sure which camp in which you fit. For instance, I bought a good desk several years ago and a cheap chair and I upgrade my Solaris workstation once a year with a complete system replacement around every 3-4 years. I only currently have a single system and that works for me. I just don't see the point in putting a lot of money into lots of gear, because I got into system administration when I realized that the computers I really wanted to play with were so expensive I'd never be able to afford them.... the only way to use such gear was to let others pay you to do it. Sweet deal.

On the other side is the argument everyone has heard applied to mattresses: "You spend almost 25% of your life on your mattress, so [spend a lot]..." When I recently asked folks what they thought about paying $600 for a new office chair I was surprised how many people thought it was reasonable, with similar logic: "If you spend more than 8 hours a day in a chair, you've got to invest in a good one." I understand the argument, but still can't get past the sticker shock. $600 for a chair? $2 for a cup of coffee? What the hell is wrong with people!?!

This leads me to think the only rational explanation for the two camps is experience. That is, if I never spend time using a $1,000 chair or a 30" display or whatever, I'm unlikely to feel I need it. But, if by some chance I do get that luxury, giving it up may be impossible. This jives with most of the Areon elite I know... they first used them in an office and then when they started working from home they just had to have them. Likewise, those like myself that don't see the point are folks like me that either never had a choice in chairs or never gave them any thought and just used whatever was available.

The argument extends not only to chairs and workstations, but to input devices. To this day I only use Sun Type5/6 keyboards or cheapo $10 Keytronics. I only use mechanical 3 button USB Logitech mice because I absolutely hate mouse-wheels (hate hate hate!!!). I'm terrified of the day I have to diverge... but there are plenty of people who think that, like a chair, you've got to invest is $100+ keyboards and high end mice. Wierd. Granted, I'd love to have an Optimus Maximus, but then I'd actually prefer to just find a cheap Sun Type 5 to USB adapter. :)

So here is the question for you my friends..... in which camp do you fall? Do you equip your home office with a 24" trihead Xinerama setup, high end desk, home NAS box, test box, workstation, laptop, Herman Miller chair and all the goodies you could to afford to buy from ThinkGeek? Or, are you like me, cheap and unaware of the need for such things, buying up gear when you find a deal but generally getting by with gear that does the job?

In the wake, there is a fear for a great many of us. A lot of us have a lot of stock in Sun Microsystems... not shares of common or preferred, but emotional, personal, professional. How many of us are known as "the Sun guy"... a great many. What happens to that intangible vested stock? What do we do?

Sound over-dramatic? I'm sure that about half of you reading this are thinking "really, life goes on, get a grip" and the other half are now struggling with an uncertainty you previously took for granted. It is to the latter that I speak.

Almost everyone seems to agree that given the choice between IBM and Oracle, the latter is better. I admit I liked IBM as a prospect only because I think that the cultures of Sun and IBM are so different that the two couldn't integrate. Rather, Sun would be like a rebel alliance deep within the deathstar. Some element of the counter-culture would survive. But Oracle... they fit almost too well, I can see the two integrating and it will force Sun's products back into that old enterprise mentality.

I think whats really changed at Sun in the last 10 years is a shift in the definition of "enterprise". It used to be those with the cash for big SPARC servers, Solaris licenses, and a passion for support contracts. The shift was for us to counter Linux by saying "everything is (or can be) enterprise"! Solaris is the premier enterprise grade operating system, and you can put it on your E10K, or your X4200, or your Supermicro, or your Asus EEE. DTrace belongs on your $500,000 server and your MacBook.

Whats the underlying problem Sun has been unwilling to face? I think its that Sun is too many things to too many people. We all have solutions for how to "fix Sun"... but all of our solutions are different. Because we all see Sun differently. My brother-in-law is one of the industries premier J2ME developers; we're on opposite parts of the same company, he could care less about the systems group, and I believe that Sun is a systems company and should focus there. As I've said many times in the past, Sun is a house divided. And for all the attempts and efforts, producing a real end-to-end offering hasn't bore enough fruit.

I think Oracle is going to do what Sun's management has been too afraid to do... their going to make the tough choices and unify the products. Its going to be painful and ugly... but they may finally align all the cogs and wheels to provide aligned solutions. They've said as much in the initial releases and I believe it thoroughly.

People keep speculating on what will survive and what will be chomped. Will Oracle kill X86? Or will they dump OpenSolaris? Or will they.... Frankly, I doubt non-overlapping products have any concern. Some of the middleware will be integrated and melt into the mix, but I think thats the extent. Rather, I expect Oracle to do a lot of pruning. Just as with gardening, you need to trim away less productive stems to channel maximum resource into those with the most promise. Therefore I think we'll see fewer offerings, but much stronger ones.

For those of us with a vested interest in Sun, I think this is a time to shine. The change will be potentially radical, and that provides an opportunity for first-mover advantage. There are going to be a lot of questions, a lot of concerns, a lot of uncertainty, and people with answers and solutions stand to gain. Consulting should be lucrative. Bloggers and writers, and those who are ready to help on mailing lists and within organizations can prosper.

The key is to pick ourselves up, individual and collectively, and be ready to embrace the change. Not because we want to, but because thats the reality of it.

If Oracle does what it seeks to do, there should more opportunity for skilled Solaris admins and developers than we've seen in several years. All that SPARC knowledge you shelved may need a refresher. And if Oracle can truly provide that end-to-end experience, there will be a tremendous need for engineers that not only understand UNIX or even Solaris, but understand DTrace and ZFS and ILOM and LDOMs and xVM and Crossbow and Zones and SPARC and Cluster and on and on. The value will come from those individuals who not just understand a given Sun technology but rather a complete integrated stack view.

Oracle's going to follow up product offerings with support and consulting... but we all know that only goes so far, the rest of us will need to go the distance.

So my advice is nothing extraordinary, but rather the obvious, as an encouragement. Soon all your skills may be required of you. We all have a head start. If Oracle puts its weight behind Solaris and even SPARC it may dislodge some of the inroads Linux has made and put Solaris back on top in the enterprises of the world. We must be ready, we must be watchful, and we must seize opportunity as it arises.

DEC went down a road of destruction. We can be thankful we've been spared a similar fate, which may well have been with IBM. As sysadmins, developers, enthusiasts, employees, partners... as a community... we've got to dust ourselves off and look ahead and look around us for all the possibilities that present themselves.

I'll leave you with this thought:

A wise and dear friend of mine today asked me: "Where does your allegiance lie: with Sun or with Solaris?" That's a question each of us has to re-evaluate very carefully.

The following amazes me...

We’ve never walked away from the wholesale reinvention of business models, the redefinition of technology boundaries or the pursuit of new routes to market.

Apparently there is no time like the present in which to start. Going on...

We’ve never walked away from a challenge - or an opportunity.

um.... what?

I do not consider the announcement to be the end of the road, not by any stretch of the imagination. I believe this is the first step down a different path, one that takes us and our innovations to an even broader market, one that ensures the ubiquitous role we play in the world around us.

Did I miss something? I know I've been drinking Jonathan's kool-aid a long time, but if Sun ceases being Sun and become a part of Oracle, isn't that the end of the road? Sun badge replaced with Oracle badge... I think thats sorta the end.

Thank you for everything you’ve done over the years, and for everything you will do in the future to carry the business forward.

Ya, to carry their business forward. What the hell?

Lets please separate things a bit. Solaris, Java, MySQL, SPARC, etc, will go on.... Sun will not. His email sort of glosses over that fact with the same old crufty flowery "we rule" statements... except that "we" don't exist anymore, or at least we won't in a couple months.

I think the Oracle deal may very well be transformational for Solaris, Java and SPARC, but Sun Microsystems is something very near and dear to many of us... and now its done. I realize he was trying to avoid a "sorry, we tried, it was time to throw in the towel" mail, but wow... our great and mighty leader is himself in denial. Sad.

In a cloud of sadness and bewilderment, I find comfort in Ecclesiastes, the wisdom of Solomon, approx 3,000 years ago he had the right words:

3:1 For everything there is a season, and a time for every matter under heaven:

2 a time to be born, and a time to die;
a time to plant, and a time to pluck up what is planted;

3 a time to kill, and a time to heal;
a time to break down, and a time to build up;

4 a time to weep, and a time to laugh;
a time to mourn, and a time to dance;

5 a time to cast away stones, and a time to gather stones together;
a time to embrace, and a time to refrain from embracing;

6 a time to seek, and a time to lose;
a time to keep, and a time to cast away;

7 a time to tear, and a time to sew;
a time to keep silence, and a time to speak;

8 a time to love, and a time to hate;
a time for war, and a time for peace.

There is no way for me to take this positively. Many of you, loyal readers, know that I tend to err on the side of idealism; frequently to my peril. Rather than seeing an acquisition as a way to save Sun, I rather see it as the final failure of Sun's board of directors and the leadership of Jonathan Schwartz.

Jonathan is himself idealistic, which has always drawn me to his banner. I've frequently taken exception to criticism against him... because I believe in what he wanted to do. However, I can no longer avoid the inevitable conclusion that his inability to execute has killed my beloved company.

Frankly, I see this as complete cowardice. Sun needed to make radical changes to its business.. but rather than do so they opted to ride it out and wait for someone else to make the tough choices. While this may be the best choice for shareholders, its tough for those close to the business to take. In years time people will be speaking about Sun the same way we currently talk about DEC. Will the Sun brand die? Maybe not. Will Sun's products be more prominent than ever? Quite possibly.... but it won't be the same company.

So is this the end? No, I don't think so... quite the opposite, I see it as a new beginning. I'm simply angry that Oracle is going to do the work that the Sun Board of Directors failed to do; damn the shareholders (of which I am one).

One of the inevitable consequences of this sort of deal is that sales are going to grind to a halt for a season. For instance, I'm super excited about the new Intel X5500 powered Sun Fire X4275... 12 3.5" drives, Sun SSD, ILOM, Intel Networking... its a killer!

.... but what will become of the Sun X86 line? Do I want to buy a bunch of boxes that may not have a future? I'm not putting my money on that bet.

As for Oracle... this is what scares me. To this very day, Oracle 11g is not available for Solaris/X64! Oracle has completely ignored Solaris/X64 for some time now. Combined with Oracle's promise to put Sun's margins in order, suggests a new life for SPARC. While I think the better future is to push Oracle 11g RAC on Sun X64 systems that may not be in the cards.

What will happen? There is a lot of speculating I can do, but I'm going to wait for details. It's like being a 20 year old kid living away from home and the parents have shown up unexpected, and you know you're in deep shit but not sure what'll happen next. Parties over, thats for damned sure.