
Solaris 10 Zones on Illumos Tribblix - todsacerdoti
https://ptribble.blogspot.com/2020/08/solaris-10-zones-on-tribblix.html
======
canadian_tired
I will always look back on Solaris wistfully. It was (and will always be) my
favorite Unix. When containers showed up... oh man... my lab guys lost their
mind. We had a never ending parade of upgrades...and server rotation. Enter
zones... and things just become OOM easier. Want a zone of your own? No prob.
Wonderful isolation and resource allocation, too. The network stack was a bit
iffy in the early days, but Sun sorted it out. All our zones (incl. root!)
were on NAS... we could move zones around the hardware at will. It was
incredibly useful and a whole lot of fun.

------
trollied
I really liked Solaris. ZFS, Dtrace, Zones, brilliant hardware.

It's a shame Oracle destroyed it (mostly) and Sun. Though some might argue
that Linux taking over played a part in that.

A parallel universe with Sun surviving & properly embracing open source would
have been very interesting.

~~~
hylaride
Solaris 10 really was the pinnacle of UNIX. At a previous company, we were
doing with Solaris zones and ZFS snapshots essentially a docker-like
development ecosystem. We were really excited about the crossbow networking
project, but then the Oracle acquisition happened almost all new and
innovative work stopped.

In a more perfect world, Joyent would have become bigger than it was. Alas...

~~~
binarycrusader
I'll assume that was a typo and you meant Solaris _11_. Solaris 11 has some
amazing advancements over 10 in terms of security, packaging, and many other
metrics.

Also, for the record, it is objectively untrue that all new and innovative
work stopped. My primary disappointment was the silent discontinuation of the
OpenSolaris project.

~~~
hylaride
No, I meant 10. The same way you might say that the McLaren F1 is the pinnacle
of car engineering, despite higher performing cars being subsequently
released.

The delta between what you could get between Solaris 10 and most anything else
at the time (free or otherwise) was very impressive. Zones/containers had
little equal (maybe FreeBSD jails, but so much nicer to manage), ZFS made me
almost cry that I’d never have to deal with veritas again, and DTrace allowed
safe, live debugging whenever I felt like it. I’d add SMF there somewhere if
it wasn’t configured via XML.

Sure, IPS is technically superior to apt or yum (well, anything is better than
yum), but it’s not ground breaking better than what you have elsewhere. 11’s
security is indeed improved as they took what was already done of crossbow,
and implemented it, then cancelled the rest.

I was using hyperbole, but the general feeling to those of us that were
customers was of a large cutback in work. And that was before oracle jacked up
the prices.

I _miss_ Solaris, but there is no reason I would recommend it to anybody
today, even if you had to manage your own hardware and not be on a major cloud
vendor.

~~~
binarycrusader
Then we're going to have to agree to disagree; because the next Solaris
release went all the way to 11 ;)

As for _11’s security is indeed improved as they took what was already done of
crossbow, and implemented it, then cancelled the rest._ \-- that's
shortchanging an incredible amount of work that was done that was not related
to crossbow at all. Crossbow, while great, was hardly the largest or most
important project that was being worked on although it was certainly one of
them.

~~~
hylaride
I won’t disagree with you about any improvements 11 made, but merely again the
delta against competing options available.

FYI, I’m verbally harsh because as I said I _miss_ Solaris and miss having an
economic reason to use it.

------
oomkiller
Poking around in the weirdness that is Solaris is so much fun. The comments in
the source code are legendary as are the man pages, seemingly much more
helpful than other platforms, with a focus on providing good examples. Zones,
DTrace, ZFS, and SMF are incredible tools that were over a decade ahead of
their time. Zones in particular seem to still offer isolation advantages over
the various implementations of containers on Linux. Designing a cohesive
system for containing multitenant workloads had its advantages. I'm glad
enthusiasts have been able to keep Illumos going, it would be a shame for
nobody to be running all that code.

~~~
Annatar
Asserting that Solaris has weirdness is an insult, because Solaris is the AT&T
System V Release 4.0 reference implementation. Solaris is also the reference
implementation for libc functions like malloc, threading, realtime kernel
implementation, NFS, NIS, containers, shared memory, SCSI, fiberchannel, high
performance TCP/IP networking, network virtualization, parallel service
startup/shutdown, POSIX compliant shells, POSIX AWK, XPG4 and XPG6 userland, I
could go on and on and on; if you want to write an implementation of some
IEEE, POSIX or RFC specification, or some kernel or userland subsystem,
Solaris / illumos is the place to refer to on how to do that, and how to do it
correctly.

------
mapgrep
Some comments are treating this as an opportunity for a Solaris wake and while
I certainly don't object I wonder if needs pointing out that there is a lively
ecosystem of Illumos derivatives, Illumos itself being a derivative of Solaris
(via what was once called OpenSolaris).

Some examples include SmartOS (Samsung maintained datacenter centric flavot,
lots of tools for rapid/easy deployment of compute nodes and machine images);
OmniOS (for laptops); and one I had never heard of until this post, Tribblix.

A common pattern is to run other OSes in some zones via bhyve (linux and bsd)
or kvm or lx branded zones (linux). But the native platform can handle many
scenarios these days.

------
ptrott2017
Just a note to say Tribblix is a fantastic Illumos distribution that works
well on AWS. Peter Tribble deserves much applause for maintaining this. If you
are curious re: Illumos and need a place to start - Tribblix is a good one.
Have fun.

------
indigodaddy
Solaris 10/11 are still heavily entrenched in the telecom/ISP industry. Not
going away anytime soon.

~~~
rbanffy
Oracle will milk this cow until it bleeds. And then they'll bleed it until
it's dry.

------
sicnus
Solaris 10 has been EOL since what this time last year? No more updates are
going out to it. So if you are still running a Solaris 10 zone then you aren't
able to patch it.

~~~
cosmojg
This post is about Tribblix, the Slackware of Illumos, a well-supported fork
of OpenSolaris. The ecosystem is alive and well.

~~~
Annatar
Tribblix is unlike Slackware - it uses AT&T SVR4 packaging with zap which is
akin to yum on top, whereas Slackware used tape archives. Yes, tape archives
for backing up to tape. That says it all.

~~~
yellowapple
> whereas Slackware used tape archives

Pardon?

~~~
Annatar
No pardon - Slackware "packages" were .tar tape archives. The entire "OS" was
hacked together out of parts, whereas Peter _system engineers_ Tribblix. No
pardon.

~~~
yellowapple
Just because "tar" happens to stand for "Tape ARchive" doesn't mean tarballs
have anything to do with actual tape archives. It only means that the files
are stored sequentially, which is a perfectly reasonable way to structure an
archive.

If you want to criticize how Slackware does things, there are myriad better
points you could've brought up, like:

\- The installer being only minimally changed from that of Softlanding Linux
System

\- The installer still operating under the notion of "disk sets", from back
when it was remotely feasible to install Slackware from floppies (which hasn't
been the case in multiple decades now)

\- The lack of dependency checking (though having been burned by dependency
hell multiple times, I'd call this a "feature")

\- The lack of PAM, if that matters to you (though the -current branch now
includes it, so Slackware 15.0 probably will, too)

And yet, none of these things have prevented me from being happy and
productive with Slackware, both at home and at work, on desktops and servers.
It's what I'm running on the very laptop on which I'm typing this comment, on
my main workstation / gaming rig at home, and previously on my servers (before
I acquired a taste for OpenBSD and SmartOS).

