Transparent Encryption is very easy to use on Oracle Solaris.
You just need to set the encryption property when you create a new filesystem and provide a passphrase or keyfile.
On a SPARC S7 LDom we have 3 ZFS filesystems with different encryption settings.
# zfs get encryption v0123_db/plain v0123_db/encr v0123_db/encr256
NAME PROPERTY VALUE SOURCE
v0123_db/encr encryption on local
v0123_db/encr256 encryption aes-256-ccm local
v0123_db/plain encryption off -
Now lets see how much is the difference in write performance if we copy a 1 GB file.
# ls -lh p25604852_1100_Solaris86-64_1of4.zip
-rw-r--r-- 1 marcel staff 1.3G Apr 7 2017 p25604852_1100_Solaris86-64_1of4.zip
#
# time cp p25604852_1100_Solaris86-64_1of4.zip /plain
real 0m8.829s
user 0m0.002s
sys 0m1.711s
# time cp p25604852_1100_Solaris86-64_1of4.zip /encr
real 0m9.229s
user 0m0.002s
sys 0m1.747s
# time cp p25604852_1100_Solaris86-64_1of4.zip /encr256
real 0m9.733s
user 0m0.002s
sys 0m1.754s
The difference is a low one digit percent value.
Performance impact is a little larger when doing a simple read test.
# time cp /plain/p25604852_1100_Solaris86-64_1of4.zip /tmp
real 0m4.216s
user 0m0.002s
sys 0m3.810s
# time cp /encr/p25604852_1100_Solaris86-64_1of4.zip /tmp
real 0m5.131s
user 0m0.003s
sys 0m5.028s
# time cp /encr256/p25604852_1100_Solaris86-64_1of4.zip /tmp
real 0m5.400s
user 0m0.003s
sys 0m5.287s
Learn more about ZFS encryption with the Oracle Solaris 11.4 ZFS Admin Guide
https://docs.oracle.com/cd/E37838_01/html/E61017/gkkih.html
30 May 2020
Oracle Database on Solaris ZFS done right
ZFS is the default
filesystem on Oracle Solaris. It is
very easy to use with the
two commands zpool and zfs.
Disk management
Expand existing LUNs or
add additional LUNs if you
need more space. Since
Solaris 11.4 you can remove LUNs if you
want to shrink your pool.
Features
No need for filesystem
checks, because of the copy-on-write
implementation. You can
create snapshots and clones,
use encryption and
compression. Transfer data to other
systems using send/receive
or sharing.
Move the pools using
export/import to other systems.
ZFS builds the base for
the Solaris BootEnvironment (beadm)
where you are able to
update to and boot from different Solaris 11
Updates.
ZFS is my preferred
filesystem and volume manager, but
is everything perfect? No.
You need to carefully configure
ZFS to avoid and work
around fragmentation.
Oracle Database
You can run Oracle
Database very well on ZFS and profit
from snapshots, cloning
and other features. Especially
for larger databases (many
TB) with lots of data changes
you should setup
carefully.
Following a few
Best Practices based on own experiences
and Recommendations by
Oracle:
- data pool with log
device / 8KB recordsize for data / logbias=latency
- redo pool with log
device / 1MB recordsize / logbias=latency
- archive pool
/ 1MB recordsize
Add multiple LUNs for
striping. Use SSDs for highest performance.
If you are using SAN
increase zfs:zfs_vdev_max_pending
and ssd:ssd_max_throttle to 20.
Limit the ZFS Cache
(zfs:zfs_arc_max)
Make sure there is around
20% free space on the zpools.
Use a Server with 'enough'
Memory.
After many years of using
ZFS it always hurts, if I have
to use other more
complicated filesystem ....
Links
Pool Creation Practices
for an Oracle Database (Solaris 11.4 ZFS Guide)
Configuring Oracle ZFS for
an Oracle Database Whitepaper (2014)
Oracle DB erfolgreich
betreiben auf SPARC/LDoms/Solaris/ZFS (German Presentation)
21 April 2020
New Oracle SPARC and Solaris Webcasts on Demand / April 2020
Learn about the Security features and Performance of the
Oracle SPARC Servers.
Upgrade to Solaris 11.4, which includes the new Web Dashboard,
Compliance, Virtualization and much more.
Why SPARC for most demanding mixed Database workloads
45 Minutes
https://go.oracle.com/LP=89566
Oracle Solaris and SPARC Virtual Seminar
2 Hours 15 Minutes
https://go.oracle.com/LP=91258
Oracle SPARC Servers.
Upgrade to Solaris 11.4, which includes the new Web Dashboard,
Compliance, Virtualization and much more.
Why SPARC for most demanding mixed Database workloads
45 Minutes
https://go.oracle.com/LP=89566
Oracle Solaris and SPARC Virtual Seminar
2 Hours 15 Minutes
https://go.oracle.com/LP=91258
20 February 2020
Oracle Systems Customer Forum / June 2020
Original plan was:
Tuesday, 17 March 2020 09:00 - 17:30
A full day event in Prague (Czech Republic)
NOW postponed to Early June 2020
with Oracle Systems Engineering and Product Management onsite
Learn the benefits in 2 tracks about Oracle SPARC/Solaris and Oracle PCA
Performance Analysis, Optimizing Lifecycle, Security & Compliance,
Beating Ransomware and a lot more ...
Full Agenda
https://www.oracle.com/a/ocom/docs/dc/em/systems-customer-forum-prague-2020-web.pdf
Registration is open
https://eventreg.oracle.com/profile/web/index.cfm?PKwebID=0x720861abcd
And Prague is a very nice City !!
See you there!
Tuesday, 17 March 2020 09:00 - 17:30
A full day event in Prague (Czech Republic)
NOW postponed to Early June 2020
with Oracle Systems Engineering and Product Management onsite
Learn the benefits in 2 tracks about Oracle SPARC/Solaris and Oracle PCA
Performance Analysis, Optimizing Lifecycle, Security & Compliance,
Beating Ransomware and a lot more ...
Full Agenda
https://www.oracle.com/a/ocom/docs/dc/em/systems-customer-forum-prague-2020-web.pdf
Registration is open
https://eventreg.oracle.com/profile/web/index.cfm?PKwebID=0x720861abcd
And Prague is a very nice City !!
See you there!
12 February 2020
New Oracle Solaris eBook is available
Read the new Oracle Solaris eBook
Oracle Solaris: The Ideal Operating System for Your Oracle Database
Available for free, eMail address registration required.
Oracle Solaris: The Ideal Operating System for Your Oracle Database
Available for free, eMail address registration required.
21 January 2020
On Demand-Webcast: Oracle Solaris 11.4 - The Trusted Business Platform
In case you missed the Live Webcast about Oracle Solaris 11.4 in Mid December 2019.
Oracle has made this Webcast available on Demand
The webcast is 1 hour
Oracle has made this Webcast available on Demand
The webcast is 1 hour
23 December 2019
My Solaris Highlights 2019
And another year nearly
done. Here my highlights in the field of Oracle Solaris.
In March we at JomaSoft
made our VDCF Version 7.2 available with enhancements for Solaris
Monitoring and Systems Verification.
If you would like to learn
more about “Oracle Solaris 11.4” which is available since August 2018
you can watch the 2 hours Oracle Virtual Seminar which was held in April by the Oracle Solaris Product Managers.
you can watch the 2 hours Oracle Virtual Seminar which was held in April by the Oracle Solaris Product Managers.
Mid May Oracle organized the “Oracle Solaris Tech Day” in Prague. This was a full day event in a nice European city. Very interesting presentations and discussions with the Solaris Engineers.
May 22th I could talk
about the small, but powerful SPARC S7-2 Servers at the SOUG Day
in
Olten (Switzerland). You can download the german presentation/pdf
Olten (Switzerland). You can download the german presentation/pdf
In August I talked
at the Robotron Oracle Fokustag in Wil about OS Security with Oracle
Solaris.
I missed Oracle
Open World in San Francisco this September, but the presentations
can be downloaded. You can find the list of Solaris/SPARC Session in my
can be downloaded. You can find the list of Solaris/SPARC Session in my
blog post “Solaris Session PDF of Oracle Open World
2019”
https://jomasoftmarcel.blogspot.com/2019/09/solaris-session-pdf-of-oracle-open.html
Every year in November the largest Oracle User Conference in Europe takes place in Nuremberg, Germany. The DOAG Conference: Good location, food and lots of technical sessions.
This year I could talk about the two Topics “Solaris 11.4” and “Private Cloud on SPARC”
Here the Links to the 2 german PDFs:
https://www.jomasoft.ch/docs/DOAG19_JomaSoft_Solaris_114.pdf
https://jomasoftmarcel.blogspot.com/2019/09/solaris-session-pdf-of-oracle-open.html
Every year in November the largest Oracle User Conference in Europe takes place in Nuremberg, Germany. The DOAG Conference: Good location, food and lots of technical sessions.
This year I could talk about the two Topics “Solaris 11.4” and “Private Cloud on SPARC”
Here the Links to the 2 german PDFs:
https://www.jomasoft.ch/docs/DOAG19_JomaSoft_Solaris_114.pdf
https://www.jomasoft.ch/docs/DOAG19_JomaSoft_PrivateCloud_SPARC.pdf
In November and December I was at 5 Locations in Germany (Hamburg, Frankfurt, Düsseldorf, München and Berlin) to present our JomaSoft VDCF Solaris Management Solution and to explain how to make Solaris Operations more efficient.
After several years in the Oracle ACE Community Oracle nominated me at the highest Level in the ACE Program as an “Oracle ACE Director”.
Now its time to relax a few days. More about Oracle Solaris in 2020. Stay tuned.
Merry Christmas and a Happy New Year to all Oracle Solaris Engineers, Consultants and Admins.
In November and December I was at 5 Locations in Germany (Hamburg, Frankfurt, Düsseldorf, München and Berlin) to present our JomaSoft VDCF Solaris Management Solution and to explain how to make Solaris Operations more efficient.
After several years in the Oracle ACE Community Oracle nominated me at the highest Level in the ACE Program as an “Oracle ACE Director”.
Now its time to relax a few days. More about Oracle Solaris in 2020. Stay tuned.
Merry Christmas and a Happy New Year to all Oracle Solaris Engineers, Consultants and Admins.
Subscribe to:
Posts (Atom)