Home close (×)
Attention:   The information you find below is outdated

Cool threads and hot nerves

Commissioning Part 1: Solaris

The T2000 came preinstalled with Solaris 1/06. Since it is not the latest and greatest it had to make room for Solaris 10 6/06, a.k.a. Update 2. The idea behind the fresh installation: The disk I/O benchmark should run (also) on Solaris new Zettabyte file system. Except the new features of ZFS I expected UFS to be slower, also if I would switch logging off. Also the ChangeLog says that there were more TCP and UDP performance improvements which I suspected to be relevant for the net I/O measurements. One reason more to go for the last official release.
  Well, there's not so much to say about the Solaris installation. Since my jumpstart server was loaded for production reasons with Solaris 10 Update 2 a longer while back, all needed was to run add_install_client with the right parameters on the jumpstart server and afterwards on the Niagara system boot net. After a longer while and some keystrokes I ran my postinstallation which does more or less automatically the following:

  • add "companion CD software" from NFS (system administration=SA)
  • switches off not needed services (security), in 11/06 hopefully not needed anymore
  • allows root to login via ssh by public key authentication (SA)
  • switches on TCP wrapper (security)
  • moves home directory from root to /root (security)
  • configures syslog forwarding (security and SA)
  • disallow code execution on stack (security, /etc/system)
  • blowfish encryption for new passwords (security, /etc/security/policy.conf)
  • configures Sun patch manager and brings patches up to date (smpatch, SA)
  • reconfigures printing to CUPS and listens to CUPS broadcasts (SA)
  • installs Forte^WSun Studio compiler (SA)
  • sets up proper shell environment (SA)
  • adds two local users (for test)
  • reconfigures automounter maps to get NFS directories (data and home dirs) from one server (SA)
  • initializes man page index (SA)

As expected despite the fact that the Niagara hardware was new to the environment, everything went ok. The only thing which to criticize Sun for is that the Unix security settings are per default very relaxed – Linux distributors nowadays are doing way better with respect to this. Tighter default settings will eventually come with the next Solaris update (Update 3) which includes the Trusted Solaris Extensions. It is seeking Common Criteria Certification EAL4+. Another issue: To update patches via smpatch -L takes an eternity.

A few things were done manually afterwards. I created for the disk benchmark a flat ZFS pool on the remaining space on disk c0t0d0. Speaking of disks: Since Ubuntu switches on the on-disk write cache per default whereas Solaris does not, one has to remedy this as e.g. mentioned in CoolThreads Try and Buy FAQs. This is a good resource if you want to do performance measurements on the T1000/T2000. At this point of time I didn't tune the networking yet. To supposedly get better throughput out of the internal NICs one should tweak some kernel parameters in /etc/system, but I left that subject of the test as well as using jumbo frames 1).

Since I am interested in fast password cracking – for business reasons, not privately – it became kind of a usual test for me to quickly run my favorite benchmark: John the Ripper. It supports a variety of hashes from the Unix and also in the NT world. It's unfortunately a single threaded application, it however does not make a lot of use of floating point calculations. But it's developed on the Intel architecture and does a lot of bit shifting stuff, also in it's latest releases supports SSE2 and MMX bit slice code in x86-assember. To make the story short: Overall the performance wasn't great, it's half of an UltraSPARC III at 750 MHz, or: 4-5 times slower than a fully optimized SSE2/MMX john --test run on a 3.0 GHz Pentium 4. Consistent coloring in /etc/system or the choice of the compiler (gcc 4.0.2 / Sun Studio) didn't change results dramatically (in all cases the "best" compiler flags were used). More thorough research on this did a university in Aachen, Germany.

 

Commissioning Part 2: Linux, CD-ROM

From time to time I use Dapper Drake (Kubuntu) on my Intel-based primary desktop system. The initial (manual) installation and the upgrade from Breezy Badger to Dapper Drake on that piece of hardware was easy. It basically took place by just editing /etc/apt/sources.list two apt-get commands on the running system, that's the best thing about Debian-based Linux distributions! Wish that would be possible with Suse Linux or Fedora Core. So I was very curious how good Ubuntu Linux will be on an UltraSPARC.

After the first of the SAS disks was prepared with Solaris 10, it was time now to install Ubuntu on the second disk. The latest ISO image by the time of the test was 6.06.1 which I pulled from ubuntu.com. It booted fine, albeit due to the 9600 bps I had to use over the console, the ncurses output was a little bit slow, politely speaking. There's a ttya setting in the OBP, but I didn't change it. The system controller refuses to alter the speed, too:

sct2000-sc> setsc ser_baudrate 19200
Error: configuration of parameter <ser_baudrate> failed as it is read only.
sct2000-sc>

As I later found out on the Sun Blade 1000, it doesn't matter, because it looks like the image has somewhat 9600 bps hardcoded in. Another drawback: you only have "one channel", you neither have Linux virtual consoles nor can you login to find out what's going on. Suse/Novell have for their remote installations a a convenient feature which I frequently use for production purposes: The append option in linuxrc of usessh=1 sshpassword=mysecret has the effect that the system boots, requests a DHCP address, spawns sshd allowing root to login with mysecret and enables him finally to start the graphical installer.

Back to the installation from CD. I saw the first output:

Sun Fire T200, No Keyboard
Copyright 2006 Sun Microsystems, Inc.  All rights reserved.
OpenBoot 4.20.4, 8184 MB memory available, Serial #64566226.
Ethernet address 0:3:ba:d9:33:d2, Host ID: 83d933d2.

Rebooting with command: boot cdrom 
Boot device: /pci@7c0/pci@0/pci@1/pci@0/ide@8/cdrom@0,0:f  
File and args: 
SILO Version 1.4.10
\


                       Welcome to Ubuntu dapper!

This is an Ubuntu installation CDROM, built on 20060811.1.
Keep it once you have installed your system, as you can boot from it
[    6.059721] rtc_init: no PC rtc found                                        
Starting system log daemon: syslogd, klogd.     
FATAL: Module usbkbd not found.                                                 
FATAL: Module usbhid not found.                                                 
FATAL: Module usbserial not found.       

I was then first asked for the language, it looked like Germans seemed to be a minority:


        +---+ [!] Choose language +---+
        |                             |
        | Choose your location:       |
        |                             |
        |      Australia       :      |
        |      Botswana        :      |
        |      Canada          :      |
        |      Hong Kong       :      |
        |      India           :      |
        |      Ireland         :      |
        |      New Zealand     :      |
        |      Philippines     :      |
        |      Singapore       :      |
        |      South Africa    :      |
        |      United Kingdom         |
        |      United States   :      |
        |      Zimbabwe        :      |
        |                             |
        |     <Go Back>               |
        |                             |
        +-----------------------------+

Except Botswana, Philippines and Zimbabwe there were only choices for 100% English speaking countries. At that point I already started to smell something because normally Ubuntu's language support is – within the Linux world – above average. Ok, to ease matters I decided for US. I was then prompted with a dialog box greeting me "No keyboard to configure":


         +-------+ [!] Select a keyboard layout +-------+
         |                                              |
         | Your keyboard is:                            |
         |                                              |
         |  No keyboard to configure                    |
         |                                              |
         |  Find your layout by pressing some keys      |
         |  Select from full keyboard list              |
         |  Test whether this layout is correct         |
         |                                              |
         |     <Go Back>                                |
         |                                              |
         +----------------------------------------------+

but still wanted my to configure a keyboard. Huh? I made my choice, nothing fortunately happened. Next was a status dialog "retrieving packages", afterwards I was presented with a dialog of the T2000's four Gigabit Ethernet cards. "Oh, good choice from Sun, they are Intel-GE cards" I thought, picked eth0 (first card in Linux terminology). Good, Ubuntu's installer realized that there's an DHCP server, it queried automatically the server and accepted all IP settings, but prompted me whether it should accept the hostname which is the right thing to do.
  Then, after the CD image was telling me "starting up the partitioner" for a long while (15 minutes) nothing happened, so I pressed a key, no reaction either. Another keystroke, nothing. ^C then finally put me into the partitioning screen:


  +------------------------+ [!!] Partition disks +-------------------------+
  |                                                                         |
  | This is an overview of your currently configured partitions and mount   |
  | points. Select a partition to modify its settings (file system, mount   |
  | point, etc.), a free space to create partitions, or a device to         |
  | initialise its partition table.                                         |
  |                                                                         |
  |            Configure software RAID                                      |
  |            Configure the Logical Volume Manager                         |
  |            Guided partitioning                                          |
  |            Help on partitioning                                         |
  |                                                                         |
  |                                                                         |
  |            Undo changes to partitions                                   |
  |            Finish partitioning and write changes to disk                |
  |                                                                         |
  |     <Go Back>                                                           |
  |                                                                         |
  +-------------------------------------------------------------------------+

Well, I had nothing yet configured on the Linux side, there was no real documentation on the installation so I thought I first have to run the partitioner. I went for "Guided partitioning", again it hung. I pressed a key, the screen scrolled, that was it. Waited a while, nothing, pressed ^C and there was a segmentation fault. Great. The installation continued, the partitioning menu showed up. But none of the menu items were getting me anywhere. So the educated guess was that the kernel couldn't find find the SAS disks. As I mentioned above at this point you're locked out of the system: You can't just press e.g. CTRL-ALT-F1 to switch to the first virtual console and check dmesg or the kernel modules loaded.
 As just a try instead of the 6.06.1 image I popped in the 6.06 CD, hoping that the SAS controller was support by the older boot image. But my assumption was wrong.