Sun Microsystems Inc. is gunning for some of Linux’s rising popularity in the enterprise with the newest release of its Unix derivative, Solaris. In this Clear Choice Test, we found that Solaris 10, torn from its SPARC-only roots, now runs very quickly and very easily on generic 32-bit x86 Intel and 64-bit Advanced Micro Devices-based servers. It also has new security features and supports a range of Linux applications. And it’s free.
Solaris 10 has a variety of installation options, ranging from an everything-but-the-kitchen-sink option that includes OEM add-ons to a developers’ option to a slim “networking” install. Most enterprise deployments would likely require a developer grouping for the initial installation because it contains necessary compilers, applications and development tools.
We installed Solaris 10 on all 10 of the 32-bit and 64-bit servers in our labs with only very minor problems. These servers ranged from Sun’s own AMD64-based V20z box to an HP-Compaq server with dual 733-MHz Pentium III processors. In our tests, the operating system chose the most appropriate drivers for the components in these disparate servers with only minor exceptions. Solaris 10 has a look and feel that’s similar to Solaris 9’s.
Both the Gnome-based Common Development Environment and Java Desktop System user interfaces are offered. The Sun Management Console — which can be invoked from either interface — controls users, groups, projects and system resources. However, this console doesn’t support applications needed to manage all of the functionality of Solaris 10. For example, to run encryption services or gather detailed disk and file information, you must use a command-line interface. Commercial Linux distributors have learned how to manage the myriad administrative options needed in a server operating system through GUI interfaces.
Solaris 10 supports directory services such as Network Information System and those based on Lightweight Directory Access Protocol. Even though Sun also provides Samba, the open source Microsoft Windows connectivity method, it offers no official support for it and only scant documentation. All three services’ implementations worked acceptably well. Solaris 10 is as fast as its Linux competition. The numbers posted by Solaris 10 and RedHat Enterprise Linux AS 4.0 in our series of Web transactional tests, in which both were running Apache 2.0.3 on the same Polywell 64-bit server, were very close across the board. We did find that Solaris had a small performance advantage when tested on Sun’s own V20z box.
Addressing security Solaris, since the release of Version 8, has supported role-based access controls via its Role Based Access Control (RBAC) mechanism. These Unix-based hierarchical roles — ranging from a lowly user or file to root-level rights that give a user or application full access to system resources — can be extended to users and application behavior. RBAC provides a method of setting up how those roles interact with other system resources to prevent an application or users from reaching out to use resources they are not entitled to use. This feature is similar to the security features of Red Hat’s SELinux implementation.
These RBAC role-based groupings can serve as the basis of a new security feature within Solaris 10, referred to as containers. Containers are objects that comprise users, applications and processes logically grouped to create virtual workspaces; or in Solaris 10 terms, projects on the same physical server. Projects map to the Linux Virtual Machines seen in SLES9. These virtual workspaces eschew the overhead of full server virtualization products, including VMWare GSX.
Overall, Solaris is a time-proven Unix platform, with a long legacy of stability. Solaris 10 has been tweaked for speed on generic PC-based hardware, and its new container methods show clear attention to security details. The price is certainly right — it’s free. What’s not free is the training needed to make many of the components sing.