Virtualization Terms 2 – It’s all about the Hypervisor

November 8th, 2012

A hypervisor is a layer of software that creates one or more virtual hardware systems. This allows multiple system images (operating system instances) to run at the same time (Wikipedia). Understanding how the hypervisor is implemented will let you predict the relative performance overhead compared to other forms of virtualization. It will also help you understand the features and limitations of each form. The table below sorts the different forms of virtualization from the more concrete (closer to the hardware) to the more abstract (further away from the hardware).


Product Names Location of HV Explanation
SunFire / M-Series
Dynamic System Domains
aka Hard Partitions
none HW routing to machine partitions
is done using HW only.
Oracle VM Server for SPARC
Xen / Sun xVM aka
Oracle VM Server for x86
kernel replacement aka Type 1
Linux KVM kernel integrated
Virtualbox / VMWare application aka Type 2
Solaris Zones aka Containers none HW resources are virtualized from the application
viewpoint, not from the kernel viewpoint.

Note: This is an update to a post two years ago.  This one supersedes the older post.

Stupid UNIX Tricks #1 : LANG and shell scripts

April 14th, 2012

If you’ve been using UNIX systems for a while (including Mac OS X, Linux or anything else remotely similar) you might know about the LANG environment variable.  It’s used to select how your computer treats language-specific features.  You can find out more than you ever wanted to know by looking here:

Mostly it doesn’t make much difference in your life, except there are two commonly used default settings.  One common setting is LANG=C which enables some very old-fashioned standard-conforming details and allows an implementation to skip lots of fancy language processing code.  Another common setting is LANG=en_US.UTF-8.  That setting tells the various system functions in libc to expect strings to be in a rich text format.

On the systems I use, it seems like the default is en_US.UTF-8.  But I suspect that most people must have LANG=C somewhere in their 20-year old .login files, because I occasionally run into bugs where some script doesn’t work right unless you have LANG=C.

Here’s an example:

% mkdir test; cd test; touch Caa cbb
% export LANG=C
% echo [c-d]*
% export LANG=en_US.UTF-8
% echo [c-d]*
Caa cbb

So the range of characters from ‘c’ to ‘d’ includes the letter ‘C’ if you are in the en_US.UTF-8 locale.  Ugh.  It’s easy to get that wrong in your shell script someplace, and people do.

Here’s an easier way to show why that happens:

% mkdir test1; cd test1; touch a A b B c C;
% export LANG=C
% ls
A  B  C  a  b  c
% export LANG=en_US.UTF-8
% ls
a  A  b  B  c  C

So you can see the sort order of strings used by the ls command matches the character order that the shell uses to expand the character range construct of glob regular expressions.  I suppose it’s consistent.  But it’s one of the things that makes it a challenge to write shell scripts that are robust and portable to different user’s environments.

Table Based Collaboration

January 23rd, 2012

I’ve been supporting our department wiki for many years now.  The most used feature is basic rich text, as you would expect, but the next most popular feature is tables.

Over time, I’ve identified a particular kind of collaborative function that people engage in when they are coordinating activities.  I don’t have a good name for activity, but I’ll call it “table based collaboration”.

In some corporate cultures this is till done by sending giant Excel spreadsheets around as email attachments.  This is the main option available when collab services (like wikis) are not available or practical for all the participants.  In this model, the owner of the process owns the spreadsheet makes the updates based on email received from the participants.

A more collaborative approach uses any form of wiki to create tables on wiki pages.  Depending on the data, it’s also possible to use a bulleted list format instead of a table, but the data itself and collaboration process is the same.  There’s a big jump in ease of use if the wiki supports rich text table editing.

I’ve tried about a half-dozen different wiki implementations of tables, and none of the rich text table editors are worth using in a produciton environment.  As soon as you do any kind of formatting, the entire table converts from wiki-syntax to raw html.  And after that point, the first formatting bug (that can’t be fixed by the rich text editor) becomes impossible to correct by direct-editing.

The lack of decent rich text table editing means that you need to stick with the wiki-syntax for tables, and edit them by hand.  This is workable, but forces the participants to have passable fluency in the wiki syntax and whatever foibles it has.

Another way of enacting table based collaboration is to use an actual database with a simple web interface.  We have several examples of this in my organization.  It’s generally implemented using an off-the-shelf database of some kind.  By definition, the table never needs to be joined with anything, and there’s only a single table.  If your “table based collaboration” sprouts any extra tables, then it turns into a “department web application” and it falls outside the realm of this discussion.

There are an endless supply of web application frameworks which have an simple process for creating a simple web app.  But the process of creating it still requires the owner of the process to learn the framework and generate the web app.  It also requires someone to set up and maintain the web application itself.  These solutions are not suitable for having a non-web-technical person set up a new table.

If you look at each of these mechanisms, each one has pros and cons.  Factors to look at are: 1) Does it require centralized infrastructure? 2) What are the platform/tool requirements placed on the participants?  The leader?

In the final analysis, I think something like a Google Docs spreadsheet provides a sweet spot of accessibility, formating and overhead.  Unfortunately, it’s not appropriate for a department-level solution.  Using Google Apps for proprietary company data needs to be approved as a company-wide policy, you can’t just download it and start using it.  Approving it for use for company business is appropriate for some companies, and not for others.

What I’ve been looking for is a web-application that allows end users to define a set of columns using basic types (string, date, enumeration, etc) and provides a simple spreadsheet-like interface for adding/removing/modifying data.

I’ve been so frustrated recently that I’ve been thinking about recommending that people go back to mailing around OpenOffice spreadsheets.  Some general purpose wikis get by with less-than-ideal behavior when two people make updates at the same time. So, in some cases the collaborative aspect of the solution (like wiki tables) costs more in synchronization headaches than what it would cost to have one person do all the updates.


Oracle Solaris 11 Networking — Where do I start?

December 27th, 2011

If you’re confused by the changes to network configuration in Solaris 11 (and who isn’t?) then this is a good place to start.

The online reading interface seems to be responsive and well formatted, so I read the first few pages in my browser.  It does a good job of giving you an overview at the start so you can understand the way the new commands and modes fit together.

Is shell history an anachronism?

September 16th, 2011

I work in an environment that has user home directories shared over NFS.  I always thought that kind of made the normal shell history mechanism fall on it’s face.  None of the shells I’ve seen will actually do the hard work of synchronizing the shell history file to collect data from multiple different hosts in one file.  It even falls apart when you have multiple term windows open on one machine.  Many years ago I realized I didn’t want my shells writing frequently to my home directory over NFS, so I relocated my history file to /tmp.  This means I’ll get history restored when I log into the same machine (until it gets rebooted) but it’s put luck which session on the same machine saved it’s history last.  Bash is my normal shell these days, and it has a lot of features to tweak and manipulate the history, but none of the features seem to deal with the inherent sync issues.  I suspect everyone uses history within their current shell session, and nobody much cares if it is saved or not.

The reason I care is because I’m looking at using it as a platform to associate command history with logical projects.  It’s an interesting idea, but I’m surprised the whole mechanism is so poorly adapted to modern environments.

OpenSolaris Solaris 11 : NWAM messed up my network, how do I fix it?

November 21st, 2010

This post is intended as a “google aid”.  Hopefully by giving this blog post a provocative title, I’ll get the right kind of people reading it.  Specifically, people who are frustrated with NWAM.  NWAM is a Solaris 11 feature, and it stands for “Network Auto-Magic.” I’ve had several run-ins with NWAM over the last year or two, and I finally got pointed at some documentation. I want to pass on the documentation, and I want to help to get this documentation higher in the google rankings when people search for NWAM.

The manual you want to look is has the name: System Administration Guide: Network Interfaces and Network Virtualization.  You can find it here (link).  You can download it in PDF form if you want to, and go straight to the chapter on Network Auto-Magic.  That should help you come up to speed on what it is.

Hopefully I’ll have a chance to post more about my specific problems and solutions, I’m currently trying to get NIS set up to work correctly in client mode.

The everpresent “util” module.

September 12th, 2010

Every major library or application I write seems to have a module named “util” these days.  I think it represents a kind of “impedance mismatch” between the platform I’m using (C runtime, C++ runtime, python standard libraries) and the platform I *wish* I were using.

Recently, I’ve been writing python code that runs lots of little UNIX utilities.  You know, like: find, ls, chmod, etc, etc.  It’s the kind of code that might also be written as a shell script, but python is much nicer when the program gets larger than about a page.  If you’re running lots of utilities, you want a variety of ways to interact with them.

Sometimes, you don’t want to send it any input, sometimes you do, sometimes you are expecting one line of output.  Sometimes you’re expecting a list of lines.  Sometimes you’re going to check the return code, sometimes you’re not.  These functions are all just small wrappers around calls to the python subprocess module in python.  But if you’re writing a lot of code that uses them, it’s important to make that code readable, so you want to streamline away most of the goop for dealing with the subprocess module.

I have utility routines for creating temporary files and removing them all when the program exits. There are routines to keep me from adding a lot of obscure import statements to the top of most of my modules.

Here’s some examples of what I’m using for now:

def gethostname():
   from socket import gethostname
   return gethostname()

def timestamp():
   import datetime
   return str(

Here’s a recipe that I got from  I wanted the equivalent of “mkdir -p”, and you need a few lines to do that in python.

def mkdir_p(dir):
  import errno
  except OSError, exc:
    if exc.errno == errno.EEXIST:

There’s also code to do things that I’m convinced must have a better answer in python, but I haven’t found it yet.  So I isolate the hack to the until module.

def is_executable(file):
  S_IEXEC = 00100
  mode = os.stat(file).st_mode
  return mode & S_IEXEC

Moving code in and out of my util module also prevents me from worrying so much about obscure modularity issues. Any code I don’t want to worry about today goes into the util module. When I know where it belongs, I can easily move it later. Of course, that’s much easier to do with python than in a language that uses header files like C or C++.

On Iteration by Andrei Alexandrescu

June 23rd, 2010

I just finished reading a great article on iterators by Andrei Alexandrescu.  Mr. Alexandrescu is a contributor to the D programming language.  In this paper, he discusses the background of iterator implementations including C++ STL iterators, and then goes on to outline a new model for iterators.  It’s very readable, I recommend it.

To get a more readable all-in-one page, click on the “print” link on the page above, or go here:

Charles Stross on EBooks

June 18th, 2010

I just read a nice essay by science fiction author Charles Stross about EBooks.  As usual, he presents a very lucid and entertaining look into the world of publishing.

CMAP #9: Ebooks

Virtualization terms

June 16th, 2010

Update: A newer version of this post (find it here) was recently created. 2

Okay, before I forget, I’m writing it all down.

We have to test against all this stuff, and it’s becoming more and more convenient to use virtualization as a way to share lab resources, so I figured I’d go make sense of all the terminology that’s flying around.  I understood 80% of it, but I could never understand all of it at once.  A lot of this was extracted from Wikipedia.

Here are the things that affect my life: Xen, VirtualBox, VMWare, LDOMs, Zones, Containers.

Hypervisor : Software that emulates a hardware platform, so that Operating Systems can run on top of it, as if they had hardware to run on.

OS Virtualization: When you have one OS (one kernel) running multiple user-spaces. Applications think they are on separate machines.

There are two kinds of Hypervisors, some run directly on hardware (Type 1), and some run as applications (Type 2).

With those terms defined, here is a description of the technologies, features, products that I listed at the top:

  • Hypervisors:
    • Running on hardware – Type 1 Hypervisor
      • Xen: Hypervisor that runs on hardware, supports x86 (aka Sun xVM)
      • LDOMs: Hypervisor that runs on hardware, supports SPARC
    • Running as an application – Type 2 Hypervisor
      • VirtualBox: Hypervisor that runs as an application, supports x86
      • VMWare: Hypervisor that runs as an application, supports x86
  • OS Virtualization
    • Solaris Containers/Zones

The terms “zone” and “container” seem to interchangeable. I have not found a source that is both clear and authoritative that can tell me the difference.

Zones are capable of running different versions of Solaris inside one Global OS instance.

There are lots of things I glossed over here, but my goal was keep it short and sweet.


  • You can run a specific old version of Linux inside a Solaris zone.
  • The VMWare company probably supports products on other chips than x86
  • There are lots of differences between the features of Xen and LDOMs that I didn’t discuss