Last week we installed a Solaris 9 branded zone. It is easy to do it, but in the end we recommended to our client to use a real machine with a native Solaris 9 installation. There is too much broken:
- Start scripts (like the one for cron) use the -P 1 option to pkill. This means only kill if the parent PID is 1. In a zone this is not valid, and as such cron (and other daemons) do not get stopped, respectively a check if it is already running at the start fails and cron can be started multiple times. There are already some patches which get automatically deployed during the first boot of the Solaris 9 branded zone, but there are still several easy to detect bugs around.
- SNMP does not work out of the box. A colleague tried to get it running, but he failed. Googling for the error message shows two hits. One hit is a link to the source, and another one is a report of a person which has the same problem. MAybe we could get net-snmp up and running, but we didn’t test this, as we want to have our Solaris 9 systems similar (fewer changes and special cases for cfengine… it is already not easy to understand for some colleagues as it is).
- There is no documentation how to handle the first setup automatically. We think we can handle it by extracting all files from the Solaris 9 flar we downloaded from Oracle for this installation, modifying the contents (e.g. adding a sysid.cfg), and creating a flar again. We did not try to do it.
All this we detected in less than half a day of the first playing around with it. To us Solaris 9 branded zones are more like alpha or beta quality features. We gave the recommendation to our boss to tell the client that we do not think this is a production ready feature, and if the client insists on using a Solaris 9 branded zone we can not really accept to handle it within the normal SLA.
So far we did not report any of the above problems to Oracle. Those problems are directly visible if you try to integrate a Solaris 9 branded zone into a good enterprise class environment, so it looks to me as there is no real production quality testing done on the side of Oracle. To me this means there is no real commercial interest. It also means that there are probably a lot of uncovered problems, which is a nightmare to handle in a production environment.