So, what's a guy to do?

https://unix.stackexchange.com/questions/465416/solaris-wont-update-because-ddt-incorporation-is-using-a-self-signed-certifcate
It seems that I cannot fix my problems without a contract, so I'll
have to do a fresh install of 11.4. That's not really a big deal,
my base server setup is pretty simple and pretty well documented
and scripted at this point.

I appreciate that a lot of you guys are under NDA or similar
and I understanding opinion-ating about this gets complex, so any
insight you can offer would be useful.

I see the desktop package cluster still exists to make an easy
admin entry point when necessary, though it looks like the
graphical package/update manager is gone. And the developer
gcc cluster is still there too, though it seems to have a new
name. Given those I feel reasonably confident in my skills to
compile what I was getting from opencsw for all those years
(shout out - you guys rocked it!). Do I go ahead and install
11.4, or do I rebuild my zpools now to migrate to the openzfs
world?

Is oracle going to keep this door open? Is Solaris going to
continue to be available for download for non-com purposes
for free? Will enough patches be made public that I'll have
a reasonably safe system? Will there continue to be a desktop
cluster? Will a compiler/developer cluster continue to be so
easily available?

Should I be migrating away from Solaris and towards something
else supporting openZFS now, or later? In a couple of years all
my current hard drives will reach critical ages and I'll be looking
to rebuild my spinning rust collection. Might then be the best
opportunity to migrate from Solaris ZFS to OpenZFS? My next system
upgrade will probably be off this motherboard so migration to new
hardware might be easier than upgrading in place...I've got 2
mellonox 10gb cards and a short piece of cable to help...

--joe

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Friday, April 10, 2020 at 2:37:28 PM UTC-7, Joe Reid wrote:

So, what's a guy to do?

https://unix.stackexchange.com/questions/465416/solaris-wont-update-because-ddt-incorporation-is-using-a-self-signed-certifcate
It seems that I cannot fix my problems without a contract, so I'll
have to do a fresh install of 11.4. That's not really a big deal,
my base server setup is pretty simple and pretty well documented
and scripted at this point.

I appreciate that a lot of you guys are under NDA or similar
and I understanding opinion-ating about this gets complex, so any
insight you can offer would be useful.

I see the desktop package cluster still exists to make an easy
admin entry point when necessary, though it looks like the
graphical package/update manager is gone. And the developer
gcc cluster is still there too, though it seems to have a new
name. Given those I feel reasonably confident in my skills to
compile what I was getting from opencsw for all those years
(shout out - you guys rocked it!). Do I go ahead and install
11.4, or do I rebuild my zpools now to migrate to the openzfs
world?

Is oracle going to keep this door open? Is Solaris going to
continue to be available for download for non-com purposes
for free? Will enough patches be made public that I'll have
a reasonably safe system? Will there continue to be a desktop
cluster? Will a compiler/developer cluster continue to be so
easily available?

Should I be migrating away from Solaris and towards something
else supporting openZFS now, or later? In a couple of years all
my current hard drives will reach critical ages and I'll be looking
to rebuild my spinning rust collection. Might then be the best
opportunity to migrate from Solaris ZFS to OpenZFS? My next system
upgrade will probably be off this motherboard so migration to new
hardware might be easier than upgrading in place...I've got 2
mellonox 10gb cards and a short piece of cable to help...

--joe

I think all the hobbyists have left.
If you're still developing on S11 pay attention to who your customer is.
If the customer has high-security requirements they have to meet then they're buying the support and you should be too. You can't develop on a platform
they aren't using.

With respect to the zpools, you should be encrypting them, and encrypting
the pools and swap with high-strength algorithms isn't easy and not well-documented. The training only covers low-strength default algos,
and storing the keys on-disk.
Key management is another problem. I think Oracle would really rather
you buy a storage appliance and a key management server.
To recap: What I consider hard is -
- Encrypting all zpools and swap with high-strength algos
- Storing keys in a way (a KMS) they are secure and they'll auto-unlock your zpools after every boot
- Doing it using HPE hardware, or SPARC hardware that's not under support.

I'm not sure who doesn't have high-security requirements and is still on Solaris nowadays.

I no longer have a job supporting Solaris hosts.
I went to using a FreeNAS mini box from ixsystems.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 10/04/2020 22:37, Joe Reid wrote:

So, what's a guy to do?

https://unix.stackexchange.com/questions/465416/solaris-wont-update-because-ddt-incorporation-is-using-a-self-signed-certifcate
It seems that I cannot fix my problems without a contract, so I'll
have to do a fresh install of 11.4. That's not really a big deal,
my base server setup is pretty simple and pretty well documented
and scripted at this point.

I appreciate that a lot of you guys are under NDA or similar
and I understanding opinion-ating about this gets complex, so any
insight you can offer would be useful.

I see the desktop package cluster still exists to make an easy
admin entry point when necessary, though it looks like the
graphical package/update manager is gone. And the developer
gcc cluster is still there too, though it seems to have a new
name. Given those I feel reasonably confident in my skills to
compile what I was getting from opencsw for all those years
(shout out - you guys rocked it!). Do I go ahead and install
11.4, or do I rebuild my zpools now to migrate to the openzfs
world?

Is oracle going to keep this door open? Is Solaris going to
continue to be available for download for non-com purposes
for free? Will enough patches be made public that I'll have
a reasonably safe system? Will there continue to be a desktop
cluster? Will a compiler/developer cluster continue to be so
easily available?

Should I be migrating away from Solaris and towards something
else supporting openZFS now, or later? In a couple of years all
my current hard drives will reach critical ages and I'll be looking
to rebuild my spinning rust collection. Might then be the best
opportunity to migrate from Solaris ZFS to OpenZFS? My next system
upgrade will probably be off this motherboard so migration to new
hardware might be easier than upgrading in place...I've got 2
mellonox 10gb cards and a short piece of cable to help...

--joe

Patches/SRUs are not publicly available.
You can use S11.x for non-commercial use (just about).

If you can't get any SRUs, then move away from S11 (unfortunately)


--
Bruce Porter
XJR1300SP, XJ900F, Pegaso 650 Trail (x2) one red one grey
POTM#1(KoTL), WUSS#1 , YTC#1(bar), OSOS#2(KoTL) , DS#3 , IbW#18 ,Apostle#8
"The internet is a huge and diverse community but mainly friendly" http://blog.maui.co.uk/index.php/ytc/
There *is* an alternative! http://www.openoffice.org/

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Saturday, April 11, 2020 at 12:57:53 PM UTC-5, YTC#1 wrote:

[no]

--
Bruce Porter

thanks. I will miss you guys.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 10/04/2020 22:37, Joe Reid wrote:

So, what's a guy to do?

Move on.

Should I be migrating away from Solaris and towards something
else supporting openZFS now, or later? In a couple of years all
my current hard drives will reach critical ages and I'll be looking
to rebuild my spinning rust collection. Might then be the best
opportunity to migrate from Solaris ZFS to OpenZFS?

There is no need to move away from Solaris, just Oracle's. I have moved
to OmniOS [1]. You have to remake the zpools. Any OS update is hard
work but I believe OminiOS is closer to Solaris 11.3 than the alternatives.


1. https://omniosce.org/

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

In article <r6upll$odr$1@dont-email.me>, James <news@oxdrove.co.uk> wrote: >You have to remake the zpools.

Possibly.
If the OP is still at zpool version 28, then any of the illumos
or any other OS with OpenZFS should be able to import.

John
groenveld@acm.org

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Sunday, April 12, 2020 at 6:16:56 AM UTC-5, John D Groenveld wrote:

In article <r6upll$odr$ 1@dont-email .me>, James <ne ws@ox drove.co .uk> wrote:

You have to remake the zpools.

Possibly.
If the OP is still at zpool version 28, then any of the illumos
or any other OS with OpenZFS should be able to import.

yeah, no:

$ zpool get version rpool
NAME PROPERTY VALUE SOURCE
rpool version 37 default


sounds like I should be investigating OmniOS...

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

In article <2d335e22-4d46-4d85-a133-e446e8854d2c@googlegroups.com>,
Joe Reid <downtownhippie@gmail.com> wrote:

sounds like I should be investigating OmniOS...

I have had success with OmniOS.
John
groenveld@acm.org

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Sunday, April 12, 2020 at 9:43:11 AM UTC-5, Joe Reid wrote:

$ zpool get version rpool
NAME PROPERTY VALUE SOURCE
rpool version 37 default

sounds like I should be investigating OmniOS...

I'd just like to circle back to this since I am currently in the middle of my migration. Using Sol 11.3 zpool,
zpool create -o version=28 will allow the creation a version 6(?) zfs filesystem BY DEFAULT. Open Indiana
will see the pool but not be able to mount the filesystem, and if you then upgrade that pool you will have
a pool with a filesystem that no operating system can mount - so glad I hadn't made irreversible data
decisions at that point...

zpool create -o version=28 -O version=5 <stuff>
zfs create -o version=5 <stuff>

As the docs read the, -o version=5 on zfs create is probably unnecessary after the -O version=5 on the zpool
create. But no trust at this point, I have to get the data moved, and securely, and my only choice is an in-place
data juggle.

I also tried specifying -o ashift=12 when building these pools and the Sol11.3 zpool command said ashift
was not an option.

I'll miss this community, it was a really nice place back in the late 90's and early 00's, and your general
good will towards each other was always decent, despite some differing opinions. I'm a few clicks away
from finishing my Open Indiana install. I picked the full desktop OI over the server OmniOS because I figure
I'll be happier in the long run if I just go ahead and install a more complete install. And mirrored SSD for OS
disk space is cheap.

My final Sol x86 config was an Asus Z97-WS motherboard with 32gb 1600DDR3 memory, an LSI9207-8i and
an LSI9211-4i, both fully populated with 2tb drives.. I have a 2nd LSI9207-8i on order and 9 new Toshiba 4tb
enterprise drives. It is a long way from the first x86 build I did in '06 or so - had to download and install some
Marvell 92xx series drivers for ethernet, had a couple 500gb drives.
My last SPARC was a Sunblade 1K as a SunRay server with an Ultra2 as a file server - fully loaded D1000.
Started with an IPX at home from work in '95 - finished Doom I on that IPX. Upgraded from the IPX to an
SS10, and eventually through a handful of SS20s - I think I owned nearly every CPU manufactured for that
thing over the time I owned them.

My admin user's home directory didn't get migrated. I backed it up as I started the process. It's still there,
on a pair of SSDs in a hard drive storage box, next to my previous retired x86 build. I don't think there's
anything missing; I don't think I'll boot them just to look - moving forward.

Larry, enjoy your yachts. Scott, the network really is the computer.
--
hippie joe
down town hippie at g ma il
h-town, tx

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)