Tuesday, October 16, 2012

Debug Oracle Linux with DTrace

For most Sun Solaris administrators dtrace is not having any secrets for years and it is a tool used by many to debug systems and improve code. dtrace, or in full, dynamic tracing framework, is developed by sun and has been released under CDDL license. Due to this dtrace can be found in mutliple UNIX (and UNIX like) systems, for example it has been ported to FreeBSD, NetBSD and Mac OS X and now also to Oracle Linux.

DTrace is designed to give operational insights that allow users to tune and troubleshoot applications and the OS itself.

Tracing programs (also referred to as scripts) are written using the D programming language (not to be confused with other programming languages named "D"). The language is a subset of C with added functions and variables specific to tracing. D programs resemble awk programs in structure; they consist of a list of one or more probes (instrumentation points), and each probe is associated with an action. These probes are comparable to a pointcut in aspect-oriented programming. Whenever the condition for the probe is met, the associated action is executed (the probe "fires"). A typical probe might fire when a certain file is opened, or a process is started, or a certain line of code is executed. A probe that fires may analyze the run-time situation by accessing the call stack and context variables and evaluating expressions; it can then print out or log some information, record it in a database, or modify context variables. The reading and writing of context variables allows probes to pass information to each other, allowing them to cooperatively analyze the correlation of different events.

Special consideration has been taken to make DTrace safe to use in a production environment. For example, there is minimal probe effect when tracing is underway, and no performance impact associated with any disabled probe; this is important since there are tens of thousands of DTrace probes that can be enabled. New probes can also be created dynamically.

Porting dtrace to Oracle Linux is making a lot of sense for Oracle as they now own Solaris after the merger with Sun. Having the option to build scripts in D and share them between implementations of Oracle Linux and Oracle Solaris is providing the Oracl community and Oracle support with the option to create scripts once and use them on the 2 primary operating systems produced by Oracle.

For those who are new to dtrace a good place to start is the DTrace QuickStart guide published on tablespace.net . In this guide you can see the benefits of using dtrace but also the potential security risks of dtrace when it can be used by everyone. As you can debug the operating system you can snoop information that is not intended for everyone. The example used in this guide is snooping the passwd password that is entered by a user when using passwd.

For those interested in how DTrace and the people behind porting DTrace to Oracle Linux, below is a video with Kris van Hees who has been working on the porting project within Oracle.

Video streaming by Ustream

No comments: