mitec w-210a-1 - aix update - 6-7-2011 - gomitec.com presentations/rick milton mitec w...workload...
Embed Size (px)
TRANSCRIPT
© 2010 IBM Corporation
© 2008 IBM Corporation
Name: Dave Levites, IBM
Title: Power Systems Architect
email: [email protected]
AIX Update
MITEC Session W-210A-1June 7, 2011
© 2011 IBM Corporation
IBM Power SystemsThe Fountainsof
Aix (-en-Provence)
© 2011 IBM Corporation
IBM Power Systems
The Foundations of AIX
Core
L3
MC0 MC1PowerBus
GX
EI3 (Elastic Interface) I/O
EI3 (Elastic Interface) I/O
Mem
ory
I/O
Mem
ory
I/O
Mem
ory
I/O
Mem
ory
I/O GX
L2
� Cores: 8
� L2: On Chip
� L3: On Chip
� Technology: 45nm
� Transistors: >1B
� Size: 567 mm2
The POWER Chip
The POWER System Family
POWER VM
© 2011 IBM Corporation
IBM Power Systems
Trends in Information Technology
Changes in I/O• More memory to avoid I/O• Faster SSD drives• Growth in on-line storage capacity• Converged networks• Increased use of I/O virtualization• Pools of storage
Increased security focus• Broader use of encryption –
driven into hardware
Increased automation• Use of pre-built images• Self optimizing components• Standardization
Increased Scalability• Multi-core chips• Increased threading
Advanced virtualization• Pools of resources• Device and HW generation
independence• Broader use of mobility• Other technologies such as
WPARs
Image Library
Tools
Virtualization Software
Pool of Servers
SWImageSW
ImageSWImage I/O
Pool of Storage
© 2011 IBM Corporation
IBM Power Systems
Trends in Information Technology
Changes in I/O• More memory to avoid I/O• Faster SSD drives• Growth in on-line storage capacity• Converged networks• Increased use of I/O virtualization• Pools of storage
Increased security focus• Broader use of encryption –
driven into hardware
Increased automation• Use of pre-built images• Self optimizing components• Standardization
Increased Scalability• Multi-core chips• Increased threading
Advanced virtualization• Pools of resources• Device and HW generation
independence• Broader use of mobility• Other technologies such as
WPARs
Image Library
Tools
Virtualization Software
Pool of Servers
SWImageSW
ImageSWImage I/O
Pool of Storage
© 2011 IBM Corporation
IBM Power Systems
The Foundations of AIX - The POWER Chip
© 2011 IBM Corporation
IBM Power Systems
POWER Processor Technology RoadmapProven track record of innovation
2004 2001 2007 2010
POWER4180 nm
� Dual Core � Chip Multi Processing� Distributed Switch� Shared L2� Dynamic LPARs (32)
POWER5130 nm
�Dual Core�Enhanced Scaling�SMT�Distributed Switch +�Core Parallelism +�FP Performance +�Memory bandwidth +�Virtualization
POWER665 nm
� Dual Core� High Frequencies � Virtualization +� Memory Subsystem +� Altivec� Instruction Retry� Dyn Energy Mgmt� SMT +� Protection Keys
POWER745 nm
� Multi Core� On-Chip eDRAM� Power Optimized Cores� Mem Subsystem ++� SMT++� Reliability +� VSM & VSX� Protection Keys+
POWER8
Future
© 2011 IBM Corporation
IBM Power Systems
8
IBM’S 10-year march to UNIX leadership
15%
20%
25%
30%
35%
40%
45%
Q10
0
Q300
Q101
Q30
1
Q10
2
Q30
2
Q10
3
Q30
3
Q104
Q304
Q10
5
Q30
5
Q10
6
Q30
6
Q10
7
Q307
Q108
Q30
8
Q10
9
Q30
9
Q11
0
HP Sun IBM
UNIX Server Rolling Four Quarter Average Revenue Share
POWER4Dynamic LPARsDynamic LPARs
POWER6Live Partition Live Partition MobilityMobility
POWER5MicroMicro--PartitioningPartitioning
POWER7Workload Optimized Workload Optimized LeadershipLeadership
dot.com bubbleburst
global economic recession
…the largest shift of customer spending in UNIX history
© 2011 IBM Corporation
IBM Power Systems
The Foundations of AIX - POWER System Family
© 2011 IBM Corporation
IBM Power Systems
10
Power Systems server portfolio
Power 755
Power 770
Power 795
High Performance Computing
Power 730
PS Blades
Power x75
Power 710
Power 780
Power 750Power 740Power 720
PCIe SSD
POWER7 processor-based product line rolled out in 2010, enhanced in 2011
(4-8 core) (8-32)(4-16 core)
(6-256)
(4-32 core)
(32-core)
© 2011 IBM Corporation
IBM Power Systems
11
AIX support for POWER7 Processor Modes
POWER6 & POWER6+ MODE POWER7 MODE POWER7 Client Value
AIX 5.3 AIX 7 & AIX 62-Thread SMT 4-Thread SMT �Throughput performance,
processor core utilization.
Affinity OFF by Default 3-tier Memory, MicroPartition
Affinity
� Improved system performance
for system images spanning
sockets and nodes.
32-core/64-thread Scaling
64-core/128-thread Scaling
32-core / 128-thread Scaling
64-core / 256-thread Scaling
256-core / 1024-thread Scaling
(with AIX 7)
�Performance and Scalability for
Large Scale-Up Single System
Image Workloads (e.g. OLTP,
ERP scale-up, WPAR
consolidation).
EnergyScale CPU Idle EnergyScale CPU Idle and Folding
with NAP and SLEEP
� Improved Energy Efficiency
Active Memory Expansion �Additional memory for
applications
You need more than AIX 5.3 to get the most out of POWER7!You need more than AIX 5.3 to get the most out of POWER7!You need more than AIX 5.3 to get the most out of POWER7!You need more than AIX 5.3 to get the most out of POWER7!
© 2011 IBM Corporation
IBM Power Systems
12
AIX 7 Power System Hardware Support
� Systems based on POWER4, PowerPC® 970, POWER5, POWER6 and POWER7 processors are supported
� 32 and 64-bit applications will continue to run unchanged on AIX 7
� 64-bit kernel only
*Complete details on AIX binary compatibility can be found at http://www.ibm.com/servers/aix/os/compatibility/
© 2011 IBM Corporation
IBM Power Systems
13
AIX 7* Hardware Enablement and Support
� Terabyte Segment support
– Designed to improve performance for workloads that use large amounts of memory
� Larger LPARs
– 1024 threads, 256 cores
� AIX kernel memory pinning
– AIX 7 memory pinned by default to enhance performance
� HW acceleration for Encrypting Filesystems, IPSec and Trusted Execution
– Reduce processor workload for encryption
� LVM Solid State Disk Support
– SSD only Volume Groups, enhancements to filemon to identify SSD candiates
� Shared Memory interface to Barrier Synchronous Register
– Reduce need for kernel extensions for BSR access
* These features are also available in AIX 6 Technology Level 6
© 2011 IBM Corporation
IBM Power Systems
The Foundations of AIX - POWER VM
© 2011 IBM Corporation
IBM Power Systems
15
PowerVM Virtualization Architecture
Networks and network storage
On demand
resources
Power Hypervisor
Serviceprocessor
Processors
Memory
Linuxpartitions
Virtual Network
AIXDedicatedpartitions
Expansion slots
Virtual processors Virtual adapters
Local devices & storage
Workload management and provisioning
WPAR
WPAR
WPAR
VirtualI/O
server
Virtualnetwork
& storage
SLICLinuxkernels
AIX Shared partitions
AIXkernels
VirtualI/O
server
Virtualnetwork
& storage
IBM i
© 2011 IBM Corporation
IBM Power Systems
16
AIX Workload Partitions (WPAR)
� WPARs are designed to save administrator work by reducing the number of AIX instances to patch
� WPARs have much lower memory resource requirements: 68 MB vs 1GB for an LPAR
� WPAR takes seconds to create and LPARs minutes
� Application mobility much simpler to organize than LPM
� Lots of WPARs on one AIX is simpler to monitor and control than monitoring across many LPARs.
� Rapid cloning is easy and lets you use "disposable images" -simple to create, experiment and throw away
�Virtualized AIX operating system environments within a single AIX image
�Each WPAR shares the single AIX operating system
�AIX 7 added the capability to run AIX 5.2 in a WPAR*
�Applications and users inside a WPAR cannot affect resources outside the WPAR*
�Each WPAR can have a regulated share of processor, memory and other resources
�Two types of WPAR
- System WPARs have separate
security and appear like a
completely separate OS
- Application WPARs are
manageability wrappers around a
single application
Top reasons to use WPARsWhat is it?
* Requires purchase of the AIX 5.2 WPARs for AIX 7 product
NetworksDisk or NFS storage NetworksDisk or NFS storage
© 2011 IBM Corporation
IBM Power Systems
17
AIX Workload Partitions can be used in LPARs
LPAR
AsiaLPAR LPAR
EMEA
LPAR
Americas
VIO
Server
Dedicated
Processor
LPAR
Finance
Dedicated
Processor
LPAR
Planning
WPAR #1Business
Intelligence
WPAR #1MFG
WPAR #2Planning
WPAR #1eMail
WPAR #3Billing
WPAR #2Test
Micro-partition Processor Pool
POWER Hypervisor™
© 2011 IBM Corporation
IBM Power Systems
18
PowerVM Live Partition Mobility
�Can make it easier to consolidate workloads from underutilized servers by facilitating the transfer of workloads with almost no end user impact
�Can provide increased flexibility to manage workloads by easily moving the workload to another system
�Facilitates increased reliability by allowing workloads to be moved away during planned outages
�PowerVM Live Partition Mobility can provide for a much more flexible and responsive IT infrastructure by reducing the cost and risk of rebalancing workloads
�A PowerVM Enterprise Edition feature that allows an entire Logical Partition (LPAR) to be relocated from one system to another with almost no impact to the end user
�The end user effect is a single delay of two seconds when the relocation is completed
�Supported by AIX 7, AIX 6, AIX V5.3 and Linux®
�PowerVM Live Partition Mobility requires that all I/O be virtualized through the Virtual I/O server at the time of the relocation
How it can help?What is it?
Movement to adifferent server with no loss of service
Virtualized SAN and Network InfrastructureVirtualized SAN and Network Infrastructure
Live Partition Mobility requires the purchase of the optional PowerVM Enterprise Edition.
© 2011 IBM Corporation
IBM Power Systems
19
WPAR Shared Applications Enables Administrative Efficiency
Workload
Partition
App Server#1
Workload
Partition
Billing
WorkloadPartition
BI
Global filesystems/
/etc
/usr application code
/opt application code (or here)
/var
/tmp
/appserver application code (or here)
System WPAR filesystems/ r/w - unique per WPAR
/etc r/w - unique per WPAR
/usr r/o from global (typically)
/opt r/o from global (typically)
/var r/w - unique per WPAR
/tmp r/w - unique per WPAR
/appserver r/o from global
/config r/w uniq per WPAR (example)
Global FS
//etc/usr/opt/var/tmp/appsvr
WPAR FSApp Server 1
WorkloadPartition
App Server
#2Workload
Partition
Web
Server
Application installed in Global instance and used by multiple WPARs
WPAR FSApp Server 1
/
/etc
/var
/tmp
/config
/
/etc
/var
/tmp
/config
NFS
AIX global Instance
© 2011 IBM Corporation
IBM Power Systems
20
AIX 7 WPAR Enhancements
� Export of Fibre channel adapters to WPARs – NPIV-like, but can work on any Fibre Channel adapter
– Adds support for Fibre Channel tape
� Kernel Extensions for WPARs– Trusted kernel extensions may be loaded by the WPAR administrator
– Extensions can be only for one WPAR or for entire system
� Support for VIOS disks in WPARs – VSCSI disks can be exported to a WPAR
– This feature also available in AIX 6 Technology Level 6
� Run AIX 5.2 inside of a Workload Partition– Consolidate older environments on POWER7 processor-based systems
– Requires AIX 5.2 WPARs for AIX 7 – available separately from AIX 7
© 2011 IBM Corporation
IBM Power Systems
21
When to use Workload Partitions
Requirement MicroPartitions Workload Partitions
Hardware enforced Isolation
Minimal number of AIX images
Server Consolidation
Greatest Flexibility
Cross system workload management
Move workload between systems
Most efficient use of hardware resources
Run AIX V5.2 on POWER7
�
�
�
�
� �
�
��
�
�
© 2011 IBM Corporation
IBM Power Systems
22
AIX Live Application Mobility
�Can make it easier to consolidate workloads from underutilized servers
�Can provide increased flexibility to manage workloads by easily moving the workload to another system
�Facilitates increased reliability by allowing workloads to be moved away during planned outages
�Automated, policy based relocation can reduce administrative workload
�Provides a way to manage availability and workload of your IT infrastructure without significantly impacting end users
�The capability to relocate a running Workload Partition from one system to another without restarting the application
�The application running inside the WPAR resumes running after the relocation is complete
�Works with systems based on POWER7, POWER6, POWER5 and POWER4 processors
�Requires the IBM PowerVM Workload Partitions Manager for AIX product, a Systems Director advanced manager
�Manual or automatic, policy based relocation
How it can help?What is it?
WorkloadPartition
QA
AIX # 2
WorkloadPartition
Data Mining
Workload
PartitionApp Server
WorkloadPartition
Web
AIX # 1
WorkloadPartition
Dev
Workload
Partitione-mail
PowerVM™
WorkloadPartitionsManager
for AIX
Policy
WorkloadPartition
Billing
Shared Storage (SAN or NFS)
© 2011 IBM Corporation
IBM Power Systems
23
Live Application Mobility
Live Mobility on Power Systems
Movement of the OS and
applications to a different server with no loss of service
Virtualized SAN and Network Infrastructure
PowerVM Live Partition Mobility
• Move an entire Logical Partition from one system to another while it is running with almost no impact to end users
• Moves the entire LPAR including the operating system
• Requires systems based on the POWER6 or POWER7 processors, PowerVM Enterprise Edition, and all I/O must be through the Virtual I/O Server
• Works with partitions running AIX 7, AIX 6, AIX V5.3 and Linux
Live Partition Mobility
AIX Live Application Mobility
• Move a Workload Partition from one AIX system to another AIX system while running with almost no impact to end users
• Moves only the WPAR, the AIX operating system is not moved
• Requires the PowerVM Workload Partitions Manager, and all WPAR filesystems must be on shared storage
• Works on systems based on POWER4 processors and later
Potential Benefits
Improved application availability
Energy saving
Better workload management
WorkloadPartition
QA
AIX # 2
Workload
Partition
Data Mining
Workload
Partition
App Server
WorkloadPartition
Web
AIX # 1
WorkloadPartition
Dev
Workload
Partition
PowerVM™
WorkloadPartitionsManager
for AIX
Policy
WorkloadPartition
Billing
Shared Storage (SAN or NFS)
© 2011 IBM Corporation
IBM Power Systems
24
AIX 5.2 WPARs for AIX 7
� Client simply backs up existing legacy AIX 5.2
environment and restores into an AIX 7 WPAR
� Client applications continue to run in AIX 5.2
environment with AIX 5.2 libraries
� The SWMA for this offering will also provide how-
to and limited defect support for the AIX 5.2
operating system
� POWER7 exploitation: SMT4, VIOS, Micro-
Partitioning and Live Mobility
Separately charged offering, built on AIX 7 that allows customers to migrate their old, unsupported AIX 5.2 workloads to POWER7
POWER7
AIX 5.2 Versioned
Environment
5.2 syscall compatibility layer
AIX 7 Native Environment
AIX 7 native syscalls
WPARA
/ /var
/tmp
/home
WPARB
/ /var
/tmp
/home
WPARD
/ /var
/tmp
/home
WPARC
/ /var
/tmp
/home
AIX 7 Kernel
/usr/opt
/usr/opt /usr
/opt
mksysb
backup
fromAIX 5.2
legacysystem
Customer value:
� Simplify consolidation of old workloads on new hardware� Protects customer investment in application stacks� Provides a way for AIX 5.2 clients to move up to POWER7
© 2011 IBM Corporation
IBM Power Systems
AIX Roadmap
© 2011 IBM Corporation
IBM Power Systems
26
Network CentricComputing
AIX V2 & V3Establishment in the market:
- RISC Support
- UNIX credibility
- Open Sys. Stds..
- Dynamic Kernel
- JFS and LVM
- SMIT
AIX V3.2.5Maturity:
- Stability
- Quality
AIX V4.1/4.2SMP Scalability:
- POWERPC spt.- 4-8 way SMP- Kernel Threads- Client/Server pkg- NFS V3- CDE - UNIX95 branded- NIM- > 2GB filesystems-HACMP Clustering- POSIX 1003.1, 1003.2, XPG4- Runtime Linking - Java 1.1.2
AIX V4.3Higher levels of
scalability:- 24-way SMP- 64-bit HW support- 96 GB memory- UNIX98 branded- TCP/IP V6- IPsec- Web Sys. Mgr.- LDAP Dir. Server. - Workload Mgr- Java JDT/JIT- Direct I/O- Alt. Disk Install- Exp/Bonus CDs
Distributed Client-Server
19861986--19921992 19941994--19961996 19971997--19991999
Flexible Resource Management:
- POWER4+ spt.- Dynamic LPAR- Dynamic CUoD- New 64bit kernel- 512GB mem- JFS2 - 16 TB filesystems- UNIX03 branded- Concurrent I/O- MultiPath I/O- Flex LDAP Client- XSSO PAM spt
e-Business Computing
Open Systems
Workstations
AIX Evolution – Over Twenty years of Progress
AIX/6000
Uni-processor 4-8 way SMP 24-way SMP 32-way SMP
AIX 7Future of UNIX:-256 core/1024 tread scalability-POWER7 Exploitation-Domain based RBAC- AIX Profile Manager-WPAR enhancements-AIX 5.2 in a WPAR-PowerVM virtualized storage-LVM SSD support-Terabyte segment
20102010
On DemandBusiness
20012001--20022002
64/256-way SMT
AIX 5L V5.3Advanced
Virtualization:- POWER5 support- 64-way SMP- SMT- MicroPartitions™
- Virt I/O Server- Partition Load Mgr- NFS Version 4- Adv. Accounting- Scaleable VG- JFS2 Shrink- SUMA - SW RAS features- POSIX Realtime
20042004--20052005
AIX 5L V5.1/5.2
SmarterPlanet
20072007
AIX 6Enterprise RAS:-POWER6 support-Workload Partitions-Application Mobility-Continuous Avail.
-Storage Keys -Dynamic tracing-Software FFDC-Recovery Rtns-Concurrent MX
-Trusted AIX-RBAC-Encrypting JFS2-AIX Security Expert-Director Console
New Enterprise Data Center
1024-way SMT4
© 2011 IBM Corporation
IBM Power Systems
2010 2011 2012 2013 2014 2015 2016 2017 2018 2019 2020 2021 2022 2023
AIX
7.1 & EE
GA 9/10
AIX
6.1 & EE
GA 11/07
AIX 5.3GA
08/04
AIX 5.2GA10/02
EoL9/22
New AIX Release Plan
EoS 9/18EoM 04/17
EoM 04/14 EoS 9/15
EoM 04/08 EoS 04/09
EoM 04/11 EoS 04/12
EoL4/19
EoL04/16
EoL04/13
*All statements regarding IBM's future direction and intent are subject to change or withdrawal without notice, and represent goals and objectives only.
-Marketed & serviced -Fee-based service extension
-Serviced only -Web support only
-Technology Level Update
-Last TL Update
© 2011 IBM Corporation
IBM Power Systems
28
AIX & Power Systems Security Certifications
AIX 5200-06 CAPP/EAL4+Application: 01/11/05Final report: 10/26/05Certificate: 12/14/05
AIX 5L 5200-05 andPitbull LSPP/EAL4+
Application :01/11/05Certificate issued: 05/16/06
AIX 5300-05 LSPP/EAL4+
Pitbull product Supports P5, P4Certificate issued: 12/19/06
Pitbull MLS Ported to AIX 5300-03
Pitbull product available to customers Dec 31, 05
AIX 5300-04 CAPP/EAL4+Supports P5, P4Certificate issued: 12/19/06
AIX 7100-00) CAPP/RBACPP/LSPP/EAL4+
Supports P7, P6, P5, P4
Legend
AIX V5.2AIX V5.3
AIX 6AIX 7 (Planned)
VIOS
POWER6
Certification History
AIX 4.2 C2: Apr 24, 1997
AIX 4.3 C2: May 6, 19987
AIX 5.2 CAPP/EAL4+ : Nov 4, 2002
POWER4 HW CAPP/EAL4+ : Apr 2003
AIX 5.2 ML1 CAPP/EAL4+ : Sept 8, 2003
AIX 5.2 ML6 CAPP/EAL4+ : Dec 14, 2005
AIX 5.2 ML5 and Pitbull LSPP: May 16, 2006
AIX 5.3 TL5 and Pitbull LSPP: May 16, 2006
AIX 5.2 TL4 & VIOS CAPP/EAL4+: Dec 16, 2006
POWER6: Dec, 2007
AIX 6: May 26, 2008
AIX 7: Planned 2011*All statements regarding IBM's future direction and intent are subject
to change or withdrawal without notice, and represent goals and objectives only
VIOS EAL4+Included with AIX 53.00-04 CAPP/EAL4+
POWER6 Hardware EAL4+
Dynamic LPAR with MicroPartitioning
AIX 6100-00) CAPP/RBACPP/LSPP/EAL4+
MLS capabilities integrated into standard AIX product
One certification for 3 Protection Profiles
Supports P6, P5, P4
2006 2007 20112005
© 2011 IBM Corporation
IBM Power Systems
29
AIX is available in three different editions:
– AIX Standard Edition• Suitable for most UNIX workloads
• Vertical scalability up to 256 cores (AIX 7) 64 cores (AIX 6)
– AIX Enterprise Edition• AIX plus enterprise management
• Includes AIX Standard Edition plus
Systems Director Enterprise Edition and
the Workload Partitions Manager for AIX
• Vertical scalability up to 256 cores (AIX 7) 64 cores (AIX 6)
– AIX Express Edition• Lower priced edition targeted a low end servers and
consolidation of smaller workloads on larger servers
• Includes most of the functionality of AIX Standard Edition
• Vertical scalability is limited to 4 cores and 8GB of memory per core in a single partition
• Clients can use multiple AIX Express Edition partitions in a single larger server
Clients can mix multiple AIX editions in the same server
AIX Editions
AIX StandardEdition
AIX EnterpriseEdition
AIX ExpressEdition
Note: AIX V5.3 is only available in a Standard Edition
© 2011 IBM Corporation
IBM Power Systems
AIX Recent Enhancements
© 2011 IBM Corporation
IBM Power Systems
31
AIX Encrypting Filesystem
�Enables improved security by reducing unauthorized access to data, even by privileged users
�Secure backups reduces the exposure of data compromised when backup media is taken outside of secure facilities
�Automatic management of protection keys can reduce the administrative effort of using encrypted data
�Provides the capability for additional security for applications that may have security design exposures
�Automatically encrypt data in a JFS2 filesystem
�Data can be protected from access by privileged users
�Backup in encrypted or clear formats
�Automated key management -integrated into AIX security authentication
�Each file encrypted with a unique key
�Hardware offload to Cryptographic adapter
�No keys stored in clear in kernel memory
�A variety of AES, and RSA cryptography keys supported
How it can help?What is it?
Always encrypted on disk
Data in clear in memory.
VMM
J2
Filesystem
CLiC
Crypto Lib
User and Group Key Stores
Crypto Kernext
Kernel ucred open key store
Login Authentication Module
Key Store
Mgt Cmds
BOS Cmds
Backup/Restore
Cp, mv, crfs, etc
© 2011 IBM Corporation
IBM Power Systems
32
AIX Security Expert
�Can reduce the cost and complexity of security administration by allowing federated management of security profiles across multiple servers
�Enables a more secure IT infrastructure by reducing the effort of maintaining system security
�“Check” functionality can provide additional security by validating that the security profile for each system matches the actual security settings
�Allows for new ways to efficiently manage security across multiple AIX systems
�A centralized security management tool that can control over 300 security settings from a single console
�Administrators can start from a “Low”, “Medium”, “High” or “Sarbanes-Oxley” security template and customize settings to met business requirements
�Security settings can be exported and imported as a security profile to multiple systems
�Security profiles can be stored in an LDAP directory for ease of distribution
�AIX Security Expert was first included in AIX V5.3 TL5
How it can help?What is it?
© 2011 IBM Corporation
IBM Power Systems
33
AIX Role Based Access Control (RBAC) with Domains
�Can reduce the cost and complexity of security administration by allowing secure delegation of administrative tasks to non-privileged users
�Enables a more secure IT infrastructure by reducing the need for so many privileged
administrators
�Assigning roles to programs can reduce the
need for security exposures such as the use of setuid for programs
�Allows for new ways to delegate administration
duties between system administrators and non-administrative users
�A capability of AIX that allows privileged administration tasks to be delegated to non-privileged users
�Access to system resources are associated with roles that are assigned to non-privileged users
�Many roles are predefined which can reduce the effort of implementing RBAC
�Roles can also be associated with programs
�Domain access can further limit administrators to only work with resources for a particular organization (AIX 7/AIX 6 TL6)
How it can help?What is it?
UsersUsers Roles
AIX
Resources
AIX
Resources
BACKUP
Company A
DBA
Company A
BACKUP
Company Z
Company Z
Data
DBA
Company Z
Company A
Data
Domain support Provides more granularityfor multi-tenant IT shops
© 2011 IBM Corporation
IBM Power Systems
Cluster Aware AIX
� Easily create clusters of AIX instances – Simplify cluster configuration, construction, and maintenance
– Designed to improve availability by reducing failure discovery time
– Common device naming help simplify administration
– Built in event management and monitoring
� A foundation for future AIX capabilities and the next generation of PowerHA SystemMirror and PowerVM
© 2011 IBM Corporation
IBM Power Systems
35
Cluster Aware AIX Exploiters
Legacy AIX
PowerHASystem Mirror
TSA HMCIBM
StorageHPC
DB2IBM
Director
Monitoring API
ClusterMonitoring
Group Services
Cluster Admin UI
Cluster CFGRepository
Resource Mgr Services
Bundled Resource Managers
ClusterMessaging
Messaging API
Legacy RSCT
RSCT Consumers
VIOS
Monitoring API
ClusterMonitoring
Group Services
Cluster Admin UI
Cluster CFGRepository
Resource Mgr Services
Bundled Resource Managers
ClusterMessaging
Messaging API
RSCT With Cluster Aware AIX
Cluster Aware AIX
ClusterRepository
ClusterMessaging
ClusterMonitoring
ClusterEvents
CAA APIs and UIs
Redesigned Layers Integrated to CAA Capabilities
� RSCT and Cluster Aware AIX together provide the foundation of strategic Power Systems SW
� RSCT-CAA integration enables compatibility with a diverse set of dependent IBM products
� RSCT integration with CAA extends simplified cluster management along with optimized and robust cluster
monitoring, failure detection, and recovery to RSCT exploiters on Power / AIX
IBM Reliable Scalable Cluster Technology (RSCT) is a set of software components that together provide a comprehensive clustering environment for AIX
© 2011 IBM Corporation
IBM Power Systems
36
AIX Non-intrusive Reliability Features
� Designed to increase availability by reducing problem determination time and effort
�Can reduce the impact of problems by minimizing the intrusiveness of problem determination compared to traditional methods
� These new service features provide an infrastructure that can fundamentally change the OS problem determination process for the better
�A number of new reliability, availability and serviceability features that are designed to improve system and application reliability
� New features include:
� Live Dump� Firmware Assisted Dump� Enhanced First Failure
Data Capture (FFDC) for AIX
�Enhanced features:
� Lightweight malloc debug� Lightweight memory trace� Consistency checkers� Component trace
How it can help?What is it?
© 2011 IBM Corporation
IBM Power Systems
37
AIX Storage Keys
�Can provide for higher AIX availability by reducing the number of unplanned outages due to intermittent memory overlay
�Enables complex applications that use large amounts of memory to protect core functions from memory overlay
�This new capability can reduce the likelihood of an entire class of intermittent application and AIX problems
�Exploitation of a POWER7 and POWER6 processors hardware feature to provide additional isolation of kernel and application data
�Storage keys can prevent invalid changes to memory cause by programming errors
�Application use of storage keys is enabled in AIX V5.3
�AIX Kernel exploitation of POWER6 storage keys is included in AIX 7 and AIX 6
How it can help?What is it?
User
Code
User
Data
Files
WS DB2
Kernel
Code
Kernel
Data
JFS2 LVM VMM . . . SCSI ENT FC
Application
Address SpaceAIX DriversAIX Kernel
UNIX Kernel Address Space
User
Code
User
Data
Files
WS DB2
Kernel
Code
Kernel
Data
JFS2 LVM VMM . . . SCSI ENT FC
Application
Address SpaceAIX DriversAIX Kernel
UNIX Kernel Address Space
User
Code
User
Data
Files
WS DB2
Kernel
Code
Kernel
Data
JFS2 LVM VMM . . . SCSI ENT FC
Application
Address SpaceAIX DriversAIX Kernel
AIX Kernel Address Space
User
Code
User
Data
Files
WS DB2
Kernel
Code
Kernel
Data
JFS2 LVM VMM . . . SCSI ENT FC
Application
Address SpaceAIX DriversAIX Kernel
AIX Kernel Address Space
After POWER6 Storage Keys
Before POWER6 Storage Keys
© 2011 IBM Corporation
IBM Power Systems
38
AIX probevue Dynamic Tracing
�Enables the possibility to dramatically reduce the amount of time and effort to debug and tune applications
�Can reduce the performance impact to the system compared to using traditional tracing methods
�Dynamic tracing offers an entirely different way for developers and system administrators to troubleshoot application problems
�The capability to dynamically extract information about a program as it is running
�Trace points can be added or removed dynamically without recompiling or restarting the application
�Includes a new language, vue, to define the desired action when a probe point is reached
�Support for C, C++, FORTRAN and Java language programs
How it can help?What is it?
Formatted
I/O
User Kernel
Probe Location
User Process Code
Some thread
hits probe point (1)
Branches to probe
code (2)
Probe code
(3)Returns to
probe point
(4)
Thread continues
execution(5)
Trace Consumer
Trace Fileor
Trace Output
Trace Buffers
E-code
© 2011 IBM Corporation
IBM Power Systems
39
PowerVM Workload Partitions Manager for AIX
�Can make it easier to consolidate workloads from underutilized servers by providing a single point of management for all WPARs and enablement for Live Application Mobility
�Can reduce cost and complexity through centralized management of WPARs
�Enables increased flexibility by allowing administrators to quickly create, clone or delete Workload Partitions from one system to another
�Supports systems based on POWER4 or later processors
�Policy based relocation and federated management of WPARs provides new ways to manage your IT infrastructure
�A product that federates management of WPARs across multiple systems
�WPARs can be created, cloned, stopped, started and monitored from a single location
�Includes enablement for Live Application Mobility
�The WPAR Manager is a advanced manager “plug-in” to the IBM Systems Director
�The WPAR Manager is available as a component in the AIX Enterprise Edition or as a separate product
How it can help?What is it?
WPAR Agent
AIX
System/Application WPARs
WPAR Agent
AIX
System/Application WPARs
WPAR Agent
AIX
System/Application WPARs
WPAR Agent
AIX
System/Application WPARs
WPAR Agent
AIX
System/Application WPARs
WPAR Agent
AIX
System/Application WPARs
IBM
Workload
Partitions
Manager
for AIX
Browser
© 2011 IBM Corporation
IBM Power Systems
40
AIX Automatic Variable Page Size
�Can improve overall system performance which could improve the amount of work done per Watt of energy
�Automated page size tuning can reduce the amount of effort and cost associated with managing a key aspect of performance tuning
�Since this feature is turned “on” by default, it improves your ability to get the most out of your systems based on POWER6 processors
�This “self tuning” aspect of AIX can improve performance while reducing administrative workload
�AIX exploitation of POWER6 or later hardware that supports variable page size
�AIX will automatically select optimal page size to provide better performance
�Kernel will choose between 4K and 64K pages, including a mix within a memory region
�Supports process data, heap, stack, shared memory, anonymous mmap() memory
�Enabled by default with administrative controls to turn off or change aggressiveness to “upsize”
�Required AIX 7 or AIX 6 and POWER6 or later processor based systems
How it can help?What is it?
© 2011 IBM Corporation
IBM Power Systems
System Director Plug-Ins
� AIX 7 Profile Manager
– Consistent AIX configuration across multiple systems
� AIX Systems Director Console
– Web access to administrative tasks
– Consistent user interface with Systems Director and WPAR manager
System A
SetExtract Compare
XML Profiles
Env varXYZ=“Yes”AIX security profile .tuneable N
Env var XYZ=“Yes”AIX security profile tuneable N
Env var XYZ=“Yes”AIX security profile tuneable N
Env var XYZ=“Yes”AIX security profile tuneable N
System AdministratorSystem Administrator
Systems N Systems CSystems NSystems N
© 2011 IBM Corporation
IBM Power Systems
42
AIX Systems Director Console for AIX (pConsole)
�Can reduce the amount of effort and cost associated with managing the AIX OS
�Web access to administrative tasks can simplify systems management
�Consistent user interface with IBM Systems Director and the WPAR Manager can reduce retraining and other administrative costs
�The combination of Web access to administration tools and the ability to execute administrative tasks on multiple systems can change the way you manage the AIX OS
�A Web based management tool that provides easy access to common system administration tasks
�Administrators can access Systems Management Interface Tool (SMIT) menus from a browser
�Graphical user interface is fast and fully integrated with IBM Systems Director
�All necessary components for the Console are included in AIX
�The Distributed Command Execution Manager (DCEM) feature of the Console allows an administrative task to run on multiple systems at once
How it can help?What is it?
© 2011 IBM Corporation
IBM Power Systems
43
System N
AIX 7 Profile Manager (Formerly AIX Runtime Expert)
System A System N System C
SetExtract Compare
Simplified configuration using the AIX Profile Manager
Systems Director plug-in that is designed to simplify consistent AIX
configuration across multiple systems
Traditional server configuration
OS Configuration and Tuning
Environment Variables
Configuration Files
Boot LV Settings
CLI Utilities
Apply and maintain approaches
Scripts, ftp, rsh, ssh, documentation,3rd party tools, mksysb, etc.
System A System NSystem BSystem A System NSystem B
XML Profiles
Env var XYZ=“Yes”AIX security profile
.tuneable N
Env var XYZ=“Yes”AIX security profile tuneable N
Env var XYZ=“Yes”AIX security profile tuneable N
Env var XYZ=“Yes”AIX security profile tuneable N
System AdministratorSystem Administrator
Systems N
© 2011 IBM Corporation
IBM Power Systems
44
Configuration Elements managed by AIX Profile Manager
acctctl
alog
authzcfg
authent
chcons
Chdev.sys0
chlicense
chservices
chsys
class
dumpctrl
errdaemon
ewlm
ffdc
filter
ioo
krecovery
lvmo
nfso
mktcpip
nis
probevue
tcp_nw
udp_nw
ip_nw
arp_nw
stream
raso
role
ruser
namerslv
nfs
shconf
schedo
privcmd
privdev
privfile
smtctl
syscorepath
sysdumpdev
traces
tsd
trustchk
vmo
aix.secexpert
mkuser.defuser
chuser
login
chsubserver
gen.param
etc.env
misc.other
probeview
restrictedtrcctlfile.data
© 2011 IBM Corporation
IBM Power Systems
45
IBM Director: PowerHA Management Interface
State-of-the-art interface
– No charge plug-in
– Masks complexity
– Central management
– Real-time status
– Smart Assist integration
– Deployment wizards
© 2011 IBM Corporation
IBM Power Systems
46
Why should you move up to AIX 7 or AIX 6?
� More performance on POWER7– AIX 7 and AIX 6 can provide substantially more performance on POWER7 than AIX V5.3
– AIX 7 supports massive workloads with up to 256 cores / 1024 threads
� Access to new features– Capabilities like WPARs, Role Based Access Control, AIX Profile Manager are designed to
improve security and administrative efficiency
� AIX V5.3 is nearing End of Life– End of Marketing announced effective April 2011
� AIX 7 will support running AIX 5.2 in a WPAR– Excellent way to consolidate old workloads running on less efficient hardware
� It’s FREE!– Customers with software maintenance agreements (SWMA) can upgrade for no additional charge
within an Edition:
• AIX 5.3 to AIX 7 Standard edition
• AIX 6 Express Edition to AIX 7 Express Edition, etc,
© 2011 IBM Corporation
IBM Power Systems
Sources for Additional Information: Groups
� AIX Virtual User Group (Central)– Link to Site: http://www.ibm.com/developerworks/wikis/display/WikiPtype/
– Join distribution list via email to: [email protected]
– Webcasts are recorded and available for download / replay
� iSeries User Groups
– http://www.semi.org
– http://iseries.homestead.com
– http://www.common.org
– Google/Yahoo, etc. “iSeries User Group” + your metro area
47
© 2011 IBM Corporation
IBM Power Systems
Sources for Additional Information: Publications
� Techdocs
– http://www-03.ibm.com/support/techdocs/atsmastr.nsf/Web/Techdocs
� Publib / InfoCenter
– http://www14.software.ibm.com/webapp/set2/sas/f/power/productdocs
– AIX, IBM i, and H/W Documentation
– How-to and Problem Solving
�
– http://www.redbooks.ibm.com/
– Free to view online or print, Cost for hardcopy
© 2011 IBM Corporation
IBM Power Systems
Thanks for letting me “spout” off!
© 2010 IBM Corporation
© 2008 IBM Corporation
Thank you for your interest in
IBM Power Systems