weblogic server multitenant… · functionality described for oracle’s products remains at the...
TRANSCRIPT
WebLogic Server MultitenantOverview
Duško Vukmanović
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
Duško VukmanovićMaster Principal Sales ConsultantMay 20, 2016
Confidential - Do Not Redistribute
Safe Harbor Statement
The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle.
Confidential - Do Not Redistribute 3
WebLogic Multitenant: Solving Critical Business Challenges
Microcontainer
Portability for Devops
3X Consolidation
Ratio
Secure/Isolated
Multitenant Java
WebLogic MT
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
WebLogic MT
Java Cloud Service
WebLogic WebLogic WebLogic
Java Cloud Service
WebLogic MT
4
Embrace
CloudInnovate
Fast
Maintain
Business
Continuity
Leverage DevOps
Consolidate & Optimize
Embrace
CloudConsolidate & Optimize
Embrace
Cloud
Confidential - Do Not Redistribute
Key Technical Concepts
Partition 1
Virtual Target Ap
pApp
JMS
Data Source
JNDI
Coherence
Service 1
Service 2
… Service N
Partition 1
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
TrafficDirector
WebLogic Server
Coherence
Database
Partition 2
Virtual Target Ap
pApp
JMS
Data Source
JNDI
Partition 2
5Confidential - Do Not Redistribute
Microcontainers in WebLogic Server 12.2.1
• Maximum portability between environments
• Parity between dev and production
• Fast startup/shutdown – disposability
• Easy scale up
• Enable migration to the cloud
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
Dev Env
• Enable migration to the cloud
Oracle WebLogic Server
Apps
Resources
Apps
Resources
Java Cloud Service
Apps
Resources
Confidential - Do Not Redistribute
High Density/Virtualization
• Lower Total Cost of Ownership of server-side Java Infrastructure– Reduce hardware footprint/CAPEX by 66%
– Reduce OPEX costs by 25%
– Consolidate domains by 10X
3X Density Improvement
Apps Apps
Apps
Resources
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
– Consolidate domains by 10X
• Simplify with Java Cloud Infrastructure
– Easy to adopt
– Elasticity on demand
– Promotes consistency, quality, and standardization
Apps
Resources
Microcontainer
Apps
Resources
Microcontainer
Resources
Microcontainer
Apps
Resources
Microcontainer
Apps
Resources
Microcontainer
Apps
Resources
Microcontainer
Confidential - Do Not Redistribute
WebLogic MT Value Prop
• Benchmark Data shows significant consolidation opportunities
• Running 10 partitions in shared JVMs shows no
DensityNon-MT
= 1 VM + Guest OS + JVM
MT
= Partition within a JVM
AdminAdminAdmin
AdminAdmin
AdminAdmin
AdminAdmin
AdminAdminAdmin
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
shared JVMs shows no increase in response times, minimal increase in memory footprint
• CPU load per app is reduced
Admin
AdminAdmin
AdminAdmin
AdminAdmin
AdminAdmin
AdminAdmin
Confidential - Do Not Redistribute
Admin
8
MT Benchmark Data
MedRec
Non-MT:
1 domain
Admin + 4 node cluster
1 app/domain
Non-MT:
Extrapolated for
10 domains
WLS-MT:
1 domain
Admin + 4-node
cluster
10 partitions/domain
1 app/partition
Savings
JVM Heap Setting -Xms:512m –Xmx 2g -Xms:512m –Xmx 2g -Xms:512m –Xmx 2g
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. | Confidential - Do Not Redistribute
Concurrent users 400 4000 4000
TPS Transaction/Sec 2.37 23.7 23.45
Response Time (Sec)
90% RT 0.47 0.239 0.057
Average RT 0.17 0.107 0.052
CPU Usage %CPU ( per VM )
2% each on 4 CPUs
0.5% of total server CPU
capacity
5% each on 16 CPUs
5% of total server
CPU capacity
8% of 4 CPUs
2% of total server CPU
capacity
60%/2.5X less CPU usage
Process OS Memory
Footprint (GB)Average
3.88 (0.97 each on 4
VMs)
38.8 (0.97 each on 40
VMs)
11.2 (2.8 each on 4
VMs)71%/3.5X less memory usage
9
Runtime Isolation
• JDK and WebLogic partnership
• Heap, CPU, threads, requests…
Administrative Isolation
• Admin roles, lifecycle, troubleshooting
Isolation for Pluggable PartitionsIndependence and Autonomy for Microcontainers
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
Security/Identity Isolation
• Realm, users per partition
Traffic/Data Isolation
• Dedicated JNDI, segregated data
• Dedicated and shared Coherence caches
Confidential - Do Not Redistribute 10
Partition Work Managers
• max threads constraint
– limits on the number of threads that will be concurrently allocated to a partition
• min threads constraint cap
– Sets a cap on the number of thread to satisfy
Request and Thread Management in WebLogic Server
Domain Partition
App
SysRes
Domain Partition
App
SysRes
Domain Partition
App
SysRes
Domain Partition
App
SysRes
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
– Sets a cap on the number of thread to satisfy minimum thread constraints within the partition
• Fair Share
– Ratio of request processing
• Shared Capacity percent
– Defines a percentage of the global request limit (default global request limit is 65536)
– Can be used to prevent DoS
11
JVM/Managed Server
Thread Mgmt
RequestMgmt
SysRes
Thread Mgmt
RequestMgmt
SysRes
Thread Mgmt
RequestMgmt
SysRes
Thread Mgmt
RequestMgmt
SysRes
Confidential - Do Not Redistribute
Resource Consumption Managers
• Deep integration between WebLogic Server and the Oracle JDK
• Prevents resource hogging, protects applications in a shared JVM
• Managed resources
Runtime Isolation Within a JVM
Domain Partition
App
Res
Domain Partition
App
Res
Domain Partition
App
Res
Domain Partition
App
Res
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
• Managed resources
– Retained heap, CPU time, open file descriptors
• Triggerable actions
– Notify – inform administrator that a threshold has been crossed
– Slow – reduce partition’s ability to consume resources
– Fail – reject requests for the resource (file descriptors only)
– Stop – initiate the shut down sequence for the offending partition
• “Boundaries” and Fair Share usage patterns
12Confidential - Do Not Redistribute
JVM
Heap
CPU
Open Files
Res
Heap
CPU
Open Files
Res
Heap
CPU
Open Files
Res
Heap
CPU
Open Files
Res
Resource Manager PolicyRetained Heap Example
9 GB JVM
Partition 1 Partition 1 Partition 3 Partition 4 <name>heap-level-1</name>
<heap>
<trigger>
<name>1.25GB</name>
<value>1250</value>
<action>notify</action>
</trigger>
<trigger>1.51 GB
1.51.5
2.02.0
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. | 13
<trigger>
<name>1.5GB</name>
<value>1500</value>
<action>slow</action>
</trigger>
<trigger>
<name>2GB</name>
<value>2000</value>
<action>stop</action>
</trigger>
</heap>
1.51 GB
0.5 GB
0.75 GB
0.5 GB
1.251.25
Confidential - Do Not Redistribute
Security Isolation for Domain Partitions• Per partition configuration
– Per-partition security realm (includes configuration for authentication, authorization, credential mapping, auditing, password validation, certificate validation, and user lockout)
• Roles scoped to partitions
– Admin, operator, deployer, monitor
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
• Identity Domain
– Logical namespace for users and groups
– Each partition has a primary identity domain – defines set of users
– Default polices allow users in that IDD to access the partition, but not users in other IDDs
– Multiple partitions can use the same IDD – polices and roles are shared, identical access OOTB
Confidential - Do Not Redistribute 14
End-to-End Integration
Partition 1
AppApp JMSJMSData
SourceData
Source
JNDIPartition 1
AppApp
Cache Service 1
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
Oracle WebLogic Server Oracle Database
Partition 2
AppApp JMSJMSData
SourceData
Source
JNDI
Oracle Traffic
Director
Partition 2
AppApp
Oracle Coherence
CacheService 2
Confidential - Do Not Redistribute
Multitenancy in WebLogic 12.2.1
• Agility/devops with lightweight pluggable partitions– Ultra-light container-like service packaging
• High density with domain and JVM sharing
Summary
Apps
Resources
App Svr
Apps
Resources
App Svr
Apps
Resources
WebLogic
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
• High density with domain and JVM sharing– Consolidate/virtualize within domains and
JVMs
• Isolation between microcontainers– Runtime, administration, security, data
16Confidential - Do Not Redistribute
Oracle WebLogic Server
Apps
Resources
App Svr App SvrWebLogic
Apps
Resources
Apps
Resources
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. | Confidential - Do Not Redistribute 17
Confidential - Do Not Redistribute 18