Presentation is loading. Please wait.

Presentation is loading. Please wait.

THE FOLLOWING IS INTENDED TO OUTLINE OUR GENERAL PRODUCT DIRECTION

Similar presentations


Presentation on theme: "THE FOLLOWING IS INTENDED TO OUTLINE OUR GENERAL PRODUCT DIRECTION"— Presentation transcript:

1

2 THE FOLLOWING IS INTENDED TO OUTLINE OUR GENERAL PRODUCT DIRECTION
THE FOLLOWING IS INTENDED TO OUTLINE OUR GENERAL PRODUCT DIRECTION. IT IS INTENDED FOR INFORMATION PURPOSES ONLY, AND MAY NOT BE INCORPORATED INTO ANY CONTRACT. IT IS NOT A COMMITMENT TO DELIVER ANY MATERIAL, CODE, OR FUNCTIONALITY, AND SHOULD NOT BE RELIED UPON IN MAKING PURCHASING DECISION. THE DEVELOPMENT, RELEASE, AND TIMING OF ANY FEATURES OR FUNCTIONALITY DESCRIBED FOR ORACLE'S PRODUCTS REMAINS AT THE SOLE DISCRETION OF ORACLE.

3 Oracle Solaris 11: Innovations for Your Data Center
<name>

4 Oracle Cloud Computing Strategy
Private Public Hybrid SaaS PaaS IaaS Flexible Adoption Because we see customers adopting cloud in so many different ways, our goal is to offer customers with choice and a broad set of products and services. Our strategy is: First, to provide products to help customers build, deploy and manage private clouds, as well as different options for public cloud services. Customers need deployment flexibility Second, to deliver a wide range of offerings spanning SaaS applications, PaaS including middleware and database, and IaaS including servers, storage, networking and associated OS and virtualization software. Third, to enable solutions that enable customers to adopt cloud at a pace that fits their business. We find that customers vary a lot in terms of how rapidly they wish to move to clouds and to what extent they wish to move to clouds. We enable customers to evolve and transform to cloud at whatever pace makes sense for their business. So what exactly are Oracle’s offerings for cloud computing?.... ORACLE TUXEDO FLEXCUBE ORACLE SECURE BACKUP

5

6 Foundation of Every Enterprise Class Cloud Infrastructure
Oracle Solaris 11 Mission Critical Meets Cloud Highly Available, Secure Platform for Enterprise Apps Large-scale Cloud Management Predictive self healing ZFS data integrity End to end encryption Compliance reporting DTrace observability Immutable zones Application Aware Clustering Automated Install Fast, Fail-safe Packaging Zero overhead Server, Storage, Network virtualization Comprehensive cloud management solution Solaris 11 Foundation of Every Enterprise Class Cloud Infrastructure

7 Create as a build Create as a build Create as a build Solaris 11
From IaaS to SaaS – One Solution SaaS PaaS IaaS Customer examples SPARC SuperCluster Oracle 11gR2 Oracle X, T, M-Series HW, Solaris zones Oracle 11gR2 OVM SPARC Oracle SolarisCluster SPARC T4 Major US Mobile Service Provider Times may vary depending on size of systems to boot. Solaris 11 can update a system very quickly and then Fast Reboot for SPARC an x86 gets the new environment back online quickly. If you don’t like the update boot the previous ZFS boot environment – Fool-proof updates 7

8 Oracle Solaris 11 Momentum
2000+ Customers…

9 Oracle Solaris 11 Partner Momentum

10 Oracle Solaris 11.1 Built for Cloud Infrastructures
Best UNIXTM for Oracle Deployments #1 UNIXTM for Enterprise Applications Engineered for Oracle Environments Optimized for Oracle software and hardware Delivering the performance you need in an Optimized Datacenter Built for Cloud Infrastructures Breakthrough architecture to deploy and secure and manage enterprise clouds Delivering the simplicity you need in an Optimized Datacenter #1 UNIX Industry leading availability, security and performance for enterprise applications Investment protection for enterprise environments Reducing risk in your Optimized Datacenter with over 25 years of enterprise experience

11 Dramatically Faster Lifecycle Management
Create as a build Create as a build Dramatically Faster Lifecycle Management Create as a build New Security Fix Maintenance window: 6-7pm 6:00 Start Update 6:00-6:02 Dependency checks, patch/update planning Times may vary depending on size of systems to boot. Solaris 11 can update a system very quickly and then Fast Reboot for SPARC an x86 gets the new environment back online quickly. If you don’t like the update boot the previous ZFS boot environment – Fool-proof updates 6:02-6:04 New boot environment created, updates downloaded and applied 6:04-6:06 reboot up and running again Back in Service in 2 Minutes! 11

12 Fail-Safe Lifecycle Management
New Software Update Maintenance window: 6-7pm 6:00-6:02 Dependency checks, patch/update planning 6:00 Start Update 6:02-6:04 New boot environment created, updates downloaded and applied 6:06-6:08 Reboot into previous boot environment Times may vary depending on size of systems to boot. Solaris 11 can update a system very quickly and then Fast Reboot for SPARC an x86 gets the new environment back online quickly. If you don’t like the update boot the previous ZFS boot environment – Fool-proof updates 6:04-6:06 reboot Worst-case Scenario: Back in Service in 4 Minutes! 12

13 Fast, Fail-Safe Lifecycle Management
Create as a build Create as a build Fast, Fail-Safe Lifecycle Management Create as a build At Massive Scale through Automation New Security Patch Identity Server Mail Server File Server VM Times may vary depending on size of systems to boot. Solaris 11 can update a system very quickly and then Fast Reboot for SPARC an x86 gets the new environment back online quickly. If you don’t like the update boot the previous ZFS boot environment – Fool-proof updates 13

14 Fully Automated updates with Solaris 11
Public Sector Customer example Multi-tenant cloud environment Delegated administration allows SAP and database administrators to safely control their own Zones without access to other Zones and services on the systems Database and Applications per zone HA SAP and Oracle Database Zone Clusters Automated updates Both Solaris 11 and Solaris Cluster 4.0 are automatically updated from IPS repository every week Oracle Database on SPARC Oracle Elastic Cloud Software Oracle Applications Third-party Applications Multi-tier Consolidation It is important to understand how the SSC can be virtualized to understand its use as a consolidation platform. Using Oracle VM for SPARC (OVM SPARC) the T4-4 compute nodes can be partitioned into three types of partitions. One is a Database Domain that is used to run S11 and Oracle 11gR2. There can be only one DB Domain per T4-4. A DB Domain does not have to include all processors in a T4-4 node. There is a maximum of 3 domains on a T4-4 node that has a DB domain. DB Domains will access the Exadata storage cells. Only DB Domains running Oracle 11gR2 can use the Exadata storage cells. General Purpose (GP) domains can run S10 or S11 and has their name implies are used to run general-purpose applications such as Oracle Ebiz, Siebel, PSFT or even third-party applications. GP Domains will use the ZFS Storage appliance for its disk requirements. GP domains can also access legacy SAN’s. Exalogic domains are domains that run the Exalogic Elastic Cloud software. Exalogic domains will use the ZFSSA for storage. Up to 4 domains can be deployed on any T4-4 nodes but since only one DB Domain is possible on a T4-4 node the other three domains would have to be GP Domains or Exalogic Domains. This slide shows all three types of domains indicating how to virtualize/partition an SSC T4-4. It also shows how it is possible to consolidate app tier and db tier on a single SSC T4-4. It shows that all four T4-4 nodes are used for database domains and are clustered using RAC. These domains will have exclusive access to the 6 Exadata Storage nodes. The other domains nodes are partitioned into 3 GP domains and 1 exalogic domain. Note that only GP domains can run S10. If a customer wants a T4-4 node to run just an S10 GP Domain then they still need to set up a small S11 control domain as it is not allowed to have a node running just S10. Deploying DB’s in containers in DB Domains is not supported. Lastly, live migration is not supported on SSC T4-4. “Patching is so easy we that we’ve even made the systems automatically update every week” version 4

15 Solaris Zones Best Foundation for your Cloud
Programmable management APIs OpsCenter Integration Zone images encrypted on shared storage Immutable zones Tightly integrated Network virtualization Zero overhead IB and Ethernet connectivity Scalable to 100s of zones/ physical machine iSCSI 1 Global zone iSCSI N ZoneA rad(1m) mgmt. APIs Zone1 Virtual Router Maps integration of Solaris to SPARC hardware roadmap (and notes our plans to continue to track x86 advances as well, especially as a result of our ongoing work with Intel 10GbE Network InfiniBand Fabric

16 Evolution of Solaris Network Virtualization
Staying Ahead of the Virtualization Challenges Global zone Solaris 10: Zones virtualization Shared, later: exclusive stack Zone A Zone B Zone C Solaris 11: VNICs Vswitch Flows Zero overhead QoS Virtual networking services Virtual Router/ LB/ Firewall Solaris 11.1: SLAs to next hop switch Convergence of FC onto Ethernet Datalink multipathing Maps integration of Solaris to SPARC hardware roadmap (and notes our plans to continue to track x86 advances as well, especially as a result of our ongoing work with Intel Physical switch

17 Solaris and Xsigo High Performance End-to-End Cloud Solution Storage
Finance Zone A HR Zone B Sales Zone C Storage Compute Sales Dataset Ethernet Only Solaris and Oracle Linux delivers this feature The Oracle Real Application Clusters (RAC) distributed database product includes the Lock Management System (LMS), a user-level distributed lock protocol which mediates requests for database blocks between processes on the nodes of a database cluster. Fulfilling a request requires traversing and copying data across the user/kernel boundary on the requesting and serving nodes, even for the significant number of requests for blocks with uncontended locks. We have created a "kernel accelerator" (KA), which filters database block requests destined for LMS processes and directly grants requests for blocks with uncontended locks, thereby eliminating user-kernel context switches, the associated data copying, and LMS application-level processing for those requests. The KA exports shared memory in which the LMS locking daemon places its lock table. The KA intercepts DBMS block requests over the RDSv3 communications protocol used between cluster nodes and calls into a DBMS-provided kernel accelerator run-time (KA RT) module, which consults the shared-memory lock table. If the lock is available, the KA replies from the kernel, granting the request directly to the requesting node; if the lock is not available, the KA passes the request up to the LMS user process, which handles the request in the same fashion as when no KA is present. This not only speeds up the process of granting locks, but it also frees up CPU cycles, thus allowing for better throughput in the order of 30-40% depending on the workload. HR Dataset Xsigo Fabric Director Finance Dataset FC Network

18 Security Tailored for the Cloud
Built-in, Flexible, Transparent, Hardware Assisted Application Runtime Immutable Zones, Sandboxing: new basic privileges (net_access,file_write, file_read), further executable address space reduction. Network data-link & IP anti-spoofing for Zones. Authentication SSH X.509 Certificate support, Kerberos PKINIT (X.509). Kerberos data in LDAP. Root login disabled by default. Role auth via user password, Authentication caching. Audit Auditing on by default, audit policy in SMF, Secure remote audit trail. Delegation Sudo with auditing. Fine-grained user/password/RBAC management CLI with LDAP support. Data Security ZFS filesystem, swap, dump and zvol encryption, NFSv4/NT style ACLs, Multilevel security with file labeling. IPsec/IKE policy per zone. Per Zone NFS server and Kerberos Realm. Cryptography Transparent Hardware Encryption for Solaris, Java. OpenSSL 4x faster. Trusted Platform Module (TPM) keystore, file integrity scanner Signed binaries & packages, Oracle Key Manager appliance integration

19 Solaris 11.1 Security Highlights
Built-in, Flexible, Transparent, Hardware Assisted Application Runtime ASLR & Security Extensions Framework, rsyslog (GSSAPI & TLS), OpenSCAP Compliance tool Authentication /etc/pam.d Linux Compat & Minimisation, Per User PAM stack, Kerberos client multi master, Last failed login time Audit Audit Remote Server Delegation Extended Policy – privileges on objects, pfedit, auths admin command, RAD usermgr Data Security Per file security labels, multiple zones per security label, 1024 groups for AUTH_SYS/NFS Cryptography TPM key migration, SHA512/t, Large DSA keys, Intel RDRAND, AES XTS, Perf improvements SPARC & Intel

20 Compliance Reporting. Secure Audit
Minimize Your Time Spent on Compliance New with Solaris 11.1 Know when an unauthorized login attempt was made Save time and resources with automated compliance reporting Keep audit logs safe from tampering Compliance reporting tool Automates compliance reports Extensible & standards based White paper for Solaris PCI-DSS Compliance Always record & report last failed login attempt Remote Audit server (client in Solaris 11) Syslog over TLS (rsyslog) Planned Oracle Audit Vault integration Solaris 11.1 server Audit & Syslog OpenSCAP Compliance tool Admin can define operational policies programmatic checks can be made against these profiles Reports can be produced for compliance checking Last failed login time Record actual time of login failures. Required for compliance Audit Remote Server Secure remote audit. Client ships audit data to remote server and server stores them in a specific place. Can specify what data to keep on server. Tamper –proof audit log on the attached system. Uses Secure transport (kerberos) Can have multiple servers for HA configuration Encrypted Log & Audit trail storage

21 ZFS Virtualized Pooled Storage
Scale Out Design. Built-in Data Services. Flash-enabled virtual storage pools Compression Replication Deduplication Dataset Encryption 10x Deduplication for Virtualized Environments Rapid Provisioning of Virtualized Storage Resources No Silent Data Corruption. Ever.

22 Cloud Ready Data Sharing
Built-in, Flexible, Transparent, Hardware Assisted File Sharing Unified User and Access Control with Active Directory integration: ZFS, NFSv4, CIFS, WebDAV, FTP(S), SCP/SFTP Cloud Ready OS install Solaris boot from SAN, iSCSI and FCoE Zones on iSCSI/FCoE ZFS pools Block Storage Sharing Raw Disk & ZFS LUN: iSCSI, iSER, FCoE

23 Solaris 11.1 Storage Highlights
ZFS Improved FMA integration for better diagnosis. Semantic (Veritas) DMP support. Boot from UEFI & 4K disk. SCSI UNMAP for thin provisioning. Dump/SWAP on RAIDZ. Auto-resize swap ZVOLs. Incremental (Token) based backup for NDMP. Per file security labels. Finegrained Share control for NFS & CIFS SCSI Disk write Cache State NFS AUTH_SYS support fro 1024 groups. NFSv2 DTrace provider. FedFS LDAP support for NFS reparse points. CIFS AD Domain join improvements, DC failover improvements Misc Removable device simulation with lofi(7D) . COMSTAR SCSI UNMAP. Shared datasets for boot environments (/var/share). Storage URI tools. Per Zone file system statistics (fsstat).

24 Solaris-as-a-Service
>40x Consolidation Ratios Physical Ethernet Switch Customer 1 Solaris Zone Customer application Customer 2 Customer application 1 Customer application 2 Oracle x86, Oracle SPARC T and M series Solaris 11 Global Zone Integrated Virtual Switching, Load Balancer, Firewall IaaS cloud based on Solaris 11 For both internal IT as well as external public cloud customers >40x consolidation ratios Solaris 11 low-overhead zones Integrated network virtualization Additional cost saving Network services consolidated into host One of Australia’s largest Network Operators. Over 11,000 km of fiber and 370 exchanges

25 IaaS – Major US Mobile Service Provider
Virtualization Meets Mission Critical SMALL Med LARGE ORACLE SOLARIS CLUSTER 4.0 ORACLE SOLARIS 11 CONTROL DOMAIN APP Live Migration Fail over Virtualized Wireless Service Delivery Compute intensive, clustered Non stop service Datacenter Datacenter failover Encrypted live migration 5x application performance 10x consolidation Updating the SPARC Virtual Environment with SPARC T4, Solaris 11, Solaris Cluster 4.0 and OVM for SPARC Reduced time-to-deploy to less than 1 week from standard 4-6 weeks Saved $800K in CAPEX Reduced OPEX by $100K Saved 20x power and cooling costs Saved 8x floor space Applications see a 5x increase in single-thread performance compared to a T5440 processor and a Live migration of HA virtual machines All live migration traffic is compressed and encrypted at wire-speed using Solaris crypto framework and built-in T4 hardware crypto-accelerator 500m+

26 #1 UNIX. Engineered for Oracle.
Investing in Best of Breed Solaris 11 take immediate advantage of the latest hardware innovations such as critical threads, crypto off-load engines, large networking pipes and power management controls to deliver the benefits of hardware innovation to the datacenter. Solaris engineers have worked closely with Oracle’s software and hardware teams to co-engineer innovation in the stack to deliver the best possible platform for Oracle deployments. Solaris 11 is at the heart of the Engineered Systems delivering unique value such as Infiniband enhancements and built-in virtualization. Best of breed components Co-Engineered with applications and hardware Unique value in Engineered Systems

27 SPARC SuperCluster Implementation From Months to Weeks

28 Engineered Together Tested Together Certified Together
Deployed Together Upgraded Together Managed Together Slide Transition: When we say that Oracle hardware and software is engineered to work together, this refers to our unique ability to offer customers a complete hardware and software stack -- from applications through middleware and databases, and all the way down into servers and storage – that is integrated throughout. Oracle tests everything within a stack layer together–between different applications, between different middleware suites, between various database products, and so on. Oracle also tests everything across stack layers, from applications all the way down to the servers and storage. Oracle certifies the complete stack so that customers know which particular versions of software are designed to work together. For example, every major application that Oracle delivers, including Oracle E-Business Suite, PeopleSoft Enterprise, JD Edwards and Siebel CRM is certified with Oracle Fusion Middleware. Oracle packages the different technologies into standardized solutions, which customers can then deploy together. These complete solutions are designed to be upgraded effectively and efficiently together. And, the entire stack can be managed together, supported together and so on. Supported Together

29 Examples of Optimizations for Oracle RDBMS
The Tip of the Iceberg Key: In Solaris New in S11.1 CPU Full MT-hot kernel, scales to 100s of cores and 10,000s of HW threads Support for Critical Threads features in T4 chip 5x performance improvement of high-resolution timer Multi-processing and multi-threading support for Oracle DB Memory Large Page support Optimized Shared Memory (OSM) NUMA I/O Framework Fast DB Restart Latency-aware kernel memory allocator (x86, SPARC) Re-architecture of Virtual Memory sub-system Userland Fast-Memory Registration and Shared Protection Domain File System Userland file system for DB, Oracle File Server support I/O uDAPL, RDSv1, RDSv3, SDP: Support for low-latency Infiniband protocols Direct I/O with concurrent writes Exclusive-IP zone support for RDSv3 to support DBaaS Dynamic reconfiguration for IB HCAs

30 Examples of Optimizations for Oracle RDBMS
The Tip of the Iceberg Key: In Solaris New in S11.1 Observability Enhanced observability for segmentation faults Read-out of libdtrace by Oracle 12c Reliability and Availability Dynamic reconfiguration notifications for DB for resources rebalancing FMA callback for bad hardware Performance Improved PGA performance Kernel lock acceleration for Oracle RAC Message Passing Co-processor Remote Memory Access (RMA) Exafusion Mult-tenancy Zones: Secure isolation, lowest latency virtualization Security Transparent crypto off-load for SPARC and x86

31 Oracle Database I/O Observability
Optimize your Database I/O performance New with Oracle Database 12c Quick resolution of I/O issues Added DTrace I/O Event Tracing to Oracle Database 12c Tracing info loaded in V$ views for queries Enables DBAs and Oracle support to quickly resolve I/O related escalations v$kernel_io_outlier TIMESTAMP IO_SIZE IO_OFFSET DEVICE_NAME VARCHAR2(513) PROCESS_NAME VARCHAR2(64) TOTAL_LATENCY SETUP_LATENCY Only available with Solaris. More DTrace integration to come in later DB releases. A simple example of an outlier I/O: We can check the v$kernel_io_outlier table to extract information about time spent in the kernel for I/O's whose end to end latency exceeds a given threshold (500ms be default but tunable via the '_io_outlier_threshold' tunable - the example below was on an instance with this set to 200ms): SQL> desc v$kernel_io_outlier  Name                                      Null?    Type    TIMESTAMP                                          NUMBER  IO_SIZE                                            NUMBER  IO_OFFSET                                          NUMBER  DEVICE_NAME VARCHAR2(513)  PROCESS_NAME VARCHAR2(64)  TOTAL_LATENCY                                      NUMBER  SETUP_LATENCY                                      NUMBER  QUEUE_TO_HBA_LATENCY                               NUMBER  TRANSFER_LATENCY                                   NUMBER  CLEANUP_LATENCY                                    NUMBER  PID                                                NUMBER  CON_ID                                             NUMBER SQL> select IO_SIZE,PID,TOTAL_LATENCY,SETUP_LATENCY,QUEUE_TO_HBA_LATENCY,TRANSFER_LATENCY,CLEANUP_LATENCY from v$kernel_io_outlier; DEVICE_NAME    IO_SIZE        PID TOTAL_LATENCY SETUP_LATENCY QUEUE_TO_HBA_LATENCY TRANSFER_LATENCY CLEANUP_LATENCY         64          0                       107                         64 This example shows that this single 64k write to a scsi target had an end to end latency of just over 400 millisec (the timing numbers above are in microsec) and the breakdown is: SETUP_LATENCY: 2020 microsec - Time in microseconds spent during initial I/O setup before sending to scsi target device driver QUEUE_TO_HBA_LATENCY: 107 microsec - Time in microseconds spent in the scsi target device driver before being sent to the Host Bus Adaptor QUEUE_TO_HBA_LATENCY: ~400 millisec of this was spent being transferred to the physical device (in the Host Bus Adaptor and physically DMA'ing to the device). CLEANUP_LATENCY: 64 microsec- Time in microseconds spent freeing resources used by the completed I/O

32 Database-as-a-Service on SPARC SuperCluster
High-performance Infiniband Networking Meets Virtualization New in Solaris 11.1 Multi-tenant Engineered System T4-4 Node 1 Oracle Solaris 10 Oracle Solaris 11 DB Domain GP Domain Zones Solaris Zone InfiniBand Network EXADATA STORAGE ZFS STORAGE APPLIANCE Zones support for Exadata stack on SPARC SuperCluster Zero Overhead zones virtualization Secure Multi-Tenant Isolation High-performance 40 Gigabit Infiniband Networking Organizations worldwide are scrambling to secure sensitive information in response to regulatory pressure for protecting data privacy and integrity, as well as protect from increasingly sophisticated attacks targeting this data. Encrypting data in applications, however, requires costly and complex code changes, often with disastrous performance consequences. Fortunately these pitfalls can be avoided. Oracle Advanced Security TDE provides the ability to encrypt sensitive application data on storage media completely transparent to the application itself. TDE addresses encryption requirements associated with public and private privacy and security mandates such as PCI and California SB1386. Oracle's Transparent Data Encryption (TDE) feature simplifies the encryption of data within datafiles, preventing unauthorized access to it from the operating system. Tablespace encryption, allows encryption of the entire contents of a tablespace. Data is transparently encrypted when written to disk and transparently decrypted after an application user has successfully authenticated and passed all authorization checks. Authorization checks include verifying the user has the necessary select and update privileges on the application table and checking Database Vault, Label Security and Virtual Private Database enforcement policies. Oracle's SPARC T4 processor with hardware cryptography acceleration can greatly improve performance over software implementations. This should greatly expand the use of TDE for many customers. Performance on Oracle TDE (Transparent Data Encryption) SPARC T4 44% faster secure queries than x86 Westmere (AES/NI) Combination of fast query processing and TDE Tests 8 different queries on 2-socket servers Consistent SPARC T4 query time 128-bit to 256-bit ciphers Oracle Advanced Security TDE column encryption was introduced in Oracle Database 10g Release 2, enabling encryption of application table columns, containing credit card or social security numbers. Oracle Advanced Security TDE tablespace encryption and support for hardware security modules (HSM) were introduced with Oracle Database 11gR1. Hardware Security Module (HSM) - A device used to secure keys and perform cryptographic operations. These devices can be standalone network based appliances or plug-able PCI cards. In the context of TDE, these devices can create and store the TDE master key. Advanced Encryption Standard (AES) – A symmetric cipher algorithm defined in the Federal Information Processing (FIPS) standard no AES provides 3 approved key lengths: 256, 192, and 128 bits. PKCS#11 – A standard developed by RSA for communicating with cryptographic devices. Transparent Data Encryption is one of the three components of the Oracle Advanced Security option for Oracle Database 11g Release 2 Enterprise Edition; it provides transparent encryption of stored data to support your compliance efforts. Applications do not have to be modified and will continue to work seamlessly as before. Data is automatically encrypted when it is written to disk and automatically decrypted when accessed by the application. Key management is built-in, eliminating the complex task of creating, managing and securing encryption keys.

33 Centralized Audit Reporting and Alerts
More easily detect and analyze security threats Simplify compliance reporting for Solaris and Database New with Solaris 11.1 New collector in Oracle Audit Vault and Database Firewall Puts Solaris Audit logs in the same repository as the Database audit logs Solaris Database Compliance Tools Audit Log Audit log collector built in the new combined Oracle Audit Vault and Database Firewall product takes the audit log information generated by the Solaris operating system and consolidates it in the same repository (Oracle Audit Vault and Database Firewall) as the database audit information.   This provides centralized consolidated security reporting and alerting on audit data across the operating system and databases. Oracle Solaris 11 new security Audit features such as: audit on by default, audit policy in SMF and secure remote audit trail along with the Oracle Audit Vault and Database Firewall provide the best in class auditing features in the industry.

34 Oracle Application Accelerators
Unmatched Silicon Enhancements for Enterprise Software Memory scan offload Application Data Protection Decompression offload Low latent cluster interconnect Dynamic threads Encryption

35 Examples of Optimizations for Java
The Tip of the Iceberg Key: In Solaris New in S11.1 CPU User-level high resolution timer support WLS scalability, Single-thread mode smt pause() to optimize busy waits in the JVM Fused compare-and-branch with no delay slot New block initializing store (BIS instruction) Memory Large Page support by JVM T4 2GB pages for Java performance I/O SDP: Support for low-latency Infiniband protocol HA for SDP Security Integration with Solaris crypto offload engines (Java 7u4) Zones support for SDP Zones: Secure isolation, lowest latency virtualization Observability DTrace plugin in Java Mission Control  Generic dispatcher improvement  Critical thread support for T4

36 Java Mission Control Visualizing DTrace data

37 Java Performance Optimizations on Solaris
The Tip of the Iceberg  Generic dispatcher improvement  Critical thread support for T4 * 4x2.4GHz WSM-EX, Oracle Solaris 11 Express snv_156 X86 * 2.2x Improvement through JDK 7 development

38 Oracle Solaris 11 Best UNIX Platform for all Oracle Deployments ORACLE
FLEXCUBE ORACLE RETAIL ORACLE TUXEDO ORACLE SECURE BACKUP ORACLE AGILE ORACLE GOLDEN GATE ORACLE GOLDEN GATE ORACLE HYPERION

39 SPARC SuperCluster Customers
Implementations and Performance Results Multi-Tenant cloud, SAP, databases, and Java applications 10x consolidation ratio and 4x efficiency improvements 3x software license savings SPARC consolidation, Kenan applications Oracle Database 11gR2 and Comverse Kenan FX Billing 5x performance improvement HP Superdome replacement, Java applications 20x consolidation of complex business systems Significant reduction in TCO Ativas: 10x consolidation ratio based on consolidation of known / potential environments into SuperCluster. 4x efficiency improvements are based on the current 4 customers that plan to move to SuperCluster and the gain they get from only have to manage one SuperCluster rack rather than 4 individual setups for each of the customers 3x software licensing savings. Customers moving from HP and IBM gear to SSC. Able to leverage fewer resources on SuperCluster. All numbers approved by customer. Liberty Global (UPC): 5x performance improvement based on comparison of SuperCluster (only one node of T4-4) to E25k using a Kenan billing test case. KED: 20x consolidation of complex business systems came from quote from KED. Migrate a total of 20 complex business systems onto 1 SuperCluster. (1:20 = 20x) Federal Agency: 10x performance improvement came from a comparison to their POC environment. They were only able to get to 600 concurrent users and now they say 6000k concurrent users on SSC (600:6000=10x). POC environment was T-series. Customer reported 18k concurrent users. 30x performance improvements comes from comparison to mainframe environment. The amount of work that SuperCluster does is equal to what they did in 30 days with the mainframe environment. 1:30 = 30x improvement. Statement comes directly from the customer. POC environment was 3 x T5240 servers, 4 x x4150 servers, 8 x6240 blades. Federal Agency, North America Mainframe replacement, Oracle Maximum Availability Architecture 10x-30x higher performance for 18,000 concurrent users version 4

40 SPARC SuperCluster Customers
Implementations and Performance Results Large scale SPARC consolidation, Java applications 5x consolidation ratio, 4x potentialTCO reduction 6.5 million database transactions per day State Agency, North America Replaced IBM Power systems, DB2 and WebSphere with WebLogic and Database 11gR2 6x consolidation ratio Replaced IBM Power systems for securities trading 19x consolidation ratio 2x savings in datacenter infrastructure costs Leading Financial Institution, Asia State Agency North America (Implemented by Accenture) 5x consolidation ratio based on domain reduction - $8M to $2M TCO comparing current environment to SSC. From value navigator based on previous production environment vs. SuperCluster. - 6.5 million DB transactions per day from implementation team directly China National Tobacco Company 6x consolidation ratio based on them taking 6 web/app/db environments and moving them to SuperCluster (1:6=6x) Leading Financial Customer, Asia 19x consolidation ratio. Based on hardware in existing environment (IBM p series, v240s, storage, etc) compared to 1 SuperCluster rack. (1:19=19x) 2x savings in datacenter infrastructure costs based on numbers generated by account team. $400k in just floor space, power and cooling over 3 years. Leading Retail Company, North America Numbers provided directly by Macy’s comparing to their Dell / M5k environment. The TIBCO BusinessEvents solution is a new environment for the customer. They have existing TIBCO middle tier software in use for other solutions, at least some of which run on SPARC M5000 systems running Solaris. The John's Creek, GA installation replaces 6 x Dell R700 servers running TIBCO and a M5000 zone running the database. SPARC consolidation, Oracle Database 11gR2 and TIBCO 6x performance improvement in loading Oracle Database 2x raw I/O throughput improvement running backup Leading Retail Company, North America version 4

41 Oracle on Oracle: E-Business Suite (GSI)
Application Stats Metrics after FY12Q4 close Metrics increase in FY12Q4 65 Billion Rows of Data 1,044,966 Customers 132,007 Quote Headers 201,731 Service Contracts 111 Operating Units 533,049 Vendors 176,613 Shipments 507,234 Expense Reports 723 Ledgers 446,353 Projects 797,705 AP Invoices 108,629 Purchase Orders 11 Languages 56.7M Sales Order Lines 315,543 Order Headers 6,116,639 AR Lines 23 years of SLA data (only 8 years SLA data converted during R12 upgrade in Jan2008) 122.8M AR Invoice Lines 33,262,474 GL Lines 7,992 Internal Mfg Jobs 1.1B GL Lines Field Services Service Requests 79,061 Field Service Tasks 120,043 MQF Queries To 19,370 2,136,500 Inventory Trans

42 Solution SPARC SuperCluster
Storage Expansion Rack Exalogic + +

43 Enterprise Performance
Built for Next-Decade Hardware Dynamic threads NUMA I/O Crypto acceleration ZFS 128 bit block addresses Latency-aware kernel memory allocator Optimized shared memory DTrace Adaptable thread and memory placement Fully parallel network processing VM 2.0 10x Networking 10x CPU 10x Memory 10x Data

44 Page Requests over 30 seconds
New in S11.1: VM 2 The Predictor Sampler Analyzer Action Engine Before After Results: - 2x faster Database start/stop - 45x improvement in mmap() performance Page Requests over 30 seconds Analyzer evaluates information and determines action to take States: disabled, shortage, deficit, inbounds, surplus Action Engine—up to 8 taskq threads created per mnode

45 Oracle Solaris 11 – THE #1 Unix
Create as a build Oracle Solaris 11 – THE #1 Unix Create as a build Ahead of the Scalability Curve Solaris 12 201? Solaris 9 May 2002 72 1.15 Solaris 11 November 2011 64+ 2048+ 1024 TB DRAM Solaris 10 January 2005 4 1024 256 # of Threads Times may vary depending on size of systems to boot. Solaris 11 can update a system very quickly and then Fast Reboot for SPARC an x86 gets the new environment back online quickly. If you don’t like the update boot the previous ZFS boot environment – Fool-proof updates # of Cores 45

46 Looking Forward: Full Stack Observability
Administrator-focused analysis Single pane of glass System performance tuning Capacity planning Notable system events Historical views of performance Incorporate your application performance metrics Notification: Bad Database Performance ! ZFSSA Solaris Global Zone Maps integration of Solaris to SPARC hardware roadmap (and notes our plans to continue to track x86 advances as well, especially as a result of our ongoing work with Intel Oracle Database Zone Application Zone Application Zone

47 Looking Forward: Full Stack Observability
! Notification: Bad Database Performance Analysis: Rule out ZFSSA. No problems on appliance dashboard Observability Engine Analysis: Server link to storage is saturated Notice: New application zone recently started Analysis: New zone using 90% of storage bandwidth ZFSSA Solaris Global Zone Maps integration of Solaris to SPARC hardware roadmap (and notes our plans to continue to track x86 advances as well, especially as a result of our ongoing work with Intel Oracle Database Zone Application Zone Application Zone Analysis: Runaway backup using all bandwidth Resolution: Administrator sets bandwidth cap on backup. Issue resolved.

48 Future Zones Clouds Unified archive-based deployment
ZoneA zonehost rad(1m) daemon ZoneG ZFS1 Unified archive-based deployment Archive/Restore zones, bare metal, LDOMs, etc. Template-based archive creation Integrated cloud control Greater independence between zones Differing patch levels More agile migration ZFS2 Converged Fabric ZoneA zonehost rad(1m) daemon ZoneM

49 Looking forward: Software Defined Networking
ZoneA zonehost ZFS1 Engaged in Open Networking Foundation Embracing OpenFlow Application driven network traffic priorities across fabric Provide end-to-end SLAs ZFS2 OpenFlow Control Path Network Fabric ZoneA zonehost ZoneM

50 Looking Forward: Zero Downtime Security Updates
Create as a build Create as a build Looking Forward: Zero Downtime Security Updates Create as a build New Security Update Dependency Checks, patch/update planning # pkg update Impacted subsystems are briefly quiesced, update installed live Times may vary depending on size of systems to boot. Solaris 11 can update a system very quickly and then Fast Reboot for SPARC an x86 gets the new environment back online quickly. If you don’t like the update boot the previous ZFS boot environment – Fool-proof updates Backup boot environment created, update applied on disk No application response time impact, Zero downtime. 50

51 Solaris Roadmap Accelerating The Pace Solaris 12 Solaris 11
Update 9 Solaris 10 Update 10 Solaris 10 Update 11 Premier Support Extended Support Maps integration of Solaris to SPARC hardware roadmap (and notes our plans to continue to track x86 advances as well, especially as a result of our ongoing work with Intel 2010 2011 2012 2013 2014 M-3 M-4 M-5 M-6 T-3 T-4 T-5 T-6

52

53


Download ppt "THE FOLLOWING IS INTENDED TO OUTLINE OUR GENERAL PRODUCT DIRECTION"

Similar presentations


Ads by Google