Open Vision with IBM AIX 6.1 Apisit Sukprem Advisory IT Specialist STG, IBM (Thailand) • Strategic – Committed roadmap – Wide acceptance from key ISVs • Reliable – Dynamic configuration changes • Help reduce planned and unplanned outages – Integrated Logical Volume Manager + JFS2 • Easy to Manage – Policies for allocation of server resource using Workload Partitions – Create system images from pre-assembled templates with NIM – Role-based Access Control and Integrated Systems Console • High performance – Scalability Why AIX on POWER? “We’re going to continue to invest in AIX and continue to enhance it” – Ross Mauri, General Manager, Power Systems
29
Embed
Open Vision with IBM AIX 6 · Open Vision with IBM AIX 6.1 Apisit Sukprem Advisory IT Specialist STG, IBM (Thailand) ... WPAR Manager AIX. AIX Workload Partitions
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Open Vision with IBM AIX 6.1
Apisit SukpremAdvisory IT SpecialistSTG, IBM (Thailand)
• Strategic
– Committed roadmap
– Wide acceptance from key ISVs
• Reliable
– Dynamic configuration changes
• Help reduce planned and unplanned outages
– Integrated Logical Volume Manager + JFS2
• Easy to Manage
– Policies for allocation of server resource using Workload Partitions
– Create system images from pre-assembled templates with NIM
– Role-based Access Control and Integrated Systems Console
• High performance
– Scalability
Why AIX on POWER?
“We’re going to continue to invest in AIX and continue to enhance it” – Ross Mauri, General Manager, Power Systems
3
20+ Years of AIX Progress
Network CentricComputing
AIX V2 & V3Establishment in the market:- RISC Support- UNIX credibility- Open Sys. Stds..- Dynamic Kernel- JFS and LVM- SMIT
Broad application selectionReduced ComplexityPotential cost savings with consolidationLive Partition Mobility
Linux, AIX V5.3 and AIX V6.1
Binary compatible with existing applications on POWER6*Micro-PartitioningMainframe-inspired RAS features hardware and operating systemScalability up to 128 threads
AIX 5L V5.2/5.3
*Complete details on AIX binary compatibility can be found at http://www.ibm.com/servers/aix/os/compatibility/
5
Smooth Upgrade to AIX 6
• AIX 6 is binary compatible with AIX 5L– Current applications will continue to run
– Runs on POWER4, POWER5, POWER6
– Open beta will provide early access to AIX 6
– Binary compatibility letter from Ross Mauri –
• General Manager Power Systems
– Other compatibility activity planned
• No charge upgrade for current AIX 5L clients with SWMA– No additional out of pocket expense for clients
• Upgrade process– Tools like alt disk installation and NIM minimize client risk
6
AIX Binary Compatibility Guarantee
*Complete details on AIX binary compatibility can be found at http://www.ibm.com/servers/aix/os/compatibility/
7
AIX 6 Processor Support….AIX 6 will not support 32 bit hardware and older 64 bit hardware
Processors no longer supported:All 32-bit processors i.e. F50, E30, etc.RS64 family of servers i.e. S80, H80, M80, etc.POWER3™ servers i.e. p610, p640, etc.
Processors supported:POWER4POWER5POWER6
AIX 6 will support both 32-bit & 64-bit libraries & applicationsFull support for 32-bit applications
*Complete details on AIX binary compatibility can be found at http://www.ibm.com/servers/aix/os/compatibility/b
8
AIX 6 is binary compatible* with AIX 5L™It is named to reflect its unity with POWER6
MLS capabilities integrated into standard AIX product
One certification for 3 Protection Profiles
Supports P6, P5, P4
Legend
AIX V5.2AIX V5.3 AIX V6.1 VIOSPOWER6
Certification HistoryAIX 4.2 C2: Apr 24, 1997AIX 4.3 C2: May 6, 19987AIX 5.2 CAPP/EAL4+ : Nov 4, 2002POWER4 HW CAPP/EAL4+ : Apr 2003AIX 5.2 ML1 CAPP/EAL4+ : Sept 8, 2003AIX 5.2 ML6 CAPP/EAL4+ : Dec 14, 2005AIX 5.2 ML5 and Pitbull LSPP: May 16, 2006AIX 5.3 TL5 and Pitbull LSPP: May 16, 2006AIX 5.2 TL4 & VIOS CAPP/EAL4+: Dec 16, 2006POWER6: Dec, 2007AIX 6: May 26, 2008
VIOS EAL4+Included with AIX 53.00-04 CAPP/EAL4+
POWER6 Hardware EAL4Dynamic LPAR with MicroPartitioning
20
AIX 6.1 Role Based Access Control
• Improved Administrative Security– Improved security by reducing the need for
many root users
– Reduced administration cost thought delegation
Users Roles
DBA
PRINT
BACKUP
AIX Resources
Binary
Privilege XPrivilege YPrivilege Z
System Level Operations
aix
Improved Program SecurityAllows programs to do system level operations without running as root or having setuid root capabilityOnly allow program to perform restricted set of needed operations
devicefsnetworkprocrassecuritysystemwpar
bootconfiginstallstat
create “create boot image”Halt “halt the system”Info “display boot informationReboot “reboot the system”Shutdown “shutdown the system”
auth = aix.system.boot.create
21
AIX V6.1 Security Expert
Can reduce the cost and complexity of security administration by allowing federated management of security profiles across multiple servers
Enables a more secure IT infrastructure by reducing the effort of maintaining system security
“Check” functionality can provide additional security by validating that the security profile for each system matches the actual security settings
A centralized security management tool that can control over 300 security settings from a single console
Administrators can start from a “Low”, “Medium”, “High” or “Sarbanes-Oxley” security template and customize settings to met business requirements
Security settings can be exported and imported as a security profile to multiple systems
On AIX V6.1, security profiles can be stored in an LDAP directory for ease of distribution
AIX Security Expert was first included in AIX V5.3 TL5
AIX Security Expert Enhancements
•
• Single control point for over 300 AIX security settings
• Security settings can be exported and used by multiple systems via LDAP
“IBM’s AIX achieved the highest level of reliability, with
corporate enterprises reporting and average of only 36 minutes of downtime per server in a 12-month period”
Unsurpassed Reliability
0
1
2
3
4
5
6
7
8
9
AIX HP-UX Solaris Windows
Hours of downtime per year*
29
Kernel Space
User Space
Interim Fix
Concurrent update
vmmove() patchemgr
vmmove()
getgidx()
sleepx()
Non-disruptive fixes to executable code in a running AIX kernelBase AIX Kernel (/unix), kernel extension, or device driver
No downtime (reboot) required to apply fix and make it activeConcurrent updates will be packaged as Interim FixesMaintenance can be backed off without an outage
Fix selected AIX kernel problems without a service outage
vmmove()
AIX 6.1 Concurrent Maintenance
30
AIX V6.1 POWER6 Storage Keys
Can provide for higher AIX availability by reducing the
number of unplanned outages due to intermittent memory
overlay
Exploitation of a POWER6 processor hardware feature to provide additional isolation of kernel and application data
Storage keys can prevent invalid changes to memory cause by programming errors
Application use of POWER6 storage keys is enabled in AIX V5.3
AIX kernel exploitation of POWER6 storage keys is included in AIX V6.1
All statements regarding IBM's future direction and intent are subject to change or withdrawal without notice, and represent goals and objectives only.
UserCode
UserData
Files
WS DB2
KernelCode
KernelData
JFS2 LVM VMM . . . SCSI ENT FC
ApplicationAddress Space
AIX DriversAIX Kernel
UNIX Kernel Address Space
UserCode
UserData
Files
WS DB2
KernelCode
KernelData
JFS2 LVM VMM . . . SCSI ENT FC
ApplicationAddress Space
AIX DriversAIX Kernel
UNIX Kernel Address Space
UserCode
UserData
Files
WS DB2
KernelCode
KernelData
JFS2 LVM VMM . . . SCSI ENT FC
ApplicationAddress Space
AIX DriversAIX Kernel
AIX Kernel Address Space
UserCode
UserData
Files
WS DB2
KernelCode
KernelData
JFS2 LVM VMM . . . SCSI ENT FC
ApplicationAddress Space
AIX DriversAIX Kernel
AIX Kernel Address Space
After POWER6 Storage Keys
Before POWER6 Storage Keys
31
AIX 6.1 Dynamic Tracing With probevueDynamically extract information about a program as it is running
Trace existing programs without recompiling
Dynamic placement of trace probes without restarting the program
For debugging and performance analysis
AIX system calls, application functions, and application calls to library functions traceable
Dynamic tracing language called Vue
Initial support for “C” programs
#!/usr/bin/probevue/* countreads.v */
@@syscall.$1.read.entry {
count++;}@@interval.*.clock.100{
printf(“Number of reads = %d\n”, count);count = 0;
}
# countreads.v 404Number of reads = 22Number of reads = 0Number of reads = 1Number of reads = 17…..
Formatted I/O
User Kernel
Probe Location
User Process CodeSome thread
hits probe point (1)
Branches to probe code (2)
Probe code
(3)Returns to probe point
(4)
Thread continues
execution(5)
Trace Consumer
Trace Fileor
Trace Output
Trace Buffers
E-code
“Vue” probe code example
Manageability
NearContinuous Availability
Security
Virtualization
AIX 6: The Next Step in the Evolution of UNIX*
IBM Tivoli Monitoring – System Edition
Key Features• “Virtualization aware” health and
availability monitoring of multiple systems
• Monitoring support for AIX 5L and AIX 6.1, Virtual I/O Server, IVM, HMC and system (CEC)
• Quick Time to Value
• Topology display for graphical management
• One year of full support
Benefits• Single tool for monitoring
multiple System p components
• Visualization simplifies management of virtualized environments
• Upgrade to full Tivoli ITM product for even more capability http://www-306.ibm.com/software/tivoli/products/monitor-systemp/
Significantly enhances the manageability of AIX in virtualized environment by making available a no charge version of IBM Tivoli Monitoring with AIX
AIX
34
AIX V6.1 Systems Director Console for AIX
New web based management tool that provides easy access to common system administration tasksAdministrators can access Systems
Management Interface Tool (SMIT) menus from a browserGraphical user interface is fast and
consistent with IBM Systems Director look and feelAll necessary components for the
Console are included in AIXDistributed Command Execution
Manager (DCEM) feature of the Console allows an administrative task to run on multiple systems at once
Systems Director Console for AIX
Included with AIX Web access to SMITFast performanceIntegrated with IBM Systems Director
Included with AIX Web access to SMITFast performanceIntegrated with IBM Systems Director
AIX
WorkloadPartition
QA
WorkloadPartition
Data Mining
AIX Live Application Mobility
WorkloadPartition
App Server
WorkloadPartition
WebWorkloadPartition
Dev
Move a running Workload Partition from one server to anotherfor outage avoidance and multi-system workload balancing
Workload Partitione-mail
Works on any hardware supported by AIX 6, including POWER5 and POWER4
WorkloadPartitionsManager
Policy
WorkloadPartitionBilling
AIX AIX
38
AIX Editions
39
AIX Editions…..
•AIX 5.3 Management Edition bundle consisting of
–AIX V5.3
–Tivoli® Application Dependency Discovery Manager
–IBM Tivoli Monitoring
–IBM Usage & Accounting Mgr Virtualization Edition for Power Systems
AIX 6.1 Enterprise Management bundle consisting ofAIX V6.1PowerVM AIX Workload Partitions ManagerTivoli® Application Dependency Discovery ManagerIBM Tivoli MonitoringIBM Usage & Accounting Mgr Virtualization Edition for Power Systems
AIX Enterprise Edition
• A virtualization management bundle consisting of–AIX V6.1
–PowerVM AIX Workload Partitions Manager
–Tivoli® Application Dependency Discovery Manager
– IBM Tivoli Monitoring
– IBM Usage and Accounting Mgr Virtualization Edition for Power Systems
Features– Manage WPARs across multiple systems
– Live Application Mobility
– Discover IT components and their relationships
– Provides a visual representation of the components
– Monitor utilization and configuration changes
– Collect and report resource usage
AIX
Key capabilities of AIX Enterprise EditionLive Application Mobility
Relocate Workload Partitions between systems with almost no client impact
Manage WPARs across multiple systems
Centralize the creation, replication, and starting of WPARs across multiple systems
Automatically discover IT components and their relationships
Ideal for managing dynamic virtualized environments
Monitor virtualized resources
Efficient management begins with comprehensive performance information
Provides a visual representation of the components
Assists understanding of complex application dependencies
Monitor utilization and configuration changes
Useful for problem determination and failure analysis
Collect and report resource usage
Understand IT resource consumption by workload or area
AIX
42
Common Installation Console
ME for AIX Solution Components
43
IBM Tivoli Application Dependency Discovery Manager initiates and assists planning for consolidation by providing best-of-breed discovery capabilities
Discovers the COMPONENTS in a Data Center Environment
CENTRALIZES and VISUALIZES the CONFIGURATION of the Components in a Data Center Environment
Discovers the RELATIONSHIP of the Components in a Data Center Environment
DISCOVERS AND TRACKS THE CHANGESin a Data Center Environment
Can Feed this Information to other IBM Tivoli® Products
IBM Tivoli Application Dependency Discovery Manager (TADDM)
AIX Editions Solution Components: Discovery
44
System 1
TADDM discovery of Power System Topology via Hardware Management
Console (HMC)
Power System Discovery - Topology View
AIX Editions Solution Components: Discovery
45
Power System Discovery – Server details
AIX Editions Solution Components: Discovery
46
AIX Editions Solution Components: DiscoveryPower System Discovery – LPAR View
47
•IBM Tivoli Monitoring helps prioritize consolidation decisions by visualizing the actual virtual server utilization against historical trends. It automates a clients best practices in response to system events
– Improves mean-time-to-recovery byvisualizing the virtual world to solve“virtual performance problems”
– Side-by-side real-time and historical dataassists in separating intermittent problemsfrom reoccurring problems from peakworkloads
– Out-of-the-box reporting allowsclients to quickly provide executivelevel reports and identify resourcebottlenecks
AIX Editions– Monitoring IBM Tivoli Monitoring
IBM Tivoli Monitoring
48
Global CPU & Memory
allocation
Total CPU & Memory allocated to LPARs
Power System Monitoring – Hypervisor View
49
CPU, Memory, Disk, Network Info per LPAR
Power System Monitoring - AIX LPAR View
50
Shows how network
interfaces are mapped to
LPARS
Monitoring - VIOS View Network / Disk Mapping / Utilization
51
Power System Monitoring: Sample Heat Chart / CPU Utilization
52
• AIX Editions Solution Component – Virtualization Edition• Apportion usage by account, department or organization
– Accountability and usage tracking ensures optimized usage byeach department
– Easily forecast growth by department to justify year-to-year budgetchanges
• Single hardware system metrics and reports• Data collectors
– AIX, Linux® and AIX Advanced Accounting –• Processor, server, LPAR, I/O, and VIO
– OS File System – allocated and used• Usability – Power System tailored:
– Administration Console– JobRunner GUI
• Reporting– Business Intelligence Reporting Tool Reports– Reports will be provided, with aggregation by
userid within a given server
– “Pre-Defined” Accounting Schema– Export to spreadsheet, comma delimited, and CSB
IT Expenses by AccountIT Expenses by Account
Usage IBM Usage & Accounting Manager
53
Example of Resource Usage Trend report over a period of time
Available for AIX, AIX Advance Accounting, Linux
Power System Usage Trend Sample Reports
AIX
Innovative features for virtualization, security, continuous availability, and systems management