oracle solaris simple, flexible, fast: virtualization in 11.3
TRANSCRIPT
Copyright©2016, Oracleand/oritsaffiliates.Allrightsreserved.|
Simple,Flexible,Fast:Virtualizationin11.3
DuncanHardie – PrincipalProductManagerEdwardPilatowicz – SeniorPrincipalSoftwareEngineerOracleSolarisJune14,2016
Copyright©2016 Oracleand/oritsaffiliates.Allrightsreserved.|
SafeHarborStatementThefollowingisintendedtooutlineourgeneralproductdirection.Itisintendedforinformationpurposesonly,andmaynotbeincorporatedintoanycontract.Itisnotacommitmenttodeliveranymaterial,code,orfunctionality,andshouldnotberelieduponinmakingpurchasingdecisions.Thedevelopment,release,andtimingofanyfeaturesorfunctionalitydescribedforOracle’sproductsremainsatthesolediscretionofOracle.
3
Copyright©2016 Oracleand/oritsaffiliates.Allrightsreserved.| 4
SolarisVirtualizationvs.theCompetitionOSandVirtualization– EngineeredTogether
RHEL Native Zone or Kernel Zone
VMware
HP
TraditionalHypervisorsSeparate,isolated,slow
NativeZones,KernelZonesEngineered, performant, robust, secure
Oracle Solaris Host OS
Hardware
DeepIn
tegration
Softw
areinSilicon
Copyright©2016 Oracleand/oritsaffiliates.Allrightsreserved.|
OracleSolarisVirtualizationAdvantagesReadonly,lockeddownvirtualizationwithcomplianceprotectsagainstattacks/errors
CostEfficient
CloudBase
Secure
Fullyintegrated,flexible,cloudreadysolutionsignificantlyreducesadminoverhead
Allresourcesusedefficiently, intimatesharingfordynamicworkloads,scaleupandscaleout
Builtin,noadditionalcost,nooverheadvirtualization,deliversmostefficientinfrastructurelicenseuse
Optimized
Copyright©2016 Oracleand/oritsaffiliates.Allrightsreserved.|
VirtualizationTypes
6
Flexibility Isolation
LDoms
Hardware
Kernel Kernel
OVMServerforSPARC
FUSION APPLICATIONS DATABASE
Kernel
NativeZone
Hardware
S10Zone
Kernel
KernelZone
OracleSolarisZones
FUSION APPLICATIONS DATABASE FUSION APPLICATIONS
LDoms
PDOM
Kernel Kernel
LDoms
PDOM
PhysicalDomains
FUSION APPLICATIONS DATABASE
Copyright©2016 Oracleand/oritsaffiliates.Allrightsreserved.|
OVMServerforSPARC
DeployAndMoveBetweenVirtualizationTypes
UNPRECEDENTEDFLEXIBILITY
UnifiedArchive
• NoVirtualization“lock-in”
• Evenmovebacktobaremetal
• MovefromDevelopmenttoTesttoProductionwithconfidence
OracleSolaris
Solaris Zone
DATABASE
OracleSolaris
DATABASE
OracleSolaris
DATABASE
7
Copyright©2016 Oracleand/oritsaffiliates.Allrightsreserved.|
OracleSolarisGlobalZone
Admin
OracleSolarisZones• UsedbyalmosteverySolariscustomer
• Direction:the“cloudspace”ismovingtowardsOSvirtualization
• From11.2allappsshouldberunninginsideazoneofsomekind
8
SolarisNativeZone
DEVELOPMENT
VSWITCH VSWITCH VSWITCH
SolarisNativeZone
PRODUCTION
SolarisKernelZone
PRODUCTION
Solaris10Zone
LEGACY
net0
net1
net2
net3
net0 net1 net0 net0 net0
ZBE3
NFS
ZBE1 ZBE2 ZBE3 ZBE4
ZBE1ZBE2
ZBE4
SAN
SRUCPU CPU CPU CPU
iSCSI
RAD Console
Copyright©2016 Oracleand/oritsaffiliates.Allrightsreserved.|
TheBestVirtualizationForCloud
HighestEfficiency• Avoidthevirtualizationtax• PowertheapplicationnottheTechnology
InstantResourceSharing• Bestapplicationperformanceprofile
• Isolateresourcesonlywhennecessary
TotalScalability• Nodropoffinperformance• Runalltypesofapplicationsinavirtualenvironment
9
Copyright©2016 Oracleand/oritsaffiliates.Allrightsreserved.|
KernelZones– theHybridHypervisor• KernelZonescanbeoptimizedunlikeanyothervirtualizationtechnology
• AsSolarisistheguest&hostthereistheopportunitytooptimize
• Optimizingmeans:– Betterperformance– Lesscrosshypervisorcalls
• AllwhilemaintainingtheresourcesharingofSolarisZones
10
Kernel
Hardware
KernelZone
Kernel
Traditional Accelerated
Copyright©2016 Oracleand/oritsaffiliates.Allrightsreserved.|
SecureLiveMigrationwithKernelZones• MoveKernelZoneswithoutoutage
– LivemigrateonSPARCandx86– Nodowntimehostmaintenance– Performloadbalancingacrossinfrastructure
– ForwardandbackwardcompatibilityforLiveMigrationmoves
–OracleSolaris11.3orlaterrequired
11
OracleSolarisOracleSolaris
Solaris11.3Zone Solaris11.3Zone
SAN
iSCSI NFS
Copyright©2016 Oracleand/oritsaffiliates.Allrightsreserved.| 12
Copyright©2016 Oracleand/oritsaffiliates.Allrightsreserved.|
• ImmutableZones– Readonlyvirtualization– AlsopossiblewithglobalzoneandOVMServerforSPARCguest
– Accessviaatrustedpath
• New- DynamicZonessetting,allowscreationofzones– VeryusefulforOpenstack Novanodes
• Readymade“templates”
13
Read-OnlyVirtualMachinesProtecttheApplicationInfrastructure
None Flexible Fixed D-Zone Strict
/, /usr, /lb,… Writeable ReadOnly ReadOnly ReadOnly ReadOnly
/etc Writeable Writeable ReadOnly ReadOnly ReadOnly
/var Writeable Writeable Writeable Writeable Read Only
other Writeable ReadOnly ReadOnly ReadOnly ReadOnly
Create Zone Yes No No Yes No
Copyright©2016 Oracleand/oritsaffiliates.Allrightsreserved.|
ZOSSforNFS• Morestoragetypessupported
– Asof11.3putKernelZonerootonNFSaswellasSAN/iSCSI
– Totalstoragetypeflexibility– Avoidconfigurationerrors–Massivelyreducenumberofconfigurationsteps(upto85%lesscommands)
14
NEW
OracleSolarisOracleSolaris
SAN
iSCSI NFS
SolarisNativeZone
PRODUCTION
SolarisKernelZone
PRODUCTION
SolarisNativeZone
PRODUCTION
SolarisKernelZone
PRODUCTION
Copyright©2016 Oracleand/oritsaffiliates.Allrightsreserved.|
AdjustWithoutServiceInterruptions• IndependentZoneversionswithKernelZones– Inplaceupdatesonsinglesystem– Simplertoco-ordinateoutagewindows
• Dynamicresourcerebalancing– Live reconfigurationchangesactiveinstances
– Respondinstantlytogrowth– Adddevices“onthefly”– AlsoavailableforKernelZones
15
50%REDUCTIONIN
PLANNEDOUTAGES
Copyright©2016 Oracleand/oritsaffiliates.Allrightsreserved.|
LiveZoneReconfigurationThreeWaystoMakeaChange
16
PermanentColdReconfiguration
Usezonecfgtomakechanges
Rebootzone
PermanentLiveReconfiguration
Usezonecfgtomakechanges
zoneadmapply
TemporaryLiveReconfiguration
zonecfg -r
Copyright©2016 Oracleand/oritsaffiliates.Allrightsreserved.|
ZoneResourceManagementImprovements• AssignZoneCPUresourcesbyCPUs,Cores,andSockets
• AppliestoZonesandResourcePools
• Usepsrinfo –t toshowsocket/core/cpu layout
• Makesconfiguringandcomplyingwithlicensehardpartitionrulesmucheasier
• Recognizedlicenseboundary
17
OracleSolaris
SolarisZone SolarisZone
CoreCore
SolarisZone
Core
CoreCore
Socket
Core
Copyright©2016 Oracleand/oritsaffiliates.Allrightsreserved.|
• Docker openplatformbeingbroughttoOracleSolarisZones
• OraclejoinsOpenContainerInitiative– createopenindustrystandards
• Accesstoenterpriseclasssecurity,resourceisolationandanalytics
Docker forOracleSolarisZones
18
OCI
“IntegratingDocker withOracleSolarisZoneswillbringamatureandprovencontainertechnologytoDocker environmentsrunninginenterpriseclassclouds”- NickStinemates,VicePresidentofBusinessDevelopment&TechnicalAlliancesforDocker
Copyright©2016 Oracleand/oritsaffiliates.Allrightsreserved.|
Docker andOracleSolarisCombined– PerfectPartnership• FamiliarDocker Experience
– Fastapplicationdevlifecycle– Hugeecosystemwithprovenbenefits
• LeverageOracleSolarisKeyFeatures– Secure,mature,built-invirtualization– Securevirtualstorage&network– Zerodowntimepatching,instantrollback– Secureremoteadministration&role-basedaccesscontrol
–Observability,configurationmanagement&audit
Security
ZFS
BEs
IPS
RAD
SMF
DTrace
N/workV12N
SOLARIS
19
Copyright©2016 Oracleand/oritsaffiliates.Allrightsreserved.|
OpenStack AcrossOracle’sPortfolio
HorizonCentralizedCloudManagement
ZonesandKernelZones
Nova/IronicSelf-ServiceCompute
andBareMetal
ElasticVirtualSwitchandOpenvSwitch
NeutronSoftwareDefined
Networking
ZFSFileSystem
Cinder/SwiftCloudScaleStorage
UnifiedArchives
Heat/GlanceMurano /Trove
PlatformasaService
BuiltintotheInfrastructure
20
Copyright©2016, Oracleand/oritsaffiliates.Allrightsreserved.| 21