SUSE Linux Enterprise Server for System z - CAVMENcavmen.org/suse-cavmen-update-2016.pdfSUSE ®...
Transcript of SUSE Linux Enterprise Server for System z - CAVMENcavmen.org/suse-cavmen-update-2016.pdfSUSE ®...
SUSE Linux Enterprise Server for System zSUSE Update for CAVMEN 2016
Don VosburgSystems Engineer
2
SUSE and IBM z Systems – 15 Years!
3
Open Mainframe Projecthttps://www.openmainframeproject.org/
Collaborative project operating within the Linux Foundation• focal point for deployment
and use of the Linux OS in a mainframe computing environment
• increase collaboration across the mainframe community
• developed shared tool sets and resources
• teaching and educating the mainframe Linux engineers and developers of tomorrow
SUSE is a Founding and Platinum Member of OMP
4
Increaseuptime
Improve operational efficiency
Accelerateinnovation
The advanced foundation for your success
A highly reliable, scalable and secure server operating system, built to power physical, virtual and
cloud-based mission-critical workloads.
SUSE Linux Enterprise
5
SUSE® Linux Enterprise Server 12
Life Cycle Model
General Support Extended Support
Year 1 Year 2 Year 3 Year 4 Year 5 Year 6 Year 7 Year 8 Year 9 Y 10 Y 11 Y 12 Y 13
GA LTSS
SP1 LTSS
SP2 LTSS
SP3 LTSS
… … … …SPn LTSS
13-year lifecycle‒ 10 years general support‒ 3 years extended support
Long Term Service Pack Support (LTSS)‒ Available for all versions, including GA‒ Up to 3 years extended support
Different Lifecycle forDesktop and Modules.Dates subject to change.
6
SUSE Linux Enterprise
Lifecycle & Codestreams
2011 2012 2013 2014 2015 2016
SLE10
SLE 11
SLE 12
SP4
SP2
GA
SP3
SP1 SP2
13-year lifecycle
For SLES 11 and SLES 12,10 years general support,+3 years Long Term Support
SUSE Linux Enterprise 12
Long Term Service Pack Support for every Service Pack
Tentative – Dates subject to change
SP4
EoL 31 Jul
SUSE Linux Enterprise 12Platform Recap
8
Grub 2 Boot Process
16432: Linux Bootloaders on System z (M.Kraft)https://share.confex.com/share/124/webprogram/Session16432.html
9
Improve Operational Efficiency
Systemd: System/Service Manager
• Init Replacement‒ Bring up system and start services
‒ Integrate system wide ulimit settings and Cgroups
‒ Activation via Socket and d-bus
‒ Command line “systemctl”
• Compatibility with SystemV init scripts‒ Provide infrastructure for existing ISV applications
‒ LSB compatibility
• SUSE specific usability enhancements‒ Keep insserv, chkconfig and /sbin/service
‒ Old style (calling “rc...”) redirected to systemctl
‒ LSB compatibility for targets like $network...
10
Improve Operational Efficiency
Network Management – Wicked
• Goal‒ Cope with increasingly complex configurations
‒ Data Center and End Users
• Benefit ‒ Network configuration as a service
‒ Smooth adoption & migration
‒ Technical Attributes
• Architecture-independent‒ Extensible
‒ Small footprint
‒ Event based
11
SUSE Linux Enterprise 12
Modules
• Components of SUSE Linux Enterprise‒ Flexible lifecycle (different from the base product)
‒ Delivered on-line
‒ Fully supported
• List of modules‒ Web and Scripting
‒ Legacy
‒ Toolchain
‒ Public Cloud
‒ Advanced Systems Mgmt
12
SUSE Linux Enterprise 12 SP1
Modules
Name Content Life cycle Agility %
Legacy Sendmail, old IMAP, old Java Until 09/2017 0
Web and Scripting
PHP, Python.Future: Node.js, Ruby on Rails
3 years; overlap:18 month
60
Toolchain GCC Yearly delivery 90
Advanced Systems Management
“Machinery”cfengine, puppet
Continuous Integration
90-100
Public Cloud Initialization code and tools Continuous Integration
100
Containers Docker, Tools, Images Continuous Integration
100
What's New withSUSE® Linux Enterprise Server
for System z 12Service Pack 1
14
SUSE® Linux Enterprise Server for System z 12 SP1• z exploitation‒ IBM KVM support
‒ z13, zEC12, zBC12, z/VM 6.3, zBX support
‒ z196 EC, z114 BC support
‒ zPDT 1.6 support
‒ http://www.ibm.com/systems/z/os/linux/resources/testedplatforms.html
• Innovations at a glance‒ Enable z13 exploitation by kernel and tool chain enhancements (SIMD, SMT)
‒ Refresh of crypto hardware and software support
‒ Networking and OFED support enhancements
‒ s390-tools and performance monitoring updated
‒ zEDC support (hardware accelerated data compression)
‒ Update to IBM Java 8
15
SUSE® Linux Enterprise Server for System z 12 SP1 s390x Specific Enhancements
• z13 exploitation‒ SMT and SIMD support for the kernel
‒ SIMD register file load / store support
‒ SLES Toolchain Modul update including gcc 5.1 (pending)
‒ LLVM optimizations (add SIMD instructions)
‒ Added (upstream) improvements for gcc 4.8 (system compiler)
‒ Enhanced perf tool to capture performance data from z13
• Networking‒ OSA-Express5s Support
‒ Auto port scan resiliency – lower zfcp port rescan impact
‒ Display Switch Port Mode (s390-tools, VEPA)
‒ Query OSA Address Table - gather / display OSA and TCP/IP configuration
16
SUSE® Linux Enterprise Server for System z 12 SP1 s390x Specific Enhancements
• Crypto‒ Crypto Express5S (CEX5S) support
‒ In-kernel crypto: DRBG (Deterministic Random Bit Generator) support
• Storage‒ Support for concurrent Flash MCL updates
‒ MD mirror solution: disk mirroring with real-time enhancement for System z (RAID10 ECKD / (later: zFCP))
• Misc‒ PCI infrastructure enablement and integration (OFED)
‒ zEDC (hardware accelerated compression / decompression)
17
SUSE® Linux Enterprise Server for System z 12 SP1 Generic Enhancements
• Package and repository management‒ Zypper can now display locked packages
‒ Repository xml-based rpm metadata with sha256 checksums
• Documentation‒ Open vSwitch documentation
‒ Extensive documentation for Modules
‒ Storage and partitioning best practices
‒ Tickless Idle Best Practices – how to look for programs waking up the system on a regular base
18
Support for KVM for IBM z Systems
• Kernel Based Virtual Machine‒ KVM (for Kernel-based Virtual Machine) is a virtualization
solution for Linux on x86, POWER and z/Architecture hardware.
‒ KVM for IBM z Systems is IBM's offering for z based on KVM, and will be supported by SUSE Linux Enterprise Server 12 SP1 and successors
‒ Lowers the entry barrier for non-mainframe, but Linux skilled users to explore hardware and virtualization options of the mainframe
‒ First: SUSE Linux Enterprise Server 12 SP1 and successors supported by SUSE to run on KVM for zhttp://www.ibm.com/systems/z/solutions/virtualization/kvm/
‒ https://www.suse.com/company/press/2015/suse-easing-linux-on-the-mainframe-with-kvm-for-ibm-z-systems-support.html
19
IBM z Systems familyIBM z13 IBM zEC12 IBM zBC12
z/OSz/OS
z/TPFz/TPF
z/VSEz/VSE
z/VMz/VM
Linux for z SystemsLinux for z Systems
KVM for IBM z SystemsKVM for IBM z Systems
20
IBM z Systems Virtualization Options
IBM z Systems now has three strategic virtualization platforms • IBM z/VM• IBM Processor
Resource/System Manager (PR/SM)
• KVM for IBM z Systems
Divide one physical server into up to 85 logical partitions (LPAR) running a mix of multiple z/OS, z/VM, Linux, KVM for IBM z, Transaction Processing Facility (TPF) and z/VSE instances isolated and secured in parallel. Share resources across LPARs or dedicated to a particular LPAR. Running a mix of multiple z/OS, z/VM, Linux, TPF, KVM for IBM z and z/VSE instances isolated and secured in parallel.
PR/SM
KVM for IBM z provides an open source choice for IBM z Systems virtualization for Linux workloads. Best for clients that are not familiar with z/VM and are Linux centric admins.
z/Proprietary Server Virtualization that is completely integrated into the full stack. Complete hardware awareness. Supported on all IBM z Systems servers. z/VM will continue to be enhanced to support Linux Workloads. z/VM
21
SUSE® Linux Enterprise Server for System z 12 SP1 s390x Specific Enhancements
• KVM enhancements‒ Creation of initrds to boot from virtio-block devices
‒ Long name support for Linux guests
‒ Documentation enhancement
‒ Query host performance metrics from within VM (vhostmd / vm-dump-metrics)
22
SUSE® Linux Enterprise Server for System z 12 SP1
23
SUSE® Linux Enterprise Server for System z 12 SP1
• Docker‒ Support for z with Docker Modul update Eo2015
‒ Runtime and infrastructure to create SLE Docker images
‒ YaST interface for Docker
24
• Benefits using Docker‒ Fast: performance = bare metal speed
‒ Flexible: put a system or application into a container
‒ Ship Docker images, not VMs: SUSE Linux Enterprise Server 11 SP4 and SUSE Linux Enterprise Server 12 SP1
• Better integration and management of Containers‒ Uses libvirt-lxc framework
‒ Same management layer as KVM and XEN
‒ Allows for integration with SUSE® Manager and SUSE OpenStack Cloud
‒ Unified tooling, independent of the “virtualization” mechanism
• SELinux and AppArmor support and LXC
• Filesystem copy-on-write (btrfs integration)
Docker Containers
25
openQA
• Automated test infrastructure
• Used by openSUSE® and SUSE® Linux Enterprise
• Ability to test various code paths / installation options
• Basic concepts: “jobs”, “needles” (png + json)
• Output: log files, pictures, video
https://en.opensuse.org/openSUSE:OpenQA
26
SUSE® Linux Enterprise 12 SP1
Systems Management Today
• Unattended migration reduces cost and downtime• SUSE Linux Enterprise 11 SP3 to SUSE Linux Enterprise 11 SP4
• SUSE Linux Enterprise 11 SP3 to SUSE Linux Enterprise 12
• SUSE Linux Enterprise 11 SP4 to SUSE Linux Enterprise 12
• SUSE Linux Enterprise 11 SP4 to SUSE Linux Enterprise 12 SP1
• SUSE Linux Enterprise 11 SP4 to SUSE Linux Enterprise 12 SP2
• SUSE Linux Enterprise 12 to SUSE Linux Enterprise 12 SP1
• SUSE Linux Enterprise 12 SP1 to SUSE Linux Enterprise 12 SP2
• Example: http://www.suse.com/documentation/sles11/book_sle_deployment/?page=/documentation/sles11/book_sle_deployment/data/cha_update_auto.html
• Note: migration from SUSE Linux Enterprise Server 11 requires system restart with SUSE Linux Enterprise Server 12
‒ Shutdown SUSE Linux Enterprise Server 11 based system
‒ Boot / IPL with SUSE Linux Enterprise Server 12 system
‒ Update SUSE Linux Enterprise Server 11 → 12 system on disk (pool + updates)
‒ Reboot to SUSE Linux Enterprise Server 12 system
27
SUSE® Linux Enterprise 12
Advanced Systems Management
28
Goal
– Cope with increasingly complex configurations
– Data Center and End Users
– Benefit
• Network configuration as a service
• Smooth adoption & migration
Technical Attributes
– Architecture-independent
– Extensible
– Small footprint
– Event based
Improve Operational Efficiency
Network Management – Wicked
TUT7562: Networking—It's a Wicked World http://www.susecon.com/doc/2014/sessions/TUT7562.pdf
29
Rollback to a good state with one click for faster recovery from planned or unplanned downtime
Support for service pack rollback
Support for kernel upgrade
Based on btrfs and Snapper, bootloader integration
Increase Uptime
Full System Rollback
30
Increase Uptime
Service Availability with Clustering
SUSE Linux Enterprise High Availability Extension– Meet Service Level Agreements
– Increase service availability for mission-critical systems and data
– Enable rolling software updates
– Quickly and easily install, configure and manage clustered Linux servers
– Transparent to Virtualization – nodes can be virtual, physical or mixed! Integrated with SUSE Linux Enterprise Server
Geo Clustering for SUSE Linux Enterprise High Availability Extension
– Business continuity, anywhere in the world
31
Local Cluster For Rolling Updates
SLESSLE HA
SLESSLE HA
SLESSLE HA
SLESSLE HA
Clients
32
• Service Failover
• Cluster File System
• Clustered Samba
• Virtualization Agnostic
• Support for x86, x86-64, IBM Power,IBM z Systems
• Network Load-Balancer
• Data Replication
• Node Recovery
• Unlimited Geo Clustering
FeaturesSUSE® Linux Enterprise High Availability
33
Geo Cluster – Setup
Site A Site B
(Arbitrator)
boothd
Node 1 Node 2 Node 7 Node 8
Site C
boothd boothd
34
Increaseuptime
Improve operational efficiency
Accelerateinnovation
The advanced foundation for your success
SUSE Linux Enterprise 12
SUSE Manager on System z
36
SUSE® Manager for System z
Security Patch Audithttps://www.suse.com/products/suse-manager/
37
Installing SUSE Manager on z Systems
• Delivered as virtual appliance running on EDEV
• Minimum hardware requirements:‒ 10 GB EDEV
‒ 5 GB Memory
‒ Additional disk space depending on repositories needed
‒ Network connection
38
Installing SUSE Manager on z Systems
• Installation process is:‒ Retrieve appliance image
‒ Start a SLES12 installation system
‒ Dump image to disk
‒ Create parameter file on 191 disk
‒ IPL disk
‒ Login to the appliance with ssh and finalize the configuration
• Detailed description found in documentation:
https://www.suse.com/documentation/suse_manager/book_susemanager_install/data/art_suma_install_zsystems.html
39
Adding systems to managePreparation / Running system
• Activation key‒ Access token
‒ Defines
‒ the system's role
‒ Software channels
‒ Packages
‒ Configuration channels
• Bootstrap‒ Activation key
‒ Upload software and hardware profile
‒ adapt configuration (opt.)
Thank you.
40
Consolidate. Reduce Complexity.Save On Costs and Efforts.
www.suse.com/products/systemzwww.suse.com/promo/zsystems/database-consolidation/
Corporate HeadquartersMaxfeldstrasse 590409 NurembergGermany
+49 911 740 53 0 (Worldwide)www.suse.com
Join us on:www.opensuse.org
41
42
Accelerate Innovation
Hardware 64-bit
• 64-bit hardware is the future‒ 64-bit kernels only
‒ Execution of 32-bit applications fully supportedvia 32-bit execution environment on top of 64-bit kernel
• Virtualization‒ KVM, Xen, z/VM, LPAR support (depends on architecture)
‒ 64-bit host; 64-bit and 32-bit guests
• Hybrid Computing‒ Platform specific workloads, GPUs, special purpose PUs
• Device Driver Innovation‒ SUSE Solid Driver Program (SSDP)
43
Improve Operational Efficiency
Installer – Workflow
Reboot
SUSE Linux Enterprise 12
Install without updates
Services
Install with updatesNetwork Register
Reboot
Installation Setup
Installation Setup
Log-in
Log-in
SUSE Linux Enterprise 11
Wait
Wait
Reboot Network UpdateRegister Wait
44
Improve Operational Efficiency
SUSE® Customer Center
45
Network – IPv6
Status
• System Installation & Patching over IPv6
• Broad range of service prepared and tested
•
Ongoing
• IPv6 compatibility and certification (USGv6)‒ https://www.iol.unh.edu/services/testing/ipv6/usgv6tested.php
‒
Benefits
• Deploy and use in pure IPv6 environment
• Scale networks beyond IPv4 limitations
• Answer compliance needs
46
SUSE® Linux Enterprise 12
Filesystem Recommendations
Type?
New Filesystem?
Purpose?
Snapshots?Snapshots?
ext3|4xfs
btrfs
OS Data
No
Yes
Yes
Convert
No
ext2/3/4
xfs
reiserfs
Yes
No
Note: the conversion to btrfs from ext2/3 leaves a copy of the old file system which should be deleted at some point
47
Btrfs – Functionality – Maturity
Today Future
Copy on Write Inode Cache
Snapshots Auto Defrag
Subvolumes RAID
Metadata Integrity Compression
Data Integrity Send / Receive
Online metadata scrubbing Hot add / remove
Manual Defragmentation Seeding devices
Manual Deduplication Multiple Devices
Quota Groups “Big” Metadata
48
Technology Overview
Subvolume
Normal Filesystem With Subvolumes
/
/opt
/usr
FSTREE FSTREE
SubVols/ /usr /opt
49
YaST2 Management
50
Btrfs Disk Space And Extents
# btrfs filesystem df /Data: total=14.50GB, used=12.20GBSystem, DUP: total=8.00MB, used=12.00KBSystem: total=4.00MB, used=0.00Metadata, DUP: total=1.75GB, used=904.11MB
# df h /Filesystem Size Used Avail Use% Mounted on/dev/sda7 20G 14G 4.3G 77% /#
Disk utilization12,2GB + 2x 0,9GB + = 14 GB
51
Increase Uptime
Query: Ready for Live Patching
• SUSE Linux Enterprise Live Patching‒ Live patching for the kernel is designed and developed by SUSE Labs
‒ Ease of use: Builds on well-known update processes
• Use Cases‒ Mission-critical systems: Improve general availability and run until the next
“maintenance window”
‒ Massive, time-critical deployment
• Advantage‒ Works with zero execution interruption
‒ Other implementation stop the whole system (milliseconds to seconds range) when patching
• Read more at: https://www.suse.com/products/live-patching/
52
Why Live Patching ?
• Common tiers of change management:
1) Incident response – (we're down, actively exploited …)
2) Emergency change – (we could go down, are vulnerable …)
3) Scheduled change – (time is not critical, we keep safe)
• Live patching fits in with 1 and 2
• Rebooting a 1000 servers is not a quick way to fix a pressing issue and also carries the risk of them not coming up for other reasons
• Live patching allows quick response and leaving an actual update to a scheduled downtime window
https://www.suse.com/promo/kgraft.html
53
Link Summary
• 16418: Features of SUSE Linux Enterprise Server for System z (M.Kraft) https://share.confex.com/share/124/webprogram/Session16418.html
• 16432: Linux Bootloaders on System z (M.Kraft)https://share.confex.com/share/124/webprogram/Session16432.html
• 16451: systemd, the Wave of the Future (M.Post)https://share.confex.com/share/124/webprogram/Session16451.html
• TUT7562: Networking—It's a Wicked World (O.Kirch)http://www.susecon.com/doc/2014/sessions/TUT7562.pdf
• TUT7988: SUSE Linux Enterprise 12—Modules, Cores and BuildServiceshttp://www.susecon.com/doc/2014/sessions/TUT7988.pdf
• 16431: KVM for System z (M.Post)https://share.confex.com/share/124/webprogram/Session16431.html
• 16427: Introduction to KVM for z/VM Lovers (M.Schwidefski / C.Erhardt)https://share.confex.com/share/124/webprogram/Session16427.html
54
SUSE® Linux Enterprise
Documentation and Release Notes
• Product Pages– https://www.suse.com/products/systemz/
– http://www.suse.com/products/highavailability/
– https://www.suse.com/products/highavailability/geo-clustering/
• Unix to Linux Migration– http://www.suse.com/solutions/enterprise-linux-servers/unixtolinux.html
• Documentation– http://www.suse.com/documentation/
• Release Notes– http://www.suse.com/releasenotes/
55
http://www.suse.com/lifecycle/
56
Life Cycle and Policies
General Support Extended Support
Years1-5
Years6-7
Years8-10
Years 11-13
Self Support Yes Yes Yes Yes
Maintenance Patches Yes Yes Yes 1, LTSS 2
Technical Support Yes Yes Yes 3, LTSS 4
Security Patches Yes Yes Yes LTSS 5
Defect Resolution Yes Yes Limited6 LTSS 7
Service Packs Yes Yes No No
Additional Hardware Enablement and Software Enhancements
Yes Limited8 No No
Source: https://www.suse.com/support/policy.html
1 Access to previously released patches with an active subscription.2 Access to patches for earlier product versions possible with optional Long Term Service Pack Support (LTSS).3 Limited migration and configuration assistance provided with standard or priority subscription.4 More comprehensive installation, migration, configuration and break fix technical support available with optional LTSS.5 Only available with LTSS.6 Limited to severity level 1 and 2 defects.7 Only available with LTSS. Limited to severity level 1 and 2 defects.8 Discretionary, based on customer and partner requests.
57
SUSE® Linux Enterprise 12 SP1
Kernel Capabilities
CPU bits 64 64 64
max. # logical CPUs 8192 64 2048
>1PiB/64 TiB 4 TiB/256 GiB 1 PiB/64 TiB
max. user-/ kernelspace 128 TiB/ 128 TiB φ/φ 2 TiB/2 EiB
max. swap space up to 29 * 64 GB (x86_64) or 30 * 64 GB (other arch.)
max. #processes 1048576
max. #threads per process
FD_SETSIZE 1024
max. size per block device Up to 8 EiB on all 64-bit architectures
Supported on certified hardware only
max. RAM(theoretical/certified)
Maximum limit depends on memory and other parameters (Tested with more than 120000).
58
SUSE® Linux Enterprise 12 SP1
Major Linux (local) Filesystems
Feature ext 2/3 reiserfs xfs ext4 btrfsData/Metadata Journaling •/• •/• •/• CoWJournal internal/external •/• •/• •/• •/• CoWOffline extend/shrink •/• •/• •/• •/•Online extend/shrink •/•Inode-Allocation-Map table u.B*-tree B+-tree table B-treeSparse Files • • • • •Tail Packing ○ • ○ ○ •Defrag ○ ○ • • •ExtAttr / ACLs •/• •/• •/• •/• •/•Quotas • • • • Subvol.max. Filesystemsize 16 TiB 16 TiB 8 EiB 1 EiB 16 EiBmax. Filesize 2 TiB 1 EiB 8 EiB 1 EiB 16 EiB
○/•
○/○
•/○ •/○ •/○ •/○
Default Filesystemfor the data
Default Filesystemfor the OS
SUSE Linux Enterprise 12The Technology
60
SUSE® Linux Enterprise Server for System z 12
What's New - Overview
• Architecture Level Set for z/Architecture‒ zarch=z196 - GCC to use instruction set of z196
‒ mtune=zEC12 - GCC to use instruction scheduling of zEC12
‒ Kernel, user land, applications
• IBM zEnterprise exploitation continued‒ z13, zEC12, zBC12, z/VM 6.3, z196 EC, z114 BC support
‒ zBX support (blade center extension)
• Improved RAS tools and System z specific support‒ Dump to zfcp/SCSI partition
‒ CryptoExpress4 support
‒ Disk mirroring with RT enhancement (DASD/mdadm)
61
SUSE® Linux Enterprise Server for System z 12
What's New - Overview
• Transactional Memory support‒ Kernel, GCC, binutils
‒ Allow kernel and applications to improve performance
• STT_GNU_IFUNC support‒ Glibc, binutils, GCC
‒ Provide multiple versions of the same function in a library
‒ Performance improvements for selected library functions on newer hardware
‒ Transparent for ISV applications
62
SUSE® Linux Enterprise Server for System z 12
Accelerate Innovation
• Cryptographic acceleration support‒ Latest hardware and crypto stack (incl. PKCS#11 (EP11)
‒ New dedicated installation pattern
‒ Support of SHA-256 algorithm and CPACF MSA4 extensions
• Support transparent large pages‒ Potential speedup for applications that access large amounts
of memory
• src_vipa: IPV6 enablement‒ Virtual IP address migration now available for IPv6 networks
63
SUSE® Linux Enterprise Server for System z 12
Increase Uptime
• Disk mirroring with real-time enhancements‒ Continuous operation in case of temporary disk storage unit
timeout
• PCHID mapping ‒ PCHID to CHPID mapping speeds up problem root cause
determination
• Concurrent FLASH MCL updates‒ Perform concurrent mircocode updates for build-in Flash
Express devices during operation
64
SUSE® Linux Enterprise Server for System z 12
Improve Operational Efficiency
• Simple configuration of large amounts of disks‒ Restructured UI and workflow
• Improve performance of dasdfmt ‒ Format in parallel and speed up single volume format
• Multiple netiucv paths between z/VM guests‒ More throughput and redundancy
• Query OSA Address Table ‒ Gather and display OSA and TCP/IP configuration
• Optimized compression library zlib ‒ Faster: installation of system and packages, java class decompression,
compressed backups, pdf generation, etc
65
cgroups - Resource Control
Consider a large university server with various users - students, professors, system tasks etc. The resource planning for this server could be along the following lines:
CPUsTop cpuset (20%)
/ \
CPUSet1 CPUSet2
| |
(Profs) (Students)
60% 20%
MemoryProfessors = 50%
Students = 30%
System = 20%
Disk I/OProfessors = 50%
Students = 30%
System = 20%
Network I/OWWW browsing = 20%
/ \
Prof (15%) Students (5%)
Network File System (60%)
Others (20%)
Source: /usr/src/linux/Documentation/cgroups/cgroups.txt
66
Tools Onboard
cgroups – Resource Control
A system administrator can provide a list of devices that can be accessed by processes under cgroup
‒ Allow/Deny Rule
‒ Allow/Deny : READ/WRITE/MKNOD
Limits access to device or file system on a device to only tasks in specified cgroup
Source: http://jp.linuxfoundation.org/jp_uploads/seminar20081119/CgroupMemcgMaster.pdf
•
What's New withSUSE® Linux Enterprise Server
for System z 11 SP4
68
SUSE® Linux Enterprise Server for System z 11 SP4
• z support continued ‒ z13, zEC12, zBC12, z/VM 6.3, zBX support
‒ z196 EC, z114 BC, z10 EC, z10 BC, z9 EC, z9 BC, support
‒ http://www.ibm.com/systems/z/os/linux/resources/testedplatforms.html
• Improvements at a glance‒ s390-tools and performance monitoring updated
‒ OFED introduction
‒ Crypto support refresh
‒ Networking enhancements
‒ Update to IBM Java 7.1
69
SUSE® Linux Enterprise Server for System z 11 SP4 Generic Enhancements
• Package and repository management‒ Zypper can now display locked packages
‒ Repository xml-based rpm metadata with sha256 checksums
• Miscellaneous‒ Kernel: MCS mutex support (scalabilty)
‒ Updated btrfs tools (latest level)
‒ sha256 in cryptsetup's luksFormat command (more secure)
‒ sshd X11 forwarding with IPv6
‒ ltrace is now multi-thread capable
70
z Exploitation
• OpenFabrics Enterprise Distribution (OFED™)‒ Open-source software for RDMA and kernel bypass
applications
‒ Support for RoCE Express Card (Infiniband)
• Crypto Express 4S‒ Device Driver Exploitation for EP11 and libica update
• Networking‒ QETH: Display Switch Port Mode
‒ SRC_VIPA IPv6 enablement
71
z Exploitation
• Refresh IPL code‒ Improve maintainability
‒ New keywords for cio_ignore for IPL and Console device
‒ snIPL interface to control dynamic CPU capacity
• Performance monitoring‒ Sampling of CPU cycles
‒ Basic sampling - snapshot of various PSW bits and instruction address at specific time interval
‒ Support for raw sample data - sampling data made available to the perf program that be used/posted by external applications
‒ Support for diagnostic sampling - provides a snapshot of hardware-model dependent information
72
Subscription Management ToolOverview
SMT is a proxy and auditing tool that mirrors the Customer Center and tightly integrates with it.
It allows you to accurately register and manage an entire SUSE® Linux Enterprise deployment, guaranteeing the subscription compliance and secure IT process flow organizations require.
Customer's Network
SMT
CustomerCenter
Unpublished Work of SUSE LLC. All Rights Reserved.This work is an unpublished work and contains confidential, proprietary and trade secret information of SUSE LLC. Access to this work is restricted to SUSE employees who have a need to know to perform tasks within the scope of their assignments. No part of this work may be practiced, performed, copied, distributed, revised, modified, translated, abridged, condensed, expanded, collected, or adapted without the prior written consent of SUSE. Any use or exploitation of this work without authorization could subject the perpetrator to criminal and civil liability.
General DisclaimerThis document is not to be construed as a promise by any participating company to develop, deliver, or market a product. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. SUSE makes no representations or warranties with respect to the contents of this document, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. The development, release, and timing of features or functionality described for SUSE products remains at the sole discretion of SUSE. Further, SUSE reserves the right to revise this document and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. All SUSE marks referenced in this presentation are trademarks or registered trademarks of Novell, Inc. in the United States and other countries. All third-party trademarks are the property of their respective owners.