Konsolidace Oracle DB na systémech s procesory M7

Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |

Konsolidace Oracle DB na systémech s procesorem M7

Josef Šlahůnek Oracle Systems Sales Consulting [email protected] +420 602 731 728


Safe Harbor Statement

The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle.

3


Required Benchmark Disclosure Statement Must be in SPARC M7 Presentations with Benchmark Results

•Additional Info: http://blogs.oracle.com/bestperf •Copyright 2015, Oracle &/or its affiliates. All rights reserved. Oracle & Java are registered trademarks of Oracle &/or its affiliates.Other names may be trademarks of their respective owners

•SPEC and the benchmark name SPECjEnterprise are registered trademarks of the Standard Performance Evaluation Corporation. Results from www.spec.org as of 10/25/2015. SPARC T7-1, 25,818.85 SPECjEnterprise2010 EjOPS (unsecure); SPARC T7-1, 25,093.06 SPECjEnterprise2010 EjOPS (secure); Oracle Server X5-2, 21,504.30 SPECjEnterprise2010 EjOPS (unsecure); IBM Power S824, 22,543.34 SPECjEnterprise2010 EjOPS (unsecure); IBM x3650 M5, 19,282.14 SPECjEnterprise2010 EjOPS (unsecure).

•SPEC and the benchmark name SPECvirt_sc are registered trademarks of the Standard Performance Evaluation Corporation. Results from www.spec.org as of 11/18/2015. SPARC T7-2, SPECvirt_sc2013 3198@179 VMs; HP DL580 Gen9, SPECvirt_sc2013 3020@168 VMs; Lenovo x3850 X6; SPECvirt_sc2013 2655@147 VMs; Huawei FusionServer RH2288H V3, SPECvirt_sc2013 1616@95 VMs; HP ProLiant DL360 Gen9, SPECvirt_sc2013 1614@95 VMs; IBM Power S824, SPECvirt_sc2013 1371@79 VMs.

•SPEC and the benchmark names SPECfp and SPECint are registered trademarks of the Standard Performance Evaluation Corporation. Results as of October 25, 2015 from www.spec.org and this report. 1 chip resultsSPARC T7-1: 1200 SPECint_rate2006, 1120 SPECint_rate_base2006, 832 SPECfp_rate2006, 801 SPECfp_rate_base2006; SPARC T5-1B: 489 SPECint_rate2006, 440 SPECint_rate_base2006, 369 SPECfp_rate2006, 350 SPECfp_rate_base2006; Fujitsu SPARC M10-4S: 546 SPECint_rate2006, 479 SPECint_rate_base2006, 462 SPECfp_rate2006, 418 SPECfp_rate_base2006. IBM Power 710 Express: 289 SPECint_rate2006, 255 SPECint_rate_base2006, 248 SPECfp_rate2006, 229 SPECfp_rate_base2006; Fujitsu CELSIUS C740: 715 SPECint_rate2006, 693 SPECint_rate_base2006; NEC Express5800/R120f-1M: 474 SPECfp_rate2006, 460 SPECfp_rate_base2006.

•SPEC and the benchmark name SPECjbb are registered trademarks of Standard Performance Evaluation Corporation (SPEC). Results from http://www.spec.org as of 11/13/2015 and IBM announcement. SPARC T7-1 120,603 SPECjbb2015-MultiJVM max-jOPS, 60,280 SPECjbb2015-MultiJVM critical-jOPS;IBM Power S812LC 44,883 SPECjbb2015-MultiJVM max-jOPS, 13,032 SPECjbb2015-MultiJVM critical-jOPS; ; Cisco UCS C220 M4 97,551 SPECjbb2015-MultiJVM max-jOPS, 28,318 SPECjbb2015-MultiJVM critical-jOPS; SPARC T5-2 80,889 SPECjbb2015-MultiJVM max-jOPS, 37,422 SPECjbb2015-MultiJVM critical-jOPS; Oracle Server X5-2L 76,773 SPECjbb2015-MultiJVM max-jOPS, 26,458 SPECjbb2015-MultiJVM critical-jOPS; Sun Server X4-2 52,482 SPECjbb2015-MultiJVM max-jOPS, 19,614 SPECjbb2015-MultiJVM critical-jOPS; HP ProLiant DL120 Gen9 47,334 SPECjbb2015-MultiJVM max-jOPS, 9,876 SPECjbb2015-MultiJVM critical-jOPS.

•SPEC and the benchmark name SPEC OMP are registered trademarks of the Standard Performance Evaluation Corporation. Results as of October 25, 2015 from www.spec.org and this report. SPARC T7-4 (4 chips, 128 cores, 1024 threads): 27.9 SPECompG_peak2012, 26.4 SPECompG_base2012; HP ProLiant DL580 Gen9 (4 chips, 72 cores, 144 threads): 21.5 SPECompG_peak2012, 20.4 SPECompG_base2012; Cisco UCS C460 M7 (4 chips, 72 cores, 144 threads): 20.8 SPECompG_base2012.

• Two-tier SAP Sales and Distribution (SD) standard application benchmarks, SAP Enhancement Package 5 for SAP ERP 6.0 as of 10/23/15: SPARC T7-2 (2 processors, 64 cores, 512 threads) 30,800 SAP SD users, 2 x 4.13 GHz SPARC M7, 1 TB memory, Oracle Database 12c, Oracle Solaris 11, Cert# 2015050. IBM Power System S824 (4 processors, 24 cores, 192 threads) 21,212 SAP SD users, 4 x 3.52 GHz POWER8, 512 GB memory, DB2 10.5, AIX 7, Cert#201401. Dell PowerEdge R730 (2 processors, 36 cores, 72 threads) 16,500 SAP SD users, 2 x 2.3 GHz Intel Xeon Processor E5-2699 v3 256 GB memory, SAP ASE 16, RHEL 7, Cert#2014033. HP ProLiant DL380 Gen9 (2 processors, 36 cores, 72 threads) 16,101 SAP SD users, 2 x 2.3 GHz Intel Xeon Processor E5-2699 v3 256 GB memory, SAP ASE 16, RHEL 6.5, Cert#2014032. SAP, R/3, reg TM of SAP AG in Germany and other countries. More info www.sap.com/benchmark

4


6 Processors in 5 Years

Oracle’s Microprocessors

2013 2011 2010 2013 2013 2015

16 x 2nd Gen cores 4 MB L3 Cache

1.65 GHz

8 x 3rd Gen Cores 4 MB L3 Cache

3.0 GHz


3.6 GHz


3.6 GHz


3.6 GHz

32 x 4th Gen Cores 64 MB L3 Cache

4.13 GHz

SPARC T3 SPARC T4 SPARC T5 SPARC M5 SPARC M6 SPARC M7

Including Software in Silicon

• Silicon Secured Memory • Encryption Acceleration • Query Acceleration • More…

}

Today

5


• 32 SPARC Cores

• Fourth Generation CMT Core (S4)

• Dynamically Threaded, 1 to 8 Threads Per Core

• New Cache Organizations

• Shared Level 2 Data and Instruction Caches

• 64MB Shared & Partitioned Level 3 Cache

• DDR4 DRAM

• Up to 2TB Physical Memory per Processor

• 2X-3X Memory Bandwidth over Prior Generations

• Application Acceleration

• Real-time Application Data Integrity

• Data Base Query Offload Engines

• In-Memory Columnar Decompression at Full Bandwidth

• SMP Scalability from 1 to 32 Processors

• Technology: 20nm, 13ML

• Oracle SW Core Factor 0.5

SPARC M7 Processor

5

Extreme Performance CORE

CLUSTER

CORE

CLUSTER

CORE

CLUSTER

CORE

CLUSTER

CORE

CLUSTER

CORE

CLUSTER

CORE

CLUSTER

CORE

CLUSTER

AC

CE

LE

RA

TO

RS

CO

HE

RE

NC

E, S

MP

& I

/O

INT

ER

CO

NN

EC

T

CO

HE

RE

NC

E, S

MP

& I

/O

INT

ER

CO

NN

EC

T

ME

MO

RY

CO

NT

RO

L M

EM

OR

Y C

ON

TR

OL

L3$ & ON-CHIP NETWORK

AC

CE

LE

RA

TO

RS


Bottleneck Memory Bandwidth: Bisection Bandwidth Real world scatters memory: can simply measure by reversing Stream benchmark

• SPARC M7-8 8.7x faster “Bottleneck Bandwidth” than 8-chip x86

– Better interconnect means predictable performance for applications

– Good bisection bandwidth is critical for real workloads

7

Circles show chips Lines proportional To Bandwidth x86 & Power8 out-of-balance Fully connected

“glueless” 2-hop 2-hop

IBM S824 only has 60 GB/s Bisection BW

Bisection Bandwidth

P P P P P P

M M M M M M

P P

M M

IBM Power8 SPARC M7-8 x86 E7 v3 Haswell

Fully connected “glueless”

2-hop 2-hop

383 GB/s 44 GB/s 120 GB/s


M7 Brings New Level of Security Without Performance Impact

8

Copyright © 2015, Oracle and/or its affiliates. All rights reserved. | Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |

New Platform for Secure Computing With Oracle’s Software in Silicon architecture

Security in Silicon

Wide key encryption and Silicon Secured Memory

Breakthrough hardware SQL acceleration and decompression for

Oracle Database In-Memory

SQL in Silicon

More cores, more threads, more bandwidth, lower latency – Extreme performance for apps and cloud

World’s Fastest Microprocessor

9


Large Memory & Complex Systems Create Risks Memory Reference Bugs

• Millions of lines of code, concurrent development by thousands of people

• Lots of threads working on large shared memory segments

– Victim thread finds bad data long after culprit thread escaped

– Hard to diagnose

• Non-system languages like Java have built-in protection – No unbound pointers, garbage collectors

• Options for system level languages?

– Dynamic pointer checking transparently in hardware/silicon

10 3/15/2016


Improved Security & Reliability in Hardware

Software in Silicon: Application Data Integrity

• First ever hardware based memory protection

• Stops malicious programs from accessing other application memory

• Can be always on: Hardware approach has negligible performance impact

• Results in improved developer efficiency and more secure and higher available applications


A Couple Famous Examples: Heartbleed & Venom Silicon Secured Memory protection from read and write attacks

Buffer Over-Read Attack Buffer Over-Write Attack

12


• Memory access vulnerability in the open source Quick Emulator hypervisor (QEMU)

• Malicious code in VM executes code in hypervisor security context.

• Code escapes the guest VM to control the entire host

• Caused by buffer over-write, allowing data to be stored beyond allocated memory

Example Venom-Type Vulnerability

13

Host System

Sales server VM

DB server VM

Web server VM

VM Hypervisor

Host Hardware

Hacker exploits VENOM to escape VM

VENOM executes instructions in

hypervisor and gains control of host

hardware

Venom escape


Application Data Integrity

– Debug software memory management issues easily

– Catch memory reference errors with no impact on performance

– Protects against silent data corruption and malicious attacks

– Superior customer support when running Oracle on Oracle

Software in Silicon

Application Data Integrity


Pointer “B”

Pointer “R”

Pointer “Y”

Applications Memory

GO

GO

Silicon Secured Memory: Always-On Intrusion Protection

• Silicon Secured Memory implements fine grained memory protection in hardware – Hidden “color” bits added to pointers (key),

and content (lock)

• Pointer color (key) must match content color or program is aborted – Set on memory allocation, changed on

memory free

• Helps prevent access off end of structure, stale pointer access, malicious attacks, etc. plus improves developer productivity

Breakthrough security and reliability in hardware

15


How You Can Use Silicon Secured Memory

• Run applications that are enabled with Silicon Secured Memory (examples):

– Oracle Database 12c (12.1.0.2) uses Silicon Secured Memory in SGA

– ISV software that has been developed with Silicon Secured Memory

• Enable your existing software – No need to recompile! – Check application binaries with Solaris Studio 12.4

– Link with correct Solaris libraries – e.g., malloc() enhanced with ADI: libadimalloc

– Certify on your test environment

• Develop your applications with Silicon Secured Memory – C/C++ 64-bit code, Solaris ADI API

– Comprehensive tools available with Solaris Studio 12.4

16


Hardware Accelerated Cryptography 32 Crypto Accelerators with the broadest set of ciphers

Clear Data In

Encrypted Data Out

17


SPARC’s Long-Term Investment in Security

�2005 �2007 �2010 �2011

SPARC T1

SPARC T2

SPARC T3

SPARC T4, T5, M5, M6

RSA DSA

AES DES 3DES

DSA ECC MD5 RC4

RSA SHA-1 SHA-256

AES CRC32c DES

3DES DH DSA ECC

Kasumi MD5 RSA SHA-1 SHA-256 SHA-384 SHA-512

AES Camellia CRC32c DES

3DES DH DSA ECC

Kasumi MD5 RSA SHA-1 SHA-224 SHA-256 SHA-384 SHA-512

2011-2015

Ten years of hardware accelerated encryption

18


SPARC M7 is years ahead in security protection

Nobody Does Crypto Acceleration Better

Features Per Socket

Power8

Intel Xeon SPARC M7

Clock speed (GHz) 4 2.3 4.13

Cores 12 18 32

Threads 96 36 256

Crypto Instructions 6 7 25

Crypto Algorithms Accelerated On-chip 7 5 15

Transistors 4.3B 5.56B 10B

Supports VM Live Migration No No Yes

19


IBM Missing Fast Cipher used in Oracle Database IBM Power8 missing hardware acceleration for critical AES-CFB !

• IBM Power8 has HW acceleration for simplistic AES ciphers but misses critical AES-CFB & AES-CCM

– Oracle DB need AES-CFB

– ZFS file system needs AES-CCM

20

© 2014 International Business Machines Corporation 18

Hardware Encryption

Algorithm POWER7+ POWER8

On-Chip On-Chip In-Core

AES-GCM

AES-CTR

AES-CBC

AES-ECB

SHA-256

SHA-512

RNG

CRC

Cycles per Byte

Algorithm POWER7[+]

(SW)

POWER8 (HW)

Single Thread Multi Thread

SHA512 35 10.7 2.6

AES-128-ENC 17 4 0.8

AES-256-ENC 21 5.5 1.1

• On-Chip Hardware Accelerators

introduced with POWER7+

– POWER8 has same accelerators

– Offload encryption for OS-based

large messages (encrypted file

systems, etc)

• POWER8 includes user-mode

instructions to accelerate common

algorithms

From IBM’s HotChips Presentation 2014 HC26.12.810-POWER8-Mericas-IBM


M7 with SQL In Silicon

21


Oracle Database 12c Breakthrough: Dual Format Database

• BOTH row and column formats for same table

• Simultaneously active and transactionally consistent

• Analytics and reporting use new in-memory column format

• OLTP uses proven row format

Memory Memory

SALES SALES

Row Format

Column Format

SALES

22


SQL In Silicon: In-Memory Query Acceleration

SPARC M7

Cache

SQL Accel

SQL Accel

SQL Accel

SQL Accel

Core Core Core Core

• Dedicated SQL accelerators built on chip

– Independently process streams of compressed data placed in system memory

– Like adding 32 additional specialized cores to chip

– Up to 170 Billion rows per second!

• Frees processor cores to run other applications, such as OLTP

• Decompresses data simultaneously to processing SQL functions

– Like adding 64 additional specialized cores

23


DAX: Data Analytics Accelerator

SPARC M7 In-Memory Database Advantages

• Industry-leading SPARC M7 memory bandwidth

• DAX decompresses data at same rate as scan-only

• DAX performs one-step scans, range scans, and assists Bloom filter joins

SQL: select sum(lo_extendedprice*lo_discount) as revenue from lineorder, date_dim where lo_orderdate = d_datekey and d_year = 2012 and lo_quantity between 6 and 25 and lo_discount between 1 and 3

Processes: Decode values (DAX) & Sum aggregation (cores)

Hash Joins (cores) Bloom Filter Joins (DAX & cores)

Scans (DAX) Range Scans (DAX)

24


Decompress at memory speed >120 GB/sec

SQL In Silicon: Accelerating Oracle Database 12c

One step 10X

faster

Decompress More than Doubles data size

Read Software

scan Rea

d

Write

Wri

te

Rea

d

DA

X

Wri

te

Multiple steps

SQL: SELECT count(*) …WHERE lo_orderdate = d_datekey …AND lo_partkey = 1059538 AND d_year_monthnum BETWEEN 201311 AND 201312;

t

25


Fast analytics for real-time decision making

SQL In Silicon

SPARC T7-1 Single-Chip Server 32 Cores

363 Queries/min per Chip

5 x HP ProLiant DL380 G9 2-Chip Servers

180 Cores

33 Queries/min per Chip

1 TB Database compressed into 160 GB of memory

5x Faster In-Memory

Query and Analytics

5x Fewer Servers 10x Fewer Chips

26


How you can use Software in Silicon with Oracle DB

• In-Memory Query Acceleration and Inline Decompression only available with “In-Memory Option”

• Oracle DB 12.1.0.2 BP7 + Solaris 11.3 or later required

• DB 12.1.0.2 BP13 (Oct 2015) recommended

• Oracle Applications certified for DB 12c supports DAX

– Performance will be application specific

– Internal workloads have been heavily optimized with indexes over time

– More Opportunities with Customer DB

In-Memory Query Acceleration and Inline Decompression (DAX)

27


M7 Virtualization and Consolidation

28


Solaris and SPARC Virtualization No-cost Virtualization for a More Efficient Datacenter

Physical Domains (PDoms) Oracle VM Server for SPARC (LDoms)

M-series T-Series

Oracle Solaris Containers/Zones

Oracle Solaris

Domain A Web

Oracle Solaris

Domain A

Domain C

App

App Domain B

Web

Web

Sola

ris

8 C

on

tain

er

DB

Sola

ris

9 C

on

tain

er

App

Sola

ris

Co

nta

iner

Web

Sola

ris

Co

nta

iner

Domain A

Domain B

OLTP DB

OLTP DB

DW DB

App App


Virtualized I/O – Redundant Domain Boot Disks

/pci@780

Driver

Service Domain

Hyper Privileged

Privileged

Hardware

APP

vds

Logical Domain

APP

vdisk

HBA

Logical Domain

APP

/pci@7c0

Driver

Service Domain

APP

vds

HBA

vdisk

RAID1 RAID1

External Storage

vdisk vdisk


Solaris Containers vs. OVM Server for SPARC

Solaris Containers

Containers

Any platform supporting Solaris (SPARC, x86)

Single OS images (one kernel)

Sub-CPU granularity

Shared kernel, memory, file systems

Solaris only

Solaris 11 : native, Solaris 10, cluster

Solaris 10 : native, Solaris 8 & 9, cluster

CPUs can be shared

Native performance

Single system patch level (11.2 – kernel zones)

Most admin operations can be applied to all

containers in a single operation or script

Oracle VM Server for SPARC

Oracle VM Server for SPARC

T-series systems only & M5, M6, M10 Fujitsu

Multiple OS images (multiple kernels)

Multiples of CPU granularity

Domain migration

Dedicated kernel, memory, file systems

Can support multiple OS levels (Sol 10, 11)

Domains limited to number of vCPUs

Multiple patch and release levels possible

Each domain must be fully managed

separately

Closer to traditional SPARC server

management (OS install, “ok” prompt, etc.)


Oracle Solaris: Efficient Network Virtualization Oracle has less network latency than IBM LPAR virtualization

• Oracle’s provides near-native latency – Power8 LPAR has 2.6x worse latency for direct IO

– Power8 LPAR has 1.1x worse latency for para-virtualized IO

0 40 80

Pow8/SPARC native

T7-1 LDom, direct

Power8, direct

T7-1, SRIOV

T7-1 LDom, para-virt

Power, para-virt

TCP usec UDP is similar to TCP

Popular virtualization software has long latencies for direct IO & Virt IO on x86

32

better


Solaris Containers Best Practices

For optimal database performance, the recommendation is to allocate a minimum of one whole

CPU core per zone

The use of Oracle Solaris Zones is strongly recommended for service isolation and containment

regardless of other methods used. Oracle Solaris kernel ensures that zones operate with

reduced privileges

Setting a host called a Global Zone allows the global zone to host one or more "Full Root",

"Sparse Root" or "Branded" zones.

Discover and exploit the features of SRM. An example is the accounting feature can help you

bill the users based on the CPUs consumed.


Hypothetical deployment configuration for Secure Oracle Database

34


SE2 Thread Count

Database

Flashback Log

Advanced Redo Log

Background Processes

PMON SMON RECO

MMON MMNL Others

RVWR

ARCn

LGWR

CKPT

DBWn

Online Redo Logs

Control Files

Data Files

SQL Work Area

Session Memory

Private SQL Area

Server Process

Column Store

Large Pool

System Global Area

Shared Pool

Database Buffer Cache

Database Instance

Client Process

PART OF SE2 THREAD COUNT

NOT PART OF SE2 THREAD COUNT

The new 16 CPU thread cap is a restriction implemented in the Oracle Database code, not merely a contractual license limitation. The Oracle SE2 database cannot utilize more than 16 user threads (foreground processes) at any time. Users may run any number of Oracle SE2 Databases on the two socket server.


Provisioning for 1,000 VMs

Secure Cloud: Capacity and Efficiency

• 23 servers • 828 cores • 1,656 threads

• 10 servers • 320 cores • 2,560 threads

SPARC T7-1 Oracle Solaris

X86 2-socket Servers

RHEL VMWare

36

$748 per VM

$1,268 per VM


SPARC T7-1 HP DL380 G9 IBM S824

Networking $163 $304 $179

Storage $91 $198 $198

System SW $0 $359 $388

Servers $494 $407 $768

$0

$200

$400

$600

$800

$1 000

$1 200

$1 400

$1 600

$1 800 Net Cost per Virtual Machine

$520

$1,533

$748

$1,268

$785 • Total cost includes

– Acquisition, plus 3 year support

– Servers, rack infrastructure, networking

– OS, Virtualization and management software

– External storage

– Net prices after discounts reported by 3rd parties

Total Cost Comparison, Cloud with 1,000 VMs

37


(1) Factory configured with one (up to 8 processors) or two (up to 4 processors each) static physical domains (2) 1, 2, 3 or 4 reconfigurable physical domains

SPARC T7 and M7 Servers

T7-1 T7-2 T7-4 M7-8 M7-16

Processors 1 2 2 or 4 Up to 8 Up to 16

Max Cores 32 64 128 256 512

Max Threads 256 512 1,024 2,048 4,096

Max Memory .5 TB 1 TB 2 TB 4 TB 8 TB

Form Factor 2U 3U 5U Rack / 10U Rack

Domaining LDOMs LDOMs LDOMs LDOMs, PDOMs 1 LDOMs, PDOMs 2

38


Migration

39


Migration Technologies • Oracle Transportable Table spaces The transportable tablespace (TTS) allows a subset of an Oracle database to be “plugged” into another Oracle database, essentially moving tablespaces

between Oracle databases. This can be much faster than a traditional export/import or unload/load of data because transporting the tablespace only requires the copying of the data files and then integration of the structural information into the new Oracle database.

• Oracle Transportable Databases The transportable database (TDB) allows users to migrate databases quickly to another platform. Historically, prior to Oracle Database 10g, a migration to

a different platform was delivered by exporting and importing the data from the legacy system into the new systems. This process could take a number of days. With TDBs, higher transfer rates can be achieved.

• Oracle Data Pump Oracle Data Pump is a flexible tool for server-based bulk data movement that supersedes the old import and export utilities. It can load and unload data

and data structures from a database. • Recovery Manager (RMAN) Recovery Manager (RMAN) is a complete backup and recovery manager for Oracle databases. It performs backup and recovery operations in both an

online and an offline manner. Oracle RMAN 9i onward allows the software to duplicate an Oracle database as a physical/logical standby for the use of Oracle Data Guard (including Oracle Active Data Guard). This effectively allows a migration to take place while keeping the source and target in sync.

Oracle Database 12c allows cross-platform backup and recovery to simplify the migration. • Procedural Procedural migrations encompass a selection of the above technologies. No single tool will suit all migrations in an enterprise. For example, TTSs and TDBs

may be suited to smaller machines, while Oracle RMAN may be suitable for migrations during small outage windows. Oracle Data Pump may be useful for systems that require certain objects or object types to be migrated that are natural or unnatural limitations of other tools or jumps from older versions, such as from Oracle 8i Database to Oracle Database 12c.

• The Migration Tools – from ACS, OCS and Oracle Migration Factory

40


Cloud Management Enterprise Manager 13c

41


Current Approach for managing the Oracle stack

Operating System is the anchor/association point between Cloud Control and Ops Center

• Enterprise Manager Cloud Control manages operating system, database, middleware and applications

• Enterprise Manager Ops Center manages operating system, virtualization, server and storage

Oracle Confidential – Internal/Restricted/Highly Restricted

Copyright © 2015, Oracle and/or its affiliates. All rights reserved. | 43

Unification of Hardware and Software Management

EM C

lou

d C

on

tro

l

EM O

ps

Cen

ter

• Single pane of glass for hardware and software management

• Ease of diagnostics with drill down from application

• Unified

• Agent and Management Server

• Security Framework

• Software Library

• Incident Management

• Job System

• Extensibility



Single Pane of Glass for Complete Stack Management

Enhanced in EM 13c

Incident & Problem Management

Configuration Management

Lifecycle and Cloud Management

Storage

VMs/Servers

Databases

Middleware

Applications

Network

Performance Management

• Enable cross-tier management, examples:

• Top-down diagnostics: drill down into storage issues in context of database

• Bottom-up impact analysis: what applications will be impacted if the storage is patched

• Support for Exa, Supercluster, T5-8, M5-6, ZFS Storage Appliance, LDOMs, Zones, etc

• Engineered Systems Patching

• Infrastructure Management to benefit from unified security, software library, job system



✓Secure and Compliant

✓Simple

✓Efficient

✓Open

✓Affordable

Your Enterprise Cloud

Oracle Solaris 11.3 – Security. Speed. Simplicity.

45

YOUR APP


Prevents Credential Abuse/Misuse

Delegation

Activity-based user access

Time-Based Control

Control when users can perform actions

Remote Auditing, Logging and Alerting

Audit entries sent to secure server; can’t be tampered

46


Oracle Solaris

Immutable Guest

#

Immutable Guest

Firewall

• Locked down hypervisor and guests

• Stop malware before it gets in

• Prevent administrator mistakes

• Update and patch but unwritable by users, applications, or hackers

• Simple on/off with ready made security levels

47

Protects Hypervisor and Guest Environments


Eliminates Vulnerability During Live Migration

• Encryption by default

• No performance impact hardware cryptographic offload

• Access via RESTful APIs

48

Oracle Solaris Oracle Solaris

Solaris Zone Solaris Zone

Solaris Zone Solaris Zone


Simple Compliance Reporting

49


Secure and Compliant Iaas

50

• 40X consolidation ratios –Zero overhead virtualization with

Solaris Zones

– Integrated network virtualization

• 10X less compliance overhead –Secure, automated installation

–Read-only zones for administrators and tenants

–Automated compliance reporting

Secure Multitenant Iaas for External Customers

Oracle

Solaris Zone

DATABASE

Customer

Solaris Zone

DATABASE

Customer

Solaris Zone

DATABASE

Customer

Solaris Zone

DATABASE

Customer

Oracle M7

Solaris 11 Global Zone Integrated Virtual Switching,

Load Balancer, Firewall

http://www.ivv.de/


Simple Deployment Rapid Deployment with Unified Archives – in 10 minutes!

OpenStack Unified Archive

Downloaded

Archive Deployed

Networking, SSH Configured

Cloud Services Enabled Ready!

10:00 10:06 10:08 10:09 10:10

AI Server

Cloud REST APIs

Pre-configured Unified Archive

Solaris 11.3

51


oracle.com/sparc

52