Oracle Solaris 11 Built for Clouds
Upcoming SlideShare
Loading in...5
×
 

Oracle Solaris 11 Built for Clouds

on

  • 2,119 views

Oracle Solaris 11 is the first operating system engineered with cloud computing in mind. So what's new in Oracle Solaris 11, and how does that connect to the cloud? If you`re involved in Application ...

Oracle Solaris 11 is the first operating system engineered with cloud computing in mind. So what's new in Oracle Solaris 11, and how does that connect to the cloud? If you`re involved in Application Life-cycle Management, Configuration Management,
Cloud Deployment, Big Data Design and Application or Infrastructure Scaling - You will learn how to leverage the Solaris 11 technologies in order to build your Cloud infrastructure.
For more information see: http://www.oracle.com/technetwork/systems/hands-on-labs/hol-oracle-solaris-remote-lab-1894053.html

Statistics

Views

Total Views
2,119
Views on SlideShare
1,079
Embed Views
1,040

Actions

Likes
1
Downloads
21
Comments
0

10 Embeds 1,040

https://blogs.oracle.com 987
http://feedly.com 25
http://bloggers1033.rssing.com 11
https://feedly.com 5
http://blogs.oracle.com 5
https://inoreader.com 3
https://www.rebelmouse.com 1
http://itnewscast.com 1
http://www.hanrss.com 1
http://news.google.com 1
More...

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment
  • See <br /> Oracle Solaris Zones continue to be the best environment for deploying applications, and consolidating services. In Oracle Solaris 11, significant work has been done to better integrate this technology in the OS with a much more complete experience, perfect for cloud deployments. With improved observability within non-global zones, the ability to delegate administration to a non-global zone including a complete separate network configuration using virtualized networking, zones are more powerful than ever. <br /> Zones also represent the main migration capability with the introducion of Oracle Solaris 10 Zones, allowing administrators to migrate existing Solaris 10 physical systems (and those also running zones) to a similar environment running on top of Oracle Solaris 11. <br />
  • Oracle Solaris Cluster integration with Oracle Solaris Containers provide a highly available environments for specific applications. In this environment, the different parts of a service( application, databases, and web server tier) reside in Solaris Container virtual nodes in full isolation and can be consolidated into one physical cluster for highly available, consolidated mission-critical service at a much lower cost while still benefiting from Solaris Container&apos;s advantages of security isolation, resource management, and fault isolation. With this configuration option, services are protected against application, VM, and physical failures. <br /> Examples of Optimized Solutions using Oracle Solaris Cluster include Oracle E-Business Suite, PeopleSoft and Siebel Customer Relationship Management (CRM) [see http://www.oracle.com/us/solutions/optimized-solutions-171609.html] <br /> Oracle Solaris Containers cluster also supports a variety of other use cases such as database consolidation, test and development consolidation, and multiple application consolidation. <br /> Solaris Cluster detects failures and recovers the service 20 seconds faster than competitor – 12.33 seconds vs 32.33 seconds <br /> Configuration and Workload <br /> 2 node T5120 <br /> SE3511 storage <br /> S10u9, HA-ZFS <br /> IOBench on HA-NFS <br /> NFSv3 and NFSv4 <br /> OSC3.2u3 vs. competitor <br /> ~0 sec to detect a failure vs. ~15 sec for competitor <br /> ~10 times faster reconfiguration <br /> ~1.6 times faster service recovery <br /> ~2.5 times faster end-to-end application failover <br />
  • See <br /> Oracle Solaris Zones continue to be the best environment for deploying applications, and consolidating services. In Oracle Solaris 11, significant work has been done to better integrate this technology in the OS with a much more complete experience, perfect for cloud deployments. With improved observability within non-global zones, the ability to delegate administration to a non-global zone including a complete separate network configuration using virtualized networking, zones are more powerful than ever. <br /> Zones also represent the main migration capability with the introducion of Oracle Solaris 10 Zones, allowing administrators to migrate existing Solaris 10 physical systems (and those also running zones) to a similar environment running on top of Oracle Solaris 11. <br />
  • This particular secure web facing configuration was developed by a large religious organization in Italy to prevent website defacement. <br />
  • [Original slide author: Nicolas Droux] <br /> This slide focuses on the main architecture of our new Solaris 11 stack. The following key elements that are highlighted here are: <br /> Parallel architecture: the building blocks are the traffic lanes which are independent from each other and go from the hardware resources at the bottom to the applications. <br /> The VNICs are the central part of the architecture. A VNIC looks like a regular NIC to the rest of the system. It has a MAC address, which can be assigned explicitly, come from the hardware if the physical NIC provides multiple factory MAC addresses, and has a link speed. The link speed is virtual and is set to the bandwidth limit configured for the VNIC. <br /> Each VNIC is assigned a set of hardware rings of the physical NIC. One or more hardware rings can be assigned per VNIC, depending on the capabilities of the hardware, number of available hardware rings, and the configuration specified by the administrator. Multiple hardware rings enable better scalability across multiple CPUs, and each hardware ring will have a set of dedicated kernel threads to drive the traffic through the hardware in parallel. In addition, the stack also provides software rings which can be used to further improve the spreading of the traffic processing to more CPUs for improved scalability. <br /> The steering of traffic to the various VNICs is hardware-assisted. The MAC addresses of each VNIC is pushed down to the hardware to make that possible. If the hardware resources are exhausted, or if the underlying device or device driver does not provide that functionality, the architecture falls back to software classification. <br /> Each traffic lane is assigned its hardware rings, kernel threads, CPUs, and interrupts, which enables for better isolation between the lanes all the way from the hardware to the applications. It also allows the traffic for a lane to be processed by the same subset of CPUs, which improves cache locality and results in higher performance. <br /> The data path switches dynamically between polling mode and interrupt mode. The stack switches to polling mode based on load and backlog. In polling mode, interrupts are stopped on a per-hardware ring basis, and the host stack reaches out into the hardware (via driver) to pull the next chain of packets on the ring. This allows the network stack to be in full control of the arrival of packets into the host, instead of reacting to packets delivered through interrupts. A major benefit is that it allows us to dramatically reduce the interrupt rate to make the system more efficient, while not compromising latency. <br /> The driver interface was extended with Solaris 11 to allow these advanced interactions between the stack and the physical NIC. The same virtualization features are available across all NICs, even for the NICs which don’t implement these advanced features, or for legacy device drivers such as GLDv2 or DLPI. Of course such limited drivers and NICs will not be able to take advantage of some of the features such as dynamic polling, hardware classification, and per-hardware ring scalability, and will not see the same level of performance. <br /> It would be good to note here that our network virtualization architecture is tightly integrated with zone administration. VNICs can be configured from the zone configuration tool zonecfg(1M) itself, and are automatically created when the zone boots. This applies to the major attributes on the VNICs, and also the IP configuration of these VNICs. A benefit of using these automatic VNICs is that they can take advantage of the vanity naming on a per-zone basis. It is for example possible for every zone to have a VNIC called “net0”. This architecture improves the mobility of the zones, since the networking configuration of the zone is part of the zone configuration itself, and is independent from the characteristics of the underlying host. <br />
  • [Original slide author: Nicolas Droux] <br /> Crossbow provides built-in QOS which is highly integration with network virtualization. This results in an implementation which is significantly more efficient, and much easier to configure, than traditional IPQoS. <br /> A bandwidth limit can be configured on any data link, but is most useful on a virtual NIC. When the bandwidth limit is configured on a VNIC, it is the equivalent of configuring the virtual link speed of the VNIC. The slide provides an simple example which shows how a bandwidth limit can be assigned to a VNIC when it is created. <br /> In addition, Crossbow is tightly integrated with the Solaris resource management, such as CPU pools. The “cpus” and “pool” properties can be used to set the CPUs or CPU pools, respectively, which can be used to process the traffic for the specified data link such as a VNIC. When such a property is set, the MAC layer will ensure that all kernel threads and interrupts of the specified VNIC or data link will be bound to CPUs within that boundary. <br /> In addition, the CPU pool support is also tightly integrated with zone. When a zone has a CPU pool, manually managed or automatic, and a VNIC is assigned to the zone, the MAC layer will bind the VNIC to the pool of the zone, which will cause all interrupts and kernel threads of that VNIC to be bound to the CPUs belonging to the zone. This allows for better isolation between zones, as well as improved performance, since we have improved co-locality between the application and the processing of the traffic associated with these applications. <br />
  • [Original slide author: Nicolas Droux] <br /> Flows allow the administrator to identify a subset of the traffic going over a data link. Flows are managed through flowadm(1M) and are specified by attributes which identify a flow of data. Attributes corresponding to network headers such as port numbers, IP addresses, protocols, etc. <br /> A flow can be assigned a bandwidth limit, which can be useful to limit the traffic used by a subset of the traffic. In this example, a network backup is started regularly, and when it runs, attempts to use as much of the bandwidth that is available. If left uncontrolled, that traffic can impact the other traffic sharing the same underlying network connection. A flow is used here to cap the bandwidth of the network traffic. <br /> Statistics for flows can also be obtained through the flowstat(1M) command in real time, or a history of the statistics can be collected and later retrieved using extended accounting. <br /> Flows can be created from a non-global zone on top of its assigned data links. This allows a non-global to further sub-divide its allocated bandwidth between multiple services running within the zone. <br />
  • [Original slide author: Nicolas Droux] <br /> Link Aggregation is a feature we introduced in Solaris 10. It allows multiple NICs to be grouped in a single pseudo data link which provides higher performance and high availability. VNICs can be created on top of such an aggregation as they would be created on top of a physical NIC. The beauty of this architecture is that a VNIC doesn’t know about any of the link aggregation details, since the VNICs are layered on top of link aggregation. <br /> For instance, if a physical NIC fails, the link aggregation layer will failover to the remaining links, and this operation will be transparent to the VNICs. Similarly, traffic for the VNICs will be spread across the multiple physical NICs transparently to the VNICs. <br /> IPMP can also be combined with VNICs, but since IPMP is configured at the IP level, this cannot be done transparently to the zones. In that case multiple VNICs would be created on the multiple physical devices, and IPMP would be configured from within the zones. This is less than ideal, and we are internally looking into adding some of the IPMP semantics to the link aggregation layer, so that we provide the widest range of high availability mechanisms transparently to the VNICs and their zones. <br />
  • [Original slide author: Nicolas Droux] <br /> Background: A key benefits of cloud environments is the flexibility of distributing a workload on various computing resources. This requires the ability to be able to dynamically provision applications which need to be running on the cloud. When VLANs are dedicated to applications, it is therefore required to be able to dynamically provision VLANs on the network. <br /> Dynamic VLAN provisioning: Our architecture implements the GVRP protocol, which is based on a IEEE standard, which allows the host to dynamically inform the physical switches of VLANs configured on a physical link. When that feature is enabled on the switch and the host, messages are sent from the host to the switch at a regular interval, containing the VLANs which are enabled on the physical link. The switch uses the content of these messages to enable the correct VLANs on the switch ports. This improves security because only the necessary VLANs will be enabled on a switch port, and it also improves performance by reducing the number of multicast packets that will be duplicated by the switches. <br /> Datalink protection: Of course it is essential to prevent an individual zone from injecting such messages into the network. Our architecture provides a data link protection feature which can be used to limit the traffic that can be sent by a VNIC on the network. Data link protection is configured by the global zone, and can prevent the following attacks: <br /> MAC spoofing, by ensuring that the source MAC address of a packet is the same as the MAC address of the VNIC <br /> IP spoofing, by ensuring that the source IP address of a pacaket is the same as one of the allowed IP addresses of a VNIC <br /> DHCP client ID spoofing <br /> Preventing unauthorized protocols, by limiting the protocols which are allowed to be sent by the VNIC (for example, IPv4, ARP, IPv6), and preventing control messages to be injected into the networking infrastructure. <br /> These protection mechanisms are critical in a shared cloud environment, to ensure that individual VNICs and their zones can only send authorized traffic into the network. <br />
  • [Original slide author: Nicolas Droux] <br /> By being able to deploy multiple virtual switches, multiple virtual network devices, and multiple zones running applications, it is possible to build realistic virtual networks and network topologies which simulate real distributed applications and data centers. <br /> This is an example of a more complex multi-tier architecture running within a single machine. Some zones run the middle ware including web server, and are connected to database nodes which access their storage hosted on Sun Storage devices via VNICs. <br /> A typical use case for such an exercise could be to simulate a multi-tier architecture during development before deploying it in a physical environment. <br />
  • [Original slide author: Nicolas Droux] <br /> This slides summarizes the features that were described in the previous slides, and adds other Solaris 11 features which were not discussed so far. Some features are highlighted in red due their impact, or relevance to the presentation and cloud architectures. <br />
  • As you can see from this slide, the heart of the software lifecycle management is ZFS and Boot Environments. These provide for a 100% safe system upgrade. There is low initial investment to take advantage of this as ZFS is the default root filesystem. As you can see from the diagrams, ZFS&apos;s copy-on-write capabilities allow for the fast creation of snapshot and clones, not requiring a complete copy of the filesystem, but only making changes as and when the two boot environments start to diverge in terms of content. <br /> We have also implemented a fast reboot in Oracle Solaris 11, allowing systems to avoid often slow boot checks in the BIOS and caching system state in memory to allow a much faster time for getting the system up and running. This is a critical piece in ensuring a much reduced maintenance window for administrators. <br />
  • The deployment of Oracle Solaris Zones is a common theme among our top 50 customers (and wider in our customer base). Approximately 1 in 2 systems are using Oracle Solaris Zones as a way to consolidate or host their applications. With Oracle Solaris 11, we have a more complete and integrated solution that should be strongly considered for every application deployment. <br /> Security – all the previous zones security features plus now Immutable Zones (a read only zone root) <br /> ZFS –used in snapshots, cloning and now zone boot environments (save you disk space) <br /> Network – tightly integrated with crossbow <br /> Observability – use the newly improved zonestat tool or look with DTrace <br /> Image Packaging System – minimized zones out of the box, zones are also much more flexible in their content now <br /> Automated Installer – deploy zones at system deploy time without the need for complex scripting <br /> Oracle Solaris Zones can be used in just about every scenario you can imagine <br /> Flexible Development and Test environments <br /> Network in a box test environments <br /> Consolidation of servers <br /> Legacy server consolidation <br /> Rapid Application Deployment <br /> Securing Applications <br /> Flying Zones to aid maintenance <br /> Highly Available Zones with Oracle Solaris Cluster <br />
  • The Top 9 reasons why Customers are investing in SPARC/Solaris from Oracle <br /> Best Reliability – a hallmark of Sun Systems for years and it continues – if it must run, it runs on SPARC/Solaris <br /> New Performance results that emphasize real-world workloads, not esoteric SPEC results <br /> We engineer Solaris for tomorrow’s systems – 10Ks of threads, 100GB of memory, Zettabytes of data <br /> 20+ years of hard core integrated security features. Unique zones-based multi-level, labeled security configuration <br /> Fully virtualized OS – server, storage, network – optimizes use of datacenter resources. Quickly deploy new services to grow your business. <br /> We coengineer Solaris, Oracle software and Oracle hardware to deliver the best performance for Oracle deployments. Engineered systems cut deployment times down dramatically. We engineer so you don’t have to. <br /> No other OS runs on the leading RISC and CISC architecture. Choose the best platform for your datacenter – we recommend Solaris SPARC <br /> Oracle guarantees HW and SW binary compatibility, meaning apps running today and on legacy systems move to newer SPARC/Solaris unmodified – saving $s in migration costs <br /> Oracle’s integrated stack of offerings means avoidance of a piecemeal approach and reduction of complicated support efforts with mixed environments. The only vendor in the industry with all the pieces in the stack to offer and deliver real value for application solutions <br />

Oracle Solaris 11 Built for Clouds Oracle Solaris 11 Built for Clouds Presentation Transcript

  • Seminar: Oracle Solaris 11 Built for Clouds (43516) Presenter: Orgad Kimchi Principal software Engineer Oracle 1 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.
  • The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle.
  • Agenda • Oracle Solaris 11 Built for Clouds • Oracle Solaris 11: Built for DevOps - Nadav Lankin, Founder at DevOpsJLM • Advanced Resource Management and Scalability Features for Cloud Environment using Solaris 11 - Haim Tzadok, CEO at Grigale • Cloud Observation & Performance Analysis using Solaris 11 Dtrace - Amit Hurvitz, Principal Engineer at Oracle • Cloud Observation & Performance Analysis using Solaris 11 Dtrace – Orgad Kimchi, Principal Engineer at Oracle
  • Agenda Solaris 11 Cloud technologies • Virtualization • Security and Compliance • Networking • Data management
  • Oracle Solaris 11 • Mission Critical Meets Cloud Highly Available, Secure Platform for Enterprise Apps        Large-scale Cloud Management  Automated Install  Fast, Fail-safe Packaging  Zero overhead Server, Storage, Network virtualization  Comprehensive cloud management solution Predictive self healing ZFS data integrity End to end encryption Compliance reporting DTrace observability Immutable zones Application Aware Clustering Solaris 11 Best Foundation of Your Enterprise Class Cloud
  • Built for Cloud Infrastructure
  • Integrated Virtualization Automated Install Security Packaging Integrated Virtualization ZFS Zones
  • Oracle Solaris 11 Mission Critical Meets Cloud Designed-in Virtualization Oracle Solaris 11 • Built-in server, storage, network virtualization • Zone clusters • Solaris 10 Zones • Dedicated zone network and data resources • Integrated load balancer, router, firewall • Flexible network virtualization and resource controls • Automatic network configuration Scalable Data Management • Integrated deduplication, compression • Flash + disk storage pools • End-to-end data integrity • Infinite snapshots and clones • No cost replication • Extreme scale 128-bit FS with integrated storage management Advanced Protection • Pervasive, fast encryption • Restricted root privileges • Always-on auditing • Secure by default • Read-only root • Active Directory integration • Advanced user access controls Simplified Administration • Cloud designed installation • Distro constructor • Dependency-check packaging • Fool-proof updates • Fast reboot • Delegated zone administration • Dtrace production safe observability • Auto service case creation for hardware failures
  • Designed-in Virtualization
  • Built-in Virtualization Oracle Solaris 11 Zones • • • • • • • • Secure, light-weight virtualization Scales to 100s of zones/ node Delegated administration ZFS datasets, boot environments Zone-specific observability Solaris 10 Zones NFS Server Network stack isolation and resource management Co-engineered with installation, security, ZFS, networking, IPS, SPARC and x86 hypervisors 15x lower overhead vs. VMWare 4x lower latency vs. KVM
  • High Availability Using Oracle Solaris Cluster Mission Critical Meets Cloud Virtualized AND highly available • • • Industry’s only application-specific failover solution for virtualized applications Continuous cloud service availability 2.5x faster failure detection and recovery vs competitor Oracle WebLogic Server Web Server-Tier zones Cluster Oracle WebLogic Server PeopleSoft Application Server Application Server-Tier zones Cluster PeopleSoft Application Server Oracle RAC Database Server-Tier zones Cluster Oracle RAC
  • Seamless Upgrades Oracle Solaris 11 Zones, Oracle VM • • Seamless upgrades from previous version Live migration with OVM SPARC and OVM x86 p2v Solaris 10 S10 Zone Solaris 10 v2v S10 Zone S11 Zone S10 Zone S10 Zone S11 Zone Solaris 11 Solaris 11 Oracle VM Live Migrate Oracle VM
  • Data at Cloud Scale
  • Breakthrough Efficiency • Scale Out Design. Built-in Data Services. No License Fees. Compression Replication Flash-aware virtual storage pools Deduplication Dataset Encryption Reduce Storage Use by up to 10x Encryption With Line-Speed Performance Rapid Provisioning of Virtualized Storage Resources
  • Cloud Ready Data Sharing • Built-in, flexible, transparent, hardware assisted File Sharing Unified User and Access Control with Active Directory integration: ZFS, NFSv4, CIFS, WebDAV, FTP(S), SCP/SFTP Cloud Ready OS install Solaris boot from SAN, iSCSI and FCoE Zones on iSCSI/FCoE ZFS pools Block Storage Sharing Raw Disk & ZFS LUN: iSCSI, iSER, FCoE
  •   Cloud Ready Data Sharing .For example we will create ZFS file system and share it using NFS root@zone1# zfs create -o encryption=on -o dedup=on -o compression=on -o mountpoint=/data -o sharenfs=on rpool/data : This used the following options o encryption=on enable encryption- o dedup=on enable deduplication- o compression=on enable compression- o mountpoint=/data mount point locayiono sharenfs=on share via NFS- We can see that we can create ZFS file system with encryption, compression and deduplication and !share it using NFS in a single command 11/3/13
  • Engineered Cloud Security At Every Level
  • Security in the Cloud Defense in Depth. Multitenancy Design. • • • • • Delegated administration Built-in Audit Immutable Zones Network and data layer protection Encrypted data per tenant
  • Secure Data for Cloud Tenants • Encrypted. On the wire. On the disk. Finance Sales Zone ZFS Storage Pool HR Zone Zone HR Dataset Sales Dataset Finance Dataset
  • Security Tailored for the Cloud • Built-in, flexible, transparent, hardware assisted Application Runtime Authentication Audit Immutable Zones, Sandboxing: new basic privileges (net_access,file_write, file_read), further executable address space reduction. Network data-link & IP anti-spoofing for Zones. SSH X.509 Certificate support, Kerberos PKINIT (X.509). Kerberos data in LDAP. Root login disabled by default. Role auth via user password, Authentication caching. Auditing on by default, audit policy in SMF, Secure remote audit trail. Delegation Sudo with auditing. Fine-grained user/password/RBAC management CLI with LDAP support. Data Security ZFS filesystem, swap, dump and zvol encryption, NFSv4/NT style ACLs, Multilevel security with file labeling. IPsec/IKE policy per zone. Per Zone NFS server and Kerberos Realm. Cryptography Transparent Hardware Encryption for Solaris, Java. OpenSSL 4x faster. Trusted Platform Module (TPM) keystore, file integrity scanner Signed binaries & packages, Oracle Key Manager appliance integration
  • Network at Cloud Scale
  • Cloud-Scale Networking Parallel networking stack. Built to scale. • Hardware assisted Network Resource Management • Optimized for performance at every level Ease of Use • Automatic Networking mode • Fine grained observability • VLAN isolation, dynamic VLAN provisioning Virtualize, consolidate network infrastructure • Increase performance and reduce costs • Secure Isolation Integrated functionality • Routing, Firewalling, Load Balancing, Bridging, High Availability 4x Lower Latency vs KVM
  • Parallel Network Virtualization Architecture     Virtualization and QoS designed-in Independent Hardware Lanes with dedicated resources (CPUs, I/O threads, interrupts): from the NIC to applications VNIC behaves just like a regular NIC (link speed, stats, MAC address) Hardware and software fanouts for best scalability  Adaptive polling, depending on load  Scales with hardware advances  Tightly integrated with zone administration
  • Network Resource Control     Set bandwidth limit on a VNIC (virtual link speed) QoS integrated in the core stack, no separate component to configure Constrain the CPUs used by VNICs or data links by CPU ids or pool names Integrated with Solaris resource management and zones # dladm create-vnic -l net0 -p maxbw=100M vnic0
  • Controlling and Observing Flows Control the Un-Controllable    Bandwidth limits can be applied to traffic flows specified by the administrator; this includes datalinks in non-global zones Managed by flowadm(1M) and specified by source and destination IP addresses, protocol, port number, etc. Flows can be observed in real time with flowstat(1M), or a history can be obtained using extended accounting
  • Highly Available VNICs    Link Aggregation provides transparent failover and increased throughput to VNICs and zones Compliant with IEEE 802.3ad IP Multipathing (IPMP) can also be used, but needs to be configured from within zones
  • Dynamic VLAN Provisioning Elastic and Isolated Virtual Networks in the Cloud      Global zone dynamically sends updates to switch when VLANs are configured on physical NIC Switch updates VLANs associated with each port Messages are sent only from global zone Data link protection can be used to block attempts from nonglobal zone to add unauthorized VLANs Based on IEEE 802.1d standard
  • Virtual Multi-Tiered Architecture
  • Cloud-Scale Networking With Solaris 11 Network Virtualization Resource Control Performance Built-in Network Funtionality Virtual NICs (VNICs), Virtual switching, Hardware-assisted virtualization, Automatic VNICs for zones, SR-IOV Integration, VLAN isolation, Anti-spoofing protection Integrated QOS, Bandwidth limits, Mapping to CPUs or CPU pools for isolation Parallel stack, NUMA I/O Framework, SR-IOV Integration, Dynamic Polling, Buffer Management, Pre-mapped buffers, Kernel Socket API, 4x Lower latency vs KVM, Converged Ethernet Routing, Firewall, Load Balancing, VRRP, Bridging Management IPMP re-architecture, Vanity naming, Automatic IP configuration, Centralized IP administration, Centralized data link administration, Consolidated data link properties, GLDv3 unification for legacy drivers Observability Real-time data link, hardware, and flow statistics. History integrated with extended accounting. Capture local traffic through through virtual switch and IP loopback path. APIs Committed GLDv3 APIs, pluggable TCP congestion algorithms, IP Filter Hooks, Kernel socket API
  • Cloud Deployment Simplified
  • Redefining Software Lifecycle Management Safe Updates. Fast Reboots. • Error-free safe software updates – – • Automatic dependency checking of software packages Cloned environment updated, immediate rollback if needed Reboot in seconds – In-kernel boot loader puts kernel into memory and switches
  • Other data System updates are fast, reliable and reversible Active Boot Env Unused Safe Upgrade with Boot Environments Other data Low initial investment Active Boot Env 1 New Boot Env Unused Improved user experience Encouraged best practice Fast reboot reduces planned maintenance windows ZFS pool 2 Other data Unused ZFS pool Active Boot Env New Updated Boot Env
  • Managing the Cloud from Applications-to-Disk
  • Driving Cloud Infrastructure Innovation Web Tier Security Application Tier Deployment Database Tier Immutable Zones Linked Images, Parallel Zone Updates, AI Integration, IPS integration, Package minimization Network Storage Financ e Zone Finance Dataset HR Zone Boot Environments, ZFS Datasets, Recursive ZFS send, NFS Server in a Zone, Zones on Shared Storage, Lofi improvements Sales Zone Virtual NICS (VNICS), Automatic VNICs, Bandwidth Control, Exclusive IP by Default, Network Observability, Infiniband Enhancements, Data Center Bridging, Edge Virtual Bridging Zone HR Datase t Sales Dataset Migration Management Pre-flight Checker, Solaris 10 Zones on Solaris 11, Zones install update for V2V archives System Configuration, Clean Shutdown, Hung Zones, Zones “unavailable” state, Zonestat, Per Zone fsstat, Zones RAD Module Solaris 11, Solaris 11.1
  • Why Oracle Customers Choose Solaris Top Reasons for Investing in Oracle Solaris Systems 1. 2. 3. 4. 5. 6. 7. 8. 9. Reliable: If it must run, it’s on Solaris Fast: World record leader for enterprise applications Scalable: Engineered today for next generation systems. Invest for the future Secure: Deeply integrated security. Trusted labeled configurations Virtualized: Maximum resource utilization. Faster time to market Engineered for Oracle: Best performance. Fastest deployments SPARC and x86: Choice of industry’s leading enterprise architectures Compatible: Preserves your investments. Avoids costly migrations Trusted Vendor: One phone call
  • 36 Copyright © 2011, Oracle and/or its affiliates. All rights reserved.