Red hat Enterprise Linux 6.4 for IBM System z Technical Highlights


Published on

A brief description of the highlighted features for Red Hat Enterprise Linux 6.4 on System z (general features any system z specific)

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Red hat Enterprise Linux 6.4 for IBM System z Technical Highlights

  1. 1. Technical Highlights forRed Hat Enterprise Linux 6.4 on System zFilipe Mirandafmiranda@redhat.comGlobal Lead for Linux on System z 1
  2. 2. AgendaNewest Supported HardwareRHEL 6.4 Highlights 2
  3. 3. IBM zEnterprise certifiedfor Red Hat Enterprise Linux 3
  4. 4. Red Hat Enterprise Linux High Level Roadmap2010 2011 2012 2013 4.8 End of Life: February 29, 2012 5.5 5.6 5.7 5.8 5.9 5.x EOF: 2017 6.0 6.1 6.2 6.3 6.4 6.x EOF: 2020 RHEL 7.0 under development 4
  5. 5. Red Hat Enterprise Linux 6.4GA: Feb 21 2013New features for System zGeneral New FeaturesBugfixes 5
  6. 6. Support of new crypto hardwareThis feature provides support for new crypto hardware:CryptoExpress4 The z90crypt device driver has been updated to support the new Crypto Express 4 (CEX4) adapter card.Data Routing for FCPEnable FCP to pass data directly from memory to SAN (data routing) when memory onthe adapter card is blocked by large and slow I/O requests.Improved performance by increasing the I/O rate and throughput for short and fast I/Orequests when memory on the adapter is blocked by large and slow I/O requests willsatisfy customer expectations regarding performanceThe zfcp device driver has been updated to add data structures and errorhandling to support the enhanced mode of the System z Fibre ChannelProtocol (FCP) adapter card. In this mode, the adapter passes data directlyfrom memory to the SAN (data routing) when memory on the adaptercard is blocked by large and slow I/O requests. 6
  7. 7. Fibre Channel Protocol End-To-End data consistency checkingData integrity between a host adapter and a storage server has been improved implementing thezFCP-specific part of The T10 Technical Committee introduced an enhancement to the SCSI standard(SPC-4, SBC-3) to protect against errors in user data blocks.This RAS item provides improved service and control of data flow between adapter and storagedevice by introducing the zFCP specific part of the enhanced SCSI standard for E2E data consistencycheckingOptimization of, and Support for, the zlib Compression Library for System zOptimize the existing compression library zlib for System z by using dedicated SSE instructions andoptimized compile options. The compression library zlib is used by Java (decompression of class files),Cognos (PDF generation), TSM (backup) and for Linux installations (binaries compressed in RPMs)This feature significantly improves performance for applications using the compression library zlib. 7
  8. 8. libICA EnhancementsThe libica library has been modified to allow usage of new algorithms that support theMessage Security Assist Extension 4 instructions in the Central Processor Assist forCryptographic Function (CPACF) feature. For the DES and 3DES block ciphers, the newfeature supports the following modes of operation: ◦ Cipher Block Chaining with Ciphertext Stealing (CBC-CS) ◦ Cipher-based Message Authentication Code (CMAC)For the AES block cipher, this feature supports the following modes of operation: ◦ Cipher Block Chaining with Ciphertext Stealing (CBC-CS) ◦ Counter with Cipher Block Chaining Message Authentication Code (CCM) ◦ Galois/Counter (GCM)With this acceleration of complex cryptographic algorithms, performance of IBM System zmachines significantly improves.All users of libica are advised to upgrade to these updated packages, which add thisenhancement. The libica library contains a set of functions and utilities for accessing the IBM eServer Cryptographic Accelerator (ICA) hardware on IBM System z. 8
  9. 9. Storage DriversThe Direct Access Storage Devices (DASD) device driver has been updated to detect pathconfiguration errors that cannot be detected by hardware or microcode. Upon successfuldetection, the device driver does not use such paths. With this feature, for example, theDASD device driver detects paths that are assigned to a specific subchannel but lead todifferent storage servers.Flash Express Support for IBM System zStorage-Class Memory (SCM) for IBM System z is a class of data storage devices that combineproperties of both storage and memory. SCM for System z now supports Flash Express memory.SCM increments can be accessed through Extended Asynchronous Data Mover (EADM)subchannels. Each increment is represented by a block device. This feature improves the pagingrate and access performance for temporary storage, for example for data warehousing. 9
  10. 10. Support of the Transactional Execution FacilitySupport of the Transactional-Execution Facility (available with IBM zEnterprise EC12) in theLinux kernel helps eliminate software locking overhead that can impact performance andoffer increased scalability and parallelism to drive higher transaction throughput.Support of Runtime Instrumentation FacilitySupport of the Runtime Instrumentation Facility (available with IBM zEnterprise EC12)provides an advanced mechanism to profile program code for improved analysis andoptimization of the code generated by the new IBM JVM.kdump and kexec Kernel Dumping Mechanism for IBM System zFully SupportedThe kdump/kexec kernel dumping mechanism is enabled for IBM System z systems as afully supported feature, in addition to the IBM System z stand-alone and hypervisordumping mechanism. The auto-reserve threshold is set at 4 GB; therefore, any IBM Systemz system with more than 4 GB of memory has the kdump/kexec mechanism enabled.Sufficient memory must be available because kdump reserves approximately 128 MB bydefault. This is especially important when performing an upgrade to Red Hat EnterpriseLinux 6.4. Sufficient disk space must also be available for storing the dump in case of asystem crash. 10
  11. 11. Enhancements to the s390-toolsBZ#847087This update adds the necessary user space tools to allow Linux to access Storage ClassMemory (SCM) as a block device on IBM System z systems using sub-channels of theExtended Asynchronous Data Mover (EADM) Facility.BZ#847088The lszcrypt utility has been modified to support the IBM Crypto Express 4 feature. 11
  12. 12. Identity ManagementSystem Security Services Daemon (SSSD) enhancements extend the interoperability experiencewith Microsoft Active Directory by providing centralized identity access control for Linux/Unixclients in a heterogeneous environment.Administrators can now manage Secure Shell (SSH) keys across multiple systems from a singleserver.It is now possible to map user records to their associated SELinux records, making it easier tomanage user access across platforms.Administrators can assign priorities to servers so that identity lookup occurs in the defined orderwhich can reduce network traffic. This provides IT with another tool to help meet Quality ofService (QoS) commitments or performance expectations. 12
  13. 13. NetworkingRed Hat Enterprise Linux 6.4 introduces the Precision Time Protocol (PTP) as a feature inTechnology Preview. This feature is hardware dependent and applies to a set of new devices. PTP isknown for CPU efficiency, network bandwidth, and low administration effort. It provides clocksynchronization across the network in the sub-microsecond range by eliminating network andequipment timing variability or “jitter.”The Stream Control Transmission Protocol (SCTP) provides support for multi-homingcommunication. Multi-homing allows a single SCTP endpoint to support multiple IP addresses, whichmeans that a session is more likely to survive a network failure. Red Hat Enterprise 6.4 implementsthe protocol’s “Quick Failover Algorithm” to reduce the amount of time it takes to migrate from afailed connection to an active connection.NetworkManager now has a standard, easy-to-use graphical user interface (GUI) for configuring andmanaging network interface controller (NIC) bonding and network bridges. 13
  14. 14. StorageNew system log features identify the mapping from logical block device name to physical device identifier– allowing an administrator to easily identify specific physical devices as needed.New support for scalable snapshots and thinly-provisioned volumes in the Logical Volume Manager (LVM)allows storage pool capacity to be used as efficiently as possible. Thinly provisioned volumes consumestorage space only when data has been written to them - and only as long as that data is still in use. Thinsnapshot volumes allow many virtual devices to share the data blocks they hold in common.The number of supported virtual tape drives has increased from 100 to 512. File System Red Hat has taken a lead role with its partners and the upstream community on the parallel Network File System (pNFS) industry standard, driving the addition of capabilities that allow database workloads to benefit from the advantages of pNFS. This functionality offers performance gains for I/O intensive workloads like database access. Using the first-to-market, fully supported pNFS (file layout) client -- delivered in Red Hat Enterprise Linux 6.4 -- customers can begin to plan and design next-generation, scalable file system solutions based on pNFS. 14
  15. 15. SecurityRed Hat Enterprise Linux 6.4 complies with Transport Layer Security (TLS) 1.1. The 1.1 version ofTLS increases communication security and integrity. It has the ability to protect against cipher blockchaining (CBC) attacks. Other enhancements to TLS include improved error handling and operationsbetween networked nodes.The Security Content Automation Protocol (SCAP) is a standardized suite of specifications used infacilitating security auditing for enterprise-class systems. Red Hat Enterprise Linux 6.4 now supportsSCAP 1.2.System administrators can now define the amount of time that must lapse before an account isconsidered inactive. This automates locking inactive accounts and closes the gap during which theseaccounts can be exploited. 15
  16. 16. Thank youGraciasDankeGrazieObrigado 16
  17. 17. Red Hat Enterprise Linux 5.9GA: Dec 11 2012Mostly Bugfix releaseOne big feature for System zEnable HyperPAV for parallel I/O to ECKDDASD 17
  18. 18. Hyper PAV enablement - Licensed feature in z/VMHyperPAV enables parallel I/O to ECKD DASDs increasing dataaccess performanceHyper-Parallel-Access-Volume support for Linux on System z. This is avery flexible concept to massively improve device performance byusing a set of sub channels as an ALIAS-pool.Kernel VDSO SupportVirtual Dynamically-linked Shared Object (VDSO) is a shared library provided by the kernel. Thisallows normal programs to do certain system calls without the usual overhead of system calls likeswitching address spaces.For Linux on System z there are tree functions at the moment that are accelerated in this way:gettimeofday, clock_getres, and clock_gettime. The most important one is probably gettimeofday.Some user space application, for example the Java virtual machine, tend to call gettimeofday very often. By use of a vdso this operation can be accelerated by an factor of 4 thereby increasing theperformance of the user space application. 18
  19. 19. JAVA 7Due to EOL of Oracle JDK6 in November, Oracle Java 7 and IBM counterpart will be available toRed Hat Enterprise Linux 5 19