Weitere ähnliche Inhalte Ähnlich wie Oracle Linux Nov 2011 Webcast (20) Kürzlich hochgeladen (20) Oracle Linux Nov 2011 Webcast1. <Insert Picture Here>
WEBCAST: New Innovations in Oracle Linux
Elena Zannoni, Director, Languages and Tools,Linux Engineering, ORACLE
Chris Mason, Director, Linux Kernel Engineering, ORACLE
2. The following is intended to outline our general product
direction. It is intended for information purposes only, and
may not be incorporated into any contract. It is not a
commitment to deliver any material, code, or functionality,
and should not be relied upon in making purchasing
decisions. The development, release, and timing of any
features or functionality described for Oracle' products
remains at the sole discretion of Oracle.
2 Copyright © 2011, Oracle and/or its affiliates. All rights Insert Information Protection Policy Classification from Slide 8
reserved.
3. Oracle Linux - Strategy
● Deliver the best performing, most modern and reliable
Linux operating system for the enterprise
● Enhanced with features and improvements from
mainline Linux development
● Full stack tested with real world workloads
● Offer enterprise class support at low cost
● Ensure Oracle Linux customers have full legal
protection with complete indemnification
● Influence Linux roadmap upstream via direct
community involvement
3 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
4. Oracle Linux Leadership
Oracle
#1 Linux
Validated Con-
Database
figurations
Global
Linux
Support in 145
Contributions
Countries
Oracle
Pre-installed
Product
on Sun x86
Development
Hardware
on Linux
4 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
5. Comprehensive Linux Solution
● Dedicated development team
● Dedicated QA team
● Dedicated support team
● Dedicated ISV and IHV team
● Oracle Linux training and certification
● Oracle Linux consulting services
5 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
6. Roadmap and Releases
● Continue to track RHEL releases with Oracle Linux ISO
releases and errata stream
● Unbreakable Enterprise Kernel release stream with
yearly kernel updates tracking mainline
● 9 month grace period
● Allows customers to move to the next release on
their own schedule
● Customer can stay on the same kernel release for
21 months
● Quarterly driver updates
6 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
7. Mainline Linux Kernel
● In the last year (since 2.6.36)
● 63,584 commits
● 1,570,669 new lines of code
● Roughly 1200 contributors to each release
● Each day
● 164 new commits
● 4,000 new lines of code
7 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
8. Mainline (are we done yet?)
● New hardware brings massive scalability changes and
challenges
● High IOP/s networking and storage
● 200 IOP/s disks vs 250,000 IOP/s flash
● Dramatic bottlenecks in large SMP systems
● Performance is very dependent on power management
● Mainline kernels have changes to address
performance on new hardware
8 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
9. Unbreakable Enterprise Kernel R1
● Latest OFED stack (1.5.1)
● Advanced large NUMA system support
● Receive Packet Steering (RPS) and Receive Flow
Steering (RFS)
● SSD detection
● Data Integrity up to SAN
● OCFS2 1.6
● Announced at OOW 2010
9 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
10. Unbreakable Enterprise Kernel R2
● Version 2.6.39
● Based on upstream Linux Kernel 3.0.4
● Many scalability improvement and new features
● Beta release for Oracle Linux 6 at OOW 2011
● GA in CY2012
10 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
11. Unbreakable Enterprise Kernel R2
● Transcendent memory ● Transparent Huge Pages
● Btrfs ● Pstore
● Resource Isolation – ● Transmit packet steering
Cgroups (XPS)
● OS Isolation – Linux ● Built in virtual switch
Containers
● Ksplice
11 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
12. Backporting vs Tracking
● Backporting features
● Must be retested
● Result is different from upstream source
● Each backport makes future backports more complex
● Tracking mainline
● More consistent upstream testing required
● Entire stack should be tested for performance regressions
12 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
14. New Contributions
● ALL of Oracle's Linux kernel enhancements for The
Unbreakable Enterprise Kernel are open source and
have been made available to the Linux community.
● Git source tree with change logs and commit
messages:
http://oss.oracle.com/git/?p=linux-2.6-unbreakable.git
14 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
15. What is DTrace?
• A Solaris tool, available since 2005
• Allows static tracing using instrumentation compiled into kernel and applications
• Allows dynamic tracing by defining probe points 'on the fly'
• Probes and actions at probe points are defined by scripts written in the 'D' language
• Many types of providers, main ones are
●
Dtrace: BEGIN, END, ERROR probes
●
Syscall: entry and exit of each system call
●
Profile: fires at specific time intervals (dynamic probes)
●
sysinfo, vminfo, fpuinfo, sched, io, iscsi, etc.: Static tracing in kernel: probes at
certain locations in subsystems
●
Pid: Static tracing in userspace applications: MySQL, Perl, Java
●
Pid: Dynamic tracing in userspace applications: can probe at every instruction in a
running process
• Speculative tracing: filter events and data presented to user after probes fired (uses
intermediate holding buffer)
• Solaris documentation: http://www.oracle.com/technetwork/documentation/solaris-11-
192991.html
16. Why DTrace on Linux
• Plethora of tools on Linux with different usage cases,
syntax, data format and outputs
• Lack of integrated user space tracing solution for
Linux
• Want to offer compatibility with existing DTrace scripts
for Solaris
• Expertise of Solaris user and administrators can be
reused on Linux
• Customer demand
17. DTrace on Linux
• Initial release October 2011, version 0.1, still WIP
• Available on ULN channel: ol6_x86_64_Dtrace_BETA
• Userspace utilities RPM, and Kernel module RPMs
• Code posted here http://oss.oracle.com/git/
●
linux-2.6-dtrace-modules-beta.git
●
linux-2.6-dtrace-unbreakable-beta.git
• Functionality currently available: Dtrace provider, syscall provider
• Integrated with Oracle Unbreakable Enterprise Kernel:
●
Version 0.1 currently available on UEK 2.6.32
• x86_64 only
• Kernel changes are GPL
• Kernel Module is CDDL
• Testsuite ported
18. DTrace Next
• Profile provider
• Static probes
• Userspace application tracing
• Move to UEK2 version 2.6.39
• Performance evaluation
19. Ksplice
● Lets you install your important kernel updates with...
● No downtime
● No disruption
● No rebooting
● While applications are running
● Free with Oracle Linux Premier Support
19 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
20. How does it work?
Client
Kernel update Ksplice technology Zero downtime
kernel update
Customer systems
20 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
21. Deployment
● Get access key via ULN
● Super-easy installer:
wget -N https://www.ksplice.com/uptrack/install-uptrack
sh install-uptrack YOUR_ACCESS_KEY
uptrack-upgrade -y
● We email you when new updates are available
● Simple command-line tool for installing updates
● Rollback – updates can be reversed rebootlessly
21 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
22. Installing New Updates
[root@server ~]# uptrack-upgrade
The following steps will be taken:
Install [1792zgqh] Clear garbage data on the kernel stack when handling signals.
Install [q60l587z] CVE-2011-2491: Local denial of service in NLM subsystem.
Install [rc7vca8p] CVE-2011-2492: Information leak in bluetooth implementation.
Install [rwvu52id] CVE-2011-2495: Information leak in /proc/PID/io.
Install [fn0egvef] CVE-2011-2497: Buffer overflow in the Bluetooth subsystem.
Install [c6tugu59] CVE-2011-2517: Buffer overflow in nl80211 driver.
Install [x4h2l5ob] CVE-2011-2695: Off-by-one errors in the ext4 filesystem.
Install [d0ba3z30] CVE-2011-1576: Denial of service with VLAN packets and GRO.
Go ahead [y/N]? y
Installing [1792zgqh] Clear garbage data on the kernel stack when handling signals.
Installing [q60l587z] CVE-2011-2491: Local denial of service in NLM subsystem.
Installing [rc7vca8p] CVE-2011-2492: Information leak in bluetooth implementation.
Installing [rwvu52id] CVE-2011-2495: Information leak in /proc/PID/io.
Installing [fn0egvef] CVE-2011-2497: Buffer overflow in the Bluetooth subsystem.
Installing [c6tugu59] CVE-2011-2517: Buffer overflow in nl80211 driver.
Installing [x4h2l5ob] CVE-2011-2695: Off-by-one errors in the ext4 filesystem.
Installing [d0ba3z30] CVE-2011-1576: Denial of service with VLAN packets and GRO.
Your kernel is fully up to date.
Effective kernel version is 2.6.32-200.19.1.el6uek
22 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
24. Btrfs – Features
● Designed for large files ● Built in data integrity
and file systems
● RAID
● Simplified administration
● Flexible
● No volume manager
needed ● File and file subvolume
snapshots
● Easy to add and remove
capacity ● Transparent compression
● Online defragmentation /
scrubbing
24 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
25. Btrfs – Recent developments
● LZO Compression
● Read-only snapshots
● Scrubbing with error correction
● Quickly find recent file changes
● Discard and Trim support
25 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
26. Transcendent Memory –
Cleancache
●
Memory area to cache clean memory pages
●
Implemented on transcendent memory (tmem)
●
Eliminates costly disk reads
●
Shown to improve performance on a broad range of
workloads
●
Exposed via the VFS layer for easy integration with
existing file systems
26 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
27. Compressed page cache (zcache)
● Cache that helps to keep more pages of the
(filesystem) page cache longer in memory
● Provides additional cache using LZO compression and
thus results in fewer disk I/O operations
27 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
28. Resource Isolation – Cgroups
● Fine grained control of CPU, I/O and memory
resources
● Protect memory for a given set of processes, e.g. CRS
● Pin processes to the same NUMA node and use
NUMA-local memory
● DB consolidation on large NUMA servers
● I/O throttling support
● Device whitelisting
28 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
29. OS Isolation – Linux Containers
●
OS Isolation via resource management (Cgroups)
●
Multiple userspace versions of an OS on the same
server
●
Isolated environments with own process and network
space
●
Lightweight, very low overhead
29 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
30. Linux Containers – Isolated
environments
IE IE IE
• Start/Stop
Apps Apps Apps
• Freeze
• Create/Destroy System Libs System Libs System Libs
Root Root Root
Linux Kernel
30 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
31. Transparent Huge Pages
● Better supports memory management capabilities of
modern CPUs
● Allows memory pages larger than 4kB (2MB)
● Frequently accessed virtual addresses for memory-
intensive workloads can be better cached
● Much lower overhead to track page state
31 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
32. Transmit packet steering (XPS)
● Spreads outgoing network traffic across CPUs on
multiqueue devices
● Selects a transmit queue during packet transmission
based on configuration by mapping the CPU
transmitting the packet to a queue
● Analog to RPS (included in UEK R1): Where RPS is
selecting a CPU based on receive queue, XPS selects
a queue based on the CPU
32 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
33. Other Scalability Improvements
● NUMA and lock contention optimizations throughout
the kernel
● VFS: directory cache improvements for multi-threaded
and single-threaded workloads
● Ext4, XFS, Btrfs improvements
● BKL (Big Kernel Lock) removal, replaced with much
more fine-grained locking code
33 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
34. Networking – Built in Virtual Switch
● Based on Open vSwitch ● Resource management
● Network virtualization ● QoS
● Virtual Network Cards ● sFlow monitoring
(VNICs) ● Distribution across
● VLANs multiple physical servers
● Virtual Switches ● Can operate as soft
switch within OS or
control stack for
switching silicon
34 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
37. Q&A
37 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
38. 38 Copyright © 2011, Oracle and/or its affiliates. All rights
reserved.
39. 39 Copyright © 2011, Oracle and/or its affiliates. All rights Insert Information Protection Policy Classification from Slide 8
reserved.