Security Agility Reduced Cost Security Agility Reduced Cost Foundation for an agile IT...

Security Agility Reduced Security Agility Reduced CostCost

Foundation for an agile IT Infrastructure:

Building the ultimate database container with

Red Hat Enterprise Linux, MySQL, and Virtualization

Jan Mark Holzerjmh@redhat.comConsulting Engineer Emerging Technology GroupCTO Office

RHEL5 & MySQL Database Appliances / August 15th 2007

Product features subject to change prior to availability 2

Outline • What is virtualization and how can it help

• Red Hat Enterprise Linux 5 & Virtualization

• Database Appliances

• Use Models and Deployments

• Q&A

Red Hat Enterprise Linux

Why virtualization ?

It’s fun.

It gets a lot of papers published.

It’s going to change everything. Eventually.

But the customer benefits boil down to just two things…

Customer BenefitsVirtualization can help to manage cost

Virtualization enables distributed, automated system management Virtualization allows resources to be managed as abstract entities

Independent of physical instantiation, location – even existence Physical servers host multiple virtual servers

Virtual servers are objects that hide underlying complexity Presents a common interface and architecture Simplifies OS and system maintenance Hardware abstraction

Virtual resources can be allocated and managed dynamically Enables more efficient use of existing resources

Manage such things as cost, QoS, power,floor space, cooling and security

Enhances scalability while controlling costs

Virtualization is the fundamental enabling technology for utility computing and utility services, both of which will reduce costs

Customer BenefitsVirtualization can help to manage risk

Virtual servers run in secure compartments Isolation is comparable to separate physical servers Failures, even user and kernel errors, cannot propagate to other virtual

servers

Individual applications can be mapped to separate virtual servers Enhances security and separation Avoids application incompatibility problems

Separation of virtual and physical resources facilitates availability Transparent hot-swap component replacement and upgrades Live virtual server migration for load management and maintenance Low-cost redundancy

Virtualization provides a risk buffer for capacity planning Under-provisioning to reduce expenses Over-provisioning to ensure adequate capacity Dynamic resource management can mitigate these risks

Example: Data Center Dilemma

Data center has physical constraints Fixed sized, fixed power, fixed cooling, etc Often physical constraints are cost prohibitive to change

Data centers have excess capacity Volume servers (Intel ISS) 10-15% utilized, mid / high 30-40% (>4

socket) Customers comfortable with single application server

One application per OS instance – optimal unit of management, control, etc.

Application stacking to consolidate on a single OS viewed as higher risk and often more expensive

Need a new service, deploy a new server / storage (ie VM warehouse model)

Dilemma Can no longer afford current paradigm

Can’t afford the $10 million server or storage controller that translates into a new data center or expansion

Can’t afford continual increase in number of administrators or cost / time to deploy new services

Can’t afford power and thermal management e.g. Annual electric bill for Google’s 200K servers greater than

cost of all server hardware

Example: Server & Storage Virtualization Multiple Views

One or more applications per view One OS per view

Multiple OS versions per server Enable transparent migration of services between hardware

instances – blades, enclosures, etc. Benefits

Increased hardware utilization Avoid the $10 million dilemma

Reduced time to deploy new services Don’t need to purchase new server / storage to deliver Use views to validate service on existing hardware while

maintaining complete isolation and protection Reduced cost

Fewer servers to buy / manage Lower software licensing

Per core rather than unit of work / value delivered Few administrators

Decouple hardware evolution from software No longer legacy software constrained

Virtualization provides legacy view Change customer control point

Virtual and physical management infrastructure drive customer purchase decisions

Motivated to upgrade to virtualization-capable hardware and software

De-motivated to migrate to competitive offerings Those that establish beachhead will be more difficult to

displace

Multiplex one machine into different “Virtual Machines” VMs; allows running different isolated guest Operating Systems with different applications on same physical hardware.

Allows a “Guest” OS to run

under control of a supervising

master program that is called:

“Hypervisor” or “Virtual Machine Monitor (VMM)”. Hypervisor / VMM Functionality:

Virtualizes System Resources Provides Scheduling of host/guests Intra-guest communication

Common grounding 'Host' also often referred as 'dom0' and/or HyperVisor 'Guest' also known as 'domU'

Hypervisor/VMMHardware

What is Virtualization?

Red Hat Enterprise Linux Overview

Red Hat development model• Collaboration with partners and open source contributors to

develop technology• Deliver complete distributions in two stages for two users

− First stage• Fedora: The development vehicle

• New versions approximately twice each year

• Unsupported

• Fast moving, latest technology

− Second stage• Red Hat Enterprise Linux

• New versions approximately every 18 – 22 months

• Supported and certified

• Stable, mature, commerciallyfocused technologies

What's new in Version 5?

• Enterprise Linux Advanced Platform• Integrated virtualization• Industry leading performance and price/performance• Enhanced and easy to use security• Improved networking and interoperability• Enhanced development tools• New SLAs• Enhanced client

Red Hat Enterprise Linux Overview

2005 2006 2007 2008 20102009

RHEL 5

RHEL 4

RHEL 3

RHEL 2.1

RHEL 3 in transition from Full Support to Maintenance mode. Final bug-fix-only update 9 Improved para-virtualized drivers planned.

RHEL 4.5 released May 2ndLengthened release cycle to avoid schedule

overlap.Support of RHEL4 para-virt guests on RHEL5.Extended full support phase of approx. 3 yearsRHEL 4.6 in November. Final bug-fix-only release, similar to 3.9 in

August '08.

4.5 4.6

5.1 5.2

4.7 4.8

RHEL 5 released March 2007 Virtualization and Advanced Platform

intergation Selinux enhancementsNew cluster management infrastructureGFS2 , Statless Linux technology preview

RHEL 6 no schedule yet for next major releasePlanning driven by customers, partners and

technology Fedora 7 released and Fedora 8 in planning

RHEL Virtualization Roadmap

2007 2008 20102009

RHEL 5

5.1 5.2

RHEL 5.1 HVM Improvements

Performance (Hot-) Migration

32 on 64 bit para-virtualized. Dom0 KDump IA64 Support Libvirt enhancement Security

Post-RHEL 5.1 Para-VIrtualized drivers for HVM RHEL 3, later 4. Para-Virtualized drivers for Windows.

RHEL 5.2 Large System Support

NUMA Memory

Nested Page Table support planned. Path for CIM support on top of libvirt. Virtual Desktop

RHEL 5.0 GA Core Virtualization. Para-Virt RHEL on RHEL, 32/32, 64/64 bit, x86 & x86_64 Libvirt management RHEL 5 guests RHEL 4 guests with 4.5+

Red Hat Enterprise Linux 5: Product summary• Servers:

− Red Hat Enterprise Linux Advanced Platform for mainstream customers• Unlimited server size and virtualization capabilities

• Maximum flexibility and value

− Red Hat Enterprise Linux available forsmall environments

• Clients:− Red Hat Enterprise Linux Desktop

− Workstation and Multi-OSoptions for special environments

− High volume security and manageability

Red Hat Enterprise Linux 5 Advanced Platform • Extends the base product to provide a complete solution for

virtualized environments− The ideal solution for the mainstream customers

• Advanced Platform provides− Integrated server and storage capabilities

− Unlimited guest operating systems

− Guest migration with consistent storage

− Application migration*

− Cluster Logical Volume Management &Global File System*

− Seamless expansion across multiple systems

− Enhanced management capabilities

− Easy transition for Red Hat Enterprise Linux AS customers• Provides significantly greater capabilities

* Previously offered as separate layered products:Red Hat Global File System and Red Hat Cluster Suite

Advanced Platform benefits

• Designed for mainstream customers who seek the advantages of virtualization without complexity or risk

• Provides a full virtualization infrastructure in one complete package

• Eliminates the need to create a solution using multiple products from different vendors

• Reduced solution cost• Reduced deployment time• Integrated installation and

management• Extensive documentation• Training services• Installation and maintenance services

Red Hat virtualization architecture

• Physical computing and storage components provide a central pool of resources

• Virtual systems with appropriate compute, memory, and data can be dynamically allocated, provisioned, and managed

Development Approach• Requirements: Stability, reliability, effectiveness• Release focus is on foundational elements

− Innovation rate is high in virtualization technologies

− Stable platform with stable APIs for easy enhancement

• Support for x86, x86_64, UP and SMP at GA

− Support for IA64, PPC tech preview in RHEL5 GA

• Focus is on foundational elements− Priority is to deliver hooks, APIs to enable continued development of rich

management & monitoring tools

• At a minimum, will include: − libvirt – local Virtual Machine (VM) management API

• create, destroy, start, stop, suspend, resume

• basic support for hot and cold migration

− iSCSI, GFS2 (tech preview in RHEL5 GA), NFS containers

− Virtual block, network

libvirt: Stable and Open API Management of hypervisor(s) Hypervisor agnostic Stable API for application developers Isolation from Xen HV instability Isolation from XenD protocol changes Formalized error reporting/handling XML definitions for Vms Distributed in FC4/FC5/FC6/F7/RHEL5/Debian/OpenSolaris Core API in C, Python/Perl bindings CLI access via virsh

DatabaseAppliances

High Level Xen Architecture

Hardware

Hypervisor

Domain 0

Device Driver

Back End

Domain 1

Front end

Domain 2

Front end

Virtual CPU & Memory

MySQL Database Appliances• Virtual Appliances

− One or more virtual machines packaged and tailored for distribution and deployment

− Pre-defined function and packaging− Pre-configured and optimized for specific use case

• MySQL and OS configuration/tuning

• Benefits of appliances− Ease of Installation, configuration and deployment− Tested as a whole by vendor/supplier− Can be easily replicated− Long term storage and archival− Hardware agnostic and independence− Application isolation (performance, security)− Dynamic workload management− Ability to move workloads online throughout the environment

Virtual SMP combined with

sub-CPU granularity

CPU text

CPUtext

CPU text

All available in one offering on RHEL5

VM7 VM8

Virtual machine scalability and Higher resource utilization

VMn == domUn

RHEL5 Virt Platform

Virtual Machines

Memory ballooning

VMn == domUn

RHEL5 Virt Platform

Virtual Machines

1GB2GB

Current Memory Size

Max Memory Size

VM 2Max

MemCurr Mem

Guest can be configured to balloon/grow their current memory footprint

Allows for online expansion and growthCan use virt-manager or CLI interface for management

Memory ballooning

VMn == domUn

RHEL5 Virt Platform

Virtual MachinesCurrent Memory Size

Max Memory Size

VM 2Max

MemCurr Mem

Growing guest VM2 to 1GB using memory ballooning

Now both guests have increased their available memory onlineResize database SGA Increase available VM for applications etc...

2GB2GB

I/O virtualization

Virtual Machine 1

Virtual Machine 2

Virtual Machine 3

Physical Disks

Partition(s)

Logical Volumes SAN Storage Arrays

File Containers

CD/DVD DriveISO Images

RHEL5 Virt Platform

Dynamic I/O Sharing

Virtual server’s I/O packets directed to

I/O cards by the HyperVisor/dom0

Virtual Machine 1

Virtual Machine 2

Virtual Machine 3

I/O card can be “dedicated” to a

virtual machine for performance

isolation

RHEL5 Virt Platform

Dynamic Network I/O SharingVirtual machine’s network packets

directed to physical NIC by

the HyperVisor/dom0

NIC can be “dedicated” to a virtual machine for performance

isolation

Virtual BridgeNIC 1

Virtual BridgeDMZ

Virtual BridgeNIC 2

Virtual NIC may be defined

without a physical NIC for guest-to-

guest communication

Virtual Machine 1

Virtual Machine 2

Virtual Machine 3

RHEL5 Virt Platform

HighAvailability

Highly Available RHEL5 Host and MySQL instance

Host A

Host B

Shared

Storage

Guest running as a RHCS serviceGuest 1

Guest 2

Guest X

Host A

Host B

Shared

Storage

Guest running as a RHCS serviceGuest 1

Guest 2

Guest X

Automatic failover upon Hypervisor failure

Host A

Host B

Shared

Storage

Guest 2

Guest XGuest 1Guests running as independent cluster

Hypervisor clustered via RHCS

Host A

Host B

Shared

Storage

Guest 2

Hypervisor clustered via RHCSApplication failover upon hosts/guest failure

Host A

Host B

Shared

Storage

Guest 2

Hypervisor clustered via RHCSApplication failover upon hosts/guest failure

Shared

Storage

Guest 2

Guest X

Guests running as independent cluster

Host C

Guest 1 Guest X

Hypervisor and bare metal host clustered via RHCS

Host A

Host B

Shared

Storage

Guest 2

Guest X

Host C

Guest 1 Guest XMySQL can migrate to another Guest/VM

Host A

Host B

Shared

Storage

Guest 2

Guest X

Host C

Guest 1 Guest X

MySQL can migrate to a bare metal system

Host A

Host B

RHEL5 Disaster RecoveryRHEL5

Site A

Site B

Shared

Storage

Guest 1

Guest 2

Guest XGuestImage

GuestImage

XP/CA, EVA/CA

RHEL5 Disaster RecoveryRHEL5

Site A

Site B

Shared

Storage

Guest 1

Guest 2

Guest XGuestImage

GuestImage

RHEL5 Disaster Recovery

Site A

Site B

Shared

Storage

Guest 1

Guest 2

Guest X

GuestImage

XP/CA, EVA/CA

Solving real business problems

Virtual Machine relocation enables High Availability:

machine maintenance

Load Balancing: statistical multiplexing gain

Live Migration

Consider the possibilities...

Resources

• MySQL− http://www.mysql.com/

• Red Hat − http://www.redhat.com/

• Virtualization Infocenter− http://www.openvirtualization.com/

• libvirt− http://www.libvirt.org/

• Virt-Manager− http://virt-manager.et.redhat.com/

• Red Hat Cluster Suite− http://www.redhat.com/solutions/gfs/

• Red Hat Emerging Technology Group− http://et.redhat.com/

QuestionsQuestions??

ThanksThanks

Security Agility Reduced Cost Security Agility Reduced Cost Foundation for an agile IT...

Documents

Journey to the Cloud AGILITY COST - GAVS Technologies · Journey to the Cloud DIFFERENTIATION AGILITY COST SaaS Solutions Higher-level services Cloud Infrastructure. Leading the journey

AERODATA, INC. IMPROVES CUSTOMER AGILITY …...AERODATA, INC. IMPROVES CUSTOMER AGILITY AND AVAILABILITY WITH COST-EFFECTIVE VMWARE NSX SOLUTION INDUSTRY AIRLINE INDUSTRY LOCATION

Delivering Business Agility through Managed Services for a ... · various business processes would drive efficiency and business agility and deliver significant cost savings, thereby

Delivering unprecedented agility, productivity and cost ... · precedented agility, productivity and cost-savings. ... be ‘future-proof.’ ... , using Accenture data and Microsoft

Sustainable cost reduction on the path to greater agility · Agile defence Sustainable cost reduction on the path to greater agility 5 In 2011, PwC began a conversation with senior

Red Hat Enterprise Linux 5 / Xen Hat Enterprise Linux 5 / Xen Troubleshooting Security Agility Reduced Cost Jan Mark Holzer jmh@redhat.com Consulting Engineer

PHYSICAL THERAPY.BENEFITS. Better Access Improved Outcomes Reduced Cost

Transforming paper driven processes...Reduced cost per transaction Enabling external users Improved regulatory compliance Flex. in processes/bus. agility Data/process integ. across

State of North Carolina JLOC on IT · 2018-03-07 · Point agility Glacial agility Silo Based Life cycle based on business capabilities Reduced Stable Core Adaptive Apps Integration

Delivering unprecedented agility, productivity and cost-savings€¦ · · 2016-07-27precedented agility, productivity and cost-savings. ... Through a culture of continuous product

On Software Architecture, Agility, Cost and Value...Title On Software Architecture, Agility, Cost and Value Author Philippe Kruchten Created Date 5/1/2008 12:00:00 AM

Enterprise Approach towards Cost Savings and Enterprise Agility

Agility, governance and productivity - IBM-+Murray+Cantor+-+Cantor... · Agility, governance and productivity ... (cost, schedule, effort, quality, …) are random variables ... Compliance

Increase Agility and Reduce Costs by Migrating from RISC ... · platform. These issues are reducing the strategic viability of the data center. Reduced Cost Effectiveness RISC/UNIX

VersaStack - Logicalis · 2015. 6. 26. · Lower Computing Cost . Faster Fact -based Decision Making . Greater Business Agility . Lower Operating Expenses Reduced Costs/ Complexity

D3.3 Validation report of reduced renovation cost and time

Agility and Cost Efficiency in Operations - Nestlé Global · Agility and Cost Efficiency in Operations Magdi Batato ... dimension Certified Leader ... Increasing agility and speed

Filter Elements Betamicron 4. For Reduced Life Cycle Cost

Reduced-Parameter Modeling (RPM) for Cost Estimation Models

Network Automation and Branch Agility - Cisco · Lower Cost & Complexity - Branch Agility Faster roll out of services and applications Optimal application experience Reduce costs