Monday Jun 20, 2016

SPARC Solaris Virtualization ROCKS for SAS Analytics

A global life sciences company recently undertook a complete infrastructure refresh of its SAS Analytics environment to meet critical business requirements, such as industry compliance, scale for growth and resiliency for non-stop operations . This case study documents the strategic choices and the procedural details involved in modernizing their SAS Analytics environment and demonstrates how SPARC Solaris virtualization ROCKS! (see white paper below).

The Challenge:

This company was looking to replace an aged 16-core HPUX Itanium system with performance issues that was currently running SAS to support 150 users.  Their goal was to move to a SAS Grid Computing framework that could support 400 users in a high availability (HA) and disaster recovery architecture for non-stop operation.  In addition, they required high-performance shared file system storage and needed to consolidate three separate SAS releases (9.2; 9.3; and 9.4).  All this while needing to map SAS services to 15+ separate OS instances.


The SPARC Solaris Virtualization Solution:

Combining Oracle’s Solaris 11 OS with SPARC servers and ZFS Storage created a very flexible and powerful virtualization solution for this complex challenge with Oracle VM Server for SPARC (LDoms) and Oracle Solaris Zones. The SPARC Solaris virtualization strategy enabled strict compliance to SAS licensing policy while allowing for prioritized resource allocations for memory, I/O, and network bandwidth – all without adding additional licensing and virtualization costs to the customer.

Leveraging the flexibility of Oracle Solaris virtualization technologies to achieve both business and IT infrastructure needs enabled this pharmaceutical company to transform and optimize their SAS Analytics environment.

The Devil is in The Details:



Read this white paper for best practices, lessons learned, and the detailed deployment anatomy to understand the specifics of this case study.  It also includes the actual scripting of the virtualization services which were created:

White Paper: Modernization of a SAS® Analytics Environment -
Solving Complicated Refresh Challenges with Oracle Solaris and SPARC Virtualization Technologies


Should you have any questions on this case study, you can contact us at isvsupport_ww@oracle.com.

Wednesday Jun 15, 2016

Amazing 4000+TPS with FSS iPAY on Oracle SPARC and Solaris

FSS is a payments and fintech leader, offering business value through a diversified portfolio of software products, hosted payment services and software services built over 25 years of comprehensive experience across payments spectrum.  Headquartered in Chennai, India, FSS serves 100+ customers across the globe that include leading public and private sector banks in India and some of the large Banks, FIs, Processors and Prepaid Card issuers and  the company has an established  presence in America, UK/Europe, ME/Africa and APAC.

A joint performance and scalability testing exercise was conducted by FSS and Oracle Engineering teams to study the performance and scalability of FSS payment gateway iPAY on Oracle's SPARC Servers running Solaris 11.3. The activity was aimed at scaling up the application load in terms of Transactions Per Second (TPS) with a workload that consisted of mix of OLTP scenarios. 

FSS iPAY is PCI 3.0 PA-DSS certified payment gateway that provides highly secured payment transaction zone with its inbuilt fraud prevention and risk mitigation engine. FSS iPAY is compatible with multiple payment options such as debit/credit/prepaid cards, IMPS, internet banking, batch banking and interchanges like VISA & others.

The following is the functional architecture of the application:

Two Oracle SPARC T5-2 servers and an Oracle ZFS Storage ZS3-2 were used to run the test with FSS iPAY 3.1.0, Oracle Database 12c RAC and Oracle Weblogic 12c Cluster along with shared QFS on SAN storage for the application tier. 

Security Compliance

Solaris 11 compliance framework was used to generate the PCI-DSS compliance report for the application systems hosting the iPAY application. The findings from the report were used to make sure that the application systems were configured as per the requirement of PCI-DSS standard.

Scaling to 4000+ TPS with excellent response times on 32 cores

The performance testing exercises were conducted with 32 cores for the application and 32 cores for the database. Response times and average cpu percentages were measured for different levels of workload generated TPS.

The results showed an amazing 4000+TPS and close to 17 million transactions processed in 70 minutes.


 For more details contact us at isvsupport_ww@oracle.com

Wednesday Jun 08, 2016

How to configure IP over Infiniband (IPoIB) on Oracle Solaris and SPARC servers

Recently we worked with an ISV who wanted to certify their application with Oracle SuperCluster in order to support their customers who are using this SPARC and Solaris based engineered system. Their application has a kernel module which needed to be tested with the infiniband driver.

We connected 2 SPARC T5-2 servers using 2 IB cards and an IB switch for this project. This simple configuration can simulate a 2 node connection of an Oracle SuperCluster.

The following steps  re needed to make such an IPoIB configuration work. It is very important to first be sure that the switch is configured properly:

For the IB switch :

define it into DNS
then ssh root@switchIP
passwd is "changeme" ( usually this is the password from the manufacture)
enablesm ( to enable the master )
getmaster ( to check the master )

If the switch master is not working, the IB interface status will show as “down” on the server even if all the cables and cards are connected to the switch correctly.

On the Solaris server (T5 server in this case):

Check the physical network interfaces available on the server: dladm show-phys

LINK MEDIA STATE SPEED DUPLEX DEVICE
net1 Ethernet unknown 0 unknown ixgbe1
net2 Ethernet unknown 0 unknown ixgbe2
net0 Ethernet up 1000 full ixgbe0
net3 Ethernet unknown 0 unknown ixgbe3
net6 Ethernet up 1000 full vsw0
net9 Infiniband down 0 unknown ibp1
net5 Infiniband down 0 unknown ibp0

net4 Ethernet up 10 full usbecm2
net10 Ethernet up 40000 unknown vsw2
net11 Ethernet up 40000 unknown vsw1

Check only the IB cards: dladm show-ib

LINK HCAGUID PORTGUID PORT STATE GWNAME GWPORT PKEYS
net9 10E000015A7460 10E000015A7462 2 down -- -- FFFF
net5 10E000015A7460 10E000015A7461 1 down -- -- FFFF

The following 2 commands are not mandatory, but will help you to easier identify the IB

dladm rename-link net9 ibp1

dladm rename-link net5 ibp0

Check renaming: dladm show-phys

LINK MEDIA STATE SPEED DUPLEX DEVICE
net1 Ethernet unknown 0 unknown ixgbe1
net2 Ethernet unknown 0 unknown ixgbe2
net0 Ethernet up 1000 full ixgbe0
net3 Ethernet unknown 0 unknown ixgbe3
net6 Ethernet up 1000 full vsw0
ibp1 Infiniband down 0 unknown ibp1
ibp0 Infiniband down 0 unknown ibp0
net4 Ethernet up 10 full usbecm2
net10 Ethernet up 40000 unknown vsw2
net11 Ethernet up 40000 unknown vsw1

dladm show-ib

LINK HCAGUID PORTGUID PORT STATE GWNAME GWPORT PKEYS
ibp0 10E000015A7380 10E000015A7381 1 up -- -- FFFF
ibp1 10E000015A7380 10E000015A7382 2 down -- -- FFFF

Create IB default partition:

(the name is under GWPORT column resulted from previous command/)

dladm create-part -l ibp0 -P ffff ffff.ibp0

dladm show-part

LINK PKEY OVER STATE FLAGS
ffff.ibp0 FFFF ibp0 unknown ----

Create and assign the IP address :

ipadm create-ip ffff.ib0
ipadm create-addr -T static -a 10.1.10.11/24 ffff.ib0/v4


Important commands to check the status of the connection:
dladm show-ib
ibhosts
ibstat
ibswitches
iblinkinfo.pl –R

grep pciex15b3 /etc/path_to_inst


Should you need further help with your IPoIB configurations on SPARC servers, you can contact us at isvsupport_ww@oracle.com.


Monday May 02, 2016

FIS Payment Card Products on Oracle Solaris and SPARC

FIS™ is one of the world's largest global providers dedicated to banking and payments technologies. FIS empowers the financial world with payment processing and banking solutions, including software, services and technology outsourcing. Headquartered in Jacksonville, Florida, FIS serves more than 20,000 clients in over 130 countries. It is a Fortune 500 company and is a member of Standard & Poor’s 500® Index. 

Advanced Security, Extreme Performance and Unmatched Value with Oracle SPARC.

FIS supports its payment card products IST/Switch, IST/Clearing, IST/MAS, Fraud Navigator and Data Navigator on the latest SPARC platforms running Oracle Solaris 11. FIS Fraud Navigator and Data Navigator have also achieved Oracle Solaris Ready and Oracle SuperCluster Ready status. 

Oracle SPARC servers offer the best computing platform for running FIS applications. Customers can benefit from large number of high performance cores along with TBs of memory to run their mission critical environments with greater scalability, performance and security. If you have any questions about running FIS applications on Oracle Solaris SPARC, you can contact us at isvsupport_ww@oracle.com

Monday Apr 25, 2016

Unbeatable Scalability of SAP ASE on Oracle M7

The Oracle SPARC M7 platform has incredible performance and some examples of it can be found in this blog. One very interesting customer example is with SAP ASE performance and scalability. SAP Adaptive Server Enterprise (Sybase) database is used by University hospitals Leuven (UZ Leuven). UZ Leuven is one of the largest healthcare providers in Europe and provides cloud services to 16 other Belgian hospitals, sharing patient records supported by the same IT infrastructure and systems. 

UZ Leuven was looking to increase the scale capacity of its SAP ASE platform to accommodate an anticipated 50% business growth in user transactions, along with added functionality of the application as more hospitals join the network. Their current load was about 80 million transactions per day for a 5 TB database.

420 vs 48 on Intel

The SPARC M7 platform proved to be the only platform that could linearly scale up to 420 SAP ASE clients, while their Intel E7-8857v2 platform scaled to only 48 clients.

The SPARC M7 platform also delivered better performance and response times while ensuring data availability and information security, critical needs for UZ Leuven’s patients. 

“Today, SPARC is the only suitable platform that meets our application needs. We selected SPARC servers over IBM and x86-based solutions because scalability and performance are essential for our mission-critical SAP Adaptive Server Enterprise database infrastructure. With the SPARC M7 servers, we can expand our business and grow at the speed of our customers,” said Jan Demey, Team Leader for IT Infrastructure, University Hospitals Leuven.

You can read the full story here.

In the next blog, we will discuss best practices for using Oracle Solaris ZFS file system for your SAP ASE database.

Wednesday Apr 20, 2016

Oracle OpenWorld and JavaOne 2016 Call for Proposals

The 2016 Oracle OpenWorld and JavaOne call for proposals are open and the deadline for submissions is Friday, May 9. We encourage you to submit proposals to present at this year's conference, which will be held September 18 - 22, 2016 at the Moscone Center in San Francisco. 

See here who from ISV Engineering and partners attended last year and the joint projects they presented. 

Submit your abstracts for Oracle OpenWorld and JavaOne now and take advantage of the opportunity to present at the most important Oracle technology and business conference of the year.


Tuesday Apr 19, 2016

Oracle Solaris 11.3 Preflight Checker - Come Fly With Me!

Announcing the latest update to: Oracle Solaris Preflight Applications Checker 11.3

Consider a pilot deciding to fly a new airplane without knowing that it had been 100% tested to fly.

If you are a Solaris developer who is looking to leverage the security, speed and simplicity of Oracle Solaris 11.3, you need to make sure your application will perform well BEFORE lifting off the ground on that migration. 
At Oracle we call that  preserving application compatibility between releases.  We believe that’s pretty important to the success of your flight, and getting you back onto the ground safely.

Solaris was the first operating system to literally guarantee application compatibility between releases and architectures.  Of course, any good developer knows there are always ways to accidentally break compatibility when you're developing an app, and maybe even get away with it for a while...

That's where the Oracle Solaris Preflight Applications Checker 11.3 (PFC 11.3) tool comes in. 
Think of it as a flight simulator, designed to give the pilot (aka - developer) confidence in the plane they are about to fly.

With PFC 11.3,  it is now quite simple to check an existing Solaris 8, 9, or 10 application for its readiness to be executed on Oracle Solaris 11.3, whether its on SPARC or x86 systems.  A successful check with this tool will be a strong indicator that an application will run unmodified on Oracle Solaris 11.3. 
In other words, start up the engines, lets fly!

A little bit about how PFC 11.3 can do this.
PFC 11.3 includes two modules:

1. The Application Checker - which scans applications for usage of specific Solaris features, interfaces, and libraries and recommends improved methods of implementation in Oracle Solaris 11.3.  It can also alert you to the usage of undocumented or private data structures and interfaces, as well as planned discontinuance of Solaris features.  

2. The Kernel Checker - checks the kernel modules and device drivers and their source code and reports potential compatibility issues with Oracle Solaris 11.3.   It can analyze the source code or binaries of the device driver and report any potential "compliance" issues found against the published Solaris Device Driver Interface (DDI) and the Driver-Kernel Interface (DKI).

These two modules scan and analyze your application in three areas to serve up the pre-flight information for running it on Solaris 11.3:

 1) Analysis of the application binaries for usage of libraries as well as for usage of Solaris data structures and functions.
 2) Static analysis of the C/C++ sources and Shell scripts  for the usage of function or system calls that are deprecated, removed or unsupported on Oracle Solaris 11, as well as the usage of  commands and libraries which have been relocated, deprecated or removed.
 3) Dynamic analysis of the running application, for it's usage of dynamic libraries which have been removed, relocated or upgraded (example: openSSL).

PFC 11.3 not only helps you migrate to the latest release of Solaris,  but also makes recommendations on getting the most out of your Oracle systems hardware. PFC 11.3 even generates an HTLM report which provides pointers to various migration services offered by Oracle.

Oracle Solaris is designed and tested to protect customer investments in software.  PFC 11.3 and The Oracle Solaris Binary Application Guarantee are a powerful combination which reflect Oracle's confidence in the compatibility of applications from one release of Oracle Solaris to the next.

Any technical questions with PFC 11.3 should be directed to the ISV Engineering team:  isvsupport_ww@oracle.com

 Now, sit back, relax, and enjoy your flight!

Monday Apr 18, 2016

IBM Software Products and SPARC Hardware Encryption: Update

Last December, we told you about IBM's GSKit and how it now allows several popular IBM products seamless access to Oracle SPARC hardware encryption capabilities. We thought we'd create a quick Springtime update of that information for our partners and customers.

Obtaining The Proper Version of GSKit

GSKit is bundled with each product that makes use of it; over time, new product releases will incorporate GSKit v8 by default. Until then, the latest GSKit v8 for SPARC/Solaris is available on IBM Fix Central, for download and upgrade into existing products. Installation instructions can be found here.

The support described above is available in GSKit v8.0.50.52 and later. As of April, 2016, the latest GSKit v8.0.50.59 is available for download from Fix Central.

IBM Products that currently make use of GSKit v8 on Solaris (and therefore could take advantage of SPARC on-chip data encryption automatically) include (but are not limited to):

 Product Versions w/bundled GSKit v8.0.50.52 or later Versions requiring manual update of GSKit
DB2 v9.7 FP11, v10.1 FP5, v10.5 FP7
HTTP Server iFix available for v8.0 and v8.5
Security Directory Server (fka Tivoli Directory Server)
v6.3 and later certified with GSKit 8.0.50.59
Informix IDS v11.70 and v12.10 fix available which updates to GSKit 8.0.50.57
Cognos BI Server v10.2.2 IF008 and later
Spectrum Protect (fka Tivoli Storage Manager) v7.1.5 and later
WebSphere MQ v8 Fix Pack 8.0.0.4 and later

Determining Current GSKit Version

  • $ /opt/ibm/gsk8/bin/gsk8ver # 32-bit version
  • $ /opt/ibm/gsk8_64/bin/gsk8ver_64 # 64-bit version

Thursday Feb 18, 2016

How To Tell If SPARC HW Crypto Is Being Used? (2016 Edition)

We’ve been blogging here recently about the advantages of SPARC M7’s on-chip hardware encryption, as well as some Oracle partners whose software already works with it. Some readers have been asking “how can I tell if XXXX software is automatically making use of it?” A very good question, which we’d like to answer via an update on Dan Anderson’s seminal 2012 blog post, How to tell if SPARC T4 crypto is being used?

Back then, SPARC T4 hardware encryption was access mostly via userland calls, which could be observed via DTrace. Since then, the Solaris Cryptographic Framework in Solaris 11 makes more direct utilization of native SPARC hardware encryption instructions. This impacts numerous third-party applications, including recent versions of the bundled openssl). While a cleaner approach, it makes DTrace less effective as a way to observe encryption in action.

Enter cpustat and cputrack.

These Solaris commands allow access to SPARC CPU performance counters, and it just so happens that one of these counters tracks on-chip hardware encryption. For SPARC T4 and later, on Solaris 11:

# # Run on a single-socket SPARC T4 server
#
# # Show instruction calls: all processes, all vCPUs, once for 1 sec 
# cpustat –c pic0=Instr_FGU_crypto 1 1
  time cpu event      pic0 
1.021    0 tick         5 
1.021    1 tick         5 
1.021    2 tick         5 
1.021    3 tick        11 
1.010    4 tick         5 
1.014    5 tick         5 
1.016    6 tick        11 
1.010    7 tick         5
1.016    8 tick       106 
1.019    9 tick       358 
1.004   10 tick        22 
1.003   11 tick        54 
1.021   12 tick        25 
1.014   13 tick       203 
1.006   14 tick        10 
1.019   15 tick       385 
1.008   16 tick      2652 
1.006   17 tick        15 
1.009   18 tick        20 
1.006   19 tick       195 
1.011   20 tick        15 
1.019   21 tick        83 
1.015   22 tick        49 
1.021   23 tick       206 
1.020   24 tick       485 
1.019   25 tick        10 
1.021   26 tick        10 
1.021   27 tick       471 
1.014   28 tick      1396 
1.021   29 tick        10 
1.018   30 tick        26 
1.012   31 tick        10 
1.021   32 total     6868 

# # Show number of instruction calls for all processes, per CPU socket
# cpustat –c pic0=Instr_FGU_crypto –A soc 1 1
time soc event      pic0 
1.014    0 tick      7218
1.014  256 total     7218

# # Show number of instruction calls for existing process 10221
# cputrack –c pic0=Instr_FGU_crypto –p 10221 –o outputfile

Note 1: Oracle VM for SPARC (aka LDoms) before v3.2 did not allow these command inside a Guest LDom; starting with v3.2, one can set an LDom’s perf-counter property to strand or htstrand.

Note 2: By default, Solaris 11 does not allow these commands in non-global zones; to do this, set limitpriv=”default,cpc_cpu” and reboot the zone.

Now you can see these numbers go up and down as hardware encryption is used (or not). For something just a bit more intuitive, I whipped up a little bash script which shows relative usage over time. Feel free to adapt to fit your needs. Here’s the script and a run done just before a command was issued in another window which makes serious use of hardware crypto (this on a SPARC M7 server):

# cat crypto_histo.bash
#! /bin/bash

while (true); do 
    echo `cpustat  -c pic0=Instr_FGU_crypto -A soc 1 1 | \
        awk '/total/ {
            num=4*int(log($NF)/log(10)); 
            hist=""; 
            for (i=0; i<num; i++) hist=hist"="; 
            print hist
        }'`
done
#
# # Run this, then run ‘openssl speed -evp AES-192-CBC’ in another window
# ./crypto_histo.bash 
============
============
============
============================
================================
====================================
====================================
====================================
====================================
====================================
====================================
============
================
============
============
============

SPARC hardware encryption: Always On, Blazingly Fast, and now Eminently Observable.


Thursday Feb 11, 2016

SAS and Oracle SPARC M7 Silicon Secured Memory

In an earlier blog we talked about Solaris /SPARC features that enable you to increase end-to end security of your applications. One of the key security risk areas in applications is memory corruption.

Applications are vulnerable to memory corruption due to both common software programming errors as well as malicious attacks that exploit software errors. 317 million new malicious programs and 24 zero-day vulnerabilities were reported in 2014 alone*.

Memory corruption causes unpredictable application behavior and system crashes. A victim thread encounters incorrect data sometime after the run-time error occurred making these bugs extremely hard to locate and fix. Buffer overflows are a major source of security exploits. In-memory databases increase this exposure as terabytes of critical data reside in-memory. Databases and Operating Systems have tens of millions of lines of code, developed by distributed teams of thousands of developers, so errors introduced by a subsystem could adversely affect one or more other subsystems.

Oracle Silicon Secured Memory (SSM) is a feature of Oracle SPARC T7/M7 systems that detects invalid data accesses based on memory tagging. A version number is stored by software in spare bits of memory. Dedicated non-privileged load/store instructions provide the ability to assign a 4-bit version to each 64-byte cache line. Metadata stored in memory is maintained throughout the Cache hierarchy and all Interconnects. On load/store operations, the processor compares the version set in the pointer with the version assigned in the target memory and generates an exception if there is a mismatch.

3 hours vs 1 minute

SAS recently completed a proof of concept using SSM with SAS 9.4 and the Oracle Studio Discover tool.

SAS 9.4 is a large memory intensive enterprise application predominantly written in C.  Using a standard debug track that uses malloc(3) for memory allocation, SAS test programs could be run by optionally interposing the Oracle Studio discover ADI shared library to intercept malloc() calls.  This transparently enables discover ADI to utilize SPARC M7 Silicon Secured Memory to check for memory corruptions at the silicon layer and produce full stack walk backs if a memory corruption was found.

They were able to realize the following immediate results:

Tag Cross platform bugs in just 2-3 days of testing

Find, triage, fix and put back bugs in less than 2 hours

Identify bugs 180x faster

Other memory validation tool: 3 hours

Silicon Secured Memory and Discover tool: 1 minute

Memory Validation Testing In QA Cycles

SSM along with the Oracle Studio discover ADI allows ISVs to perform full QA runs running them at near real time speed, whereas traditional memory validation tools cannot be used as such due to their high performance overhead and instead are typically only used to debug memory corruptions after bug reports come in.

If you develop or deploy large scale memory intensive applications, can you afford not knowing how SSM can help you with your products quality and security?  

For more on the SAS as well as the Oracle Database experience with SSM, see the OOW 2015 presentation CON8216: “Inoculating Software, Boosting Quality: Oracle DB & SAS Experience with Silicon Secured Memory” (PDF).

To learn more about SSM and how your applications can take advantage of it, read the article Detecting Memory Errors with Silicon Secured Memory.


* Based on the April 2015 Internet Security Threat Report from Symantec.


Friday Jan 08, 2016

Informatica Analytics on Oracle SPARC: Up-to 9X Faster with In-Memory DB

Oracle and Informatica have a very close working relationship and one of the recent results of this collaboration is the joint project done by Informatica and our Oracle ISV Engineering team to test the performance of Informatica software with Oracle Database 12c In-memory on Oracle SPARC systems. 

Informatica previously optimized their PowerCenter and Data Quality applications on Oracle Engineered Systems, achieving up-to five times faster performance with Oracle Exadata Database Machine and the SPARC-based Oracle SuperCluster (see announcement). They have been Oracle SuperCluster Optimized as well as Oracle Exadata and Exalytics Optimized since 2014. Now they have taken a step further by successfully testing PowerCenter with the Oracle Database 12c In-memory feature achieving extreme performance on SPARC.

A significant number of Informatica customers use Oracle as their main database platform. With the introduction of the Oracle Database 12c In-Memory Option, it is now possible to run real-time, ad-hoc, analytic queries on your business data as it exists right at this moment and receive results in sub-seconds. True real-time analytics! The Oracle SPARC big memory machines with up to 32 terabytes of memory are the perfect match, delivering extreme performance for in-memory databases and business analytics applications. 

Informatica PowerCenter and Oracle Database 12c were both installed on the same machine and Informatica leveraged the In-memory feature really well and was able to scale very well on the Oracle SPARC machine.

The following are some of the test results showing the Oracle Database 12c in-memory advantage on SPARC for Informatica:

  • TPC-H Q6 Performance: 9x in-memory over buffer cache for the workload tested
  • TPC-H Q10 Performance: 1.5x in-memory over buffer cache for the workload tested
  • Oracle Writer Throughput Performance: 2.5x performance improvement in Ram Disk to Ram Disk over Disk to Disk
  • PDO Performance:  Aggregator Tx Throughput: 1.5x in-memory over buffer cache for the workload tested

The tests were run with the following software/hardware stack: 

  • Informatica 9.6.1
  • Oracle SPARC, 8 PROCESSOR, 12 core , 2TB RAM, 4.3 TB Disk
  • Oracle Solaris 11.2
  • Oracle DB 12c
  • Network 10GBps
  • Setup: Domain and DB on same machine

Oracle SPARC servers and Oracle SuperCluster with Oracle Database 12c In-memory prove to be a great platform for Informatica customers to run their analytic queries. 

For more details you can contact isvsupport_ww@oracle.com.


Thursday Dec 24, 2015

The Advantage of Running Temenos on Oracle Engineered Systems

Temenos, a market leader in banking applications, recently won the prestigious Oracle Excellence Award for Exastack ISV Partner of the Year for EMEA.

In the following video Simon Henman and Martin Bailey from Temenos discuss their banking applications and the main challenges their customers face.  They also discuss how Oracle Engineered Systems address these challenges and allow their customers to focus on their banking task itself and not on the infrastructure. That is why they recommend them to their customers and have become Oracle SuperCluster, Exadata and Exalogic Optimized.

In previous blogs we discussed how their main application T24 is SuperCluster Optimized as well as their WealthManager application.

Watch the Video.

Monday Dec 21, 2015

Scaling Intellect MH on Oracle SPARC to 25,000 TPS


Intellect Design Arena Ltd, a Polaris Group company, is a global leader in Financial Technology for Banking, Insurance and other Financial Services.

A joint performance and scalability testing exercise was conducted by Intellect Design and Oracle Engineering teams to study the performance and scalability of Intellect MH on Oracle SPARC systems. The activity was aimed at scaling up the application load in terms of Transactions Per Second (TPS) with a workload that consisted of a mix of 10 OLTP scenarios with audit logging enabled, as well as some related batch scenarios. 

Intellect FT Message Hub (MH) is a lightweight Java based integration platform that facilitates seamless and transparent integration of business applications. It reduces the complexity of integrating disparate applications by leveraging the principles of Service Oriented Architecture (SOA).   

MH provides a function to exchange data online and in batch mode, and enables various interfaces, integration of customer access channels like PCs connected to the Internet and mobile phones, and connection with external financial intelligence institutions and settlement networks.

Message Hub serves as a pass-through station between business applications. It provides a common platform for the customer to do business transactions. The Listeners will be an entry point for front-end systems to perform straight through transaction processing. Transaction Rule Engine (TRE) communicates with the Communication Engine and the Message Engine for communication with the host and message formatting requirements respectively. These engines coordinate the operations based on configured rules. 

The following are the key features of Intellect FT Message Hub:

  • Routing
  • Message transformation
  • Message enhancement
  • Protocol transformation
  • Transaction workflow management
  • Synchronous/Asynchronous transaction
  • Pre/Post process transaction
  • Post dated/ scheduled transaction 
  • Fail-over
  • Support custom action 

MH supports all industry standard protocols including SOAP over HTTP, SOAP over JMS, RESTful, TCP/IP, MQ, JMS, HTTP/s, EJB, File, FTP, SFTP, SMTP, IMAP, POP3. The product also supports a wide range of messaging standards such as SWIFT, ISO 8583, XML, SOAP, JSON, Fixed Length, NVP, Delimited, EBCDIC, POJO, MAP.

The diagram below shows the technical architecture of Intellect FT Message Hub.


Test Details 

OLTP Tests:

The most common MH transactions were covered in the tests. Different transactions were tested with different listeners and communication engines. A mix of the following 10 OLTP Scenarios was tested:

Audit logging:

Audit records  that contain the request and message details are inserted into  the MH database, once at the point of receipt of the message in MH and a second time after the message has just been processed but before the transmission of the message to the external system using communication engines.

Batch Tests:

In batch processing, records are picked up by Intellect MH from a preconfigured location. The files are processed and records are submitted to external systems (stubs) using JMS communication engines.  Multiple files are processed by the managed servers in parallel. The following batch processes were tested:

Hardware Details:

The application was deployed on Oracle SPARC T5 systems, FS1 Flash storage and ZS3 storage. 

Software Details:

  • Oracle Solaris 11.2 
  • Oracle Database 12c RAC 
  • Oracle Weblogic 12c Cluster 
  • Oracle HTTP Server 12c 
  • Oracle JDK 8 
  • Apache JMeter  
  • IBM MQ 
  • Polaris FT Message Hub 15.1 


Test Results:

The systems near linearly scaled up to 25,000 TPS, with an average response time of 323 ms and about 52K concurrent users.  For the batch tests around 10 million records (1000 Files, each containing 10000 records) were processed in 21 minutes. 

These results are 6x better than results seen currently on typical large customer deployments.

More Information: 

For more information, details and system sizing help you can contact the team via isvsupport_ww@oracle.com.



Wednesday Dec 16, 2015

Quartet FS In-Memory Analytics Java Advantage on Oracle SPARC

In a previous blog we had talked about the benefits of scaling up ActivePivot on large memory SPARC machines. ActivePivot, is the in-memory analytics suite from QuartetFS, which is implemented by customers such as HSBC and Société Générale.

ActivePivot is an in-memory analytic database written in pure Java that is frequently deployed in a terabyte of memory. Earlier this year, Quartet FS partnered with Oracle to deploy a large credit risk use case in 16 TB of memory and the 384 cores of an M6-32 SPARC server from Oracle. Antoine Chambille, the global head of research and development at Quartet FS presented "Operating a 16-Terabyte JVM...and Living to Tell the Tale" at JavaOne 2015 twice. These sessions were very popular and standing room only! You can download the presentation here.

During JavaOne 2015 we also had a chance to sit down with Antoine and discuss how they work with Oracle to push the limits of Java and take advantage of Oracle Big Memory machines to deliver interactive calculations for a new generation of credit and market risk applications. The new proposals of the Fundamental Review of the Trading Book (FRTB) run by the Basel Committee on Banking Supervision (BCBS) increase the need for such applications and scenarios.Watch the video for more details.


Tuesday Dec 08, 2015

IBM GSKit Supports SPARC M7 Hardware Encryption

Oracle and IBM have a very close working relationship running IBM software on Oracle hardware. One of the recent results of this collaboration is the announcement by IBM that its GSKit v8 now supports SPARC M7 hardware encryption (as well as SPARC T4 and T5 processors). This, in turn, means that several IBM software products can now make use of on-chip SPARC hardware encryption today, automatically, without significant performance impact

What Is GSKit?

The IBM Global Security Kit (aka GSKit) is not a product offering in itself, but instead a security framework used by many IBM software products for its cryptographic and SSL/TLS capabilities. Example IBM products making use of GSKit today include DB2, Informix, IBM HTTP Server and WebSphere MQ. This latest version of GSKit ( aka "IBM Crypto for C" ), version 8, was validated as a FIPS 140-2 Cryptographic Module within the past earlier this year.

Obtaining The Proper Version of GSKit

GSKit is bundled with each product that makes use of it; over time, new product releases will incorporate GSKit v8 by default. Until then, the latest GSKit v8 for SPARC/Solaris is available on IBM Fix Central, for download and upgrade into existing products. Installation instructions can be found here.

The support described above is available in GSKit v8.0.50.52 and later. As of this writing, the latest GSKit v8.0.50.55 is available for download from Fix Central.

IBM Products that currently make use of GSKit v8 on Solaris (and therefore could take advantage of SPARC on-chip data encryption automatically) include (but are not limited to):

Determining Current GSKit Version

  • $ /opt/ibm/gsk8/bin/gsk8ver # 32-bit version
  • $ /opt/ibm/gsk8_64/bin/gsk8ver_64 # 64-bit version

What This Means

In many cases (such as SSL/TLS over-the-wire communication), products using the proper version of GSKit on Solaris/SPARC will automatically take advantage of hardware encryption. Situations with larger client-server packets will benefit more than those with small packet sizes.  

This will allow these products to make use of the increased security that encryption offers with extremely low performance overhead (something that is not possible with software-only crypto or hardware crypto on other platforms).

Because each of these IBM products has specific use cases, we'll cover more details for each in future blogs.

Monday Dec 07, 2015

End-to-End Security: Solaris 11, SPARC M7 and the ISV Ecosystem

You'll be seeing quite a bit on this blog about increasing security of your applications in the coming weeks and months. Before that, however, before we dive into the specs and numbers, the wonders of CPU features, the software technologies that protect -- it is worth setting some overall context.  

Security is more than just data encryption. Indeed, security is more than any single feature, technology or product. Security, as much as anything in the IT world, must be addressed, planned-for and administered both in the whole, as well as the details. Security must be considered from beginning to end or -- as we engineers like to say -- "end-to-end". Holistically. The Big Picture. Soup to Nuts. You get the idea.

Because, in truth, while any single component of a system can provide state-of-the-art security for its little realm, the entire system is only as secure as each and every component. Your on-disk encryption can be unbreakable, but if your system uses weak passwords on internet-facing portals, your company could be the next featured New York Times data breach story.

Within the Oracle Systems Group, we get that. We understand that it takes more than algorithms and firewalls. That's why we'll be talking about Best Practices. About Security Compliance. About Industry and Governmental Security Standards. About hardware encryption. About all the roles in the development, deployment and use of a system. About the pieces of a system which, in total, is 'end-to-end secure'.

With the recent announcement of SPARC M7, Oracle now has the most compelling End-to-End Security platform for the Data Center. These new SPARC-based servers, with on-chip Security in Silicon, and running the Solaris 11 Operating System provide the following enhancements:

  • Silicon Secured Memory: For the first time, Silicon Secured Memory adds real-time checking of access to data in memory to help protect against malicious intrusion and flawed program code in production for greater security and reliability. This protection is available to third-party software developers via application programming interfaces.

  • Hardware-Assisted Encryption: Built into all 32 cores, this feature enables data encryption without performance penalty. This gives customers the ability to have secure runtime and data for all applications even when combined with wide key usage of AES, DES, SHA, and more. Existing applications that use encryption will be automatically accelerated by this new capability including Oracle, third party, and custom applications.

  • Built-in Solaris Compliance Tools: Oracle Solaris 11 lowers the cost and effort of compliance management by designing security features to easily meet worldwide compliance obligations; documenting and mapping technical security controls for common requirements like PCI-DSS to Oracle Solaris technologies with a simple-to-use tool that provides not only reporting but also simple instructions on how to mitigate any compliance test failures; and providing compliance report templates. The compliance system is standards based (XML) and built on the SCAP ecosystem (XCCDF, OVAL, and SCE), which easily integrates with enterprise wide compliance management programs. 

Tuesday Dec 01, 2015

Increasing Data Security with SPARC M7 'Always On' Cryptography

Oracle's new SPARC M7-based servers (released in late October) have numerous compelling hardware features, including the all new Software in Silicon feature set. What many still don't realize is that one of these features -- Hardware Assisted Cryptography -- has existed on SPARC CPUs for several generations. SPARC M7 provides the most powerful on-chip hardware encryption capabilities to date, and what many don't know is that it's Always On and it's available at No Extra Cost. It's also supported by a plethora of Oracle and third-party software offerings Right Now.

SPARC M7 provides 32 cryptographic engines per processor, delivering wide-key encryption of both 'data at rest' and 'data in-motion' with near zero performance impact. Most of today's most secure bulks encryption ciphers, message digests and public-key encryption algorithms are supported. Nothing to enable, no code to change.

SPARC M7 on-board encryption functionality (similar to that of previous-generation SPARC T5):

Accelerator Driver: Userland (no drivers required)
Public-Key Encryption: RSA, DSA, DH, ECC
Bulk Encryption: AES, DES, 3DES, R4, Camelia
Message Digest: CRC32c, MD5, SHA-1, SHA-224, SHA-256, SHA-384, SHA-512
APIs: PKCS#11 Standard, UCrypto APIs, Java Cryptography Extensions, OpenSSL

What about software support? Oracle 12c already takes advantage of M7 HW Crypto via its Oracle Advanced Security Transparent Data Encryption (TDE), out of the box. WebLogic? The same - it works out of the box. This is true for both native (C/C++-based) and Java Oracle "Red Stack" applications, all of which make seamless use of the underlying hardware encryption mechanisms. 

Okay, you say, we'd expect Oracle's Database and Middleware to support Oracle hardware features -- what about the rest of us? Well, as it turns out, much of the framework software in Solaris 11 is hardwired to take advantage on SPARC HW Crypto when it's detected. Third-party software that makes use of these will usually "get HW Crypto for free". This list includes:

  • openssl (5)
  • ssh (1)
  • Solaris VM for SPARC (aka LDoms)
  • Java runtime - configured via standard JCE/JSSE security mechanisms
The Systems ISV Engineering team is currently working with a number of Solaris ISVs to insure support and optimal usage of SPARC Hardware Crypto functionality. Look for future blog posts here (and technical articles on OTN) where we will cover this topic with ISVs such as IBM and Sybase.

"The future data center is completely encrypted, and this is the first processor that enables that."

— John Fowler, Oracle Executive Vice President for Systems

You can test your applications on SPARC M7-based systems today, to explore and leverage their breakthrough technologies using the Oracle Software in Silicon Cloud for developers and partners. Available now to all OPN members, enterprise developers with MOS accounts and university researchers (members of Oracle Academy), the Software in Silicon Cloud is a robust and secure cloud platform with ready-to-run virtual machine environments and offers easy access to Oracle SPARC M7 systems running Oracle Solaris 11.3. Try it today!

Additional Reading:

Monday Oct 26, 2015

New SAP-SD 2-Tier 1-node Benchmark Record on SPARC T7-2

Today Oracle announced an all-new family of SPARC systems with new dramatic advancements in memory protection, encryption acceleration, and in-memory database processing.

A new record result of 30,800 SAP-SD users for the SAP Sales and Distribution (SD) Standard Application benchmark has been published for one of the small servers in this family, the SPARC T7-2 server with 2 processors / 64 cores / 512 threads, SPARC M7 4.133 GHz, 16 KB (D) and 16 KB (I) L1 cache per core, 256 KB (D) L2 cache per 2 cores and 256KB (I) per 4 cores, 64 MB L3 cache per processor, and 1024 GB main memory. 

Comparing this result to other SAP SD results* shows the new SPARC M7 to be:

  • SPARC M7 1.9x faster per chip than x86 E5 v3 (Haswell)
  • 2-chip SPARC M7 nearly same performance as 4-chip x68 E7 v3
  • SPARC M7 2.9x faster per chip than IBM Power8 (6c)

The SAP SD benchmark results can be found here.    

* Results as of Oct. 26, 2015. Source: SAP, www.sap.com/benchmark.  The following two-tier SAP Sales and Distribution (SD) application benchmarks have been certified with SAP enhancement package 5 for SAP ERP 6.0: SPARC T7-2, 2 processors / 64 cores / 512 threads, SPARC M7 4.133 GHz, 30,800 SD users, 168,600 SAPS, Solaris 11, Oracle 12c, 1 TB main memory. Certification Number: 2015050. Dell PowerEdge R730, 2 Processors / 36 Cores / 72 Threads, Intel Xeon Processor E5-2699 v3, 2.3 GHz, 16500 SD Users, 90120 SAPS, Red Hat Enterprise Linux 7, SAP ASE 16, 262 GByte main memory. Certification Number: 2014033. IBM Power System S824, 4 Processors / 24 Cores / 192 Threads, POWER8, 3.52 GHz, 21212 SD Users, 115870 SAPS, AIX 7.1, DB2 10.5, 524 Gbyte main memory. Certification Number: 2014045


ISV Partners See Amazing Results on SPARC M7-Based Systems

Today Oracle announced an all-new family of SPARC systems built on the revolutionary 32-core, 256-thread SPARC M7 microprocessor. The systems feature Security in Silicon for advanced intrusion protection and encryption; SQL in Silicon that delivers unparalleled database efficiency; and world record performance spanning enterprise, big data, and cloud applications. These new systems, include the Oracle SuperCluster M7 engineered system and SPARC T7 and M7 servers. Read the full press release.

Some of our ISV partners have been testing these new systems through the early access program and have been seeing amazing results: 

Siemens PLM: Hear how Siemens looks to Oracle for innovation and integration across the stack, highlighting the SPARC M7 servers with Software in Silicon technology for unprecedented performance and unique security capabilities in this video.

“As a leading global provider of product lifecycle management software and services, Siemens PLM Software, helps thousands of companies realize innovation by optimizing their processes. We continually leverage our strong relationship with Oracle to ensure that our Teamcenter software is tuned to run on Oracle platforms. Teamcenter tests of the new Oracle SPARC M7 servers showed dramatic performance improvements, surpassing any improvements seen with a single generation upgrade of SPARC servers. Software-in-Silicon features of the SPARC M7 processor such as the Silicon Secured Memory and SQL in Silicon offer unique capabilities for performance tuning,” said Chris Brosz, vice president of Technical Operations, Siemens PLM Software. 

BPC: “BPC Banking Technologies’ long-term relationship with Oracle aims to find the best technology solutions for our clients. We successfully tested SmartVista on Oracle’s SPARC M7 server running Oracle Solaris, and measured the impact of the Oracle Database In-Memory option along with the SPARC M7 processor’s new SQL in Silicon feature,” said Evgeny Kozhin, senior solutions architect, BPC Banking Technologies. “We were excited to see dramatic performance increases for both our online and batch processing tests. SmartVista is highly tuned and traditionally we only see incremental performance gains with new processor generations. No modifications to SmartVista were needed to get these extraordinary results.”

Capitek: “Capitek AAA is a carrier-grade access authentication management application for the wireless communication networks across China. In our tests processing log files for each AAA server, Oracle's SPARC M7 systems with Silicon Secured Memory and Oracle Solaris Studio development tools proved to be the only effective method of protection against dangerous programming vulnerabilities,” said Jerry Chen, senior manager, Telecom Software Product Department. “It enabled Capitek AAA to be more secure and highly available with very little impact on overall system performance. Other software based memory checking tools proved to be unusable due to their large overhead.”

JomaSoft: “JomaSoft recently completed performance tests on Oracle’s SPARC T7 system running Virtual Datacenter Control Framework (VDCF), our management solution for creating, migrating, patching and monitoring Oracle Solaris environments. Our results showed VDCF to be 1.5x faster core-to-core on SPARC T7 compared to SPARC T5. JomaSoft views Oracle’s powerful SPARC M7 and T7 systems as ideal platforms for customer consolidation and virtualization projects, with technology and value that no other vendor can offer,” said Marcel Hofstetter, CEO at JomaSoft.

MSC Software: “MSC Software, a worldwide leader in multidiscipline simulation technology, recently tested our SimManager simulation data and process management system on Oracle’s SPARC M7 system with Oracle Database 12c. Our testing found SPARC M7 to be extremely scalable and able to deliver better core-to-core throughput than an Intel Xeon X5 v3 server running a SimManager workload. Oracle Solaris 11 virtualization also consolidates multiple instances of the MSC SimManager server, providing a simplified method of managing and processing hundreds of thousands of simulations for product design onto a single platform,” said Leo Kilfoy, general manager, Engineering Lifecycle Management Business Unit, MSC Software Corporation.

SAS: "Oracle's Software in Silicon technology delivers significant value to both SAS customers and internal development teams. The scalability, performance and extensive memory bandwidth of the Oracle SPARC M7 is well-matched with the highly threaded and memory intensive algorithms of our high performance Business Analytics software – which means customers running SAS on Oracle will see faster analysis of their data so they can make better business decisions,” said Craig Rubendall, vice president, Research & Development, SAS. “In addition, SAS uses a variety of tools to ensure the quality of code that is delivered to our customers. The SPARC M7’s Silicon Secured Memory feature along with the Oracle Solaris Studio Code Analyzer detected difficult to find run-time errors far more quickly than other products we use for this purpose, resulting in faster fixes to common code across all platforms.”

Software AG: “Software AG’s Adabas Database Management System Platform is optimized for large-scale transaction processing and provides high-performance and reliable data processing for enterprise business transactions. We have been collaborating closely with Oracle engineering and we recently tested Adabas version 6.4 SP 1 on Oracle’s SPARC M7 system through their early access program and achieved an amazing 2.8X performance increase over Oracle’s SPARC T5 system,” said Angelika Siffring, VP, Product Management, Software AG. “Software AG’s relationship with Oracle helps us provide the fastest and most secure software solutions to our mutual customers.”

Software in Silicon Cloud 

You can test your applications on these new systems to leverage their breakthrough technologies using the Oracle Software in Silicon Cloud for developers and partners. Available now to all OPN members, enterprise developers with MOS accounts and university researchers (members of Oracle Academy), the Software in Silicon Cloud is a robust and secure cloud platform with ready-to-run virtual machine environments and offers easy access to Oracle SPARC M7 systems running Oracle Solaris 11.3. Try it today!

Tuesday Oct 13, 2015

Asseco def3000/CB Core Banking Systems Optimized on Oracle SuperCluster


 “Our biggest clients need highly performant and scalable systems to grow their business and consolidate data from other banks in the future.  With Oracle SuperCluster we can offer a platform that meets these requirements and offers our. Oracle Systems are now a preferred platform customers lower TCO for Asseco's def3000/CB solution.”- Robert Płociński, Technical Director, Commercial Banks Dept, Asseco

Asseco Poland is the largest IT company listed on the Warsaw Stock Exchange. It has developed technologically advanced software solutions for companies and institutions of all key sectors of the economy for more than 20 years. Today, Asseco is the number one IT powerhouse in Central Europe and the sixth largest software vendor in Europe.

Their def3000/CB (Core Banking) system constitutes the central point of their product offerings for a modern financial institution. It is a state-of-the-art, comprehensive tool, which allows to pursue an effective, efficient and competitive policy of the Bank.

Recently Asseco tested and tuned def3000/CG on Oracle SuperCluster and achieved Oracle Exastack SuperCluster Optimized Status.

Here's what they tested:

  • def3000/CB 10.05.000N
  • Oracle SuperCluster T5-8 Half Rack using Solaris Zones and 4 Exadata X5 HC storage nodes
  • Oracle WebLogic Server 11g
  • Oracle Database Enterprise Edition Release 12.1.0.2
  • Oracle Real Application Clusters
  • Oracle Partitioning

Oracle Solaris 11 Oracle SuperCluster accommodated the workload requirements and performance SLAs from their biggest customers as well as near linear scalability with RAC and Database partitioning.

It met business and technical requirements to be a preferred platform for def3000.

For more information about def3000 check here.



About

Application tuning, sizing, monitoring, porting on Solaris 11

Search

Categories
Archives
« June 2016
SunMonTueWedThuFriSat
   
1
2
3
4
5
6
9
10
11
12
13
14
16
17
18
19
21
22
23
24
25
26
27
28
29
30
  
       
Today