Slashdot Mirror
Managing Linux and Virtual Machines?
deijmaster asks: "For a couple of months we have been hearing (as a major consulting firm) IBM people pushing the possibility of installing a Z/Linux VM setup at one of our biggest clients (financial). To a Linux user such as myself this sounds great, at first. Now, I am a bit reluctant when it comes to managing this kind of infrastructure, with little or no local expertise at IBM. Has anyone gone through a Z/Linux VM corporate installation and lived through the management of such a solution?"
I once saw Amdhals version of Unix running on a mainframe at New England Telephone. The ps command yielded about 20,000 running processes and the guy I knew told me that it was just one of 6 VM systems running on the same hardware.
I was impressed.
SG
That's really not what he means. This is using a completely non unix oriented system (a mainframe) running a VM (which is not an emulator, virtualization is built into mainframes) to run many instances of linux (which isn't emulated either, linux runs natively on mainframes).
Oh, and the Marist linux-390 listserver is well worth subscribing to.
If you have never touched VM, then you will be well and truely out of your depth. It's a whole different world to Unix/Linux.
So you will have to get a VM person in. Probably only on part time contract, and IBM will can provide that person for an additional fee.
In time you may learn enough to support your very limited VM environment.
ln -s
1. What exactly demands this solution?
2. Can a pure Linux box, with mild tweaking, still not be more useful and create less overhead than this?
Someone in this thread mentioned IBM implementing wildly complex systems in order to push consultation, and on some levels it's true. PeopleSoft does it also. In some cases, Oracle will have a go at this tactic. My advice is to do some searching first, without the input of IBM, and see if you can't find a better solution to whatever problem you're trying to remedy.
Just consider it VMWare for big boys. I'm doing a wee bit of development for Linux on zOS, and most things just work once you get it installed. Lots of options, depending on how you carve up the system. Anyhow, for the most part it is all about fast i/o, rather than monster processing power.
Picked up Linux on the Mainframe over the weekend, but plan to read it on a (very long) plane ride next week - looked like it focused on care and feeding, however.
+++ UGUCAUCGUAUUUCU
Well I used to work at similar financial company where IBM was pushing something similar as well. What it boiled down to was the following issues.
1. for the equivalent # of VM's it was more cost effective to buy new Intel hardware. The annual maintaince cost for the IBM more than paid for all new hardware.
2. Software availability. The only thing you could run it would be home grown apps or existing opensource apps. No commercial software was available. This company was an all Oracle shop, no DB2. They're primary opensystems backup solution was Netbackup. Which at the time had no client for linux on Z. (a year ago).
3. In house expertise. They had no linux expertise and very little Unix (solaris & HP) (jr admins at best) expertise. Let alone running linux on a Z.
So to sum it up. It's a very expensive, somewhat propritary and inflexiable environment. If you have a specialized use for it and can justify the cost go for it. Otherwise stick with commodity Intel/AMD hardware. It'll be cheaper and easier in the long run.
I haven't worked with a Z/Linux VM before. However, I have used User Mode Linux to create a dozen or so virtual servers per host server. And I'd imagine that the benefits offered by UML would also apply to Z/Linux VMs.
For example, with UML you're able to get much better resource utilisation. e.g. most of the time the machine is idle. When one of the UML servers need the host server's resources, they're there (CPU, network, disk IO, etc). That means you can have multiple UML servers bursting up to the performance potential of the host server. Certainly a better resource utilisation than having several host servers running mostly idle.
Another benefit of virtual machines are their logical separation from the host server. Each virtual server has their own users (including root), applications, file systems, IP address, etc. That means that if security is compromised on one, the others are unaffected. Ditto resources can be allocated to each virtual server according to need. And any mis-configuration on one doesn't affect the other. This compares to running multiple applications on the same server for different purposes (e.g. running HR and Account systems on one server, if email goes down them both systems are affected. In a virtual server setup, only one of the other would be affected.
So... Thumbs up to server virtualization software in general. Particular kudos to UML. And good luck finding out about Z/Linux!
- P
RimuHosting.com - Linux VPS Hosting
I work for a big financial firm in NYC that is using Z/Linux pretty heavily. I have to say that while we are very happy with the results, it is VERY important to have VM people on staff who are also Linux savvy. IBM has been great in getting us set up, but they don't live with the systems. We do. You'll need to be very careful about what you're using the Linux instances for, and take alook at how they'll use hardware resources, like the OSA cards.
With careful planning, and the expectation that it will be a bumpy start, you'' find that it's a very rewarding experience, both personally and professionally.
I wouldn't get hung up on the whole "local" thing. You just have to understand how IBM works. There's no concept of "local" at IBM. At any one point in time, 50% of IBM employees aren't in a traditional work place.
If you have problems, contact IBM and they will get their best people on it. IBM is all about customer service. You never get fired for buying IBM. From an engineers perspective, it's a pita. The best people in a department end up spending most of their time working on customer problems.
Hell, IBM still supports OS/2. If a Z-Series seems to solve your problem, go for it. IBM will take care of you.
http://www.linuxcare.com/
Chrisd
Co-Editor, Open Sources
Open Source Program Manager, Google, Inc.
You do realize that emulating any decrepit UNIX machine must be a rusult of running ancient code that has now been copied into SCO Unixware. You would then be using SCO IP (Idiotic Property). You will have to pay them 100 trillion dollars plus $699 for the Linux.
Speech: Free
Beer: $699.00
I sold and installed the very first Linux application on the S/390 --a Multiprise running VM and it worked great. We used the TurboLinux port and then finally wound up with SuSE.
We compiled the source code and it ran just like it did on a big Intel box. IBM helped with hardware issues which related to load balancing amongst the VM instances. One of their business partners supported the customer, Winnebago Industries with regard to Linux and OS 390.
IBM wasn't much of a factor as far as needing support. They supported the mainframe, the OS and VM just fine. SuSE installed without a single issue.
Some other issues arose in getting the user to learn IBM mainframe lingo, such as IPL instead of boot, and DASD. But, that didn't require much effort. The IBM Redbook on running Linux on the S/390 was all we needed to transfer knowledge. We downloaded it for free in pdf format.
The main benefit I discovered was the ability to consolidate servers. We replaced a bunch of M$ Exchange servers and ran a suite of Open Source apps such as Cyrus IMAP, Open LDAP, Exim, Apache, etc. We were able to get rid of a bunch of distributed servers and put them on one instance.
I suggest that IBM can help, but I don't think you'll be dependent on them. They're very expensive. With Linux on the zSeries or S/390 you can do everything yourself. -- That might not be what IBM wanted, but then they championed Linux, didn't they!
Familiarity with Linux will not help you setting up the zLinux environment. It works like this: You dedicate a few processors of your mainframe to Linux. These processors will run VM, which has:
The users are defined in a "user directory". There, you can specify how much memory, disk and CPU share you want to give to each user. These users, remember, are in fact virtual machines that will boot an image of Linux compiled for the zSeries processor architecture.
If you want to create and take down Linux images frequenlty, you'll have to install and customize some VM scripts that will do the job for you. When the scripts are installed, you can setup a new Linux image (complete with its own disks, IP address, etc.) with a single operator command.
Most sysadmins of a zLinux machine spend a lot of time in VM. So learning VM is essential if you are going to do this job. VM was created 30 years ago and is somewhat primitive in places, but the resource virtualization mechanism is incredibly powerful and makes up for it.
Finally, make sure that people understand that there might be dozens of virtual CPUs defined under VM but only a few real CPUs. If you have 4 CPUs, a Linux user with an absolute CPU share of 25% will have the equivalent of one CPU. If the Linux image is used for recompiling its kernel, it might be a tad slow. The mainframe has great I/O performance but only run-of-the-mill raw CPU speed.
Good luck.
Have you ever dealt with a cluster? Large clusters are fucking expensive to run 24x7x365. They require a lot of Air Conditioning (we spend over $1,000 a month on just AC, that's an expense that is never going away), electrical and a shitload of space.
I know this is Slashdot, but a beowulf is not always the best choice!!!
Can I get an eye poke?
Dog House Forum
Exactly. I find it interesting when people comment out of the space of speculation. The original question was for someone with "experience". That doesn't mean that he wanted uninformed opinions based on some notion of logic. If someone hasn't sailed the boat, don't tell me how to do it.
I'm an IBM'er currently on assignment at the world's largest insurance company. I was brought in because they wanted to consolidate servers to a mostly-Linux solution. After piloting Samba 2 beta on zLinux last summer, they balked at the heavy reliance on Z.
The key is for people to realize that the type of workload is critical when deciding to try zLinux, and any barking about Athlon vs. G6 is useless. Also, vendors need to realize that once you compile an app on Linux on any one platform, you're usually a recompile away from running it under Linux on any other platform. Hence my reasoning that any complaints about software availability from a year ago is also useless. More apps are being ported to zLinux everyday.
Linux on Z has a role, it just needs to be explored by more brave souls. Besides, I've always said that if I leave the company, I'd like to create an "ISP in a box" using a z800 and some ESS disk to host a few thousand virtual web servers. I implore people to please visit Linux@IBM for more information.
Intelligent Life on Earth
Amdahl's version of Unix was and is UTS. It was spun off in May 2000 as UTS Global LLC. Check out our webpage at http://www.utsglobal.com.
Ahh yes, grasshopper, but when that one uber-box dies(hard disk, fan, power supply, whatever), gets powered off by accident, network cable unplugged, yadda yadda- it affects ALL the virtual machines.
Granted in the Big Iron, you've got lovely hot-swap capabilities and such(processors, memory, etc)...but nothing is foolproof or 100% reliable. It's the old joke with pilots about twin-engine airplanes; the door swings both ways and there's no such thing as a free lunch. On one hand, you've got a spare engine if one dies, but you're 2x as likely to have a failure, you've got a lot of added complexity, and sometimes it still won't save your bacon(twin engine planes have an abysmal survival rate for engine failure in part because of the really shitty way they fly with one engine down). This is VERY applicable- because managing this big IBM server is much more complex(the whole point of this article) than seperate hardware.
Best example I can think of in how hot-swap can still not save the bacon is with the Cisco PIX 5-something(The 1U pizza-box one). It has FULL failover- if you've got two, and one shits the bed COMPLETELY, the other one takes over absolutely everything, including active connections; they share ALL state information for what's called stateful failover. Aside from a momentary blip where things stop for a sec...nobody's the wiser that a piece of very expensive hardware just let the Magic Smoke out. The problem is that the PIX OS version we had was buggy and would crash randomly- and because they were sharing connection tables and everything, they'd BOTH die, which was REALLY bad since the boxes didn't have hardware watchdogs(!). We turned off fully-stateful failover, and the problem went away; we'd notice they'd ping-ponged(there's an 'ACTIVE' led to show you which is live) and we'd power-cycle the other.
So ask the tough questions; instead of asking what's N+1, ask what's NOT N+1, and do a very careful breakdown of what exactly it will cost to run this big huge box, and figure out what the 'per [virtual] machine' costs are...
Please help metamoderate.
To paraphrase YOU...
Have you ever dealt with a MAINFRAME? Large MAINFRAMES are fucking expensive to run 24x7x365. They require a lot of Air Conditioning (many people spend over $1,000 a month on just AC, that's an expense that is never going away), electrical and a shitload of space.
And he diffrence is what? For most applications, clusters, for all their faults are faster and cheaper than mainframes.
We've got a production linux instance running under VM alongside our production VSE system. Since the box is fairly underpowered we get a minimal slice of the CPU. This makes the system respond like a 286 with the 'turbo' button turned off.
When the VSE instance bombs out for some reason, and we get effectively 100% of the CPU it responds like a pentium... maybe. Think P166.
Unfortunately in our circumstance we can't 'turn on' more MIPS because then our VSE instance is running on a 'bigger' machine and we end up doubling our licesing costs. Other alternative is to turn on the ILF (integrated linux facility) which dedicates 120Mips to linux only, without affecting other licesning, but that costs $150k. You can buy a lot of 2-way or 4-way pentium boxes with decent RAID arrays and get much better performance for that kind of money.
So if your shop is run by some sort of morons and you've got 100's of spare MIPS to burn, then Linux on the mainframe probably makes some sense. Otherwise, just get some intel boxes. Any savings the mainframe provides in terms of power, cooling, and ligher administration is going to be offset by massive complexity, poor performance, and a lack of easy support for a bizarre platform that few developers have access to.
"But actually trying to use m4 as a general-purpose langage would be deeply perverse" --ESR
At my workplace, we run about about two hundred corporate websites. The majority of those are on three boxes from Penguin computing, and the bare minimum required by our contract with IBM are on the z-series. At first we thought it would be a great deal, and looked forward to moving all of our sites over to the high-performance IBM machine. But it failed EVERY SINGLE test we could think to throw at it, except trying to brute-force an RSA key.
They're great number crunchers, but they don't hold up under any kind of pressure as a web server. We had the z-series with no sites on it run benchmarks and compare to our development box with 20 sites hosted, and the development box (Penguin Computing) kicked its ASS.
Every time one of our developers has to ssh into the IBM machine, they yell "Cover me, I'm going in". Our running gag is, if they're not done editing the apache config or whatever in ten minutes, we'll have to send in a rescue team.
My rational, scientific, carefully measured opinion is that the IBM z-series SUCKS. HARD.
Gee, I sure wish I wouldn't get in trouble for sharing our benchmark data with you. Oh well, you'll have to take my word for it and hope the majority agrees.
Austin is more fun than Dallas.
IBM mainframe complexes basically never go down. There are installations that have been running 24x7x365 for decades. That's the whole point of owning one.
There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.
We're fortunate to have a good solid VM guy, so implementation was no big deal on our dev box. But we've noticed a few things along the way...
VM is expensive. Engines on the mainframe are expensive, and are the weak point in Z/Linux. Mainframes normally run batch types of workloads, and have great big fat I/O. They're not necessarily great processing powerhouses.
You can download Linux and install it on the mainframe; but you get zero support. If you want support, open up that big old budget again. When we looked at it, Suse wanted about $20k per year, and RedHat wanted $24k. We flew solo instead. So far it's been fine; but be prepared to pay if you want support (which, by the way, is something the PHB's and mainframe systems programmers are used to having.)
As for operational considerations, I haven't really had any problems with it at all. There aren't many rpms out there for z/os; but you can compile almost anything and use it.
Installation is kind of cheesy; but not horrible. You basically set up your vm guest, log in to it and ftp the linux kernel, ramdisk and parmfile to the guest dasd, giving it a fixed record length of 80 bytes. You then feed these into a virtual card punch (that's right, a virtual Hollerith Punch Card Reader - 80 columns = 80 bytes), then into a virtual card reader, and ipl the reader.
This gives you a running instance of linux that you can use to do a net install of the full distribution.
In the implementation class I took, I was partnered with a mainframe guy who was complaining about how archaic vi was. It made me laugh.
"Dude. We just chopped my kernel into 80 byte blocks and fed it into a card reader. Don't talk to me about archaic."
Hot Damn! It's the Soggy Bottom Boys!
One of my clients, a large insurance firm in the New England area, is in the process of consolidating their NT environment onto VMWare ESX server, which is linux based. This is an IBM X440, running about 30 consolidated NT VMs. Since it's VMWare it can also run linux VMs. They are saving about 500k annually on this setup in associated costs for hardware/support/environmentals. This was a pilot, and they are going to be moving forward with more consolidation based on this.
This really isnt a new concept, most of us know of the IBM P-series, Sun E-10ks and 15ks, and the HP Superdome. All use virtualization in one form or another to provide this kind of setup. Z/series is kind of novel, because....hey...its a Mainframe.
would it be possible to use UML on top of OpenMosix. Theoretically this should allow you to have several cheap intel/amd boxes acting as one (so shared resources) and then running multiple linuxes in UML would allow for an efficient use of those resources. In the end, would this not be close to the Z series, just cheaper? I imagine it might be a bit trickier to admin, but it would be interesting.
> "I allege that SCO is full of it" -Linus
Grain of salt, yada yada...
d bo okAbstracts/sg246824.html?Open
:(
I second the idea that it is very important to have VM skills on site for a customer looking at this. Presumably the customer is already a z/Series account, so they probably already know a thing or two, but they may have bought into the "VM is going away" speech and gotten rid of their VM stuff years ago and gone to z/OS.
Even if they have VM skills from 5-7 years ago - that will still do. VM hasn't changed all that much, it just has some more bells and whistles. So one or two refresher courses for whoever is still around in their shop will get them up to speed on z/VM 4.4 if they knew it 'Back in the day'.
And yes - Linux on VM is still young. Most shops appear to do a lot of 'roll your own' solutions to the administrative problems. Get hooked into the Marist linux390 mailing list, there are a lot of smart folks there who have at least thought about any problem youre likely to have.
I've run/tested every one of SLES 7, 8, RedHat 7.1, 7.2, RHEL3 beta, TurboLinux (old and crusty now) and Debian with pretty much any IBM middleware you could think of. From the linux side - it doesn't know anything about VM, or care. So you as the administrator must make sure it plays politely with the others it lives with. You probably should not just throw 2 Gigabytes of storage at it just because Websphere says it needs it. Running Linux with VM does require some understanding of how to make the most of shared resources. Check out this redbook:
http://publib-b.boulder.ibm.com/Redbooks.nsf/Re
It makes a lot of these points better than I can.
--Anonymous Coward cause I forgot my password
I've done plenty of these. I'm sure a little Googling will reveal who I work for and that I'm probably not lying. I'm also not an IBMer.
As with anything, "it depends." In my experience, L/390 under z/VM works best in I/O-intensive heavy-throughput roles. Do not throw CPU-intensive work at it. If you need CPU, either build an Intel farm, or use an architecture that's designed for serious computing, like a pSeries.
From a manageability standpoint, you will be flabbergasted how much easier it is to manage a z/VM box with 100 Linux instances on it than it is to maintain 100 rackmounted x86 boxes. And once you get your legs under you with VM, it's amazing how tunable the system parameters are. FCON/ESA (now Performance Toolkit, in z/VM 4.4) is really, really your friend in terms of determining where the system hotspots are. And once you've tasted how to deploy additional servers in two minutes without leaving your chair, it's really hard to go back to old-skool provisioning.
Adam
They're a heck of lot less wasteful (electrickery into heat) than they used to be, and require a lot less space (again, compared to the past).
Clusters ... I don't know where you get the 'faster and cheaper' line, unless you're talking about applications specifically designed for clusters. When you start writing apps designed for a few thousand simultaneous users, the benefits of the mainframe become apparent. Stability. Speed. The ability to hold gobs of info in ram. Which, BTW, makes them the nearly ideal web server. Security (hey, it's not M$!). Mainframes are a mature technology ... meaning lots of the annoying things (both hardware and software) still plaguing the small boxes have been fixed. (Admittedly, 'mature' often translates into 'f$cking obsolete pos' (i.e. panvalet).)
I don't worry about backups conflicting with apps on the mainframe. I don't worry about the details of storing things reduntantly (although that's quickly getting solved on the smaller boxes). For those things written on WinWhatever, the programmers need to worry about every little upgrade/patch from M$.
Now, most places still give mainframes a room of their own ... and it tends to be a bigger room than servers get. And, if you're happy with something a little slower and little less reliable, a good farm runs less than a mainframe.
But, to put things in perspective, one of my databases (non-mainframe) is moving to a USD 2.1 million machine. That's a fraction ... as in, from 1/4 to 1/20 (depending on options) of a mainframe.
I'm working in both worlds. I like the cost benefits of the smaller boxes. But it still freaks me out when users punch in a query and it takes several seconds (to minutes) for a response, when the delay on the mainframe is done by the time the enter key pops up.
Not quite, though the effect is similar. Both VM and Linux are supported by a combination of software and microcode. However, IBM has been very successful in putting almost all performance critical code sections in microcode. Thus, VM and Linux are 'emulated', but the overall performance usually ends up being quite close to what could be achieved if the support was indeed natively supported.
Covener, you're right. zSeries suck as number crunchers. They are great at intensive I/O jobs. They are great at consolidating servers that aren't all busy at the same time. But "brute-force an RSA key" is exactly what you don't want to spend your expensive MIPS for.
BTW, I found that on a web server mettle test, large file transfer performance was better on zSeries than on RISC boxes. The larger the files, the more advantage to the mainframe. This is an interesting side-effect of having processors dedicated to I/O and freaking huge I/O bandwidth.
--
Mad science! Robots! Underwear! Cute girls! Full comic online! http://www.girlgeniusonline.com/
If you think the dissenting opinions on this thread are bad, read the Linux390 mailing list. One thing just about everyone agrees with on the list is this. Do not buy a mainframe to run Linux. If you already have a mainframe that has some spare cpu time, look into consolidating simple services onto LiuxVMs. Generally speaking linux on the mainframe relies on "well in this case" situations that make it cheaper. For instance you can use Samba on a LinuxVM to have a very reliable file-server, but DASD and Shark's are bloody effing expensive compared to pretty much any other system. However, if you already have a well enginered backup system and all the neccisary licensing, perhaps that tips the costs back in favor (or at least break even). There are a great many who see Linux390 as half "geeks looking to do something nifty with linux" and half "IBM looking to show off its linux-commitment and get some free press about its mainframes". Because when you really learn about all the options, benefits, and limitations, there are suprisingly few situations where it's worth it.
we have been hearing (as a major consulting firm) IBM people pushing the possibility of installing a Z/Linux VM setup at one of our biggest clients (financial)
:). Personally I would stick with rack mounts... or, use a data center ( offsite ) if the opportunity presents itself.
Reading this sort of shocked me... in the past I worked for a major Canadian trust company ( hint hint ) and contracted to a different major Canadian bank, and both were in bed with IBM. In all honesty, im a bit shocked you have any say in the matter at all! From what I found of the IT departments at both banks... if IBM said it was right... it was right. Hell... I was hired to port a bunch of Visual Age C++ Framework ( forget the name now, but it was IBM's equivelant to MFC but on OS/2 and windows )to a Java compatible object model... so that eventually all their systems could be ported to java. If you remember a few years back ( perhaps 5 ) IBM was the biggest supporter of Java outside of Sun. Before that it was OS2, and for a while there I believe it was smalltalk ( before my time... ). Now, IBM has attached itself to Linux, and will consult all of their major customers to do this migration as well. Thing is... both the companies I worked with did what IBM said, almost blindly... hell, as far as I understand it, they are still porting away from OS/2 to this date... Poor bastards... im glad I left that world behind.
I guess the old adage is true... you never get fired for choosing IBM. You get a good look at the politics within a bank though... and you will see thats where most managers interests lay... self preservation... not doing whats right. Whats the Moral? Hmmm.... I suppose its just that, you should consider yourself lucky, that the financial institute you are work with even questions IBM's judgement
As to the VM solution itself, I have to admit, that particular technology I have had no direct experience with. However, unless you have the budget to have a complete server for backup ( as in standby, not as in storage... ) I dont like the concept in general. If you cant hot swap a server in place of the Z, you are playing with fire putting all your eggs in one basket. I dont care how many redunandcies are built in... you are still running multiple important tasks of one box. If you do have a hot swapable backup... obviously your budget is bigger then mine