DOCSLIB.ORG

Library Operating Systems and Virtualization

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Library Operating Systems and Virtualization Musings about virtualizaon and the future of OS research. Orran Krieger A bit of history 1990 1994 1997 2001 2007 Tornado Toronto Hurricane IBM K42 Rhype Xen Libra VMware VMware Hive Disco Stanford Outline • Virtualizaon will be pervasive • Why does a 1960s technology make sense? • New uses of virtualizaon: – Applicaon distribuon – Ulity compung – The OS of the future Outline • Virtualizaon will be pervasive • Why does a 1960s technology make sense? • New uses of virtualizaon: – Applicaon distribuon – Ulity compung – The OS of the future Virtual is beer than physical Suspend Log Resume Snapshot VMM VMM Clone Migrate Record Replay etc. Virtualizaon will be pervasive • As of this year IBM, HP, Dell, FSC, NEC support new embedded hypervisor on x86 systems, although not yet pervasive • IBM has shipped on z/p/I for years, Sun & HP shipping on non x86 HW. – Gives HW vendor place to deploy funcon – Gives much simpler out‐of‐the box experience – Long term… virtualizaon will be pervasive on all plaorms. • Requires fundamental changes. Its got to get on a diet 98% 2% Agent … Agent RPM RHEL3‐based Service Console Helpers VMM VMM VMM VMkernel Storage Networking Resource Management HAL and Device Drivers Disk Footprint: 2 GB Disk Footprint: 32 MB Percent of Patches >50% Its got to get on a diet 98% 2% Agent … Agent RPM RHEL3‐based Service Console Helpers VMM VMM VMM VMkernel Storage Networking Resource Management HAL and Device Drivers Disk Footprint: 2 GB Disk Footprint: 32 MB Percent of Patches >50% Other requirements • Support all requirements that HW might be used for: – Determinisc real me – High assurance – Embedded, Client & server • We will need to move to much more customizable design, where plaorm depends on the modules installed. Outline • Virtualizaon will be pervasive • Why does a 1960s technology make sense? • New uses of virtualizaon: – Applicaon distribuon – Ulity compung – The OS of the future How can virtualizaon be important? • Virtualizaon invented to allow OS development on massive mainframes. – Allowed HW and OS developers to work independently: everyone else had ght coupling, new OS for each HW plaorm – Allowed new stacks to be deployed & tested by customer. • Why is this technology important in a world of cheap scale‐out commodity computers? – Much of the original value for HW virtualizaon subsumed by virtualizaon levels in and above OS. Modern OS Evoluon • Commodity OSes had enormous pressure to add funcon to support new applicaons. APP APP APP APP APP APP APP APP APP APP APP • Security and reliability secondary APP APP APP APP APP APP APP concern in the broad market, ‐> APP APP APP feature creep… • The rich funcon of general purpose Applicaon Support OS became necessary for servers… Hardware Mgmt. • Problems — Too complex > Security > Reliability > Manageability > Performance > Innovaon The research community failed • Research community developed alternaves: – Microkernels – Exokernels – Customizable OSes … • No innovave technology could get sufficient funcon to build up massive user base: – User had to dedicate HW to the special purpose OS: new innovaon needs to be free to get community – Had to support large complex HW • Exisng OSes too complex to allow incremental innovaon What virtualizaon gives us • A stable interface that the rich funcon of commodity OSes runs above. • Allows new technology to be deployed alongside or underneath commodity OSes. – Zero cost to deploy innovaon, if it solves a problem, great! – HW complexity disappears, way easier to develop new OS. • “Any problem in computer science can be solved with another level of indirecon” (David Wheeler) • Virtualizaon, as the level of indirecon, allows us to have massive adopon and innovaon. Outline • Virtualizaon will be pervasive • Why does a 1960s technology make sense? • New uses of virtualizaon: – Applicaon distribuon – Ulity compung – The OS of the future Problems with SW distribuon model • Not so bad with MacOS, System Z… vendor controls it all, especially if applicaon specific to plaorm. • In the high volume MS and Linux space, lots of vendors, working at different schedules…: – ISV must support many operang systems from a correctness and performance opmizaon perspecve. – ISV must support for all patches (e.g., app, websphere, DB2, OS), applying patch may break any level, DLL hell... – Installaon: user must install full OS, administer all the levels. • 50% of support calls during install/configure cycle • Installaon different from what ISV expected, performance/funcon problems – Support hell: where does the problem come from – Backup, HA… tools different from what ISV tested – Patching hell: patch of any level may break others – Management and performance opmizaon complexity for user… – Mul‐ered applicaon has mulple components that need to be configured and integrated to operate together. – Huge barrier to entry for new SW: • SW must have compelling value, solving many problems • SW gets more complicated, and we are stuck in a vicious circle. Hardware Appliance‐Based Soluons: PROS • Comes “pre‐assembled” with all of the required components for the soluon (hardware, OS, applicaon bits) • Simple plug‐and‐play installaon • Consistent stack makes support easier for vendor • Underlying lower levels (OS) can be “hidden” from user Hardware Appliance‐Based Soluons: CONS • Proliferaon of non‐standard hardware • Hardware support provided by non‐standard vendor (possibly mulple vendors: one for hardware, one for overall soluon) • Operaons team has to learn how to support both the hardware and the soluon • Hardware used for a single purpose may be under ulized • Hardware takes up rack‐space, consumes addional power, and requires addional HVAC What is a Virtual Appliance • Pre‐built, pre‐configured and ready‐to‐run soware applicaon packaged with the OS inside a Virtual Machine. FIREWALLVirtualFirewall Appliance SW Linux • Or packaged inside mulple Virtual Machines Apache mySQL CRMVirtual Appliance Linux Tomcat Linux Linux VA distribuon model • ISV supports a single OS, and can full opmize • ISV controls the full environment, patches… • No installaon effort • No finger poinng • Backup, HA… either integrated in appliance, or at the VA level • Mul‐ered applicaon configured by ISV • New SW can be easily deployed, tested, discarded, does not need to solve all the worlds problems • Customer picks the HW Where we are going long term Ready‐to‐Go Music Ready‐to‐Go Apps “VAM” VMware Infrastructure iPod What is needed • Tools for developing virtual appliances • Tools to allow ISV ongoing role in administering soluon. • Standards in infancy: OVF • Meta data to describe expected role of components to VI • How do we make download cheap (streaming, de‐duplicaon…) • Evoluon of SW to separate installaon from customizaon. • VI that can introspect on appliance, what level of trust in ISV required? • Ulity infrastructure • New OS model Outline • Virtualizaon will be pervasive • Why does a 1960s technology make sense? • New uses of virtualizaon: – Applicaon distribuon – Ulity compung – The OS of the future Grid and grid‐like technologies are the future • Web applicaons being developed with scale‐out frameworks • MapReduce and related frameworks…, Data Intensive Supercompung • Ulies inside companies • Hosng companies like Rackspace • Shared ulies like Amazon’s EC2 • The rise of SAAS like salesforce.com • HPC capacity and capability systems Grid and Virtualization are complementary: •Are Grid: both motivated technologies by analogy really goingof power to be grid pervasive? • Virtualization: converts computation into a fungible commodity; hugely simplifies realization of grid Problems with grid • Security: grid job can compromise host • Isolaon: resource isolaon grid/host task • Service level guarantees: needed for enterprise • OS heterogeneity limits targets • Applicaon needs to be re‐wrien • Ulizaon of grid nodes • Management of hardware • Use of tradional OS: – Large aack surface, high overhead, management complexity… Virtualizaon and the grid • Isolaon: – VM’s can’t compromise other jobs or host – Resources VMs isolated • Service level guarantees • OS can be created on demand • Applicaon do not need to be re‐wrien • Grid node can be fully used • Management of hardware • Can write special purpose OS: – Reduce aack surface, increase reliability, simplicity… – Lets grid job get closer to the metal. Grid Compung Grid Job Grid Job Grid Job Grid Grid Job Middleware Grid Job Grid Job Jobs IN/OUT Virtualizaon based Grid Jobs IN/OUT Grid Middleware Grid Other job Job •Grid middleware can focus on “core” Grid issues. • Virtual infrastructure provides simplified abstracon used by Grid middleware and other applicaons. Automac load balancing across hosts Distributed Resource Dynamic Balancing Scheduling (DRS) Continuous Optimization Adding and removing hosts Add/remove capacity on demand Hot-plug machines Distributed power optimization Improve application availability DRS X Moving to Ulity model PHYSICAL VIRTUALIZED POOLED R R P P 1 2 HW HW HW HW HW HW HW HW HW HW HW HW HW HW HW HW HW HW Logical Resource Pooling (RP) Distributed Resource Scheduler (DRS) Research • Quality of service for different physical resources. • Detecng resource use and impact on applicaon. • Expressing applicaon requirements to infrastructure. – Scale up/down web applicaon? – Co‐scheduling of HPC applicaons. – What is the right abstracng between grid/cloud middleware… and virtual infrastructure. • Enabling very heterogeneous HW. Outline • Virtualizaon will be pervasive • Why does a 1960s technology make sense? •
Load more

Recommended publications
  • IBM Z Systems Introduction May 2017
    IBM z Systems Introduction May 2017 IBM z13s and IBM z13 Frequently Asked Questions Worldwide ZSQ03076-USEN-15 Table of Contents z13s Hardware .......................................................................................................................................................................... 3 z13 Hardware ........................................................................................................................................................................... 11 Performance ............................................................................................................................................................................ 19 z13 Warranty ............................................................................................................................................................................ 23 Hardware Management Console (HMC) ..................................................................................................................... 24 Power requirements (including High Voltage DC Power option) ..................................................................... 28 Overhead Cabling and Power ..........................................................................................................................................30 z13 Water cooling option .................................................................................................................................................... 31 Secure Service Container .................................................................................................................................................
    [Show full text]
  • Introducing Linux on IBM Z Systems IT Simplicity with an Enterprise Grade Linux Platform
    Introducing Linux on IBM z Systems IT simplicity with an enterprise grade Linux platform Wilhelm Mild IBM Executive IT Architect for Mobile, z Systems and Linux © 2016 IBM Corporation IBM Germany What is Linux? . Linux is an operating system – Operating systems are tools which enable computers to function as multi-user, multitasking, and multiprocessing servers. – Linux is typically delivered in a Distribution with many useful tools and Open Source components. Linux is hardware agnostic by design – Linux runs on multiple hardware architectures which means Linux skills are platform independent. Linux is modular and built to coexist with other operating systems – Businesses are using Linux today. More and more businesses proceed with an evolutionary solution strategy based on Linux. 2 © 2016 IBM Corporation What is IBM z Systems ? . IBM z Systems is the family name used by IBM for its mainframe computers – The z Systems families were named for their availability – z stands for zero downtime. The systems are built with spare components capable of hot failovers to ensure continuous operations. IBM z Systems paradigm – The IBM z Systems family maintains full backward compatibility. In effect, current systems are the direct, lineal descendants of System/360, built in 1964, and the System/370 from the 1970s. Many applications written for these systems can still run unmodified on the newest z Systems over five decades later. IBM z Systems variety of Operating Systems – There are different traditional Operating Systems that run on z Systems like z/OS, z/VSE or TPF. With z/VM IBM delivers a mature Hypervisor to virtualize the operating systems.
    [Show full text]
  • 2020 Linux on IBM Z and Linuxone Client Workshop November 9-13
    2020 Linux on IBM Z and LinuxONE Client Workshop November 9-13 Securing Workloads with Red Hat OpenShift Container Platform on IBM Z / LinuxONE — Pradeep Parameshwaran Security & Compliance Lead, Linux on IBM Z & LinuxONE [email protected] Linux on IBM Z and LinuxONE Client WS 2020 / © 2020 IBM Corporation Contents • Why OpenShift on IBM Z ? • The cloud with the Privacy and Security • Deployment architecture: OpenShift on IBM Z • Security blueprint: OpenShift on IBM Z • Summary of native and augmented security capabilities IDC estimates that 71% of organizations are in the process of implementing containers and orchestration or are already using them regularly. Containers are the next generation of software-defined compute that enterprises will leverage to accelerate their digital transformation initiatives,” says Gary Chen, Research Director at IDC. “IDC estimates that 71% of organizations are in the process of implementing containers and orchestration or are already using them regularly, and IDC forecasts that the worldwide container infrastructure software opportunity is growing at a 63.9 % 5-year CAGR and is predicted to reach over $1.5B by 2022. 3 Why Red Hat OpenShift on IBM Z? OpenShift a smart Kubernetes platform 5 Build once • Fully integrated and automated architecture • Seamless Kubernetes deployment on any cloud or on-premises environment • Fully automated installation, from cloud infrastructure to OS to application services • One click platform and application updates • Auto-scaling of cloud resources • Enterprise-grade security
    [Show full text]
  • IBM Cloud Private with Linux on Z
    IBM Cloud Solution Brief IBM Cloud Private with Linux on IBM Z Empower how you build, deploy and manage cloud-native applications Introduction Highlights Many organizations have unique data sensitivity needs, such as internal policies, government regulations or industry compliance requirements. • Offers the benefits of a public cloud on a security-rich, scalable private cloud As a result, these organizations typically require private cloud. Yet in a platform for developing and delivering world of changing business demands, they also need to run demanding cloud-native apps applications and use multiple services both on-premise and on multiple • Helps make heritage applications cloud- clouds for the sake of agility. ready • Helps protect confidential and proprietary IBM Cloud™ Private with Linux® on IBM Z® provides the advantages of a Kubernetes and Docker workloads with IBM Secure Service Containers private cloud on a server platform optimized for data and cognitive • Enables organizations to build new services, and is designed to deliver the benefits of a public cloud in a microservice-based apps for improved security-rich, scalable and reliable environment. It enables enterprises to agility and innovation accelerate innovation using modern agile processes, integrates with • Designed to more securely use data and existing systems, and provides a strategic platform for multi-cloud services from external private cloud integration while maintaining the control and compliance that sources organizations need. • Supports heavy workloads with thousands of parallel users and thousands of Linux servers–in one box Connect almost anything on premise and in cloud IBM Cloud Private gives developers and IT operations a combination of critical capabilities to transform the enterprise.
    [Show full text]
  • Architectural Decisions for Linuxone Hypervisors
    July 2019 Webcast Virtualization options for Linux on IBM Z & LinuxONE Richard Young Executive IT Specialist Virtualization and Linux IBM Systems Lab Services Wilhelm Mild IBM Executive IT Architect for Mobile, IBM Z and Linux IBM R&D Lab, Germany Agenda ➢ Benefits of virtualization • Available virtualization options • Considerations for virtualization decisions • Virtualization options for LinuxONE & Z • Firmware hypervisors • Software hypervisors • Software Containers • Firmware hypervisor decision guide • Virtualization decision guide • Summary 2 © Copyright IBM Corporation 2018 Why do we virtualize? What are the benefits of virtualization? ▪ Simplification – use of standardized images, virtualized hardware, and automated configuration of virtual infrastructure ▪ Migration – one of the first uses of virtualization, enable coexistence, phased upgrades and migrations. It can also simplify hardware upgrades by make changes transparent. ▪ Efficiency – reduced hardware footprints, better utilization of available hardware resources, and reduced time to delivery. Reuse of deprovisioned or relinquished resources. ▪ Resilience – run new versions and old versions in parallel, avoiding service downtime ▪ Cost savings – having fewer machines translates to lower costs in server hardware, networking, floor space, electricity, administration (perceived) ▪ To accommodate growth – virtualization allows the IT department to be more responsive to business growth, hopefully avoiding interruption 3 © Copyright IBM Corporation 2018 Agenda • Benefits of
    [Show full text]
  • IBM Z/VM – Frequently Asked Questions
    IBM Z August 2020 IBM z/VM Frequently Asked Questions for z/VM 7.2, z/VM 7.1 and z/VM 6.4 Worldwide LUQ12358-USEN-14 1 Table of Contents _Toc45360441 General Questions ........................................................................................................................................... 3 IBM z/VM Support for IBM z15 and IBM LinuxONE III ................................................................................ 10 Technical Questions - IBM z/VM 7.2, z/VM 7.1, and z/VM 6.4 .................................................................... 11 Efficiency and Scalability ............................................................................................................................... 21 System Ease of Use ....................................................................................................................................... 23 Hardware Currency ........................................................................................................................................ 25 Installation, Migration, and Serviceability .................................................................................................... 27 Statements of Direction from Announcements ............................................................................................ 28 Resources ...................................................................................................................................................... 31 2 General Questions What is IBM Z® and IBM® LinuxONE virtualization
    [Show full text]
  • IBM Z Server Time Protocol Guide
    Front cover Draft Document for Review August 3, 2020 1:37 pm SG24-8480-00 IBM Z Server Time Protocol Guide Octavian Lascu Franco Pinto Gatto Gobehi Hans-Peter Eckam Jeremy Koch Martin Söllig Sebastian Zimmermann Steve Guendert Redbooks Draft Document for Review August 3, 2020 7:26 pm 8480edno.fm IBM Redbooks IBM Z Server Time Protocol Guide August 2020 SG24-8480-00 8480edno.fm Draft Document for Review August 3, 2020 7:26 pm Note: Before using this information and the product it supports, read the information in “Notices” on page vii. First Edition (August 2020) This edition applies to IBM Server Time Protocol for IBM Z and covers IBM z15, IBM z14, and IBM z13 server generations. This document was created or updated on August 3, 2020. © Copyright International Business Machines Corporation 2020. All rights reserved. Note to U.S. Government Users Restricted Rights -- Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp. Draft Document for Review August 3, 2020 8:32 pm 8480TOC.fm Contents Notices . vii Trademarks . viii Preface . ix Authors. ix Comments welcome. .x Stay connected to IBM Redbooks . xi Chapter 1. Introduction to Server Time Protocol . 1 1.1 Introduction to time synchronization . 2 1.1.1 Insertion of leap seconds . 2 1.1.2 Time-of-Day (TOD) Clock . 3 1.1.3 Industry requirements . 4 1.1.4 Time synchronization in a Parallel Sysplex. 6 1.2 Overview of Server Time Protocol (STP) . 7 1.3 STP concepts and terminology . 9 1.3.1 STP facility . 9 1.3.2 TOD clock synchronization .
    [Show full text]
  • Getting Started with IBM Spectrum Scale for Linux on Z
    December 2020 Getting started with IBM Spectrum Scale for Linux on IBM Z Built upon General Parallel File System (GPFS) Susanne Wintenberger [email protected] IBM R&D Boeblingen Hendrik Brueckner [email protected] IBM R&D Boeblingen Getting started with IBM Spectrum Scale for Linux on IBM Z Table of Contents 1 Abstract ............................................................................................................................................. 2 2 Introduction to IBM Spectrum Scale technology ................................................................................ 3 2.1 IBM Spectrum Scale cluster configurations ................................................................................ 3 2.2 Shared-disk model ..................................................................................................................... 3 2.3 Network shared disk (NSD) client/server model ......................................................................... 4 3 Storage considerations ..................................................................................................................... 6 3.1 Setup and usage of ECKD devices ............................................................................................ 6 3.1.1 Hints and tips ..................................................................................................................... 8 3.2 Setup and usage of ECKD devices on z/VM .............................................................................. 8 3.2.1 Full-pack minidisks
    [Show full text]
  • Linux on Z Platform ISV Strategy Summary
    Linux on IBM Z / LinuxONE Open Source Ecosystem Status and Strategy for NY/NJ Linux Council Meeting on March 1, 2019 Enyu Wang Program Director, Ecosystem Strategy and Business Development [email protected] As an enterprise platform WHY ARE WE INVESTING IN OPEN SOURCE ECOSYSTEM? IBM Z / Open Source Ecosystem / Mar 1, 2019 / © 2019 IBM Corporation 2 TREND: Enterprise Going Open Source • 83% hiring managers surveyed for the 2018 Open Source Jobs report said hiring open source talent was a priority this year • Some of the biggest trends in enterprise IT, such as containers and hybrid cloud, rely on open source technologies including Linux and Kubernetes IBM Z / Open Source Ecosystem / Mar 1, 2019 / © 2019 IBM Corporation 3 OPEN SOURCE Building Blocks for Enterprise Digital Transformation IBM Z / Open Source Ecosystem / Mar 1, 2019 / © 2019 IBM Corporation 4 OUR MISSION Provide a Rich and Robust Ecosystem to Clients. Help Accelerate their Digital Transformation IBM Z / Open Source Ecosystem / Mar 1, 2019 / © 2019 IBM Corporation 5 Rich Open Source Ecosystem on Linux on Z/LinuxONE Analytics/ Distributions Hypervisors PaaS / IaaS Languages Runtimes Management Database ML LPA R IBM Cloud Private Community Versions LLVM vRealize LXD (Ubuntu) Apache Tomcat DPM Db2 IBM Z / Open Source Ecosystem / Mar 1, 2019 / © 2019 IBM Corporation 6 Building an Open Ecosystem Isn’t Just Porting… IBM Z / Open Source Ecosystem / Mar 1, 2019 / © 2019 IBM Corporation 7 Composition of Open Source Ecosystem on Z – a combination of community based projects and vendor
    [Show full text]
  • What's New in Linux on IBM Z
    Linux on IBM Z News — Stefan Raspl Linux on IBM Z Development IBM Z / © 2019 IBM Corporation Trademarks The following are trademarks of the International Business Machines Corporation in the United States and/or other countries. AIX* DB2* HiperSockets* MQSeries* PowerHA* RMF System z* zEnterprise* z/VM* BladeCenter* DFSMS HyperSwap NetView* PR/SM Smarter Planet* System z10* z10 z/VSE* CICS* EASY Tier IMS OMEGAMON* PureSystems Storwize* Tivoli* z10 EC Cognos* FICON* InfiniBand* Parallel Sysplex* Rational* System Storage* WebSphere* z/OS* DataPower* GDPS* Lotus* POWER7* RACF* System x* XIV* * Registered trademarks of IBM Corporation The following are trademarks or registered trademarks of other companies. Adobe, the Adobe logo, PostScript, and the PostScript logo are either registered trademarks or trademarks of Adobe Systems Incorporated in the United States, and/or other countries. Cell Broadband Engine is a trademark of Sony Computer Entertainment, Inc. in the United States, other countries, or both and is used under license therefrom. Intel, Intel logo, Intel Inside, Intel Inside logo, Intel Centrino, Intel Centrino logo, Celeron, Intel Xeon, Intel SpeedStep, Itanium, and Pentium are trademarks or registered trademarks of Intel Corporation or its subsidiaries in the United States and other countries. IT Infrastructure Library is a registered trademark of the Central Computer and Telecommunications Agency which is now part of the Office of Government Commerce. ITIL is a registered trademark, and a registered community trademark of the Office of Government Commerce, and is registered in the U.S. Patent and Trademark Office. Java and all Java based trademarks and logos are trademarks or registered trademarks of Oracle and/or its affiliates.
    [Show full text]
  • Practical Migration from X86 to Linuxone
    Front cover Practical Migration from x86 to LinuxONE Michel M Beaulieu Felipe Cardeneti Mendes Guilherme Nogueira Lena Roesch Redbooks International Technical Support Organization Practical Migration from x86 to LinuxONE December 2020 SG24-8377-01 Note: Before using this information and the product it supports, read the information in “Notices” on page ix. Second Edition (December 2020) This edition applies to LinuxONE on IBM LinuxONE III LT1 and IBM LinuxONE III LT2 © Copyright International Business Machines Corporation 2020. All rights reserved. Note to U.S. Government Users Restricted Rights -- Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp. Contents Notices . ix Trademarks . .x Preface . xi Authors. xi Now you can become a published author, too! . xii Comments welcome. xiii Stay connected to IBM Redbooks . xiii Part 1. Decision-making . 1 Chapter 1. Benefits of migrating workloads to LinuxONE . 3 1.1 Benefits . 4 1.2 IBM LinuxONE servers . 5 1.2.1 IBM LinuxONE III LT1 . 5 1.2.2 IBM LinuxONE III LT2 . 7 1.3 Reasons to choose LinuxONE . 8 1.3.1 Best of Enterprise Linux and Open Source. 9 1.3.2 Hardware strengths. 9 1.4 Enabling a microservices architecture on LinuxONE . 12 1.5 Cloud computing blueprint for IBM LinuxONE . 13 1.5.1 Cloud Solutions on IBM LinuxONE . 14 Chapter 2. Analyze and understand . 17 2.1 Total cost of ownership analysis . 18 2.2 Financial benefits of a migration . 18 2.3 Migration planning. 19 2.4 Choosing workloads to migrate. 20 2.5 Analysis of how to size workloads for migration .
    [Show full text]
  • Security Certifications Related to the Linux on IBM Z® Environment
    Linux on IBM Z Certifications This collection lists the latest security certifications related to the Linux on IBM Z ® environment. IBM Z Logical Partitioning (LPAR) The IBM z15TM and IBM LinuxONE III are designed for Common Criteria Evaluation Assurance Level 5+ (EAL5+) certification for security of logical partitions. This means that the z15 and LinuxONE III are designed to IBM z/VM® prevent an application running on one operating IBM intends to evaluate z/VM V7.2. system image on one LPAR from accessing application data running on a different operating z/VM V6.4 with the SSI and RACF® Security system image on another LPAR on the server. Server features enabled, has been certified to z15 is in evaluation. conform to the Operating System Protection Profile (OSPP) with Virtualization (-VIRT) and TM PR/SM for IBM z14® (z14) Driver Level D32L Labeled Security (-LS) extensions of the with Bundle Level S29 and IBM LinuxONE Common Criteria standard for IT security, systems, IBM z14 ZR1 Driver Level D32L with ISO/IEC 15408, at Evaluation Assurance Level 4 Bundle Level S35 LinuxONE systems were (EAL4+). The OCSI issued the certificate. evaluated under the Common Criteria at Evaluated Assurance Level 5+. The BSI issued z/VM V6.4 System SSL module, with the PTF for certificates BSI-DSZ-CC-1048-2018 and BSI- APAR PI99134, has been validated as DSZ-CC-1101-2019. conforming to the Federal Information Processing Standard FIPS) 140-2. See PR/SM on IBM z13® (z13) GA2, IBM z13s® Certificate 3374. (z13s) GA1 and LinuxONE systems, Driver Level D27i, were evaluated under the Common z/VM 6.3 with the SSI and RACF Security Criteria at Evaluated Assurance Level 5+.
    [Show full text]