IBM Powerkvm Configuration and Use

Total Page：16

File Type：pdf, Size：1020Kb

Front cover IBM PowerKVM Configuration and Use Murilo Opsfelder Araújo Breno Leitao Stephen Lutz José Ricardo Ziviani Redbooks International Technical Support Organization IBM PowerKVM: Configuration and Use March 2016 SG24-8231-01 Note: Before using this information and the product it supports, read the information in “Notices” on page xvii. Second Edition (March 2016) This edition applies to Version 3, Release 1, Modification 0 of IBM PowerKVM (product number 5765-KV3). © Copyright International Business Machines Corporation 2014, 2016. All rights reserved. Note to U.S. Government Users Restricted Rights -- Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp. Contents Figures . vii Tables . xi Examples . xiii Notices . xvii Trademarks . xviii IBM Redbooks promotions . xix Preface . xxi Authors. xxi Now you can become a published author, too! . xxii Comments welcome. xxiii Stay connected to IBM Redbooks . xxiii Summary of changes. xxv March 2016, Second Edition . xxv Chapter 1. Introduction. 1 1.1 IBM Power Systems . 2 1.1.1 POWER8 processors . 2 1.1.2 IBM scale-out servers . 3 1.1.3 Power virtualization. 7 1.1.4 Simultaneous multithreading. 8 1.1.5 Memory architecture . 8 1.1.6 Micro-Threading . 9 1.1.7 RAS features. 10 1.2 Virtualization . 10 1.2.1 PowerKVM versions . 11 1.2.2 PowerKVM Version 3.1 considerations. 12 1.2.3 Where to download PowerKVM . 12 1.3 Software stack. 13 1.3.1 QEMU . 13 1.3.2 KVM . 14 1.3.3 Open Power Abstraction Layer . 14 1.3.4 Guest operating system . 15 1.3.5 Libvirt software . 15 1.3.6 Virsh interface . 16 1.3.7 Intelligent Platform Management Interface . 17 1.3.8 Petitboot . 17 1.3.9 Kimchi . 18 1.3.10 Slimline Open Firmware . 19 1.3.11 Virtio drivers . 20 1.3.12 RAS stack . 21 1.4 Docker. 21 1.4.1 Architecture. 24 1.4.2 Docker hub . 25 1.4.3 Docker file . 26 © Copyright IBM Corp. 2014, 2016. All rights reserved. iii 1.5 Comparisons of PowerVM and PowerKVM . 26 1.5.1 PowerVM and PowerKVM features. 27 1.5.2 PowerKVM Version 2.1 and Version 3.1. 27 1.6 Terminology . 29 Chapter 2. Host installation and configuration . 31 2.1 Host installation. 32 2.2 Boot over network . 43 2.2.1 Retrieve configuration from URL. 44 2.2.2 Boot LiveDVD over network . 45 2.2.3 Automated boot over DHCP . 46 2.2.4 Automated installation. 48 2.3 Install over existing IBM PowerKVM and host migration. 52 2.4 Configuration. 55 2.4.1 Console configuration for Scale-out Power Systems . 58 2.4.2 Console configuration for Power LC systems . 59 Chapter 3. Managing hosts and guests from a Web interface . 61 3.1 Kimchi . 62 3.1.1 Accessing Kimchi . 62 3.1.2 Getting help. 63 3.2 Host tab. 63 3.3 Storage pool . 67 3.3.1 Local directory. 68 3.3.2 NFS. ..

282

Copy Link

Recommended publications

Oracle® Linux Administrator's Solutions Guide for Release 6
Oracle® Linux Administrator's Solutions Guide for Release 6 E37355-64 August 2017 Oracle Legal Notices Copyright © 2012, 2017, Oracle and/or its affiliates. All rights reserved. This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited. The information contained herein is subject to change without notice and is not warranted to be error-free. If you find any errors, please report them to us in writing. If this is software or related documentation that is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, then the following notice is applicable: U.S. GOVERNMENT END USERS: Oracle programs, including any operating system, integrated software, any programs installed on the hardware, and/or documentation, delivered to U.S. Government end users are "commercial computer software" pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations. As such, use, duplication, disclosure, modification, and adaptation of the programs, including any operating system, integrated software, any programs installed on the hardware, and/or documentation, shall be subject to license terms and license restrictions applicable to the programs. No other rights are granted to the U.S.
[Show full text]
Trusted Docker Containers and Trusted Vms in Openstack
Trusted Docker Containers and Trusted VMs in OpenStack Raghu Yeluri Abhishek Gupta Outline o Context: Docker Security – Top Customer Asks o Intel’s Focus: Trusted Docker Containers o Who Verifies Trust ? o Reference Architecture with OpenStack o Demo o Availability o Call to Action Docker Overview in a Slide.. Docker Hub Lightweight, open source engine for creating, deploying containers Provides work flow for running, building and containerizing apps. Separates apps from where they run.; Enables Micro-services; scale by composition. Underlying building blocks: Linux kernel's namespaces (isolation) + cgroups (resource control) + .. Components of Docker Docker Engine – Runtime for running, building Docker containers. Docker Repositories(Hub) - SaaS service for sharing/managing images Docker Images (layers) Images hold Apps. Shareable snapshot of software. Container is a running instance of image. Orchestration: OpenStack, Docker Swarm, Kubernetes, Mesos, Fleet, Project Docker Layers Atomic, Lattice… Docker Security – 5 key Customer Asks 1. How do you know that the Docker Host Integrity is there? o Do you trust the Docker daemon? o Do you trust the Docker host has booted with Integrity? 2. How do you verify Docker Container Integrity o Who wrote the Docker image? Do you trust the image? Did the right Image get launched? 3. Runtime Protection of Docker Engine & Enhanced Isolation o How can Intel help with runtime Integrity? 4. Enterprise Security Features – Compliance, Manageability, Identity authentication.. Etc. 5. OpenStack as a single Control Plane for Trusted VMs and Trusted Docker Containers.. Intel’s Focus: Enable Hardware-based Integrity Assurance for Docker Containers – Trusted Docker Containers Trusted Docker Containers – 3 focus areas o Launch Integrity of Docker Host o Runtime Integrity of Docker Host o Integrity of Docker Images Today’s Focus: Integrity of Docker Host, and how to use it in OpenStack.
[Show full text]
Providing User Security Guarantees in Public Infrastructure Clouds
1 Providing User Security Guarantees in Public Infrastructure Clouds Nicolae Paladi, Christian Gehrmann, and Antonis Michalas Abstract—The infrastructure cloud (IaaS) service model offers improved resource flexibility and availability, where tenants – insulated from the minutiae of hardware maintenance – rent computing resources to deploy and operate complex systems. Large-scale services running on IaaS platforms demonstrate the viability of this model; nevertheless, many organizations operating on sensitive data avoid migrating operations to IaaS platforms due to security concerns. In this paper, we describe a framework for data and operation security in IaaS, consisting of protocols for a trusted launch of virtual machines and domain-based storage protection. We continue with an extensive theoretical analysis with proofs about protocol resistance against attacks in the defined threat model. The protocols allow trust to be established by remotely attesting host platform configuration prior to launching guest virtual machines and ensure confidentiality of data in remote storage, with encryption keys maintained outside of the IaaS domain. Presented experimental results demonstrate the validity and efficiency of the proposed protocols. The framework prototype was implemented on a test bed operating a public electronic health record system, showing that the proposed protocols can be integrated into existing cloud environments. Index Terms—Security; Cloud Computing; Storage Protection; Trusted Computing F 1 INTRODUCTION host level. While support data encryption at rest is offered by several cloud providers and can be configured by tenants Cloud computing has progressed from a bold vision to mas- in their VM instances, functionality and migration capabil- sive deployments in various application domains. However, ities of such solutions are severely restricted.
[Show full text]
System Programming Guide
Special Edition for CSEDU12 Students Students TOUCH -N-PASS EXAM CRAM GUIDE SERIES SYSTEM PROGRAMMING Prepared By Sharafat Ibn Mollah Mosharraf CSE, DU 12 th Batch (2005-2006) TABLE OF CONTENTS APIS AT A GLANCE ....................................................................................................................................................................... 1 CHAPTER 1: ASSEMBLER, LINKER & LOADER ................................................................................................................................ 4 CHAPTER 2: KERNEL ..................................................................................................................................................................... 9 CHAPTER 3: UNIX ELF FILE FORMAT ............................................................................................................................................ 11 CHAPTER 4: DEVICE DRIVERS ...................................................................................................................................................... 16 CHAPTER 5: INTERRUPT .............................................................................................................................................................. 20 CHAPTER 6: SYSTEM CALL ........................................................................................................................................................... 24 CHAPTER 7: FILE APIS ................................................................................................................................................................
[Show full text]
IBM Powervm Virtualization Introduction and Configuration
Front cover IBM PowerVM Virtualization Introduction and Configuration Understand PowerVM features and capabilities Plan, implement, and set up PowerVM virtualization Updated to include new POWER7 technologies Mel Cordero Lúcio Correia Hai Lin Vamshikrishna Thatikonda Rodrigo Xavier ibm.com/redbooks International Technical Support Organization IBM PowerVM Virtualization Introduction and Configuration June 2013 SG24-7940-05 Note: Before using this information and the product it supports, read the information in “Notices” on page xxi. Sixth Edition (June 2013) This edition applies to: Version 7, Release 1 of AIX Version 7, Release 1 of IBM i Version 2, Release 2, Modification 2, Fixpack 26 of the Virtual I/O Server Version 7, Release 7, Modification 6 of the HMC Version AL730, release 95 of the POWER7 System Firmware Version AL740, release 95 of the POWER7 System Firmware © Copyright International Business Machines Corporation 2004, 2013. All rights reserved. Note to U.S. Government Users Restricted Rights -- Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp. Contents Figures . xi Tables . xix Notices . xxi Trademarks . xxii Preface . xxiii Authors . xxiii Now you can become a published author, too! . xxvi Comments welcome. xxvi Stay connected to IBM Redbooks . .xxvii Summary of changes . xxix June 2013, Sixth Edition. xxix Part 1. Overview . 1 Chapter 1. PowerVM technologies. 3 1.1 The value of PowerVM . 4 1.2 What is PowerVM . 4 1.2.1 New PowerVM version 2.2.2 features. 6 1.2.2 PowerVM editions . 7 1.2.3 Activating the PowerVM feature . 12 1.3 The POWER Hypervisor . 15 1.4 Logical partitioning technologies .
[Show full text]
Linux on POWER
http://ibmsystemsmag.com/CMSTemplates/IBMSystemsMag/Print.aspx?... close window Print May 2016 | by Jaqui Lynch IBM is serious about Linux on POWER. Linux now runs on every POWER8 server, with specialized offerings for Linux. These include the new LC (Linux only, PowerKVM only) servers, the L model (Linux only) servers, Linux IFLs, EasyScale for MSP offerings, and SAP Hana on POWER. Additionally, significant work has been done to encourage ISVs to increase their offerings on Linux on POWER, resulting in a flourishing ecosystem that wasn’t available on POWER five years ago. Power systems are designed for big data and optimized for performance and scalability. They provide great I/O and memory bandwidth with significant reliability and other availability features not available anywhere else except the mainframe. With full support for various levels of RHEL (Redhat Enterprise Linux), SLES (SuSE Linux Enterprise Server) and Ubuntu, it’s a great time to consider migrating to Linux on Power. Here are some decisions to make: 1. Do you want to run Linux alongside other workloads like AIX or IBM i 2. Do you want to run a Linux only server 3. Do you want to use and HMC or virtual HMC to control the server (won’t work with PowerKVM) 4. Do you want to use PowerKVM or PowerVM for virtualization 5. Do you have some dark cores and memory that you would like to run Linux on at a reduced rate 6. Do you have x86 workload running on Linux that you would like to migrate 7. Do you want to reduce costs for IBM software (PVU based licensing) Reducing costs Software can be expensive, especially middleware.
[Show full text]
How to Create a Custom Live CD for Secure Remote Incident Handling in the Enterprise
How to Create a Custom Live CD for Secure Remote Incident Handling in the Enterprise Abstract This paper will document a process to create a custom Live CD for secure remote incident handling on Windows and Linux systems. The process will include how to configure SSH for remote access to the Live CD even when running behind a NAT device. The combination of customization and secure remote access will make this process valuable to incident handlers working in enterprise environments with limited remote IT support. Bert Hayes, [email protected] How to Create a Custom Live CD for Remote Incident Handling 2 Table of Contents Abstract ...........................................................................................................................................1 1. Introduction ............................................................................................................................5 2. Making Your Own Customized Debian GNU/Linux Based System........................................7 2.1. The Development Environment ......................................................................................7 2.2. Making Your Dream Incident Handling System...............................................................9 2.3. Hardening the Base Install.............................................................................................11 2.3.1. Managing Root Access with Sudo..........................................................................11 2.4. Randomizing the Handler Password at Boot Time ........................................................12
[Show full text]
Linux Software User's Manual
New Generation Systems (NGS) Linux Software User’s Manual Version 1.0, September 2019 www.moxa.com/product © 2019 Moxa Inc. All rights reserved. New Generation Systems (NGS) Linux Software User’s Manual The software described in this manual is furnished under a license agreement and may be used only in accordance with the terms of that agreement. Copyright Notice © 2019 Moxa Inc. All rights reserved. Trademarks The MOXA logo is a registered trademark of Moxa Inc. All other trademarks or registered marks in this manual belong to their respective manufacturers. Disclaimer Information in this document is subject to change without notice and does not represent a commitment on the part of Moxa. Moxa provides this document as is, without warranty of any kind, either expressed or implied, including, but not limited to, its particular purpose. Moxa reserves the right to make improvements and/or changes to this manual, or to the products and/or the programs described in this manual, at any time. Information provided in this manual is intended to be accurate and reliable. However, Moxa assumes no responsibility for its use, or for any infringements on the rights of third parties that may result from its use. This product might include unintentional technical or typographical errors. Changes are periodically made to the information herein to correct such errors, and these changes are incorporated into new editions of the publication. Technical Support Contact Information www.moxa.com/support Moxa Americas Moxa China (Shanghai office) Toll-free: 1-888-669-2872 Toll-free: 800-820-5036 Tel: +1-714-528-6777 Tel: +86-21-5258-9955 Fax: +1-714-528-6778 Fax: +86-21-5258-5505 Moxa Europe Moxa Asia-Pacific Tel: +49-89-3 70 03 99-0 Tel: +886-2-8919-1230 Fax: +49-89-3 70 03 99-99 Fax: +886-2-8919-1231 Moxa India Tel: +91-80-4172-9088 Fax: +91-80-4132-1045 Table of Contents 1.
[Show full text]
In Search of the Ideal Storage Configuration for Docker Containers
In Search of the Ideal Storage Configuration for Docker Containers Vasily Tarasov1, Lukas Rupprecht1, Dimitris Skourtis1, Amit Warke1, Dean Hildebrand1 Mohamed Mohamed1, Nagapramod Mandagere1, Wenji Li2, Raju Rangaswami3, Ming Zhao2 1IBM Research—Almaden 2Arizona State University 3Florida International University Abstract—Containers are a widely successful technology today every running container. This would cause a great burden on popularized by Docker. Containers improve system utilization by the I/O subsystem and make container start time unacceptably increasing workload density. Docker containers enable seamless high for many workloads. As a result, copy-on-write (CoW) deployment of workloads across development, test, and produc- tion environments. Docker’s unique approach to data manage- storage and storage snapshots are popularly used and images ment, which involves frequent snapshot creation and removal, are structured in layers. A layer consists of a set of files and presents a new set of exciting challenges for storage systems. At layers with the same content can be shared across images, the same time, storage management for Docker containers has reducing the amount of storage required to run containers. remained largely unexplored with a dizzying array of solution With Docker, one can choose Aufs [6], Overlay2 [7], choices and configuration options. In this paper we unravel the multi-faceted nature of Docker storage and demonstrate its Btrfs [8], or device-mapper (dm) [9] as storage drivers which impact on system and workload performance. As we uncover provide the required snapshotting and CoW capabilities for new properties of the popular Docker storage drivers, this is a images. None of these solutions, however, were designed with sobering reminder that widespread use of new technologies can Docker in mind and their effectiveness for Docker has not been often precede their careful evaluation.
[Show full text]
Man Pages Section 3 Library Interfaces and Headers
man pages section 3: Library Interfaces and Headers Part No: 816–5173–16 September 2010 Copyright © 2010, Oracle and/or its affiliates. All rights reserved. This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited. The information contained herein is subject to change without notice and is not warranted to be error-free. If you find any errors, please report them to us in writing. If this is software or related software documentation that is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, the following notice is applicable: U.S. GOVERNMENT RIGHTS Programs, software, databases, and related documentation and technical data delivered to U.S. Government customers are “commercial computer software” or “commercial technical data” pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations. As such, the use, duplication, disclosure, modification, and adaptation shall be subject to the restrictions and license terms setforth in the applicable Government contract, and, to the extent applicable by the terms of the Government contract, the additional rights set forth in FAR 52.227-19, Commercial Computer Software License (December 2007). Oracle America, Inc., 500 Oracle Parkway, Redwood City, CA 94065.
[Show full text]
DA-681 Series Linux User's Manual V2
DA-681 Series Linux User’s Manual Second Edition, May 2009 www.moxa.com/product © 2009 Moxa Inc. All rights reserved. Reproduction without permission is prohibited. DA-681 Series Linux User’s Manual The Moxa software described in this manual is furnished under a license agreement and may be used only in accordance with the terms of that agreement. Copyright Notice Copyright © 2009 Moxa Inc. All rights reserved. Reproduction without permission is prohibited. Trademarks MOXA is a registered trademark of Moxa Inc. All other trademarks or registered marks in this manual belong to their respective manufacturers. Disclaimer Information in this document is subject to change without notice and does not represent a commitment on the part of Moxa. Moxa provides this document “as is,” without warranty of any kind, either expressed or implied, including, but not limited to, its particular purpose. Moxa reserves the right to make improvements and/or changes to this manual, or to the products and/or the programs described in this manual, at any time. Information provided in this manual is intended to be accurate and reliable. However, Moxa assumes no responsibility for its use, or for any infringements on the rights of third parties that may result from its use. This product might include unintentional technical or typographical errors. Changes are periodically made to the information herein to correct such errors, and these changes are incorporated into new editions of the publication. Technical Support Contact Information www.moxa.com/support Moxa
[Show full text]
Understanding the Performance of Container Execution Environments
Understanding the performance of container execution environments Guillaume Everarts de Velp, Etienne Rivière and Ramin Sadre [email protected] EPL, ICTEAM, UCLouvain, Belgium Abstract example is an automatic grading platform named INGIn- Many application server backends leverage container tech- ious [2, 3]. This platform is used extensively at UCLouvain nologies to support workloads formed of short-lived, but and other institutions around the world to provide computer potentially I/O-intensive, operations. The latency at which science and engineering students with automated feedback container-supported operations complete impacts both the on programming assignments, through the execution of se- users’ experience and the throughput that the platform can ries of unit tests prepared by instructors. It is necessary that achieve. This latency is a result of both the bootstrap and the student code and the testing runtime run in isolation from execution time of the containers and is impacted greatly by each others. Containers answer this need perfectly: They the performance of the I/O subsystem. Configuring appro- allow students’ code to run in a controlled and reproducible priately the container environment and technology stack environment while reducing risks related to ill-behaved or to obtain good performance is not an easy task, due to the even malicious code. variety of options, and poor visibility on their interactions. Service latency is often the most important criteria for We present in this paper a benchmarking tool for the selecting a container execution environment. Slow response multi-parametric study of container bootstrap time and I/O times can impair the usability of an edge computing infras- performance, allowing us to understand such interactions tructure, or result in students frustration in the case of IN- within a controlled environment.
[Show full text]