As IBM’s midrange hardware and software have evolved, we’ve gone through trends of decentralization as well as centralization. The consolidation of IBM i infrastructure in a single location has brought a number of changes to the wadxy we manage our operations. At first, single data centers had multiple AS/400s with user environments controlled strictly through subsystem technology. Later, the trend changed to multiple partitions on a single iSeries running OS/400, which was connected to physical I/O adapters and possibly virtual TCP/IP interfaces.
Today, the latest Power Systems™ have multiple IBM i, AIX, or Linux partitions—potentially fully virtualized micro-partitions—hosted on a single Power Systems server. These developments in IBM i and the POWER7® processor have put us in the middle of a consolidation revolution. Here are three technologies that can help you join it.
Thanks to subsystem technology, the IBM i operating system (and its predecessors OS/400 and i5/OS) could be designed to allow multiple environments to run concurrently. Subsystem definitions allow the administrator to segregate work (interactive, batch, server) into their own memory pools and their own separate and distinct job queues, all sharing a portion of processor time. This was the first form of consolidation technology and is still strong today. In fact, with the horsepower available on a single system today, it is quite possible to consolidate multiple systems and thousands of users onto a single Power Systems server with a single partition.
Do you have multiple companies or divisions? Break them apart by subsystem, with each user environment assigned to a specific job description that will direct them into the proper subsystem and the appropriate libraries and directories. For motivation, consider one of our customers who, thanks to subsystem technology, consolidated more than 800 dedicated store system AS/400s to six POWER7 partitions running IBM i. Imagine how much easier the administrator’s job got and how much energy was saved!
An additional consideration when consolidating is the security of your data. While the workload runs in distinct configurations, the server configuration and application data remain united. Depending on the nature of the data, it is critical that IBM i security controls are fully understood, deployed, and monitored. Privileged users can access the data across all of the workloads or applications, meaning that it becomes difficult to secure data across different companies or corporate divisions.
2. Independent Auxiliary Storage Pools
Independent ASP (iASP) technology is another form of consolidation. iASPs let administrators isolate data onto groups of disks that can switch between partitions. Multiple iASPs can be attached to a single system. For example, this could allow multiple divisions or customer workloads to be consolidated on a single partition. You could consolidate different business operations, multiple development or simulation environments, or even multiple versions of an application onto one partition using the same library names housed in separate iASPs while keeping the data totally isolated.
ASP technology allows for more segregation of the application data but usually requires program changes before it can be supported. This is because library and directory objects are referred to with the same name but with an iASP prefix. IBM supports full disk encryption (FDE) via disk pools that are assigned to an ASP. Although this is not a “silver bullet” for data encryption, it protects data transmission to and from the disk drive (important in a SAN environment), and when a disk unit is removed or stolen.
Consolidation via virtualization is not new to IBM i. The IBM i single-level storage technology is a form of virtualization and was first implemented on the System/38, allowing for virtual memory where the OS regards all primary (RAM) and secondary storage (DASD) as one large pool. Single-level storage allows processes and jobs to run without the programmer having to estimate how many programs or how much data to load into memory at one time. This greatly simplifies handling a large company’s “big data” needs and simplifies programming and database management.
Another technology is virtual media, which allows backups without physical tapes and, thanks to CD image catalogs, product installs to run without physical CDs. Virtual media allows program installs and updates to be shared across multiple partitions with ease and without having to physically load media. Virtual tape can be combined with iASP technology for backup to a storage area network (SAN). This iASP could then be attached to another partition for recovery or archiving.
Virtual partition technology is available with PowerVM, which, in combination with iASP technology, adds tremendous capabilities to our IBM i world. But virtualized partitions weren’t invented on Power Systems—they have been around in the mainframe environment for years. Power just improved on the technology. And it is truly exciting technology, as it allows as many IBM i, AIX, or Linux partitions as are needed to be created and enabled. All you need is disk, memory, and CPU (and appropriate licensed programs from IBM).
Why might you create a virtual partition? Simple: To better utilize resources. For instance, a fully virtualized partition could be created to test a new cumulative PTF package or new version of the operating system, then deleted when the testing is complete. A test partition could be created to validate a new release of application software. Virtual partitions can be copied. Virtual partitions can be suspended when unneeded, thereby freeing up resources for other partitions. Suspended partitions are saved to disk much like a file or a directory. This is very similar to virtual memory technology, where pages of memory are sent to disk when not needed and brought back as required.
Virtualized partitions cut power consumption and allow for CPU and I/O resource sharing. Another feature is active memory sharing, which allows the dynamic exchange of memory between active virtual partitions. And then there is the crown jewel of virtualization: Live Partition Mobility, which allows you to move a virtual partition—while it is active—between frames, with no system outage to the end user.
Live partition mobility (LPM) is similar to PowerHA in that it copies the entire partition’s data at the disk level out to a SAN on your network, which in turn is attached to another Power Systems frame. The advantage is that you can activate this copied partition on the target frame in seconds; and any remaining updates happen after the partition comes up on the target. This is not a substitute for a high availability fail-over plan using PowerHA or another mirroring tool. LPM is used for planned system outages; workload balancing by moving a partition from light to busy systems; or for consolidation of multiple virtual partitions onto one hardware frame.
IBM i, Unix, and Linux Consolidation
One IBM Power Systems frame can host IBM i, Linux Red Hat or SUSE, or AIX Unix partitions in a single “footprint.” This is a great opportunity for server consolidation. However, this does cross “political” boundaries that may exist in your IT structure, since those systems are all supported in one place, from one PowerVM or HMC console, and are sharing CPU, memory, power, and rack space. This might be a great opportunity to consolidate those duties or, at a minimum, cross-train those administrators. Bring factions together to discuss the advantages of this consolidation: reduced power consumption; having a single vendor; and a simplified, more flexible environment.
An additional consideration when running multiple operating systems on a single Power Systems server is the possibility of virus and malicious code infestation. While IBM i is immune to viruses designed to attack Windows or Unix, it can serve as a quiet host to viruses and malicious code. Because IBM i cannot execute this code it can become a virtual Typhoid Mary, spreading malicious code to client PCs and to partitions that can execute it. In fact, this immunity makes it difficult to trace the infection back to its true source: IBM i. It is therefore important to monitor the integrity of IBM i Objects and all files stored on the Power Systems server—across mixed-OS partitions—to avoid costly infections and data loss.
One other opportunity for consolidation is to host your x86 Windows server disk on a Power Systems shared disk using iSCSI, so when your IBM i saves the integrated file system (IFS), it also saves the Windows storage environment. There’s nothing like the peace of mind you get from an IBM i backup.
Whether you use traditional subsystems, independent ASPs, or virtualization, it will take some time to learn how to use the technology and how to use it at your company. And plan ahead: Power Systems technology is moving so fast, IBM will no doubt release a new technology refresh, adding new features to the virtual environment, giving us more opportunities to consolidate, and more technology to study and implement.
Consolidating for Automation and Security
Automating the monitoring of system events and notification can improve the efficiency and productivity of your organization while at the same time saving you significant money. Such automation can also ease the burden of regulatory compliance. Likewise, taking steps to ensure the security and integrity of your data on mixed-platform Power Systems can help you avoid the types of data breaches that are impacting companies both large and small. Bytware’s Messenger and StandGuard solutions make it easy for to cover all of these bases with cost-effective monitoring, security, and anti-virus tools that have been trusted by companies worldwide for more than 20 years.
Ready to join the revolution? Learn more about automated monitoring and notification by downloading the Messenger Technical Packet and Interactive Calculator, which can show you exactly how much a period of downtime could cost your organization. And to learn more about preventing malicious code from impacting your operations, download the IFS Security Bundle, which includes a recorded webinar, IFS Security white paper, and the StandGuard Anti-Virus Technical Packet. These instant downloads are absolutely free. No forms required.