oracle openworld 2015: the new era of secure computing and convergence with oracle systems - john...

Oracle Systems

John FowlerExecutive Vice President, Systems

October 25-29, 2015San Francisco

Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |

Smart Database PlatformsThe Race to the Future

Juan LoaizaSenior Vice PresidentOracle Database Systems

SuperClusterExadata

Copyright © 2015 Oracle and/or its affiliates. All rights reserved. |Copyright © 2014 Oracle and/or its affiliates. All rights reserved.

Dramatically Better Databases on Smart Full-Stack Platforms

Vision

• Smart Hardware - Scale-out, Database optimized compute, networking, and storage for fastest performance and lowest costs

• Smart Software – Unique full-stack algorithms deliver fastest and most efficient OLTP, Analytics, Consolidation, and In-Memory DB

• Smart Integration - Full-stack optimization, automation, and support to reduce operations costs


Focus Areas since 2008

Software in SiliconCloud Service

Data WarehousingTransaction Processing

Extreme FlashIn-Memory DB

Database Consolidation

Thousands of Engineer Years

Hundreds of Enhancements


Half OLTP, Half Analytics

Proven at Thousands of Ultra-Critical Deployments

• Petabyte Warehouses

• Online Financial Trading

• Business Applications• SAP, Oracle, Siebel, PSFT, …

• Massive DB Consolidation

• Public SaaS Clouds• Oracle Fusion Apps, Salesforce, …

4 out of the 5 Largest Banks, Telecoms, Retailers Run Exadata


Extreme Performance - Always Available - Starts Small, Scales Huge

Smart Hardware Architecture for Database

Smart Server Architecture Scale-Out Servers, Fastest CPUs

Smart Network Architecture Unified Ultra-fast InfiniBand

Smart Storage Architecture Fully Scale-Out Exadata Storage

Smart Flash Architecture Ultra-fast PCIe Flash Cards

Smart Tiering Architecture Tier Flash & Ultra-Capacity SAS Disks

Smart Cost Architecture Industry Standard CPUs, Flash, Disks

Smart Offload Architecture Application Co-Processors in Storage


Exadata – Unique Smart Platform Software

Smart Storage• Hybrid Columnar Compression

reduces space usage by 10x

• Database aware Flash Caching gives speed of flash with capacity of disk

Smart OLTP

• Special InfiniBand protocol for best OLTP latency : 250us IOs @ 2MM IOPs

• Ultra-fast transactions using DB optimized flash logging algorithms

Smart Consolidation• Workload prioritization from CPU to

Network to Storage ensures QOS

• 4X more Databases in same hardware

Smart Analytics• Move queries to storage, not

storage to queries

• Automatically parallelizes queries across all storage servers

• 100x Faster Analytics


Dozens of Additional Smart Platform Capabilities

Smart Analytics

• Storage Index data skipping• Storage offload for min/max

operations• Data Mining Storage Offload• Storage offload for LOBs and

CLOBs• Auto Flash Caching for Table

Scans• Reverse Offload to DB servers• Offload Index Fast Full Scans• Offloads Scans on Encrypted

Data, with FIPS compliance

• Active Bonding of InfiniBand

• Instant data file creation

Smart OLTP

• Smart network packet prioritization

• I/O Prioritization by DB, User, or workload to ensure QOS

• Active AWR includes storage stats for end to end monitoring

• Write-back Flash Cache• Cell-to-Cell Rebalance preserving

Flash Cache• Secure disk and flash erase• Database scoped security• Full-stack security scanning• Exachck full-stack validation• NVMe flash interface for lowest

latency IO

Smart Availability

• In-Memory Fault Tolerance• Offload backups to storage servers• Prioritize rebalance of critical files• Elimination of false drive failures• Flash and disk life cycle

management alert• Avoid reading Predictive failed

disks• Cell software transparent restart• I/O hang hardening• Prevent shutdown if mirror server

is down• Confinement of temporarily poor

performing drives


Smart Platform Capabilities Introduced This Year

10

Smart OLTP

• 3X faster OLTP messaging - DB talks directly to InfiniBand, bypassing OS

• Instant detection of Node Failure

• Sub-second Capping of I/O Latency

Smart Licensing • Capacity-on-Demand reduces

license cost by disabling cores

• Trusted Partitions limit license scope of specialized options

Smart Analytics• 5X faster using Columnar Flash Cache

• 3X faster JSON/XML using storage offload

Smart Consolidation• Zero Overhead Xen VMs

• Snapshots for Test/Dev

• InfiniBand Partitioning

FIN VM

SALES VM

DB Vault

Option

Spatial & Graph Option

VM

VM

Smart Cloud Platform


Single Cloud Service for ALL Database Workloads

Exadata Cloud Service

• Deploy Mission Critical Enterprise Databases with a few clicks

• 100% Database Compatibility enables easy migration and hybrid deployments

• Oracle Experts Manage Infrastructure

• Pay per Use

• Complete Isolation of tenants with no overprovisioning

OLTP

Data Warehousing

In-Memory Analytics

DB Consolidation

Disaster Recovery

App Certification


Decades of Database Innovation - Proven at Millions of Mission Critical Deployments

Exadata Service: Scalable, Available, Secure, Compatible

Advanced Security, Label Security, Database Vault

Multitenant

Active Data Guard

Partitioning

AdvancedCompression

Real Application Testing

OLAP, Analytics, Spatial and Graph

Management Packs

Real Application Clusters

In Memory Database InfiniBand Fabric

Columnar Flash Cache

HCC

10:1

I/O I/O I/O

PCI FlashSmart Flash Cache,Smart Flash Log

Hybrid ColumnarCompression

I/O Resource Management

Exafusion Direct-to-Wire Protocol

Offload SQL to Storage

Network Resource Management

In-Memory Fault Tolerance

All ExadataPlatform

Innovations

All Oracle Database

Innovations

Smart Platform Extended to CPU


SPARC M7 Software in Silicon

Smart Platform Extended into CPU Chip

• Traditional DB algorithms too complex for chips

• Big Change: In-memory algorithms are much simpler

• 5 years ago Oracle initiated a revolutionary project

–Build fastest ever microprocessor• Most processing cores (32)

• Most concurrent threads (256)

• Fastest Memory Bandwidth (160 GB/sec)

–Add In-Memory DB operations directly on chip

Softwarein Silicon


In-Memory Algorithms Natively Implemented in Silicon

Capacity in Silicon

Decompression Engines

Silicon Secured MemoryFine-Grained Memory

Protection

Sparc M7Softwarein Silicon

Database Software Support Shipping Since Mid-Year

SQL in Silicon

DB Acceleration


SQL in Silicon: Database In-Memory Acceleration Engines

• SIMD Vectors instructions are fast, but were designed for graphics, not database

• New SPARC M7 chip has 32 optimized database acceleration engines (DAX) built on chip

• Independently process streams of columns

– E.g. find all values that match ‘California’

– Up to 170 Billion rows per second!

• Like adding 32 additional specialized cores to chip

– Using less than 1% of chip space

Core

Shared Cache

Core Core Core

DB Accel

DB Accel

DB Accel

DB Accel

SPARC M7


Capacity in Silicon: Decompression Engines

• Compression is key to putting more data in-memory

• Decompression is far more import for databases than compression

– Data is loaded once, queried many times

• Bit pattern decompression in normal cores is slow

– 64 CPU cores needed to decompress at full memory speed

• SPARC M7 adds 32 optimized decompress engines

– Run bit-pattern decompress at memory speedDoubles Memory

Capacity


Silicon Secured Memory: Fine Grained Memory Protection

• Database In-memory places terabytes of data in memory

– More vulnerable to corruption by bugs/attacks than storage

• SPARC M7 locks memory as it is allocated so only the owner can access it

– Hidden “color” bits added to pointers (key), and content (lock)

– Pointer color (key) must match content color or program is aborted

– Hardware support eliminates performance impact

• Helps prevent access off end of structure, stale pointer access, malicious attacks, etc. plus improves developer productivity

MemoryPointers

MemoryContent

STOP


Dramatic Performance and Cost Advantages

Conclusion: Smart Platforms are the Future

• Smart Scan• InfiniBand

Scale-Out

• Database Aware Flash Cache• Storage Indexes• Columnar Compression

• IO Priorities• Data Mining Offload• Offload Decrypt on Scans

• In-Memory Fault Tolerance• Direct-to-wire Protocol• Columnar Flash Cache• JSON and XML offload• I/O latency capping• Instant failure detection

• Network Resource Management• Multitenant Aware Resource Mgmt• Prioritized File Recovery

• Unified InfiniBand

• Scale-Out Servers

• Scale-Out Storage

• Application Co-Processors

• PCIe Flash

• Tiered Disk/ Flash

• Software-in-Silicon

Oracle Database PlatformsSmart by DesignSmarter Every Year

SuperClusterExadata

Oracle Systems

John FowlerExecutive Vice President, Systems

October 25-29, 2015San Francisco


Previously Unimaginable Results for Apps & Cloud, Attainable Now

Breakthrough Hardware And Software Co-Engineering

Mid-1990’sLarger Memory

Support,Greater Accuracy

Mid-2000’sMulti-core,

Multi-threadedComputing Today:

32-Core RevolutionSoftware in Silicon:Software Functions on Chip

Open Systems Virtualization & Cloud


Memory intrusion protection

First hardware based memory protection

Always-on memory protection

Improved developer efficiency, security, and reliability

Security In Silicon: Silicon Secured MemoryImproved Security & Reliability in Hardware


Security In Silicon: Silicon Secured Memory

Applications Memory

Pointer “Y”

Pointer “R”

GO

Pointer “B”GO

• Protects data in memory

• Hidden “color” bits added to pointers (key), and content (lock)

• Pointer color (key) must match content color or program is aborted

• Set on memory allocation, changed on memory free’

• Protects against access off end of structure, stale pointer access and malicious attacks

M7 Processor


Silicon Secured Memory Protection From Read and Write Attacks

A Couple of Famous Examples: Heartbleed & Venom

Buffer Over-Read Attack Buffer Over-Write Attack


SPARC M7: Broadest Set Of Ciphers For All Your Apps

32 Crypto Accelerators per Processor

Clear Data In

Encrypted Data Out


M7 Advantage Increases on Highest Security Ciphers

Much Faster End-To-End Encryption

Oracle M732 cores

IBM Power86 cores

Intel X86 E5 v318 cores

4X Faster vs. X86

11X Faster vs. IBM Power

AES 128-CBC: Popular for Cloud, DB

Oracle M732 cores

IBM Power86 cores

Intel X86 E5 v318 cores

SHA 512-1024: Important for Banking Operations

83 GB/s

22 GB/s

8 GB/s

84 GB/s

4.7 GB/s

2.4 GB/s

18X Faster vs. X86

35X Faster vs. IBM Power


Massive Encrypted Network and Disk Traffic with Plenty of Capacity Left for Compute

AES-128-CBC Security In Silicon Efficiency For DB & Cloud

8 GB/s Out to Disk

8 GB/s In from Network

Oracle T7-1

• Eight 10 GbE connections for intake of encrypted network traffic

• Eight 10 GbE connections for output of encrypted data to NAS

• 19% of compute resources used for decryption/encryption work

• 81% of compute still free for running database and cloud applications

81% Free for DB, Cloud

19%


SECURE

SPECjEnterprise: Oracle M7 with Encryption is 4.5x Faster Than Power8 Processor

#1 Database And Java With End-To-End Security

2nd Place22,543.34 EjOPS

8 processors

UNSECURE

25,093.06 EjOPS2 processors

1st Place


Not Available on IBM Power or X86 Systems

Hardware Enabled Secure Live Migration

• Mission-critical VM with 128GB of memory securely transferred 95 seconds

• VM encrypted for transmission over network: ensures that secure data is not exposed during move

• Security in Silicon with Strong Encryption: AES256_GCM_SHA384

• Very small performance impact on migrated VM during transference

• Software in Silicon: Memory Versioning Scan quickly finds “dirty” pages

VM VM VM

Oracle T7-1

Oracle T7-1

VM


High Performance Fully Encrypted Data Center

Client Web Tier Middleware Tier

Database Tier

ZFS Storage

SSLTLS

SSLTLS

HTTPS JMS JDBC

SSLTLS

ZFS Encryption

TLS

AES

Archive

TDE

Key Manager

AES

AES

High Performance Security for Web, Middleware, and Database

Industry’s fastest Oracle Transparent Data Encryption

SPARC M7 Security in Silicon


Data Analytics Accelerator


M7 Query Accelerator Engine

• 32 In-Silicon Offload Engines

• Cores/Threads Operate Synchronous or Asynchronous to Offload Engines

• User Level Synchronization Through Shared Memory

• High Performance at Low Power

• 3x more Memory Bandwidth than x86

Decompress

Unpack/Alignment

Scan, Filter,Join

Result Format/Encode

Data Input Queues

LocalSRAM

Decompress

Unpack/Alignment


Decompress

Unpack/ Alignment


Decompress

Unpack/ Alignment


Data Output QueuesM7 Query

Engine(1 of 32)

On-ChipNetwork

Data Input Queues

Data Output Queues

On-ChipNetwork

On-ChipNetwork

On-ChipNetwork

Scan, Filter,Join

Scan, Filter,Join

Scan, Filter,Join


Image

M7 Beta

Solaris 11.3Oracle 12.1.0.2

Speed Increases with Diversity of Data

M7 + Database 12c In-Memory Faster Than Flash

Faster83XQueries

per Hour

In-Memory + SWiS

Flash LUN

3000

2500

2000

1500

1000

500

0

Single Query Execution with DOP=32

Product catalog of major on-line retailer with large number of parts

“How many uniqueproducts in stock?”Query:


With Oracle M7 You Can Run Both Analytics and OLTP

Software in Silicon Efficiency for In-Memory

Analytics OLTP

Running 1 TB Database compressed into 120 GB of memory

Analytics

OLTP

Analytics

Analytics

AnalyticsOracle T7-1

1 chip, 32 cores

5x Latest Generation HP DL38010 chips, 180 cores

Linux

Solaris


Image

One Billion Rows Filtered And Folded Into Cube

Apache Spark with Software-in-Silicon

Faster6X

With M7 In-memory Analytics Accelerator

Without M7 In-memory Analytics Accelerator

38 seconds

6 seconds


World’s FastestMicroprocessor


SPARC M7: Setting 20 World Records in Performance

#1 SPECint_rate2006: 1,200 peak

#1 SPECfp_rate2006: 832 peak

#1 SPECjEnterprise2010: 25,093.06 EjOPs

#1 SAP-SD 2 processor: 30,800 SAPs

And more…


Balanced Design


Technology That Delivers

Breakthrough Processor and Systems Design

Silicon secured memory and wide key encryption –Designed for Security

Security in Silicon

SQL in Silicon

Hardware SQL acceleration and decompression -Breakthrough Oracle

Integration & Efficiency

World’s Fastest Microprocessor

More cores, more threads, more memory & IO Bandwidth,

lower latency - Extreme Performance for Apps and

Cloud


Encryption Speed for AES 128

Architectural Scalability: Scale Security To Your Needs

T7-1

T7-2

T7-4

M7-8

M7-16

83 GB/s Crypto

332 GB/s Crypto

664 GB/s Crypto

1.3 TB/s Crypto

166 GB/s Crypto


SPARC M7 secure 3.8x faster that unsecure Power8, 3.5x faster than unsecure x86 v2

Hadoop Terasort –Great performance using public Apache Download

SPARC M7 secure 3.8x faster than unsecure IBM Power8

IBM S822L 8-node Cluster

3.5 Power8

7.5

32.5

(Un-secure Baseline)

Oracle T7-4 1node

29.1

SECURE AES-256-GCM baseline

Oracle T7-4 1node

Terasort 10TB - Perf metric GB/min per processor

3.8x

SPARC M7Chip

Advantage

128 Cores 128 Cores192 Cores

Perf metric GB/min per processor

IBM S822L 8node 6c/chSPARC M7

Terasort 10TB

Oracle Confidential – Highly Restricted


Big Data Performance From One Small Server

NoSQL: Yahoo Cloud Serving Benchmark

Oracle T7-4128 Cores

1,890,394 Ops/sec

12 x Cisco C240 M3192 Cores

2X FasterPer chip

Oracle NoSQLCloud Database

12X Fewer Servers64 Fewer Cores

Much Lower Cost

1,028,868Ops/sec

Linux Solaris


Open


Developers


6 Processors in 5 Years

Consistent Execution

201320112010 2013 2013

16 x 2nd Gen cores4MB L3 Cache

1.65 GHz

8 x 3rd Gen Cores 4MB L3 Cache

3.0 GHz

16 x 3rd Gen Cores8MB L3 Cache

3.6 GHz

12 x 3rd Gen Cores 48MB L3 Cache

3.6 GHz

6 x 3rd Gen Cores48MB L3 Cache

3.6 GHz

SPARC T3 SPARC T4 SPARC T5 SPARC M5 SPARC M6 More To Come

IncludingSoftware in Silicon

• Silicon Secured Memory• DB Query Acceleration• Inline Decompression• More….

}

2015

32 x 4th Gen Cores 64MB L3 Cache

4.1 GHz

SPARC M7

Today


Scalability: 32 to 512 Cores - 256 to 4,096 Threads

New: T7 And M7 Servers, SuperCluster M7

Most Scalable Systems

Worlds Most Secure

Only Chip with Software in Silicon

Worlds Fastest Chip