POWER SYSTEMS NEWSLETTER
UNITED STATES - EAST
February 2013
An Overview of PowerSC
In this issue:
By James Smith - jimsmith@us.ibm.com
PowerSC Overview
PowerSC is an important new addition to the IBM Systems Software portfolio.
PowerSC provides a security and compliance solution designed to protect data centers
virtualized with PowerVM, enabling higher quality services. This new system software
offering was part of the October 2012 announcements, so it’s a relatively new part of our
system software stack.
With its simple administration interface and preconfigured compliance profiles, PowerSC is
designed to simplify the administrative effort associated with complying with three of the
most common external standards for security and compliance:



Payment Card Industry Data Security Standard (PCI DSS),
Health Insurance Portability and Accountability Act Privacy and Security Rules
(HIPAA)
US Department of Defense Security Technical Implementation Guide for UNIX (DoD
STIG) standards.
Also supported is an implementation of best practices specified by the Control Objectives
for Information and related Technology (COBIT) standard. Public companies that are
subject to the U.S. Sarbanes-Oxley Act of 2002 often adopt the COBIT best practices.
Here is an outline of what’s in PowerSC, and how each version is packaged.
New Announcements
Server à la Carte
High Availability
Power 750 / 760
VIOS Network Tip
DSO & DPO
3rd Party
Endorsements
Selecting a Strategic
Operating System
Success Stories
Business Impacts of
SAP Deployments
Value of Virtualization
Future of the
Datacenter
PowerSC Express Edition is offered with AIX 5.3, 6.1 and 7.1 versions and is designed for
basic automation of compliance to external standards for AIX users. Express Edition is
best used in conjunction with the AIX Profile Manager (a plug-in to IBM Systems Director),
which automates and centralizes compliance, control and reporting. The Express Edition
also offers command line administration.
PowerSC Standard Edition includes the features of the PowerSC Express Edition and
adds security and compliance capability for virtual machines running with PowerVM.
PowerSC Standard Edition additional features are: Trusted Boot, Trusted Logging,
Trusted Firewall, & Trusted Network Connect and Patch Management
Watson has been busy
PowerSC Standard Edition is included in AIX Enterprise Edition
PowerSC Trusted Surveyor is offered separately and is not included in the PowerSC
edition structure. Trusted Surveyor monitors and reports on virtual network segregation
policy compliance and is licensed for each HMC.
Additional details on PowerSC are available online:
Community
flickr
Twitter
LinkedIn
YouTube
http://www.ibm.com/systems/power/software/security/index.html
http://www.redbooks.ibm.com/abstracts/sg248082.html?Open
Facebook
RSS Feed
Send questions, comments, or concerns: richard.milton@us.ibm.com (or to subscribe)
Power Systems Announcement Overview
By Bill Moraca – wmoraca@us.ibm.com
th
On Tuesday, February 5 IBM announced new Power Systems Express servers with POWER7+ chip technology. In
addition, a brand new model was introduced – the Power 760.
Power 710 (8231-E1D) - 1 socket of 4 cores @ 3.6 GHz, 6 cores @ 4.2GHz or 8 cores @ 4.2 GHz; up to 256GB of
memory using up to eight 32GB DIMMs
Power 730 (8231-E2D): - 2 sockets of 4 cores @ 4.3 GHz, 6 cores @ 4.2GHz, 8 cores @ 3.6GHz or 8 cores @ 4.2
GHz.; up to 512GB of memory using up to sixteen 32GB DIMMs
Power 720 (8202-E4D) - 1 socket of 4, 6 or 8 cores @ 3.6GHz; up to 512GB using up to sixteen 32GB DIMMs (note
that memory on the 4 core option is limited to 64GB)
Power 740 (8205-E6D) - 1 or 2 sockets of 6 cores @ 4.2GHz, 8 cores @ 3.6GHz, or 8 cores @ 4.2GHz; up to 1TB
memory using up to thirty two 32GB DIMMs
PowerLinux
o PowerLinux 7R1 - based on the Power 710 E231-E1D
o PowerLinux 7R2 - based on the Power 730 E231-E2D
All “D” model Express Power Systems servers all have the same I/O configuration as the earlier “C” models.
Power 750+ (8408-E8D)
o 5u form factor, up to 32 cores & 1TB of memory
o 1 to 4 sockets of POWER7+ on a Dual Chip Module (3.5 or 4.0GHz)
o 6 PCIe Gen2 blind swap slots (hot pluggable), plus a new Multi-Function card
o 6 Small Form Factor disk bays in a split (3+3+SATA) configuration
o 3 years 7x24 maintenance coverage
Power 760+ (9109-RMD)
o 5u form factor, up to 48 cores & 2TB of memory
o 1 to 4 sockets of POWER7+ on a Dual Chip Module (3.1 or 3.4GHz)
o 6 PCIe Gen2 blind swap slots (hot pluggable) plus a new Multi-Function Ethernet card
o 6 Small Form Factor disk bays in a split (3+3+SATA) configuration
o 3 years 7x24 maintenance coverage
o Processor Upgrade on Demand
AIX & VIOS Levels
New service packs were issued for all of the supported software levels with planned availability information below.
Statement of Direction (SOD) indicates availability later than March 29, 2013.
Available 2/10: AIX 7.1-TL2-SP2, AIX 6.1-TL8-SP2, VIOS 2.2.2.2
Available 3/29: AIX 6.1-TL7-SP7, AIX 6.1-TL6-SP1
SoD: AIX 7.1-TL1-6, AIX 7.1-TL0-SP8, AIX 5.3-TL12-SP7, & VIO Server 2.2.1.5
I/O
o EXP30 SSD drawer (announced October 2012) is supported on the Power 710+ thru Power 760+ servers.
Attachment is through a GX++ I/O slot.
o New PCIe Gen2 adapter with two 10 Gigabit CNA ports (SR Optical with LC connectors) and two 1 Gigabit ports
available in both a full height and a low profile form factor (“D” models only today)
o New PCIe Gen2 adapter with two 16 Gigabit Fibre Channel ports for SAN connectivity, also available in both a full
height and a low profile form factor (“D” models only today)
Tape
o New 1.5 TB tape cartridge for the entry RDX tape drives
o New LTO-6 tape drive in the half height form factor that fits in the Power 720/740 "C" models and in the new
Power 720+/740+ servers along with the original 750
Useful URLs:
Prerequisite Site - https://www-912.ibm.com/e_dir/eserverprereq.nsf
IBM Systems Energy Estimator - http://www-912.ibm.com/see/EnergyEstimator
AIX Whitepapers - http://www-03.ibm.com/systems/power/software/aix/whitepapers/index.html
AIX Release Strategy - http://www-03.ibm.com/systems/power/software/aix/support/release_strategy.html
Power Systems Technical Guide - http://www-03.ibm.com/systems/power/hardware/reports/factsfeatures.html
AIX Movies https://www.ibm.com/developerworks/mydeveloperworks/wikis/home?lang=en#/wiki/Power%20Systems/page/HandsOn%20Technical%20Movies
VIO Network Performance Tip
By Doug Herman – hermand@us.ibm.com
When using the Virtual I/O server (VIO) for virtualizing physical networks to client logical partitions, a Shared Ethernet
Adapter (SEA) is configured by using the physical Ethernet adapter and the virtual Ethernet adapter to create a layer 2
bridge. One way to improve network performance is to use the “largesend” option on the VIO SEA and the client
logical partitions.
The largesend feature allows sending large data packets over virtual Ethernet adapters without breaking up the
packets into smaller MTU size packets. Starting with AIX 6.1 TL7-SP1 and AIX 7.1 TL0-SP1, the operating system
supports the mtu_bypass attribute for the shared Ethernet adapter to provide a persistent way to enable the
largesend feature: ftp://public.dhe.ibm.com/common/ssi/ecm/en/pow03049usen/POW03049USEN.PDF
Using largesend (mtu_bypass) on the AIX interfaces boosts throughput between logical partitions within the
hypervisor of the Power server, without using additional processor utilization.
Set “largesend” on the VIO SEA, and mtu_bypass (largesend) on the AIX LPAR interfaces. This lowers both the
sending AIX LPAR and the sending VIO processor usage when transferring to an outside machine.
All MTU sizes remain at 1500. There is no requirement for Jumbo Frames.
Some examples of largesend attributes for performance
# ifconfig en0 largesend
(LPAR to LPAR, virtual to virtual, in same machine single stream, binary FTP dd test)
1Gb per second without largesend
3.8Gb per second with largesend - Higher throughput
Processor utilization slightly higher on sender and slightly lower on receiver

largesend=1 on VIO SEA and largesend on client interfaces
- Much lower processor utilization on sender and on sending VIO

VIO SEA physical adapters should have both large_send and large_receive set to yes
$ lsdev -dev ent0 -attr |grep lar
large_receive yes
Enable receive TCP segment aggregation True
large_send yes
Enable hardware Transmit TCP segmentation
To make change settings permanent:
VIO Server
$ chdev -dev ent# -attr largesend=1 large_receive=yes
AIX LPAR
# chdev –l en# -a mtu_bypass=on
Power Systems Performance Tools DSO and DPO
BY Kyle Strohm – klstrohm@us.ibm.com
In October 2012, IBM released two new tools for optimizing Power environments:
Dynamic System Optimizer (DPO):
DSO operates on the AIX LPAR level. You may have heard of, or have used a tool from IBM called Active System
Optimizer (ASO). ASO provides autonomous tuning of system resources with the goal of improving performance,
including thread-level processor core, cache and memory affinity. ASO ships free with AIX 7.1 TL01, AIX 6.1 TL8 and
above. DSO takes the ASO capabilities to new levels. It is now the official name for the two components bundled
together. The ASO component remains a no cost part of the Base Operating System, while DSO features come at an
additional charge for an enablement fileset.
So exactly what does the DSO component actually do? It provides the ability to dynamically migrate memory pages to
Large Pages (16MB), which benefits database engines like Oracle/DB2, and optimizes algorithms for processor cache
fetches from main memory. The combined toolset operates as an integrated System Resource Controller (SRC)
service, which does not require a reboot after installation (it is automatically detected). The service is configured with
smitty src or from the command line. It hibernates when no benefits are indicated and wakes up when possible
performance improvements are detected. Metrics are collected and analyzed over time to create high levels of
optimization. DSO requires a minimum of AIX 7.1 TL02 or 6.1 TL08. Note that the functionality is not supported in
Active Memory Sharing (AMS) environments.
Dynamic Platform Optimizer (DPO):
DPO operates at the frame (or full system level). Performance improvements can be gained for all associated logical
partitions. Memory affinity is analyzed and resources are moved as required to attain improved levels of affinity for
each logical partition. Firmware level 760 or later is required, in addition to the following affinity aware operating
systems:
AIX 6.1 TL8 or later
AIX 7.1 TL2 or later
VIOS 2.2.2.0
IBM i 7.1 PTF MF56058
Please note that older operation systems can work with DPO, but need to be rebooted after running DPO to allow AIX
to capture fresh affinity information. Otherwise, performance can degrade due to the stale information. There are
possibilities of other complications, so it is not recommended to use DPO unless running the levels listed above.
The HMC command "lsmemopt" is used to report current affinity and potential affinity scores, while the "optmem"
command is used to start the affinity optimization. lsmemopt can also be used to track the progress of the
optimization.
At this time there is no support for DPO in current RHEL or SUSE Enterprise Linux versions.
More detail can be found at the following links:
ASO/DSO Documentation:
http://www-03.ibm.com/systems/power/software/aix/workloadoptimizer/index.html
http://pic.dhe.ibm.com/infocenter/aix/v6r1/topic/com.ibm.aix.optimize/optimize_pdf.pdf
DPO Best Practices Paper:
http://www.ibm.com/developerworks/wikis/download/attachments/53871915/P7_virtualization_bestpractice.doc
The POWER7+ based Power 750 Express (and Power 760)
More than just a processor upgrade
By John Schmidt - jtschmid@us.ibm.com
Unlike the majority of the POWER7 server family, the Power 750 (8233-E8B) has remained largely unchanged since
its inception. With the February 5, 2013 announcement, this changes. The redesigned Power 750 scales up to 32
POWER7+ cores and 1 TB of memory. The brand new Power 760 scales up to 48 cores and 2 TB of memory, using
the same architecture and form factor. Both systems leverage a Dual Chip Module, 4 socket design (two chips per
socket), have a new I/O subsystem, and are 5U (EIA units) high.
The new I/O subsystem features enhanced I/O redundancy and flexibility. Two integrated POWER7+ I/O controllers
replace the P5 I/O controllers in the previous model (8233-E8B). This provides enhanced I/O bandwidth and 6 PCIe
Gen2 slots replacing the 3 PCIe Gen1 and 2 PCI-X slots of the POWER7 750. Also, two GX++ slots (20 Gbps each)
replace the combination of one GX+ and one GX++ slot (10 Gbps and 20 Gbps, respectively) in the previous model
Power 750.
The GX++ slots allow attaching up to four 12X PCIe I/O drawers or up to two EXP30 Ultra SSD I/O drawers. A
minimum of two processor cards must be installed to enable the two GX++ adapter slots. The system unit also
includes six SFF SAS bays, supporting 2.5-inch SSDs and hot swappable SAS disks. The six SAS SFF bays can be
split into two sets of three bays, using the integrated SAS adapters.
From a topology standpoint, the new Power 750 / 760 systems are similar to the 4-drawer Power 770 system. The
interconnects between the chips on a DCM are similar to the interconnects between sockets in a single Power 770
system enclosure. The interconnects between sockets of the Power 750 / 760 system are similar to the interconnects
between the system enclosures of a Power 770 / 780.
This architecture provides the best bandwidth and lowest latency between the two chips on the DCM (socket), but a
lower bandwidth and higher latency between DCMs (sockets). For best performance, it may be necessary to take this
into account when configuring workloads that will span individual DCM sockets.
Further details on the Power 750 and Power 760 architecture can be found at the following IBM Redbooks technote:
http://www.redbooks.ibm.com/Redbooks.nsf/RedbookAbstracts/tips0972.html?Open
POWER7+ Server Redbooks (aka “D” models)
Power 710 and 730 Technical Overview and Introduction
Power 720 and 740 Technical Overview and Introduction
Power 750 and 760 Technical Overview and Introduction
Power 770 and 780 Technical Overview and Introduction