Peter Alsop's Weblog

2008 The Year of the Sun Ray

It's been a busy time here at Sun, what with the launch of xVM Ops Center, a very interesting move by Sun that heralds the age of "Data Center 2.0" (I hope to explain this in a later blog but briefly it is the convergence of networks, enterprise storage, virtualisation, availability and management tools) and our announcement of our intention to acquire the wonderful MySQL and the news that Dell is now distributing Sun's Crown Jewels, Solaris. All very bloggable, I'm sure. But I wanted to draw your attention to something I think is even more important than any of these. That's a big claim. It's early days now but I see a trend emerging.

What I am seeing is the beginning of huge interest in Sun Ray.

Sun Ray massively reduces your IT desktop costs, enables true hot-desking - globally, secure & seamless working from branch offices & home and thus all the business continuity benefits you could want. It provides a very much more comfortable & therefore more productive environment for your staff. Big companies can save the costs of a few data-centers. For some, I have just outlined cost savings of 20% or more of their IT budget. And if you use Sun Ray you will reduce the risk of customer/citizen/corporate/security data loss significantly - that could be more important to you than the cost savings.

Sun Ray is what we call our ultra-thin-client (UTC) technology. Now thin clients, where degrees of intelligence, data storage and thus cost are removed from the desktop device (PC) are placed on a centralised server are good and there are a number of alternatives. Sun Ray is ultra-thin because the desktop device has the very minimum intelligence needed. This turns out to be a key benefit. Many years ago I used to work in system architectures for Xerox products and I see a familiar virtuous pattern here. Put the intelligence etc where it works best. Software development guys may want to have the Model-View-Controller pattern in mind. Business people may see another virtuous pattern - lower the cost per item by increasing (to a very much smaller relative degree)central costs thus increasing overall value per cost - especially where volume grows or is already large. IT infrastructure guys may just see a huge problem disappear. I digress, more of that later. The thing is for years I have been telling customers "I'd like you to use Sun Ray but please use any thin client rather than these wasteful fat clients (ie PCs) - it's just the right thing to do".

Just to recap the benefits of thin-clients: you should save large amounts of capital as thin-clients should have, in general, much longer serviceable lives than PCs and require less overall infrastructure (not just IT but energy supply and ventilation of your offices. You should also save expense on your energy consumption bills and your support labour costs - simplicity on the desktop means anyone can fix their system (you just replace it like a light bulb) and PC management is so much easier - it's done in a controlled way at the back-end server not on the PC. There are lots of other benefits too like much quieter and more comfortable (temperature wise) offices. So if you are using thin-clients then congratulations - you have made the first best step. Moving to Sun Ray will be easier for you but something you still probably want to do. You'll find out why later. If you haven't yet made the move to thin-client then moving to the best thin-client, the ultra-thin-client of Sun Ray will be even more beneficial in every important way: customer satisfaction , employee satisfaction and cost.It is very, very easy to move to Sun Ray if you want to do it. It will take you less time than your last desktop roll-out and once you have done it, well, that's it. You will never have to to do it again. Big organisations's have started to realise this is important and are now starting to make it happen. Because now the time is right.

My next post will be about why Sun Ray has not been succesful so far, why its time has come and how Sun Rays unique benefits can save a big company 20% plus of its IT costs.

Posted at 03:26PM Feb 16, 2008 by psa in General  |  Comments[3]

The UK Child Benefit Database - the biggest ever data loss ?

Today the UK Government announced that 2 disks (which I presume to be CDs or DVDs) containing various personal details of a substantial portion of the population of the UK had gone missing. I think I am well within the bounds of impartial comment when I say this incident is a huge event in the UK. So what has happened ? One government agency (the National Audit Office) had requested some information from another agency - Her Majesty's Revenue & Customs "The Revenue " - and for some reason, as yet unknown, someone at The Revenue decided to send the data on disk, in the post - albeit a bespoke service provided by a commercial organisation. The data sent was, it seems, a large part or perhaps even the whole of the UK Child Benefit system database. It includes various personal details including the bank account details of those receiving the benefit payment. I should note - as pointed out in the House of Commons (the UK elected chamber)- the National Audit Office had requested a sub-set of the data that did not include many personal details. In his statement to the House of Commons the current Chancellor (Chief Finance Minister) reported: "The missing information contains details of all Child Benefit recipients: records for 25 million individuals and 7.25 million families." I have heard it reported (on the BBC) that the 7.25 million is also approximately the same number of bank account details included in the database.

It will be interesting to discover if this is the biggest loss of private data in history. Of course, the concern is whether the data has fallen, or will fall, into criminal hands. While it appears that the risk of immediate threat (i.e. criminals accessing bank accounts) is limited, the on-going risk is one of identity theft on a massive scale. If you have been the victim of identity theft you may know how bad this is. Criminals use your identity to procure goods and services in your name and then you are pursued for payment. The individual is pretty much protected from direct financial consequences but the secondary effects - answering the mail, phone calls etc to prove it really was not you - can be substantial.

From the technical viewpoint, what is interesting about the situation is the following:

Why was the data on the disks not encrypted ?

Why was it not sent via a secure government network ?

Where were the process and procedure safeguards ? Notably, how did someone get authorisation to access the data and then use it insecurely ?

There are numerous other organisational questions that overlap political questions. It is inappropriate to pursue these here.

We can only hope the consequences of this loss will be limited. The best scenario is that the disks are found and the data has remained safe. Nevertheless, UK banks can expect a much larger number of queries, as can the government agencies involved. All should be monitoring the situation for months to come - at a cost. Many people in the UK will also be worried, even if the threat does not actually materialise. Perhaps one good outcome of the affair is that people will take a little more time thinking about their personal data security and checking their bank statements.

This incident may lead to legal proceedings, so I need to be careful in my comments. All I can say, therefore, is that, in general, people acting in good faith, wanting to get a job done well, acting sensibly in their own minds but from their limited knowledge and experience - especially of technical issues, can make devastating mistakes. The larger the database these good people can access, and the greater the number of these good people with access - the higher the probability of accidental or malicious abuse.

There are bigger questions here, but one simple lesson for the whole IT industry, and indeed everyone, is that while the cost of effective data security is large (huge when we want the very highest levels of security), the cost of inadequate security can be much larger. The events should also, I hope, reinforce what I believe to be an important, but much ignored IT principle: a system should have only the minimal information it needs. That's because all systems are open to accidental failure and organised abuse and no amount of "best endeavors", "taking security to the next level", "guaranteed protection" or other words will change that. Rhetoric is no substitute for prudence with critical data.

Posted at 03:54PM Nov 20, 2007 by psa in General  |  Comments[1]

UltraSparc T2 and Tigerton Tests

I'm delighted to say that Phil Harman has published the detailed results of some of his testing of an UltraSparc T2(in a Sun Enterprise T5220 8 cores)) and a 4-socket Intel Tigerton (or Xeon 7300 as it should be called) (in a Sun Fire X4450 16 cores) . Take a look here. Let me make an important point here. What Phil's test show is a remarkable performance by T2 for a specific workload. Absolutely fantastic. However, there are other work-loads and use-cases that will be better suited to x86 processors and there are yet others where SPARC64 will be best. And there will be some workloads where two or even three of these architectures make a viable case to be chosen. That's why we at Sun offer our range of products. It's an old phrase but still true: "horses for courses". At Sun we have horses for all your courses.

Posted at 04:11PM Nov 06, 2007 by psa in General  | 

The Niagara UltraSparc T2 servers - another world champion

Ever since Distinguished Engineer and CTO of Sun Microelectronics, Rick Hetherington presented the specs to my customers (under Non-Disclosure, of course) I have been looking forward to the launch of these new products. They complete, very nicely indeed, the first chapter of the Chip Multi-Threaded story. We have had a prototype of one of them over here in the UK on trial for a few months and the results have been extraordinary, shocking, unbelievable... but more of that later.

Basics: UltraSparc T2 is the successor to the UltraSparc T1 CPU chip as used in the very successful T1000 & T2000 servers. They all form part of the Niagara family. It has the same number of CPU cores as the T1 (8 on the same silicon chip) but 2x the number of hardware threads as the T1 (64 vs 32 in total) and it runs at the same frequency range of 1.0, 1.2 and 1.4 GHz. It also has 8x the number of floating-point (FP) maths units (8 vs 1). Single-thread performance is not much better but throughput is getting on for twice, so:- 1xT2 = a little bit less than 2xT1. It's close enough for most intents and purposes. If you have an FP workload it's going to be interesting making comparisons! Clearly T2 will be a lot better in many cases but the comparison may well be complicated. Give it a go.

The rack-mount servers using T2 are called the T5120 and T5220. The T5120 is 1RU, and the T5220 is 2RU. The extra room in the T5220 is used for 2x the number of disks (8 vs 4) and 2x the PCI slots (there's some detail here you need to consider so go look at the specs). The main point is they use the same motherboard and both have N+1 redundant power supplies (where N=1, of course - that's all we need). And there will be a blade, the T6320 which has the same "processing" spec as the T5x20s. The T6320 goes into the Sun Blade 6000 chassis. Let's recall that this chassis also takes T1 blades, AMD Opteron blades and Intel Xeon blades of various flavours including a 4 socket Tigerton blade, the X6250. But I digress...

Just to complete the overview, the T2 chip also has circuitry on-board that typically you would have on an external chip or even a whole separate PCI card. So on-board the chip is the master PCI controller, an Ethernet controller (2x 10 Gigabit), and also 8x cryptographic accelerators which really help when you want to implement secure Web applications. I've probably forgotten some other features - there are just too many !

I am not going to go over the concepts of Chip Multi-Threading (CMT) and why it is so important, how it gets over the classic CPU problem of the chip spending 80% plus of its time waiting for memory etc. I might do that later , but I would urge you to go and research these concepts as CMT will become, I suspect, a feature of other CPU designs in the near future and something systems architects and developers will need to get their heads round to optimise the cost/performance of their designs.

In the meantime let me summarise what you need to know about T2 performance now. It's this simple:

1)The single-thread performance is, to be diplomatic, not great, about the same as a T1. If your application needs individual software threads to execute as quickly as possible and can execute as quickly as possible (e.g. finds lots of its code and data in cache), look elsewhere. Understanding that concept is important. Sun has a great range of x86 and SPARC64 servers which we will be happy to sell you for apps like that. But customers discovered in using the T2000 that there are lots of applications, including quite "meaty" databases, Java apps, "C" apps, for that matter, that work very well on a T2000 because they do not need great single thread performance. It just turns out that way for lots of server-side business applications.

2)The throughput performance of the T2 is amazing. Phil Harman modified some of his & Bart Smaalder's micro-benchmarks to emulate, to some degree, an application that stressed throughput in order to test it. It's not the case for all workloads of course, but in some tests a single-socket (pre-production) T5120 was performing better than a 4-socket Intel Tigerton box (each with the same memory). That's 8x 1.2 GHz Niagara cores (on one chip) versus 16x 2.93GHz Intel Core cores (on 4 chips). I'm not saying one T2 will beat 4x Tigertons in every case - far from it - but the fact it can do it in one instance is just fantastic. I expect we will be publishing some formal benchmarks soon which are equally amazing.

Now go look at power consumption. Now go look at RU space. These new Niagara boxes have a lot to offer.

P.S. having what amounts to 64 servers in a single box offers some great opportunities for replacing lots of old servers with one shiny new Niagara. To enable you to "slice and dice" how you deploy the applications Sun has two virtualisation technologies: Solaris Zones and Logical Domains (LDOMs). Too much to go into here but just to note we have also just launched V1.0.1 of Logical Domains.

Posted at 02:22AM Oct 10, 2007 by psa in General  | 

It was 50 years ago today...Sputnik

Historians argue about things like this: "Which is more important, the shooting of Archduke Franz Ferdinand or the invention of the Spinning Jenny?" This is because historians generally have far too much time on their hands and just love to argue. Just kidding historians (BTW I am married to one).

So how important was the launch of the first man-made satellite ? Very important in many ways. For the first time in the modern era there was a credible threat to the cities of the USA. The creation of a Soviet Union atom bomb combined with an unstoppable delivery mechanism was a fundamental change in potential global war. Sputnik was the starting point for the creation of the Inter-Continental Ballistic Missile (ICBM). While citizens of the USA were specifically affected the impact was felt across the West, and then the East. As a person who grew up under the ever-present threat of total annihilation, and was very conscious of it, I was still startled by a point made by a Buddhist friend - that this constant atmosphere of fear had a profound effect on our spiritual well-being. Impossible to measure that effect, I suspect, but it started with Sputnik. Inevitably, in response, a more liberal inclusive mood of cooperation was generated in the 1960's ("Flower Power" and "free love", "Ban the Bomb", CND etc), a sort of Newton's Third Law effect. The effects of both forces continue to be felt.

Of course, Sputnik was also the first major landmark in the Space Race, the second, also a win for the Soviets, was the first man & then woman in space. The USA was always a close second but stole the lead with one of the most astounding accomplishments of mankind - "of landing a man on the moon and returning him safely to the earth." We can argue if this is more astounding than, say, the eradication of smallpox (itself a mind-blowing achievement) but for me as a small boy looking at the moon one night in 1969 and thinking "there's really a man up there", it was one of the most memorable times of my life. I am so very grateful for it. The sense of excitement and adventure was immense and it no doubt contributed to my interest in science and technology.

The negatives of the Space Race, engendered as it was by the Cold War doctrine of Mutually Assured Destruction, must surely be out-weighed, so far, by the positives. The meta-competition between co-operation and competition is as old as existence. Orson Welles put the case in favour of competition perfectly in that wonderful film (movie) "The Third Man" when, as the evil character Harry Lime, he said:

"In Italy, for thirty years under the Borgias, they had warfare, terror, murder, bloodshed, but they produced Michelangelo, Leonardo da Vinci and the Renaissance. In Switzerland, they had brotherly love; they had 500 years of democracy and peace -- and what did that produce? The cuckoo clock."

The pros & cons of competition versus co-operation are a subject of importance in many other domains, computing included, and the debate is no less complex. I see no simple choice. competition is very important, but cooperation is also essential in certain areas, for example in the setting of universal standards.

But let's not dwell on these discussions now. Let us think about the fabulous efforts of the many people involved in the Space Race, their brilliance, their sacrifice and the good that came out of it. And look at the Moon. Someone like you & me walked there once.

Posted at 03:52PM Oct 04, 2007 by psa in General  | 

The M5000 - a new workhorse.

It seems every now and then we produce a server that fits so well into the server eco-system it establishes itself very quickly and occupies a niche larger than we might first have expected. The T2000 was like this. Initially, early on in the development cycle, I thought it would be great for web-facing applications i.e. the first point of contact between the network and your data-processing systems - doing things like web-page serving. As time went by it turned out the T2000 was great at all sorts of workloads, notably databases, Java applications servers and infrastructure support applications like LDAP, backup and server estate management. Various other economic forces, not least the low energy consumption and small physical footprint have led the T2000 to be one of our best ever selling systems.

In the server world one size does not fit all and there are a number of niches to be filled. While T2000 was a genuine new "creature" the like of which we had never seen before there is a niche that has been filled by an evolution of products, the niche which is the rack-mountable, mid-range database and applications server. It began before the E4000 but I'll start there as the E4000 is one of my all time favorite servers (I am proud to be the sort of person who can say that!). The evolutionary line sort of split with the niche being differentiated and filled at the lower end with the V4x0 & V8x0 and at the higher end with the E2900 used for Enterprise-class processing.

The M5000 is the natural successor to the V8x0/E2900 but recombines the two evolutionary paths back into a single system which is both high-end enterprise-ready and great value. The M4000 fills the V4x0 space. For the foreseeable future the E2900 continues to provide the capability to go to 12 CPUs (as opposed to the M5000s max of 8 CPUs) and some applications will need that extra resource so the E2900 will be part of the mix for a while. However, I suspect that the M5000 will meet many of the demands previously met by the E2900.

A conversation I have been having with customers is about whether to choose the M4000 (4 CPU sockets) or M5000 (8 CPU sockets) . In general, many situations tend to favour a strategy of standardisation around the M50000. While the M4000 costs a little less and is 4RU smaller the greater expansion capacity of the M5000 is, for many customers, worth the premium for the chassis. Tipping the balance is the observation that the diversity of type of "objects" within the data centre drives the total cost.Thus, at a relatively small acquisition cost margin, we can standardise on the M5000 reducing overall data centre management costs. Sure, for many the few thousand dollars/euros/pounds or equivalent between M4000 and M5000 will be a factor - quite rightly so - that's why we have the M4000 but for folks looking to buy more than 20 units I suggest the M5000-only policy makes sense.

Posted at 03:42PM Sep 18, 2007 by psa in General  |