Migrating from WLM to gWLM
31
Integrating with Security Containment
The HP-UX feature Security Containment provides file and process isolation and is available starting
with HP-UX 11i v2. Combining that isolation with gWLM workloads based on psets or fss groups, you
can form Secure Resource Partitions, which give your workloads both isolation and automatic
resource allocation.
To integrate the two products:
1. Configure Security Containment compartments outside gWLM and activate them.
2. Create your gWLM workloads.
The processes in the Security Containment compartments will go in these workloads. You have two
options to create the workloads:
• Use Application Discovery to add an application to a monitored workload that you then
manage. This application should be the same one running in the Security Containment
compartment that you want to manage.
• Define your workload using a process map you create. (A process map is an executable that
returns a set of process IDs separated by white space. The identified processes are placed in the
workload.) The process map should return a list of all the processes in the Security Containment
compartment.
Each Security Containment compartment will have a process map associated with it to identify its
processes.
3. Deploy an SRD that uses the new workloads.