Manualshelf

An introduction to the products and features of HP-UX Containers

ManualsBrandsHP ManualsSoftwareHP-UX Containers (SRP)
12345678910
5
Container types
HP-UX Containers provides multiple container types. Each container type offers unique features, which allow
administrators to choose the container that best fits their workload requirements. The next section gives a brief
overview of each container type. For more information on system and workload containers, visit:
http://www.hp.com/go/virtualization-manuals.
For more information on HP 9000 containers, see the HP 9000 Containers Administrator’s Guide at:
http://www.hp.com/go/hp9000-containers.
System containers
System containers provide virtualization and private namespace capabilities that give users and applications the look
and feel of a private operating system instance. The unique namespace eases application deployment with out-of-the-box
implementations since it avoids name clashes that are common when consolidating workloads within one OS instance.
As with all container types, each system container has a private directory under /var/hpsrp. However, a process that
runs in a system container has its file system root set, using a secure chroot() at the containers private directory
(/var/hpsrp/$CONTAINER) instead of the system’s file system root (/). This allows each system container to have
their own copy of files that are accessed using the same file system path as other containers. For example, a system
container named sys1 would access its private passwd file using the standard path of /etc/passwd when that file’s
real path is /var/hpsrp/sys1/etc/passwd. System container sys2 would access its private passwd file using
/etc/passwd, which has a real path of /var/hpsrp/sys2/etc/passwd.
There are two types of file system layouts available for system containers (specified when you create a system
container):
Shared: The container shares the /usr, /sbin, and /stand directories with the global (read-only)
Private: The container only shares the /stand directory with the global (read-only); /usr and /sbin are private
(read/write) to the container.
See figure 3 for a detailed layout of a system container file system access.
Each system container has:
A unique host and node name
Local users and groups (including a local root user)
Local NIS or LDAP domain
Local password policies
Local file system view (private or shared)
Local system services (for example, init, sshd, pwgrd, syslogd, and inetd)
Private network interface and IP address
Private IPC namespace
Local NFS Client and AutoFS support
Both system and workload containers are managed using the same tools, including the SRP Manager integrated with
SMH. Container management on HP-UX Containers v3 use the same commands and tools as HP-UX SRP v2, making
the transition from HP-UX SRP v2 to HP-UX Containers v3 easy for administrators.