Manualshelf

Best Practices for Deploying HP-UX Secure Resource Partitions (SRP) for SAP Whitepaper

ManualsBrandsHP ManualsSoftwareHP-UX Containers (SRP)
11121314151617181920
12
later for the SAP installation as the virtual hostname (vhost). If each SAP system will run
logically on a different host, the use of virtual hostnames is recommended.
5. Configure on the host in the INIT compartment as root user with the command srp_setup.
For details about how to use srp_setup, refer to the SRP Administrators Guide.
At a minimum, the following services must be activated:
cmpt
admin
init
login
network
provision
6. After initially calling srp_setup, login problems with another user than root to the INIT
compartment might occur. See the section,How to enable login to the INIT compartment
in this white paper for a solution to the problem.
7. Create the SRP compartment and configure the base template with the optional hostname,
IP-Address and login group with the command “srp a <compartment>” as described in the
SRP Administrators Guide
.
Include the sshd template.
8. To include the SAP specific rule files, copy the script from the section of this white paper,
Script add_new_system”, into a new file on your system. Copy the file SAP_INST.h to
/etc/cmpt/include. Grant execution permission to the script add_new_system and call it as
root user in the INIT compartment:
add_new_system <SRP compartment> <SID> <DBSID> <Systemnr> INST
The allow rule file for the compartment and a general Block rule file for other compartments
will be created and added to the compartment as a custom include file.
9. If the IPFilter service will be used, refer to the SAP document, TCP/IP Ports Used by SAP
Applications to see which ports have to be enabled.
10. For SAP products based on 6.40 and following:
Log in to your newly created SRP compartment with the root user assigned to this
compartment using ssh. Start the sapinst. If a virtual hostname is used for the SRP
compartment, use the sapinst option “SAPINST_USE_HOSTNAME= <hostname>”.
11. Follow the sapinst routine as described in the respective SAP installation document. If
another Oracle listener already exists on the host (e.g. in another SRP compartment), make
sure to change the default entry of the port of Oracle listener during the parameter input
phase; it cannot be equal to any other port used on the system.