Manualshelf

Best Practices for Deploying HP-UX Secure Resource Partitions (SRP) for SAP Whitepaper

ManualsBrandsHP ManualsSoftwareHP-UX Containers (SRP)
12345678910
3
Deploying SRP
SRP basic overview
HP-UX Secure Resource Partitions (SRP) version 2 enables you to create and manage SRP
compartments that provide isolated execution environments for applications. Each SRP compartment
can have:
A compartment home directory tree, which is isolated from other compartments
A dedicated IP interface
Isolated inter-process communication (IPC)
A compartment-specific login environment
Dedicated CPU and memory resources
Per-compartment initialization and shutdown capabilities that function as would a single system
Compartment-specific network security policies
Because SRP enables you to configure and control these features on a per-compartment basis, each
compartment forms an isolated execution environment. You can create multiple SRP compartments in
a single image of an HP-UX operating system which enables you to consolidate multiple applications
on a single HP-UX OS image. SRP can be used easily within HP-UX Virtual Partitions (vPar) or HP VM.
The configuration data for an SRP compartment encompasses data for multiple HP-UX subsystems and
features, including HP-UX Security Containment and HP PRM.
SRP identifies these data using tags, or special text identifiers. These references enable you to
configure and manage the parameters for these subsystems as a single unit. Adding an SRP
compartment creates configuration data for multiple HP-UX services; deleting an SRP compartment
removes all data configured for the compartment.
SRP does not deliver different OS environments for each compartment; only one OS environment is
available per host. Having one available environment can be an advantage for OS administration but
could have another impact when different OS environments are required for different applications. If
different environments are required, vPar or HP VM could be used.
The performance overhead of SRP is very low because this solution comes with a very small footprint
on the OS. The software lifecycle is also very short; SRP compartments can be created and deleted
very easily.