HP-UX Containers (SRP) A.03.00 Administrator's Guide
11
based file system view, hostname, IPC namespace, and service daemons. Common system
administration activities such as user management are performed within each system
container.
• Workload: Provides lightweight workload hosting environment. All workload containers
share the global file system view, hostname, IPC namespace, and service daemons. System
administration activities are shared with the global view.
•
HP9000: Provides a PA-RISC emulation environment to support consolidation of PA-RISC
based HP-UX workloads to Integrity servers. The HP9000 containers product must be
separately installed, in addition to the HP-UX Containers product. For more information on
HP9000 containers, including HP-UX Containers version compatibility, refer to HP 9000
Containers Administrator’s Guide.
For more information on choosing and managing container types, see 14 Container types.
1.6 Global view
When you enable HP-UX Containers on a system, all processes not executing within a container
execute in the global view. Sessions logging in via the system console, or connecting via telnet or
SSH to server IP addresses not assigned to any container, will execute in the global view.
The global view has no access restrictions and therefore can view and manage processes in the
global view and
all containers. System administration activity that you must perform in the global
view includes installing Software Distributor (SD) packaged software, device management, network
interface management, setting kernel tunables, and executing system management utilities such as
smh(1M), and srp(1M). You can perform file backup and recovery in either the global view or from
within the individual containers.
As the global view has unrestricted access to system resources, HP recommends that you use the
global view for system management activities. Hosting of general purpose application workload
should occur within a container. HP also recommends that users provided with the root account to a
system container not be provided any account access to the global view.
You can determine if your session is executing within a container or the global view by using the
getprocxsec -c command. The getprocxsec command will return init as the compartment
name if your session is executing within the global view, or the container name if your session is
executing within a container.
Figure 1.1 shows an HP-UX Integrity server with HP-UX Containers installed, including the global view,
and three containers: two system containers and one workload container. Each container has a
dedicated IP interface, isolated container home directory (/var/hpsrp/container_name),
container dedicated processor set (pset), and separate instances of service daemons running. Each
system container utilizes a private set of service daemons, while all workload containers share most
service daemons with the server.