HP-UX Containers (SRP) A.03.01 Administrator's Guide
11
based file system view, hostname, IPC namespace, and service daemons. Common system
administration activities such as user management are performed within each system
container.
• Workload: Provides lightweight workload hosting environment. All workload containers
share the global file system view, hostname, IPC namespace, and service daemons. System
administration activities are shared with the global view.
•
HP 9000: Provides a binary emulation environment for HP-UX PA-RISC workloads. The HP
9000 Containers product is separately installed from the HP-UX Containers (SRP)
product. Once the HP-UX Containers (SRP) and HP 9000 Containers product are both
installed, you can use the srp(1M) command to create and manage HP 9000 Containers.
Refer to the HP 9000 Containers documentation (
http://www.hp.com/go/hp9000-
containers) for product version requirements, and details on how to configure and manage an
HP 9000 container.
For more information on choosing and managing container types, see 14 Container types.
1.6 Global view
When you enable HP-UX Containers on a system, all processes not executing within a container
execute in the global view. Sessions logging in via the system console, or connecting via telnet or
SSH to server IP addresses not assigned to any container, will execute in the global view.
The global view has no access restrictions and therefore can view and manage processes in the
global view and
all containers. System administration activity that you must perform in the global
view includes installing Software Distributor (SD) packaged software, device management, network
interface management, setting kernel tunables, and executing system management utilities such as
smh(1M), and srp(1M). You can perform file backup and recovery in either the global view or from
within the individual containers.
As the global view has unrestricted access to system resources, HP recommends that you use the
global view for system management activities. Hosting of general purpose application workload
should occur within a container. HP also recommends that users provided with the root account to a
system container not be provided any account access to the global view.
You can determine if your session is executing within a container or the global view by using the
getprocxsec -c command. The getprocxsec command will return init as the compartment
name if your session is executing within the global view, or the container name if your session is
executing within a container.
Figure 1.1 shows an HP-UX Integrity server with HP-UX Containers installed, including the global view,
and three containers: two system containers and one workload container. Each container has a
dedicated IP interface, isolated container home directory (/var/hpsrp/container_name),
container dedicated processor set (pset), and separate instances of service daemons running. Each
system container utilizes a private set of service daemons, while all workload containers share most
service daemons with the server.