HP-UX Containers (SRP) A.03.01 Administrator's Guide
9
1 Introduction
HP-UX Containers allows you to deploy multiple isolated container-based environments on a single
server platform. This allows the enterprise to host multiple workloads on a single operating system
instance, thereby better utilizing server resources (CPU, memory, network access) and data center
resources (power, cooling, footprint), and reduce the overall number of operating system instances to
manage. HP-UX Containers share a single operating system kernel, global server administrative
domain, and are configurable to either isolate or share system hardware and software resources.
1.1 HP-UX Containers overview
HP-UX Containers are nested within the HP-UX operating system. Processes within a container have
limitations on access to CPU, memory, networking, storage, file system, and other processes on the
system. Containers can be created, deleted, and cloned or migrated to another system. Containers
can be individually started (booted), stopped (shutdown), and restarted any time after system startup
has completed.
1.2 Resource management
HP-UX Containers supports the ability to allocate CPU and memory usage per container. By default,
each container on the system is assigned a Process Resource Manager (PRM) group. Each PRM
group can be assigned CPU and memory allocations. PRM provides two allocation models:
• Share based: Restrictions (excluding maximum utilization caps) are not applied until the
managed resource is fully utilized, at which the operating system scheduler or memory
manager applies an algorithm to allocate resources proportional to each PRM group’s share
size. This model ensures that individual containers can utilize available resources without
frequent tuning of allocations.
• Dedicated: The specified PRM group is allocated a fixed quantity of the resource for its
own exclusive use. This model guarantees immediate and complete access to the resource at
the expense of the ability to allow other PRM groups access to the currently unused resource.
Dedicated CPU allocation can be used to limit the software license requirements for some
software products.
You can apply a combination of resource allocation models on a single server. You can also choose
to disable the use of PRM, either to allow the use of a different resource allocation utility such as
Workload Manager (WLM) or Global Workload Manager (gWLM), or to disable per container
resource management for your server.
1.3 Network management
Each container is allocated one or more logical network IP address interfaces. By default, a container
will only be allowed access to its assigned interface. Multiple containers can utilize a single physical
network interface. HP-UX Containers supports the usage of IPv4 and IPv6 addresses, IPSec secured
transport, and IPFilter host firewall protection. HP-UX Containers supports the usage of Force-to-Wire
network interface option to ensure that network traffic between specified containers on the same
server will always traverse a physical network. For more information on network administration with
HP-UX Containers, refer to 12 Networking with containers.