Manualshelf

HP-UX Secure Resource Partitions (SRP) A.02.02 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX Containers (SRP)
12345678910
7
1 Introduction
This chapter addresses the following topics:
1.1 Product Overview
1.2 SRP Components
1.3 Planning Considerations and Best Practices
1.4 Installing SRP
1.5 Migrating to A.02.02
1.1 Product Overview
HP-UX Secure Resource Partitions (SRP) provides a lightweight workload consolidation environment that
enables you to consolidate multiple workloads within a single instance of the HP-UX operating system. SRPs
share a single Operating system kernel, system service daemons, administrative domain and file system
namespace.. Each SRP compartment can have:
A compartment home directory tree, which is isolated from other compartments.
A dedicated IP interface.
Isolated interprocess communication (IPC).
A compartment-specific login environment.
Dedicated CPU and memory resources.
Per-compartment initialization and shutdown capabilities. You can start or stop an SRP
compartment as you would start or stop a single system.
Compartment-specific network security policies.
Because SRP enables you to configure and control these features on a per-compartment basis, each
compartment forms an isolated execution environment. You can create multiple SRP compartments in
a single image of an HP-UX operating system, which enables you to consolidate multiple applications
on a single HP-UX OS image.
The configuration data for an SRP compartment encompasses data for multiple HP-UX subsystems and
features, including HP-UX Security Containment and HP Process Resource Manager (PRM). SRP
identifies this data using tags, or special text identifiers. This enables you to configure and manage
the parameters for these subsystems as a single unit. Adding an SRP compartment creates
configuration data for multiple HP-UX services, and deleting an SRP compartment removes all data
configured for the compartment. For more information about SRP tags, see 16.3.1 Tag Formats.
Figure 1.1 shows a system with two SRP compartments. Each compartment has a dedicated IP
interface, isolated compartment home directory (/var/hpsrp/srp_name), compartment login
group, dedicated processor set (pset), and separate instances of network daemons running.