Manualshelf

Reference Architecture: Consolidating Oracle Databases with Secure Resource Partitions in a Serviceguard Cluster Whitepaper

ManualsBrandsHP ManualsSoftwareHP-UX Containers (SRP)
11121314151617181920
14
Task 2: Creating the Oracle file systems
Before logging in to the SRP, installing the Oracle software, and creating an Oracle database, you
must create the file systems that the Oracle installation will use.
In this example, two file systems are used for the Oracle installation and database files:
/var/hpsrp/MKTPRD/u01 for the Oracle software
/var/hpsrp/MKTPRD/u02 for the MKTPRD database files
See Appendix C: Creating shared logical volumes for commands to create the volume group, logical
volumes, and file systems used in this deployment.
If you are not using Serviceguard, add an fstab entry to the SRP private fstab file for each file system
to have them mounted or unmounted when the SRP is started and stopped. For Serviceguard
deployments, the file systems will be mounted and unmounted when the package runs on the system.
# /usr/bin/echo "/dev/vgMKTPRD/MKTPRD_DB /var/hpsrp/MKTPRD/u01 vxfs
defaults 0 2 " >> /var/hpsrp/MKTPRD/etc/fstab
# /usr/bin/echo "/dev/vgMKTPRD/MKTPRD_SW /var/hpsrp/MKTPRD/apps vxfs
defaults 0 2 " >> /var/hpsrp/MKTPRD/etc/fstab
Task 3: Modifying compartment rules
Applications or commands executed from the SRP private directory (/var/hpsrp/<SRP_NAME>),
including child directories, might encounter an error if it attempts to traverse the directory structure
from the current directory to /, usually to obtain the current working directory path (for example,
getcwd). The default SRP rules do not give SRPs read access to the /var/hpsrp directory, which might
cause a command to fail. To avoid the issue, you must enter cd for the root directory to execute the
command or start the application.
Patches PHKL_40506 & PHCO_40507 or ContainmentExt (B.11.31.02) introduce a new file system
rule, nread, that enables a process to read a directory without giving the process read access to child
directories, thus avoiding the issue.
If the previously listed product or patches are installed, modify (as root) the SRP compartment rules file
(/etc/cmpt/MKTPRD.rules):
1. Change the line: perm nsearch /var/hpsrp:
perm nread /var/hpsrp
2. Execute the setrules command:
# /usr/sbin/setrules
Task 4: Starting the SRP
Using the srp start command, start SRP. The SRP LAN interface will start, mount any file systems
listed in the /var/hpsrp/MKTPRD/etc/fstab file, and start the SSH server (sshd) in the SRP to allow
remote login.