Reference Architecture: Consolidating Oracle Databases with Secure Resource Partitions in a Serviceguard Cluster Whitepaper

Introduction to Secure Resource Partitions

HP-UX Secure Resource Partitions version 2 (SRPv2) provides an environment for securely

consolidating multiple workloads within a single image of the HP-UX 11i operating system. HP SRPv2

uses Security Containment to provide secure isolation between SRPs. HP Process Resource Manager

(PRM) enforces CPU and memory resource entitlements for each SRP. HP SRPv2 is a component of the

Partitioning Continuum for HP-UX that offers high efficiency in resource utilization and maximum

flexibility and performance for your application consolidation.

With HP SRP v2, administrators can create and manage SRP compartments with a single tool. Each

SRP compartment can have:

 A compartment home directory tree, which is isolated from other compartments

 A dedicated IP interface

 Isolated inter-process communication (IPC)

 A compartment-specific login environment

 A dedicated or guaranteed CPU using PRM PSET or FSS guaranteed shares CPU manager

 Guaranteed memory allocation using PRM memory manager

 Initialization and shutdown capabilities for each compartment

 Compartment-specific security policies

Configuring and controlling these features for each compartment enables administrators to create an

isolated execution environment. You can create multiple SRP compartments in a single image of an

HP-UX operating system, which enables you to consolidate multiple workloads on a single HP-UX

operating system image.

The managed configuration for an SRP compartment encompasses data for multiple HP-UX subsystems

and features, including HP-UX Security Containment, HP PRM, and Networking. SRP identifies this

data using tags, or special text identifiers. These identifiers enable you to configure and manage the

parameters for these subsystems as a single unit. Adding an SRP compartment creates configuration

data for multiple HP-UX subsystems. Deleting an SRP compartment removes all data configured for the

compartment.

Conventions used in the document

The remainder of this document provides details on how to deploy an Oracle database server within

an SRP. Throughout the document, callouts in shaded blue boxes discuss differences between a

standalone deployment and a deployment using Serviceguard. You perform some tasks differently

when integrating the deployment with Serviceguard. Note these differences as you proceed through

the document. For Serviceguard deployments, you must perform additional tasks to complete the

integration. For more details, see Step 4: Completing the Serviceguard configuration (only required

for Serviceguard integration).

For detailed information on any of the features or technologies discussed in this document, see the For

more information section for links to online documentation.

Oracle deployment choices

When consolidating multiple applications on a single system, administrators have several choices for

application installation and configuration. Oracle database servers are no different. The following

section discusses the different options available for deploying Oracle Database Server with SRP and

making choices appropriate for the architecture.