container_hp9000.5 (2012 03)

ManualsBrandsHP ManualsSoftwareHP-UX Manpages

CONTAINER_HP9000(5) CONTAINER_HP9000(5)

(HP Integrity Systems only)

NAME

container_hp9000 - description of HP 9000 Containers

DESCRIPTION

HP 9000 Containers is a set of tools that enable quick transition of application environment from an HP

9000 server to an HP-UX 11i v3 operating system instance on an HP Integrity server. It provides a

mechanism to re-host the complete HP 9000 user-space environment without the need to re-compile and

re-install individual applications and with minimal re-conﬁguration and application inventory prepara-

tion effort.

The transitioned applications will reside in a chroot environment (called the HP 9000 Container) along

with HP 9000 commands and libraries. An HP 9000 container will have its own IP address and login

credentials. It can be started, stopped, exported, imported, modiﬁed and deleted. However it cannot sup-

port applications that are kernel intrusive and those related to system management.

HP 9000 Containers is built on two key HP-UX technologies:

• The

HP ARIES dynamic binary translator (aries (5)) which provides the execution layer, and

•

HP-UX Containers (formerly, HP-UX Secure Resource Partitions - SRP; see container (1M)

and srp(1M)), which provides the ability to create secure isolated execution environments on the

same HP-UX instance.

PRE-REQUISITES

HP 9000 Containers product depends on following softwares being pre- installed and conﬁgured.

1. HP-UX 11i v3 March 2011 update (or later)

2. HP-UX Containers A.03.01 (or later)

3. HP ARIES patch PHSS_41423 (or later)

4. Perl version 5.8.8 (or later)

5. HP-UX SecureShell version A.05.00.012 (or later)

HP 9000 CONTAINERS MODELS

HP 9000 Containers v3 (A.03.00 and later) supports two container models - system and classic. The key

differences are summarized below.

HP 9000 system container HP 9000 classic container

Support for inetd services - access No support for inetd services.

to container using telnet, ftp, rlogin Access only through SSH based

remsh and rexec protocols

SSH based access only if SSH is SSH based access is supported

available in the HP 9000 image even if there is no SSH in HP

9000 image

Support for SD patching inside Support only for non-SD patching

containers (with few exceptions) inside container

Multiple HP 9000 system containers Only one classic container

can co-exist supported per HP-UX instance

Can co-exist with native HP-UX Cannot co-exist with native

containers HP-UX containers

Fully private HP 9000 ﬁle system Parts of the HP 9000 ﬁle system

is shared with the host (mainly

/etc, /dev, /tcb and part of

/var)

User/group management inside container User/group management on the host

HP-UX 11i Version 3: March 2012 − 1 − Hewlett-Packard Company 1

Summary of content (10 pages)

PAGE 1
CONTAINER_HP9000(5) CONTAINER_HP9000(5) (HP Integrity Systems only) NAME container_hp9000 - description of HP 9000 Containers DESCRIPTION HP 9000 Containers is a set of tools that enable quick transition of application environment from an HP 9000 server to an HP-UX 11i v3 operating system instance on an HP Integrity server.
PAGE 2
CONTAINER_HP9000(5) CONTAINER_HP9000(5) (HP Integrity Systems only) A cA Most commands report container relative information Some commands report system wide information Can host applications using RPC service registration Some applications using RPC service registration may fail to start Run level support inside container Partial run level support Mount support inside container No mount support inside container No support for user accounting and quotas Accounting and quotas can be enabled sinc
PAGE 3
CONTAINER_HP9000(5) CONTAINER_HP9000(5) (HP Integrity Systems only) transient files. Setting up User Environment for Recovery on HP Integrity Servers For HP 9000 system container model: If cpio, tar or fbackup was used to create the image, there is no need to set up any user environment prior to recovery. If any other tool was used for creating the image, refer to HP 9000 Containers Administrator´s Guide for caveats and workarounds.
PAGE 4
CONTAINER_HP9000(5) CONTAINER_HP9000(5) (HP Integrity Systems only) HP 9000 system container can be created using: $ srp -add -t hp9000sys HP 9000 classic container can be created using: $ srp -add -t hp9000cl If is recommended to continue using IPv4 address if HP 9000 system was configured with IPv4 address.
PAGE 5
CONTAINER_HP9000(5) CONTAINER_HP9000(5) (HP Integrity Systems only) Configuring Printers Save spooler configuration on the HP 9000 server using lpmgr.
PAGE 6
CONTAINER_HP9000(5) CONTAINER_HP9000(5) (HP Integrity Systems only) $ srp -replace -s init HP 9000 classic container: User management needs to be performed in the global compartment using login groups. To add a new user: $ groupmod -a -l Adding all users of a group: $ roleadm assign SRPlogin- Modifying IP Address Stop the container before applying configuration changes.
PAGE 7
CONTAINER_HP9000(5) CONTAINER_HP9000(5) (HP Integrity Systems only) HP 9000 classic container: It is advised to take backup at system level on host, because a part of the container file system is shared with the host.
PAGE 8
CONTAINER_HP9000(5) CONTAINER_HP9000(5) (HP Integrity Systems only) Wrapper tool for extracting frecover, tar, or cpio images into HP 9000 Container root directory. • /opt/HP9000-Containers/bin/hp9000_xinetd_setup Configures xinetd inside HP 9000 classic container. • /opt/HP9000-Containers/bin/hp9000_xinetd_cleanup Removes xinetd configuration from HP 9000 classic container.
PAGE 9
CONTAINER_HP9000(5) CONTAINER_HP9000(5) (HP Integrity Systems only) 2. Applications not qualified for ARIES binary compatibility requirements 3. System management applications 4. General applications in global compartment 5. Container as DHCP, DNS, LDAP, NFS, NIS, mail server or as an IP router 6. Using long node name/host name, enabling large PIDs, using large base size (may cause older applications to fail). Refer to HP 9000 CONTAINERS MODELS for system vs classic model specific limitations.
PAGE 10
(Notes) A (Notes) cA 10 Hewlett-Packard Company −1− HP-UX 11i Version 3: March 2012