HP-UX Virtual Partitions Administrator's Guide (includes A.04.06 and A.05.04)

ManualsBrandsHP ManualsSoftwareHP-UX Virtual Partitions (vPars) Software

291

292

293

294

295

296

297

298

299

300

Table Of Contents

HP-UX Virtual Partitions Administrator’s Guide
Table of Contents
About This Document
- Publication History
1 Introduction
- What Is vPars?
  - Product Features
  - Why Use vPars?
- Supported Environments
- HP Product Interaction
- Ordering vPars
2 How vPars and Its Components Work
- Partitioning Using vPars
- vPars Monitor and Database
  - vPars Monitor
  - vPars Partition Database
- Boot Sequence
  - Boot Sequence: Quick Reference
  - Boot Sequence: The Details
- Virtual Consoles
  - nPartition Logs
  - MCA (Machine Check Abort) Logs on Integrity Systems
    - Description
    - Location of Log Files
- Security
- EFI and Integrity Notes
- Integrity Differences Relative to PA-RISC
- Comparing vPars on PA-RISC and Integrity
- Comparing vPars Versions
- Resource Migration and Required States
- Transitioning from vPars A.03.xx to vPars A.04.xx/A.05.xx (CPU Syntax and Rules)
3 Planning Your System for Virtual Partitions
- Full ioscan Output of Non-Cellular System Named winona
- Full ioscan Output of Cellular (nPartitionable) System Named keira
- Planning, Installing, and Using vPars with an nPartitionable Server
  - I/O Hardware Paths
    - Impact on vPars Commands: Specifying I/O
  - CPU Hardware Paths
    - Impact on vPars Commands: Specifying CPU
- Planning Your Virtual Partitions
- Mixed HP-UX 11i v1/v2 vPars Environments in vPars A.04.05
  - Features of Mixed HP-UX 11i v1/v2 vPars Environments
  - Feature Summary
- Mixed HP-UX 11i v2/v3 vPars Environments in vPars A.05.xx
- Mixed HP-UX 11i v1/v2/v3 vPars Environments in vPars A.05.03
  - Features of Mixed HP-UX 11i v1/v2/v3 vPars Environments
  - Features Summary
4 Installing, Updating, or Removing vPars and Upgrading Servers with vPars
- Notes, Cautions, and Other Considerations Before You Update or Install vPars
  - Notes
  - Cautions
  - Other Considerations
- Bundle Names
  - vPars Product Bundles
  - vPars-related Bundles (A.03.xx and earlier)
    - Installing and Removing vPars-related Bundles
- Setting Up the Ignite-UX Server
  - Ignite-UX Versions
  - Determining the Ignite-UX Version
  - Ignite-UX Cookbook
- Ignite-UX, the LAN, the LAN card, and vparboot -I
  - PA-RISC
  - Integrity
- Updating from vPars A.04.xx to A.05.xx
  - Update-UX Preparation Steps
    - OE Bundle Names for Update-UX
  - The Update Process: Goal
  - The Update Process
- Updating from vPars A.03.xx to Mixed HP-UX 11i v1/v2 vPars (A.03.05 and A.04.05) Environment
  - Overview of the Mixed HP-UX 11i v1/v2 vPars Environment Update Process
  - Update-UX Primer
    - OE Bundle Names for Update-UX
    - vPars Bundle Names for Update-UX
  - Changing nPartition Boot Paths To Boot the vPars A.04.xx Monitor
  - The Update Process for Mixed HP-UX 11i v1/v2 vPars Environments: Step by Step Details
- Migrating from vPars A.03.xx to Mixed HP-UX 11i v1/v2/v3 vPars (A.03.05, A.04.02 or later, A.05.03)
- Updating from vPars A.04.xx to Mixed HP-UX 11i v2/v3 vPars (A.04.xx and A.05.xx) Environment
  - Update-UX Primer
    - OE Bundle Names for Update-UX
    - vPars Bundle Names for Update-UX
  - Changing nPartition Boot Paths To Boot the vPars A.05.xx Monitor
  - The Update Process: Goal
  - The Update Process: Step by Step
- Updating from vPars A.03.xx to A.05.xx
  - General Process for A.03.xx to A.05.xx Workaround (PA only)
- Updating from vPars A.03.xx to A.04.xx
  - The Steps
- Updating vPars A.03.xx to vPars A.03.05
  - The vPars A.03.05 Update Process
- Updating from vPars (A.02.xx or A.03.xx) to A.03.xx
- Applying a vPars Sub-System Patch
- Upgrading Integrity Servers from the sx1000 to sx2000 Chipset
  - Hardware Path Changes
  - vPars Database Changes
  - Hardware Path Tables
- Upgrading HP 9000 Servers from the sx1000 to sx2000 Chipset
  - Hardware Path Changes
  - vPars Database Changes
  - Hardware Path Tables
- Upgrading Backplanes from PCI to PCI-X
- Updates Involving VPARSBASE
- Installing vPars with Ignite-UX on PA-RISC
- Installing vPars with Ignite-UX on Integrity
- Installing vPars with Software Distributor
- Removing the vPars Product
  - From a Single Virtual Partition
  - From the Entire System
5 vPars Monitor and Shell Commands
- Notes on Examples in this Chapter
  - Syntax of Example Commands
  - Example Server
- Modes: Switching between nPars and vPars Modes (Integrity Only)
  - Modes
  - Commands to Set the Mode
    - Differences Between vparconfig and parconfig
  - Usage Scenarios
- EFI Boot Disk Paths, including Disk Mirrors, and vparefiutil (Integrity Only)
- vPars Monitor: Booting the vPars Monitor
- vPars Monitor: Accessing the vPars Monitor Prompt
- vPars Monitor: Using vPars Monitor Commands
  - Booting
  - Displaying Information
- vPars Monitor: Using the vPars Monitor Commands from ISL or EFI
- Commands: vPars Manpages
- Commands: vPars Commands Logging
  - Log File Location and Log Format
  - Cases Where No Logging Occurs
  - Cases Where Logging Occurs
  - Constraints and Restrictions to Logging
  - Syslog and Priority and Facility Codes
- Commands: Displaying vPars Monitor and Resource Information (vparstatus)
  - Virtual Partition States
  - vparstatus Output Examples
  - vparstatus: Summary Information
  - vparstatus: Verbose Information
  - vparstatus: Available Resources
  - vparstatus: CPU Information on vPars A.04/A.05
  - vparstatus: Dual-Core CPUs
  - vparstatus: Pending Migrating CPUs Operations
  - vparstatus: Pending Migrating Memory Operations
  - vparstatus: Base and Float Memory Amounts
  - vparstatus: Pending nPartition Reboot for Reconfiguration
  - vparstatus: vPars Monitor and Database Information
- Managing: Creating a Virtual Partition
- Managing: Removing a Virtual Partition
- Managing: Modifying Attributes of a Virtual Partition
- Booting a Virtual Partition
- Shutting Down or Rebooting a Virtual Partition
  - When to Shutdown All Virtual Partitions
- Shutting Down or Rebooting the nPartition (Or Rebooting the vPars Monitor)
- Setboot and System-wide Stable Storage
- Using Primary and Alternate Boot Paths
  - Autoboot and Autosearch Attributes
  - Setting the Primary or Alternate Boot Paths
  - Using Primary and Alternate Paths with nPartitions
  - Booting Using the Primary or Alternate Boot Paths
- Autoboot
  - The AUTO File on a Virtual Partition
  - Autobooting the vPars Monitor and Virtual Partitions
- Single-User Mode
  - Example: A Hung Partition
- Other Boot Modes
  - Maintenance Mode
  - Overriding Quorum
  - Changing the LVM Boot Device Hardware Path for a Virtual Partition
- Resetting a Virtual Partition
  - Hard Reset
  - Soft Reset
- Using an Alternate Partition Database File
  - Example
- Managing Resources With Only One Virtual Partition
6 CPU, Memory, and I/O Resources (A.05.xx)
- I/O: Topics
- I/O: Concepts and Functionality
  - System, Cells, SBA, LBA, Devices and Relationships
- I/O: Adding or Deleting LBAs
  - I/O Syntax in Brief
  - Examples
- I/O: Allocation Notes
- Memory: Topics
- Memory: Concepts and Functionality
  - Definitions for Assigning (Adding) Or Deleting ILM or CLM Memory
  - Definitions for Dynamically Migrating ILM or CLM Memory
    - Syntax for Assigning (Adding) and Deleting Base and Float Memory
    - Performance Note for Base versus Float Memory Amounts
  - Advanced Topic: Granularity
- Memory: Assigning (Adding) or Deleting by Size (ILM)
  - Syntax
  - Examples
- Memory: Assigning (Adding) Or Deleting by Size (CLM)
- Memory: Assigning (Adding) Or Deleting by Address Range
  - 2 GB Restriction (PA-RISC only)
- Memory: Available and Assigned Amounts
  - vparstatus: Available ILM and CLM Memory
  - vparstatus: Base and Float Memory Amounts
- Memory: Converting Base Memory to Float Memory
- Memory: Granularity Concepts
  - Granularity Value Locations
- Memory: Granularity Issues (Integrity and PA-RISC)
- Memory: Setting the Granularity Values (Integrity)
  - Syntax
  - Commands
  - vparenv
  - vparcreate
  - Usage Scenarios
- Memory: Setting the Granularity Values (PA-RISC)
  - Syntax
  - Commands
  - vparcreate
  - Usage Scenario
- Memory: Notes on vPars Syntax, Rules, and Output
  - Memory: CLI Rules for Dynamic Migration of Memory
  - Memory: Allocation Unit Notes
- CPU: Topics
- CPU: Concepts and Functionality
  - CPUs: Definitions for CPUs
- CPU: Specifying Min and Max Limits
- CPU: Adding and Deleting by Total
  - vparcreate
  - vparmodify
- CPU: Adding or Deleting by CLP (Cell Local Processor)
- CPU: Adding or Deleting by Hardware Path
  - Using both the Hardware Path Specification and CLP specification
- CPU: Notes on vPars Syntax, Rules, and Output
  - CPU: CLI Rules for Dynamic Migration of Memory and CPU
  - CPU: Deleting CPUs Summary
  - CPU: vparstatus
  - CPU: Counts Summary
- CPU: Dual-Core Processors
  - Determining If the System Has Dual-Core Processors
  - Determining Sibling CPUs
- CPU: Hyperthreading ON/OFF (HT ON/OFF)
- CPUs: Managing I/O Interrupts
  - intctl Command
  - Notes
- CPU: CPU Monitor (Formerly Known As LPMC Monitor)
- Memory, CPU: Canceling Pending Operations
  - Status: Pending
  - Cancel Pending Usage
7 CPU, Memory, and I/O Resources (A.04.xx)
- I/O: Concepts
  - Acronyms
  - System, Cells, SBA, LBA, Devices and Relationships
- I/O: Adding or Deleting LBAs
  - I/O Syntax in Brief
  - Examples
- I/O: Allocation Notes
- Memory: Concepts and Functionality
  - Acronyms
  - Assignments
  - Granularity
- Memory: Assigning by Size (ILM)
  - Syntax
  - Examples
- Memory: Assigning by Size (CLM)
- Memory: Specifying Address Range
  - 2 GB Restriction (PA-RISC only)
- Memory: Granularity Concepts
  - Granularity Value Locations
- Granularity Issues (Integrity and PA-RISC)
  - Granularity described in vparresources(5)
- Memory: Choosing a Granularity Value and Boot Time (Integrity)
  - The Goal
- Memory: Setting the Granularity Values (Integrity)
  - Syntax
  - Commands
  - vparenv
  - vparcreate
  - Usage Scenarios
- Memory: Setting the Granularity Values (PA-RISC)
  - Syntax
  - Commands
  - vparcreate
  - Usage Scenario
- Memory: Allocation Notes
- CPU
- CPU: Boot Processor and Dynamic CPU Definitions
- CPU: Specifying Min and Max Limits
- CPU: Adding and Deleting by Total
  - vparcreate
  - vparmodify
- CPU: Adding or Deleting by CLP (Cell Local Processor)
- CPU: Adding or Deleting by Hardware Path
  - Using both the Hardware Path Specification and CLP specification
- CPU: Syntax, Rules, and Notes
  - vparstatus
  - Counts Summary
  - Deleting CPUs Summary
- Managing I/O Interrupts
  - intctl Command
  - Notes
- CPU: Using iCAP (Instant Capacity on Demand) with vPars (vPars A.04.xx and iCAP B.07)
  - Purchasing Licenses for iCAP CPUs
  - Activating and Deactivating CPUs
  - Assigning and Unassigning CPUs
  - Intended Active Boundary
- CPU: Dual-Core Processors
  - Determining If the System Has Dual-Core Processors
  - Determining Sibling CPUs
- CPU: CPU Monitor (Formerly Known As LPMC Monitor)
8 CPU, Memory, and I/O Resources (A.03.xx)
- I/O: Concepts
  - Acronyms
  - System, Cells, SBA, LBA, Devices and Relationships
- I/O: Adding or Deleting LBAs
  - I/O Syntax in Brief
  - Examples
- I/O: Allocation Notes
- Memory: Concepts and Functionality
  - Acronyms
  - Assignments
- Memory: Assigning by Size (ILM)
  - Syntax
  - Examples
- Memory: Specifying Address Range
  - 2 GB Restriction
- Memory: Allocation Concepts and Notes
- CPU
- CPU: Specifying Min and Max Limits
- CPU: Bound and Unbound
  - Definitions
- CPU: Determining Whether to Use Bound or Unbound
- CPU: Determining When to Specify a Hardware Path for a Bound CPU
- CPU: Adding and Removing Bound CPUs
  - CPU Allocation Syntax In Brief
    - Syntax for vparcreate
    - Note on vparmodify Syntax
- CPU: Adding a CPU as a Bound CPU
  - Choosing the Hardware Path of a Bound CPU
- CPU: Removing a Bound CPU
  - CPU: Removing a CPU with a Specified Hardware Path
- CPU: Adding, Removing, and Migrating Unbound CPUs
- CPU: Managing I/O Interrupts
  - intctl Command
  - Notes
- CPU: Dual-Core Processors
  - Determining If the System Has Dual-Core Processors
  - Determining Sibling CPUs
- CPU: CPU Monitor (Formerly Known As LPMC Monitor)
9 nPartition Operations
- Basic Conceptual Points on using vPars within nPartitions
- nPartition Information
- Setting Hyperthreading (HT ON/OFF) and cpuconfig Primer
  - vPars Monitor
  - cpuconfig
- Rebooting and Reconfiguring Conceptual Points
- Reconfiguring the nPartition
  - Reconfiguring an nPartition (Integrity)
    - From nPars mode:
    - From vPars mode:
  - Reconfiguring an nPartition (PA-RISC)
- Putting an nPartition into an Inactive State and Other GSP Operations
- Configuring CLM for an nPartition
10 Crash Processing and Recovery
- Crash Processing
- Network and Tape Recovery
- Expert Recovery
11 vPars Flexible Administrative Capability
- Synopsis
- Terms and Definitions
- Flexible Administrative Capability Commands
- monadmin
  - Basic Syntax and Usage
- vparadmin
  - Basic Syntax and Usage
- Persistence across vPars Monitor Reboots
- vPars Commands
- Example vPars Monitor Scenario (monadmin)
  - Turning On The Flexible Administrative Capability Feature
  - Adding Virtual Partitions to the Designated-admin Virtual Partition List
- Example HP-UX Shell Scenario (vparadmin)
12 Virtual Partition Manager (A.03.xx)
- About the Virtual Partition Manager (vparmgr)
A LBA Hardware Path to Physical I/O Slot Correspondence (PA-RISC only)
- rp5470/L3000 I/O Block Diagram
- rp7400/N4000 I/O Block Diagram
- rp7410 and rp7405 PCI I/O Block Diagram
- rp8400 PCI I/O Block Diagram
- Superdome (SD16000, SD32000, SD64000) PCI I/O Block Diagram
B Problem with Adding Unbound CPUs to a Virtual Partition (A.03.xx)
- Symptoms
- Cause
  - Example
  - The Workaround: Reboot the Target Virtual Partition
C Calculating the Size of Kernels in Memory (PA-RISC only)
- Calculating the Size of a Kernel
- Examples of Using the Calculations
  - Changing Dynamic Tunables
  - Migrating OSs from non-vPars Servers to a vPars Server
D Memory Usage with vPars in nPartitions
- nPartition Firmware
- Firmware Partitions (fPars)
- vPars Monitor
- Example System
E Moving from a Standalone to vPars
F Supported Configurations for Memory Migration
Glossary
Index

11 vPars Flexible Administrative Capability

This chapter discusses the concepts and tasks on using the vPars Flexible Administrative

Capability feature (formerly called Primary-Admin vPars Security). With this feature, you can

specify vPars administration capabilities for zero, one, or more designated virtual partitions.

Only superusers within the designated virtual partitions can perform the vPars administration

commands that affect other virtual partitions; a superuser within a non-designated virtual

partition can perform only operations that affect itself.

Additionally, for this flexible administrative capability to work, all the virtual partitions must

be running the same version of vPars, except in the case of a mixed HP-UX 11i vPars environment

(such as a mixed HP-UX 11i v2/v3 vPars environment).

Flexible administrative capability is supported for vPars A.03.03 and later, vPars A.04.02 and

later, and vPars A.05.01 and later.

Flexible administrative capability is supported in mixed HP-UX 11i vPars environments. However,

HP recommends that in mixed environments the designated administrative virtual partitions

be ones that are capable of performing all administrative functions. For example, in a mixed

HP-UX 11i v2/v3 vPars environment only the HP-UX 11i v3 partitions (running vPars A.05.xx)

can perform vparmodify, vparremove, and vparcreate operations on other partitions. If

only the HP-UX 11i v2 partitions were designated administrative partitions, then vPars

administration abilities would be limited for that environment.

NOTE:

Applying RBAC to vPars A.04.01 White Paper You can apply the existing HP-UX Security

feature RBAC (Role-based Access Control) to vPars A.04.01. For information, see the white paper

titled Securing Virtual Partitions with HP-UX Role-Based Access Control available at http://

docs.hp.com.

HP-UX Security and other Security Applications This feature is not intended to replace existing

HP-UX security or security applications. It provides as a way to limit intentional access but is

not intended to substitute security or security application that eliminate malicious or unintentional

circumvention of commands or provide kernel level security isolation. This feature is intended

to address tighter vPars administration control requirements in certain customer deployments.

Synopsis

The vPars Flexible Administrative Capability feature restricts the usage of specific vPars commands

such that they can be successfully executed from only designated virtual partitions.

The specific vPars commands that are restricted are those that can alter other virtual partitions,

such as vparmodify or vparreset.

The designated virtual partitions are known as designated-admin virtual partitions and are designated

by being explicitly added to the designated-admin virtual partitions list. Virtual partitions that

are not in the list are considered non-designated-admin virtual partitions. When a superuser executes

a command that affects another partition from within a non-designated-admin virtual partition,

the command will fail.

When the flexible administrative capability feature is ON (enabled), a virtual partition can be

added to (or deleted from) the list from either the vPars Monitor prompt without a password or

the HP-UX shell prompt by superusers who know the flexible administrative capability password.

The flexible administrative capability feature can be set to either ON (enabled) or OFF (disabled)

but only from the vPars Monitor prompt (MON>).

Synopsis 291