- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- HP9000 system containers
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-01-2012 07:31 AM
02-01-2012 07:31 AM
Hi everybody, long time no posts (from me),
I am designing a solution for a customer who is looking to migrate off their old HP9000 PA-RISC kit.
They don't want to migrate any software to 11iv3 but do realise that they must get off the old hardware, so I am proposing a move to HP9000 system containers as a short-medium term solution, while they think about how to replace or upgrade their apps.
One of the limitations of these containers is that they don't support trusted mode security (/tcb etc). I think that this may be a consequence of emulated authentication.
Does anybody know if support for trusted mode security is planned in a future release of HP9000 system containers? It could be a show-stopper because the customer's security standards include password history and all the old boxes use it.
The documentation suggests that classic containers would be the only solution for this. However from what I can glean from the documentation it seems like a mess because it would entail a lot more work re-configuring the software; the system would be half in the container and half in the host VM; there would be a shared /etc and shared /var; half of the old o/s utilities won't work; I am not sure if classic containers would support 11.11. I think I would rather tell them to port to AIX.
The other issue I have is that they still have some old kit running HP-UX 10.20. Hopefully the old software will run happily within a HP9000 system container running at an upgrade to 11.11, within a VM at 11iv3, within a VM host at 11iv3, on an Integrity blade, within an enclosure running VC / flex-10 and VC for FC.
Steve
Solved! Go to Solution.
- Tags:
- trusted mode
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-01-2012 10:37 AM
02-01-2012 10:37 AM
Re: HP9000 system containers
>Does anybody know if support for trusted mode security is planned in a future release of HP9000 system containers?
Perhaps not since trusted mode is deprecated on 11.31.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-01-2012 09:59 PM
02-01-2012 09:59 PM
SolutionTrusted mode is supported only with HP 9000 classic containers. As you have discovered this model is less cleaner compared to system model as regards to file system and services isolation from the host OS environment.
HP 9000 Containers are built using HP-UX Containers (SRP) and utilize the features/capabilities provided by SRP for name space virtualization. Since trusted mode is deprecated on HP-UX 11i v3, SRP does not provide any name space virtualization capabilities for trusted mode security. Thus HP 9000 system containers do not support trusted mode. Alternative for trusted mode on HP-UX 11i v3 is SMSE (standard mode security extensions) which works with Integrity native HP-UX system containers. However, we cannot use SMSE for HP 9000 Containers built with HP-UX environments prior to HP-UX 11i v2. Furthermore, security infrastructure is invoked through the login process, thus plugging SMSE with older HP-UX environments inside HP 9000 system containers would be difficult to architect implement and likely to be error prone. Lack of trusted mode support inside HP 9000 system containers is not due to ARIES emulation inside contaienrs. ARIES passes down emulated application stystem calls to host OS kernel which lacks the name space virtualization capabilities for trusted mode.
If trusted mode with HP 9000 system containers is a critical business requirement in your case, please submit the issue/enhancement request to HP support center. Alternatively, you can use standalone ARIES mode without containers provided you can prepare application inventory (libraries, executables, config files etc) and dependencies for copying over to Integrity server.
On your comment about suggesting the client to port to AIX - if porting is an option, you can do so with comparatively lesser effort to HP-UX 11i v3 on HP Integrity servers.
Regards
-Rajesh
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-02-2012 06:25 AM
02-02-2012 06:25 AM
Re: HP9000 system containers
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-19-2012 12:54 PM
11-19-2012 12:54 PM
Re: HP9000 containers: Can v11.0 run in a "System" Container
Docs state "Classic" containers have been known to run 10.x and 11.0 environments.... Also states 10.x are not known to work in "System" Container. Can 11.0 run in a "System" container? Thanks!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-20-2012 10:34 PM
11-20-2012 10:34 PM
Re: HP9000 containers: Can v11.0 run in a "System" Container
There have been several instances of successful PoC projects and production deployments of HP-UX 10.20 / 11.0 legacy environments with HP 9000 system containers. This configuration is known to work but not supported. Please refer to more recent documentation on HP 9000 Containers.
http://h21007.www2.hp.com/portal/download/files/prot/files/hp9000/HP9000_Containers_Admin_Guide.pdf
Most recent product update to HP 9000 Containers (A.03.01.04) released during 10/2012 enables support for trusted mode environments with HP 9000 system containers. For software access, visit HP software depot home.
https://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=HP9000-Containers
Regards
-Rajesh
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-02-2013 10:28 AM
05-02-2013 10:28 AM
Re: HP9000 system containers
Recently My company accepted a support contract to move an 11.0 box into our datacenter emulated under Aries and Containers. I'd read through the Admin Guide and had a rough idea of how the system works. I'd also seen on the web site that there was training available.
We now have the new system to execute this and I tried to sign up for the training.
Well the Dates link took me to a "Call this number"
I did and was told they have no dates planned for the future.
The Admin Guide is not all inclusively written.(In fact it is lame on points of Vpar Npar and application integration.
I can't get training that Hop said was there on the website.
I don't see much user activity here in the Forums like ITRC used to have. (This environment is difficult to use)
I guess all that is available to be for help on this proprietary emulator is RTFM (Read The Freaking Manual) and buying professional services to do that that were not in the original budget.
I'm highly skilled all I really needed was to see a sample deployment in a class like was advertised on the web page.
Is there any other help Learning this product since it appears HP has simply resorted to RTFM?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-02-2013 10:38 AM
05-02-2013 10:38 AM
Re: HP9000 system containers
Thanks for responses. I've since - successfully - POC two 11.0 environments in Containers - SAP no less! Both on same server, but only can bring up one at a time due to kernel constraints I believe. Thanks again -
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-14-2013 12:16 PM
05-14-2013 12:16 PM
Re: HP9000 system containers
HP 9000 containers are to port a PA RISC environment to a itanium box unmodified. You restore a PA RISC backup into a directory like /9000 then you create the hp9000 container and reference that directory.
This is my cookbook
download and install PHSS_41099 (no reboot)
download and install compartments (part of SRP install)
download and install SRP first (reboot needed) prerequisite.
download and install HP9000 containers (no reboot)
mkdir /home/9000
cd 9000
frecover -r -X -f ../srp/hpmdd78.backup
add user oinstall:
oinstall::110:
in /home/down2
useradd -u 120 -g oinstall -m oracle
chown -R oracle:oinstall /Apps/*
ln -s /home/down2 /9000
srp_sys -setup take defaults
srp -add HP9000
services - default
unix names for administrator - default
List of UNIX user names for login: root,oracle
unix group names: adm,oinstall
PRM all default
IP address 10.10.67.9 (or whatever)
network interface name: lan1:5
gateway: default
autostart
srp -add HP9000 -t sshd -b
srp -start HP9000
srp_ps HP9000 -ef | grep sshd
srp -add HP9000 -t hp9000
Instructor Storage, Servers, HP-UX and Partner Courses
Hewlett Packard Enterprise Education Services
Ask me about training on StoreServ (3PAR) StoreOnce, StoreEasy, StoreAll, StoreVirtual, HP-UX, ServiceGuard and HPE Partner Ready Certification Training
internet: Linkedin: http://www.linkedin.com/in/emilvelez
HPE Master ASE Server Solutions Architect V3
HPE Master ASE Storage Solutions Architect V2
HP UNIX Certified (ASE HPUX 11iv3 Administration V1)
Certified HPE Instructor
HPE Product Certified - OneView [2016]
HP Sales Certified -Servers, Converged Systems and Services [2015]
HPE Product Certified - Converged Solutions [2017]
- Tags:
- srp