Container types
For more information on HP 9000 containers, see the HP 9000 Containers Administrator’s Guide at:
System containers
System containers provide virtualization and private namespace capabilities that give users and applications the look and feel of a private operating system instance. The unique namespace eases application deployment with
As with all container types, each system container has a private directory under /var/hpsrp. However, a process that runs in a system container has its file system root set, using a secure chroot() at the containers private directory (/var/hpsrp/$CONTAINER) instead of the system’s file system root (/). This allows each system container to have their own copy of files that are accessed using the same file system path as other containers. For example, a system container named sys1 would access its private passwd file using the standard path of /etc/passwd when that file’s real path is /var/hpsrp/sys1/etc/passwd. System container sys2 would access its private passwd file using /etc/passwd, which has a real path of /var/hpsrp/sys2/etc/passwd.
There are two types of file system layouts available for system containers (specified when you create a system container):
•Shared: The container shares the /usr, /sbin, and /stand directories with the global
•Private: The container only shares the /stand directory with the global
See figure 3 for a detailed layout of a system container file system access.
Each system container has:
•A unique host and node name
•Local users and groups (including a local root user)
•Local NIS or LDAP domain
•Local password policies
•Local file system view (private or shared)
•Local system services (for example, init, sshd, pwgrd, syslogd, and inetd)
•Private network interface and IP address
•Private IPC namespace
•Local NFS Client and AutoFS support
Both system and workload containers are managed using the same tools, including the SRP Manager integrated with SMH. Container management on
5
