Embed Size (px)
DESCRIPTION
WPAR Basic
Citation preview
WPAR in AIX
IntroductionWPARs are a bold new innovation, implemented within AIX 6.1. It allows administrators to virtualize their operating system, which allows for fewer operating system images on your IBM System p™ partitioned server. Prior to WPARs, you would need to create a new Logical Partition (LPAR) for each new "isolated" environment. This is no longer necessary (with AIX 6.1 only), as there are many circumstances when one can get along fine with multiple WPARs within one LPAR. Why is this important? Every LPAR requires its own operating system image and a certain number of physical resources. While you can virtualize many of these resources, there are still some physical resources that must be allocated to the system. Furthermore, you need to install patches and technology upgrades to each LPAR. Each LPAR requires its own archiving strategy and DR strategy. It also takes some time to create an LPAR; you also need to do this outside of AIX, through a Hardware Management Console (HMC) or the Integrated Virtualization Manager (IVM).WPARs are much simpler to manage and can actually be created from the AIX command line or through SMIT. LPARs cannot. By far the biggest disadvantage of LPARs is maintaining multiple images, which goes along with possibly over-committing expensive hardware resources, such as CPU and RAM. In other words, while partitioning helps you consolidate and virtualize hardware within a single box, operating system virtualization through WPAR technology goes one step further and allows for an even more granular approach of resource management. It does this by sharing OS images and is clearly the most efficient use of CPU, RAM, and I/O resources.Rather than a replacement for LPARs, WPARs are a complement to them and allow one to further virtualize application workloads through operating system virtualization. WPARs allow for new applications to be deployed much more quickly, which is an important side-benefit. On the other side of the coin, it's important to understands the limitations of WPARs. For example, each LPAR is a single point of failure for all WPARs that are created within the LPAR. In the event of an LPAR problem (or a scheduled system outage, for that matter), all underlying WPARs will also be affected.
WPARs: How and when to use themThis section further defines the different types of workload partitions and discusses scenarios where WPARs should be used.As discussed earlier, Workload Partitions (WPARs) are virtualized operating system environments that are created within a single AIX (only supported on AIX 6.1) image. While they may be self-contained in the sense that each WPAR has its own private execution environment with its own filesystems and network addresses, they still run inside the global environment. The global environment -- the actual LPAR -- owns all the physical resources of the logical partition. It is important to also note that the global environment can see all the processes running inside the specific WPARs.There are two types of WPARs: system workload partitions and application workload partitions. The system WPAR is much closer to a complete version of AIX. The system WPAR has its own dedicated, completely writable filesystems along with its own inetd and cron. Application WPARs are real, lightweight versions of virtualized OS environments. They are extremely limited and can only run application processes, not system daemons such as inetd or cron. One cannot even define remote access to this environment. These are only temporarily objects; they actually disintegrate when the final process of the application partition ends, and as such, are more geared to execute processes than entire applications. Overall, WPARs have no real dependency on hardware and can even be used on POWER4 systems that do not support IBM's PowerVM (formerly known as APV). For AIX administrators, the huge advantage of WPARs is the flexibility of creating new environments without having to create and manage new AIX partitions. Let's look at some scenarios that call for the use of WPARs.
Application/workload isolationWPARs are tailor-made for working with test and/or QA and development environments. Most larger organizations have at least three environments for their applications. These include development, test, and production. Some environments have as many as five, including demo/training and stress/integration environments. Let's use an example of a common three-tier application environment: Web, application server, and database server. In the land of the LPARs, in an environment where one has five isolated environments, you would need to create 15 LPARs. This is where the WPAR has the most value. In this environment, we would need to create just five LPARs. How is that?In Table 1, we have five different environments, consisting of a Web server, an application server, and a database server. If we wanted to isolate our environments, the only way to do this would be through logical partitioning. That would involve architecting 15 logical partitions. Of course, we could run some of our Web, application, and database on one LPAR, but if we did that, how would we be able to really mimic our production environments (which would run
on separate partitions)? In today's world of 99.9% availability, it is extremely common to give each application environment its own home. With WPARs, we can now do that, without having separate AIX images.
How to create a WPAR step-by-step
ch lpar in the managed system may have a different operating systems. Each workload partition runs only AIX. Lpar owns everything it uses, wpar shares lpar resources (memory, cpu, adapters). Usage of lpar resources (the amount of their processing power – so to speak) by wpar can be defined, limited not to exceed certain amount – if needed. Why I got interested in workload partitions (wpar)? I had to install application on AIX6.1. There is also a ”frequent” but not continuous requirement of testing patches and new releases of this application – not a constant need. As the time flows the operating system will evolve as well – patches, fixes, ML’s …. The test environment must have identical OS as the production environment – are you beginning to see my point?
Let’s create one “private” workload partition which I will call wpar (today, for a change I have no imagination). Why “private”? Because it will have its own (private) /usr.
mkwpar -g wpar_vg -h wpar -l -n wpar -N interface=en0 address=159.14.245.85 nemtask=255.255.255.0 -P -r -s -o /root/wpar.config
-g wpar_vg -> will create all file systems owned by wpar using the capacity of the indicated volume group-h wpar -> specifies the host name assigned to this wpar-l -> create private and writable /opt and /usr-n wpar -> workload partition name (wpar)-N -> Network info follows-P -> set the root password interactively-r -> duplicate network name resolution services (/etc/resolv.conf and so forth)-s -> start the wpar after creation-o /root/wpar.config -> create wpar.config file that can be used to re-create the wpar
what we get as soon as we execute this command is:
.........rsct.core.fsrm 2.5.4.0 ROOT APPLY SUCCESSrsct.core.hostrm 2.5.4.0 ROOT APPLY SUCCESSrsct.core.lprm 2.5.4.0 ROOT APPLY SUCCESSrsct.core.microsensor 2.5.4.0 ROOT APPLY SUCCESSsyncroot: Error synchronizing installp software.syncroot: Returns Status = FAILURECopying network name resolution configuration.../etc/resolv.conf/etc/hosts/etc/netsvc.confChanging password for root@wparroot@wpar's New password:Re-enter root@wpar's new password:mkwpar: 0960-192 They do not match, try again.root@wpar's New password:Re-enter root@wpar's new password:
Workload partition wpar created successfully.Starting workload partition wpar.Mounting all workload partition file systems.Loading workload partition.Exporting workload partition devices.Starting workload partition subsystem cor_wpar.0513-059 The cor_wpar Subsystem has been started. Subsystem PID is 323596.Verifying workload partition startup.entaimq1:MDC:/root>
entaimq1:MDC:/root>lsvgrootvgwpar_vgentaimq1:MDC:/root>lsvg -l wpar_vgwpar_vg:LV NAME TYPE LPs PPs PVs LV STATE MOUNT POINTfslv00 jfs2 3 3 1 open/syncd /wpars/wparfslv01 jfs2 1 1 1 open/syncd /wpars/wpar/homefslv02 jfs2 16 16 1 open/syncd /wpars/wpar/optfslv03 jfs2 3 3 1 open/syncd /wpars/wpar/tmpfslv04 jfs2 64 64 1 open/syncd /wpars/wpar/usrfslv05 jfs2 4 4 1 open/syncd /wpars/wpar/var
As you can see this wpar has its own copy of the operating system created in the specified vg – wpar_vg. Now, let’s create some file systems in another (dedicated to it) volume group which (the file systems) we will assign to our wpar.
entaimq1:MDC:/root>lsvgrootvgwpar_vginformatica_vg
Let’s make the logical volumes first:
entaimq1:MDC:/root>mklv -t jfs2 -y inform1_lv informatica_vg 10mklv -t jfs2 -y inform2_lv informatica_vg 10mklv -t jfs2 -y inform3_lv informatica_vg 10
Now, let’s make file system on the top of each logical volume:/lang_en]
crfs -v jfs2 -d inform1_lv -m /wpars/wpar/inform1 -A yes -a log=INLINEcrfs -v jfs2 -d inform2_lv -m /wpars/wpar/inform2 -A yes -a log=INLINEcrfs -v jfs2 -d inform3_lv -m /wpars/wpar/inform3 -A yes -a log=INLINE
It’s too late but I forgot to include the mount type above so now, I have to execute the chfsagainst each file system.
entaimq1:MDC:/root>chfs -u wpar /wpars/wpar/inform1
and ..../inform2 and ..../inform3
Now, inside the lpar that owns the wpar execute the mount all and let’s go and see thewpar. To login from the lpar directly into its wpar, execute:
entaimq1:MDC:/root>clogin wpar -l root
Once inside, let’s do some poking aroung.
# df -gFilesystem GB blocks Free %Used Iused %Iused Mounted onGlobal 0.09 0.07 29% 1880 11% /Global 0.03 0.03 3% 7 1% /homeGlobal 0.50 0.29 43% 8787 12% /optGlobal - - - - - /procGlobal 0.09 0.09 2% 13 1% /tmpGlobal 2.00 0.15 93% 39515 51% /usrGlobal 0.12 0.06 52% 4405 24% /varGlobal 1.25 1.24 1% 4 1% /inform1Global 1.25 1.24 1% 4 1% /inform2Global 1.25 1.24 1% 4 1% /inform3#
Now, lets increase the size of one the last three file systems made.
# chfs -a size=2G /inform1chfs: 0506-915 No record matching /inform1 was found in /etc/filesystems.
Guess, what? There are no stanzas for these file systems in the wpar own/etc/filesystems. Let’s do the increase operation on the “owner” side (inside the lpar). So, execute exit to logout from the wpar, and then let’s grow the file systems as required.
entaimq1:MDC:/root>chfs -a size=2G /wpars/wpar/inform1Filesystem size changed to 4194304entaimq1:MDC:/root>chfs -a size=3G /wpars/wpar/inform2Filesystem size changed to 6291456Inlinelog size changed to 12 MB.entaimq1:MDC:/root>chfs -a size=4G /wpars/wpar/inform3Filesystem size changed to 8388608Inlinelog size changed to 16 MB.
Going back into the wpar and what do you see?
# df -gFilesystem GB blocks Free %Used Iused %Iused Mounted onGlobal 0.09 0.07 29% 1880 11% /Global 0.03 0.03 3% 7 1% /homeGlobal 0.50 0.29 43% 8787 12% /optGlobal - - - - - /procGlobal 0.09 0.09 2% 13 1% /tmpGlobal 2.00 0.15 93% 39515 51% /usrGlobal 0.12 0.06 52% 4405 24% /varGlobal 2.00 1.99 1% 4 1% /inform1Global 3.00 2.99 1% 4 1% /inform2Global 4.00 3.98 1% 4 1% /inform3
Who owns these file systems?
# ls -ld /inform2drwxr-xr-x 3 root system 256 Jun 08 13:20 /inform2
Let’s change it and assign it to a user and a group I have created earlier inside this wpar.
# chown infouser.info /inform1# chown infouser.info /inform2# chown infouser.info /inform3
Who owns these file systems now?[lan_pl]Kto obecnie posiada te pliki?
# ls -ld /inform1drwxr-xr-x 3 infouser info 256 Jun 08 13:20 /inform1# ls -ld /inform2drwxr-xr-x 3 infouser info 256 Jun 08 13:20 /inform2# ls -ld /inform3drwxr-xr-x 3 infouser info 256 Jun 08 13:20 /inform3#
In another putty session I tried to login to this wpar (using its IP address), and I failed. I could login only after I got back into the wpar via the clogin than I executed the passwd command and I set the root password in the wpar. I tried again to login via wpar IP address and this time it worked. Could it be that while executing mkwpar its-P options failed? Maybe, who knows – now, I do not have time to to worry about it.
I have to load a software that arrived on a CD media. How to use a CD to load a software into a wpar? I try to mount CD drive into a file system accessible to my wpar, but the operation fails.
entaimq1:MDC:/>mount -v cdrfs -o ro /dev/cd0 /wpars/wpar/cd0mount: 0506-324 Cannot mount /dev/cd0 on /wpars/wpar/cd0: A file or directory in the path name does not exist.
You have mail in /usr/spool/mail/rootentaimq1:MDC:/>
It could be that I did not assign the adapter and CD to the partition (lpar) controlling my wpar… Let’s do it (HMC). Guess what? After I executed cfgmgr the CD showed up and I could mount it.
entaimq1:MDC:/>lsdev | grep -i cdcd0 Available 02-08-00 SATA DVD-ROM Driveentaimq1:MDC:/>
entaimq1:MDC:/>mount -v cdrfs -o ro /dev/cd0 /wpars/wpar/cd0
Study the previous line to understand how mounting from an lpar and into one of its wpars. Do I have access to CD from my wpar?
# dfFilesystem 512-blocks Free %Used Iused %Iused Mounted onGlobal 196608 140480 29% 1882 11% /Global 65536 63768 3% 7 1% /homeGlobal 1048576 605768 43% 8787 12% /optGlobal - - - - - /procGlobal 196608 193016 2% 13 1% /tmpGlobal 4194304 318032 93% 39515 51% /usrGlobal 262144 126944 52% 4405 24% /varGlobal 4194304 4176624 1% 4 1% /inform1Global 6291456 6265264 1% 4 1% /inform2Global 8388608 8353904 1% 4 1% /inform3Global 3759968 0 100% 939992 100% /cd0#
Yes, indeed. I got it, I see it. Can I have a peak at it content too?
# cd /cd0# ls.Version README.expansion.html usrGSKit.README installpREADME.expansion ismp#
Well, well, well. Now I can proceed with software installations – this CD contains the “Expansion Pack for AIX”. This is not the right CD!
Back to reality. I have made a dynamic change to my lpar configuration – I added the adapter controlling the CD. Few of you may yet not know (I belonged to this category too) but in case of an lpar anything called dynamic is nothing short of dynamic – in absence of any further steps the dynamic changes will disappear the next time the lpar will be rebooted. So the question is this ”how to make the dynamic change a permanent one?” What I did? On HMC, I go toConfiguration -> Save Current Configuration. This operation creates a new profile. Remember to make it the Default profile so if lpar reboots it will boot with this one and not the previous profile.
[lang-en]Let’s stop the wpar.
entaimq1:MDC:/>lswparName State Type Hostname Directory RootVG WPAR------------------------------------------------------wpar A S wpar /wpars/wpar noentaimq1:MDC:/>stopwpar -v wpar
Stopping workload partition wpar.Stopping workload partition subsystem cor_wpar.0513-044 The cor_wpar Subsystem was requested to stop.stopwpar: 0960-261 Waiting up to 600 seconds for workload partition to halt.Shutting down all workload partition processes.WPAR='wpar' CID=1
ID=2097153 KEY=0x4107001c UID=0 GID=9 RT=-1ID=4194314 KEY=0x0100b0c4 UID=0 GID=0 RT=-1ID=4194316 KEY=0xffffffff UID=0 GID=0 RT=-1ID=4194319 KEY=0x010283b4 UID=0 GID=0 RT=-1ID=2097168 KEY=0xffffffff UID=0 GID=0 RT=-1wio0 DefinedUnmounting all workload partition file systems.Umounting /wpars/wpar/cd0.Umounting /wpars/wpar/inform3.Umounting /wpars/wpar/inform2.Umounting /wpars/wpar/inform1.Umounting /wpars/wpar/var.Umounting /wpars/wpar/usr.Umounting /wpars/wpar/tmp.Umounting /wpars/wpar/proc.Umounting /wpars/wpar/opt.Umounting /wpars/wpar/home.Umounting /wpars/wpar.Return Status = SUCCESS.entaimq1:MDC:/>
Have you noticed that I stopped the wpar from its lpar?
entaimq1:MDC:/>lswparName State Type Hostname Directory RootVG WPAR------------------------------------------------------wpar D S wpar /wpars/wpar noentaimq1:MDC:/>
And now, let start it up.
entaimq1:MDC:/>startwpar -v wparStarting workload partition wpar.Mounting all workload partition file systems.Mounting /wpars/wparMounting /wpars/wpar/homeMounting /wpars/wpar/inform1Mounting /wpars/wpar/inform2Mounting /wpars/wpar/inform3Mounting /wpars/wpar/optMounting /wpars/wpar/procMounting /wpars/wpar/tmpMounting /wpars/wpar/usrMounting /wpars/wpar/varLoading workload partition.Exporting workload partition devices.Starting workload partition subsystem cor_wpar.0513-059 The cor_wpar Subsystem has been started. Subsystem PID is 585748.Verifying workload partition startup.Return Status = SUCCESS.entaimq1:MDC:/>
Since I did not put the appropriate stanza in the /etc/filesystems no CD got mounted, has to go to the lpar to do this again:
entaimq1:MDC:/>mount -v cdrfs -o ro /dev/cd0 /wpars/wpar/cd0
What happens when I try to unmount cd0 being inside wpar?
# umount /cd0umount: 0506-349 Cannot unmount Global: A system call received a parameter that is not valid.#
This can be done from the ”owning” lpar.
entaimq1:MDC:/>umount /wpars/wpar/cd0
Since nobody know where is the install CD, I have to kill the time in some other way. With the help from ftp,I install the VNC software, and after login as me (duszyk) not root, I try to start it executing:
$ vncserverYou will require a password to access your desktops.Password:Verify:$ vncserver1356-364 xauth: creating new authority file /home/duszyk/.XauthorityNew 'X' desktop is wpar:1Creating default startup script /home/duszyk/.vnc/xstartupStarting applications specified in /home/duszyk/.vnc/xstartupLog file is /home/duszyk/.vnc/wpar:1.log$
It does not work… . VNC would not start until I made some changes to the/usr/bin/X11/vncserver. I followed the advice included in this link: ”http://www.ee.pw.edu.pl/~pileckip/aix/vnc_setup.htm” – I tried Doug Ranz’ method. Following the changes, I was able to start the vncserver and connect to this ”machine” from my laptop as this images shows:
How to get rid of a wpar? Easy, you can do it like that:
entaimq1:MDC:/root>rmwpar -Fsv wpar
Well, now I have been told that this wpar host name and its IP address has to change because of some requirement. The new hostname will be a very descriptive one indeed: infaprtu001, and its IP address will be 159.14.245.56. To execute the change I will add the appropriate entry to lpar /etc/hosts and execute:
chwpar -h infaprtu001 -N address=159.14.245.56 wpar
entaimq1:MDC:/root>lswparName State Type Hostname Directory RootVG WPAR---------------------------------------------------------wpar A S infaprtu001 /wpars/wpar noentaimq1:MDC:/root>
I use the new address to login (with putty) into the wpar and what do I see here?
$ ifconfig -aen0: flags=1e080863,c0inet 159.14.245.85 netmask 0xffffff00 broadcast 159.14.245.255inet 159.14.245.56 netmask 0xffffff00 broadcast 159.14.245.255tcp_sendspace 131072 tcp_recvspace 65536 rfc1323 0lo0: flags=e08084binet 127.0.0.1 netmask 0xff000000 broadcast 127.255.255.255inet6 ::1/0tcp_sendspace 131072 tcp_recvspace 131072 rfc1323 1$ uname -aAIX wpar 1 6 00CD68344C00$ hostnameinfaprtu001
