an121stud
TRANSCRIPT
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 1/692
Power Systems for AIX II: AIXImplementation andAdministration
(Course code AN12)
Student Notebook
ERC 1.1
5.3
over
Front cover
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 2/692
Student Notebook
October 2009 edition
The information contained in this document has not been submitted to any formal IBM test and is distributed on an “as is” basis withoutany warranty either express or implied. The use of this information or the implementation of any of these techniques is a customerresponsibility and depends on the customer’s ability to evaluate and integrate them into the customer’s operational environment. Whileeach item may have been reviewed by IBM for accuracy in a specific situation, there is no guarantee that the same or similar results willresult elsewhere. Customers attempting to adapt these techniques to their own environments do so at their own risk.
© Copyright International Business Machines Corporation 2009. All rights reserved.
This document may not be reproduced in whole or in part without the prior written permission of IBM.
Note to U.S. Government Users — Documentation related to restricted rights — Use, duplication or disclosure is subject to restrictionsset forth in GSA ADP Schedule Contract with IBM Corp.
Trademarks
The reader should recognize that the following terms, which appear in the content of thistraining document, are official trademarks of IBM or other companies:
IBM® is a registered trademark of International Business Machines Corporation.
The following are trademarks of International Business Machines Corporation in the United
States, or other countries, or both:
PS/2® is a trademark or registered trademark of Lenovo in the United States, other
countries, or both.PostScript is either a registered trademark or a trademark of Adobe Systems Incorporated
in the United States, and/or other countries.Intel is a trademark or registered trademark of Intel Corporation or its subsidiaries in the
United States and other countries.
Java and all Java-based trademarks and logos are trademarks of Sun Microsystems, Inc.
in the United States, other countries, or both.Linux® is a registered trademark of Linus Torvalds in the United States, other countries, orboth.
Microsoft and Windows are trademarks of Microsoft Corporation in the United States, othercountries, or both.
UNIX® is a registered trademark of The Open Group in the United States and othercountries.
Other company, product, or service names may be trademarks or service marks of others.
AIX® AIX 5L™ AS/400®
DB2® Electronic Service Agent™ Everyplace®
Express™ HACMP™ Notes®
POWER® POWER2™ POWER3™
POWER4™ POWER5™ POWER5+™
POWER6™ Power Architecture® POWER Hypervisor™
Power Systems™ PowerHA™ PowerPC®
PowerVM™ pSeries® RS/6000®
System p® System Storage™ Tivoli® WebSphere® Workload Partitions
Manager™
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 3/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
iii AIX installation © Copyright IBM Corp. 2009
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 4/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
iv AIX installation © Copyright IBM Corp. 2009
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 5/692
Student Notebook
5.3
OC
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
©Copyright IBM Corp. 2009 Contents v
Contents
Trademarks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xv
Course description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xvii
Agenda . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxi
Unit 1. Introduction to IBM Power Systems, AIX, and system administration . . . . 1-1Unit objectives . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-2AIX overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-3Logical partition overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-4Dynamic logical partitioning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-5Workload partitions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-7Live partition mobility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-8Evolution of AIX . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-9
Overview of the POWER6 servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-14Typical Power / AIX system layout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-15The HMC (1 of 2) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-16The HMC (2 of 2) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-17LPAR virtualization overview (1 of 2) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-18LPAR virtualization overview (2 of 2) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-20Virtual I/O server overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-22Virtualization example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-23Role of the system administrator . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-25Who can perform administration tasks? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-26How can we perform administration tasks? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-28
Checkpoint . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-29Exercise 1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-30Unit summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-31
Unit 2. AIX system management tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-1Unit objectives . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-2UNIX System administration challenges . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-3System management objectives . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-4AIX administration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-6SMIT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-8SMIT main menu (text based) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-9Dialog screen . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-11Output screen . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-14SMIT log and script files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-15Web-Based System Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-17IBM Systems Director Console for AIX . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-18Console interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-20Console applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-22Console management view . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-24
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 6/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
vi AIX installation ©Copyright IBM Corp. 2009
System health (1 of 3) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2-26System health (2 of 3) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2-27System health (3 of 3) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2-29Classical SMIT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2-31DCEM portlet (1 of 5) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2-32DCEM portlet (2 of 5) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2-33DCEM portlet (3 of 5) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2-34
DCEM portlet (4 of 5) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2-35DCEM portlet (5 of 5) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2-37Console logging and tracing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2-38Checkpoint . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2-40Exercise 2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2-41Unit summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2-42
Unit 3. System startup and shutdown. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-1Unit objectives . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-2System startup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-3
Managed system activation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-5Start-up modes for AIX (1 of 2) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-6Start-up modes for AIX (2 of 2) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-7AIX start up process overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-8AIX partition activation (1 of 2) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-9AIX partition activation (2 of 2) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-10The alog command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-11 /etc/inittab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-13Run levels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-15Directory and script control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-17System resource controller . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-18
Listing subsystems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-19SRC Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-20AIX partition shutdown (1 of 2) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-21AIX partition shutdown (2 of 2) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-23Managed system shutdown . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-25Checkpoint . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-26Exercise 3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-27Unit summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-28
Unit 4. AIX installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4-1Unit objectives . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4-2
Installation methods for AIX 6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4-3AIX installation in a partition (DVD or CD) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4-4Installing AIX from CD/DVD (1 of 2) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4-5Installing AIX from CD/DVD (2 of 2) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4-6Installation and Maintenance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4-7Installation and Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4-8Method of installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4-9Installation disks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4-11Set Primary Language Environment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4-12
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 7/692
Student Notebook
5.3
OC
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
©Copyright IBM Corp. 2009 Contents vii
Security Models . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-13Software install options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-15Install summary and installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-16Accept License Agreements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-17AIX installation: Post steps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-18Installation assistant and login . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-19AIX installation in a partition using NIM: NIM overview . . . . . . . . . . . . . . . . . . . . . 4-20
AIX installation in a partition using NIM: Configuration steps . . . . . . . . . . . . . . . . 4-22Network boot (1 of 7) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-23Network boot (2 of 7) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-24Network boot (3 of 7) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-25Network boot (4 of 7) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-26Network boot (5 of 7) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-27Network boot (6 of 7) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-29Network boot (7 of 7) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-30Checkpoint . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-31Exercise 4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-32Unit summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-33
Unit 5. AIX software installation and maintenance . . . . . . . . . . . . . . . . . . . . . . . . . . 5-1Unit objectives . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-2AIX media . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-3Software packaging definitions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-5Software bundles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-7AIX software levels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-8What is my AIX version? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-10Software installation and maintenance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-11Software repository . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-12
Software states . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-13Software listing and versioning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-15lslpp, filesets and files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-16Installing new software using SMIT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-17Installing software using command line, examples . . . . . . . . . . . . . . . . . . . . . . . . 5-18Red Hat Package Manager filesets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-19Applying patches to the system . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-20Applying patches, apply, commit, reject . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-21Listing fixes (APAR's) installed on the system . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-22Interim fix management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-23Removing installed software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-24
Recovering from broken or inconsistent states . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-25Service update management assistant . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-26SUMA base configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-27SUMA task configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-28SUMA command line execution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-29Fix Central Web site . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-31Fix Level Recommendation Tool . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-32Checkpoint . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-33Exercise 5 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-34
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 8/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
viii AIX installation ©Copyright IBM Corp. 2009
Unit summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5-35
Unit 6. System configuration and devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6-1Unit objectives . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6-2Device terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6-3System configuration and device overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6-5Device commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6-6
System device layout example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6-7prtconf (1 of 2) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6-8prtconf (2 of 2) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6-9lscfg . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6-10lsdev . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6-11lsslot . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6-13lsattr and chdev commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6-14Device states . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6-15 /dev directory, device configuration and control . . . . . . . . . . . . . . . . . . . . . . . . . . .6-16Device addressing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6-17
Physical location code examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6-18Virtual location codes, example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6-19Checkpoint . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6-21Exercise 6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6-22Unit summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6-23
Unit 7. System storage overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7-1Unit objectives . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7-2Components of AIX storage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7-3Traditional UNIX disk storage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7-4Benefits of the LVM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7-5
Logical Volume Manager components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7-6Physical storage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7-8Volume groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7-10Volume group descriptor area . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7-12Logical storage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7-14Uses of logical volumes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7-16What is a file system? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7-18Why have multiple file systems? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7-20Standard file systems in AIX . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7-22 /etc/filesystems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7-24Mount . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7-26
Mounting over an empty directory . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7-27Mounting over files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7-28Listing file systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7-29Listing logical volume information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7-30Checkpoint (1 of 3) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7-31Checkpoint (2 of 3) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7-32Checkpoint (3 of 3) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7-33Exercise 7 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7-34Unit summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7-35
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 9/692
Student Notebook
5.3
OC
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
©Copyright IBM Corp. 2009 Contents ix
Unit 8. Working with the Logical Volume Manager . . . . . . . . . . . . . . . . . . . . . . . . . . 8-1Unit objectives . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-2Logical Volume Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-3SMIT volume group menu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-5Adding a volume group to the system . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-6Adding a scalable volume group to the system . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-7Listing volume groups and VG attributes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-8
Listing PVs in a VG and VG contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-9Change a volume group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-11Extend and reduce a VG . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-12Remove a volume group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-14Activate and deactivate a volume group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-15Import and export a volume group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-16Reorganize a Volume Group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-17Logical storage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-18LVM and RAID support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-19LVM options which affect performance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-20Mirroring (RAID1) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-21Mirroring, allocation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-22Striping (RAID 0) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-23Striping and mirroring (RAID 10 or 1+0) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-25Logical volume placement . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-26Mirroring scheduling policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-28Mirror write consistency . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-30SMIT logical volume menu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-32Adding a logical volume . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-33Show LV characteristics (1 of 2) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-34Show LV characteristics (2 of 2) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-36
Add copies to a logical volume . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-37Increasing the size of a logical volume . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-39Remove a logical volume . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-40List all logical volumes by volume group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-41Mirroring volume groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-42Physical volumes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-44SMIT physical volumes menu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-45List physical volume information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-46List logical volumes on a physical volume . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-47List a physical volume partition map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-48Add or move contents of physical volumes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-49
Documenting the disk storage setup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-50Checkpoint . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-51Exercise 8 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-52Unit summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-53
Unit 9. File systems administration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-1Unit objectives . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-2Journaled file system support in AIX . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-3Advantages of enhanced JFS (JFS2) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-4
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 10/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
x AIX installation ©Copyright IBM Corp. 2009
JFS2 structural components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-5Listing i-node and block size information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-7Creating a JFS2 file system (1 of 2) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-8Creating a JFS2 file system (2 of 2) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-9Mounting a file system and the /etc/filesystems file . . . . . . . . . . . . . . . . . . . . . . . .9-10JFS2 logging options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-11Creating a file system on a previously defined logical volume . . . . . . . . . . . . . . . .9-12
Changing the size of a JFS2 file system . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-13Removing a JFS2 file system . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-14File system space management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-16Listing file system utilization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-17Monitoring file system growth . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-18Listing disk usage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-19Control growing files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-21The skulker command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-23Block size considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-24Fragmentation considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-26
Verify and repair a file system . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-27Documenting file system setup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-28System storage review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-29Checkpoint (1 of 2) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-30Checkpoint (2 of 2) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-31Exercise 9 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-32Unit summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-33
Unit 10. Paging space. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-1Unit objectives . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-2What is paging space? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-3
Paging space . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-5Sizing paging space . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-7Paging space placement . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-10Checking paging space . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-12Adding paging space . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-14Change paging space . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-16Remove paging space . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-18Problems with paging space . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-20Documenting paging space setup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-21Checkpoint . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-22Exercise 10 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-23
Unit summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-24
Unit 11. Backup and restore . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .11-1Unit objectives . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .11-2Backup introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .11-3System image backup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .11-5Creating a mksysb image . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .11-7image.data file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .11-9bosinst.data file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .11-11
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 11/692
Student Notebook
5.3
OC
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
©Copyright IBM Corp. 2009 Contents xi
mksysb tape image format . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-13Restoring a mksysb, from tape device (1 of 2) . . . . . . . . . . . . . . . . . . . . . . . . . . 11-15Restoring a mksysb, from tape device (2 of 2) . . . . . . . . . . . . . . . . . . . . . . . . . . 11-16Restoring a mksysb, from a NIM server (1 of 2) . . . . . . . . . . . . . . . . . . . . . . . . . 11-18Restoring a mksysb, from NIM sever (2 of 2) . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-19Creating a backup of a data volume group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-20Restoring a backup of a data volume group . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-21
Traditional UNIX and AIX backup commands . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-23Backup by filename and restore . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-24Backup and restore by inode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-26tar command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-28cpio command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-29pax command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-30dd command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-31Compression commands (1 of 2) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-32Compression commands (2 of 2) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-33Good practices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-34Checkpoint . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-36Exercise 11 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-37Unit summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-38
Unit 12. Security and user administration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-1Unit objectives . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-2
12.1. Security and user concepts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-3Security and user concepts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-4User accounts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-5Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-6Group hierarchy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-8
User hierarchy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-10Role based access control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-11Controlling access to the root account . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-13Security logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-14File/Directory permissions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-16Reading permissions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-18Changing permissions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-20umask . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-22Changing ownerships and groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-24Checkpoint . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-25Topic summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-26
12.2. User and group administration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-27User and group administration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-28Console login sequence . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-29User initialization process . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-31Message of the day . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-33Security & Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-34SMIT users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-36Listing users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-38Add a user to the system . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-39
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 12/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
xii AIX installation ©Copyright IBM Corp. 2009
Change / Show Characteristics of a User . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .12-41Remove a user from the system . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .12-42Passwords . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .12-43Regaining root's password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .12-45SMIT groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .12-46Listing groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .12-47Add a Group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .12-48
Change or remove a group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .12-50RBAC overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .12-52RBAC defined roles and authorizations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .12-53RBAC (basic) implementation steps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .12-56RBAC example (1 of 2) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .12-57RBAC example (2 of 2) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .12-58Checkpoint . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .12-59Topic summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .12-60
12.3. Security files. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .12-61Security files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .12-62
Security files introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .12-63 /etc/passwd file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .12-65 /etc/security/passwd file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .12-67 /etc/security/user file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .12-69Group files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .12-73 /etc/security/login.cfg file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .12-74Validating the user environment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .12-76Documenting security policy and setup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .12-78Checkpoint . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .12-79Topic summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .12-80Exercise 12 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .12-81
Unit summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .12-82
Unit 13. Scheduling. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .13-1Unit objectives . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .13-2The cron daemon . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .13-3crontab files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .13-5Format of a crontab file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .13-7Editing a crontab file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .13-9The at and batch commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .13-11Controlling at jobs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .13-13Documenting scheduling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .13-14
Checkpoint . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .13-15Exercise 13 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .13-16Unit summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .13-17
Unit 14. TCP/IP networking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .14-1Unit objectives . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .14-2What is TCP/IP? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .14-3TCP/IP layering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .14-5TCP/IP start-up flow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .14-7
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 13/692
Student Notebook
5.3
OC
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
©Copyright IBM Corp. 2009 Contents xiii
Ethernet adapters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-8Virtual LAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-10IEEE 802.1Q VLAN tagging (1 of 2) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-11IEEE 802.1Q VLAN tagging (2 of 2) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-12VLAN group example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-13AIX VLAN tagging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-14IP and subnet addressing (1 of 2) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-15
IP and subnet addressing (1 of 2) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-17Subnetting example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-18Supernetting example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-19How is TCP/IP configured on AIX? (1 of 2) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-20How is TCP/IP configured on AIX? (2 of 2) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-21Command line TCP/IP configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-22Verifying network interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-23Name resolution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-24Routing implementation (1 of 2) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-26Routing implementation (2 of 2) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-28Multipath routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-29Additional configuration, IP aliasing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-31Testing for remote connectivity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-32Ports and sockets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-34inetd daemon . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-35Remote UNIX commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-36Transferring files over a network (1 of 2) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-37Transferring files over a network (2 of 2) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-38Network File System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-39NFS server configuration (1 of 2) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-40NFS server configuration (2 of 2) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-42
Manual NFS client mounting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-44Predefined NFS client mounting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-45Virtual Network Computing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-47VNC configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-48Checkpoint . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-49Exercise 14 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-50Unit summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-51
Unit 15. Introduction to workload partitions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-1Unit objectives . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-2Workload partition overview (1 of 2) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-3
Workload partition overview (2 of 2) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-5Reasons to use workload partitions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-6WPAR is built on top of WLM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-8AIX workload partitions initial state . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-9Application WPARs (1 of 2) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-10Application WPARs (2 of 2) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-11Creating an application WPAR: wparexec . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-12Application WPAR process space . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-13System WPARs (1 of 2) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-14
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 14/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
xiv AIX installation ©Copyright IBM Corp. 2009
System WPARs (2 of 2) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .15-15System WPAR device access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .15-16Creating a system WPAR: mkwpar . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .15-17System WPAR process space . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .15-18Creating a system WPAR with a network definition . . . . . . . . . . . . . . . . . . . . . . .15-19WPAR routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .15-20System WPAR file systems space (1 of 2) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .15-21
System WPAR file systems space (2 of 2) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .15-23WPAR management commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .15-25Specification file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .15-26Starting a system WPAR . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .15-27Stopping and removing a system WPAR . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .15-28WPAR status: lswpar . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .15-30WPAR logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .15-31System WPAR management: clogin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .15-32AIX command restrictions in WPARs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .15-33WPAR management: save and restore WPAR . . . . . . . . . . . . . . . . . . . . . . . . . .15-34
Software installation, shared /usr and /opt . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .15-36Software installation, non-shared /usr and /opt . . . . . . . . . . . . . . . . . . . . . . . . . .15-37WPAR resource control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .15-38Shared-based approach . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .15-39Percentage-based approach . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .15-40Workload Partition Manager overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .15-41Workload Partition Manager GUI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .15-42Checkpoint . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .15-43Exercise 15 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .15-44Unit summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .15-45
Appendix A. Printers and queues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-1
Appendix B. Checkpoint solutions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . B-1
Glossary. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . X-1
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 15/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Trademarks xv
5.3
MK Trademarks
The reader should recognize that the following terms, which appear in the content of this
training document, are official trademarks of IBM or other companies:
IBM® is a registered trademark of International Business Machines Corporation.
The following are trademarks of International Business Machines Corporation in the UnitedStates, or other countries, or both:
PS/2® is a trademark or registered trademark of Lenovo in the United States, other
countries, or both.
PostScript is either a registered trademark or a trademark of Adobe Systems Incorporatedin the United States, and/or other countries.
Intel is a trademark or registered trademark of Intel Corporation or its subsidiaries in the
United States and other countries.
Java and all Java-based trademarks and logos are trademarks of Sun Microsystems, Inc.in the United States, other countries, or both.
Linux® is a registered trademark of Linus Torvalds in the United States, other countries, orboth.
Microsoft and Windows are trademarks of Microsoft Corporation in the United States, other
countries, or both.
UNIX® is a registered trademark of The Open Group in the United States and other
countries.
Other company, product, or service names may be trademarks or service marks of others.
AIX® AIX 5L™ AS/400®
DB2® Electronic Service Agent™ Everyplace®
Express™ HACMP™ Notes®
POWER® POWER2™ POWER3™
POWER4™ POWER5™ POWER5+™
POWER6™ Power Architecture® POWER Hypervisor™
Power Systems™ PowerHA™ PowerPC®
PowerVM™ pSeries® RS/6000® System p® System Storage™ Tivoli®
WebSphere® Workload PartitionsManager™
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 16/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
xvi AIX installation © Copyright IBM Corp. 2009
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 17/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Course description xvii
5.3
ef Course description
Power Systems for AIX II: AIX Implementation and Administration
Duration: 5 days
Purpose
Learn to install, customize and administer the AIX operating system in
a multiuser POWER (System p) partitioned environment. The courseis based on AIX 6.1 running on a Power6 system managed by
Hardware Management Console version 7 and provides practicaldiscussions that are appropriate to earlier AIX releases.
Audience
This intermediate course is intended for system administrators oranyone implementing and managing an AIX operating system in a
multiuser POWER (System p) partitioned environment.
Prerequisites
The students attending this course should already be able to:
• Log in to an AIX system and set a user password
• Execute basic AIX commands
• Manage files and directories
• Use the vi editor
• Use redirection, pipes, and tees
• Use the utilities find and grep
• Use the command and variable substitution
• Set and change Korn shell variables
• Write simple shell scripts
• Use a graphic Common Desktop Environment (CDE) interface
These skills can be acquired by attending AIX Basics (AU13) orthrough equivalent AIX/UNIX knowledge. Also, it would be helpful, but
not mandatory if students were familiar with partitioning concepts andtechnology taught in Power Systems for AIX I: LPAR Configuration
and Planning (AN11).
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 18/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
xviii AIX installation © Copyright IBM Corp. 2009
Objectives
On completion of this course, students should be able to:
• Install the AIX operating system, filesets, and RedHat Package
Manager (RPM) packages
• Perform system startup and shutdown
• Discuss and use system management tools such as SystemManagement Interface Tool (SMIT) and IBM systems director
console for AIX
• Manage physical and logical devices
• Discuss the purpose of the logical volume manager
• Perform logical volume and file system management
• Create and manage user and group accounts
• Perform and restore system backups• Utilize administrative subsystems, including cron to schedule
system tasks, and security to implement customized access of filesand directories
• Configure TCP/IP networking
• Implement Workload Partitions (WPAR)
Contents
• Introduction to IBM POWER p systems, AIX, and systemadministration
• AIX System Management Tools
• System startup and shutdown
• AIX installation
• AIX software installation and maintenance
• System configuration and devices
• System storage overview
• Working with the Logical Volume Manager (LVM)
• File system administration
• Paging space
• Backup and restore
• Security and user administration
• Scheduling
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 19/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Course description xix
5.3
ef • TCP/IP Networking
• Workload Partitions
Curriculum relationship
This course should follow the AIX Basics course. A basic
understanding of hardware / AIX environment and simple commandsis recommended before taking this course.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 20/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
xx AIX installation © Copyright IBM Corp. 2009
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 21/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Agenda xxi
5.3
ef Agenda
Day 1
Welcome
Unit 1: Introduction to IBM Power Systems, AIX, and system
administrationExercise 1
Unit 2: AIX system management toolsExercise 2
Unit 3: System startup and shutdownExercise 3
Unit 4: AIX installationExercise 4
Day 2Unit 5: AIX software installation and maintenanceExercise 5
Unit 6: System configuration and devicesExercise 6
Unit 7: System storage overviewExercise 7
Unit 8: Working with the Logical Volume ManagerExercise 8
Day 3
Unit 9: File systems administration
Exercise 9Unit 10: Paging space
Exercise 10Unit 11: Backup and restore
Exercise 11
Day 4
Unit 12: Security and user administrationExercise 12
Unit 13: SchedulingExercise 13
Unit 14: TCP/IP networking
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 22/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
xxii AIX installation © Copyright IBM Corp. 2009
Day 5
Exercise 14
Unit 15: Introduction to workload partitionsExercise 15
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 23/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 1. Introduction to IBM Power Systems, AIX, and system 1-1
5.2
empty Unit 1. Introduction to IBM Power Systems, AIX,and system administration
What this unit is about
This unit provides an introduction to IBM Power Systems, AIX andsystem administration.
What you should be able to do
After completing this unit, you should be able to:
• Define terminology and concepts of IBM Power System servers,
virtualization, HMC, and AIX
• Understand a typical set-up of a Power environment • Describe the roles of the system administrator
• Obtain root access with the su command
How you will check your progress
Accountability:
• Checkpoint • Machine exercises
References
Online AIX 6.1 Information
PSO03004-USEN-05
AIX “From Strength to Strength”
AU73G System p LPAR configuration and virtualization I
Note: References listed as “Online” above are available at the
following address:
http://publib.boulder.ibm.com/infocenter/systems/index.jsp
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 24/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
1-2 AIX installation © Copyright IBM Corp. 2009
Figure 1-1. Unit objectives AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Unit objectives
After completing this unit, you should be able to:• Define terminology and concepts of IBM Power system
servers, virtualization, HMC, and AIX• Understand a typical set-up of a Power environment• Describe the roles of the system administrator • Obtain root access with the su command
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 25/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 1. Introduction to IBM Power Systems, AIX, and system 1-3
5.2
empty
Figure 1-2. AIX overview AN121.1
Notes:
Advanced Interactive Executive (AIX) is IBM's proprietary UNIX OS based on UNIX
System V with 4.3BSD-compatible command and programming interface extensions.
Announcement Letter Number 286-004 dated January 21, 1986:
• “The AIX Operating System is based on INTERACTIVE Systems Corporation's IN/ix,which, in turn, is based on UNIX System V, as licensed by AT&T Bell Laboratories.
Some portions of the modifications and enhancements were developed by IBM; otherswere developed by INTERACTIVE under contract to IBM.”
© Copyright IBM Corporation 2009
IBM Power Systems
AIX overview
• IBM’s proprietary operating system based on UNIX System V – Also has BSD compatible commands and programming interface
extensions
• Advanced Interactive Executive (AIX) runs on proprietaryhardware (H/W) called IBM Power Systems – Sixth generation of Power, based on Reduced Instruction Set
Computer (RISC) technology
• Most Power Systems today run many instances of AIX inpartitions known as Logical Partitions (LPAR) – This is H/W partitioning managed by the system firmware, Power
Hyperviso
L P A R :
A I X 1
L P A R :
A I X 2
L P A R :
A I X 3
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 26/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
1-4 AIX installation © Copyright IBM Corp. 2009
Figure 1-3. Logical partition overview AN121.1
Notes:
Logical partition (LPAR)
Logical partitioning is the ability to make a single system run as if it were two or more
systems. Each partition represents a division of resources in the Power System. Thepartitions are logical because the division of resources is logical and not along physical
boundaries.
Hypervisor Partitions are isolated from each other by firmware (underlying software)called the POWER Hypervisor. The names POWER Hypervisor and Hypervisor will be
used interchangeably in this course.
Each partition has its own environment, for example – IP address or time of day, just asany AIX instance.
© Copyright IBM Corporation 2009
IBM Power Systems
Logical partition (LPAR) overview
• An LPAR is the allocation of system resources to createlogically separate systems within the same physical footprint.
• The resource allocation and isolation for a logical partition isimplemented in firmware called Power Hypervisor. – Provides configuration flexibility
• Each partition has its own: – Operating system – Resources: processors, memory, devices (defined in a profile)
• Resources can be changed dynamically using Dynamic LPAR (DLPAR)
• Partitions can consist of physical (real) or virtual devices
– or a combination of both
Power Hypervisor
System Hardware (memory, processors, devices)
LPAR 1 LPAR 2 LPAR 3 LPAR 4
sys104:42
sys214:42
sys311:42
sys419:42
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 27/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 1. Introduction to IBM Power Systems, AIX, and system 1-5
5.2
empty
Figure 1-4. Dynamic logical partitioning AN121.1
Notes:
Dynamic Logical partitioning (DLPAR)
The term Dynamic in DLPAR means we can add, move, or remove resources without
having to reactivate the partition. If there are partitions that need more or can do withfewer resources, you can dynamically move the resources between partitions within the
managed system without shutting down the partitions. Both the source and thedestination partitions must support the dynamic partitioning operation.
Processors and memory
Each running LPAR has an active profile which contains the resources that LPAR is
entitled to. For processor and memory settings, there is a maximum and a minimumrange. These boundaries cannot be exceeded when performing dynamic reallocation
operations.
© Copyright IBM Corporation 2009
IBM Power Systems
Dynamic logical partitioning (DLPAR)
• DLPAR is the ability to add, remove, and move resourceswithout reactivation of a partition – Processor, memory, and I/O allocation changes
• Processors and memory quantities are bound by the minimumand maximum profile settings
• Applications may be DLPAR-aware
LPAR 1
(running)
2.0 CPU16Gb Mem
DLPAR Operation:
- Add 2.0 CPU-Remove 4Gb Mem
-Move the DVD slot to LPAR 2
Before
LPAR 1
(running)
4.0 CPU12Gb Mem
After
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 28/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
1-6 AIX installation © Copyright IBM Corp. 2009
Applications
Some applications and utilities may not be DLPAR-aware. If they bind to a processor orpin memory, then you may need to stop these processes before you are able to perform
the DLPAR operation. IBM provides an Application Programming Interface (API) forthird party program DLPAR support on AIX 5L and AIX 6
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 29/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 1. Introduction to IBM Power Systems, AIX, and system 1-7
5.2
empty
Figure 1-5. Workload partitions AN121.1
Notes:
Workload partitions (WPAR) are virtualized, secure operating system environments,
within a single instance of the AIX operating system. Live Application Mobility is a capability
of WPAR technology which allows partitions to move between systems with limitedapplication downtime (for example, 20 seconds).
© Copyright IBM Corporation 2009
IBM Power Systems
Workload partitions (WPAR)
• Software (S/W) partitioning is managed by AIX. – Available from AIX 6.1
• Many AIX OS images can reside within a master global AIXimage.
• Live Application Mobility allows WPAR relocation to anotherbox or LPAR.
• WPARs provide automatic workload balancing.• WPAR technology is not H/W dependent.
– Support is available on Power 4, 5, and 6.
WPAR1
1. 2. WPAR2
WPAR3
WPAR 4
WPAR6
WPAR5
WPAR mgr
AIX1
AIX2AIX3
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 30/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
1-8 AIX installation © Copyright IBM Corp. 2009
Figure 1-6. Live partition mobility AN121.1
Notes:
Live Partition Mobility is a new capability that enables users to move partitions between
systems with no application downtime. Live Partition Mobility enables organizations to
move LPARs from CPU intensive servers to improve overall throughput based onrequirements at a particular time. This also allows us to use a maintenance window on a
physical machine without the need for any application downtime. The only interruption ofservice would be due to network latency. If sufficient bandwidth was available, a delay of at
most, a few seconds, could typically be expected.
© Copyright IBM Corporation 2009
IBM Power Systems
Live partition mobility
• Live partition mobility allows running AIX partitions to bemigrated from one physical server to another withoutdowntime. – For Power 6 only, LPARs must not contain any physical devices.
• Partition Mobility provides systems management flexibility andis designed to improve system availability. – Can help avoid planned outages for hardware or firmware
maintenance – Can help avoid unplanned downtime
• If a server indicates a potential failure, you can move its partitions toanother server before the failure occurs.
– Enables optimized resource use by moving workloads from server toserver
L P A R :
A I X 1
L P A R :
A I X 1
NoDowntime
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 31/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 1. Introduction to IBM Power Systems, AIX, and system 1-9
5.2
empty
Figure 1-7. Evolution of AIX AN121.1
Notes:
AIX
AIX has come a long way since 1986. The first stable version was released in 1993 with
v3.2.5. AIX 3 had key features that are still in AIX today such as smit, a logical volumemanager, the first UNIX flavour to incorporate LVM, and Journaled Filesystems. AIX 6.1
which was generally available (GA) in Nov 2007, saw the addition of many new leadingedge features into the OS. Here is a list, many of which are beyond the scope of this
course, but will be covered in detail in further education courses:
AIX Version 6.1 highlights
New Virtualization Support
• PowerVM Workload Partitions (WPAR)
• PowerVM Live Application Mobility, with the IBM PowerVM Workload PartitionsManager for AIX
• PowerVM Live Partition Mobility enablement
© Copyright IBM Corporation 2009
IBM Power Systems
Evolution of AIX
AIX Version 6.1 Technology Level 2(GA 14, November, 2008)
IBM Support for new IBM UNIX® SystemsNew Virtualization Support
• Faster Live Application Mobility• (with WPAR Manager V1.2• Inactive Application Mobility
• Independent WPAR network routes• WPAR named interface support
• IPv6 WPAR network support• MPIO support for physical and virtual paths• PowerVM™ n Port ID virtualization (NPIV)• PowerVM™ Shared Memory Partitioning
OS Integration and Management• IPv6 RFC currency• BIND 9.4.1 support
• IPv4 tunneling in IPv6 networks• nmon integrated into topas
• topasrec performance data recording• topas monitoring support for PowerVM VIOS
• mpstat and sar support WPAR support• Concurrent kernel update enhancements
• LVM support for SAN mirror pools• Systems Director Console enhancements
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 32/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
1-10 AIX installation © Copyright IBM Corp. 2009
Enterprise security features
• Role Based Access control
• Encrypting Filesystem
• Trusted AIX
• AIX Security Expert enhancements
• Secure by Default installation option
• Trusted Execution
• Filesystem access tool for suid
Near-continuous availability features
• Concurrent AIX kernel updates
• Kernel exploitation of POWER6 Storage Keys
• Dynamic tracing with probevue
• Functional Recovery Routines
• Live Dump
• Firmware assisted dump
Manageability features
• WPAR manageability features
• Systems Director Console for AIX
• Integrated filesystem snapshot
• Automatic, variable page size for POWER6
• Solution performance tuning
The evolution of POWER H/W
• ‘The 801’: IBM Reduced Instruction Set Computer (RISC) technology originated in1974 in a project at the Thomas J. Watson Research Center to design a large
telephone-switching network. The computer needed was named the 801 after Building801, where the research was taking place. The goal of the 801 was to execute one
instruction per cycle.
• ‘The RT’: The IBM RT was IBM's first RISC based UNIX (AIX) computer with a 32 bitROMP processor, without floating point capability that was first announced by IBM in
January 1986.
• POWER: In February 1990, IBM announces its new RISC-based computer line, theRISC System/6000 running AIX Version 3. The architecture of the systems is given the
name POWER, now commonly referred to as POWER1, which stands for PerformanceOptimization With Enhanced RISC. The systems were based on a multiple chip
implementation of the 32-bit POWER architecture. The models introduced included an
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 33/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 1. Introduction to IBM Power Systems, AIX, and system 1-11
5.2
empty 8 KB instruction cache (I-cache) and either a 32 KB or 64 KB data cache (D-cache).The models had a single floating-point unit capable of issuing one compound
floating-point multiply-add (FMA) operation each cycle, with a latency of only two cyclesand optimized 3-D graphics capabilities.
The model 7013-540 (30 MHz) processed 30 million instructions per second. Itselectronic logic circuitry had up to 800,000 transistors per silicon chip. The maximum
memory size was 256 Mbytes and its internal disk storage capacity was 2.5 GBytes.• RSC: In January 1992, an entry-level desktop workstation was announced (7011-220),
based on a single chip implementation of the POWER architecture, usually referred to
as RISC Single Chip (RSC). It was affectionately known as the “the pizza box”.
• PowerPC (601): The RISC System/6000 model 7011-250 (66 MHz) workstation, thefirst to be based on the 32-bit PowerPC 601 processor, was introduced in September
1993.The 601 was the first processor arising out of a partnership between IBM, Motorola, and
Apple. From IBM, the RISC Single Chip (RSC) microprocessor became the base designfor 601. The superscalar machine organization of the 601 was improved to achieve
greater performance. Additional custom circuit design was applied to reduce the diesize and to allow higher frequency operation. The Motorola 88110 microprocessor bus
interface formed the basis of the development of the 601 bus interface. The 601 did not implement the full PowerPC instruction set. Some infrequently used
instruction where excluded, and some new instructions and features were added, suchas support for symmetric multiprocessor (SMP) systems. The 601 is capable of
dispatching, executing, and completing up to 3 instructions per cycle. Instructions issueto multiple execution units (an integer unit, a branch processing unit, and a
floating-point unit), execute in parallel, and can complete out of order.
An SMP has multiple processors that have their own cache, the memory and devicesare shared.The 601 was a bridge from POWER to the full PowerPC architecture.
• POWER2: The model 7013-590 (66 MHz) was announced in September 1993 and was
the first RS/6000 based on the 32-bit POWER2 architecture. The most significantimprovement introduced with the POWER2 architecture for scientific and technical
applications, is that the floating-point unit (FPU) contains two 64-bit execution units, sothat two floating-point multiply-add instructions may be executed each cycle. A second
fixed-point execution unit is also provided. In addition, several new hardwareinstructions were introduced with POWER2: quad-word storage instructions, hardware
square root instruction, and floating-point to integer conversion instructions.
• POWER2 Super Chip: In October 1996, the RS/6000 model 7013-595 (135 MHz) wasannounced with the new 32-bit POWER2 Super Chip (also known as P2SC). The P2SC
is a single chip implementation of the POWER2 architecture, containing 15 milliontransistors on a single chip.
• RS64: In October 1997, the RS64 also known as Apache, was the first 64-bit PowerPC
RISC processor. The RS64 is a superscalar processor optimized for commercial
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 34/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
1-12 AIX installation © Copyright IBM Corp. 2009
workloads. The processor has separate 64 KB L1 cache for instructions and data andL2 cache controllers. The L2 caches run at full processor speed. The RS64 contains a
16 byte interface to 2-way set associative 4MB L2 cache. The RS64 was also used inthe AS/400, called A35.
There were 4 generations of the RS64 chip. PowerPC RS64 IV 64-bit RISCmicroprocessor, also known as Sstar, using copper and SOI technology.
Then in October 2000, pSeries 680 (600 MHz), a 6 to 24-way 64-bit SMP server, withup to 96GB of system memory, and 16MB L2 cache for each 600 MHz processor was
announced.
• POWER3: The POWER3 (64 bit) processor, announced in October 1998, unifies thePOWER2 architecture (P2SC) with the PowerPC architecture.
The SMP-capable POWER3 design allows for concurrent operation of fixed-pointinstructions, load/store instructions, branch instructions, and floating-point instructions.
POWER3 is capable of executing up to four floating-point operations per cycle, twomultiply-add instructions. Integer performance has been significantly enhanced over the
P2SC with the addition of dedicated integer and load/store execution units. The chip
features eight execution units fed by a 6.4 gigabyte-per-second memory subsystem.The core includes two high-bandwidth buses: a 128-bit 6XX architecture bus to mainmemory and 256-bit bus to the L2 cache that runs at processor speed. The POWER3
also has on-chip 64KB data cache and a 32KB instruction cache.
• POWER4: The POWER4 “Gigaprocessor” copper SOI 64-bit CMP microprocessor isbased on all earlier designs.
174-million-transistor POWER4 chip, with two 1.1/1.3 GHz five-issue superscalarmicroprocessor cores, a triple-level cache hierarchy, up to 256 GB memory, a
10-Gbyte/s main-memory interface, and a 45-Gbyte/s multiprocessor interface. The
POWER4 is a CMP chip, which means that it incorporates multiple processors on asingle piece of silicon.POWER4 machines saw the introduction of LPAR technology.
• POWER5: The POWER5 processor is an improved variant of the highly successful
POWER4 chip. The principal changes are support for Simultaneous multithreading(SMT) and an on-die memory controller. Each CPU supports 2 threads. Since it is a
multicore chip, with 2 physical CPUs, each chip supports 4 logical threads. ThePOWER5 can be packaged in a DCM (dual chip module), with one dual core chip per
module, or an Multi-Chip Module (MCM) with 4 dual core chips per module. POWER5+,presented in 3Q 2005, packages in QCM, 2 dual core chips.
• POWER6: The POWER6 processor was released in July 2008, with the model Power
570 3.5, 4.2 and 4.5 Ghz. POWER 5+ has out-of-order execution. However, POWER6uses mostly in-order execution. An out-of-order execution core has some performance
advantages, but it takes significantly more logic to manage the execution. The extralogic consumes electrical power. Since a key objective in the design of POWER6
systems was to conserve electrical power, the decision was made to implement thecore in-order.
The potentially lower performance is offset by the significant increase of processor
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 35/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 1. Introduction to IBM Power Systems, AIX, and system 1-13
5.2
empty frequency, more than 2X higher performance than p5/p5+ systems. TPCc and other benchmarks results for POWER6 show a performance improvement
near 100%, over POWER5 systems. POWER6 introduces many new features, with the highlight being Live Partition Mobility.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 36/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
1-14 AIX installation © Copyright IBM Corp. 2009
Figure 1-8. Overview of the POWER6 servers AN121.1
Notes:
IBM often introduces new models and updates the current range of servers on a frequent
basis. For further details see the Power Systems facts and features guide:
http://www-03.ibm.com/systems/power/hardware/reports/factsfeatures.html
© Copyright IBM Corporation 2009
IBM Power Systems
Overview of the POWER6 servers
Power 520• Entry/Low end• Deskside or Rack (4U)• 1,2, or 4 CPUs• 1GB-64GB memory• Max. Storage, Internal +• Expansion I/O 132TB
Power 550• Mid-range• Deskside or Rack (4U)
• 2, 4, 6 or 8 CPUs• 1GB-256GB memory• Max. Storage, Internal +• Expansion I/O 249TB
Power 595• High-end• 42U System Frame• 8 to 64 CPUs• 16GB-4TB memory• Max. Storage, Internal +• Expansion I/O 999TB
Power 575• High Performance Computing cluster • For highly-parallel, compute-intensive
HPC workloads (up to 64 nodes percluster)
• 24” System Frame, water cooled• 32 CPUs per nodes• 32GB-256GB memory per node• Max Internal storage per node 292GB
Power 560• Mid-range• Rack (4U) building block (to 8U)• 4, 8 or 16 CPUs• 8GB-384GB memory• Max. Storage, Internal +• Expansion I/O 599TB
Power 570• Mid-range• Rack (4U) building block (to 16U)• 2, 4, 8, 16 or 32 CPUs• 1GB-768GB memory• Max. Storage, Internal +• Expansion I/O 604TB
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 37/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 1. Introduction to IBM Power Systems, AIX, and system 1-15
5.2
empty
Figure 1-9. Typical Power / AIX system layout AN121.1
Notes:
The diagram above shows a typical example of a Power server set-up configuration. The
server is split into a number of Logical Partitions (LPARs) running AIX. A Network
Installation Manager (NIM) server is highly preferable to install and update the AIX LPARsover the network. There can be a maximum of 2 HMCs connected to each system and
each system has two dedicated Ethernet ports reserved for this. It is recommended that theHMC to Service Processor communication occurs through a private network reserved for
that purpose. The HMC also must have open network connectively to the LPARs if suchfeatures as Connection Monitoring and Dynamic LPAR operations are to be achieved.
It is also preferable to have a second HMC connected for availability purposes.
Note: A failure of the HMC does not interfere in any way with the running managed system.
The service processor is a separate, independent processor that provides hardware
initialization during system load, monitoring of environmental and error events, andmaintenance support.
© Copyright IBM Corporation 2009
IBM Power Systems
Typical Power / AIX system layout
• LPAR Configuration and Control is completed through theHardware Management Console (HMC).
• The HMC connects to the Service Processors and the LPARs. – Best practice: Use a private network between the HMC and
Service Processors.
PrivateNetwork
Public/OpenNetwork
LPAR 1
LPAR 2
LPAR 3
LPAR 4
LPAR 4
Primary HMC
Secondary HMC‘Backup’
NIM Server Images
ManagedSystem
ServiceProcessors
SAN
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 38/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
1-16 AIX installation © Copyright IBM Corp. 2009
Figure 1-10. The HMC (1 of 2) AN121.1
Notes:
The HMC is an Intel based server which runs a customized version of Linux (SuSE). Its
main purpose is to configure and control up to 48 managed systems.
The HMC also collects diagnostic and error information from the LPARs and ManagedSystem and logs them as Serviceable events. If configured, the HMC can send these
reports to IBM through the Electronic Service Agent (ESA).
Note: On entry level machines such as the Power 520, if the system is to be used as anon-partitioned system an HMC is not required. An HMC is mandatory for Power 570 and
above. Power 550s and below can use Integrated Virtualization Manager (IVM) to createand control the managed system. IVM is available through the VIOS code.
© Copyright IBM Corporation 2009
IBM Power Systems
The HMC (1 of 2)
• Intel based server (desktop or rack mount) running a webbased application on a customized version of Linux
• Access is through https (GUI) and SSH (Command line)
• Collects status health information from the managedsystems
• Mandatory on Power 570s and above – Power 550’s and below can use Integrated Virtualization
Manager (IVM)
• Can be configured to call home to IBM
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 39/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 1. Introduction to IBM Power Systems, AIX, and system 1-17
5.2
empty
Figure 1-11. The HMC (2 of 2) AN121.1
Notes:
The diagram above shows the main view of a managed system – sys034. Operations such
as create, stop, shutdown LPAR can be performed from the Tasks pad or bar, or by
selecting the LPAR itself. The view is highly customizable.
The navigation area offers the main features of the HMC, such as:
• Systems plans for producing or deploying system configuration plans done during
design
• HMC Management for configuring the HMC, users, roles, network setting, and otherHMC characteristics
• Updates, for updating the HMC and Managed System firmware
This view was taken from an HMC running v7.3.3.1. Pre v7 HMCs ran WSM which was a
much different interface based on Java.
© Copyright IBM Corporation 2009
IBM Power Systems
The HMC (2 of 2)
Task
Pad
Proc &
MEM
resources
LPARs
running
AIXNavigation
area
Managed
Systems
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 40/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
1-18 AIX installation © Copyright IBM Corp. 2009
Figure 1-12. LPAR virtualization overview (1 of 2) AN121.1
Notes:
Virtualizing LPARs
The main benefits of virtualized I/O are as follows:
• Partitions can be created without requiring additional physical I/O resources. The new
partitions can be configured to use virtualized I/O resources, which allows them to beconfigured in a timely manner, since no physical reconfiguration of the system, that is,
moving adapter cards and cables, is required.
• Virtualized I/O allows an economical I/O model, since it allows multiple partitions toshare common resources. For example, multiple partitions can share a single physical
adapter. Without virtualized I/O, each partition would require its own adapter, even if thefull capacity of the adapter was not being utilized.
• The use of virtualized I/O facilitates server consolidation. It permits multiple client
partitions to reside on a single machine, and make efficient use of shared resources.
© Copyright IBM Corporation 2009
IBM Power Systems
LPAR virtualization overview (1 of 2)
• An AIX client partition can : – Be virtual, have no real devices – Use fractions of CPUs (Micro-Partitioning)
• Virtualizing LPARs has many advantages – Flexibility in allocating resources – More efficient use of system resources through sharing – Consolidation (H/W, floor space, merge production and test
environments) – Relocating partitions using Live Partition Mobility
• A key component of virtualization is the Virtual I/O Server
(VIOS) – Implemented as special customized version of AIX
– It is not AIX. It is PowerVM software! – Requires at minimum a PowerVM standard license
• Included on some high-end systems
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 41/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 1. Introduction to IBM Power Systems, AIX, and system 1-19
5.2
empty Virtual I/O Server (VIOS)
The IBM Virtual I/O Server software enables the creation of partitions that use the I/Oresources of another partition. In this way, it helps to maximize the utilization of physical
resources on POWER5 and POWER6 systems. Partitions can have dedicated I/O,virtual I/O, or both. Physical resources are assigned to the Virtual I/O Server partition in
the same way physical resources are assigned to other partitions. The virtual I/O server
then provides access to these physical resources from the virtual client LPARs.
Virtual I/O Server is a separate software product, and is included as part of the standard
PowerVM feature. It supports AIX Version 5.3, 6.1 and Linux partitions as virtual I/Oclients.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 42/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
1-20 AIX installation © Copyright IBM Corp. 2009
Figure 1-13. LPAR virtualization overview (2 of 2) AN121.1
Notes:
Virtual Ethernet Introduction
Virtual Ethernet adapters enable inter-partition communication without the need for
physical network adapters assigned to each partition. It can be used in both shared anddedicated POWER5 or POWER6 processor partitions provided the partition is running
AIX V5.3, AIX V6.1, or Linux. This technology enables IP-based communicationbetween logical partitions on the same system using a VLAN Ethernet switch (POWER
Hypervisor) in POWER5 and POWER6 processor-based managed systems.
The number of partitions possible on many systems is greater than the number of I/Oslots. Therefore, virtual Ethernet is a convenient and cost saving option to enable
partitions within a single system to communicate with one another through a virtualEthernet LAN. The virtual Ethernet interfaces may be configured with both IPv4 and
IPv6 protocols.
Virtual SCSI Introduction
© Copyright IBM Corporation 2009
IBM Power Systems
LPAR virtualization overview (2 of 2)
• The two key functions of virtualization are: – Virtual Ethernet is a standard feature of POWER5 and POWER6.
• AIX can have up to 256 virtual adapters per LPAR.• Does not require a VIOS, unless a bridged connection to the outside
world is required – Virtual SCSI is way of providing virtual disks to clients.
• The backend storage can be Internal disk (SCSI/SAS) or SANstorage.
• This is a feature of the VIOS.
• Note: There are many other virtualization features which are covered in moredepth in the LPAR & virtualization curriculum / roadmap.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 43/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 1. Introduction to IBM Power Systems, AIX, and system 1-21
5.2
empty The Virtual I/O server supports exporting disks as virtual devices. The Virtual I/O serversupports the exporting of three types of virtual SCSI disks: virtual SCSI disk backed by
a whole physical volume, virtual SCSI disk backed by a logical volume, and virtual SCSIdisk backed by a file. Regardless of whether the virtual SCSI disk is backed by a whole
physical disk, a logical volume, or a file, all standard SCSI conventional rules apply tothe device. The device will behave as a standard SCSI compliant device. The logical
volumes and files appear as real devices, hdisks, in the client partitions and can beused as a boot device. Once a virtual disk is assigned to a client partition, the Virtual I/O
Server must be available before the client partitions are able to access it.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 44/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
1-22 AIX installation © Copyright IBM Corp. 2009
Figure 1-14. Virtual I/O server overview AN121.1
Notes:
Virtual I/O Server (VIOS) description
VIOS provides virtual storage and shared Ethernet capability to client logical partitions
on the system. It allows physical adapters with attached disks and optical devices onthe VIOS to be shared by one or more client partitions.
VIOS partitions are not intended to run applications or to have general user logins.
VIOS is installed in its own partition. Using VIOS facilitates the following functions:
• Sharing of physical resources between partitions on the system
• Creation of partitions without requiring additional physical I/O resources
• Creation of more partitions than I/O slots or physical devices, by allowing partitions tohave dedicated I/O, virtual I/O, or both
• Maximization of physical resource utilization on the system
© Copyright IBM Corporation 2009
IBM Power Systems
Virtual I/O server (VIOS) overview
• The VIOS partition is allocated physical I/O slots containingreal adapters. – These are used for the virtual adapters (SCSI or Ethernet) to share
amongst the client partitions
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 45/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 1. Introduction to IBM Power Systems, AIX, and system 1-23
5.2
empty
Figure 1-15. Virtualization example AN121.1
Notes:
VLAN
A Virtual Local Area Network (VLAN) enables an ethernet switch to create sub-groups
within a single physical network where the members of different subgroups are isolatedfrom each other.
Virtual Ethernet
There are two main features of virtual Ethernet. One is the inter-partition virtual switch
to provide support for connecting up to 4096 LANs. LAN IDs are used to configurevirtual Ethernet LANs and all partitions using a particular LAN ID can communicate with
each other. The other feature is a function called Shared Ethernet Adapter that bridgesnetworks together without using TCP/IP routing. This function enables the partition to
appear to be connected directly to an external network. The main benefit of using thisfeature is that each partition need not have its own physical network adapter.
© Copyright IBM Corporation 2009
IBM Power Systems
Virtualization example
Hypervisor
Virtual
Ethernet
ent0
Physical
Ethernet
ent0
SEA
Layer 2
Bridge
ent2
Virtual I/O Server
LPAR
AIX
LPAR
Virtual
ServerAdapter
vhost0
Device
Mapping
SCSI, SAS, FC Physical Disks
or Logical Volumes
Virtual
Client
Adapter
vtscsi0
Virtual
Ethernet
ent1
Virtual
Ethernet
ent1
PhysicalNetwork
Virtual
Ethernet
Switch
vSCSI
Physical
Storage
Adapter fcs0
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 46/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
1-24 AIX installation © Copyright IBM Corp. 2009
Virtual SCSI adapters
Virtual SCSI adapters provide the ability for a client partitions to see SCSI disks whichare actually SCSI, SAS, SAN disks, or logical volumes inside the VIOS.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 47/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 1. Introduction to IBM Power Systems, AIX, and system 1-25
5.2
empty
Figure 1-16. Role of the system administrator AN121.1
Notes:
Overview
There are a number of distinct tasks which the system administrator on a UNIX or AIX
system must perform. Often there is more than one system administrator in a largeorganization and the tasks can be divided between the different administrators.
© Copyright IBM Corporation 2009
IBM Power Systems
Role of the system administrator
• Pre-installation planning of: – Partitions
– User accounts/groups – Storage allocation/paging space
– Subsystems (printing, networks, and so forth)
– Standard naming conventions
– Determine system policies
– Install and configure hardware
• Network configuration
• System Backups and disaster recovery
• Create/manage user accounts
• Define and manage subsystems• Manage system resources (for example, disk space)
• Performance monitoring
• Capacity planning
• Application license management
• Documentation - system configuration, and keep it current!
Maintain application /System uptime!
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 48/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
1-26 AIX installation © Copyright IBM Corp. 2009
Figure 1-17. Who can perform administration tasks? AN121.1
Notes:
Limiting access to administrative tasks
AIX security permissions restrict the performance of administrative tasks to the root
user, and sometimes to other users in special groups. For example, system for generaltasks, security for user administration, printq for AIX Print Subsystem printer
management, and lp for System V Print Subsystem printer management. This meansthat the root user's password must be kept secure and only divulged to the few users
who are responsible for the system. AIX6 has a new feature called Role Based Access
Control (RBAC). This allows OS management tasks to be assigned to roles and thenassigned to users. RBAC is a large security topic and hence will be covered in detail inthe AIX Security course (AU47G).
A certain amount of discipline is also required when using the root ID, because typing
errors made as root could do catastrophic system damage. For normal use of thesystem, a non-administrative user ID should be used. The superuser (root) privilege
should only be used when that authority is necessary to complete a systemadministration task.
© Copyright IBM Corporation 2009
IBM Power Systems
Who can perform administration tasks?
• The root user
– Exercise caution when logging in directly as root, especiallyremotely.
– Keep the root password secure.
• Members of special groups such as system, or roles using the new AIX6 feature: RBAC
• The su command enables you to obtain access to the root user
$ id; pwd
uid=251(alex) gid=1(staff)
/home/alex
$ su root
root's Password:
# id; pwd
uid=0(root) gid=0(system)
/home/alex
# set |grep USER
USER=alex
or
$ id; pwd
uid=251(alex) gid=1(staff)
/home/alex
$ su - rootroot's Password:
# id; pwd
uid=0(root) gid=0(system)
/
# set |grep USER
USER=root
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 49/692
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 50/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
1-28 AIX installation © Copyright IBM Corp. 2009
Figure 1-18. How can we perform administration tasks? AN121.1
Notes:
There are many ways to perform administration tasks within AIX. In reality, a combination
of tools or techniques are deployed. IBM Systems Director is more flexible than the others
in the list. It supports multiple operating systems and virtualization technologies across IBMand non-IBM platforms. It is not to be confused with Systems Director for AIX which is
based upon IBM Systems Director but runs from within AIX to managed the OS as a singleinstance.
© Copyright IBM Corporation 2009
IBM Power Systems
How can we perform administration tasks?
• Command line – UNIX system administration tasks are often done from the command line,
by executing scripts, or both• Writing and executing scripts
– Typically using Korn shell scripts (ksh is the default shell on AIX)
– Perl for more advanced users
• SMIT (smit or smitty) – Text based tool (Graphical version also available – less popular)
• System Director for AIX (pconsole) – New web based GUI in AIX6
• WebSM (wsm) – Java based GUI (Requires CDE or X11 based graphics display)
– Not a popular tool to use
• IBM Systems Director – A cross platform product for managing Power systems and AIX across a
large enterprise environment
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 51/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 1. Introduction to IBM Power Systems, AIX, and system 1-29
5.2
empty
Figure 1-19. Checkpoint AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Checkpoint
1.What is the name of the device which creates and controlsLPARs?________.
2.True or False: An AIX operating system can have no real devices. _________________________________________
3.True or False: Virtualization features provided by the VIO Servercan be used by default on any Power system.
____________________________________
4.True or False: The su command enables you to get root authorityeven if you signed on using another user ID.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 52/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
1-30 AIX installation © Copyright IBM Corp. 2009
Figure 1-20. Exercise 1 AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Exercise 1
Introduction toIBM Power Systems and
AIX
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 53/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 1. Introduction to IBM Power Systems, AIX, and system 1-31
5.2
empty
Figure 1-21. Unit summary AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Unit summary
Having completed this unit, you should be able to:
• Define terminology and concepts of IBM Power Systemservers, virtualization, HMC, and AIX
• Understand a typical set-up of a Power environment• Describe the roles of the system administrator • Obtain root access with the su command
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 54/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
1-32 AIX installation © Copyright IBM Corp. 2009
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 55/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 2. AIX system management tools 2-1
5.2
empty Unit 2. AIX system management tools
What this unit is about
This unit describes the system management tools available in AIX,
with a particular focus on SMIT and the IBM systems director console.
What you should be able to do
After completing this unit, you should be able to:
• Describe the benefits of the system management tools availablewith AIX version 6.1
• Discuss the functionality of SMIT, WebSM, and the new IBM
Systems Director Console for AIX
• Explain how system management activity is logged
• Look at how we can use IBM Systems Director Console to monitorsystem health and to run commands concurrently on multiple hosts
How you will check your progress
Accountability:
• Checkpoint
• Machine exercises
References
Online AIX Version 6.1 Systems Director Console for AIX
AIX Version 6.1 Operating System and Device
Management
Note: References listed as “Online” above are available at the
following address:
http://publib.boulder.ibm.com/infocenter/systems/index.jsp
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 56/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
2-2 AIX installation © Copyright IBM Corp. 2009
Figure 2-1. Unit objectives AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Unit objectives
After completing this unit, you should be able to:
• Describe the benefits of the system management toolsavailable with AIX version 6.1
• Discuss the functionality of SMIT, WebSM, and the new IBMSystems Director Console for AIX
• Explain how system management activity is logged
• Look at how we can use IBM Systems Director Console to
monitor system health and to run commands concurrently onmultiple hosts
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 57/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 2. AIX system management tools 2-3
5.2
empty
Figure 2-2. UNIX System administration challenges AN121.1
Notes:
UNIX Challenges
Unfortunately, the same thing that's special about UNIX is also the source of most of what's
wrong. UNIX is an operating system burdened with 30+ years worth of useful add-ons anddifferent flavors. As a consequence, the OS has an awful lot of inconsistencies and
overlapping functions. At times, this can be confusing and challenging even forexperienced users.
© Copyright IBM Corporation 2009
IBM Power Systems
UNIX system administration challenges
• Lots of commands to remember
• Complex syntax
– Prone to error!
• Flat file configuration
– Most UNIX flat files have different layouts, syntax and options
– Again prone to error, sometimes causing bad things to happen.
# crfs -v jfs -g rootvg -m /test -a size=42M efs=yes
Usage: crfs -v Vfs {-g Volumegroup | -d Device} -m
Mountpoint [-u Mountgroup] [-A {yes|no}] [-t {yes|no}] [-p
{ro|rw}] [-l Logpartitions] [-n nodename] [-a
Attribute=Value]
How do I createan encryptedfilesystem?
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 58/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
2-4 AIX installation © Copyright IBM Corp. 2009
Figure 2-3. System management objectives AN121.1
Notes:
Minimize time and resources spent managing systems
Organizations seek to minimize the time and resources spent managing systems, that is, to
manage computer systems efficiently. AIX helps with tools such as SMIT, the Web-basedSystem Manager, and AIX 6.1 Systems Director.
Maximize reliability, performance, and productivity
Organizations also wish to maximize system reliability and performance in order to
maximize the productivity of the users of computer systems. AIX helps with features, suchas the logical volume manager, that help avoid the need for the system to be brought down
for maintenance.
© Copyright IBM Corporation 2009
IBM Power Systems
System management objectives
• Minimize time and resources spent managing systems
• Maximize reliability, performance, and productivity
• Provide remote system management solutions
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 59/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 2. AIX system management tools 2-5
5.2
empty Provide remote system management solutions
Today's information technology environment also creates a need for remote systemmanagement solutions. AIX supports Web-based technology with the new AIX 6.1
Systems Director console. As a result, multiple systems can be managed from one singlepoint over the network. This can also be done with command-based programs such as
telnet, ssh, and SMIT.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 60/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
2-6 AIX installation © Copyright IBM Corp. 2009
Figure 2-4. AIX administration AN121.1
Notes:
IBM provides users on AIX with a great deal of flexibility and choice when it comes to
administering an AIX system. SMIT is a simple, but highly effective ASCII based
management tool that has been in AIX since version 3. WebSM is a Java based GUI toolwhich was introduced in AIX 5.1. Some users will be familiar with the WebSM user
interface if they have used version three to six of an HMC. IBM Systems Director console isa new attractive web based offering in AIX6.1.
Types of commands:
Commands are classified high-, medium-, or low-level:
• High-level commands: These are standard AIX commands, either shell/perl scripts, orC programs, which can also be executed by a user. They execute multiple low-level or
intermediate-level commands to perform the system administrative functions.
© Copyright IBM Corporation 2009
IBM Power Systems
AIX administration
SystemManagementInterface Tool
(smit)
High-level commands
Low-levelcommands
Intermediate-levelcommands
IBMSystems DirectorConsole for AIX
(pconsole)
Systemcalls
Kernelservices
SystemResourceController
Object DataManager
ASCIIfiles
Web-basedSystem
Manager (WebSM)
Text based Java GUI Web Interface
Designed to make Administration on AIX simple
Newin AIX6
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 61/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 2. AIX system management tools 2-7
5.2
empty • Intermediate-level commands: These commands interface with special AIXcomponents such as the System Resource Controller and the Object Data Manager.
These commands are rarely executed directly by a user.
• Low-level commands: These are AIX commands which correspond to AIX system callsor kernel services. They are not normally executed directly by a user.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 62/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
2-8 AIX installation © Copyright IBM Corp. 2009
Figure 2-5. SMIT AN121.1
Notes:
Overview of SMIT
The System Management Interface Tool (SMIT) provides a menu-driven interface that
provides access to most of the common system management functions, within oneconsistent environment.
SMIT is an interactive application that simplifies virtually every aspect of AIX system
administration. It is a user interface that constructs high-level commands from the user'sselections, and then executes these commands on-demand. Those commands could be
entered directly by the user to perform the same tasks, or put into scripts to run over, andover again.
Occasionally, a system administrator will run AIX commands or edit ASCII files directly to
complete a particular system administration task. However, SMIT does make the mostfrequent or complex/tedious tasks much easier with a greater degree of reliability.
© Copyright IBM Corporation 2009
IBM Power Systems
SMIT
• An interactive application that simplifies virtually every aspect of AIXsystem administration
• Part of AIX, available by default
• SMIT doesn't use any special hooks. Everything is based on standard AIX commands and Korn shell functions.
– You can see exactly what commands it performs either before or afterexecution.
– This is especially useful when you need to automate a repetitive task. Youcan then use these commands in your own scripts.
• Text / ASCII based by default.
– If on a graphical display, such as the Virtual Network Computing (VNC)viewer, and the DISPLAY variable is set, a Motif GUI version is displayed.
– Most users prefer the text based version called smitty
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 63/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 2. AIX system management tools 2-9
5.2
empty
Figure 2-6. SMIT main menu (text based) AN121.1
Notes:
Main menu selections
The SMIT main menu enables you to select the administrative functions to be performed.
You can also select online help on how to use SMIT.
Use of keys
In the ASCII mode, in order to select from the menus, you have to use the up and downarrow keys. This moves a highlighted bar over the menu items. Press Enter to select the
highlighted item. You can also use some of the keyboard function keys to perform otherfunctions, such as exiting SMIT or starting a shell.
Importance of TERM environment variable
When using SMIT in the ASCII mode, the menus and dialog panels sometimes come up
distorted. That is the result of not having an appropriate TERM variable value. Setting andexporting this variable can solve the problem. For example, executing the command
export TERM=vt320 might solve the problem.
© Copyright IBM Corporation 2009
IBM Power Systems
SMIT main menu (text based)
# smit
System Management
Move cursor to desired item and press Enter.
Software Installation and Maintenance
Software License Management
Devices
System Storage Management (Physical & Logical Storage)
Security & Users
Communications Applications and Services
Workload Partition Administration
Print Spooling
Advanced Accounting
Problem Determination
Performance & Resource Scheduling
System Environments
Processes & SubsystemsApplications
Installation Assistant
Cluster Systems Management
Using SMIT (information only)
F1=Help F2=Refresh F3=Cancel F8=Image
F9=Shell F10=Exit Enter=Do
System Management
Move cursor to desired item and press Enter.
Software Installation and Maintenance
Software License Management
Devices
System Storage Management (Physical & Logical Storage)
Security & Users
Communications Applications and Services
Workload Partition Administration
Print Spooling
Advanced Accounting
Problem Determination
Performance & Resource Scheduling
System Environments
Processes & Subsystems
Applications
Installation Assistant
Cluster Systems Management
Using SMIT (information only)
F1=Help F2=Refresh F3=Cancel F8=Image
F9=Shell F10=Exit Enter=Do
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 64/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
2-10 AIX installation © Copyright IBM Corp. 2009
General syntax:
smit [-options] [ FastPath ]
Invoke ASCII version:
# smitty
or
# smit –C
Log, but do not actually run, commands:
# smit -x
Redirect the log file and script file:
# smit -s /u/team1/smit.script –l /u/team1/smit.log
# smit -s /dev/pts/1 -l /dev/pts/2
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 65/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 2. AIX system management tools 2-11
5.2
empty
Figure 2-7. Dialog screen AN121.1
Notes:
Dialog screens and selector screens
A dialog screen allows you to enter values that are used in the operation performed. Some
fields are already completed from information held in the system. Usually, you can changethis data from the default values.
A selector screen is a dialog screen on which there is only one value to change. The value
usually indicates the object which is acted upon by the subsequent dialog and AIXcommand.
Entering data
To enter data, move the highlighted bar to the value you want to change. Then, either enter
a value or select one from a list. Fields that you can type in have square brackets [ ]. Fieldsthat have data that is larger than the field width, have angle brackets < >, to indicate that
there is data further to the left, right, or both sides of the display area.
© Copyright IBM Corporation 2009
IBM Power Systems
Dialog screen
Change / Show Day and Time
Type or select values in entry fields.
Press Enter AFTER making all desired changes.
[Entry Fields]
YEAR (00-99) [08] #
MONTH (01-12) [10] #
DAY (1-31) [08] #
HOUR (00-23) [11] #
MINUTES (00-59) [23] #
SECONDS (00-59) [06] #
F1=Help F2=Refresh F3=Cancel F4=List
F5=Reset F6=Command F7=Edit F8=Image
F9=Shell F10=Exit Enter=Do
Change / Show Day and Time
Type or select values in entry fields.
Press Enter AFTER making all desired changes.
[Entry Fields]
YEAR (00-99) [08] #
MONTH (01-12) [10] #
DAY (1-31) [08] #
HOUR (00-23) [11] #
MINUTES (00-59) [23] #
SECONDS (00-59) [06] #
F1=Help F2=Refresh F3=Cancel F4=List
F5=Reset F6=Command F7=Edit F8=Image
F9=Shell F10=Exit Enter=Do
# smit date
Commandpreview
Current fast path:"date"
Shell exit, very
useful to checksomething prior to
execution
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 66/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
2-12 AIX installation © Copyright IBM Corp. 2009
Special symbols
Special symbols on the screen are used to indicate how data is to be entered:
Asterisk (*): This is a required field.
Number sign (#): A numeric value is required for this field.
Forward slash (/): A pathname is required for this field.
X: A hexadecimal value is required for this field.
Question mark (?): The value entered is not displayed.
Plus sign (+): A pop-up list or ring is available.
An asterisk (*) in the leftmost column of a line indicates that the field is required. A value
must be entered here before you can commit the dialog and execute the command. In theASCII version, a plus sign (+) is used to indicate that a pop-up list or ring is available. To
access a pop-up list, use the F4 key. A ring is a special type of list. If a fixed number ofoptions are available, use the Tab key to cycle through the options.
In the Motif version, a List button is displayed. Either click the button or press <Ctrl-l> todisplay a pop-up window.
Use of particular keys
The following keys can be used while in the menus and dialog screens. Some keys are
only valid in particular screens. The keys that are only valid for the ASCII interface aremarked (A). The keys that are only valid for the Motif interface are marked (M).
F1 (or ESC-1) Help: Show contextual help information.
F2 (or ESC-2) Refresh: Redraw the display. (A)
F3 (or ESC-3) Cancel: Return to the previous screen. (A)
F4 (or ESC-4) List: Display a pop-up list of possible values. (A)
F5 (or ESC-5) Reset: Restore the original value of an entry field.
F6 (or ESC-6) Command: Show the AIX command that is executed.
F7 (or ESC-7) Edit: Edit a field in a pop-up box or select from a multi-selection pop-up list.
F8 (or ESC-8) Image: Save the current screen to a file (A) and show the
current fastpath.
F9 (or ESC-9) Shell: Start a sub-shell. (A)
F9 Reset: all fields. (M)
F10 (or ESC-0): Exit: Exit SMIT immediately. (A)
F10: Go to the command bar. (M)
F12 Exit: Exit SMIT immediately. (M)
Ctrl-l List: Give a pop-up list of possible values. (M)
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 67/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 2. AIX system management tools 2-13
5.2
empty PgDn (or Ctrl-v): Scroll down one page.
PgUp (or ESC-v): Scroll up one page.
Home (or ESC-<): Go to the top of the scrolling region.
End (or ESC->): Go to the bottom of the scrolling region.
Enter: Do the current command or select from a single-selection pop-up list.
/text: Finds the text in the output.
n: Finds the next occurrence of the text.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 68/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
2-14 AIX installation © Copyright IBM Corp. 2009
Figure 2-8. Output screen AN121.1
Notes:
Fields on first line of output
The Command field can have the following values: OK, RUNNING, and FAILED.
The value of the stdout field indicates whether there is standard output, that is, whether
there is output produced as a result of running the command. The output is displayed in thebody section of this screen.
The value of the stderr field indicates whether there are error messages. In this case, there
are no error messages.
Note that, in the Motif version of SMIT, a representation of a person in the top right-handcorner of the screen is used to indicate the values of the Command field.
Body of the screen
The body of the screen holds the output or error messages from the command. In thisexample, there is output, but there are no error messages.
© Copyright IBM Corporation 2009
IBM Power Systems
Output screen
COMMAND STATUS
Command: OK stdout: yes stderr: no
Before command completion, additional instructions may appear below.
Wed 8 Oct 11:23:06 2008
F1=Help F2=Refresh F3=Cancel F6=Command
F8=Image F9=Shell F10=Exit /=Find
n=Find Next
COMMAND STATUS
Command: OK stdout: yes stderr: no
Before command completion, additional instructions may appear below.
Wed 8 Oct 11:23:06 2008
F1=Help F2=Refresh F3=Cancel F6=Command
F8=Image F9=Shell F10=Exit /=Find
n=Find Next
Commandcompleted
successfully
Standard Outputfollowing command
execution(Stdout)
NoStandard
error
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 69/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 2. AIX system management tools 2-15
5.2
empty
Figure 2-9. SMIT log and script files AN121.1
Notes:
Overview
SMIT creates three files in the $HOME directory of the user running SMIT. If these files
already exist, then SMIT appends to them. These files can grow quite large over time,especially during installations. The user must maintain and truncate these files, when
appropriate.
The smit.log file
The smit.log file contains a record of every SMIT screen, menu, selector, and dialogvisited, the AIX commands executed, and the output from these commands. When the
image key is pressed, the screen image is placed in the smit.log file. If there are error orwarning messages, or diagnostic or debugging messages from SMIT, then these are also
appended to the smit.log file.
The smit.script file
© Copyright IBM Corporation 2009
IBM Power Systems
SMIT log and script files
• $HOME/smit.logRecords a log of all menu and dialog screens visited, all commands executed,
and their output.
Records any errors during the SMIT session.
• $HOME/smit.script
Shell script containing all AIX commands executed by SMIT
• $HOME/smit.transactionSMIT transactions log
Records date, description and command script output of the commandsexecuted
smit.log
smit.script
smit.transaction
smitCommandexecution
SMIT output will beredirected to file: /tmp/new-script. No commands will be
run.# smitty –xs /tmp/new-script
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 70/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
2-16 AIX installation © Copyright IBM Corp. 2009
The smit.script file contains the AIX commands executed by SMIT, preceded by the dateand time of execution. This file can be used directly as a shell script to perform tasks
multiple times, or it can be used as the basis for more complex operations.
The smit.transaction file
SMIT since AIX 5.2 has a relatively new file, smit.transaction. This file logs all theexecuted commands similar to smit.script. The difference being smit.script logs all
commands, while smit.transaction only logs command_to_executes, see smit.log file.
For example, the user backs up the system using smit.
smit.script file
#
# [Oct 13 2008, 20:00:19]
#
/usr/bin/mksysb '-i' '-A' /mnt/nm_sysb_13Oct08
smit.transaction file
#=--------------------------------------------
# DATE: Oct 13 2008, 20:00:19
# DESCRIPTION: Back Up the System
#=--------------------------------------------
/usr/bin/mksysb '-i' '-A' /mnt/nm_sysb_13Oct08
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 71/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 2. AIX system management tools 2-17
5.2
empty
Figure 2-10. Web-Based System Manager AN121.1
Notes:
Web-based System Manager, offers a comprehensive suite of system management tools
for the AIX operating system. Its main aim was to allow administrators with Microsoft
Windows system administration skills to easily manage an AIX operating system. However,because it is Java based it is more cumbersome to use than SMIT and apart from HMC
usage, never really grew in popularity.
Now with AIX6, users should consider using IBM Systems Director Console for AIX.
© Copyright IBM Corporation 2009
IBM Power Systems
Web-Based System Manager
• A Java based GUI, similar to SMIT in functionality
• Part of AIX (available by default), based on a client/server model• Resource intensive and more cumbersome to use than SMIT
• For AIX6, users should consider using IBM Systems Director Consolefor AIX
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 72/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
2-18 AIX installation © Copyright IBM Corp. 2009
Figure 2-11. IBM Systems Director Console for AIX AN121.1
Notes:
IBM Systems Director Console for AIX
The IBM Systems Director Console for AIX, also known as the Console, is a new
management interface that allows administrators to manage AIX 6.1 remotely through abrowser. It provides web access to common systems management tasks. The console is
included as part of AIX 6.1. The only additional component required is a web browser.
The Console is named after the IBM Systems Director because it is built on the samegraphical user interface as the IBM Systems Director. Although the Console is named after
the IBM Systems Director, it is not a prerequisite. All components necessary to run theConsole are included in AIX 6.1.
The Console also includes menu links to the Systems Management Interface Tool (SMIT),
Web-based System Manager, and Distributed Command Execution Manager (DCEM).DCEM is a new facility to securely execute SMIT operations or other commands on
multiple machines at one time. This can improve administrator efficiency by reducing theneed to log in to multiple systems to run the same systems management task.
© Copyright IBM Corporation 2009
IBM Power Systems
IBM Systems Director Console for AIX
• New web based management interface in AIX 6.1• Enables converged consoles
– Integrated solutions console – Lightweight infrastructure
• Includes links to SMIT and WebSM tasks• Requires Java v5• Installed by default
– sysmgt.pconsole.rte – sysmgt.pconsole.apps.wdcem – sysmgt.pconsole.apps.websm
– sysmgt.pconsole.apps.wrbac – sysmgt.pconsole.apps.wsmit – lwi.runtime
# lssrc -s pconsole
Subsystem Group PID Status
pconsole pconsole 737388 active
# netstat -a |grep 5336
tcp 0 0 *.5336 *.* LISTEN
# lssrc -s pconsole
Subsystem Group PID Status
pconsole pconsole 737388 active
# netstat -a |grep 5336
tcp 0 0 *.5336 *.* LISTEN
How to checkthat it is
running
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 73/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 2. AIX system management tools 2-19
5.2
empty Lightweight Infrastructure (lwi.runtime)
The Lightweight Infrastructure (LWI) is a small footprint, simple to configure, a secureinfrastructure for hosting web applications, web services, and other application related
components. The LWI is based on Open Services Gateway Initiative (OSGi) architectureand is derived from WebSphere Everyplace Deployment 6.0 (WED). The LWI is comprised
of the base OSGi/Eclipse service platform plus additional custom components and bundles
which support web applications, web services, and the building of components.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 74/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
2-20 AIX installation © Copyright IBM Corp. 2009
Figure 2-12. Console interface AN121.1
Notes:
Logging into the console
IBM Systems Director Console for AIX relies on your AIX user account for user-logon
security. If the user ID that you provide is already logged into the console, the consoleprompts you to choose between logging out from the other session or returning to the login
page. If you choose to log out from the other session, the console will not recover anyunsaved changes that were made by that user.
Use the Logout link in the console toolbar when you are finished using the console to
prevent unauthorized access. If there is no activity during the login session for an extendedperiod of time, the session expires and you must log in again to access the console. The
default session timeout period is 30 minutes.
If you encountered the login problem, please check the following items:
• No user account on the target server?
• Have the administrator create an account.
• Password expired or not set (new user account)?
© Copyright IBM Corporation 2009
IBM Power Systems
Console interface
• Web browser-based access – https://<hostname (or IP)>:5336/ibm/console (Defaults to SSL. Use 5335 for non-SSL)
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 75/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 2. AIX system management tools 2-21
5.2
empty • Log in through local terminal or telnet, and set the password.
• Already logged into console?
• Look for a warning message which gives you the option to terminate the previoussession.
You can log into the console as root, which gives you the authority to perform all tasks, or
you can delegate certain tasks to non-root users. If the only user that you want to authorizeas a console user is root, no further set up is required.
The root id has console administrator authorization, which authorizes them to launch anyconsole task. By default, console tasks are visible only to root. If you want to authorize
non-root users to perform console tasks, additional setup is required. You must authorizeeach user to access one or more tasks that appear in the console navigation area and you
must assign each user the AIX authorizations (RBAC) for the actions performed by thesetasks.
Changing port values
IBM Systems Director Console for AIX uses the http: 5335 and https: 5336 ports. If youneed to change the port numbers, modify the following properties in the
/pconsole/lwi/conf/overrides/port.properties file and then restart pconsole to change
these ports:
• com.ibm.pvc.webcontainer.port=5335
• com.ibm.pvc.webcontainer.port.secure=5336
In addition, modify /pconsole/lwi/conf/webcontainer.properties. Change all occurrences
of 5336 to the secure port you wish to use.
Console securityBy default, the IBM Systems Director Console for AIX provides a Secure Sockets Layer(SSL) certificate that enables HTTPS connections between the IBM Systems Director
Console for AIX and the Web browser client.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 76/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
2-22 AIX installation © Copyright IBM Corp. 2009
Figure 2-13. Console applications AN121.1
Notes:
Within pconsole exists a number of applications:
• OS management
This is the core of the application. Menu options are similar to SMIT but in a redesigned
new layout.
• Portlets/Modules
Are facilities within pconsole which provide system information and health details
• Classical SMIT
Very useful for those who still prefer the look and feel of traditional SMIT.
• Distributed Command Execution Manager (DCEM)
This is a graphical wrapper around an existing UNIX ‘dsh' utility. It allows commands and
scripts to be executed on multiple hosts.
© Copyright IBM Corporation 2009
IBM Power Systems
Console applications
• OS Management (new SMIT-based tasks)• Portlets/Modules
– For example, System Health
• Classical SMIT – Classic-style smit menus for those who prefer a more traditional look
and feel
• Distributed Command Execution Manager (DCEM) – Is used to execute commands on multiple systems in parallel. – Is based on the standard UNIX dsh function
• On AIX, this is part of the Cluster Systems Management (CSM) product,
csm.dsh which is installed as part of a base AIX install. – Supports groups of systems – Supports rsh and ssh authentication
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 77/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 2. AIX system management tools 2-23
5.2
empty For further information on dsh, see the AIX man page or the CSM documentation:http://publib.boulder.ibm.com/infocenter/clresctr/vxrx/index.jsp?topic=/com.ibm.cluster.csm
.doc/csm141/am7cm11052.html
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 78/692
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 79/692
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 80/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
2-26 AIX installation © Copyright IBM Corp. 2009
Figure 2-15. System health (1 of 3) AN121.1
Notes:
IBM Systems Director Console for AIX contains several portals. Each portlet refreshes after
a certain time interval to ensure the information is always consistent and up-to-date. The
example above is the system health portal. This shows detailed system and performanceinformation for the host running pconsole.
Metrics
The metrics feature of IBM Systems Director Console for AIX, provides the overall health ofthe monitored metrics for the managed server. The window provides common status
information about the memory and CPUs. The main page provides a description of themonitored metrics with separate rows for summary information on each metric. These
include the following:
• Select: Click to determine the metric displayed in the Metric Detail feature
• Metric: Displays the name of the metric being monitored
• Trend: Displays a graphic to indicate the recent changes to the metric
• Previous: Displays the prior value for the metric
• Latest: Displays the last monitored value for the metric
© Copyright IBM Corporation 2009
IBM Power Systems
System health (1 of 3)
• Portlets: System summary and Metric DetailsTime to
refresh
Refreshimmediately
Section-specific
help
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 81/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 2. AIX system management tools 2-27
5.2
empty
Figure 2-16. System health (2 of 3) AN121.1
Notes:
Summary Information
The summary feature provides the overall health status of the managed server. The
window provides common status information about the overall system, network, andpaging space configuration.
System Configuration
This expanded section displays information regarding the System p hardware and AIX
settings including such information as the model and serial number, processor type,number and speed, memory size and status, and system recovery settings, like the auto
restart setting. All these values are related to the overall health and status of the server.Some of these values may be changed in the System Environment area of the console.
Network Configuration
This expanded section displays information regarding the network settings including such
information as IP address, hostname, subnet mask, domain name, gateway, and nameserver. All these values are related to the overall health and status of the network
© Copyright IBM Corporation 2009
IBM Power Systems
System health (2 of 3)
• Configuration Information
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 82/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
2-28 AIX installation © Copyright IBM Corp. 2009
connections for the server. Some of these values may be changed in the Communicationsarea of the console.
Paging Space Configuration
This expanded section displays information regarding the operating system paging space
setting which indicates the total paging space available. This value is related to the overallhealth and status of the server. The value may be changed in the System Storage
Management area of the console.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 83/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 2. AIX system management tools 2-29
5.2
empty
Figure 2-17. System health (3 of 3) AN121.1
Notes:
Top Processes
The process feature provides a list of the running processes in a table view. The window
provides common status information about each individual process. A table describes eachprocess with separate columns to view detailed information. The table is initially sorted by
the parent ID. These columns include the following:
• Process Name displays the command that initiated the process.
• Process ID displays the ID number for the process.
• Parent ID displays the process ID number for the parent process that started theprocess.
• CPU % displays the percent of the total CPU available used by the process in the cycle
before the last refresh.
• Time displays the total CPU time the process has been running before the last refresh.
• User displays the user ID under which the process is running.
© Copyright IBM Corporation 2009
IBM Power Systems
System health (3 of 3)
• Portlets: Top Processes and File Systems
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 84/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
2-30 AIX installation © Copyright IBM Corp. 2009
File System
The file system feature provides a list of the defined file systems in a table view. Thewindow provides common status information about each individual file system. The table
describes each individual file system with separate columns to view detailed information.The table is sorted by the file system name. These columns include the file system name,
mount point, size, and free area.
• File System displays the file system name.
• Mount Point displays the current mount location for the file system.
• Size displays the size of the file system in Mbytes.
• Free Space displays the size of the free space available in the file system in Mbytes.
• Free % displays the percentage of the total space not in use.
• Page indicates the current page and total number of pages of file system information.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 85/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 2. AIX system management tools 2-31
5.2
empty
Figure 2-18. Classical SMIT AN121.1
Notes:
IBM Systems Director Console for AIX provides a web interface for classical SMIT. The
classical SMIT interface features the same menu structures and dialog panels as the ASCII
SMIT.
© Copyright IBM Corporation 2009
IBM Power Systems
Classical SMIT
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 86/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
2-32 AIX installation © Copyright IBM Corp. 2009
Figure 2-19. DCEM portlet (1 of 5) AN121.1
Notes:
DCEM allows commands and scripts to be executed on multiple hosts concurrently. It is
based on the standard UNIX dsh (distributed shell) command.
© Copyright IBM Corporation 2009
IBM Power Systems
DCEM portlet (1 of 5)
Graphical drivenUNIX dsh
functionality
L P A R :
A I X 2
L P A R :
A I X 3
L P A R :
A I X 4
L P A R :
A I X 1
Commands
dsh
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 87/692
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 88/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
2-34 AIX installation © Copyright IBM Corp. 2009
Figure 2-21. DCEM portlet (3 of 5) AN121.1
Notes:
Moving to the Target Specification tab, create a set of targets on which the command will
run, by selecting any combination of DSH hosts and groups, CSM hosts and groups, and
NIM hosts and groups.
CSM is cluster software for AIX. NIM is software on AIX which allows AIX to be installed
over a network. Both CSM and NIM hosts can be grouped together for ease ofmanagement. For these fields to be used, the IBM Systems Director Console must be
running directly on either a CSM or NIM server respectively.
Groups, CSM, and NIM are concepts beyond the scope of this course.
© Copyright IBM Corporation 2009
IBM Power Systems
DCEM portlet (3 of 5)
Specifytarget
machines.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 89/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 2. AIX system management tools 2-35
5.2
empty
Figure 2-22. DCEM portlet (4 of 5) AN121.1
Notes:
Moving to the Options Tab, specify:
• Remote shell: The default value is /usr/bin/rsh. Optionally, you can specify ssh if you
want to make the remote execution secure. Either way, the pconsole server must beable to execute commands on the remote hosts without entering a password.
Otherwise, dsh commands will fail.
• Verify targets are responding: Select this check box to verify that targets areresponding before running the command.
The following options may be used when running the command:
• Run: This option runs the command on the specified targets.
• Run and Save: This option runs the command on the specified targets and saves the
current command specification as a script.
• Save: This option saves the current command specification as a script. All information
specified in the command specification tab, targets tab, and options tab will be saved.
© Copyright IBM Corporation 2009
IBM Power Systems
DCEM portlet (4 of 5)
Defaults torsh, ssh isoptional
Confirmationthat job isrunning
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 90/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
2-36 AIX installation © Copyright IBM Corp. 2009
The Generate Script button will produce a perl command script in the /dcem/scripts directory on the pconsole server.
The submission report, will only confirm that the job is running. To see wether the job has
completed successfully, click the View Status button.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 91/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 2. AIX system management tools 2-37
5.2
empty
Figure 2-23. DCEM portlet (5 of 5) AN121.1
Notes:
After selecting view status, as shown on the previous visual, the Job Status window will
appear. In the example shown above, the DCEM job was completed successfully. To obtain
further information, click the View Report button.
© Copyright IBM Corporation 2009
IBM Power Systems
DCEM portlet (5 of 5)
Status:Completed OK
or failure!
Report output.Further host output
can be seen byselecting the links
below.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 92/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
2-38 AIX installation © Copyright IBM Corp. 2009
Figure 2-24. Console logging and tracing AN121.1
Notes:
The Systems Director Console log file are stored in XML format in the
/var/log/pconsole/logs directory.
Console Logging and Tracing
• Error log file
The system appends log messages to a single log file. A new log file is created each timeyou start Integrated Solutions Console. Logging messages are written to the file
error-log-0.xml of the /logs subdirectory of the console installation. This file is alwayslocked by the console to write log messages.
• Trace log file
The system appends traces messages to a single log file. A new trace file is created each
time you start Integrated Solutions Console. Trace messages are written to the filetrace-log-0.xml of the /logs subdirectory of the console installation. This file is always
locked by the console to write trace messages.
© Copyright IBM Corporation 2009
IBM Power Systems
Console logging and tracing
• Console Logs – Location: /var/log/pconsole/logs
• Formatted using XML – Rotated using filenames error-log-#.xml and trace-log-#.xml
• Classical SMIT logs – Location: $HOME/wsmit.log & wsmit.script
• DCEM log – Location: $HOME/dcem/logs/dcem.log
# ls /var/log/pconsole/logs
error-log-0.xml error-log-5.xml trace-log-3.xml
error-log-0.xml.lck Log_Viewer.xml trace-log-4.xml
error-log-1.xml trace-log-0.xml trace-log-5.xml
error-log-2.xml trace-log-0.xml.lck
error-log-3.xml trace-log-1.xml
error-log-4.xml trace-log-2.xml
# ls /var/log/pconsole/logs
error-log-0.xml error-log-5.xml trace-log-3.xml
error-log-0.xml.lck Log_Viewer.xml trace-log-4.xml
error-log-1.xml trace-log-0.xml trace-log-5.xml
error-log-2.xml trace-log-0.xml.lck
error-log-3.xml trace-log-1.xml
error-log-4.xml trace-log-2.xml
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 93/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 2. AIX system management tools 2-39
5.2
empty Classical SMIT logs are similar in nature to regular AIX SMIT. The letter w is prefixed to thestandard SMIT log file names, to differentiate these pconsole logs from the standard AIX
SMIT logs. There is no equivalent smit.transaction log produced through pconsole.
An example DCEM.log:
------------------------------------------------------------
Command name: UnspecifiedDefault user: root
Command definition:
export PATH=\$PATH;uname -a
Started: Tue Oct 14 17:06:34 2008
Ended: Tue Oct 14 17:06:35 2008
Successful targets:
DSH nodes: statler.lpar.co.uk
waldorf.lpar.co.uk
Failed targets:
none
Targets not run:
none
Status: Command execution completed.
-----------------------------------------------------------
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 94/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
2-40 AIX installation © Copyright IBM Corp. 2009
Figure 2-25. Checkpoint AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Checkpoint
1. List the three main system management tools available on AIX.1. ______________
2. ______________
3. ______________
2. What is the purpose of the smit.script file? _______________________________
_______________________________
3. What information can one get from looking at the
system configuration details in IBM Systems DirectorConsole? ________________________________
________________________________
________________________________
________________________________
________________________________
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 95/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 2. AIX system management tools 2-41
5.2
empty
Figure 2-26. Exercise 2 AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Exercise 2
AIX systemmanagement
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 96/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
2-42 AIX installation © Copyright IBM Corp. 2009
Figure 2-27. Unit summary AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Unit summary
Having completed this unit, you should be able to:
• Describe the benefits of the system managementtools available with AIX version 6.1
• Understand the functionality of SMIT, WebSM, andthe new IBM Systems Director Console for AIX
• Explain how system management activity is logged• Look at how we can use IBM Systems Director
Console to monitor system health and to runcommands concurrently on multiple hosts
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 97/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 3. System startup and shutdown 3-1
5.2
empty Unit 3. System startup and shutdown
What this unit is about
This unit describes how to start up and shut down the managed
system and AIX partitions.
What you should be able to do
After completing this unit, you should be able to:
• Describe the System and AIX startup process
• Activate the System and AIX partitions
• Understand the AIX startup modes
• Describe the contents of the /etc/inittab file • Understand the role of the System Resource Controller and how to
manage subsystems
• Explain how to shut down the system and AIX partitions
How you will check your progress
Accountability:
• Checkpoint
• Machine exercises
References
Online AIX Version 6.1 Operating System and Device
Management
Note: References listed as “Online” above are available at the
following address:
http://publib.boulder.ibm.com/infocenter/systems/index.jsp
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 98/692
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 99/692
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 100/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
3-4 AIX installation © Copyright IBM Corp. 2009
Level 2: Standby state
To advance to the second power on level, a power on command must be issued to themanaged system. At this point, all devices are initialized and ready to use. However, no
partitions are running yet, so their devices are not yet in use. Do not attempt to removehardware from the system at this level. The HMC will report that the managed system is
in the Standby state.
Level 3: Operating state
Once you start the first partition on the system, your managed system will be at the third
and highest power on level. The HMC will report the state of the managed system asOperating. This means it has been fully powered on, initialized, and is running at least
one partition. With the proper procedures and commands, hot-pluggable devices may
be physically removed from the partitions. Once your managed system is in theOperating state, it remains there until you issue a power off command or a system error
changes the state. If you shut down all of the partitions, but do not power off themanaged system, the HMC will still report the Operating state. However, at this point,
the system is in a state functionally equivalent to the Standby state.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 101/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 3. System startup and shutdown 3-5
5.2
empty
Figure 3-3. Managed system activation AN121.1
Notes:
Introduction
The visual above shows a managed system in the Power Off state. The HMC menu is
shown where you can choose to power on the system. This is the selected menu whenthe managed system is selected. The next visual shows you the screen that appears
after choosing Power On from the menu.
HMC command for managed system power on
The chsysstate HMC command can also be used in an SSH session to change thestate of the managed system or partitions. Specific examples of power on commands
will be shown on the following pages.
Scheduling the managed system power on
You can schedule an automatic managed system power on for a particular date andtime, and it can be scheduled to repeat. This application is found under HMC
Management > HMC Configuration > Schedule Operations.
© Copyright IBM Corporation 2009
IBM Power Systems
Managed system activation
# ssh hscroot@<hmc> chsysstate -m <ms_name> -r sys -o on
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 102/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
3-6 AIX installation © Copyright IBM Corp. 2009
Figure 3-4. Start-up modes for AIX (1 of 2) AN121.1
Notes:
System Management Services
To boot into SMS, either press the 1 key shortly after partition activation, or set the
partition to specifically SMS boot. To do this, click the Advanced button on activationand set the boot mode to SMS.
SMS is the Power System firmware menu. The code is shipped with the hardware. This
resource can be used to select the boot device, or change the order of the bootlist andboot the system into Service mode, if maintenance is required.
Service mode enables the user to run diagnostics or access the system in single-user
mode.
© Copyright IBM Corporation 2009
IBM Power Systems
Start-up modes for AIX (1 of 2)
• The two most popular start-up modes are: – SMS mode (the firmware menu)
– Normal mode
• SMS mode is used for : – Selecting the boot device, for example: Network and IPL parameters
– Booting into Service (Maintenance) mode, examples:• To fix a machine that will not boot• Recover root password
PowerPC Firmware
Version EL320_083
SMS 1.7 (c) Copyright IBM Corp. 2000,2008 All rights reserved.
----------------------------------------------------------------
Main Menu
1. Select Language
2. Setup Remote IPL (Initial Program Load)
3. Change SCSI Settings
4. Select Console
5. Select Boot Options
SMS TopLevel
Firmware
Menu
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 103/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 3. System startup and shutdown 3-7
5.2
empty
Figure 3-5. Start-up modes for AIX (2 of 2) AN121.1
Notes:
Start-up modes:
• Normal: The logical partition starts up as normal. This is the mode that you use to
perform most everyday tasks. When the machine does a normal boot, it completes thefull AIX boot sequence and start processes, enables terminals and generates a login
prompt, to make it available for multi-user access. It also activates the disks, sets upaccess to the files and directories, starts networking, and completes other machine
specific configurations.
• Diagnostic with default boot list: The logical partition boots using the default boot listthat is stored in the system firmware. This mode is normally used to boot diagnosticsfrom the CD/DVD drive. Use this boot mode to run standalone diagnostics. The
diagnostic CD is delivered with the Power H/W.
• Diagnostic with stored boot list: The logical partition performs a service mode boot
using the service mode boot list saved in NVRAM. Use this boot mode to run onlinediagnostics.
• Open Firmware OK prompt: The logical partition boots to the open firmware prompt.This option is used by service personnel to obtain additional debug information.
© Copyright IBM Corporation 2009
IBM Power Systems
Start-up modes for AIX (2 of 2)
• Normal mode
– AIX boots into multi-user mode (run level 2). – Users can log in, the system can be configured, and applications can start. – The bootlist command can set/change the start-up boot device.
• Other less common start-up modes:
– Diagnostic with default boot list• Used to run diagnostics using diagnostic CD
– Diagnostic with stored boot list• Used to run online diagnostics
– Open firmware• Open firmware prompt. Use by service/support personnel to obtain low level
debug information
# bootlist -m normal -o
hdisk0 blv=hd5
# bootlist -m normal ent0 bserver=10.47.1.33 client=10.47.1.101
# bootlist -m normal -o
hdisk0 blv=hd5
# bootlist -m normal ent0 bserver=10.47.1.33 client=10.47.1.101
Displays the currentboot device (hdisk0)
Changes the currentnormal bootlist to boot over
the network through deviceent0 to a network installserver 10.47.1.33
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 104/692
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 105/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 3. System startup and shutdown 3-9
5.2
empty
Figure 3-7. AIX partition activation (1 of 2) AN121.1
Notes:
Activating a partition
To activate a partition from the HMC Server Management application, select the
partition name and choose Activate from the menu. An Activate Logical Partitionscreen will appear from which the user can select the start-up profile.
© Copyright IBM Corporation 2009
IBM Power Systems
AIX partition activation (1 of 2)
# ssh hscroot@<hmc> chsysstate -m <ms_name> -r lpar \
-o on -n <lpar> -f <profile name> -b sms
To activateinto SMS
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 106/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
3-10 AIX installation © Copyright IBM Corp. 2009
Figure 3-8. AIX partition activation (2 of 2) AN121.1
Notes:
Activating a partition (continued)
Partitions can have one or many profiles assigned, one of which will be the default.
Profiles contain the attributes of the partition such as process and memoryrequirements, and assigned devices. At the time of starting the profile a virtual console
session can be optionally started. The Advanced button enables users to set thestart-up mode. A default start-up mode will be contained within the profile.
© Copyright IBM Corporation 2009
IBM Power Systems
AIX partition activation (2 of 2)
AIX Version 6
Copyright IBM Corporation, 1982, 2007
Console login:
AIX Version 6
Copyright IBM Corporation, 1982, 2007
Console login:
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 107/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 3. System startup and shutdown 3-11
5.2
empty
Figure 3-9. The alog command AN121.1
Notes:
Overview
The alog command is a BOS feature that provides a general-purpose logging facility
that can be used by any application or user to manage a log. The alog command readsstandard input, writes the output to standard out, and copies it to a fixed size file at the
same time.
The log file
The file is treated as a circular log. This means that when it is filled, new entries arewritten over the oldest entries. Log files used by alog are specified on the command
line or defined in the alog configuration database maintained by the ODM. Thesystem-supported log types are boot, bosinst, nim, and console.
Use in boot process
Many system administrators start the boot process, and then go and get a cup of coffee.
Unfortunately, boot messages may appear on the screen, only to be scrolled and lost,never to be seen by the user. In some instances, these messages may be important,
© Copyright IBM Corporation 2009
IBM Power Systems
alog program
/var/adm/ras/bootlog
/var/adm/ras/BosMenus.log
/var/adm/ras/bosinst.log/var/adm/ras/nimlog
/var/adm/ras/conslog
/var/adm/ras/errlog
NIM Install
Process
Boot
Process
User
Applications
To view the boot log:
Use the
alog
command
to view
logs
The alog command
# alog –o –t boot# alog –o –t boot
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 108/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
3-12 AIX installation © Copyright IBM Corp. 2009
particularly if the system did not boot properly. Fortunately, alog is used by the rc.boot
script and the configuration manager during the boot process to log important events.
To view the boot information, the command alog –o -t boot may be used. If themachine does not boot, boot the machine into maintenance mode and view the boot
log contents.
Viewing logs with SMIT
You can also use SMIT to view the different system-supported logs. Use the followingcommand:
# smit alog
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 109/692
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 110/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
3-14 AIX installation © Copyright IBM Corp. 2009
Format of entries
The individual line entries in /etc/inittab contain the following fields:
• Id: Up to 14 characters that identify the process.
• Runlevel: Defines the run levels for which the process is valid. AIX uses run levels of
0-9. If the telinit command is used to change the run level, a SIGTERM signal is sent to
all processes that are not defined for the new run level. If, after 20 seconds, a processhas not terminated, a SIGKILL signal is sent. The default run level for the system is 2,which is AIX multiuser mode.
• Action: How to treat the process. Valid actions are:
- respawn: If the process does not exist, start it. If the process dies then restart it.
- wait: Start the process and wait for it to finish before reading the next line.
- once: Start the process and immediately read the next line. Do not restart it if it
stops.
- sysinit: Commands to be run before trying to access the console - off: Do not run the command.
- Command. Use the AIX command to run to start the process.
Run levels
AIX uses a default run level of 2. This is the normal multi-user mode. You may want to
perform maintenance on your system without having other users logged in. Thecommand shutdown -m places your machine into a single user mode terminating all
logins. Once the machine reaches the single user mode, you are prompted to enter the
root password. When you are ready to return to normal mode, type telinit 2.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 111/692
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 112/692
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 113/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 3. System startup and shutdown 3-17
5.2
empty
Figure 3-12. Directory and script control AN121.1
Notes:
Run level control scripts
Run level scripts enable system administrators to start and stop selected applications
and services, or perform tasks during system start-up, shutdown or during run levelchange. Run level scripts need to be created in the subdirectory of /etc/rc.d that is
specific to the run level. Scripts beginning with K are stop scripts, while scriptsbeginning with S are start scripts.
© Copyright IBM Corporation 2009
IBM Power Systems
Directory and script control
/etc/rc.d # ls –R
init.d rc rc2.d rc3.d rc4.d rc5.d rc6.d rc7.d rc8.d rc9.d
./init.d:
./rc2.d:
Ksshd Kwpars Ssshd
./rc3.d:
./rc4.d:
./rc5.d:
./rc6.d:
./rc7.d:
./rc8.d:
./rc9.d:
/etc/rc.d # ls –R
init.d rc rc2.d rc3.d rc4.d rc5.d rc6.d rc7.d rc8.d rc9.d
./init.d:
./rc2.d:
Ksshd Kwpars Ssshd
./rc3.d:
./rc4.d:
./rc5.d:
./rc6.d:
./rc7.d:
./rc8.d:
./rc9.d:
Scripts starting withS are invoked at
boot time by /etc/rc.d/rc
Scripts starting with K areinvoked synchronously by
shutdown with one argument:'stop'. They are also called on
start-up prior to invoking the startscripts.
• Start-up and stops scripts can be defined for each run levelwhich are automatically invoked at entry and exit.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 114/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
3-18 AIX installation © Copyright IBM Corp. 2009
Figure 3-13. System resource controller AN121.1
Notes:
Purpose of the System Resource Controller
The System Resource Controller (SRC) provides a set of commands to make it easier
for the administrator to control subsystems. A subsystem is a daemon, or server, that iscontrolled by the SRC. A subserver is a daemon that is controlled by a subsystem.
Daemon commands and daemon names are usually denoted by a d at the end of thename. For example, inetd is a subsystem and can be controlled through SRC
commands. rlogind is a subserver which is started by the inetd subsystem as shown in
the visual.
© Copyright IBM Corporation 2009
IBM Power Systems
System resource controller
• Provides a single interface to control subsystems
• Controls individual subsystems or groups of subsystems
# ps -ef |grep src
UID PID PPID C STIME TTY TIME CMD
root 172178 1 0 18 Sep - 0:00 /usr/sbin/srcmstr
# ps -T 172178
PID TTY TIME CMD
172178 - 0:00 srcmstr
151672 - 0:01 |\--syslogd
163968 - 0:00 |\--inetd
303160 - 0:00 | \--rlogind
512170 pts/0 0:00 | \--ksh
463024 pts/0 0:00 | \--ps
168088 - 0:00 |\--portmap180418 - 0:00 |\--IBM.ServiceRMd
188650 - 1:24 |\--rmcd
200856 - 3:47 |\--clstrmgr
204904 - 0:00 |\--tftpd
176288 - 0:00 | \--tftpd
213102 - 0:00 |\--sshd
221334 - 0:00 |\--snmpdv3ne
254124 - 0:00 |\--IBM.DRMd
262276 - 0:59 |\--IBM.CSMAgentRMd
417800 - 0:00 \--ctcasd
# ps -ef |grep src
UID PID PPID C STIME TTY TIME CMD
root 172178 1 0 18 Sep - 0:00 /usr/sbin/srcmstr
# ps -T 172178
PID TTY TIME CMD
172178 - 0:00 srcmstr
151672 - 0:01 |\--syslogd
163968 - 0:00 |\--inetd
303160 - 0:00 | \--rlogind
512170 pts/0 0:00 | \--ksh
463024 pts/0 0:00 | \--ps
168088 - 0:00 |\--portmap180418 - 0:00 |\--IBM.ServiceRMd
188650 - 1:24 |\--rmcd
200856 - 3:47 |\--clstrmgr
204904 - 0:00 |\--tftpd
176288 - 0:00 | \--tftpd
213102 - 0:00 |\--sshd
221334 - 0:00 |\--snmpdv3ne
254124 - 0:00 |\--IBM.DRMd
262276 - 0:59 |\--IBM.CSMAgentRMd
417800 - 0:00 \--ctcasd
SRCMaster
process
ParentPID = init
Subsystem
Subserver
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 115/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 3. System startup and shutdown 3-19
5.2
empty
Figure 3-14. Listing subsystems AN121.1
Notes:
Introduction
In this section, we discuss some examples of SRC commands.
Listing SRC status
The lssrc command is used to show the status of the SRC subsystems. In the example
shown on the visual, we are checking the status of all subsystems using the -a flag andthe TCP/IP group using the -g flag.
Specifying a subsystem or subsystem groupThe -s and -g flags are used to specify subsystems or subsystem groups, respectively.
© Copyright IBM Corporation 2009
IBM Power Systems
Listing subsystems
• The lssrc command is used to list subsystems
# lssrc -a
Subsystem Group PID Status
syslogd ras 151672 active
portmap portmap 168088 active
inetd tcpip 163968 active
tftpd tcpip 204904 active
sshd ssh 213102 active
ctrmc rsct 188650 active
snmpd tcpip 221334 active
clcomdES clcomdES 225414 active
clstrmgrES cluster 200856 active
ctcas rsct 417800 active
qdaemon spooler inoperative
writesrv spooler inoperative
lpd spooler inoperative
…. Removed for clarity …..
# lssrc –g tcpip |grep activeSubsystem Group PID Status
inetd tcpip 163968 active
tftpd tcpip 204904 active
snmpd tcpip 221334 active
# lssrc -a
Subsystem Group PID Status
syslogd ras 151672 active
portmap portmap 168088 active
inetd tcpip 163968 active
tftpd tcpip 204904 active
sshd ssh 213102 active
ctrmc rsct 188650 active
snmpd tcpip 221334 active
clcomdES clcomdES 225414 active
clstrmgrES cluster 200856 active
ctcas rsct 417800 active
qdaemon spooler inoperative
writesrv spooler inoperative
lpd spooler inoperative
…. Removed for clarity …..
# lssrc –g tcpip |grep activeSubsystem Group PID Status
inetd tcpip 163968 active
tftpd tcpip 204904 active
snmpd tcpip 221334 active
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 116/692
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 117/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 3. System startup and shutdown 3-21
5.2
empty
Figure 3-16. AIX partition shutdown (1 of 2) AN121.1
Notes:
Introduction
The SMIT shutdown fastpath or the shutdown command is used to shut the system
down cleanly. If used with no options, shutdown displays a message on all enabledterminals (using the wall command), then (after one minute) disables all terminals, kills
all processes on the system, syncs the disks, unmounts all file systems, and then haltsthe system.
Some commonly used options
You can also use shutdown with the -F option for a fast immediate shutdown (no
warning), -r to reboot after the shutdown or -m to bring the system down intomaintenance mode. The -k flag specifies a “pretend” shutdown. It appears to all users
that the machine is about to shut down, but no shutdown actually occurs.
Shutting down to single-user mode
Use the following command to shut down the system to single-user mode: # shutdown-m
© Copyright IBM Corporation 2009
IBM Power Systems
AIX partition shutdown (1 of 2)
• The shutdown command, by default
– Gracefully stops all activity on the system – Warns users of an impending shutdown
# shutdown -Fr
SHUTDOWN PROGRAM
Thu 9 Oct 20:15:49 2008
0513-044 The sshd Subsystem was requested to stop.
Wait for 'Rebooting...' before stopping.
Oct 9 2008 20:15:50 /usr/es/sbin/cluster/utilities/clstop: called with
flags -f -y -s -N -S
0513-004 The Subsystem or Group, clinfoES, is currently inoperative.
Error logging stopped...
Advanced Accounting has stopped...
Process accounting stopped...
Stopping NFS/NIS Daemons
Connection closed.
# shutdown -Fr
SHUTDOWN PROGRAM
Thu 9 Oct 20:15:49 2008
0513-044 The sshd Subsystem was requested to stop.
Wait for 'Rebooting...' before stopping.
Oct 9 2008 20:15:50 /usr/es/sbin/cluster/utilities/clstop: called with
flags -f -y -s -N -S
0513-004 The Subsystem or Group, clinfoES, is currently inoperative.
Error logging stopped...Advanced Accounting has stopped...
Process accounting stopped...
Stopping NFS/NIS Daemons
Connection closed.
Do a fast shutdown,bypassing the
messages to users,and reboot the system.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 118/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
3-22 AIX installation © Copyright IBM Corp. 2009
Creating a customized shutdown sequence
If you need a customized shutdown sequence, you can create a file called
/etc/rc.shutdown. If this file exists, it is called by the shutdown command and is
executed first, “that is, before normal shutdown processing begins”. This is useful if, forexample, you need to close a database prior to a shutdown. If rc.shutdown fails
(non-zero return code value), the shutdown is terminated.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 119/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 3. System startup and shutdown 3-23
5.2
empty
Figure 3-17. AIX partition shutdown (2 of 2) AN121.1
Notes:
From the HMC, the following shutdown options are supported. Generally, best practice is to
shutdown AIX from within the partition.
• Delayed: The HMC shuts down the logical partition using the delayed power-offsequence. This allows the logical partition time to end jobs and write data to disks. If the
logical partition is unable to shut down within the predetermined amount of time, it willend abnormally and the next restart may be longer than normal.
• Immediate: The HMC shuts down the logical partition immediately. The HMC ends all
active jobs immediately. The programs running in those jobs are not allowed to performany job cleanup. This option might cause undesirable results if data has been partially
updated. Use this option only after a controlled shutdown has been unsuccessfullyattempted.
• Operating System: The HMC shuts down the logical partition normally by issuing a
shutdown command to the logical partition. During this operation, the logical partitionperforms any necessary shutdown activities. This option is only available for AIX logical
partitions.
© Copyright IBM Corporation 2009
IBM Power Systems
AIX partition shutdown (2 of 2)
• AIX shutdown can also be initiated from the HMC.
Do a fastshutdown,
shutdown -F
# ssh hscroot@<hmc> chsysstate -o osshutdown
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 120/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
3-24 AIX installation © Copyright IBM Corp. 2009
• Operating System Immediate: The HMC shuts down the logical partition immediatelyby issuing a shutdown -F command to the logical partition. During this operation, the
logical partition bypasses messages to other users and other shutdown activities. Thisoption is only available for AIX logical partitions.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 121/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 3. System startup and shutdown 3-25
5.2
empty
Figure 3-18. Managed system shutdown AN121.1
Notes:
Power down partitions first
Before you power off the managed system, you must first shut down the operating systems
in each of the running partitions. Otherwise, they will terminate abnormally which may leadto file system corruption.
After selecting the Power Off item from the Managed System's Operations task menu, you
must choose between the Normal power off procedure and the Fast power off procedure.
• Normal power off: The system ends all active tasks in a controlled manner. During thattime, the service processor and the POWER Hypervisor are allowed to perform cleanup
(end-of-job-processing).
• Fast power-off: The system ends all active tasks immediately. The programs running inthe service processor and the POWER Hypervisor are not allowed to perform any
cleanup.
© Copyright IBM Corporation 2009
IBM Power Systems
Managed system shutdown
• Ensure all partitions have been shutdown first!
# ssh hscroot@<hmc> chsysstate -m <ms_name> -r sys -o off
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 122/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
3-26 AIX installation © Copyright IBM Corp. 2009
Figure 3-19. Checkpoint AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Checkpoint
1. What is the first process that is created on the system
and which file does it reference to initiate all the otherprocesses that have to be started? ____________________________________________ ____________________________________________
2. Which AIX feature can be used to stop and startsubsystems and groups of daemons ?
____________________________________________
3. True or False: You can only execute the shutdowncommand from the console.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 123/692
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 124/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
3-28 AIX installation © Copyright IBM Corp. 2009
Figure 3-21. Unit summary AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Unit summary
Having completed this unit, you should be able to:
• Describe the System and AIX startup process
• Activate the System and AIX partitions
• Understand the AIX startup modes
• Describe the contents of the /etc/inittab file
• Understand the role of the System Resource Controllerand how to manage subsystems
• Explain how to shut down the system and AIX partitions
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 125/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 4. AIX installation 4-1
5.2
empty Unit 4. AIX installation
What this unit is about
This unit describes the process of installing the AIX 6.1 operating
system.
What you should be able to do
After completing this unit, you should be able to:
• List the installation methods for AIX 6
• List the steps necessary to install the AIX version 6.1 baseoperating system
• Install and understand all the options when installing AIX 6.1 from
optical media
• Carry out post installation tasks
How you will check your progress
Accountability:
• Checkpoint
• Machine exercises
References
Online AIX Version 6.1 Installation and migration
SG25-7559 IBM AIX Version 6.1 Difference Guide (redbook)
SC23-6629 AIX Version 6.1 Release Notes
SC23-6630 AIX Version 6.1 Expansion Pack Release Notes
Note: References listed as “Online” above are available at the
following address:http://publib.boulder.ibm.com/infocenter/systems/index.jsp
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 126/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
4-2 AIX installation © Copyright IBM Corp. 2009
Figure 4-1. Unit objectives AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Unit objectives
After completing this unit, you should be able to:
• List the installation methods for AIX 6
• List the steps necessary to install the AIX version 6.1 baseoperating system
• Install and understand all the options when installing AIX 6.1from optical media
• Execute a network boot to use a configured NIM server
• Carry out post installation tasks
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 127/692
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 128/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
4-4 AIX installation © Copyright IBM Corp. 2009
Figure 4-3. AIX installation in a partition (DVD or CD) AN121.1
Notes:
To install AIX into a partition, the partition and profile must first be created through the
HMC. The partition must have access to a device slot which contains the optical media
drawer. If a virtualized environment is to be deployed, then the VIOS partition will probablyown the optical device. In that case, it is still possible to make this CD available to a
partition as a virtual optical SCSI device. In VIOS version 1.5, a new feature was addedwhich allows a media ISO image to be allocated to multiple partitions, through the
file-backed virtual optical device feature.
To install AIX from the optical drive, either boot into SMS mode and choose to boot from theoptical media device, or start the partition with the “Diagnostic with default boot list”. Thenfollow and interact with the menus.
© Copyright IBM Corporation 2009
IBM Power Systems
AIX installation in a partition (DVD or CD)
• Steps: Assume a partition and partition profile has already been created.1. Place the AIX DVD or CD in the drive.2. Activate the partition to SMS and open terminal window.3. Select boot device using SMS menus in the terminal window.4. Interact with the AIX install menus.
• Note, the partition must either: – Have PCI slot which controls a drive which will read CD-ROMsOR
– Be allocated a CD-ROM device though a VIOS server (as avirtual optical SCSI device)
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 129/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 4. AIX installation 4-5
5.2
empty
Figure 4-4. Installing AIX from CD/DVD (1 of 2) AN121.1
Notes:
When SMS starts, choose option 5, followed by the boot device (in this case CD/DVD). The
system will then display all devices of this type. In the visual, there is only one such device.
Select this device number and then press Enter.
© Copyright IBM Corporation 2009
IBM Power Systems
Select Media Type
9. List All Devices
Select Media Type
9. List All Devices
Select Device Type3. CD/DVD
Select Device Type
3. CD/DVD
Multiboot
1. Select Install/Boot Device
Multiboot
1. Select Install/Boot Device
Installing AIX from CD/DVD (1 of 2)
• Boot partition into SMS mode and select CD/DVD.
PowerPC Firmware
Version SF240_338
SMS 1.6 (c) Copyright IBM Corp. 2000,2005 All rights reserved.
-------------------------------------------------------------------------------
Main Menu
1. Select Language
2. Setup Remote IPL (Initial Program Load) #then select the adapter & IP Parameters
3. Change SCSI Settings
4. Select Console
5. Select Boot Options
PowerPC FirmwareVersion SF240_338
SMS 1.6 (c) Copyright IBM Corp. 2000,2005 All rights reserved.
-------------------------------------------------------------------------------
Main Menu
1. Select Language
2. Setup Remote IPL (Initial Program Load) #then select the adapter & IP Parameters
3. Change SCSI Settings
4. Select Console
5. Select Boot Options
Select Device
Device Current Device
Number Position Name
1. - SCSI CD-ROM
( loc=U8204.E8A.65BF831-V11-C11-T1-W8200000000000000-L0 )
Select Device
Device Current Device
Number Position Name
1. - SCSI CD-ROM
( loc=U8204.E8A.65BF831-V11-C11-T1-W8200000000000000-L0 )
Select theCD/DVD drivefrom the list.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 130/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
4-6 AIX installation © Copyright IBM Corp. 2009
Figure 4-5. Installing AIX from CD/DVD (2 of 2) AN121.1
Notes:
Once the optical media device is selected, we need to perform a normal boot and exit SMS
as shown in the visual. The partition will then proceed and boot from the optical media
drive. The first interactive step is to type <1>, and then press Enter to use the terminal asthe system console.
© Copyright IBM Corporation 2009
IBM Power Systems
Installing AIX from CD/DVD (2 of 2)
• The system will now boot from the CD/DVD.
Select Task
SCSI CD-ROM( loc=U8204.E8A.65BF831-V11-C11-T1-W8200000000000000-L0 )
1. Information
2. Normal Mode Boot
3. Service Mode Boot
Select Task
SCSI CD-ROM
( loc=U8204.E8A.65BF831-V11-C11-T1-W8200000000000000-L0 )
1. Information
2. Normal Mode Boot
3. Service Mode Boot
******* Please define the System Console. *******
Type a 1 and press Enter to use this terminal as the
system console.
>>> 1 Type 1 and press Enter to have English during install.
******* Please define the System Console. *******
Type a 1 and press Enter to use this terminal as the
system console.
>>> 1 Type 1 and press Enter to have English during install.
Are you sure you want to exit System Management Services?
1. Yes
2. No
Are you sure you want to exit System Management Services?
1. Yes
2. No
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 131/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 4. AIX installation 4-7
5.2
empty
Figure 4-6. Installation and Maintenance AN121.1
Notes:
If option 1 is selected, a default system installation will occur. However, in most cases you
may want to see and change the default settings. To do this, type a <2> and press Enter.
Select 88 to display help on this or any subsequent installation screen.
© Copyright IBM Corporation 2009
IBM Power Systems
Installation and Maintenance
• Main Installation and Maintenance menu
• Best practice, always look first at the install options (2)
Welcome to Base Operating System
Installation and Maintenance
Type the number of your choice and press Enter. Choice is indicated by >>>.
>>> 1 Start Install Now with Default Settings
2 Change/Show Installation Settings and Install
3 Start Maintenance Mode for System Recovery
4 Configure Network Disks (iSCSI)
88 Help ?
99 Previous Menu
>>> Choice [1]: 2
Welcome to Base Operating System
Installation and Maintenance
Type the number of your choice and press Enter. Choice is indicated by >>>.
>>> 1 Start Install Now with Default Settings
2 Change/Show Installation Settings and Install
3 Start Maintenance Mode for System Recovery
4 Configure Network Disks (iSCSI)
88 Help ?
99 Previous Menu
>>> Choice [1]: 2
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 132/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
4-8 AIX installation © Copyright IBM Corp. 2009
Figure 4-7. Installation and Settings AN121.1
Notes:
The installation and Settings menu enables you to set the key options and configuration
settings to be deployed during installation.
© Copyright IBM Corporation 2009
IBM Power Systems
Installation and Settings
• Installation and Settings menu
• Let's explore each option in more detail.
Installation and Settings
Either type 0 and press Enter to install with current settings, or type the
number of the setting you want to change and press Enter.
1 System Settings:
Method of Installation.............New and Complete Overwrite
Disk Where You Want to Install.....hdisk0
2 Primary Language Environment Settings (AFTER Install):
Cultural Convention................English (United States)
Language ..........................English (United States)
Keyboard ..........................English (United States)
Keyboard Type......................Default
3 Security Model.......................Default
4 More Options (Software install options)
>>> 0 Install with the current settings listed above.
+-----------------------------------------------------
88 Help ? | WARNING: Base Operating System Installation will
99 Previous Menu | destroy or impair recovery of ALL data on the
| destination disk hdisk0.
>>> Choice [0]:
Installation and Settings
Either type 0 and press Enter to install with current settings, or type the
number of the setting you want to change and press Enter.
1 System Settings:
Method of Installation.............New and Complete Overwrite
Disk Where You Want to Install.....hdisk0
2 Primary Language Environment Settings (AFTER Install):
Cultural Convention................English (United States)
Language ..........................English (United States)
Keyboard ..........................English (United States)
Keyboard Type......................Default
3 Security Model.......................Default
4 More Options (Software install options)
>>> 0 Install with the current settings listed above.
+-----------------------------------------------------
88 Help ? | WARNING: Base Operating System Installation will
99 Previous Menu | destroy or impair recovery of ALL data on the
| destination disk hdisk0.
>>> Choice [0]:
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 133/692
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 134/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
4-10 AIX installation © Copyright IBM Corp. 2009
user-created file systems. System configuration has to be done after doing apreservation installation.
Migration Install
Use the Migration Install method to upgrade an AIX 5L to an AIX 6 or later version,
while preserving the existing root volume group. This method preserves all file systemsexcept /tmp, as well as the logical volumes and system configuration files. Obsolete or
selective fix files are removed.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 135/692
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 136/692
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 137/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 4. AIX installation 4-13
5.2
empty
Figure 4-11. Security Models AN121.1
Notes:
Type <1> and press Enter to change the selection for Trusted AIX. Trusted AIX enables
Multi Level Security (MLS) capabilities in AIX MLS is also referred to as label-based
security.
As compared to regular AIX, Trusted AIX label-based security implements labels for all
subjects and objects in the system. Access controls in the system are based on labels thatprovide for an MLS environment and include support for the following:
• Labeled objects: Files, IPC objects, network packets, and other labeled objects
• Labeled printers
• Trusted Network: Support for RIPSO and CIPSO in IPv4 and IPv6
Note that once you choose this mode of installation, you will not be able to go back to a
regular AIX environment without performing an overwrite install of regular AIX. Evaluateyour need for a Trusted AIX environment before choosing this mode of install.
© Copyright IBM Corporation 2009
IBM Power Systems
Security Models
• These settings are beyond the scope of this class. They arecovered in IBM training course: AIX Security (AU47G).
• Security models are all set to NO by default.
Security Models
Type the number of your choice and press Enter.
1. Trusted AIX............................................. No
2. Other Security Options (Trusted AIX and Standard)
Security options vary based on choices.
LSPP, SbD, CAP/CCEVAL, TCB
>>> 0 Continue to more software options.
88 Help ?
99 Previous Menu
>>> Choice [0]:
Security Models
Type the number of your choice and press Enter.
1. Trusted AIX............................................. No
2. Other Security Options (Trusted AIX and Standard)
Security options vary based on choices.
LSPP, SbD, CAP/CCEVAL, TCB
>>> 0 Continue to more software options.
88 Help ?
99 Previous Menu
>>> Choice [0]:
1. Secure by Default....................................... No
2. CAPP and EAL4+ Configuration Install.................... No
3. Trusted Computing Base Install.......................... No
1. Secure by Default....................................... No
2. CAPP and EAL4+ Configuration Install.................... No
3. Trusted Computing Base Install.......................... No
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 138/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
4-14 AIX installation © Copyright IBM Corp. 2009
Do not forget standard AIX provides a set of security features to enable informationmanagers and administrators to provide a basic level of system and network security. The
primary AIX security features include the following:
• Login and password controlled system and network access
• User, group, and world file access permissions
• Access control lists (ACLs)• Audit subsystem
• Role Based Access Control (RBAC)
Trusted AIX builds upon these primary AIX operating system security features to further
enhance and extend AIX security into the networking subsystems.
Type <2> and press Enter to continue to other security options. For Trusted AIX, the choicewill be LSPP/EAL4+ configuration. For standard AIX, the choices will be Secure by Default,
CAPP/EAL4+, and Trusted Computing Base.
ATTENTION: Evaluate your need for any security options before making your choice.Additional information is available in your security documentation.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 139/692
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 140/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
4-16 AIX installation © Copyright IBM Corp. 2009
Figure 4-13. Install summary and installation AN121.1
Notes:
Prior to installation, a summary page is displayed. If you are ready to proceed with your
options, select 1 to continue and the system installation will begin. It takes approximately
one hour to build the partition from DVD or CD media.
© Copyright IBM Corporation 2009
IBM Power Systems
Install summary and installation
Overwrite Installation Summary
Disks: hdisk0
Cultural Convention: en_GBLanguage: en_US
Keyboard: en_GB
JFS2 File Systems Created: Yes
Graphics Software: Yes
System Management Client Software: Yes
Enable System Backups to install any system: Yes
Optional Software being installed:
>>> 1 Continue with Install
+-----------------------------------------------------
88 Help ? | WARNING: Base Operating System Installation will
99 Previous Menu | destroy or impair recovery of ALL data on the
| destination disk hdisk0.
>>> Choice [1]:
Overwrite Installation Summary
Disks: hdisk0
Cultural Convention: en_GB
Language: en_USKeyboard: en_GB
JFS2 File Systems Created: Yes
Graphics Software: Yes
System Management Client Software: Yes
Enable System Backups to install any system: Yes
Optional Software being installed:
>>> 1 Continue with Install
+-----------------------------------------------------
88 Help ? | WARNING: Base Operating System Installation will
99 Previous Menu | destroy or impair recovery of ALL data on the
| destination disk hdisk0.
>>> Choice [1]:
Installing Base Operating System
Please wait...
Approximate Elapsed time
% tasks complete (in minutes)
3 0 Making logical volumes
Installing Base Operating System
Please wait...
Approximate Elapsed time
% tasks complete (in minutes)
3 0 Making logical volumes
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 141/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 4. AIX installation 4-17
5.2
empty
Figure 4-14. Accept License Agreements AN121.1
Notes:
When AIX installation is complete, the end user has to accept both Software and
Maintenance License agreements, as shown in the visual.
© Copyright IBM Corporation 2009
IBM Power Systems
Accept License Agreements
Software License Agreements
Show Installed License Agreements
Accept License Agreements
Software License Agreements
Show Installed License Agreements
Accept License Agreements
Accept License Agreements
Type or select values in entry fields.
Press Enter AFTER making all desired changes.
[Entry Fields]
ACCEPT Installed License Agreements yes +
Accept License Agreements
Type or select values in entry fields.
Press Enter AFTER making all desired changes.
[Entry Fields]
ACCEPT Installed License Agreements yes +
Software Maintenance Agreement
View Software Maintenance Terms and Conditions
Accept Software Maintenance Terms and Conditions
Software Maintenance Agreement
View Software Maintenance Terms and Conditions
Accept Software Maintenance Terms and Conditions
Accept Software Maintenance Terms and Conditions
Type or select values in entry fields.
Press Enter AFTER making all desired changes.
[Entry Fields]
ACCEPT Software Maintenance Agreements? yes +
Accept Software Maintenance Terms and Conditions
Type or select values in entry fields.
Press Enter AFTER making all desired changes.
[Entry Fields]
ACCEPT Software Maintenance Agreements? yes +
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 142/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
4-18 AIX installation © Copyright IBM Corp. 2009
Figure 4-15. AIX installation: Post steps AN121.1
Notes:
The installation is not finished until you complete the post setup in the operating system.
Once AIX has installed, the system will reboot. Several post installation steps are required.
Firstly, you have to accept both the software and maintenance license agreements. Finally,the installation assistant will start. Although optional, it is recommended that you use the
installation assistant at a minimum to set the root password, date, and time, and configurethe network parameters accordingly.
One AIX is installed, you should update it to the latest technology level and service pack.
These can be downloaded from fix central: http://www.ibm.com/support/fixcentral
© Copyright IBM Corporation 2009
IBM Power Systems
AIX installation: Post steps
• Post-install tasks:
– Accept the license agreement. – Optional. Using the installation assistant:
• Set root password• Set date and time• Configure network
– Exit from installation assistant – Update for the operating system to the latest TL and SP level
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 143/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 4. AIX installation 4-19
5.2
empty
Figure 4-16. Installation assistant and login AN121.1
Notes:
After the license agreements have been accepted, the installation assistant (ASCII
console) or configuration assistant (Graphical console) will be displayed. The install
assistant is similar to a mini version of SMIT. As mentioned earlier in the UNIT, it isrecommended that one uses the installation assistant at a minimum to set the root
password, date, and time and to configure the network parameters accordingly. Anotherapproach, would be to exit the installation assistant immediately and use smit, command
line, or scripts to configure the system.
The installation assistance can be invoked at any time using the install_assist command. On a graphical console, either the install_assist or configassist commands can be used to launch the configuration assistant.
© Copyright IBM Corporation 2009
IBM Power Systems
Installation assistant and login
Installation Assistant
Move cursor to desired item and press Enter.
Set Date and Time
Set root Password
Configure Network Communications
Install Software Applications
Using SMIT (information only)
Tasks Completed - Exit to Login
Installation Assistant
Move cursor to desired item and press Enter.
Set Date and TimeSet root Password
Configure Network Communications
Install Software Applications
Using SMIT (information only)
Tasks Completed - Exit to Login
AIX Version 6
Copyright IBM Corporation, 1982, 2008.
Console login: root
******************************************************************************** *
* *
* Welcome to AIX Version 6.1! *
* *
* *
* Please see the README file in /usr/lpp/bos for information pertinent to *
* this release of the AIX Operating System. *
* *
* *
*******************************************************************************
#
AIX Version 6
Copyright IBM Corporation, 1982, 2008.
Console login: root
******************************************************************************** *
* *
* Welcome to AIX Version 6.1! *
* *
* *
* Please see the README file in /usr/lpp/bos for information pertinent to *
* this release of the AIX Operating System. *
* *
* *
*******************************************************************************
#
Note: No root passwordis set by default, if it is
not set using the
Installation Assistantabove.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 144/692
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 145/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 4. AIX installation 4-21
5.2
empty NIM Resources
All operations on clients in the NIM environment require one or more resources. At aminimum, in order to perform a BOS installation on a client there must be two resources
defined:
• SPOT includes everything that a client machine requires in a /usr file system, such asthe AIX kernel, executable commands, libraries, and applications. The SPOT is
created, controlled, and maintained from the master, even though the SPOT can belocated on another system.
• An lpp_source resource represents a directory in which software installation imagesare stored. NIM uses an lpp_source for an installation operation by first mounting the
lpp_source on the client machine. The installp commands are then started on the
client using the mounted lpp_source as the source for installation images. When theinstallation operation has completed, NIM automatically unmounts the resource. In
addition to providing images to install machines, lpp_source resources can also beused to create and update SPOT resources.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 146/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
4-22 AIX installation © Copyright IBM Corp. 2009
Figure 4-18. AIX installation in a partition using NIM: Configuration steps AN121.1
Notes:
To install a partition from a NIM server, you will need to create the partition and partition
profile, for the partition where AIX will be installed. You would complete this step if you were
installing from optical media, except that you would not have to allocate the slot for the CDor DVD device. The partition will need to be activated in SMS boot mode. From SMS, the
NIM server network details can be entered, which will cause the client to issue a bootrequest over the network. From this point, the menu steps are identical to using optical
media.
© Copyright IBM Corporation 2009
IBM Power Systems
AIX installation in a partition using NIM:Configuration steps
Assume a partition and partition profile have been created.• Setup and configure the NIM master to support a BOS
installation of your machine.• Activate the partition using SMS boot mode.• Specify the IP parameters for a network boot.• Configure the partition to boot from the network adapter.• Interact with AIX installation menus, if required (depends on
NIM configuration).
• Note: – Subsequent installs and updates for the same partition can be initiatedfrom the NIM master.
– A mksysb restore example is provided in a later unit (Backup andRestore).
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 147/692
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 148/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
4-24 AIX installation © Copyright IBM Corp. 2009
Figure 4-20. Network boot (2 of 7) AN121.1
Notes:
NIC adapter
Select which network interface to use. The example in the visual shows two ports on theintegrated Ethernet controller.
© Copyright IBM Corporation 2009
IBM Power Systems
Network boot (2 of 7)
Choose the network adapter:
NIC Adapters
Device Location Code
1. Port 1 - IBM 2 PORT 10/100/100 U78A0.001.DNWGCP5-P1-C4-
T1
2. Port 2 - IBM 2 PORT 10/100/100 U78A0.001.DNWGCP5-P1-C4-
T2
----------------------------------------------------------Navigation Keys:
PowerPC Firmware
Version EL320_040
SMS 1.7 (c) Copyright IBM Corp. 2000,2007 All rights----------------------------------------------------------
---------------------------------------------------------X = eXit System Management Services
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 149/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 4. AIX installation 4-25
5.2
empty
Figure 4-21. Network boot (3 of 7) AN121.1
Notes:
Select the Network service: BOOTP.
© Copyright IBM Corporation 2009
IBM Power Systems
Network boot (3 of 7)
Select the Network service
PowerPC Firmware
Version EL320_040
SMS 1.7 (c) Copyright IBM Corp. 2000,2007 All rights---------------------------------------------------------Select Network ServicePort 1 - IBM 2 PORT 10/100/1000 Base-TX PCI-X Adapter: U78A0.001.DNGWCP5-C1-C4-
1. BOOTP
2. ISCSI
---------------------------------------------------------
Navigation Keys:
---------------------------------------------------------X = eXit System Management Services
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 150/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
4-26 AIX installation © Copyright IBM Corp. 2009
Figure 4-22. Network boot (4 of 7) AN121.1
Notes:
Network parameters
Choose option 1 and configure the IP parameters. This screen is shown in the nextvisual.
Then choose option 2 and configure the adapter settings, such as media speed and
duplex setting.
When everything is configured properly, run the ping test and it should be successful.
When the ping test is successful, return to the SMS main menu, select the networkadapter as a boot device, and exit the SMS menu. This will start the network boot
process.
© Copyright IBM Corporation 2009
IBM Power Systems
Network boot (4 of 7)
Set up the IP parameters, the adapter configurationoptions, then perform the ping test:
PowerPC Firmware
Version EL320_040
SMS 1.7 (c) Copyright IBM Corp. 2000,2007 All rights---------------------------------------------------------Network ParametersPort 1 - IBM 2 PORT 10/100/1000 Base-TX PCI-X Adapter: U78A0.001.DNGWCP5-C1-C4-
1. IP Parameters2. Adapter Configuration
3. Ping Test
4. Advanced Setup: BOOTP
---------------------------------------------------------
Navigation Keys:
---------------------------------------------------------X = eXit System Management Services
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 151/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 4. AIX installation 4-27
5.2
empty
Figure 4-23. Network boot (5 of 7) AN121.1
Notes:
IP parameters
Enter the IP address of the client, which is the partition.
Enter the IP address of the server, which is the NIM server.
Enter the IP address of the gateway . This is the partition’s gateway system; so it mustbe local on the partition’s subnet. This value can be a valid route on the same subnet as
the client partition or the IP address of the NIM server. Ask your network administratorwhich system to use.
Enter the subnet mask that the partition is using.
Adapter configuration
Once you’ve entered this information, return to the previous screen and choose the
Adapter Configuration option. Here you will need to specify the media speed and theduplex setting.
© Copyright IBM Corporation 2009
IBM Power Systems
Network boot (5 of 7)
IP parameters:
IP Parameters
Port 1 - IBM 2 PORT 10/100/1000 Base-TX PCI-X Adapter: U78A0.001.DNGWCP5-C1-C4-
---------------------------------------------------------
Navigation Keys:
1. Client IP Address [10.6.103.64]
2. Server IP Address [10.6.103.1]
3. Gateway IP Address [10.6.103.254]
4. Subnet Mask [255.255.255.0]
PowerPC Firmware
Version EL320_040
SMS 1.7 (c) Copyright IBM Corp. 2000,2007 All rights---------------------------------------------------------
---------------------------------------------------------X = eXit System Management Services
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 152/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
4-28 AIX installation © Copyright IBM Corp. 2009
Ping test and network boot
After you have configured the adapter parameters, return to the main SMS menu. Run
the ping test, and if successful, select the network adapter as a boot device, then exitthe SMS menus to begin the boot process and the installation.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 153/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 4. AIX installation 4-29
5.2
empty
Figure 4-24. Network boot (6 of 7) AN121.1
Notes:
Overview
The adapter configuration screen allows you to set parameters for the adapter itself.Typically, you can leave it alone with the exception of optionally disabling spanning tree.
This will make the boot go much faster.
The value for option 2 will not change, that is, from Enabled to Disabled. The optionshould have a question mark next to it that is answered when you choose the option.
© Copyright IBM Corporation 2009
IBM Power Systems
Network boot (6 of 7)
Adapter configuration:
IP ParametersPort 1 - IBM 2 PORT 10/100/1000 Base-TX PCI-X Adapter: U78A0.001.DNWGCP5-P1-C4
---------------------------------------------------------
Navigation Keys:
1. Speed,Duplex
2. Spanning Tree Enabled
3. Protocol
Disable Spanning Tree
for faster operation
---------------------------------------------------------X = eXit System Management Services
PowerPC Firmware
Version EL320_040
SMS 1.7 (c) Copyright IBM Corp. 2000,2007 All rights---------------------------------------------------------
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 154/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
4-30 AIX installation © Copyright IBM Corp. 2009
Figure 4-25. Network boot (7 of 7) AN121.1
Notes:
Ping test
This option pings the NIM server. If it fails, suspect your IP configuration or the network.
© Copyright IBM Corporation 2009
IBM Power Systems
Network boot (7 of 7)
• When remote IPL is configured, perform the ping test
– If ping is unsuccessful:• Is NIM server on network?
• Check IP Parameters screen for mistakes
– Is gateway correct and available?
• Try again
• Return to SMS Select Boot Options menu
– Select the network adapter as the Install/Boot Device
• Exit from SMS initiates network boot.
• AIX Install and Maintenance menu processing is the same aspreviously described.
• NIM can have unattended install with no console interaction
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 155/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 4. AIX installation 4-31
5.2
empty
Figure 4-26. Checkpoint AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Checkpoint
1. AIX 6 can be installed from which of the following?
(Select all that are correct)a. 8 mm tape
b. optical media-ROM
c. Diskette
d. NIM Server
2. True or False: A Preservation install preserves all dataon the disks.
3. What is the console used for during the installationprocess?
_____________________________________________
_____________________________________________
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 156/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
4-32 AIX installation © Copyright IBM Corp. 2009
Figure 4-27. Exercise 4 AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Exercise 4
AIXinstallation
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 157/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 4. AIX installation 4-33
5.2
empty
Figure 4-28. Unit summary AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Unit summary
Having completed this unit, you should be able to:
• List the installation methods for AIX 6
• List the steps necessary to install the AIX version 6.1base operating system
• Install and understand all the options when installing AIX6.1 from optical media
• Execute a network boot to use a configured NIM server
• Carry out post installation tasks
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 158/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
4-34 AIX installation © Copyright IBM Corp. 2009
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 159/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 5. AIX software installation and maintenance 5-1
5.2
empty Unit 5. AIX software installation and maintenance
What this unit is about
This unit describes how to perform software installation and
maintenance.
What you should be able to do
After completing this unit, you should be able to:
• Define the package definitions and naming conventions
• Understand AIX software levels and states
• Identify how software products and updates are installed andmanaged on the system
• Recover from broken and inconsistent software states
• How to download fixes using Fix Central and SUMA
• Identify if all the components in the Power and AIX environment
are compatible and supported
How you will check your progress
Accountability:
• Checkpoint
• Machine exercises
References
Online AIX 6.1 Information
SG24-7463 AIX 5L Differences Guide: Version 5.3 Edition
(redbook)
Note: References listed as “Online” above are available at thefollowing address:
http://publib.boulder.ibm.com/infocenter/systems/index.jsp
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 160/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
5-2 AIX installation © Copyright IBM Corp. 2009
Figure 5-1. Unit objectives AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Unit objectives
After completing this unit, you should be able to:
• Define the package definitions and naming conventions
• Understand AIX software levels and states
– Determine the current installed level of the OS and individual filesets
• Identify how software products and updates are installed andmanaged on the system
• Recover from broken and inconsistent software states
• How to download fixes using Fix Central and SUMA
• Identify if all the components in the Power and AIXenvironment are compatible and supported
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 161/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 5. AIX software installation and maintenance 5-3
5.2
empty
Figure 5-2. AIX media AN121.1
Notes:
Each of the products listed above has a separate order number and feature code. At the
time of publication they were:
AIX V6.1 standard edition, feature code: 5692-A6P, order number: 0967
• AIX v6.1 Base
• AIX v6.1 Expansion Pack
• AIX v6.1 InfoCenter (DVD)
• AIX Toolbox for Linux
• Mozilla Firefox Browser
For virtual environments, a PowerVM license is required. The following software is
supplied:
• Virtual I/O Server V2.1
• Virtual I/O Server Expansion Pack
© Copyright IBM Corporation 2009
IBM Power Systems
AIX media
AIX 6.1 Base (DVD or CD)+ update CDs
AIX 6.1 Expansion Pack
AIX 6.1 Infocenter
AIX Toolbox for LinuxA IX
A I X
A IX
A IX
A I X
A IX
A IX
A I X
A IX
Mozilla Firefox Browser A IX
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 162/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
5-4 AIX installation © Copyright IBM Corp. 2009
The AIX Expansion Pack is a collection of extra software that extends the base operatingsystem capabilities. It contains filesets such as:
• Open Secure Sockets Layer (OpenSSL)
• Java 6 32- and 64-Bit
• iSCSI Target Device Driver
• List of Open Files (LSOF) and many more
The AIX Infocenter contains a list of support guides and help documentation. It is alsoavailable online: http://publib.boulder.ibm.com/infocenter/system
Also available on-line is the AIX toolbox (open source) filesets
http://www-03.ibm.com/systems/p/os/aix/linux/toolbox/download.html.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 163/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 5. AIX software installation and maintenance 5-5
5.2
empty
Figure 5-3. Software packaging definitions AN121.1
Notes:
Licensed Program Product (LPP)
A collection of packages that form an installable product.
Package
A package contains a group of filesets with a common function. It is a single, installable
image. AIX packages are a bundle of binaries glued together with the meta-information(name, version, dependencies).
FilesetA fileset is the smallest, individually installable unit. Generally, it is a single subsystem.
For example, bos.net.tcp.server is a fileset in the bos.net package. This image is aUnix Backup File Format file (BFF), created with the backup command. Files in an LPP
can be listed with: restore –Tvf <package> or extracted with restore –xvf <package>.
For example: To list the contents of bos.rte.control fileset contained in TL02 SP01:
# restore -Tvf U814098.bff
© Copyright IBM Corporation 2009
IBM Power Systems
bos
bos.net
bos.net.tcp
bos.net.tcp.server
Software packaging definitions
LPP
Base OperatingSystem Component
PackageBase Networking
package
TCP/IP collectionof filesets
FilesetTCP/IP Server fileset
‘the smallest unit’
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 164/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
5-6 AIX installation © Copyright IBM Corp. 2009
Please mount volume 1 on U814098.bff.
Press Enter to continue.
New volume on U814098.bff:
Cluster size is 51200 bytes (100 blocks).
The volume number is 1.
The backup date is: Wed 1 Oct 21:08:15 2008
Files are backed up by name.
The user is BUILD.
0 ./
6036 ./lpp_name
0 ./usr
0 ./usr/lpp
0 ./usr/lpp/bos/bos.rte.control/6.1.2.0
69252 ./usr/lpp/bos/bos.rte.control/6.1.2.0/liblpp.a
0 ./usr/lpp/bos/bos.rte.control/6.1.2.0/inst_root
14040 ./usr/lpp/bos/bos.rte.control/6.1.2.0/inst_root/liblpp.a
….note, some items removed for clarity…………..
232871 ./usr/lib/inst_updt/libwlm.a/shr_64.o
109698 ./usr/sbin/armsrvconv
43889 ./usr/sbin/shutdown
12712 ./usr/sbin/swapoff
17876 ./usr/sbin/swapon
16724 ./usr/sbin/mkitab
83954 ./usr/sbin/rsct/bin/IBM.WLMRMd
6198 ./usr/sbin/wlmassign
24462 ./usr/sbin/wlmcntrl
The total size is 25207820 bytes.
The number of archived files is 41.
Note: This is the only way, in AIX, to see which files are located within an LPP fileset,
prior to install.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 165/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 5. AIX software installation and maintenance 5-7
5.2
empty
Figure 5-4. Software bundles AN121.1
Notes:
Since there are thousands of filesets, having to determine which individual fileset you want
on your machine could be a time-consuming task. AIX has bundles which offer a collection
of filesets that suit a particular purpose. For example, if you are developing applications,the App-Dev bundle would be the logical choice to install.
Some filesets within a bundle are only installed if the prerequisite hardware is available. Forexample, a graphic adapter is needed to run X11 and CDE. In some cases, bundles are
equivalent to product offerings. Often, however, they are a subset of a product offering or a
separate customized bundle. The bundles available may vary from AIX version to AIXversion.
© Copyright IBM Corporation 2009
IBM Power Systems
Software bundles
• A bundle is a collection of packages and filesets suited for a particularenvironment
• There are many predefined system bundles in AIX which include: – AllDevicesKernels
– Alt_Disk_Install
– openssh_client and openssh_server
• Full list in /usr/sys/inst.data/sys_bundles. Example:
# /usr/sys/inst.data/sys_bundles # cat openssh_server.bnd
# MEDIA="Expansion Pack"
I:openssl.base
I:openssl.man.en_US
I:openssh.base.server
I:openssh.man.en_US
# /usr/sys/inst.data/sys_bundles # cat openssh_server.bnd
# MEDIA="Expansion Pack"I:openssl.base
I:openssl.man.en_US
I:openssh.base.server
I:openssh.man.en_US
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 166/692
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 167/692
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 168/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
5-10 AIX installation © Copyright IBM Corp. 2009
Figure 5-6. What is my AIX version? AN121.1
Notes:
The oslevel command reports the latest installed maintenance, technology level, and
service pack on the system.
The visual above shows the system is level AIX 6.1, technology level 2, service pack 1.Service packs and technology level fixes are applied to the running system. To update the
system with a new level, for example, from AIX 5.3 to 6.1, a new migration update musttake place. This involves system downtime.
© Copyright IBM Corporation 2009
IBM Power Systems
What is my AIX version?
• To obtain the AIX level, use the oslevel command.
• To upgrade from one AIX version and release to another, for example, AIX 5.3 to AIX 6.1, a migration must be performed.
• New TLs or SPs are applied through updates.
# oslevel -s
6100-02-01-0847
# oslevel -s
6100-02-01-0847
Service PackRelease date
for example, 47th weekin 2008
AIX LevelVRMF
Technology
Level
Service Pack
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 169/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 5. AIX software installation and maintenance 5-11
5.2
empty
Figure 5-7. Software installation and maintenance AN121.1
Notes:
The lslpp and installp commands are vital for interacting, installing, and maintaining
software on AIX.
The rpm and geninstall commands are relatively new. These commands wereintroduced in AIX5L as a result of the AIX / Linux affinity and support for other software
formats like RPM and ISMP (InstallShield MultiPlatform).
© Copyright IBM Corporation 2009
IBM Power Systems
Software installation and maintenance
• All aspects of software installation and maintenance can beperformed from SMIT, the command line, or systems directorconsole.
• Command line interaction:
– lslpp: lists installed software
– installp: traditional AIX command for installing and maintainingLPP packages
– rpm: redhat Linux command for installing and maintaining rpm
filesets (part of the AIX Linux affinity introduced in AIX 5L)
– geninstall: a generic installer that installs software of variouspackage formats: LPP, RPM, and ISMP.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 170/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
5-12 AIX installation © Copyright IBM Corp. 2009
Figure 5-8. Software repository AN121.1
Notes:
Generally, it is useful and sometimes necessary, for example when building and managing
a NIM server to store software to disk. AIX refers to this as a software repository. The
default software repository is sometimes referred to as the default installation imagedirectory. Its location on AIX is /usr/sys/inst.images. However, it is advisable to create and
manage a repository in a separate file system that is not contained in the AIX root volumegroup.
The tables of contents (.toc) file
This is a mandatory file required for installing and updating packages on AIX. If thecommand line is used (installp), then the user has to manually create the .toc file. This is
done using the inutoc command. To create a .toc file in the current directory, type:
<inutoc>. SMIT automatically creates a .toc file when copying software files to disk and
prior to installing LPPs.
© Copyright IBM Corporation 2009
IBM Power Systems
Software repository
• A location on disk which contains AIX software
– Default image directory is: /usr/sys/inst.images – AIX filesets require a .toc file
• To copy software, for example from an AIX CD to disk, use theSMIT facility, copy software to hard disk for future installation (or the AIX command, bffcreate)
Copy Software to Hard Disk for Future Installation
[Entry Fields]
* INPUT device / directory for software /dev/cd0* SOFTWARE package to copy [all] +
* DIRECTORY for storing software package
[/usr/sys/inst.images]
DIRECTORY for temporary storage during copying [/tmp]
EXTEND file systems if space needed? yes +
Process multiple volumes? yes
Copy Software to Hard Disk for Future Installation
[Entry Fields]
* INPUT device / directory for software /dev/cd0
* SOFTWARE package to copy [all] +
* DIRECTORY for storing software package
[/usr/sys/inst.images]
DIRECTORY for temporary storage during copying [/tmp]
EXTEND file systems if space needed? yes +
Process multiple volumes? yes
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 171/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 5. AIX software installation and maintenance 5-13
5.2
empty
Figure 5-9. Software states AN121.1
Notes:
Committed state and the initial install
AIX has a number of software states. When you are installing software for the first time,
the software automatically installs to a committed state. This means there is only onelevel of that software product installed on your system.
Applied state versus committed state for maintenance
When you are installing a set of fixes or upgrading to a new technology level on your
system, you have the option of installing the software either in the committed state orthe applied state. The applied state allows you to maintain two levels of the software on
your system. When software is installed in the applied state, the older version is savedon the disk and is deactivated, while the newer version is installed and becomes the
active version.
© Copyright IBM Corporation 2009
IBM Power Systems
Software states
• The base installation of software is always in a committedstate. – Committed is a permanent state
• When updates are installed, they can be either applied orcommitted. – Applied software can later be rejected or committed.
bos.net.tcp.adt6.1.1.1
bos.net.tcp.adt6.1.1.2
Action: Apply
6.1.1.1 Saved
6.1.1.2 Applied
Rejector
Commit
6.1.1.1Committed
6.1.1.2Committed
A IX
A IX
Action: Install & Commit6.1.1.1
Committed
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 172/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
5-14 AIX installation © Copyright IBM Corp. 2009
The applied state gives you the opportunity to test the newer software beforecommitting to its use. If it works as expected, then you can commit the software, which
removes the old version from the disk. If the newer version is causing a problem, youcan reject, it which removes the newer version and reverts back to the old version.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 173/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 5. AIX software installation and maintenance 5-15
5.2
empty
Figure 5-10. Software listing and versioning AN121.1
Notes:
The lslpp command displays information about installed filesets or fileset updates. Each
fileset has a version number associated with it (in the format of
Version.Release.Modification.Fix, a state code, and a type code as shown above.
© Copyright IBM Corporation 2009
IBM Power Systems
# lslpp -L |grep bos.net.tcp.server
bos.net.tcp.server 6.1.1.1 C F TCP/IP Server
State codes:
A -- Applied.
B -- Broken.
C -- Committed.
E -- EFIX Locked.
O -- Obsolete. (partially migrated to newer version)
? -- Inconsistent State...Run lppchk -v.
Type codes:
F -- Installp Fileset
P -- Product
C -- Component
T -- Feature
R -- RPM Package
E -- Interim Fix
# lslpp -L |grep bos.net.tcp.server
bos.net.tcp.server 6.1.1.1 C F TCP/IP Server
State codes:
A -- Applied.
B -- Broken.
C -- Committed.
E -- EFIX Locked.
O -- Obsolete. (partially migrated to newer version)
? -- Inconsistent State...Run lppchk -v.
Type codes:
F -- Installp Fileset
P -- Product
C -- Component
T -- Feature
R -- RPM Package
E -- Interim Fix
Software listing and versioning
C & F are Stateand Type codes.
• Software listing is done with the lslpp command.
Version Release Modification Fix
AIX Migration smit update_all
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 174/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
5-16 AIX installation © Copyright IBM Corp. 2009
Figure 5-11. lslpp, filesets and files AN121.1
Notes:
The lslpp command has many useful flags associated with it. It is also possible to see when
a particular LPP was installed using the –h flag. See lslpp man page for more information.
A situation may arise where you want to use a particular command but it is not installed onthe system and you are not sure what LPP fileset to install to be able to use the binary. To
help with this problem you can use the which_fileset command. The which_filesetcommand searches the /usr/lpp/bos/AIX_file_list file for a specified file name or command
name, and prints out the name of the fileset that the file or command is shipped in. The
/usr/lpp/bos/AIX_file_list file is large and not installed automatically. You must install thebos.content_list fileset to receive this file.
Example:
# which_fileset shutdown
/usr/sbin/shutdownbos.rte.control 6.1.2.0
© Copyright IBM Corporation 2009
IBM Power Systems
# lslpp -f alex.grumpy.rte
Fileset File
---------------------------------------------------------
Path: /usr/lib/objrepos
alex.grumpy.rte 1.0.0.5
/usr/local/grumpy/grumpyrecovery
/usr/local/grumpy/README
/usr/local/grumpy/grumpystart
/usr/sbin/gfunctions
/usr/local/grumpy/grumpycheck
/usr/local/grumpy/grumpystop
# lslpp -w /usr/local/grumpy/grumpystartFile Fileset Type
-----------------------------------------------------------
/usr/local/grumpy/grumpystart alex.grumpy.rte File
# lslpp -f alex.grumpy.rte
Fileset File
---------------------------------------------------------
Path: /usr/lib/objrepos
alex.grumpy.rte 1.0.0.5
/usr/local/grumpy/grumpyrecovery
/usr/local/grumpy/README
/usr/local/grumpy/grumpystart
/usr/sbin/gfunctions
/usr/local/grumpy/grumpycheck
/usr/local/grumpy/grumpystop
# lslpp -w /usr/local/grumpy/grumpystartFile Fileset Type
-----------------------------------------------------------
/usr/local/grumpy/grumpystart alex.grumpy.rte File
lslpp, filesets and files
List files in anLPP fileset.
To whichfileset does afile belong?
• Switches -f and -w are very useful lslpp flags.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 175/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 5. AIX software installation and maintenance 5-17
5.2
empty
Figure 5-12. Installing new software using SMIT AN121.1
Notes:
There are two fast paths worth remembering when it comes to software and SMIT:
• install_all – to install new software
• update_all – to update current software
Prior to the screen shown in the visual, you will be asked to select the “INPUT device /
directory for software”. The input device could be tape (/dev/rmt0), optical media(/dev/cd0), or a directory. The period (.) in the example indicates the directory you currently
reside in.
The default behavior when installing new software is to commit. To first apply softwarerather than commit, change the COMMIT software updates field to No.
© Copyright IBM Corporation 2009
IBM Power Systems
Installing new software using SMIT
Install and Update from ALL Available Software
Type or select values in entry fields.
Press Enter AFTER making all desired changes.
[Entry Fields]
* INPUT device / directory for software .
* SOFTWARE to install [] +
PREVIEW only? (install operation will NOT occur) no +
COMMIT software updates? yes +
SAVE replaced files? no +
AUTOMATICALLY install requisite software? yes +
EXTEND file systems if space needed? yes +
OVERWRITE same or newer versions? no +
VERIFY install and check file sizes? no +DETAILED output? no +
Process multiple volumes? yes +
ACCEPT new license agreements? no +
Preview new LICENSE agreements? no +
Install and Update from ALL Available Software
Type or select values in entry fields.
Press Enter AFTER making all desired changes.
[Entry Fields]
* INPUT device / directory for software .
* SOFTWARE to install [] +
PREVIEW only? (install operation will NOT occur) no +
COMMIT software updates? yes +
SAVE replaced files? no +
AUTOMATICALLY install requisite software? yes +
EXTEND file systems if space needed? yes +
OVERWRITE same or newer versions? no +
VERIFY install and check file sizes? no +
DETAILED output? no +
Process multiple volumes? yes +
ACCEPT new license agreements? no +
Preview new LICENSE agreements? no +
• smit install_all
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 176/692
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 177/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 5. AIX software installation and maintenance 5-19
5.2
empty
Figure 5-14. Red Hat Package Manager filesets AN121.1
Notes:
In addition to providing the ability to run a Linux operating system on IBM Power
Architecture technology, IBM provides strong Linux affinity within the AIX OS. This affinity
enables faster and less costly deployment of multi-platform, integrated solutions acrossAIX and Linux platforms. Linux packages can be installed and manipulated on AIX using
the Redhat Package Manager as shown in the visual.
AIX affinity with Linux includes Linux application source compatibility, compliance with
emerging Linux standards, and a GNU Linux build-time environment with GNU and other
open source tools and utilities that combine to facilitate the development and deploymentof Linux applications on the AIX OS. This AIX affinity with Linux allows Linux programs tobe easily recompiled for native execution on the AIX OS. This approach allows you to
benefit from the capabilities of Linux applications combined with the industrial strengthfoundation and performance advantages afforded to native AIX applications.
© Copyright IBM Corporation 2009
IBM Power Systems
Red Hat Package Manager filesets
# rpm –qa
# rpm --nodeps -e cairo-1.0.2-6
# rpm -i bash-3.2-1.aix.ppc.rpm
# rpm –qa
# rpm --nodeps -e cairo-1.0.2-6
# rpm -i bash-3.2-1.aix.ppc.rpm
• IBM provides strong Linux affinity within AIX
• Many useful packages for AIX come in RPM format – Developed by Redhat, now used in many Linux flavors
– Examples (included within the Linux Toolbox for AIX):
• cdrecord
• mkiosfs
• apache
• bashList
packages
Removepackage without
dependencies
Installpackage
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 178/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
5-20 AIX installation © Copyright IBM Corp. 2009
Figure 5-15. Applying patches to the system AN121.1
Notes:
In the past, AIX system administrators would often download and install individual filesets
on a system. This caused the software be at mixed levels and sometime created more
problems than it solved. Now, IBM allows fixes to be downloaded in a fix pack, containing:
• Technology level (also known as Maintenance level in previous releases)
• Service Pack
In accordance with 'Enhanced Service Strategy Releases', these generally available
updates have been tested to operate best when all updates in a fix pack are installed. IBMrecommends installing the complete fix pack. AIX updates are provided as Technology
Level packages or Service Packs. These generally available updates have been tested tooperate best when all updates in a fix pack are installed. IBM recommends installing the
complete fix pack.
© Copyright IBM Corporation 2009
IBM Power Systems
smitty update_all
* INPUT device / directory for software /updates
* SOFTWARE to update _update_all
PREVIEW only? (update operation will NOT occur) yes +
COMMIT software updates? no +
SAVE replaced files? yes
smitty update_all
* INPUT device / directory for software /updates
* SOFTWARE to update _update_all
PREVIEW only? (update operation will NOT occur) yes +
COMMIT software updates? no +
SAVE replaced files? yes
Applying patches to the system
Some itemsremoved for
clarity
• Ideally, all systems should be at the latest fix pack (TL and SP level).
• IBM recommends installing the complete fix pack.
• System updates can be applied through smit update_all or usinggeninstall or installp commands.
• Updates can first be applied, then committed at a later time.
– This enables you to roll back if needed.
– Once software is committed there is no going back without removal and reinstall.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 179/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 5. AIX software installation and maintenance 5-21
5.2
empty
Figure 5-16. Applying patches, apply, commit, reject AN121.1
Notes:
The visual above shows a fileset update being applied to cluster.doc.en_US.es.pdf . This
could be done with system management tools like SMIT, geninstall or installp
commands. It is often very useful to remember key installp flags. The flags, -aB mean applyand update the fileset. Once applied the update can be rejected (-r) or committed (-c).
In this example, the filesets are stored in a software repository on disk in which we arecurrently located. Hence the device location (-d) is set to “dot” (the current directory).
© Copyright IBM Corporation 2009
IBM Power Systems
Applying patches, apply, commit, reject
# lslpp -L |grep -i cluster |grep pdf
cluster.doc.en_US.es.pdf 5.4.0.0 C F HAES PDF Documentation
# installp -aB -d . cluster.doc.en_US.es.pdf
# lslpp -L |grep -i cluster |grep pdf
cluster.doc.en_US.es.pdf 5.4.1.0 A F HAES PDF Documentation
Note: “installp –s # will list all Applied software on the system”
# installp –r cluster.doc.en_US.es.pdf
# lslpp -L |grep -i cluster |grep pdf
cluster.doc.en_US.es.pdf 5.4.0.0 C F HAES PDF Documentation
OR –
# installp –c all
Installation Summary
--------------------
Name Level Part Event Result
-------------------------------------------------------------------------------
cluster.doc.en_US.es.pdf 5.4.1.0 USR COMMIT SUCCESS
# lslpp -L |grep -i cluster |grep pdf
cluster.doc.en_US.es.pdf 5.4.0.0 C F HAES PDF Documentation
# installp -aB -d . cluster.doc.en_US.es.pdf
# lslpp -L |grep -i cluster |grep pdf
cluster.doc.en_US.es.pdf 5.4.1.0 A F HAES PDF Documentation
Note: “installp –s # will list all Applied software on the system”
# installp –r cluster.doc.en_US.es.pdf
# lslpp -L |grep -i cluster |grep pdf
cluster.doc.en_US.es.pdf 5.4.0.0 C F HAES PDF Documentation
OR –
# installp –c all
Installation Summary
--------------------
Name Level Part Event Result
-------------------------------------------------------------------------------
cluster.doc.en_US.es.pdf 5.4.1.0 USR COMMIT SUCCESS
ApplyUpdate
(-aB)
Reject(-r)
Commit all
Applied
software (-c)
• installp, example:
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 180/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
5-22 AIX installation © Copyright IBM Corp. 2009
Figure 5-17. Listing fixes (APAR's) installed on the system AN121.1
Notes:
Fixes displayed with the instfix –i command are installed through Technology Level and
Service Pack updates. In previous versions of AIX, interim fixes, between Maintenance
level releases, were installed through instfix itself. In AIX6, instfix is really a legacycommand. It is only useful for listing and searching through applied updates on the system.
Necessary fixes that are not part of a TL or SP, are handled through interim fixmanagement.
© Copyright IBM Corporation 2009
IBM Power Systems
Listing fixes (APARs) installed on the system
• TLs and SPs apply fixes (APARs) to AIX• You can list these fixes with the instfix command.
– instfix is useful for listing and searching through appliedupdates on the system.
• Interim fixes between services packs, including serviceadvisories, is now done through interim fix management. – emgr command
# instfix –i
All filesets for IY32852 were found.
All filesets for IY14691 were found.
All filesets for IY31312 were found.
All filesets for IY31879 were found.
All filesets for IY34538 were found.
…… 2244 lines removed for clarity ….
# instfix -i |grep IY34981
All filesets for IY34981 were found.
# instfix –i
All filesets for IY32852 were found.
All filesets for IY14691 were found.
All filesets for IY31312 were found.
All filesets for IY31879 were found.
All filesets for IY34538 were found.
…… 2244 lines removed for clarity ….
# instfix -i |grep IY34981
All filesets for IY34981 were found.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 181/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 5. AIX software installation and maintenance 5-23
5.2
empty
Figure 5-18. Interim fix management AN121.1
Notes:
The interim fix (ifix) management solution enables users to track and manage ifix packages
on a system. An ifix package might be an interim fix, debug code, or test code that contains
commands, library archive files, or scripts that run when the ifix package is installed.
The ifix management solution consists of the following commands:
• ifix packager (epkg)
• ifix manager (emgr)
The epkg command creates ifix packages that can be installed by the emgr command.The emgr command installs, removes, lists, and verifies system efixes.
It is important to examine the state field after installing an interim fix. The codes for thestate field are documented in the AIX Installation and Migration manual. In the above
example, the state value of Q means that a reboot is necessary for this fix to be effective.
© Copyright IBM Corporation 2009
IBM Power Systems
Interim fix management
# emgr -pe 744A_610.071105.epkg.Z
….lot of output is produced, removed for clarity!
EPKG NUMBER LABEL OPERATION RESULT
=========== ============== ================= ==============
1 744A_610 INSTALL PREVIEW SUCCESS
# emgr -e 744A_610.071105.epkg.Z
# emgr -l
ID STATE LABEL INSTALL TIME ABSTRACT
=== ===== ========== ================== ======================================
1 *Q* 744A_610 10/10/08 23:30:49 Kernel fix for 0744A_610
# emgr –r –L 744A_610
Log file is /var/adm/ras/emgr.log
EFIX NUMBER LABEL OPERATION RESULT
=========== ============== ================= ==============
1 744A_610 REMOVE SUCCESS
ATTENTION: system reboot is required. Please see the "Reboot Processing"
sections in the output above or in the /var/adm/ras/emgr.log file.
Return Status = SUCCESS
# emgr -pe 744A_610.071105.epkg.Z
….lot of output is produced, removed for clarity!
EPKG NUMBER LABEL OPERATION RESULT
=========== ============== ================= ==============
1 744A_610 INSTALL PREVIEW SUCCESS
# emgr -e 744A_610.071105.epkg.Z
# emgr -l
ID STATE LABEL INSTALL TIME ABSTRACT
=== ===== ========== ================== ======================================
1 *Q* 744A_610 10/10/08 23:30:49 Kernel fix for 0744A_610
# emgr –r –L 744A_610
Log file is /var/adm/ras/emgr.log
EFIX NUMBER LABEL OPERATION RESULT
=========== ============== ================= ==============
1 744A_610 REMOVE SUCCESS
ATTENTION: system reboot is required. Please see the "Reboot Processing"
sections in the output above or in the /var/adm/ras/emgr.log file.
Return Status = SUCCESS
PreviewInstall
Installifix
Listinstalled
efixes
Remove
ifix
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 182/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
5-24 AIX installation © Copyright IBM Corp. 2009
Figure 5-19. Removing installed software AN121.1
Notes:
Software can be removed by using system management tools or the command line. The
installp –u flag, removes the specified software product and any of its installed updates
from the system. The product can be in either the committed or broken state. Any softwareproducts that are dependent on the specified product must also be explicitly included in the
input list unless the -g flag is also specified. Removal of any bos.rte fileset is neverpermitted.
Note: The removal of LPP filesets does not necessarily mean the process will delete all
files included in the filesets. This is dependant on how the LPP filesets are constructed.
© Copyright IBM Corporation 2009
IBM Power Systems
Removing installed software
• smit remove
• Removing software from the command line – Remove the firefox web browser
– (Preview) Remove all X11 software with associated prerequisites
Remove Installed Software
[Entry Fields]
* SOFTWARE name [cluster.es.cspoc.cmds] +
PREVIEW only? (remove operation will NOT occur) yes +
REMOVE dependent software? yes +
EXTEND file systems if space needed? no +
DETAILED output? no +
Remove Installed Software
[Entry Fields]
* SOFTWARE name [cluster.es.cspoc.cmds] +
PREVIEW only? (remove operation will NOT occur) yes +
REMOVE dependent software? yes +
EXTEND file systems if space needed? no +
DETAILED output? no +
# installp -upg X11*# installp -upg X11*
# installp -u Firefox.base.rte# installp -u Firefox.base.rte
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 183/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 5. AIX software installation and maintenance 5-25
5.2
empty
Figure 5-20. Recovering from broken or inconsistent states AN121.1
Notes:
If the process of installing, updating, or removing software from the system is interrupted or
fails, the outcome is likely to be either broken or inconsistent filesets on the system. To
detect this, use the lppchk command. If all is OK, the command will return null, otherwisebroken or inconsistent filesets will be displayed. To clean up from any such operation, use
the installp command with the –C option (clean-up) and then retry the original operationagain. If the failed operation was an uninstall, remove the software manually, using installp
–u <fileset>.
© Copyright IBM Corporation 2009
IBM Power Systems
Recovering from broken or inconsistent states
• To list broken or inconsistent filesets, use the lppchk
command.
# lslpp -L |grep Firefox.base.rte
Firefox.base.rte 1.5.0.12 ? F Firefox Web Browser
# lslpp -L |grep Firefox.base.rte
Firefox.base.rte 1.5.0.12 ? F Firefox Web Browser
# lppchk -v
lppchk: The following filesets need to be installed or corrected to bring
the system to a consistent state:
Firefox.base.rte 1.5.0.12 (APPLYING)
# lppchk -v
lppchk: The following filesets need to be installed or corrected to bring
the system to a consistent state:
Firefox.base.rte 1.5.0.12 (APPLYING)
# installp -C
installp: Cleaning up software for:
Firefox.base.rte 1.5.0.12
Installation Summary
--------------------
Name Level Part Event Result
-------------------------------------------------------------------------------
Firefox.base.rte 1.5.0.12 USR CLEANUP SUCCESS
# installp -C
installp: Cleaning up software for:
Firefox.base.rte 1.5.0.12
Installation Summary
--------------------
Name Level Part Event Result
-------------------------------------------------------------------------------
Firefox.base.rte 1.5.0.12 USR CLEANUP SUCCESS
Look for ?or B.
Displayinconsistent
filesets.
Perform a clean-upoperation. Fileset is
removed
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 184/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
5-26 AIX installation © Copyright IBM Corp. 2009
Figure 5-21. Service update management assistant AN121.1
Notes:
SUMA is an excellent tool for quickly downloading fixes with minimum fuss directly onto an
AIX server or NIM server.
Why SUMA?
Fix automation , the ability to get maintenance fixes onto a system automatically, isbecoming a focus area for IT system administrators. As system administration becomes
more complex and time consuming, it is often a roadblock that prevents systems frombeing up to date with current software fixes. Clients want the increased security and
reliability benefits, as well as the reduced downtime and total cost of ownership that comeswith keeping current fixes on a system. To meet these client demands, SUMA has
automated the process of determining which fixes are available, discovering which of theavailable fixes a system needs, and downloading the necessary fixes onto a system,
thereby reducing both the complexity and the time spent on system administration toperform these tasks.
© Copyright IBM Corporation 2009
IBM Power Systems
Service update management assistant
• Excellent tool for downloading fixes – Optional. Tasks can be automated OR driven by ksh scripts
• Access: smit suma• Can be used to download
– By APAR Number – By Fix Type – Technology Level(s) – Service Pack(s) – All Latest Fixes – Individual Filesets
• Internet access must available from the SUMA host.
• Many configuration parameters – Fixserver protocols: http, https – Download protocol: ftp, http, https
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 185/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 5. AIX software installation and maintenance 5-27
5.2
empty
Figure 5-22. SUMA base configuration AN121.1
Notes:
The Base Configuration menu allows SUMA global configuration settings to be viewed
or changed. These settings are used for each SUMA task that is run and allow specification
of values for items such as:
• Screen, logfile, and email verbosity levels
• Flag options for the lppmgr command to help manage the size of a download repository
• Download protocol
• Download timeout settingA clean operation will remove unnecessary files from the repository using the lppmgr
command.
The global configuration settings can be viewed from the command line, # suma -c
© Copyright IBM Corporation 2009
IBM Power Systems
SUMA base configuration
• Base configuration – # smit suma_config_base
Base Configuration
[Entry Fields]
Screen output verbosity [Info/Warnings/Errors] +
Logfile output verbosity [Verbose] +
Notification email verbosity [Info/Warnings/Errors] +
Remove superseded filesets on Clean? yes +
Remove duplicate base levels on Clean? yes +
Remove conflicting updates on Clean? yes +
Fixserver protocol http +
Download protocol ftp +
Maximum log file size (MB) [1] #
Download timeout (seconds) [180] #
Base Configuration
[Entry Fields]
Screen output verbosity [Info/Warnings/Errors] +
Logfile output verbosity [Verbose] +
Notification email verbosity [Info/Warnings/Errors] +
Remove superseded filesets on Clean? yes +
Remove duplicate base levels on Clean? yes +
Remove conflicting updates on Clean? yes +
Fixserver protocol http +
Download protocol ftp +
Maximum log file size (MB) [1] #
Download timeout (seconds) [180] #
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 186/692
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 187/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 5. AIX software installation and maintenance 5-29
5.2
empty
Figure 5-24. SUMA command line execution AN121.1
Notes:
SUMA tasks can be initiated through the command line. This is most useful when
producing scripts to automatically download fixes. SUMA uses cron when scheduled tasks
are created. In the schedule example above, the following entry will be added to root'scrontab: 0 23 * * 3 _SUMA=cron /usr/suma/bin/suma -x 1
The output of command:
# suma -l
1:
DisplayName=
Action=Download
RqType=ML
RqName=6100-02
RqLevel=
© Copyright IBM Corporation 2009
IBM Power Systems
SUMA command line execution
• SUMA command line examples: – Download latest service pack
– Download technology level 2 for AIX 6.1 on Wednesday at 11:00 PM
– Download latest security fixes
# /usr/sbin/suma -x -a RqType=SP -a Action=Download \
-a RqName=‘6100-01-01-0823'
# /usr/sbin/suma -x -a RqType=SP -a Action=Download \
-a RqName=‘6100-01-01-0823'
# /usr/sbin/suma -s “0 23 * * 3” -a RqType=ML –a Action=Download \
-a RqName='6100-02’
Task ID 1 created.
# suma -l
# /usr/sbin/suma -s “0 23 * * 3” -a RqType=ML –a Action=Download \
-a RqName='6100-02’
Task ID 1 created.
# suma -l
# /usr/sbin/suma -x -a Action=Download -a RqType=Security# /usr/sbin/suma -x -a Action=Download -a RqType=Security
List allscheduled
SUMA tasks
Request type= service
pack
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 188/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
5-30 AIX installation © Copyright IBM Corp. 2009
PreCoreqs=y
Ifreqs=y
Supersedes=n
ResolvePE=IfAvailable
Repeats=y
DLTarget=/aix/FIXES
NotifyEmail=root
FilterDir=/aix/FIXES
FilterML=6100-01
FilterSysFile=localhost
MaxDLSize=-1
Extend=y
MaxFSSize=-1
For further information see the SUMA main page.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 189/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 5. AIX software installation and maintenance 5-31
5.2
empty
Figure 5-25. Fix Central Web site AN121.1
Notes:
AIX fixes are generally available on the internet at Fix Central. Fixes cat any level, from AIX
4.3.3 to the present version, can be downloaded.
© Copyright IBM Corporation 2009
IBM Power Systems
Fix Central Web site
• To download AIX fixes via the internet, go to:
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 190/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
5-32 AIX installation © Copyright IBM Corp. 2009
Figure 5-26. Fix Level Recommendation Tool AN121.1
Notes:
Today's AIX environment can be complex as lots of components are required. In addition to
AIX, one must also think about but System Firmware, HMC, VIOS, PowerHA levels, and
more. How do you know if the levels of these products are compliant and supported? Theanswer is FLRT. FLRT is web driven tool that enables you to select your machine type and
software components and levels. It then produces an easy to read report which providesrecommendations, notices and status compliance as shown on the visual.
© Copyright IBM Corporation 2009
IBM Power Systems
Fix Level Recommendation Tool
http://www14.software.ibm.com/webapp/set2/flrt/home
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 191/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 5. AIX software installation and maintenance 5-33
5.2
empty
Figure 5-27. Checkpoint AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Checkpoint
1. Which of the following states must your software be in, in order for you to be ableto use it? Select all that apply.
a. Applied stateb. Removed statec. Install stated. Commit state
2. What command is used to list all installed software on your system? _______________
3. Which of the following can you install as an entity? Select all that apply.
a. ifixb. LPPc. Packaged. Bundle
4. True or False: If a problem is found with the inetd subsystem, it is possibleto download and apply a fix to bos.net.tcpip.server fileset in AIX 6.1 tocorrect the problem.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 192/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
5-34 AIX installation © Copyright IBM Corp. 2009
Figure 5-28. Exercise 5 AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Exercise 5
AIX softwareinstallation and
maintenance
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 193/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 5. AIX software installation and maintenance 5-35
5.2
empty
Figure 5-29. Unit summary AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Unit summary
Having completed this unit, you should be able to:
• Define the package definitions and naming conventions
• Understand AIX software levels and states
– Determine the current installed level of the OS and individual filesets
• Identify how software products and updates are installed andmanaged on the system
• Recover from broken and inconsistent software states
• How to download fixes using Fix Central and SUMA
• Identify if all the components in the Power and AIX environmentare compatible and supported
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 194/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
5-36 AIX installation © Copyright IBM Corp. 2009
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 195/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 6. System configuration and devices 6-1
5.2
empty Unit 6. System configuration and devices
What this unit is about
This unit describes how to list and understand the system
configuration and manipulate devices.
What you should be able to do
After completing this unit, you should be able to:
• Understand device terminology
• Document the system configuration
• Use popular device commands
• Understand device configuration and control • Identify device locations
How you will check your progress
Accountability:
• Checkpoint • Machine exercises
References
Online AIX 6.1 Information
AIX Version 6.1 Operating System and Device
Management
Note: References listed as “Online” above are available at thefollowing address:
http://publib.boulder.ibm.com/infocenter/systems/index.jsp
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 196/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
6-2 AIX installation © Copyright IBM Corp. 2009
Figure 6-1. Unit objectives AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Unit objectives
After completing this unit, you should be able to:
• Understand device terminology
• Document the system configuration
• Use popular device commands
• Understand device configuration and control
• Identify device locations
– Interpret physical and virtual location codes
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 197/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 6. System configuration and devices 6-3
5.2
empty
Figure 6-2. Device terminology AN121.1
Notes:
Generic Device terminology
• Physical Devices are the actual hardware that is connected in some way to the system
• Ports are the physical connectors and adapters in the system to which physical devices
or cables are attached.
• RIO is a cabling system and protocol for extending the internal buses of the systemenclosure to the I/O expansion drawers. The I/O expansion drawers have PCI buses
which can support additional adapters and disks (depending upon the type of I/Odrawer. An alternative option for connecting I/O drawers (with POWER6 servers) is 12X
(based on Infini-band).
• Logical Devices. Software interfaces (special files) that present a means of accessing aphysical device to the users and application programs. Data appended to logical devices is sentto the appropriate device driver. Data read from logical devices is read from the appropriatedevice driver.
© Copyright IBM Corporation 2009
IBM Power Systems
Device terminology
• Generic terminology – Physical devices – Ports – Device drivers – Logical devices – /dev directory – Virtual devices
• Power H/W-specific terminology – CEC
– System planar – RIO – System ports – GX+ – IVE – PCI
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 198/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
6-4 AIX installation © Copyright IBM Corp. 2009
• /dev is the directory which contains all of the logical devices that can be directlyaccessed by the user. Some logical devices defined are only referenced in the ODM
customized database and cannot be accessed by users.
• Virtual Devices are the Ethernet and SCSI devices which are allocated to the client fornetworking access and storage. These devices are not real.
Power H/W specific terminology
• Central electronics complex (CEC) is the main system unit that contains systemprocessors, memory, and remote I/O connections.
• System planar is the main component of the CEC. Where all processor cards, memory
dimms, and I/O attachments are interconnected together.
• RIO is a remote I/O drawer which consists of PCI slots/adapters disks, or both,depending on the type of RIO drawer. The RIO drawers connect to Power boxes
through a RIO2 Hub, which is in turn connected to the GX+ adapter bus.
• System Ports are the two serial ports on the system planar has two serial ports which
are called system ports. In an operating system environment, the two system portsbecome host virtual system ports and are only available for specific limited functions.For example, the two integrated system ports on a p550 are limited to serial connected
TTY console functionality and IBM approved call-home modems. These system portsdo not support other general serial connection uses, such as UPS, HACMP heartbeat,
printers, mice, and so on, If you need multi-purpose serial port functions, optional PCIadapters are available.
• GX+ : Each POWER6 processor provides a GX+ bus which is used to connect to an I/O
subsystem or Fabric Interface card.
• IVE: The POWER6 processor-based servers extend the virtualization technologiesintroduced in POWER5 by offering the Integrated Virtual Ethernet adapter (IVE). IVE,
also called Host Ethernet Adapter (HEA) in other documentation, enables an easy wayto manage the sharing of the integrated high-speed Ethernet adapter ports. It is a
standard set of features that are part of every POWER6 processor-based server.
• PCI which stand for Peripheral Component Interconnect, is an industry-standard bus forattaching peripherals to computers.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 199/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 6. System configuration and devices 6-5
5.2
empty
Figure 6-3. System configuration and device overview AN121.1
Notes:
System configuration is important. We need to understand what devices we have at our
disposal and where these devices are physically located within each box or drawer. This is
important when devices fail, especially disks! Taking out the wrong disk in the system dueto failure could result in data corruption.
An AIX partition does not need to have any real devices. In today's Power p environments,virtual LPARs are fast becoming the norm. Virtualization is a large topic and is covered in a
separate LPAR and virtualization education track. It is beyond the scope of the course.
© Copyright IBM Corporation 2009
IBM Power Systems
System configuration and device overview
• Understanding the configuration of the system is important. – The configuration should be documented and updated on a regular
basis.
• All devices have attributes, some of which can be changed. – lsattr, lists device attributes – chdev, changes device attributes
• Most devices within AIX are self configured, through cfgmgr.• Device states can be controlled using mkdev and rmdev
commands. – Including virtual devices
• Remember! An AIX partition does not need to have anyphysical devices.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 200/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
6-6 AIX installation © Copyright IBM Corp. 2009
Figure 6-4. Device commands AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Device commands
• prtconf – Lists major system configuration items such as system model,
firmware version, processor type, number of processors, processorclock speed, cpu type, total memory size, network, filesystem, pagingspace, and devices information
• lscfg – Lists device information including physical location codes
• lsdev – Lists device information including the state of the device
• lsslot
– Displays all specified hot plug slots and their characteristics• chdev
– Changes the characteristics of a device
• lsattr – Displays attribute characteristics and possible values of attributes for
devices in the system
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 201/692
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 202/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
6-8 AIX installation © Copyright IBM Corp. 2009
Figure 6-6. prtconf (1 of 2) AN121.1
Notes:
prtconf is very useful command which displays an overview of the system configuration.
This is particularly useful for documentation purposes. One should run this command on a
regular basis and save or print the output.
© Copyright IBM Corporation 2009
IBM Power Systems
prtconf (1 of 2)
• Shell script which collects system information
# prtconf
System Model: IBM,8204-E8AMachine Serial Number: 652ACD2
Processor Type: PowerPC_POWER6
Number Of Processors: 2
Processor Clock Speed: 4204 MHz
CPU Type: 64-bit
Kernel Type: 64-bit
LPAR Info: 4 sys124_v2
Memory Size: 512 MB
Good Memory Size: 2 GB
Firmware Version: IBM,EL320_076
Network Information
Host Name: sys124_v2
IP Address: 10.6.115.44
Sub Netmask: 255.255.255.0
Gateway: 10.6.115.254
Name Server:
Domain Name:
Paging Space Information
Total Paging Space: 1536MB
Percent Used: 2%
Volume Groups Information
==============================================================================
rootvg:
PV_NAME PV STATE TOTAL PPs FREE PPs FREE DISTRIBUTION
hdisk0 active 273 194 54..09..22..54..55
# prtconf
System Model: IBM,8204-E8A
Machine Serial Number: 652ACD2
Processor Type: PowerPC_POWER6
Number Of Processors: 2
Processor Clock Speed: 4204 MHz
CPU Type: 64-bit
Kernel Type: 64-bit
LPAR Info: 4 sys124_v2
Memory Size: 512 MB
Good Memory Size: 2 GB
Firmware Version: IBM,EL320_076
Network Information
Host Name: sys124_v2
IP Address: 10.6.115.44
Sub Netmask: 255.255.255.0
Gateway: 10.6.115.254
Name Server:
Domain Name:
Paging Space Information
Total Paging Space: 1536MB
Percent Used: 2%
Volume Groups Information
==============================================================================
rootvg:
PV_NAME PV STATE TOTAL PPs FREE PPs FREE DISTRIBUTION
hdisk0 active 273 194 54..09..22..54..55
Some items wereremoved for
clarity.
Output iscontinued on the
next page.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 203/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 6. System configuration and devices 6-9
5.2
empty
Figure 6-7. prtconf (2 of 2) AN121.1
Notes:
The last function prtconf performs is to run the lscfg command as shown in the visual.
Although the prtconf –v flag can be used to display detailed Vital Product Data (VPD)
information, the output on the previous page is omitted. To get around this problem, simplymake a copy of the prtconf script to prtconfVPD and append a “–v” flag to the last lscfg
command at the end of the script.
As follows:
# tail `which prtconf`
done
fi
#devices information
lscfg ######## APPEND –v here !!! ###########
fi
© Copyright IBM Corporation 2009
IBM Power Systems
prtconf (2 of 2)
INSTALLED RESOURCE LIST
The following resources are installed on the machine.
+/- = Added or deleted from Resource List.* = Diagnostic support not available.
Model Architecture: chrp
Model Implementation: Multiple Processor, PCI bus
+ sys0 System Object
+ sysplanar0 System Planar
+ L2cache0 L2 Cache
+ mem0 Memory
+ proc0 Processor
+ proc2 Processor
* vsa0 U8204.E8A.652ACD2-V4-C0 LPAR Virtual Serial Adapter
* vty0 U8204.E8A.652ACD2-V4-C0-L0 Asynchronous Terminal
* pci1 U78A0.001.DNWGGRX-P1 PCI Express Bus
+ fcs0 U78A0.001.DNWGGRX-P1-C3-T1 4Gb FC PCI Express Adapter (df1000fe)
* fcnet0 U78A0.001.DNWGGRX-P1-C3-T1 Fibre Channel Network Protocol Device
* fscsi0 U78A0.001.DNWGGRX-P1-C3-T1 FC SCSI I/O Controller Protocol Device
+ fcs1 U78A0.001.DNWGGRX-P1-C3-T2 4Gb FC PCI Express Adapter (df1000fe)
* fcnet1 U78A0.001.DNWGGRX-P1-C3-T2 Fibre Channel Network Protocol Device
* fscsi1 U78A0.001.DNWGGRX-P1-C3-T2 FC SCSI I/O Controller Protocol Device
* pci0 U7311.D20.6516D3C-P1 PCI Bus* pci2 U7311.D20.6516D3C-P1 PCI Bus
+ ent0 U7311.D20.6516D3C-P1-C01-T1 2-Port 10/100/1000 Base-TX PCI-X Adapter
+ ent1 U7311.D20.6516D3C-P1-C01-T2 2-Port 10/100/1000 Base-TX PCI-X Adapter
* pci3 U7311.D20.6516D3C-P1 PCI Bus
+ sisscsia0 U7311.D20.6516D3C-P1-C04 PCI-XDDR Dual Channel Ultra320 SCSI Adapter
+ scsi0 U7311.D20.6516D3C-P1-C04-T1 PCI-X Dual Channel Ultra320 SCSI Adapter bus
+ scsi1 U7311.D20.6516D3C-P1-C04-T2 PCI-X Dual Channel Ultra320 SCSI Adapter bus
+ hdisk0 U7311.D20.6516D3C-P1-C04-T2-L8-L0 16 Bit LVD SCSI Disk Drive (73400 MB)
+ hdisk1 U7311.D20.6516D3C-P1-C04-T2-L9-L0 16 Bit LVD SCSI Disk Drive (73400 MB)
* vscsi0 U8204.E8A.652ACD2-V2-C12-T1 Virtual SCSI Client Adapter
* hdisk2 U8204.E8A.652ACD2-V2-C12-T1-L810000000000 Virtual SCSI Disk Drive
+ ses0 U7311.D20.6516D3C-P1-C04-T2-L15-L0 SCSI Enclosure Services Device
INSTALLED RESOURCE LIST
The following resources are installed on the machine.
+/- = Added or deleted from Resource List.
* = Diagnostic support not available.
Model Architecture: chrp
Model Implementation: Multiple Processor, PCI bus
+ sys0 System Object
+ sysplanar0 System Planar
+ L2cache0 L2 Cache
+ mem0 Memory
+ proc0 Processor
+ proc2 Processor
* vsa0 U8204.E8A.652ACD2-V4-C0 LPAR Virtual Serial Adapter
* vty0 U8204.E8A.652ACD2-V4-C0-L0 Asynchronous Terminal
* pci1 U78A0.001.DNWGGRX-P1 PCI Express Bus
+ fcs0 U78A0.001.DNWGGRX-P1-C3-T1 4Gb FC PCI Express Adapter (df1000fe)
* fcnet0 U78A0.001.DNWGGRX-P1-C3-T1 Fibre Channel Network Protocol Device
* fscsi0 U78A0.001.DNWGGRX-P1-C3-T1 FC SCSI I/O Controller Protocol Device
+ fcs1 U78A0.001.DNWGGRX-P1-C3-T2 4Gb FC PCI Express Adapter (df1000fe)
* fcnet1 U78A0.001.DNWGGRX-P1-C3-T2 Fibre Channel Network Protocol Device
* fscsi1 U78A0.001.DNWGGRX-P1-C3-T2 FC SCSI I/O Controller Protocol Device
* pci0 U7311.D20.6516D3C-P1 PCI Bus* pci2 U7311.D20.6516D3C-P1 PCI Bus
+ ent0 U7311.D20.6516D3C-P1-C01-T1 2-Port 10/100/1000 Base-TX PCI-X Adapter
+ ent1 U7311.D20.6516D3C-P1-C01-T2 2-Port 10/100/1000 Base-TX PCI-X Adapter
* pci3 U7311.D20.6516D3C-P1 PCI Bus
+ sisscsia0 U7311.D20.6516D3C-P1-C04 PCI-XDDR Dual Channel Ultra320 SCSI Adapter
+ scsi0 U7311.D20.6516D3C-P1-C04-T1 PCI-X Dual Channel Ultra320 SCSI Adapter bus
+ scsi1 U7311.D20.6516D3C-P1-C04-T2 PCI-X Dual Channel Ultra320 SCSI Adapter bus
+ hdisk0 U7311.D20.6516D3C-P1-C04-T2-L8-L0 16 Bit LVD SCSI Disk Drive (73400 MB)
+ hdisk1 U7311.D20.6516D3C-P1-C04-T2-L9-L0 16 Bit LVD SCSI Disk Drive (73400 MB)
* vscsi0 U8204.E8A.652ACD2-V2-C12-T1 Virtual SCSI Client Adapter
* hdisk2 U8204.E8A.652ACD2-V2-C12-T1-L810000000000 Virtual SCSI Disk Drive
+ ses0 U7311.D20.6516D3C-P1-C04-T2-L15-L0 SCSI Enclosure Services Device
Second half ofthe output isidentical to
lscfg
Device listing
including “physicallocation codes”
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 204/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
6-10 AIX installation © Copyright IBM Corp. 2009
Figure 6-8. lscfg AN121.1
Notes:
The lscfg command displays configuration, diagnostic, and vital product data (VPD)
information about the system.
Use the lscfg command to display vital product data (VPD) such as part numbers, serialnumbers, and engineering change levels. VPD data is required for hardware engineers
when they need to order replacement parts due to failures.
© Copyright IBM Corporation 2009
IBM Power Systems
lscfg
• lscfg can be used to display Vital Product Data (VPD) information for
devices.
– CEs need this to order and replace failed components
# lscfg -v -l ent0
ent0 U7311.D20.6516D3C-P1-C01-T1 2-Port 10/100/1000 Base-
TX PCI-X Adapter (14108902)
2-Port 10/100/1000 Base-TX PCI-X Adapter:
Part Number.................03N5297
FRU Number..................03N5297
EC Level....................H13845Manufacture ID..............YL1021
Network Address.............001A64918678
ROM Level.(alterable).......DV0210
Hardware Location Code......U7311.D20.6516D3C-P1-C01-T1
# lscfg -v -l ent0
ent0 U7311.D20.6516D3C-P1-C01-T1 2-Port 10/100/1000 Base-
TX PCI-X Adapter (14108902)
2-Port 10/100/1000 Base-TX PCI-X Adapter:
Part Number.................03N5297
FRU Number..................03N5297
EC Level....................H13845
Manufacture ID..............YL1021
Network Address.............001A64918678
ROM Level.(alterable).......DV0210
Hardware Location Code......U7311.D20.6516D3C-P1-C01-T1
VPDinformation
Physicallocation code
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 205/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 6. System configuration and devices 6-11
5.2
empty
Figure 6-9. lsdev AN121.1
Notes:
The lsdev command displays information about devices in the device configuration
database. You can display information about all the customized devices using the -C flag.
Any combination of the -c Class, -s Subclass, -t Type, -l Name, -p Parent, and -S State flags, selects a subset of the customized devices. You can display information about
all devices supported by the system using the -P flag. Any combination of the -c Class,-s Subclass, and -t Type flags selects a subset of the supported devices.
Certain device slots can be moved from partition to partition with the Dynamic LPAR
function. To do this, you first have to remove the parent pci slot of the device. In order todiscover the parent pci slot, it is useful to write a simple script, such as parent.device asshown in the visual:
© Copyright IBM Corporation 2009
IBM Power Systems
lsdev
• lsdev displays device information including the device state
# lsdev |grep ent
ent0 Available 02-08 2-Port 10/100/1000 Base-TX PCI-X Adapter (14108902)
ent1 Available 02-09 2-Port 10/100/1000 Base-TX PCI-X Adapter (14108902)
ent2 Available Virtual I/O Ethernet Adapter (l-lan)
ent3 Available Shared Ethernet Adapter
# lsdev -Cc disk
hdisk0 Available 03-08-01-8,0 16 Bit LVD SCSI Disk Drive
hdisk1 Available 01-00-02 MPIO Other FC SCSI Disk Drive
hdisk2 Available 00-08-00 SAS Disk Drive
# lsdev -Cl proc2
proc2 Available 00-02 Processor
# lsdev -p pci5
ent8 Available 05-08 2-Port 10/100/1000 Base-TX PCI-X Adapter (14108902)ent9 Available 05-09 2-Port 10/100/1000 Base-TX PCI-X Adapter (14108902)
# lsdev –Cl cd1 –F parentide0
# ksh < parent.device cd1
cd1 ide0 pci1 pci0 sysplanar0 sys0
# lsdev |grep ent
ent0 Available 02-08 2-Port 10/100/1000 Base-TX PCI-X Adapter (14108902)
ent1 Available 02-09 2-Port 10/100/1000 Base-TX PCI-X Adapter (14108902)
ent2 Available Virtual I/O Ethernet Adapter (l-lan)
ent3 Available Shared Ethernet Adapter
# lsdev -Cc disk
hdisk0 Available 03-08-01-8,0 16 Bit LVD SCSI Disk Drive
hdisk1 Available 01-00-02 MPIO Other FC SCSI Disk Drive
hdisk2 Available 00-08-00 SAS Disk Drive
# lsdev -Cl proc2
proc2 Available 00-02 Processor
# lsdev -p pci5
ent8 Available 05-08 2-Port 10/100/1000 Base-TX PCI-X Adapter (14108902)ent9 Available 05-09 2-Port 10/100/1000 Base-TX PCI-X Adapter (14108902)
# lsdev –Cl cd1 –F parentide0
# ksh < parent.device cd1
cd1 ide0 pci1 pci0 sysplanar0 sys0
-Cc : list by class-Cl : list by device name
Device state
Software (AIX)
location codes
Locating theparentdevice
listing parentdevices recursively
childdevices
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 206/692
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 207/692
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 208/692
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 209/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 6. System configuration and devices 6-15
5.2
empty
Figure 6-12. Device states AN121.1
Notes:
Device States
• Undefined is not a state one can see assigned in the system, more of a reference
statement. If refers to a device which is supported but is not configured.
• Defined means that the device is known to the system. It has been allocated a logical
device name, a location code, and attributes have been assigned to it. However, it is stillunavailable for use.
• Available means that the device is fully configured and is ready for use.
• Stopped mean that the device is configured, but not available for use by applications.• When a device is first identified, it is configured and put into the Available state.
Available devices can be put into the defined or undefined state by using the rmdev
command. Devices can be configured with both the mkdev or cfgmgr commands.
cfgmgr
The cfgmgr command configures devices and optionally installs device software intothe system. It can be run at any time.
© Copyright IBM Corporation 2009
IBM Power Systems
Device states
• Undefined – The device is unknown to the system.
• Defined – The device is know to the system but it is unavailable for use.
• AvailableThe device is available and ready for use.
• Stopped – The device is unavailable but remains known by its device driver.
• The mkdev and cfgmgr commands make devices availablefor use.
• The rmdev command can make devices unavailable for use
and completely remove them from the system.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 210/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
6-16 AIX installation © Copyright IBM Corp. 2009
Figure 6-13. /dev directory, device configuration and control AN121.1
Notes:
The visual shows a tape drive connected to a system but is undefined. The cfgmgr
command is run to configure and make the device available. Once available, special device
files have been created in /dev directory. Some devices like tapes have several specialfiles. Each file is assigned a major and minor number. Major and minor numbers are used
by the operating system to determine the actual driver and device to be accessed by theuser-level request for the special device file.
For example, when writing files to a tape, the difference between tar –cvf /dev/rmt0
myfiles.tar and tar –cvf /dev/rmt0.1 myfiles.tar is that rmt0 will result in the tape rewindingafter the operation, whereas with rmt0.1, the tape will not rewind after the write operation.
© Copyright IBM Corporation 2009
IBM Power Systems
/dev directory, device configuration and control
• On Unix platforms, access to devices is provided through special devicefiles that reside in /dev directory.
# lsdev -Cc tape; ls -l /dev/*rmt0*
/dev/*rmt0* not found
# cfgmgr
# lsdev -Cc tape
rmt0 Available 04-08-01-2,0 LVD SCSI 4mm Tape Drive
# ls -l /dev/*rmt0*
crw-rw-rw- 1 root system 37, 0 13 Oct 14:43 /dev/rmt0
crw-rw-rw- 1 root system 37, 1 13 Oct 14:43 /dev/rmt0.1
……. Removed rmt0.2 through rmt0.6
crw-rw-rw- 1 root system 37, 7 13 Oct 14:43 /dev/rmt0.7
# rmdev -l rmt0rmt0 Defined
# mkdev -l rmt0
rmt0 Available
# rmdev -l rmt0 -d
rmt0 deleted
# lsdev -Cc tape; ls -l /dev/*rmt0*
/dev/*rmt0* not found
# cfgmgr
# lsdev -Cc tape
rmt0 Available 04-08-01-2,0 LVD SCSI 4mm Tape Drive
# ls -l /dev/*rmt0*
crw-rw-rw- 1 root system 37, 0 13 Oct 14:43 /dev/rmt0
crw-rw-rw- 1 root system 37, 1 13 Oct 14:43 /dev/rmt0.1
……. Removed rmt0.2 through rmt0.6
crw-rw-rw- 1 root system 37, 7 13 Oct 14:43 /dev/rmt0.7
# rmdev -l rmt0
rmt0 Defined
# mkdev -l rmt0
rmt0 Available
# rmdev -l rmt0 -d
rmt0 deleted
Tape drive will beconfigured by loading thedevice into the kernel(/unix)
The Kernel willreference the tapedevice through themajor number (37)
Minor number.Certain devices liketapes can behave indifferent ways.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 211/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 6. System configuration and devices 6-17
5.2
empty
Figure 6-14. Device addressing AN121.1
Notes:
Every device is assigned a physical location code when it is attached to the system. These
codes are critical. If a device has a problem such as a disk failure, an error report is
generated which will identify the device and its location. You can use this information toreplace the failed disk drive.
It is important not to confuse physical location codes with AIX location codes. Before LPARtechnology was introduced into Power Systems, there were only AIX location codes, and
they remain today for legacy purposes. On newer platforms such as POWER5 and
POWER6 systems, one should use physical codes only.Note: Virtual devices do not have OS location codes.
© Copyright IBM Corporation 2009
IBM Power Systems
Device addressing
• The address of a device allows you to identify its location.• There are two types of Device addressing.
– Physical location codes refer to a specific component. – Assigned by the system firmware
• Example. hdisk0: U78A0.001.DNWGGRX-P2-D5 (SAS Drive)
– Operating system location codes also refer to components but use adifferent convention, assigned by AIX.
– Not as useful or meaningful as Physical codes on POWER5 orPOWER6 systems
– Virtual devices do not have AIX location codes.
– Note: Address conventions differ between models and types(adapters, SCSI, non-SCSI)• Example. hdisk0: 00-08-00 (SAS Drive)
• Both physical and AIX codes can be seen side by side with: – lsdev –CHF “name, status, physloc, location”
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 212/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
6-18 AIX installation © Copyright IBM Corp. 2009
Figure 6-15. Physical location code examples AN121.1
Notes:
The visual above shows how to interpret physical location code information.
A Power System is made up of one of more CECs. An example of a system with the ability
to have multiple CECs is a Power 570. In a multiple node Power 570, what distinguishesone system enclosure form another is the serial number of the CEC.
A Power 550 only has one CEC.
• U78A0 identifies that the unit type is a CEC belonging to a Power 550.
• The model number for a CEC is always: 001. • DNWGGRX is the serial number of the CEC.
Power Systems usually have I/O expansion drawers, or in the case of the larger machines,expansion frames containing I/O drawers. U7311.D20 is a popular remote I/O drawer (RIO)
for low to mid-range systems. 6516D3 is the serial number assigned to the drawer.
© Copyright IBM Corporation 2009
IBM Power Systems
Physical location code examples
• Physical location code format – Unit_type.Model_no.Serial_no-additional device information
• Examples:
hdisk0 U78A0.001.DNWGGRX-P2-D5 SAS Disk Drive
SAS Planar (P2), Device slot reference 5, disk is in the CEC
ent1 U78A0.001.DNWGGRX-P1-C4-T2 2-Port 10/100/1000 PCI-X Adapter
System planar (P1), Card slot No 4, 2nd port, Adapter is in the CEC
hdisk0 U7311.D20.6516D3C-P1-C04-T2-L8-L0 16 Bit LVD SCSI Disk
Planar 1 (P1), PCI slot No 4, 2nd
port, SCSI ID 8,0, Disk is in anattached SCSI 7311-D 20 I/O Drawer.
hdisk5 U78A0.001.DNWGGRX-P1-C3-T1-W500507630E801223-L4011402700000000 FC SCSI Disk
System planar (P1), Card slot No 3, Port 1, W = WW unique name of an
FC adapter (where the FC adapter is in a remote storage subsystem), L =
LUN ID. The disk is a logical device (identified by the LUN ID) in
the remote storage subsystem.
hdisk0 U78A0.001.DNWGGRX-P2-D5 SAS Disk Drive
SAS Planar (P2), Device slot reference 5, disk is in the CEC
ent1 U78A0.001.DNWGGRX-P1-C4-T2 2-Port 10/100/1000 PCI-X Adapter
System planar (P1), Card slot No 4, 2nd port, Adapter is in the CEC
hdisk0 U7311.D20.6516D3C-P1-C04-T2-L8-L0 16 Bit LVD SCSI Disk
Planar 1 (P1), PCI slot No 4, 2nd port, SCSI ID 8,0, Disk is in an
attached SCSI 7311-D 20 I/O Drawer.
hdisk5 U78A0.001.DNWGGRX-P1-C3-T1-W500507630E801223-L4011402700000000 FC SCSI Disk
System planar (P1), Card slot No 3, Port 1, W = WW unique name of an
FC adapter (where the FC adapter is in a remote storage subsystem), L =
LUN ID. The disk is a logical device (identified by the LUN ID) in
the remote storage subsystem.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 213/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 6. System configuration and devices 6-19
5.2
empty
Figure 6-16. Virtual location codes, example AN121.1
Notes:
Virtual devices are assigned location codes in a similar format to physical devices. The
format is:
Unit_type.Model_no.virtual_adapter_number.virtual_card_slot_number
.[port].[LUN]
The visual above shows a VIOS presenting a virtual disk (hdisk1) to a VIO Client. In orderto do this, the first step is to create a virtual server adapter, on the HMC for the VIOS and
also a VIO client adapter for the AIX partition. Each adapter has an assigned ID.
The vhost device in the VIOS symbolizes the virtual server adapter. In the example: V1represents a virtual device with an assigned ID of one. C12 represents the virtual card slot
number, which is always equal to the adapter ID as defined on the HMC.
The vscsi device on the virtual client symbolizes the client adapter. In the example, V2again represents a virtual device with an assigned ID of two. C12 represents the virtual
card slot number, which is also equal the adapter ID as defined on the HMC. T1 specifiesthe port number of the adapter.
© Copyright IBM Corporation 2009
IBM Power Systems
Virtual location codes example
– VIOS HMC profileVirtual SCSI adapter definition
– VIOS partition
vhost0 U8204.E8A.652ACD2-V1-C12 Virtual SCSI Server Adapter
Virtual Server adapter, Virtual (LPAR) ID 1, virtual card slot (Adapter ID) 12
vhost0 U8204.E8A.652ACD2-V1-C12 Virtual SCSI Server Adapter
Virtual Server adapter, Virtual (LPAR) ID 1, virtual card slot (Adapter ID) 12
# uname –L2 sys124_v1_T1
vscsi0 U8204.E8A.652ACD2-V2-C12-T1 Virtual SCSI Client Adapter
hdisk1 U8204.E8A.652ACD2-V2-C12-T1-L810000000000 Virtual SCSI Disk Drive
Virtual client disk, Virtual (LPAR) ID 2, virtual card slot 12.
# uname –L2 sys124_v1_T1
vscsi0 U8204.E8A.652ACD2-V2-C12-T1 Virtual SCSI Client Adapter
hdisk1 U8204.E8A.652ACD2-V2-C12-T1-L810000000000 Virtual SCSI Disk Drive
Virtual client disk, Virtual (LPAR) ID 2, virtual card slot 12.
– Client (AIX) partition
Note: In this example, the HMC profile is required toshow the client server virtual disk relationship.
Virtual devices are easilyrecognized by the virtual IDreference. This value is the LPARID as shown with the unamecommand.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 214/692
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 215/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 6. System configuration and devices 6-21
5.2
empty
Figure 6-17. Checkpoint AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Checkpoint
1. What does the following location code mean?
2. What is the purpose of a device major number? How would youlocate the major number of a disk, hdisk18?
3. True or False: cfgmgr is a binary executable that runs at systeminitialization time to configure devices on the system.
4. What commands can you run on AIX to document the systemconfiguration?
fcs0 U78A0.001.DNWGGRX-P1-C3-T1 4Gb FC PCI Express Adapterfcs0 U78A0.001.DNWGGRX-P1-C3-T1 4Gb FC PCI Express Adapter
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 216/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
6-22 AIX installation © Copyright IBM Corp. 2009
Figure 6-18. Exercise 6 AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Exercise 6
System configurationand devices
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 217/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 6. System configuration and devices 6-23
5.2
empty
Figure 6-19. Unit summary AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Unit summary
Having completed this unit, you should be able to:
• Understand device terminology
• Document the system configuration
• Use popular device commands
• Understand device configuration and control
• Identify device locations
– Interpret physical and virtual location codes
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 218/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
6-24 AIX installation © Copyright IBM Corp. 2009
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 219/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 7. System storage overview 7-1
5.2
empty Unit 7. System storage overview
What this unit is about
This unit is an overview of AIX system storage.
What you should be able to do
After completing this unit, you should be able to:
• Describe the terminology and the concepts associated with:
- Physical volumes
- Volume groups
- Logical volumes
- Physical partitions
- Logical partitions
• Describe how file systems and logical volumes are related
How you will check your progress
Accountability:
• Checkpoint questions
• Exercise
References
Online AIX Version 6.1 Operating System and Device
Management
SG24-5432 AIX Logical Volume Manager, from A to Z: Introduction
and Concepts (redbook)
Note: References listed as “Online” above are available at the
following address:
http://publib.boulder.ibm.com/infocenter/systems/index.jsp
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 220/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
7-2 AIX installation © Copyright IBM Corp. 2009
Figure 7-1. Unit objectives AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Unit objectives
After completing this unit, you should be able to:
• Describe the terminology and concepts associated with: – Physical volumes
– Volume groups
– Logical volumes
– Physical partitions
– Logical partitions
• Describe how file systems and logical volumes are related
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 221/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 7. System storage overview 7-3
5.2
empty
Figure 7-2. Components of AIX storage AN121.1
Notes:
Components
The basic components or building blocks of AIX storage are:
• Files
• Directories
• File systems
• Logical storage
• Physical storage
• Logical Volume Manager (LVM)
As a user, you work with files and directories. As a system administrator, you manage
storage using the Logical Volume Manager.
© Copyright IBM Corporation 2009
IBM Power Systems
Components of AIX storage
Managed byLogical Volume Manager (LVM)
Physical storage
Logical storage
File systems
Directories
Files
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 222/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
7-4 AIX installation © Copyright IBM Corp. 2009
Figure 7-3. Traditional UNIX disk storage AN121.1
Notes:
Issues with traditional UNIX disk storage
Traditionally, disk partitioning has been implemented through partitions. Customers hadto select the correct size for each partition before the system could be installed.
Each file system was on a partition on the hard disk.
Changing the size of the partition, and thus the file system, was no easy task. It involved
backing up the file system, removing the partition, creating new ones, and restoring thefile system.
A major limitation to partitions was that each partition had to consist of contiguous disk
space. This characteristic limited the partition to reside on a single physical drive. Itcould not span multiple hard disks. Since file systems were always contained within a
partition, no file system could be defined that would be larger than the largest physicaldrive. This meant that no single file could be larger than the largest physical drive.
© Copyright IBM Corporation 2009
IBM Power Systems
Traditional UNIX disk storage
Problems:
• Fixed partitions
• Expanding size of the partition
• Limitation on size of a file system and a file
• Contiguous data requirement
• Time and effort required in planning ahead
Partition 1
Partition 2
Partition 3
Partition 5
Partition 4
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 223/692
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 224/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
7-6 AIX installation © Copyright IBM Corp. 2009
Figure 7-5. Logical Volume Manager components AN121.1
Notes:
Introduction
The AIX Logical Volume Manager controls disk storage resources by mapping databetween a simple and flexible logical view of storage space and the actual physical
disks.
This visual and these notes provide a brief overview of the basic components of LVM.
Components
A hierarchy of structures is used to manage disk storage:
• Volume groups
• Physical volumes
• Physical partitions
• Logical volumes
• Logical partitions
© Copyright IBM Corporation 2009
IBM Power Systems
Logical Volume Manager components
Logical
volume (LVs)
write(data);
Application
Logical
partitions (LPs)
Physicalpartitions (PPs)
Volume group
Physicalvolumes (PVs)
123456xy
z
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 225/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 7. System storage overview 7-7
5.2
empty Volume group (VG)
A volume group (VG) is the largest unit of storage allocation. A VG consists of a group
of one or more physical volumes (disks) all of which are accessed under one VG name.The combined storage of all the physical volumes makes up the total size of the VG.
This space can be used by other storage entities like file systems and logical volumes.
VGs are portable and can be disconnected from one system and connected to anothersystem. All disks in the VG must move together.
Physical volume (PV)
A physical volume (PV) is the name for an actual disk or hard drive. A PV can be
internally or externally attached.
For a disk to be used by LVM, the disk must be added to a volume group, or a newvolume group must be set up for it.
A PV can only belong to one volume group (VG).
Physical partition (PP)
All of the physical volumes in a volume group are divided into physical partitions (PP).
All the physical partitions within a volume group are the same size, although differentvolume groups can have different PP sizes.
Logical volume (LV)
Within each volume group, one or more logical volumes (LV) are defined. Logical
volumes are groups of information located on physical volumes. Data on logicalvolumes appears to be contiguous to the user, but can be non-contiguous on the
physical volume, or can even be located on several physical volumes.
Logical partition (LP)
Each logical volume consists of one or more logical partitions (LP). Logical partitions
are the same size as the physical partitions within a volume group. Each logical partitionis mapped to at least one physical partition. Although the logical partitions are
numbered consecutively, the underlying physical partitions are not necessarily
consecutive or contiguous.
This allows file systems, paging space, and other logical volumes to be resized or
relocated, to span multiple physical volumes, and to have their contents replicated forgreater flexibility and availability in the storage of data.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 226/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
7-8 AIX installation © Copyright IBM Corp. 2009
Figure 7-6. Physical storage AN121.1
Notes:
Introduction
Disk space on a physical volume (PV) is allocated to logical volumes (LV) in chunkscalled physical partitions (PP). Each physical partition size is the same across all the
disks in a volume group (VG). The PP size is set at the time the VG is created. The sizeis set in megabytes on power of two boundaries (for example: 4 MB, 8 MB, 16 MB, and
so forth). The default is 4 MB.
In AIX 5L V5.2 and later, LVM defaults the PP size of a new VG to the smallest PP size(equal or greater than 4 MB) which allows full addressing of the largest disk in the VG
given the selected maximum number of PPs per PV (defaults to 1016). The smallest PPsize is 1 MB, which is supported by using a larger number of PPs per PV.
When a PV is added to a system, a file called hdiskn is added to the /dev directory. n is
a number allocated by the operating system. It is usually the next available number.This file may be used to access the device directly but this is not often done.
© Copyright IBM Corporation 2009
IBM Power Systems
Physical storage
Volumegroup A
Volumegroup B
PV1
PV2 PV3 PV4 PV5
Physicalvolume /dev/hdiskn
PPn
PP3PP4PP5PP6
PP1PP2
-t factor Disks (PVs) PPs per PV Disks (PVs) -t factor
1 32 1016 128 12 16 2032 64 2
4 8 4064 32 4
8 4 8128 16 8
16 2 16256 8 16
N/A N/A 32512 4 32
N/A N/A 65024 2 64
Original volume groups Big volume groups
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 227/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 7. System storage overview 7-9
5.2
empty Original volume group
Originally AIX supported VGs with a maximum of 32 PVs, no more than 1016 PPs per
disk, and an upper limit of 256 LVs per VG. This VG type is commonly referred to as theoriginal, normal, or volume group.
As disks increased in size, this meant that the PP size had to increase to use the entire
disk space and stay within the 1016 PPs per disk limit. Larger PPs means less flexibilityin allocating space for LVs, and potentially more wasted space.
For example, for an 18 GB disk, you must have a PP size of 32 MB. A PP size of 16 MB
would require 1152 PPs, over the limit.
Volume group -t factor
To handle the increase in hard disk drive capacity over time, AIX V4.3.1 implemented anew volume group factor, which can be specified by the -t flag of the mkvg command,
that allows you to increase the maximum number of PPs per disk proportional to the
given integer multiplier value. The maximum number of PVs decreases proportional tothe specified -t factor.
For example, if you wanted to use an 8 MB PP size with our 18 GB disks, you wouldneed at least 2304 PPs per disk. Setting the -t factor to 4 would allow 4064 PPs per
disk, but would limit us to 8 disks in the VG.
Big volume group
AIX V4.3.2 expanded the LVM scalability by introducing big volume groups. A big VGcan have up to 128 physical volumes and a maximum of 512 LVs defined with it. The
volume group -t factor can also be used with the big VG.
Using our 18 GB disk example, setting the -t factor to 4, would allow us to have a VGwith a PP size of 8 MB and 32 disks.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 228/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
7-10 AIX installation © Copyright IBM Corp. 2009
Figure 7-7. Volume groups AN121.1
Notes:
Volume group types
With successive versions of AIX, new types of volume groups have been introducedwhich allow for greater capacities and greater flexibility:
• Original volume groups
When creating a volume group with SMIT or using the mkvg command, original
volume groups are the default.
• Big volume groups
Big volume groups were introduced with AIX V4.3.2. Besides increasing the numberof PVs per VG, the big volume group also doubled the maximum number of LVs per
VG from 255 to 512. Support for creating big volume groups through SMIT wasintroduced in AIX 5L V5.3. Previous to 5.3 big volume groups could only be created
from the command line.
© Copyright IBM Corporation 2009
IBM Power Systems
Volume groups
• AIX contains one mandatory Volumes Group: rootvg – rootvg is created on system install
– Contains the AIX Operating System
• Why create new volume groups? – Separate user data from operating system files. – Disaster recovery – Data portability – Data integrity and security
Volume GroupType
MaxPVs
Max LVs Max PPs perVG
Max PPSize
Original 32 256 32512(1016 * 32)
1 GB
Big 128 512 130048(1016 * 128)
1 GB
Scalable 1024 4096 2097152 128 GB
rootvg datavg
PV1 PV2 PV3
• Volume group types: – Original
– Big – Scalable
• Limits
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 229/692
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 230/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
7-12 AIX installation © Copyright IBM Corp. 2009
Figure 7-8. Volume group descriptor area AN121.1
Notes:
Volume Group Descriptor Area (VGDA)
The Volume Group Descriptor Area (VGDA) is an area of disk, at least one per PV,containing information for the entire VG. It contains administrative information about the
volume group (for example, a list of all logical volume entries, a list of all the physicalvolume entries, and so forth). There is usually one VGDA per physical volume. The
exceptions are when there is a volume group with either one or two disks (as shown in
the visual).
© Copyright IBM Corporation 2009
IBM Power Systems
Volume group descriptor area
VGDA VGDA
VGDA VGDA
VGDAVGDA
VGDA
VGDA
VGDA
One-disk VG Two-disk VGThree-disk or more
VG
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 231/692
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 232/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
7-14 AIX installation © Copyright IBM Corp. 2009
Figure 7-9. Logical storage AN121.1
Notes:
Logical partition
A physical partition is the smallest unit of disk allocation. Each logical partition maps toa physical partition which physically stores the data.
The logical partitions within a volume group are the same size as the physical partitions
within that volume group.
Logical volume
A logical volume consists of one or more logical partitions within a volume group.
Logical volumes may span physical volumes if the volume group consists of more thanone physical volume. Logical volumes do not need to be contiguous within a physical
volume, because the logical partitions within the logical volume are maintained to becontiguous. The view the system sees is the logical one. Thus, the physical partitions
they point to can reside anywhere on the physical volumes in the volume group.
© Copyright IBM Corporation 2009
IBM Power Systems
Physical volumes
1
7
1319
25313541
47
28
1420
2632
3642
48
34
910
1516
2122
2728
3334
3738
4344
4950
Logical Volume Manager
1
7
1319
253135
41
47
28
14202632
3642
48
34
910
1516
2122
2728
3334
3738
4344
4950
Logical storage
1 2 3 4 1 2 3 4
Logicalvolume
Logicalpartitions
Logicalvolume
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 233/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 7. System storage overview 7-15
5.2
empty Logical volumes may be increased in size at any time, assuming that there are sufficientfree physical partitions within the volume group. This can be done dynamically through
SMIT even when users are doing work in that logical volume. However, logical volumescannot easily be decreased and require a file system backup and restore to a
re-created smaller logical volume.
The mapping of which logical partition corresponds to which physical partition, is
maintained in the VGDA for the volume group. It is both a physical view and a logicalview.
LVM mapping
The Logical Volume Manager (LVM) consists of the logical volume device driver (LVDD)and the LVM subroutine interface library. The LVM controls disk resources by mapping
data between a more simple and flexible logical view of storage space, and the actualphysical disks. The LVM does this using a layer of device driver code that runs above
traditional disk device drivers.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 234/692
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 235/692
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 236/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
7-18 AIX installation © Copyright IBM Corp. 2009
Figure 7-11. What is a file system? AN121.1
Notes:
Introduction
A file system is a directory hierarchy for storing files. It has a root directory andsubdirectories. In an AIX system, the various file systems are joined together so that they
appear as a single file tree with one root. Many file systems of each type can be created.
Because the available storage is divided into multiple file systems, data in one file systemcould be on a different area of the disk than data of another file system. Because file
systems are of a fixed size, file system full errors can occur when that file system hasbecome full. Free space in one file system cannot automatically be used by an alternate file
system that resides on the same physical volume.
© Copyright IBM Corporation 2009
IBM Power Systems
What is a file system?
• A file system is: – Method of storing data
– Hierarchy of directories
• Seven types supported:
– Journaled File System (JFS)
– Enhanced Journaled File System (JFS2)
– CD-ROM File System (CDRFS)
– DVD-ROM File System (UDFS)
– Network File System (NFS)
– Common Internet Filesystem (CIFS) – Proc File System (PROCFS)
• Different file systems are connected together throughdirectories to form the view of files that users see.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 237/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 7. System storage overview 7-19
5.2
empty Supported file systems
AIX supports seven file system types:
• JFS - Journaled File System, exists within a logical volume on disk
• JFS2- Enhanced Journaled File System, exists within a logical volume on disk
• CDRFS - CD-ROM File System on a Compact Disc • UDFS - Universal Disk Format (UDF) file system on DVD
• CIFS - Common Internet File System accessed across a network (To install CIFSsupport on AIX, install the bos.cifs_fs package)
• NFS - Network File System accessed across a network
• PROCFS - Proc file system maps processes and kernel data structures to
corresponding files
• NAMEFS - NameFS provides the function of file-over-file and directory-over-directory
mounts, also called soft mounts, that allows you to mount a subtree of a file system in adifferent place in the file name space. This allows a file to be accessed through twodifferent path names.
Although these are physically different, they appear the same to users and applications.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 238/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
7-20 AIX installation © Copyright IBM Corp. 2009
Figure 7-12. Why have multiple file systems? AN121.1
Notes:
Benefits
A file system is a structure that allows you to organize your data. It is one level in thehierarchy of your data. By placing data in separate file systems, it allows for ease of
control and management of the data.
File systems can be placed on the disk in areas that provide the best performance.
Many times, backups and recoveries are done at a file system level.
Limit disk usage
Since the administrator determines the size of the file system, users are allocated only acertain amount of shared disk space. This helps to control disk usage. The
administrator can also impose more granular control over that disk space by limitinghow much space an individual user can use in a file system. This is known as file
system quotas.
© Copyright IBM Corporation 2009
IBM Power Systems
Why have multiple file systems?
• Can strategically place it on disk for improved performance
• Some tasks are performed more efficiently on a file systemthan on each directory within the file system, for example, backup, move, secure an entire file system.
• Can limit disk usage of users by file system through quotas
• Maintain integrity of the entire file system structure, forexample, if one file system is corrupted, the others are notaffected
• Special security situations
• Organize data and programs into groups for ease of filemanagement and better performance
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 239/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 7. System storage overview 7-21
5.2
empty Data is not all in one place
By having several different file systems, all of your data is not in one place. If a file
system ever becomes corrupted, the other file systems are not affected. Also,administrators can take a file system offline without affecting other file systems. This is
helpful when performing back ups or when limiting user access to the file system forsecurity reasons.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 240/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
7-22 AIX installation © Copyright IBM Corp. 2009
Figure 7-13. Standard file systems in AIX AN121.1
Notes:
Initial file systems
When AIX is first installed on a stand-alone system there are only seven journaled filesystems and one pseudo file system (/proc) in existence:
/ (root) = /dev/hd4
• At the top of the hierarchical file tree. It contains the files and directories critical for
system operations including the device directory and programs that complete the bootprocess.
/usr = /dev/hd2
• Operating system commands, libraries, and application programs
• Can be shared across the network
© Copyright IBM Corporation 2009
IBM Power Systems
Standard file systems in AIX
home sbin opt lpp proc usr dev tftpboot var mnt etc tmp
/ (root)
hd4
hd1 hd9var hd3
/ / /
hd2
/
libbin sbin spool adm tmp
/
hd10opt
csm freeware
Note: The drawing depicts logical, not physical volumes.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 241/692
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 242/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
7-24 AIX installation © Copyright IBM Corp. 2009
Figure 7-14. /etc/filesystems AN121.1
Notes:
What is /etc/filesystems?
The /etc/filesystems file, documents the layout characteristics, or attributes of filesystems. It is in a stanza format which means a resource is named followed by a colon
and a listing of its attributes in the form of attributes = value.
Each stanza in the /etc/filesystems file, names the directory where the file system isnormally mounted.
File system attributes
The file system attributes specify all the parameters of the file system. They are as
follows:
dev For local mounts, identifies the block special file where the file systemresides, or the file or directory to be mounted
© Copyright IBM Corporation 2009
IBM Power Systems
/etc/filesystems
/:dev = /dev/hd4vol = rootmount = automaticcheck = falsevfs = jfs2log = /dev/hd8type = bootfs
/home:dev = /dev/hd1vol = /homemount = truecheck = truevfs = jfs2
log = /dev/hd8
/home/team01:dev = /dev/fslv00vfs = jfs2log = /dev/loglv00mount = trueoptions = rwaccount = false
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 243/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 7. System storage overview 7-25
5.2
empty vol Used by the mkfs command when initiating the label on a new filesystem
mount Used by the mount command to determine whether a file system
should be mounted by default. Possible values are:
automatic File system mounted automatically at system startup
true File system mounted by the mount all command.This command is issued during system initialization toautomatically mount such file systems.
false File system is not automatically mounted
check Used by the fsck command to determine the default file systems to be
checked. True enables checking
vfs Specifies the type of mount. For example, vfs=jfs2.
log The device to which log data is written, as the file system is modified.This option is only valid for journaled file systems.
type Used to group together related file systems which can all be mounted
with the mount -t command
account Used to determine the file systems to be processed by the accounting
subsystem.
quote Allows the system administrator to control the number of files and datablocks that can be allocated to a user or group
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 244/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
7-26 AIX installation © Copyright IBM Corp. 2009
Figure 7-15. Mount AN121.1
Notes:
Mounting a file system
A file system has to be mounted in order for it to be available for use. Use the mount command or SMIT to do this. The file system can also be umounted using the umount or
unmount command, or SMIT. These commands can be executed by either the root user or a member of the system group.
It is possible to have file systems automatically mounted at boot time. This can be
specified in the /etc/filesystems file using the mount=automatic or mount=trueparameters.
Mount points
Full path names must be used when specifying the mount point. If SMIT is used to
create the file system, the mount point is created automatically.
© Copyright IBM Corporation 2009
IBM Power Systems
Mount
• mount is the glue that logically connects file systems to thedirectory hierarchy.
• File systems are associated with devices represented by specialfiles in /dev (the logical volume).
• When a file system is mounted, the logical volume and itscontents are connected to a directory in the hierarchical treestructure.
What to
mount
Where to
mount it
# mount /dev/fslv00 /home/patsie# mount /dev/fslv00 /home/patsie
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 245/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 7. System storage overview 7-27
5.2
empty
Figure 7-16. Mounting over an empty directory AN121.1
Notes:
Accessing data in a file system
In order for users to get access to the data contained in a file system, it must bemounted. When the file system is mounted, it becomes a part of the hierarchical tree
structure of files and directories. From the user’s perspective, there is no way to tellwhere one file system ends and another begins.
© Copyright IBM Corporation 2009
IBM Power Systems
Mounting over an empty directory
Before
patsieliz john
docdata.profile.exrcmyscript
After
liz john
docdata.profile.exrcmyscript
home home
/
patsie
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 246/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
7-28 AIX installation © Copyright IBM Corp. 2009
Figure 7-17. Mounting over files AN121.1
Notes:
What happens when mounting over files?
It is possible to mount over files and subdirectories. The result is that the files andsubdirectories that have been mounted over are now hidden from the users, that is,
inaccessible. They have not been lost though. They are again accessible when the
unmount command has been executed on the covering file system.
Not everyone has the authority to mount file systems randomly. Authority is based on
two things: what the default mount point is, as specified in the file /etc/filesystems, andwhether the user has write authority to that mount point. Users can issue file or directory
mounts provided they belong to the system group and have write access to the mountpoint. They can do device mounts only to the default mount points mentioned in the file
/etc/filesystems. root can mount anywhere under any set of permissions.
© Copyright IBM Corporation 2009
IBM Power Systems
Mounting over files
Before After
liz john liz john
docdata.profile.exrcmyscript
docdata.profile.exrcmyscript
.profile
.exrcreports pgms
home home
/
patsiepatsie
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 247/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 7. System storage overview 7-29
5.2
empty
Figure 7-18. Listing file systems AN121.1
Notes:
The lsfs command
You can list the various file systems that are defined using the lsfs command. Thiscommand displays information from /etc/filesystems and from the logical volumes in a
more readable format. The lsfs command also displays information about CD-ROMfile systems and remote NFS file systems.
The SMIT fastpath to get to the screen which accomplishes the same task as the lsfs
command is: smit fs.
The syntax for the lsfs command is:
lsfs [-q] [ -c | -l ] [ -v vfstype | -u mountgrp ][file system]
The data may be presented in line and colon (-c) or stanza (-l) format. It is possible tolist only the file systems of a particular virtual file system type (-v), or within a particular
mount group (-u). The -q option queries the superblock for the fragment sizeinformation, compression algorithm, and the number of bytes per inode.
© Copyright IBM Corporation 2009
IBM Power Systems
Listing file systems
# lsfs
Name Nodename Mount Pt VFS Size Options Auto Accounting/dev/hd4 -- / jfs2 1966080 -- yes no
/dev/hd1 -- /home jfs2 131072 -- yes no
/dev/hd2 -- /usr jfs2 4587520 -- yes no
/dev/hd9var -- /var jfs2 655360 -- yes no
/dev/hd3 -- /tmp jfs2 393216 -- yes no
/proc -- /proc procfs -- -- yes no
/dev/hd10opt -- /opt jfs2 524288 -- yes no
/dev/hd11admin -- /admin jfs2 262144 -- yes no
/dev/fslv00 -- /db2 jfs2 262144 rw no no
# lsfs
Name Nodename Mount Pt VFS Size Options Auto Accounting
/dev/hd4 -- / jfs2 1966080 -- yes no
/dev/hd1 -- /home jfs2 131072 -- yes no
/dev/hd2 -- /usr jfs2 4587520 -- yes no
/dev/hd9var -- /var jfs2 655360 -- yes no
/dev/hd3 -- /tmp jfs2 393216 -- yes no
/proc -- /proc procfs -- -- yes no
/dev/hd10opt -- /opt jfs2 524288 -- yes no
/dev/hd11admin -- /admin jfs2 262144 -- yes no
/dev/fslv00 -- /db2 jfs2 262144 rw no no
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 248/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
7-30 AIX installation © Copyright IBM Corp. 2009
Figure 7-19. Listing logical volume information AN121.1
Notes:
Viewing logical volume information
lsvg -l rootvg
Provides information about the logical volumes in the rootvg volume group.
lslv lvname
This provides status information about the selected logical volume within the volume
group. For example, lslv hd6.
© Copyright IBM Corporation 2009
IBM Power Systems
Listing logical volume information
• List all logical volumes for a volume group
# lsvg -l rootvg
rootvg:
LV NAME TYPE LPs PPs PVs LV STATE MOUNT POINT
hd5 boot 1 2 2 closed/syncd N/A
hd6 paging 8 16 2 open/syncd N/A
hd8 jfs2log 1 2 2 open/syncd N/A
hd4 jfs2 15 30 2 open/syncd /
hd2 jfs2 35 70 2 open/syncd /usr
hd9var jfs2 5 10 2 open/syncd /var
hd3 jfs2 3 6 2 open/syncd /tmp
hd1 jfs2 1 2 2 open/syncd /home
loglv00 jfs2log 1 2 2 closed/syncd N/Ahd11admin jfs 2 4 2 open/syncd /admin
fslv00 jfs2 2 4 2 closed/syncd /db2
# lsvg -l rootvg
rootvg:
LV NAME TYPE LPs PPs PVs LV STATE MOUNT POINT
hd5 boot 1 2 2 closed/syncd N/A
hd6 paging 8 16 2 open/syncd N/A
hd8 jfs2log 1 2 2 open/syncd N/A
hd4 jfs2 15 30 2 open/syncd /
hd2 jfs2 35 70 2 open/syncd /usr
hd9var jfs2 5 10 2 open/syncd /var
hd3 jfs2 3 6 2 open/syncd /tmp
hd1 jfs2 1 2 2 open/syncd /home
loglv00 jfs2log 1 2 2 closed/syncd N/Ahd11admin jfs 2 4 2 open/syncd /admin
fslv00 jfs2 2 4 2 closed/syncd /db2
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 249/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 7. System storage overview 7-31
5.2
empty
Figure 7-20. Checkpoint (1 of 3) AN121.1
Notes:
For each item in the visual, fill in the blanks to complete the correct term for the indicated
LVM component.
© Copyright IBM Corporation 2009
IBM Power Systems
Checkpoint (1 of 3)
VGDA
1. V______ G______ D ______ A______
2. P______ P ______
3. L_____ P______
4. L______ V_______
6. P______ V______
5. V______ G______
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 250/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
7-32 AIX installation © Copyright IBM Corp. 2009
Figure 7-21. Checkpoint (2 of 3) AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Checkpoint (2 of 3)
7. How many different physical partition (PP) sizes can be set withina single VG? ____________
8. By default, how big are PPs? ____________________________________________
____________________________________________
9. How many volume groups (VGs) can a physical volume (PV)belong to?
a) Depends on what you specify through SMIT
b) Only onec) As many VGs as exist on the system
10. True or False: All VGDA information on your system is identical,regardless of how many volume groups (VGs) exist.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 251/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 7. System storage overview 7-33
5.2
empty
Figure 7-22. Checkpoint (3 of 3) AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Checkpoint (3 of 3)
Use the following output to answer the questions below:
11. With which logical volume is the /home file system associated? _____________________________________________________
12. What type of file systems are being displayed? _____________________________________________________
13. What is the mount point for the file system located on the /dev/hd4 logicalvolume? _____________________________________________
14. Which file system is used primarily to hold user data and home directories? _____________________________________________________
# lsfs
Name Nodename Mount Pt VFS Size Options Auto Accounting
/dev/hd4 -- / jfs2 294912 -- yes no
/dev/hd1 -- /home jfs2 32768 -- yes no
/dev/hd2 -- /usr jfs2 3309568 -- yes no
/dev/hd9var -- /var jfs2 65536 -- yes no
/dev/hd3 -- /tmp jfs2 131072 -- yes no
/dev/hd10opt -- /opt jfs2 163840 -- yes no
/dev/cd0 -- /infocd cdrfs ro yes no
/dev/lv00 -- /home/john jfs2 32768 rw yes no
/dev/hd11admin -- /admin jfs2 262144 -- yes no
# lsfs
Name Nodename Mount Pt VFS Size Options Auto Accounting/dev/hd4 -- / jfs2 294912 -- yes no
/dev/hd1 -- /home jfs2 32768 -- yes no
/dev/hd2 -- /usr jfs2 3309568 -- yes no
/dev/hd9var -- /var jfs2 65536 -- yes no
/dev/hd3 -- /tmp jfs2 131072 -- yes no
/dev/hd10opt -- /opt jfs2 163840 -- yes no
/dev/cd0 -- /infocd cdrfs ro yes no
/dev/lv00 -- /home/john jfs2 32768 rw yes no
/dev/hd11admin -- /admin jfs2 262144 -- yes no
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 252/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
7-34 AIX installation © Copyright IBM Corp. 2009
Figure 7-23. Exercise 7 AN121.1.
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Exercise 7
Systemstorage
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 253/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 7. System storage overview 7-35
5.2
empty
Figure 7-24. Unit summary AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Unit summary
Having completed this unit, you should be able to:
• Describe the terminology and concepts associated with:
– Physical volumes
– Volume groups
– Logical volumes
– Physical partitions
– Logical partitions
• Describe how file systems and logical volumes arerelated
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 254/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
7-36 AIX installation © Copyright IBM Corp. 2009
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 255/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 8. Working with the Logical Volume Manager 8-1
5.2
empty Unit 8. Working with the Logical Volume Manager
What this unit is about
This unit describes how to work with logical volumes, physical
volumes, and volume groups.
What you should be able to do
After completing this unit, you should be able to:
• Add, change, and delete:
- Volume groups
- Logical volumes
- Physical volumes
• Describe essential LVM concepts, such as:- Mirroring
- Striping
How you will check your progress
Accountability:
• Checkpoint questions
• Exercise
References
Online AIX Version 6.1 Operating System and Device
Management
AIX Version 6.1 Command References
SG24-5432 AIX Logical Volume Manager, from A to Z: Introduction
and Concepts (redbook)
Note: References listed as “Online” above are available at the
following address:http://publib.boulder.ibm.com/infocenter/systems/index.jsp
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 256/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
8-2 AIX installation © Copyright IBM Corp. 2009
Figure 8-1. Unit objectives AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Unit objectives
After completing this unit, you should be able to:• Explain how to work with the Logical Volume Manager • Add, change, and delete:
– Volume groups – Logical volumes – Physical volumes
• Describe essential LVM concepts, such as: – Mirroring – Striping
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 257/692
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 258/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
8-4 AIX installation © Copyright IBM Corp. 2009
Physical volumes
The SMIT Physical Volumes menu allows the user to configure the physical volumes(fixed disks) in the system. This menu duplicates options on the Fixed Disks menu of
Devices.
Paging space
The SMIT Page Space menu allows a user to add, delete, activate, and list the pagingspaces available.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 259/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 8. Working with the Logical Volume Manager 8-5
5.2
empty
Figure 8-3. SMIT volume group menu AN121.1
Notes:
The visual shows the SMIT screen that allows for the configuration of volume groups.
To get to this menu, use the SMIT fastpath, smit vg.
© Copyright IBM Corporation 2009
IBM Power Systems
SMIT volume group menu
Volume Groups
Move cursor to desired item and press Enter.
List All Volume Groups
Add a Volume Group
Set Characteristics of a Volume Group
List Contents of a Volume Group
Remove a Volume Group
Activate a Volume Group
Deactivate a Volume Group
Import a Volume Group
Export a Volume Group
Mirror a Volume Group
Unmirror a Volume GroupSynchronize LVM Mirrors
Back Up a Volume Group
Remake a Volume Group
Preview Information about a Backup
Verify the Readability of a Backup (Tape only)
View the Backup Log
List Files in a Volume Group Backup
Restore Files in a Volume Group Backup
Volume Groups
Move cursor to desired item and press Enter.
List All Volume Groups
Add a Volume Group
Set Characteristics of a Volume Group
List Contents of a Volume Group
Remove a Volume Group
Activate a Volume Group
Deactivate a Volume Group
Import a Volume Group
Export a Volume Group
Mirror a Volume Group
Unmirror a Volume Group
Synchronize LVM Mirrors
Back Up a Volume Group
Remake a Volume Group
Preview Information about a Backup
Verify the Readability of a Backup (Tape only)
View the Backup Log
List Files in a Volume Group Backup
Restore Files in a Volume Group Backup
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 260/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
8-6 AIX installation © Copyright IBM Corp. 2009
Figure 8-4. Adding a volume group to the system AN121.1
Notes:
The mkvg command
The mkvg command is used to create a volume group. A new volume group must contain
at least one physical volume. The -y option is used to indicate the name for the new volumegroup. If this is not specified, a system generated name is used.
It is best not to select a physical partition size as the system will select the best fit
automatically. The default is the smallest physical partition size consistent with themaximum PP/PV and the largest physical volume in the volume group.
Using SMIT
The volume group MAJOR NUMBER on the SMIT dialog screen is used by the kernel to
access that volume group. This field is most often used for PowerHA where the majornumber ideally should be the same for all nodes in the cluster.
Concurrent capable VGs are used for parallel processing applications, whereby the volume
group is read/write accessible to multiple machines at the same time.
© Copyright IBM Corporation 2009
IBM Power Systems
Adding a volume group to the system
# smit mkvg
Add a Volume Group
Move cursor to desired item and press Enter.
Add an Original Volume Group
Add a Big Volume Group
Add a Scalable Volume Group
Add a Volume Group
Move cursor to desired item and press Enter.
Add an Original Volume Group
Add a Big Volume Group
Add a Scalable Volume Group
Add an Original Volume Group
[Entry Fields]VOLUME GROUP name [datavg]
Physical partition SIZE in megabytes +
* PHYSICAL VOLUME names [hdisk1 hdisk2] +
Force the creation of a volume group? no +
Activate volume group AUTOMATICALLY yes +
at system restart?
Volume Group MAJOR NUMBER [] +#
Create VG Concurrent Capable? no +
Add an Original Volume Group
[Entry Fields]
VOLUME GROUP name [datavg]
Physical partition SIZE in megabytes +
* PHYSICAL VOLUME names [hdisk1 hdisk2] +
Force the creation of a volume group? no +
Activate volume group AUTOMATICALLY yes +
at system restart?
Volume Group MAJOR NUMBER [] +#
Create VG Concurrent Capable? no +
mkvg –y datavg hdisk1 hdisk2
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 261/692
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 262/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
8-8 AIX installation © Copyright IBM Corp. 2009
Figure 8-6. Listing volume groups and VG attributes AN121.1
Notes:
The lsvg command, with no parameters, lists the volume groups in the system. If used with
the –o options, all varied on/active volume groups are displayed.
To further list the information about the status and content of a particular volume group, run
lsvg <Volumegroup_name>
The output provides status information about the volume group. The most useful
information here is:
• Volume group state (VG STATE - active or inactive/complete if all physical volumes areactive)
• Physical partition size
• Total number of physical partitions (TOTAL PPs)
• Number of free physical partitions (FREE PPs)
© Copyright IBM Corporation 2009
IBM Power Systems
Listing volume groups and VG attributes
# lsvg
rootvg
datavgdb2_vg
# lsvg -o
datavg
rootvg
# lsvg
rootvg
datavg
db2_vg
# lsvg -o
datavg
rootvg
# lsvg rootvg
VOLUME GROUP: rootvg VG IDENTIFIER:
00cf2e7f00004c000000011cec07b52e
VG STATE: active PP SIZE: 64 megabyte(s)
VG PERMISSION: read/write TOTAL PPs: 130 (8320 megabytes)
MAX LVs: 256 FREE PPs: 54 (3456 megabytes)LVs: 11 USED PPs: 76 (4864 megabytes)
OPEN LVs: 9 QUORUM: 2 (Enabled)
TOTAL PVs: 2 VG DESCRIPTORS: 3
STALE PVs: 0 STALE PPs: 0
ACTIVE PVs: 2 AUTO ON: yes
MAX PPs per VG: 32512
MAX PPs per PV: 1016 MAX PVs: 32
LTG size (Dynamic): 256 kilobyte(s) AUTO SYNC: no
HOT SPARE: no BB POLICY: relocatable
# lsvg rootvg
VOLUME GROUP: rootvg VG IDENTIFIER:
00cf2e7f00004c000000011cec07b52e
VG STATE: active PP SIZE: 64 megabyte(s)
VG PERMISSION: read/write TOTAL PPs: 130 (8320 megabytes)
MAX LVs: 256 FREE PPs: 54 (3456 megabytes)LVs: 11 USED PPs: 76 (4864 megabytes)
OPEN LVs: 9 QUORUM: 2 (Enabled)
TOTAL PVs: 2 VG DESCRIPTORS: 3
STALE PVs: 0 STALE PPs: 0
ACTIVE PVs: 2 AUTO ON: yes
MAX PPs per VG: 32512
MAX PPs per PV: 1016 MAX PVs: 32
LTG size (Dynamic): 256 kilobyte(s) AUTO SYNC: no
HOT SPARE: no BB POLICY: relocatable
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 263/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 8. Working with the Logical Volume Manager 8-9
5.2
empty
Figure 8-7. Listing PVs in a VG and VG contents AN121.1
Notes:
The lsvg -p Volumegroup command gives information about all of the physical volumes
within the volume group. The information given is:
• Physical volume name (PV_NAME)
• Physical volume state (PV STATE - active or inactive)
• Total number of physical partitions (TOTAL PPs)
• Number of free physical partitions (FREE PPs)
• How the free space is distributed across the disk (FREE DISTRIBUTION)
Free distribution is the number of physical partitions allocated within each section of the
physical volume: outer edge, outer middle, center, inner middle, and inner edge.
The lsvg -l Volumegroup command gives information about all of the logical volumeswithin the volume group. The details given are:
• Logical volume name (LVNAME)
© Copyright IBM Corporation 2009
IBM Power Systems
Listing PVs in a VG and VG contents
# lsvg -p rootvg
rootvg:PV_NAME PV STATE TOTAL PPs FREE PPs FREE DISTRIBUTION
hdisk0 active 99 23 15..00..00..00..08
hdisk5 active 31 31 07..06..06..06..06
# lsvg -p rootvg
rootvg:
PV_NAME PV STATE TOTAL PPs FREE PPs FREE DISTRIBUTIONhdisk0 active 99 23 15..00..00..00..08
hdisk5 active 31 31 07..06..06..06..06
# lsvg -l rootvg
rootvg:
LV NAME TYPE LPs PPs PVs LV STATE MOUNT POINT
hd5 boot 1 1 1 closed/syncd N/A
hd6 paging 8 8 1 open/syncd N/A
hd8 jfslog 1 1 1 open/syncd N/Ahd4 jfs 15 15 1 open/syncd /
hd2 jfs 35 35 1 open/syncd /usr
hd9var jfs 5 5 1 open/syncd /var
hd3 jfs 3 3 1 open/syncd /tmp
hd1 jfs 1 2 1 open/syncd /home
hd10opt jfs 4 4 1 open/syncd /opt
# lsvg -l rootvg
rootvg:
LV NAME TYPE LPs PPs PVs LV STATE MOUNT POINT
hd5 boot 1 1 1 closed/syncd N/A
hd6 paging 8 8 1 open/syncd N/A
hd8 jfslog 1 1 1 open/syncd N/Ahd4 jfs 15 15 1 open/syncd /
hd2 jfs 35 35 1 open/syncd /usr
hd9var jfs 5 5 1 open/syncd /var
hd3 jfs 3 3 1 open/syncd /tmp
hd1 jfs 1 2 1 open/syncd /home
hd10opt jfs 4 4 1 open/syncd /opt
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 264/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
8-10 AIX installation © Copyright IBM Corp. 2009
• Type of logical volume (TYPE, for example, file system, paging)
• Number of LPs (LPs)
• Number of physical partitions (PPs)
• Number of physical volumes (PVs)
• Logical volume state (LV STATE)
• Mount point (MOUNT POINT), if the logical volume contains a journaled file system
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 265/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 8. Working with the Logical Volume Manager 8-11
5.2
empty
Figure 8-8. Change a volume group AN121.1
Notes:
The chvg command changes the characteristics of a volume group. In the example shown
in the visual attributes, Activate volume group AUTOMATICALLY at system
restart? and A QUORUM of disks required to keep the volume groupon-line? were set to No, which causes the following command to run: chvg –a n –Q n
datavg
© Copyright IBM Corporation 2009
IBM Power Systems
Change a volume group
# smit chvg
Change a Volume Group
[Entry Fields]
* VOLUME GROUP name datavg
* Activate volume group AUTOMATICALLY no +
at system restart?
* A QUORUM of disks required to keep the volume no +
group on-line ?
Convert this VG to Concurrent Capable? no +
Change to big VG format? no +
Change to scalable VG format? no +LTG Size in kbytes 256 +
Set hotspare characteristics n +
Set synchronization characteristics of stale n +
partitions
Max PPs per VG in units of 1024 32 +
Max Logical Volumes 256 +
Change a Volume Group
[Entry Fields]
* VOLUME GROUP name datavg
* Activate volume group AUTOMATICALLY no +
at system restart?
* A QUORUM of disks required to keep the volume no +
group on-line ?
Convert this VG to Concurrent Capable? no +
Change to big VG format? no +
Change to scalable VG format? no +
LTG Size in kbytes 256 +Set hotspare characteristics n +
Set synchronization characteristics of stale n +
partitions
Max PPs per VG in units of 1024 32 +
Max Logical Volumes 256 +
chvg –a n –Q n datavg
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 266/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
8-12 AIX installation © Copyright IBM Corp. 2009
Figure 8-9. Extend and reduce a VG AN121.1
Notes:
Add a Physical Volume to a Volume Group
To add a disk to an existing volume group, use the extendvg command or SMIT fastpath smit extendvg. The disk must be installed in the system or connected to it externally,and must be powered on.
extendvg formats the disk into physical partitions and then adds them to the physical
partition mapping maintained in the VGDA for the volume group. The space on the newdisk is now available to be allocated to logical volumes in the volume group. If the existing
data in the VGDA on the disk shows that it is part of another volume group, the -f optionforces the addition of the disk to the volume group, without requesting confirmation. Use
this option when adding a disk which has been previously used, but contains data which isno longer needed.
The syntax for the extendvg command is:
extendvg [-f] Volumegroup hdiskn
© Copyright IBM Corporation 2009
IBM Power Systems
Extend and reduce a VG
hdisk0 hdisk1
hdisk2
# extendvg -f rootvg hdisk2
# lsvg -p rootvg | awk ‘{print $1, $2}’
rootvg:PV_NAME PV STATE
hdisk0 active
hdisk1 active
hdisk2 active
# extendvg -f rootvg hdisk2
# lsvg -p rootvg | awk ‘{print $1, $2}’
rootvg:
PV_NAME PV STATE
hdisk0 active
hdisk1 active
hdisk2 active
# reducevg -f rootvg hdisk1
# lsvg -p rootvg | awk ‘{print $1, $2}’
rootvg:
PV_NAME PV STATE
hdisk0 active
hdisk2 active
# reducevg -f rootvg hdisk1
# lsvg -p rootvg | awk ‘{print $1, $2}’
rootvg:
PV_NAME PV STATE
hdisk0 active
hdisk2 active
hdisk1
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 267/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 8. Working with the Logical Volume Manager 8-13
5.2
empty Remove a Physical Volume from a Volume Group
The reducevg command is used to remove a physical volume from a volume group. If it isthe last physical volume, the volume group is removed. To remove a disk from the volume
group, first be sure to free up all the storage on the disk by either deleting the logicalvolumes or migrating them to some other disk in the volume group. Once there are no
logical volumes, on the disk, you can remove that disk from the volume group by using the
reducevg command or the SMIT fastpath smit reducevg.
The syntax for the reducevg command is:
reducevg [-d] [-f] Volumegroup hdiskn
The -d option deallocates the existing logical volume partitions, and then deletes resultantempty logical volumes from the specified physical volumes. User confirmation is required
unless the -f flag is added.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 268/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
8-14 AIX installation © Copyright IBM Corp. 2009
Figure 8-10. Remove a volume group AN121.1
Notes:
You can use the smit reducevg2 fastpath to remove a volume group. It runs a script
which identifies what physical volumes are in the volume group and then runs the
reducevg command to remove each physical volume until there are no more physicalvolumes in the volume group.
The Remove a Volume Group menu does not have a corresponding high-levelcommand. The correct way to remove a volume group, is to use the Remove aPhysical Volume from a Volume Group option, which calls the reducevg
command. This removes the volume group when you remove the last physical volumewithin it.
The syntax of the reducevg command is:
reducevg [-d] [-f] VolumeGroup PhysicalVolume
© Copyright IBM Corporation 2009
IBM Power Systems
Remove a volume group
Remove a Volume Group
Type or select a value for the entry field.
Press Enter AFTER making all desired changes.
[Entry Fields]
* VOLUME GROUP name [db2_vg] +
Remove a Volume Group
Type or select a value for the entry field.
Press Enter AFTER making all desired changes.
[Entry Fields]
* VOLUME GROUP name [db2_vg] +
# smit reducevg2 reducevg -df db2_vg hdisk2 hdisk3
Note: There is no option to input disks. In this example db2_vg was containedon hdisk3.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 269/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 8. Working with the Logical Volume Manager 8-15
5.2
empty
Figure 8-11. Activate and deactivate a volume group AN121.1
Notes:
The varyonvg command
The varyonvg command is used to activate a volume group that is not activated at system
startup, or has been added to the system since startup.
The -f option is used to force a volume group online. It allows a volume group to be madeactive that does not currently have a quorum of available disks. Any disk that cannot be
brought to an active state is put in a removed state. At least one disk must be available foruse in the volume group.
The varyoffvg command
The varyoffvg command is used to deactivate a volume group. No logical volumes
should be open when this command is issued. Removing a disk without deactivating thevolume group could cause errors and loss of data in the volume group descriptor areas,
and the logical volumes within that volume group.
© Copyright IBM Corporation 2009
IBM Power Systems
Activate and deactivate a volume group
Activate a Volume Group
[Entry Fields]
* VOLUME GROUP name [datavg] +
RESYNCHRONIZE stale physical partitions? yes +
Activate volume group in SYSTEM no +
MANAGEMENT mode?
FORCE activation of the volume group? no +
Warning--this may cause loss of data integrity.
Varyon VG in Concurrent Mode? no +
Synchronize Logical Volumes? no +
Activate a Volume Group
[Entry Fields]
* VOLUME GROUP name [datavg] +
RESYNCHRONIZE stale physical partitions? yes +
Activate volume group in SYSTEM no +
MANAGEMENT mode?
FORCE activation of the volume group? no +
Warning--this may cause loss of data integrity.
Varyon VG in Concurrent Mode? no +
Synchronize Logical Volumes? no +
# smit varyonvg varyonvg datavg
Deactivate a Volume Group
[Entry Fields]
* VOLUME GROUP name [datavg] +
Put volume group in SYSTEM no +
MANAGEMENT mode?
Deactivate a Volume Group
[Entry Fields]
* VOLUME GROUP name [datavg] +
Put volume group in SYSTEM no +
MANAGEMENT mode?
# smit varyoffvg varyoffvg datavg
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 270/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
8-16 AIX installation © Copyright IBM Corp. 2009
Figure 8-12. Import and export a volume group AN121.1
Notes:
Exporting a volume group
If you have a volume group on one or more external disks that you want to access on
another system, you must first export the volume group from the current system using the
exportvg command. This removes all information about the volume group from the
system. To export a volume group, it must be inactive.
Importing a volume group
To access an exported volume group on a system, it must be imported to the system usingthe importvg command. Never attempt to import rootvg.
© Copyright IBM Corporation 2009
IBM Power Systems
Import and export a volume group
Import a Volume Group
[Entry Fields]
VOLUME GROUP name [datavg]
* PHYSICAL VOLUME name [hdisk3] +
Volume Group MAJOR NUMBER [] +#
Import a Volume Group
[Entry Fields]
VOLUME GROUP name [datavg]
* PHYSICAL VOLUME name [hdisk3] +
Volume Group MAJOR NUMBER [] +#
# smit importvg importvg –y datavg hdisk3
Export a Volume Group
[Entry Fields]
* VOLUME GROUP name [datavg] +
Export a Volume Group
[Entry Fields]
* VOLUME GROUP name [datavg] +
# smit exportvg exportvg datavg
Note: Volume group must be inactive before it is exported.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 271/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 8. Working with the Logical Volume Manager 8-17
5.2
empty
Figure 8-13. Reorganize a Volume Group AN121.1
Notes:
Reorganizing a volume group
If the intra-physical volume allocation policy (location on disk: center, middle, edge, inner
edge, and inner middle) is changed after the logical volume is created, the physicalpartition does not relocate automatically. The reorgvg command is used to redistribute
the physical partitions of the logical volumes of a volume group according to their preferredallocation policies. This should improve disk performance. Preference is given in the order
listed on the command line.
reorgvg syntax
The syntax is: reducevg [-d] [-f] Volumegroup hdiskn
For example: reorgvg rootvg hd4 hd5
Using SMIT, no other arguments can be supplied. The entire volume group is reorganized.
© Copyright IBM Corporation 2009
IBM Power Systems
Reorganize a Volume Group
# smit reorgvg
Reorganize a Volume Group
[Entry Fields]
* VOLUME GROUP name [rootvg] +
Reorganize a Volume Group
[Entry Fields]
* VOLUME GROUP name [rootvg] +
# reorgvg rootvg
0516-962 reorgvg: Logical volume hd5 migrated.
0516-962 reorgvg: Logical volume hd6 migrated.
0516-962 reorgvg: Logical volume hd8 migrated.
0516-962 reorgvg: Logical volume hd4 migrated.
0516-962 reorgvg: Logical volume hd2 migrated.0516-962 reorgvg: Logical volume hd9var migrated.
0516-962 reorgvg: Logical volume hd3 migrated.
0516-962 reorgvg: Logical volume hd1 migrated.
0516-962 reorgvg: Logical volume hd10opt migrated.
0516-962 reorgvg: Logical volume loglv00 migrated.
0516-962 reorgvg: Logical volume hd11admin migrated.
0516-962 reorgvg: Logical volume fslv00 migrated.
# reorgvg rootvg
0516-962 reorgvg: Logical volume hd5 migrated.
0516-962 reorgvg: Logical volume hd6 migrated.
0516-962 reorgvg: Logical volume hd8 migrated.
0516-962 reorgvg: Logical volume hd4 migrated.
0516-962 reorgvg: Logical volume hd2 migrated.0516-962 reorgvg: Logical volume hd9var migrated.
0516-962 reorgvg: Logical volume hd3 migrated.
0516-962 reorgvg: Logical volume hd1 migrated.
0516-962 reorgvg: Logical volume hd10opt migrated.
0516-962 reorgvg: Logical volume loglv00 migrated.
0516-962 reorgvg: Logical volume hd11admin migrated.
0516-962 reorgvg: Logical volume fslv00 migrated.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 272/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
8-18 AIX installation © Copyright IBM Corp. 2009
Figure 8-14. Logical storage AN121.1
Notes:
Logical volumes
A logical volume is a group of logical partitions which may span physical volumes, as long
as the physical volumes are in the same volume group. A file system resides on top of alogical volume (LV). A logical volume can be dynamically extended.
Logical partitions
Logical partitions are mapped one-to-one to physical partitions unless they are being
mirrored.
© Copyright IBM Corporation 2009
IBM Power Systems
Physical volumes
1
7
13
19
25313541
47
28
1420
2632
3642
48
34
910
1516
2122
2728
3334
3738
4344
4950
Logical Volume Manager
1
7
1319
253135
41
47
28
14202632
3642
48
34
910
1516
2122
2728
3334
3738
4344
4950
Logical storage
1 2 3 4 1 2 3 4
Logicalvolume
Logicalpartitions
Logicalvolume
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 273/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 8. Working with the Logical Volume Manager 8-19
5.2
empty
Figure 8-15. LVM and RAID support AN121.1
Notes:
LVM supports three software RAID configurations:
• RAID 0. Striping provides improved performance and additional storage, but no fault
tolerance. Any disk failure destroys the array, which becomes more likely with moredisks in the array. A single disk failure destroys the entire array because when data is
written to a RAID 0 drive, the data is broken into fragments. The fragments are writtento their respective disks simultaneously on the same sector. This allows smaller
sections of the entire chunk of data to be read off the drive in parallel, giving this type of
arrangement huge bandwidth. RAID 0 does not implement error checking so any erroris unrecoverable. More disks in the array means higher bandwidth, but greater risk ofdata loss.
• RAID 1.Mirroring on AIX provides fault tolerance from disk errors by creating up to three
copies of the data on different drives.
• RAID 10 Combines RAID levels 0 + 1. Striping + mirroring provides fault tolerancealong with improved performance.
© Copyright IBM Corporation 2009
IBM Power Systems
LVM and RAID support
• LVM supports the following three software RAID configurations: – RAID 0, Striping
– RAID 1, Mirroring (up to 3 copies) – RAID 10 or 1 + 0, Striping + Mirroring
• Striping aides performance, whereas mirroring aides availability.
• In today’s environment, most data resides in SANs. Disks in a SAN aregenerally grouped together into a RAID array and divided into LUNs. – AIX sees LUNs as physical disks. – One should not further deploy AIX RAID configurations on top of H/W (SAN)
RAID configurations. – SAN environments provide greater levels of RAID support. (performance and
availability) – LUNs can be increased in size, if so AIX must know about it:
# chvg -g datavg
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 274/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
8-20 AIX installation © Copyright IBM Corp. 2009
Figure 8-16. LVM options which affect performance AN121.1
Notes:
The visual highlights key LVM options which affect performance.
© Copyright IBM Corporation 2009
IBM Power Systems
LVM options which affect performance
• Inter- and intra-policy – Logical volume placement on disk
• Scheduling policy – Dictates how data is read/written for mirrored LVs
• Mirror write consistency – Ensures mirrored PPs are consistent
• Write verify – Verifies all writes with a read operation – Default is no. Generally it is not recommended to set to yes as it will
impact system (write) performance.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 275/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 8. Working with the Logical Volume Manager 8-21
5.2
empty
Figure 8-17. Mirroring (RAID1) AN121.1
Notes:
Mirroring of data over multiple drives protects against a potential hardware failure. The
structure of LVM enables mirroring by manipulating the relationship between the physical
partition and the logical partition. The AIX mirror function does not apply to a physical disk,only to logical volumes. This is the most important principle to understand for the AIX LVM
mirroring function. In a normal operating environment each physical partition is mapped toa logical partition. When you mirror data, the ratio becomes one logical partition to two
physical partitions for a two-way mirror. Or, one logical partition to three physical partitionsfor a three-way mirror.
© Copyright IBM Corporation 2009
IBM Power Systems
Mirroring (RAID1)
• Mirroring is when a logical partition maps to more than onephysical partition of the same volume group.
First copy
Second copy
Third copy
PP1
PP2
hdisk0
PP1
PP2
hdisk1
PP1
PP2
hdisk2
fslv00LP1
LP2
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 276/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
8-22 AIX installation © Copyright IBM Corp. 2009
Figure 8-18. Mirroring, allocation AN121.1
Notes:
When mirroring data, it is essential that all PP copies are stored on different disks. The
placement of PP is governed by the allocation policy, which by default is set to strict . Strict
policy ensures that all mirrored copies are placed on different disks. However, under LVMRAID 0 +1 configurations, strict policy can lead to situations where mirrored copies of the
data are on the same disk. To protect against this, the system will automatically set theallocation policy to superstrict .
© Copyright IBM Corporation 2009
IBM Power Systems
Mirroring, allocation
• When mirroring, it is essential that all PP copies are stored ondifferent disks.
• This setting is controlled by the “Allocation” policy. – Also referred to as “strictness”
• Allocation can be set to: – No: Not recommended. – Yes (default): Will ensure no LP copies can share the same PV – Superstrict: Will ensure no LP copies can shares the same PV in an
LVM RAID 0 + 1 (10) configuration
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 277/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 8. Working with the Logical Volume Manager 8-23
5.2
empty
Figure 8-19. Striping (RAID 0) AN121.1
Notes:
Striping
Striping is a technique for spreading the data in a logical volume across several disks, so
that the I/O capacity of the disk drives can be used in parallel, so to access data on thelogical volume.
Striping is designed to increase the read/write performance of frequently accessed, large
sequential files. Striping can also be used to distribute data evenly across a set of disks, sothat random I/O can be scattered across many drives simultaneously. In non-striped logical
volumes, data is accessed using addresses to data blocks within physical partitions. In astriped logical volume, data is accessed using addresses to stripe units.
Stripe size
The size of the stripe unit is specified at creation time. The stripe size can range from 4 KB
-128 MB in powers of two.
Constraints
There are some constraints imposed by implementing striping:
© Copyright IBM Corporation 2009
IBM Power Systems
Striping (RAID 0)
• Consecutive stripe units
are created on differentphysical volumes.
• Striping increasesread/write sequentialthroughput by evenlydistributing stripe unitsamong disks.
• Stripe unit size is specifiedat the creation time. – 4KB to 128MB
LP1
LP2
LP3
1 4 7
25 8
3 6 9
hdisk0
hdisk1
hdisk2
12
34567
89
StripeUnits
Stream of data
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 278/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
8-24 AIX installation © Copyright IBM Corp. 2009
• The number of physical partitions allocated to a striped logical volume must evenlydistributable among the disks.
• At least two physical volumes are required
Performance considerations
There are some considerations in configuring striping for performance:
• Use as many adapters as possible. For example, if multiple disks in the stripe width areon the same storage adapter, a read/write of a stripe is not able to read/write the stripe
units in parallel.
• Design to avoid contention with other uses of the disks used by the striped logicalvolume.
• Create on a volume group dedicated to striped logical volumes.
It is not a good idea to mix striped and non-striped logical volumes in the same physical
volume. Physical volumes should ideally be the same size within the set used for a stripedlogical volume. Just because a logical volume is striped, it does not mean that the file's
data blocks are going to be perfectly aligned with the stripe units. Therefore, if a file blockcrosses a stripe boundary, the block gets split into multiple LVM I/Os.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 279/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 8. Working with the Logical Volume Manager 8-25
5.2
empty
Figure 8-20. Striping and mirroring (RAID 10 or 1+0) AN121.1
Notes:
RAID 10 meets performance and high availability requirements by mirroring strip sets to
different disks. However, this comes at a cost as more disks are required (minimum 4).
© Copyright IBM Corporation 2009
IBM Power Systems
Striping and mirroring (RAID 10 or 1+0)
1 3 5
2 4 6
hdisk0
hdisk1
12
3456
Stream of data
1 3 5
2 4 6
hdisk2
hdisk3
• Meets performance and high availability requirements• More expensive (requires more disks, minimum 4)• Mirroring allocation is automatically set to ‘superstrict’
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 280/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
8-26 AIX installation © Copyright IBM Corp. 2009
Figure 8-21. Logical volume placement AN121.1
Notes:
Introduction
When creating or changing a logical volume you can define the way the Logical Volume
Manager decides which physical partitions to allocate to the logical volume. This affects theperformance of the logical volume.
Intra-physical volume allocation policy
The intra-disk allocation policy choices, are based on the five regions of a disk where
physical partitions can be located. The closer a given physical partition is to the center of aphysical volume, the lower the average seek time is because the center has the shortest
average seek distance from any other part of the disk. The file system log is a goodcandidate for allocation at the center of a physical volume, because it is so frequently used
by the operating system. At the other extreme, the boot logical volume is used infrequently,and is therefore allocated at the edge or middle of the physical volume. The general rule is
that the more I/Os, either absolutely or during the running of an important application, thecloser to the center of the physical volumes the physical partitions of the logical volume
need to be allocated.
© Copyright IBM Corporation 2009
IBM Power Systems
Logical volume placement
• Intra-physical volume allocation policy
• Inter-physical volume allocation policy – Minimum (default)
• 1 LV copy. One (or minimum) PV should contain all PPs• 2 or 3 LV copies. Use as many PVs as copies, keeping PV usage down
to a minimum.
– Maximum• PPs should be spread over as many PVs as possible.
Edge
Middle Inner-edge
Inner-middleCenter
Note: These settings have little effect when used in SAN environments, wherebyLUNs are in RAID configurations.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 281/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 8. Working with the Logical Volume Manager 8-27
5.2
empty Inter-physical volume allocation policy
If the minimum inter-disk setting is selected, the physical partitions assigned to the logicalvolume are located on a single disk to enhance availability. If you select the maximum
inter-disk setting (range = maximum), the physical partitions are located on multiple disksto enhance performance.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 282/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
8-28 AIX installation © Copyright IBM Corp. 2009
Figure 8-22. Mirroring scheduling policy AN121.1
Notes:
Scheduling policies
The scheduling policy determines how reads and writes are conducted to a mirrored logical
volume. LVM offers several scheduling policies for mirrored volumes to control how data iswritten and read from the copies.
Sequential write
Sequential mirroring writes to multiple copies or mirrors in order. The multiple physical
partitions representing the mirrored copies of a single logical partition are designatedprimary, secondary, and tertiary. In sequential scheduling, the physical partitions are written
to in sequence. The system waits for the write operation for one physical partition tocomplete, before starting the write operation for the next one. When all write operations
have been completed for all mirrors, the write operation is complete.
Parallel write
© Copyright IBM Corporation 2009
IBM Power Systems
Mirroring scheduling policy
• Scheduling policies when mirroring:
– Parallel (default)• Write operations on different physical partitions start at the same time.• When the longest write finishes, the write operation is complete.• Improves performance (especially RAID-Performance)
– Parallel write/sequential read> Primary copy is read first, I f unsuccessful, the next copy is used.
– Parallel write/round robin read> Round-robin reads alternate disks between copies.
– Sequential
• Second physical write operation is not started unless the first operationhas completed successfully.• In case of a total disk failure, there is always a “good copy”.• Increased availability, but decreases performance
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 283/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 8. Working with the Logical Volume Manager 8-29
5.2
empty Parallel mirroring simultaneously starts the write operation for all the physical partitions in alogical partition. When the write operation to the physical partition that takes the longest to
complete finishes, the write operation is completed.
Sequential read
When a sequential read is specified, the primary copy of the read is always read first. If thatread operation is unsuccessful, the next copy is read. During the read retry operation on
the next copy, the failed primary copy is corrected by LVM with a hardware relocation. Thispatches the bad block for future access.
Parallel read
On each read, the system checks whether the primary is busy. If it is not busy, the read isinitiated on the primary. If the primary is busy, the system checks the secondary, and then
the tertiary. If those are also busy, the read is initiated in the copy with the least number ofoutstanding I/Os.
Round-robin read
Round-robin reads alternate between copies. This results in equal utilization for reads,even when there is more than one I/O outstanding.
Which is right for me?
Each of the scheduling policies provide benefits, as well as drawbacks. When deciding ona method of mirroring, you need to take into consideration how critical the data is, and
performance. The trade off is performance, versus availability. In general, a mirrored logicalvolume is slower than an unmirrored logical volume, because you have to write the data in
two or three places. The exception can be a mirrored LV in a high-read environment. If yourapplication does mostly reads, and you are using parallel or parallel/round robin
scheduling, reads may complete faster because the I/Os are spread across multiple disks,which can occur simultaneously if the disks are on separate controllers. One of the parallel
scheduling policies usually provides the best performance in a write intensive environment,because writes can proceed in parallel. However, there is some additional overhead, and
mirrored logical volumes are usually slower than comparable unmirrored logical volumes ina write intensive environment. Sequential scheduling provides the worst performance, but
provides the best chance of recovering data in the event of a system crash in the middle ofa write operation. Sequential scheduling makes it more likely that you have at least one
good copy, the primary copy, of a logical partition after a crash.
Synchronization
When turning on mirroring for an existing logical volume, the copies have to be
synchronized so the new copy contains a perfect image of the existing copy, at that point intime. This can be done by using the -k option on the mklvcopy command at the time
mirroring is turned on, or with the syncvg command at a later time. Until the copies aresynchronized, the new copy is marked stale .
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 284/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
8-30 AIX installation © Copyright IBM Corp. 2009
Figure 8-23. Mirror write consistency AN121.1
Notes:
The LVM always ensures data consistency among mirrored copies of a logical volume
during normal I/O processing.
For every write to a logical volume, the LVM generates a write request for every mirrorcopy. A problem arises if the system crashes in the middle of processing a mirrored write,
and before all copies are written. If mirror write consistency recovery is requested for alogical volume, the LVM keeps additional information to allow recovery of these
inconsistent mirrors. Mirror write consistency recovery should be performed for most
mirrored logical volumes. Logical volumes, such as the page space that do not use theexisting data when the volume group is re-varied on, do not need this protection.
The Mirror Write Consistency (MWC) record consists of one sector. It identifies whichlogical partitions may be inconsistent if the system is not shut down correctly. When the
volume group is varied back online, this information is used to make the logical partitionsconsistent again. Note: With Mirror Write Consistency LVs, because the MWC control
sector is on the edge of the disk, performance may be improved if the mirrored logicalvolume is also on the edge.
© Copyright IBM Corporation 2009
IBM Power Systems
Mirror write consistency
• Problem: If the system crashes before the write to all mirrorsis complete, the mirrors are in an inconsistent state, and thesystem must distinguish between the old copy and the newcopy.
• Solution: Mirror Write Consistency – Ensures PPs are consistent after reboot – Three modes: off, active, and passive – Active (default)
• Uses a cache on disk
• The physical write operation proceeds when the cache has beenupdated.
– Passive. (Big VGs only)• Logging of LV updates, but does not log writes• If the system crashes on reboot, a forced synchronization of the LVs
takes place.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 285/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 8. Working with the Logical Volume Manager 8-31
5.2
empty Beginning in AIX 5L, a mirror write consistency option called Passive Mirror Write
Consistency is available. The default mechanism for ensuring mirror write consistency is
Active MWC . Active MWC provides fast recovery at reboot time after a crash has occurred.However, this benefit comes at the expense of write performance degradation, particularly
in the case of random writes. Disabling Active MWC eliminates this write-performancepenalty, but upon reboot after a crash, you must use the syncvg -f command to manually
synchronize the entire volume group, before users can access the volume group. Toachieve this, automatic vary-on of volume groups must be disabled.
Enabling Passive MWC not only eliminates the write-performance penalty associated with
Active MWC, but logical volumes will be automatically resynchronized as the partitions arebeing accessed. This means that the administrator does not have to synchronize logical
volumes manually or disable automatic vary-on. The disadvantage of Passive MWC is thatslower read operations may occur, until all the partitions have been resynchronized.
You can select either mirror write consistency option within SMIT, when creating or
changing a logical volume. The selection option takes effect only when the logical volumeis mirrored (copies > 1).
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 286/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
8-32 AIX installation © Copyright IBM Corp. 2009
Figure 8-24. SMIT logical volume menu AN121.1
Notes:
This is the top-level SMIT menu for logical volumes. The next few pages discuss these
items.
© Copyright IBM Corporation 2009
IBM Power Systems
SMIT logical volume menu
# smit lv
Logical Volumes
Move cursor to desired item and press Enter.
List All Logical Volumes by Volume Group
Add a Logical Volume
Set Characteristic of a Logical Volume
Show Characteristics of a Logical Volume
Remove a Logical Volume
Copy a Logical Volume
Logical Volumes
Move cursor to desired item and press Enter.
List All Logical Volumes by Volume Group
Add a Logical Volume
Set Characteristic of a Logical Volume
Show Characteristics of a Logical Volume
Remove a Logical Volume
Copy a Logical Volume
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 287/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 8. Working with the Logical Volume Manager 8-33
5.2
empty
Figure 8-25. Adding a logical volume AN121.1
Notes:
The mklv command creates a logical volume. The name of the logical volume can be
specified or a system-generated name is used. The volume group the logical volume
belongs to, and the size (in logical partitions, must be specified. Other characteristics thatcan be set are, the allocation policy, copies (mirroring), scheduling policy, and striping.
© Copyright IBM Corporation 2009
IBM Power Systems
Adding a logical volume
# smit mklv
Add a Logical Volume
[Entry Fields]
Logical volume NAME [datalv]
* VOLUME GROUP name datavg
* Number of LOGICAL PARTITIONS [100] #
PHYSICAL VOLUME names [hdisk2 hdisk3] +
Logical volume TYPE [jfs2] +
POSITION on physical volume middle +
RANGE of physical volumes minimum +
MAXIMUM NUMBER of PHYSICAL VOLUMES [] #
to use for allocation
Number of COPIES of each logical 2 +
partition
Mirror Write Consistency? active +
Allocate each logical partition copy yes +
on a SEPARATE physical volume?RELOCATE the logical volume during yes +
reorganization?
Logical volume LABEL []
MAXIMUM NUMBER of LOGICAL PARTITIONS [512] #
Enable BAD BLOCK relocation? yes +
SCHEDULING POLICY for writing/reading parallel +
logical partition copies
Enable WRITE VERIFY? no +
File containing ALLOCATION MAP []
Stripe Size? [Not Striped] +
Serialize IO? no +
Add a Logical Volume
[Entry Fields]
Logical volume NAME [datalv]
* VOLUME GROUP name datavg
* Number of LOGICAL PARTITIONS [100] #
PHYSICAL VOLUME names [hdisk2 hdisk3] +
Logical volume TYPE [jfs2] +
POSITION on physical volume middle +
RANGE of physical volumes minimum +
MAXIMUM NUMBER of PHYSICAL VOLUMES [] #
to use for allocation
Number of COPIES of each logical 2 +
partition
Mirror Write Consistency? active +
Allocate each logical partition copy yes +
on a SEPARATE physical volume?RELOCATE the logical volume during yes +
reorganization?
Logical volume LABEL []
MAXIMUM NUMBER of LOGICAL PARTITIONS [512] #
Enable BAD BLOCK relocation? yes +
SCHEDULING POLICY for writing/reading parallel +
logical partition copies
Enable WRITE VERIFY? no +
File containing ALLOCATION MAP []
Stripe Size? [Not Striped] +
Serialize IO? no +
mklv –y datalv –t jfs2 –c 2 \
datavg 10 hdisk2 hdisk3
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 288/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
8-34 AIX installation © Copyright IBM Corp. 2009
Figure 8-26. Show LV characteristics (1 of 2) AN121.1
Notes:
To list the characteristics of a logical volume use the command: lslv<logicalvolume_name>
The –l flag lists the following fields for each physical volume in the logical volume:
• PV: Physical volume name.
• Copies:
- The number of logical partitions containing at least one physical partition (no copies)
on the physical volume - The number of logical partitions containing at least two physical partitions (one copy)
on the physical volume
- The number of logical partitions containing three physical partitions (two copies) on
the physical volume
© Copyright IBM Corporation 2009
IBM Power Systems
Show LV characteristics (1 of 2)
# lslv -l datalv
datalv:N/A
PV COPIES IN BAND DISTRIBUTION
hdisk2 010:000:000 100% 000:010:000:000:000
hdisk3 010:000:000 100% 000:010:000:000:000
# lslv -l datalv
datalv:N/A
PV COPIES IN BAND DISTRIBUTION
hdisk2 010:000:000 100% 000:010:000:000:000
hdisk3 010:000:000 100% 000:010:000:000:000
# lslv datalv
LOGICAL VOLUME: datalv VOLUME GROUP: datavg
LV IDENTIFIER: 00cf2e7f00004c000000011d68130bea.1PERMISSION: read/write
VG STATE: active/complete LV STATE: closed/syncd
TYPE: jfs2 WRITE VERIFY: off
MAX LPs: 512 PP SIZE: 4 megabyte(s)
COPIES: 2 SCHED POLICY: parallel
LPs: 10 PPs: 20
STALE PPs: 0 BB POLICY: relocatable
INTER-POLICY: minimum RELOCATABLE: yes
INTRA-POLICY: middle UPPER BOUND: 1
MOUNT POINT: N/A LABEL: None
MIRROR WRITE CONSISTENCY: on/ACTIVE
EACH LP COPY ON A SEPARATE PV ?: yes (superstrict)
# lslv datalv
LOGICAL VOLUME: datalv VOLUME GROUP: datavg
LV IDENTIFIER: 00cf2e7f00004c000000011d68130bea.1
PERMISSION: read/write
VG STATE: active/complete LV STATE: closed/syncd
TYPE: jfs2 WRITE VERIFY: off
MAX LPs: 512 PP SIZE: 4 megabyte(s)
COPIES: 2 SCHED POLICY: parallel
LPs: 10 PPs: 20
STALE PPs: 0 BB POLICY: relocatable
INTER-POLICY: minimum RELOCATABLE: yes
INTRA-POLICY: middle UPPER BOUND: 1
MOUNT POINT: N/A LABEL: None
MIRROR WRITE CONSISTENCY: on/ACTIVE
EACH LP COPY ON A SEPARATE PV ?: yes (superstrict)
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 289/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 8. Working with the Logical Volume Manager 8-35
5.2
empty • In band: The percentage of physical partitions on the physical volume that belong to thelogical volume, and were allocated within the physical volume region specified by
Intra-physical allocation policy
• Distribution: The number of physical partitions allocated within each section of thephysical volume: outer edge, outer middle, center, inner middle, and inner edge of the
physical volume
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 290/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
8-36 AIX installation © Copyright IBM Corp. 2009
Figure 8-27. Show LV characteristics (2 of 2) AN121.1
Notes:
The lslv –m flag shows the LP to PP relationship. The example in the visual, shows LP
number 1 for datalv, is mapped to physical partition number 104 on hdisk2 , and is also
mirrored to the same physical partition number on hdisk3 .
© Copyright IBM Corporation 2009
IBM Power Systems
Show LV characteristics (2 of 2)
# lslv -m datalv
datalv:N/A
LP PP1 PV1 PP2 PV2 PP3 PV3
0001 0104 hdisk2 0104 hdisk3
0002 0105 hdisk2 0105 hdisk3
0003 0106 hdisk2 0106 hdisk3
0004 0107 hdisk2 0107 hdisk3
0005 0108 hdisk2 0108 hdisk3
0006 0109 hdisk2 0109 hdisk3
0007 0110 hdisk2 0110 hdisk3
0008 0111 hdisk2 0111 hdisk3
0009 0112 hdisk2 0112 hdisk3
0010 0113 hdisk2 0113 hdisk3
# lslv -m datalvdatalv:N/A
LP PP1 PV1 PP2 PV2 PP3 PV3
0001 0104 hdisk2 0104 hdisk3
0002 0105 hdisk2 0105 hdisk3
0003 0106 hdisk2 0106 hdisk3
0004 0107 hdisk2 0107 hdisk3
0005 0108 hdisk2 0108 hdisk3
0006 0109 hdisk2 0109 hdisk3
0007 0110 hdisk2 0110 hdisk3
0008 0111 hdisk2 0111 hdisk3
0009 0112 hdisk2 0112 hdisk3
0010 0113 hdisk2 0113 hdisk3
• Show LP to PP relationship on disks
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 291/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 8. Working with the Logical Volume Manager 8-37
5.2
empty
Figure 8-28. Add copies to a logical volume AN121.1
Notes:
Adding a copy of a logical volume
The mklvcopy command is used to add up to three copies to a logical volume. Specify the
logical volume to change and the total number of copies wanted. This only succeeds ifthere are enough physical partitions to satisfy the requirements on the physical volumes
that are specified to be used. That is, if all copies are to be on different physical volumes.Once a logical volume has been created, striping cannot be imposed or removed.
Synchronizing a mirrored logical volume
Also, in order for the copies to match, the logical volume has to be synchronized using the
syncvg command. This can be done with the -k option when the copy is originally started.It can be done later, using the syncvg command.
© Copyright IBM Corporation 2009
IBM Power Systems
Add copies to a logical volume
# smit mklvcopy
Add Copies to a Logical Volume
Type or select values in entry fields.
Press Enter AFTER making all desired changes.
[Entry Fields]
* LOGICAL VOLUME name datalv
* NEW TOTAL number of logical partition 3 +
copies
PHYSICAL VOLUME names [hdisk4] +
POSITION on physical volume middle +
RANGE of physical volumes minimum +
MAXIMUM NUMBER of PHYSICAL VOLUMES [1] #to use for allocation
Allocate each logical partition copy yes +
on a SEPARATE physical volume?
File containing ALLOCATION MAP []
SYNCHRONIZE the data in the new yes +
logical partition copies?
Add Copies to a Logical Volume
Type or select values in entry fields.
Press Enter AFTER making all desired changes.
[Entry Fields]
* LOGICAL VOLUME name datalv
* NEW TOTAL number of logical partition 3 +
copies
PHYSICAL VOLUME names [hdisk4] +
POSITION on physical volume middle +
RANGE of physical volumes minimum +
MAXIMUM NUMBER of PHYSICAL VOLUMES [1] #to use for allocation
Allocate each logical partition copy yes +
on a SEPARATE physical volume?
File containing ALLOCATION MAP []
SYNCHRONIZE the data in the new yes +
logical partition copies?
mklvcopy -k datalv 3 hdisk4
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 292/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
8-38 AIX installation © Copyright IBM Corp. 2009
Removing a copy of a logical volume
The rmlvcopy command is used to reduce the total number of copies for a logical volume.Specify the total number wanted. For example, two if you are reducing the number of
copies from three to two. The rmlvcopy command allows you to specify which disk toremove the copy from.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 293/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 8. Working with the Logical Volume Manager 8-39
5.2
empty
Figure 8-29. Increasing the size of a logical volume AN121.1
Notes:
The extendlv command increases the number of logical partitions allocated to the
LogicalVolume, by allocating the number of additional logical partitions represented by the
Partitions parameter. The LogicalVolume parameter can be a logical volume name or alogical volume ID. To limit the allocation to specific physical volumes, use the names of one
or more physical volumes in the PhysicalVolume parameter. Otherwise, all the physicalvolumes in a volume group are available for allocating new physical partitions.
The default maximum number of partitions for a logical volume is 512. Before extending a
logical volume to more than 512 logical partitions, use the chlv command to increase thedefault value.
The default allocation policy is to use a minimum number of physical volumes per logicalvolume copy, to place the physical partitions belonging to a copy as contiguously as
possible, and then to place the physical partitions in the requested region specified by the-a flag. Also by default, each copy of a logical partition is placed on a separate physical
volume.
© Copyright IBM Corporation 2009
IBM Power Systems
Increasing the size of a logical volume
# smit extendlv
Increase the Size of a Logical Volume
Type or select values in entry fields.
Press Enter AFTER making all desired changes.
[Entry Fields]
* LOGICAL VOLUME name datalv
* Number of ADDITIONAL logical partitions [20] #
PHYSICAL VOLUME names [] +
POSITION on physical volume middle +
RANGE of physical volumes minimum +
MAXIMUM NUMBER of PHYSICAL VOLUMES [1] #
to use for allocationAllocate each logical partition copy yes +
on a SEPARATE physical volume?
File containing ALLOCATION MAP []
Increase the Size of a Logical Volume
Type or select values in entry fields.
Press Enter AFTER making all desired changes.
[Entry Fields]
* LOGICAL VOLUME name datalv
* Number of ADDITIONAL logical partitions [20] #
PHYSICAL VOLUME names [] +
POSITION on physical volume middle +
RANGE of physical volumes minimum +
MAXIMUM NUMBER of PHYSICAL VOLUMES [1] #
to use for allocationAllocate each logical partition copy yes +
on a SEPARATE physical volume?
File containing ALLOCATION MAP []
extendlv datalv 20
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 294/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
8-40 AIX installation © Copyright IBM Corp. 2009
Figure 8-30. Remove a logical volume AN121.1
Notes:
The rmlv command removes logical volumes, and in the process, destroys all data.
The LogicalVolume parameter can be a logical volume name or logical volume ID. The
logical volume first must be closed. If the volume group is varied on in concurrent mode,the logical volume must be closed on all the concurrent nodes on which the volume group
is varied on. For example, if the logical volume contains a file system, it must beunmounted. However, removing the logical volume does not notify the operating system
that the file system residing on it has been destroyed.
© Copyright IBM Corporation 2009
IBM Power Systems
Remove a logical volume
# smit rmlv
Remove a Logical Volume
Type or select values in entry fields.
Press Enter AFTER making all desired changes.
[Entry Fields]
LOGICAL VOLUME name [datalv2] +
Remove a Logical Volume
Type or select values in entry fields.
Press Enter AFTER making all desired changes.
[Entry Fields]
LOGICAL VOLUME name [datalv2] +
rmlv –f datalv2
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 295/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 8. Working with the Logical Volume Manager 8-41
5.2
empty
Figure 8-31. List all logical volumes by volume group AN121.1
Notes:
From the smit lv fastpath, the List all Logical Volumes by Volume Group option uses
lsvg -o to find out the active volume groups, and then lsvg -il to list the logical volumes
within them. The -i option of lsvg reads the list of volume groups from standard input.
© Copyright IBM Corporation 2009
IBM Power Systems
List all logical volumes by volume group
# lsvg -o | lsvg -i –l
datavg:
LV NAME TYPE LPs PPs PVs LV STATE MOUNT POINT
datalv jfs2 30 90 3 closed/syncd N/A
rootvg:
LV NAME TYPE LPs PPs PVs LV STATE MOUNT POINT
hd5 boot 1 1 1 closed/syncd N/A
hd6 paging 8 8 1 open/syncd N/A
hd8 jfslog 1 1 1 open/syncd N/A
hd4 jfs 15 15 1 open/syncd /
hd2 jfs 35 35 1 open/syncd /usr
hd9var jfs 5 5 1 open/syncd /var
hd3 jfs 3 3 1 open/syncd /tmp
hd1 jfs 1 1 1 open/syncd /homehd10opt jfs 4 4 1 open/syncd /opt
loglv00 jfs2log 1 1 1 closed/syncd N/A
hd11admin jfs 2 2 1 open/syncd /admin
fslv00 jfs2 2 2 1 closed/syncd /db2
# lsvg -o | lsvg -i –l
datavg:
LV NAME TYPE LPs PPs PVs LV STATE MOUNT POINT
datalv jfs2 30 90 3 closed/syncd N/A
rootvg:
LV NAME TYPE LPs PPs PVs LV STATE MOUNT POINT
hd5 boot 1 1 1 closed/syncd N/A
hd6 paging 8 8 1 open/syncd N/A
hd8 jfslog 1 1 1 open/syncd N/A
hd4 jfs 15 15 1 open/syncd /
hd2 jfs 35 35 1 open/syncd /usr
hd9var jfs 5 5 1 open/syncd /var
hd3 jfs 3 3 1 open/syncd /tmp
hd1 jfs 1 1 1 open/syncd /homehd10opt jfs 4 4 1 open/syncd /opt
loglv00 jfs2log 1 1 1 closed/syncd N/A
hd11admin jfs 2 2 1 open/syncd /admin
fslv00 jfs2 2 2 1 closed/syncd /db2
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 296/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
8-42 AIX installation © Copyright IBM Corp. 2009
Figure 8-32. Mirroring volume groups AN121.1
Notes:
The mirrorvg command takes all the logical volumes on a given volume group and
mirrors those logical volumes. This same functionality may also be accomplished manually
if you execute the mklvcopy command for each individual logical volume in a volumegroup. As with mklvcopy, the target physical drives to be mirrored with data, must already
be members of the volume group.
When mirrorvg is executed, the default behavior of the command requires that the
synchronization of the mirrors must complete before the command returns to the user. If
you wish to avoid the delay, use the –S (background Sync) or -s (disable sync) option.The default value of two copies is always used.
If there are only two disks in the volume group to be mirrored, Keep Quorum Checking
On should be set to no. Otherwise, if a disk were to fail, the entire volume group would go
offline.
© Copyright IBM Corporation 2009
IBM Power Systems
Mirroring volume groups
• Mirroring rootvg is very important.
Mirror a Volume Group
Type or select values in entry fields.
Press Enter AFTER making all desired changes.
[Entry Fields]
* VOLUME GROUP name rootvg
Mirror sync mode [Foreground] +
PHYSICAL VOLUME names [hdisk1] +
Number of COPIES of each logical 2 +
partition
Keep Quorum Checking On? no +
Create Exact LV Mapping? no +
Mirror a Volume Group
Type or select values in entry fields.
Press Enter AFTER making all desired changes.
[Entry Fields]
* VOLUME GROUP name rootvg
Mirror sync mode [Foreground] +
PHYSICAL VOLUME names [hdisk1] +
Number of COPIES of each logical 2 +
partition
Keep Quorum Checking On? no +Create Exact LV Mapping? no +
# smit mirrorvgmirrorvg rootvg hdisk1
# bosboot -a -d /dev/hdisk1
# bootlist -m normal hdisk0 hdisk1
# shutdown –Fr (not required with AIX6 and later)
# bosboot -a -d /dev/hdisk1
# bootlist -m normal hdisk0 hdisk1
# shutdown –Fr (not required with AIX6 and later)
Can be used
to mirror
any VG
Additional
steps
required for
rootvg
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 297/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 8. Working with the Logical Volume Manager 8-43
5.2
empty Protecting rootvg on AIX from disk failure is important. Mirroring the data is one way toachieve this. When mirroring rootvg there are additional steps to perform:
• Create a boot image on the mirrored disk, using bosboot command.
• Add the newly mirrored disk to the bootlist.
• Shut down and reboot the system.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 298/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
8-44 AIX installation © Copyright IBM Corp. 2009
Figure 8-33. Physical volumes AN121.1
Notes:
A physical partition is a fixed size, contiguous set of bytes, on a physical volume (PV).
Physical partitions (PP) must be the same size across an entire volume group. However,
there may be multiple volume groups on a single system, each with a different PP size.
The limitations for each type of volume group (original, big, and scalable) such as thenumber of physical volumes and size of the physical partitions, was given in the last unit,
System Storage Overview .
© Copyright IBM Corporation 2009
IBM Power Systems
Physical volumes
Volume group
• Physical volume (PV) – Hard disk, a virtual disk or a LUN
• Physical partition (PP) – Smallest assignable unit of allocation on a physical disk
1
7
13
19
25
31
35
41
47
2
8
14
20
26
32
36
42
48
34
910
1516
2122
2728
3334
3738
4344
4950
1
7
13
19
25
31
35
41
47
2
8
14
20
26
32
36
42
48
34
910
1516
2122
2728
3334
3738
4344
4950
Physical partitions
PV1 PV2
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 299/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 8. Working with the Logical Volume Manager 8-45
5.2
empty
Figure 8-34. SMIT physical volumes menu AN121.1
Notes:
This is the top-level menu for physical volume. Each of these items is discussed in the
following pages.
© Copyright IBM Corporation 2009
IBM Power Systems
SMIT physical volumes menu
# smit pv
Physical Volumes
Move cursor to desired item and press Enter.
List All Physical Volumes in System
Add a Disk
Change Characteristics of a Physical Volume
List Contents of a Physical Volume
Move Contents of a Physical Volume
Physical Volumes
Move cursor to desired item and press Enter.
List All Physical Volumes in System
Add a Disk
Change Characteristics of a Physical Volume
List Contents of a Physical Volume
Move Contents of a Physical Volume
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 300/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
8-46 AIX installation © Copyright IBM Corp. 2009
Figure 8-35. List physical volume information AN121.1
Notes:
From the smit pv fastpath, the List all Physical Volumes in System option uses
the undocumented command lspv | /usr/bin/awk {print$1}'' list the physical
volumes in the system.
The lspv command with no parameters can be used to list the physical volume name,
physical volume identifier, and volume group for all physical volumes in the system.
The lspv pvname command gives status information about the physical volume. Themost useful information here is:
• State (active or inactive)
• Number of physical partition copies that are stale (are not up to date with other copies)
• Total number of physical partitions
• Number of free physical partitions
• Distribution of free space on the physical volume
© Copyright IBM Corporation 2009
IBM Power Systems
List physical volume information
# lspvhdisk0 00cf2e7ff02c5fc4 rootvg active
hdisk1 00cf2e7f713ca357 None
hdisk2 00cf2e7fea693331 datavg active
hdisk3 00cf2e7fea6a26e0 datavg active
hdisk4 00cf2e7fea6a318 datavg active
# lspv
hdisk0 00cf2e7ff02c5fc4 rootvg activehdisk1 00cf2e7f713ca357 None
hdisk2 00cf2e7fea693331 datavg active
hdisk3 00cf2e7fea6a26e0 datavg active
hdisk4 00cf2e7fea6a318 datavg active
# lspv hdisk3
PHYSICAL VOLUME: hdisk3 VOLUME GROUP: datavg
PV IDENTIFIER: 00cf2e7fea6a26e0
VG IDENTIFIER 00cf2e7f00004c000000011d68130bea
PV STATE: active
STALE PARTITIONS: 0 ALLOCATABLE: yes
PP SIZE: 4 megabyte(s) LOGICAL VOLUMES: 1
TOTAL PPs: 511 (2044 megabytes) VG DESCRIPTORS: 1
FREE PPs: 481 (1924 megabytes) HOT SPARE: no
USED PPs: 30 (120 megabytes) MAX REQUEST: 256K
FREE DISTRIBUTION: 103..72..102..102..102
USED DISTRIBUTION: 00..30..00..00..00
# lspv hdisk3
PHYSICAL VOLUME: hdisk3 VOLUME GROUP: datavg
PV IDENTIFIER: 00cf2e7fea6a26e0
VG IDENTIFIER 00cf2e7f00004c000000011d68130beaPV STATE: active
STALE PARTITIONS: 0 ALLOCATABLE: yes
PP SIZE: 4 megabyte(s) LOGICAL VOLUMES: 1
TOTAL PPs: 511 (2044 megabytes) VG DESCRIPTORS: 1
FREE PPs: 481 (1924 megabytes) HOT SPARE: no
USED PPs: 30 (120 megabytes) MAX REQUEST: 256K
FREE DISTRIBUTION: 103..72..102..102..102
USED DISTRIBUTION: 00..30..00..00..00
• List all physical volumes in the system.
• List the attributes of a PV.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 301/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 8. Working with the Logical Volume Manager 8-47
5.2
empty
Figure 8-36. List logical volumes on a physical volume AN121.1
Notes:
The lspv -l pvname command lists all the logical volumes on a physical volume
including the number of logical partitions, physical partitions, and distributions on the disk.
© Copyright IBM Corporation 2009
IBM Power Systems
List logical volumes on a physical volume
# lspv -l hdisk0
hdisk0:LV NAME LPs PPs DISTRIBUTION MOUNT POINT
hd2 35 35 00..00..03..20..12 /usr
hd9var 5 5 00..05..00..00..00 /var
hd8 1 1 00..00..01..00..00 N/A
hd4 15 15 00..00..15..00..00 /
hd5 1 1 01..00..00..00..00 N/A
hd6 8 8 00..08..00..00..00 N/A
hd10opt 4 4 04..00..00..00..00 /opt
hd3 3 3 00..03..00..00..00 /tmp
hd1 1 1 00..01..00..00..00 /home
hd11admin 2 2 00..02..00..00..00 /admin
fslv00 2 2 02..00..00..00..00 /db2
loglv00 1 1 00..01..00..00..00 N/A
# lspv -l hdisk0
hdisk0:
LV NAME LPs PPs DISTRIBUTION MOUNT POINT
hd2 35 35 00..00..03..20..12 /usr
hd9var 5 5 00..05..00..00..00 /var
hd8 1 1 00..00..01..00..00 N/A
hd4 15 15 00..00..15..00..00 /
hd5 1 1 01..00..00..00..00 N/A
hd6 8 8 00..08..00..00..00 N/A
hd10opt 4 4 04..00..00..00..00 /opt
hd3 3 3 00..03..00..00..00 /tmp
hd1 1 1 00..01..00..00..00 /home
hd11admin 2 2 00..02..00..00..00 /admin
fslv00 2 2 02..00..00..00..00 /db2
loglv00 1 1 00..01..00..00..00 N/A
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 302/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
8-48 AIX installation © Copyright IBM Corp. 2009
Figure 8-37. List a physical volume partition map AN121.1
Notes:
The lspv -p pvname command lists all the logical volumes on a disk, and the physical
partitions to which its logical partitions are mapped. It is listed in physical partition order and
shows what partitions are free and which are used, as well as the location; that is, center,outer middle, outer edge, inner edge, and inner middle.
© Copyright IBM Corporation 2009
IBM Power Systems
List a physical volume partition map
# lspv -p hdisk0
hdisk0:PP RANGE STATE REGION LV NAME TYPE MOUNT POINT
1-1 used outer edge hd5 boot N/A
2-14 free outer edge
15-16 used outer edge fslv00 jfs2 /db2
17-20 used outer edge hd10opt jfs2 /opt
21-28 used outer middle hd6 paging N/A
29-29 used outer middle loglv00 jfs2log N/A
30-31 used outer middle hd11admin jfs2 /admin
32-32 used outer middle hd1 jfs2 /home
33-35 used outer middle hd3 jfs2 /tmp
36-40 used outer middle hd9var jfs2 /var
41-41 used center hd8 jfslog N/A
42-56 used center hd4 jfs2 /
57-59 used center hd2 jfs2 /usr
60-79 used inner middle hd2 jfs2 /usr
80-91 used inner edge hd2 jfs2 /usr
92-99 free inner edge
# lspv -p hdisk0
hdisk0:
PP RANGE STATE REGION LV NAME TYPE MOUNT POINT
1-1 used outer edge hd5 boot N/A
2-14 free outer edge
15-16 used outer edge fslv00 jfs2 /db2
17-20 used outer edge hd10opt jfs2 /opt
21-28 used outer middle hd6 paging N/A
29-29 used outer middle loglv00 jfs2log N/A
30-31 used outer middle hd11admin jfs2 /admin
32-32 used outer middle hd1 jfs2 /home
33-35 used outer middle hd3 jfs2 /tmp
36-40 used outer middle hd9var jfs2 /var
41-41 used center hd8 jfslog N/A
42-56 used center hd4 jfs2 /57-59 used center hd2 jfs2 /usr
60-79 used inner middle hd2 jfs2 /usr
80-91 used inner edge hd2 jfs2 /usr
92-99 free inner edge
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 303/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 8. Working with the Logical Volume Manager 8-49
5.2
empty
Figure 8-38. Add or move contents of physical volumes AN121.1
Notes:
Although there is an option in SMIT to add a physical volume to the system SMIT >
Devices > Add a Disk, in reality the use of this function is not required. Today,
virtually all disks can be configured to AIX using the configuration manager (cfgmgr).
Preparation to remove a physical device
The migratepv command can be used to move all partitions, or partitions from a
selected logical volume, from one physical volume, to one or more other physicalvolumes in the same volume group. This would be used if the physical volume is about
to be taken out of service and removed from the machine or to balance disk usage.
© Copyright IBM Corporation 2009
IBM Power Systems
Add or move contents of physical volumes
• Today, virtually all disks are configured to AIX throughconfiguration manager (cfgmgr).
• Move the contents of a physical volume:
migratepv [ -l lvname ] sourcePV targetPV ..
# migratepv -l lv02 hdisk0 hdisk6# migratepv -l lv02 hdisk0 hdisk6
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 304/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
8-50 AIX installation © Copyright IBM Corp. 2009
Figure 8-39. Documenting the disk storage setup AN121.1
Notes:
It is important to have your storage information readily available in case you have a
problem with your system, or in the very worst case, a system crashes. The commands in
the visual help you to get this information.
© Copyright IBM Corporation 2009
IBM Power Systems
Documenting the disk storage setup
• List the volume groups:
# lsvg
• List the disks on the system (PVID and volume group):
# lspv
• List which logical volumes are contained in each volumegroup:
# lsvg -l vgname
• List the logical volumes on each disk:
# lspv -l pvname
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 305/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 8. Working with the Logical Volume Manager 8-51
5.2
empty
Figure 8-40. Checkpoint AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Checkpoint
1. True or False: A logical volume can span more than onephysical volume.
2. True or False: A logical volume can span more than onevolume group.
3. True or False: The contents of a physical volume can bedivided between two volume groups.
4. True or False: If mirroring logical volumes, it is not necessaryto perform a backup.
5. True or False: SMIT can be used to easily increase or decreasethe size of an enhanced JFS filesystem.
6. True or False: Striping can be combined with mirroring toprovide increased performance and availability.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 306/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
8-52 AIX installation © Copyright IBM Corp. 2009
Figure 8-41. Exercise 8 AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Exercise 8
Working with LVM
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 307/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 8. Working with the Logical Volume Manager 8-53
5.2
empty
Figure 8-42. Unit summary AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Unit summary
Having completed this unit, you should be able to:
• Explain how to work with the Logical Volume Manager • Add, change, and delete:
– Volume groups – Logical volumes – Physical volumes
• Describe essential LVM concepts, such as:
– Mirroring – Striping
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 308/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
8-54 AIX installation © Copyright IBM Corp. 2009
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 309/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 9. File systems administration 9-1
5.2
empty Unit 9. File systems administration
What this unit is about
This unit covers important concepts and procedures related to AIX file
systems.
What you should be able to do
After completing this unit, you should be able to:
• Identify the components of an AIX file system
• Work with enhanced Journaled file systems
• Add, list, change, and delete
• Monitor file system disk space usage • Manage file system growth and control growing files
• Implement basic file system integrity checks
How you will check your progress
Accountability:
• Checkpoint questions• Exercise
References
Online AIX Version 6.1 Operating system and device
management
AIX Version 6.1 File Reference
SG24-5432 AIX Logical Volume Manager, from A to Z: Introduction
and Concepts (redbook)
Note: References listed as “Online” above are available at thefollowing address:
http://publib.boulder.ibm.com/infocenter/systems/index.jsp
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 310/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
9-2 AIX installation © Copyright IBM Corp. 2009
Figure 9-1. Unit objectives AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Unit objectives
After completing this unit, you should be able to:• Identify the components of an AIX file system• Work with enhanced Journaled file systems
– Add, list, change, and delete
• Monitor file system disk space usage• Manage file system growth and control growing files• Implement basic file system integrity checks
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 311/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 9. File systems administration 9-3
5.2
empty
Figure 9-2. Journaled file system support in AIX AN121.1
Notes:
Journaled File Systems (JFS)
JFS was developed for transaction-oriented, high performance Power Systems. JFS is
both saleable and robust. One of the key features of the file system is logging. JFS is arecoverable file system, which ensures that if the system fails during power outage, or
system crash, no file system transactions will be left in an inconsistent state.
Migration
JFS file systems can co-exist on the same system with JFS2 file systems. However, to fullyutilize the JFS2 features, the following steps are necessary:
1. Backup JFS file system data.
2. Create new JFS2 file systems.
3. Restore JFS file system data to new JFS2 file systems.
© Copyright IBM Corporation 2009
IBM Power Systems
Journaled file system support in AIX
• Two types supported: – Journaled File System (JFS) – Enhanced JFS, commonly referred to as JFS2
• JFS is the original AIX file system.• JFS2 was introduced in AIX 5.1 and is now the default file
system (since AIX 5.3).• Journaling:
– Before writing actual data, a journaling file system logs the metadatato a circular JFS log on disk.
– In the event of an OS crash, journaling restores consistency by
processing the information in the JFS log file.• There is no migration path from JFS to JFS2.
– Conversion can only be achieved through backup and restore.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 312/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
9-4 AIX installation © Copyright IBM Corp. 2009
Figure 9-3. Advantages of enhanced JFS (JFS2) AN121.1
Notes:
JFS2 is the default file system type on AIX, since version 5.3. JFS2 provides increased
performance and flexibility when compared to its predecessor, JFS.
JFS filesystems:
• Cannot be dynamically decreased
• Can only support large files, greater than 2GB, if created in a special large enabledfilesystem
- Individual file size can be up to 64GB with JFS as opposed to 16TB with JFS2 • Only support external JFS logging
• Have no support for data encryption or snapshots. A snapshot is a point-in-time image,like a photograph, of a JFS2 file system
© Copyright IBM Corporation 2009
IBM Power Systems
Advantages of enhanced JFS (JFS2)
• Increased performance• Increased flexibility
– Filesystems can be dynamically increased and decreased. – Support for larger enabled filesystems – Internal or external JFS logging – Data encryption – Support for snapshots
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 313/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 9. File systems administration 9-5
5.2
empty
Figure 9-4. JFS2 structural components AN121.1
Notes:
Superblock
The first addressable logical block on the file system is the superblock. The superblock
contains information such as the file system name, size, number of inodes, and date/timeof creation. The superblock is critical to the file system and, if corrupted, prevents the file
system from mounting. For this reason, a backup copy of the superblock is always writtenin block 31.
Inodes
Each file and directory has an associated i-node which contains metadata such as
ownership and access times. JFS2 allocates i-nodes, as required.
Data blocks
An individual file within a file system, by default, has units allocated to it in blocks of 4096bytes. The file system block size can be set to 512, 1024, 2048, or 4096 bytes. A smaller
block size uses less disk space for small files, but may degrade performance. Some AIX
© Copyright IBM Corporation 2009
IBM Power Systems
JFS2 structural components
• Superblock – The superblock maintains information about the entire file
system.• i-nodes
– Each file and directory has an i-node that contains accessinformation such as file type, access permissions, owner's ID,and number of links to that file.
• Data blocks – Contains file data – Each file system has a user settable fixed block size attribute
• 512, 1024, 2048, or 4096 bytes
• Allocation maps – Record the location and allocation of all i-nodes and theallocation state of each data block.
• Allocation groups – Responsible for dividing the file system space into chunks so
related data blocks and i-nodes can be clustered together toachieve good locality
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 314/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
9-6 AIX installation © Copyright IBM Corp. 2009
commands often report file sizes in units of 512 bytes, to remain compatible with otherUNIX file systems. This is independent of the actual unit of allocation.
Allocation maps
A JFS2 file system has two allocation maps:
• The i-node allocation map records the location and allocation of all i-nodes in the file
system.• The block allocation map records the allocation state of each file system block.
Allocation groups
Allocation groups divide the space on a file system into chunks. Allocation groups allow
JFS2 allocation policies to use well-known methods for achieving optimum I/Operformance. The allocation policies try to cluster related disk blocks and disk i-nodes to
achieve good locality for the disk, as files are often read and written sequentially, and thefiles within a directory are often accessed together.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 315/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 9. File systems administration 9-7
5.2
empty
Figure 9-5. Listing i-node and block size information AN121.1
Notes:
The istat command can be used to display the i-node information for a particular file or
directory. You can specify the file either by providing a file or directory name, or by
providing an i-node number using the –i flag. I-node numbers can be discovered using the –i flag with the ls command.
The file system block size information can be discovered using the lsfs command.
© Copyright IBM Corporation 2009
IBM Power Systems
Listing i-node and block size information
• To view i-node information:
• To view file system block size information:
# ls -litotal 3
12309 -rw-r----- 1 adminusr security 119 12 Feb 19:43 datafile1
12307 -rwxr----- 1 adminusr security 254 27 Jan 18:19 .profile
12308 -rw------- 1 adminusr security 156 28 Jan 14:31 .sh_history
# istat datafile1Inode 12309 on device 10/8 File
Protection: rw-r-----
Owner: 211(adminusr) Group: 7(security)
Link count: 1 Length 119 bytes
Last updated: Thu 12 Feb 19:44:09 2009
Last modified: Thu 12 Feb 19:43:42 2009
Last accessed: Thu 12 Feb 19:43:42 2009
# ls -litotal 312309 -rw-r----- 1 adminusr security 119 12 Feb 19:43 datafile1
12307 -rwxr----- 1 adminusr security 254 27 Jan 18:19 .profile
12308 -rw------- 1 adminusr security 156 28 Jan 14:31 .sh_history
# istat datafile1Inode 12309 on device 10/8 File
Protection: rw-r-----
Owner: 211(adminusr) Group: 7(security)
Link count: 1 Length 119 bytes
Last updated: Thu 12 Feb 19:44:09 2009
Last modified: Thu 12 Feb 19:43:42 2009
Last accessed: Thu 12 Feb 19:43:42 2009
# lsfs –cq /data#MountPoint:Device:Vfs:Nodename:Type:Size:Options:AutoMount:Acct
/data:/dev/fslv00:jfs2:::204800:rw:no:no
(lv size 204800:fs size 204800:block size 4096
# lsfs –cq /data#MountPoint:Device:Vfs:Nodename:Type:Size:Options:AutoMount:Acct
/data:/dev/fslv00:jfs2:::204800:rw:no:no
(lv size 204800:fs size 204800:block size 4096
i-node
number
Block size.
(Some output
removed for
clarity.)
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 316/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
9-8 AIX installation © Copyright IBM Corp. 2009
Figure 9-6. Creating a JFS2 file system (1 of 2) AN121.1
Notes:
The SMIT screen in the visual shows the creation of a 1GB filesystem (/data) in volume
group: datavg. The creation is done by the crfs command.
In this example, the crfs command will create a file system on a new logical volume,within a previously created volume group. An entry for the file system is put into the
/etc/filesystems file.
For further information, see the crfs man page.
© Copyright IBM Corporation 2009
IBM Power Systems
Creating a JFS2 file system (1 of 2)
# smit crfs_j2
Add an Enhanced Journaled File System
[Entry Fields]
Volume group name datavg
SIZE of file system
Unit Size Gigabytes +
* Number of units [1] #
* MOUNT POINT [/data]
Mount AUTOMATICALLY at system restart? No +
PERMISSIONS read/write +
Mount OPTIONS [] +
Block Size (bytes) 4096 +
Logical Volume for Log +
Inline Log size (MBytes) [] #
Extended Attribute Format +
ENABLE Quota Management? no +
Enable EFS? no +
Allow internal snapshots? no +
Add an Enhanced Journaled File System
[Entry Fields]
Volume group name datavg
SIZE of file system
Unit Size Gigabytes +
* Number of units [1] #
* MOUNT POINT [/data]
Mount AUTOMATICALLY at system restart? No +
PERMISSIONS read/write +
Mount OPTIONS [] +Block Size (bytes) 4096 +
Logical Volume for Log +
Inline Log size (MBytes) [] #
Extended Attribute Format +
ENABLE Quota Management? no +
Enable EFS? no +
Allow internal snapshots? no +
# crfs -v jfs2 -g datavg -a size=1G –m /data
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 317/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 9. File systems administration 9-9
5.2
empty
Figure 9-7. Creating a JFS2 file system (2 of 2) AN121.1
Notes:
The visual shows the actual creation of the /data file system shown in the previous slide.
The lsfs command can be used to display the characteristics of the file system.
Prior to the creation of the file system, the contents of the datavg volume group wereempty. We can see two logical volumes created, loglv and fslv00. The loglv volume acts
as the JFS log for both the /data file system and by default any other file systems that willbe created. In creating a file system this way the underlying logical volume is created using
default options. Often it is preferable to first create the logical volume (using custom values)
and then create the file system on top. We shall see this procedure later in the unit.
© Copyright IBM Corporation 2009
IBM Power Systems
Creating a JFS2 file system (2 of 2)
# crfs -v jfs2 -g datavg -a size=1G -m /data
File system created successfully.
1048340 kilobytes total disk space.
New File System size is 2097152
# lsfs /data
Name Nodename Mount Pt VFS Size Options Auto
/dev/fslv00 -- /data jfs2 2097152 -- no
# lsvg -l datavg
datavg:LV NAME TYPE LPs PPs PVs LV STATE MOUNT
POINT
loglv00 jfs2log 1 1 1 closed/syncd N/A
fslv00 jfs2 256 256 1 closed/syncd /data
# crfs -v jfs2 -g datavg -a size=1G -m /data
File system created successfully.
1048340 kilobytes total disk space.
New File System size is 2097152
# lsfs /data
Name Nodename Mount Pt VFS Size Options Auto
/dev/fslv00 -- /data jfs2 2097152 -- no
# lsvg -l datavg
datavg:
LV NAME TYPE LPs PPs PVs LV STATE MOUNTPOINT
loglv00 jfs2log 1 1 1 closed/syncd N/A
fslv00 jfs2 256 256 1 closed/syncd /data
JFS log automatically
created, 1 LP in size
(if one does not already
exist) for the VG.
• When the file system is created, the lsfs command will displaythe characteristics of the file system.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 318/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
9-10 AIX installation © Copyright IBM Corp. 2009
Figure 9-8. Mounting a file system and the /etc/filesystems file AN121.1
Notes:
Upon creation of a file system, a stanza in appended to the /etc/filesystems file.
The stanza includes:
• The device (dev) which is the underlying logical volume
• The virtual file system type (vfs)
• The path to the JFS log device (log)
• Whether the file system should be mounted at system start time (mount) and processed
by the AIX accounting system (account).Before the filesystem can be used it must first be mounted, using the mount command. As
there is a stanza in the /etc/filesystems file, the only parameter required is the name of thefile system. The mount command with no options, will display all file systems which are
currently mounted and available for use.
© Copyright IBM Corporation 2009
IBM Power Systems
Mounting a file system and the /etc/filesystems file
• When a file system is created, the device and mount pointinformation is stored in the /etc/filesystems file.
# grep -p /data /etc/filesystems
/data:
dev = /dev/fslv00
vfs = jfs2
log = /dev/loglv00
mount = false
account = false
# grep -p /data /etc/filesystems
/data:
dev = /dev/fslv00
vfs = jfs2
log = /dev/loglv00
mount = false
account = false
# mount /data
# mount |egrep '(/data|node)'
node mounted mounted over vfs date options
/dev/fslv00 /data jfs2 13 Feb 10:32 rw,log=/dev/loglv00
# mount /data
# mount |egrep '(/data|node)'
node mounted mounted over vfs date options
/dev/fslv00 /data jfs2 13 Feb 10:32 rw,log=/dev/loglv00
The mount command reads the
stanza in the
/etc/filesystems file, so
only the mount point is
required.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 319/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 9. File systems administration 9-11
5.2
empty
Figure 9-9. JFS2 logging options AN121.1
Notes:
As we have seen by default, a JFS log file is created when the first file system is created in
a volume group. This JFS log will act as the global logging device for all file systems,
unless:
• A specific external log is created for each file systems in the volume group. This
approach has several advantages. It will aide performance and availability. If thelogging device were to become corrupt, it would only affect the associated file system.
• The JFS log device is internal to the filesystem (inline). This saves time having to
create, format, and manage a separate JFS log volume. Inline logging is only availablewith JFS2 file systems.
© Copyright IBM Corporation 2009
IBM Power Systems
JFS2 logging options
• For JFS2 file systems, there are three logging options: – Use the global JFS log for the volume group. – Create a specific JFS log for each file system.
• 1 LP in size• Format the log using the logform command.
– Create an inline log inside the file system.• 0.4% of the file system space will be reserved for this option.
# mklv –y my_jfs2_log –t jfs2log datavg 1
# logform /dev/my_jfs2_log
logform: destroy /dev/rmy_jfs2_log (y)?y
# crfs -v jfs2 -g datavg -a size=1G -m /data -a logname=my_jfs2_log
# mklv –y my_jfs2_log –t jfs2log datavg 1
# logform /dev/my_jfs2_log
logform: destroy /dev/rmy_jfs2_log (y)?y
# crfs -v jfs2 -g datavg -a size=1G -m /data -a logname=my_jfs2_log
# crfs -v jfs2 -g datavg -a size=1G -m /data -a logname=INLINE /
-a logsize=<value in MB>
# crfs -v jfs2 -g datavg -a size=1G -m /data -a logname=INLINE /
-a logsize=<value in MB>
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 320/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
9-12 AIX installation © Copyright IBM Corp. 2009
Figure 9-10. Creating a file system on a previously defined logical volume AN121.1
Notes:
Adding a file system to a previously created logical volume provides greater control over
where the file system will reside on disk and provides options for availability and
performance. When creating file systems in highly available environments (for example,using PowerHA or Veritas Cluster Services), one should always follow this method. On
creation, the size of the filesystem is set to the size of the logical volume. For example, ifthe PP size for the volume group is 64MB, and the logical volume was 4 LPs in size, then
the size of the file system would be (4 x 64MB) 256MB.
After the file system is created:• If the logical volume is expanded, the size of the file system is not increased.
• The underlying logical volume policies can be dynamically changed. However, there will
be a performance hit, especially for large file systems.
© Copyright IBM Corporation 2009
IBM Power Systems
Creating a file system on a previously defined logicalvolume
# smit crfs_j2
Add an Enhanced Journaled File System
[Entry Fields]
* LOGICAL VOLUME name lv_for_data +
* MOUNT POINT [/data2]
Mount AUTOMATICALLY at system restart? yes +
PERMISSIONS read/write +
Mount OPTIONS [] +
Block Size (bytes) 4096 +
Logical Volume for Log +
Inline Log size (MBytes) [] #Extended Attribute Format +
ENABLE Quota Management? no +
Enable EFS? no +
Allow internal snapshots? No +
Add an Enhanced Journaled File System
[Entry Fields]
* LOGICAL VOLUME name lv_for_data +
* MOUNT POINT [/data2]
Mount AUTOMATICALLY at system restart? yes +
PERMISSIONS read/write +
Mount OPTIONS [] +
Block Size (bytes) 4096 +
Logical Volume for Log +
Inline Log size (MBytes) [] #Extended Attribute Format +
ENABLE Quota Management? no +
Enable EFS? no +
Allow internal snapshots? No +
# crfs -v jfs2 –d lv_for_data –m /data2 –A yes
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 321/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 9. File systems administration 9-13
5.2
empty
Figure 9-11. Changing the size of a JFS2 file system AN121.1
Notes:
JFS2 file systems can be dynamically increased or decreased in size (subject to available
space and LVM rules). You can either choose to increase or decrease by a set amount,
using + or – options respectively, or by providing a specific set number, as shown in theSMIT example.
© Copyright IBM Corporation 2009
IBM Power Systems
Changing the size of a JFS2 file system
• To increase the size of a file system:
• To shrink the size of a file system:
• Using SMIT: # smit chjfs2
# chfs -a size=+1G /data2
Filesystem size changed to 2179072
# chfs -a size=+1G /data2
Filesystem size changed to 2179072
# chfs -a size=-500M /data2
Filesystem size changed to 1155072
# chfs -a size=-500M /data2
Filesystem size changed to 1155072
Change / Show Characteristics of an Enhanced Journaled File System
[Entry Fields]
File system name /data2
NEW mount point [/data2]
SIZE of file system
Unit Size Gigabytes +
Number of units [10] #
Note: Advanced options removed.
Change / Show Characteristics of an Enhanced Journaled File System
[Entry Fields]File system name /data2
NEW mount point [/data2]
SIZE of file system
Unit Size Gigabytes +
Number of units [10] #
Note: Advanced options removed.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 322/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
9-14 AIX installation © Copyright IBM Corp. 2009
Figure 9-12. Removing a JFS2 file system AN121.1
Notes:
Ways to remove a file system
The rmfs command or SMIT can be used to remove a file system.
Restrictions
In order to remove a file system, it must be unmounted from the overall file tree, and this
cannot be done if the file system is in use, that is, some user or process is using the filesystem or has it as a current directory.
Effects of using rmfs commandThe rmfs command removes any information for the file system from the ODM and
/etc/filesystems. When the file system is removed, the logical volume on which it residesis also removed.
© Copyright IBM Corporation 2009
IBM Power Systems
Removing a JFS2 file system
Remove an Enhanced Journaled File System
[Entry Fields]
* FILE SYSTEM name /data2 +
Remove Mount Point no +
Remove an Enhanced Journaled File System
[Entry Fields]
* FILE SYSTEM name /data2 +
Remove Mount Point no +
# rmfs /data2
• The file system must first be unmounted.
• Using SMIT: # smitty rmfs2
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 323/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 9. File systems administration 9-15
5.2
empty Syntax
The syntax of the rmfs command is:
rmfs [-r] [-i] FileSystem
• r Removes the mountpoint of the file system
• i Displays warning and prompts the user before removing the file system
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 324/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
9-16 AIX installation © Copyright IBM Corp. 2009
Figure 9-13. File system space management AN121.1
Notes:
The Resource Monitoring and Control (RMC) subsystem
You can also use the Resource Monitoring and Control (RMC) subsystem that is based on
the AIX Reliable Scalable Cluster Technology (RSCT) filesets. Web-based SystemManager can be used to configure RMC. The ctrmc subsystem is started in the
/etc/inittab. RMC is outside the scope of the course.
© Copyright IBM Corporation 2009
IBM Power Systems
File system space management
• File systems expand upon notice, not automatically.
• To keep from running into problems: – Monitor file system growth
– Determine causes
– Control growing files
– Manage file system space usage
– Control user disk usage
– Block size considerations
– Fragmentation considerations
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 325/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 9. File systems administration 9-17
5.2
empty
Figure 9-14. Listing file system utilization AN121.1
Notes:
Importance of the df command
The df command lists the free space on all mounted file systems.
This is an important command to know about and use frequently. If you run out of space in
a file system (especially / or / tmp), system corruption could occur.
Useful df command flags
A number of flags (options) can be used with the df command. Some of the most useful of
these flags are shown below:-i Displays the number of free and used i-nodes for the file system; this output is
the default when the specified file system is mounted-I Displays information on the total number of blocks, the used space, the free
space, the percentage of used space, and the mount point for the file system-k Displays statistics in units of 1024-byte blocks
-m Displays statistics in units of MB blocks-g Displays statistics in units of GB blocks
© Copyright IBM Corporation 2009
IBM Power Systems
Listing file system utilization
• The df command displays information about total space andavailable space on a file system.
# df [-k] [-m] [-g]
# df -g
Filesystem GB blocks Free %Used Iused %Iused Mounted on
/dev/hd4 1.44 1.10 24% 9896 2% /
/dev/hd2 2.50 0.10 97% 49616 8% /usr
/dev/hd9var 0.31 0.24 25% 1308 2% /var
/dev/hd3 0.12 0.12 6% 128 1% /tmp
/proc - - - - - /proc
/dev/hd10opt 0.25 0.03 88% 4567 7% /opt/dev/fslv00 8.00 1.40 83% 6888 3% /export
/dev/fslv01 9.00 2.33 75% 4059 1% /aix
/dev/lv00 0.12 0.12 4% 20 1% /audit
/dev/hd11admin 0.12 0.12 4% 18 1% /admin
/dev/hd1 0.62 0.16 75% 270 1% /home
grumpy:/nimback 25.00 3.26 87% 9 1% /mnt
# df -g
Filesystem GB blocks Free %Used Iused %Iused Mounted on
/dev/hd4 1.44 1.10 24% 9896 2% /
/dev/hd2 2.50 0.10 97% 49616 8% /usr
/dev/hd9var 0.31 0.24 25% 1308 2% /var
/dev/hd3 0.12 0.12 6% 128 1% /tmp
/proc - - - - - /proc
/dev/hd10opt 0.25 0.03 88% 4567 7% /opt
/dev/fslv00 8.00 1.40 83% 6888 3% /export
/dev/fslv01 9.00 2.33 75% 4059 1% /aix
/dev/lv00 0.12 0.12 4% 20 1% /audit
/dev/hd11admin 0.12 0.12 4% 18 1% /admin
/dev/hd1 0.62 0.16 75% 270 1% /home
grumpy:/nimback 25.00 3.26 87% 9 1% /mnt
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 326/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
9-18 AIX installation © Copyright IBM Corp. 2009
Figure 9-15. Monitoring file system growth AN121.1
Notes:
The need to monitor file system growth
Although AIX provides for dynamic expansion of a file system, it does not expand the file
system on the fly. The system administrator must continually monitor file system growthand expand file systems as required before they get full. If a file system becomes 100% full,
then the users receive out of space messages when they try to extend files.
Regular use of the df command
One useful technique is to run the df command through cron, the job scheduler, to performa regular check of the space available in the file system and produce a report. cron is
covered in a later unit.
© Copyright IBM Corporation 2009
IBM Power Systems
Monitoring file system growth
• A simple script using the df command, which can be run at
regular intervals to warn against file systems becoming full
#!/bin/ksh
df | egrep -v '(used|proc)' | awk '{print $4" "$7}' \
| sed 's:%::g' | while read LINE
do
PERC=`echo $LINE | awk '{print $1}'`
FILESYSTEM=`echo $LINE | awk '{print $2}'`
if [ $PERC -gt 70 ]
then
mail -s "Filesystem check on box: `hostname`" \[email protected] << EOF
$FILESYSTEM is $PERC% full, please check
EOF
fi
done
#!/bin/ksh
df | egrep -v '(used|proc)' | awk '{print $4" "$7}' \
| sed 's:%::g' | while read LINE
do
PERC=`echo $LINE | awk '{print $1}'`
FILESYSTEM=`echo $LINE | awk '{print $2}'`
if [ $PERC -gt 70 ]
then
mail -s "Filesystem check on box: `hostname`" \[email protected] << EOF
$FILESYSTEM is $PERC% full, please check
EOF
fi
done
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 327/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 9. File systems administration 9-19
5.2
empty
Figure 9-16. Listing disk usage AN121.1
Notes:
Use of the du command
There may be a number of files or users that are causing the increased use of space in a
particular file system. The du command helps to determine which files, users, or both, arecausing the problem.
Specifying the units du should use
By default, du gives size information in 512-byte blocks. Use the -k option to display sizes
in 1 KB units, use the -m option to display sizes in 1 MB units, or use the -g option todisplay sizes in 1 GB units.
Specifying output by file
By default, du gives information by directory. With the -a option, output is displayed by file,
rather than by directory.
© Copyright IBM Corporation 2009
IBM Power Systems
Listing disk usage
• The du command lists the number of blocks used by a file or adirectory.
/export # du -sg .
6.59 .
/export # du gethmc.sh
8 FirstBoot.sh
/export # du –sm * | sort -rn
2131.16 mksysbaix53
1846.36 mksysbaix61
1373.11 mksysbaix61.light
248.52 spot0.01 nim
0.01 bosinst.data
0.00 FirstBoot.sh
0.00 BUILD.sh
/export # du -sg .
6.59 .
/export # du gethmc.sh
8 FirstBoot.sh
/export # du –sm * | sort -rn
2131.16 mksysbaix53
1846.36 mksysbaix61
1373.11 mksysbaix61.light
248.52 spot0.01 nim
0.01 bosinst.data
0.00 FirstBoot.sh
0.00 BUILD.sh
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 328/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
9-20 AIX installation © Copyright IBM Corp. 2009
Using du in conjunction with sort
If the output of du is sorted numerically and in descending order (using the -n and –r flagsof the sort command) by the value in the first column, this output can be an aid in
determining which files/directories are the largest. Then using an ls -l, you can determinethe file/directory's owner.
The -x flag
The -x flag/option is also very useful. When you use du -ax, the report only showsinformation from the specified file system. This is the best way to determine what file is
filling a particular file system.
Using the find command to locate large files
The find command is useful for locating files that are over a certain size. For example, tofind all files that contain more than 1 000 000 characters, and then list them, use the
following command:
# find / -size +1000000c -exec ls -l {} ;
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 329/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 9. File systems administration 9-21
5.2
empty
Figure 9-17. Control growing files AN121.1
Notes:
Managing files that grow
Growing files should be monitored and cleaned out periodically. Some of the files that grow
are listed on the visual.
Records of login activity
The files /var/adm/wtmp, /etc/security/failedlogin, and /var/adm/sulog are neededbecause they contain historical data regarding login activity. Thus, these files should
always contain a few days of login activity. If accounting is turned on, /var/adm/wtmp iskept to a reasonable size. If accounting is not turned on, to capture the data to archive it,
use who -a on /var/adm/wtmp and /etc/security/failedlogin and redirect the output to asave file. Then, the log file can be purged by overwriting it with a null string. Two ways of
overwriting a log file in this way are illustrated in the following examples:
Example 1:
# cat /dev/null > /var/adm/wtmp
© Copyright IBM Corporation 2009
IBM Power Systems
Control growing files
• /var/adm/wtmp
• /etc/security/failedlogin
• /var/adm/sulog
• /var/spool/*/*• /var/tmp/*
• $HOME/smit*
• $HOME/websm*
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 330/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
9-22 AIX installation © Copyright IBM Corp. 2009
Example 2:
# > /etc/security/failedlogin
The file /var/adm/sulog can be edited directly.
The /var/spool directory
The directory / var / spool contains cron entries, the mail, and other items that grow on an
ongoing basis, along with printer files. If there is a problem with the printer files, you can tryto clear the queuing subsystem by executing the following commands:
stopsrc -s qdaemon
rm /var/spool/lpd/qdir/*
rm /var/spool/lpd/stat/*
rm /var/spool/qdaemon/*
startsrc -s qdaemon
Records of SMIT and Web-based System Manager activityFiles such as smit.log and websm.log in the home directory of the root user, and othersystem administration accounts, can also become quite large. These files need to be
monitored regularly and managed appropriately.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 331/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 9. File systems administration 9-23
5.2
empty
Figure 9-18. The skulker command AN121.1
Notes:
Function of the skulker command
The shell script /usr/sbin/skulker includes a series of entries containing commands that
remove unwanted or obsolete files of various types. To analyze the commands that areexecuted by each entry, print out or view the contents of the /usr/sbin/skulker file.
Concerns related to skulker
A particular version of skulker is suited to the operating system and level with which it was
distributed. If the operating system has been upgraded or modified, it may be inadvisable to
use an old version of skulker. In addition, the skulker shell script is moderately complex.
When making modifications, you should make a copy of the shell script first - just in case!
Note that if skulker is modified, or if it is used on the incorrect version of the operatingsystem, it ceases to be a supported component of AIX.
Note: The skulker is disabled by default.
© Copyright IBM Corporation 2009
IBM Power Systems
The skulker command
• The skulker command cleans up file systems by removing
unwanted or obsolete files.
• Candidate files include:
– Files older than a selected age
– Files in the /tmp, /var/spool, /var/tmp, /var/news directories
– a.out, *.bak, core, ed.hup files
•skulker is normally invoked daily by the cron command as
part of the crontab file of the root user. – Disabled by default
• Modify the skulker shell script to suit local needs for the
removal of files.
– Test carefully !!
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 332/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
9-24 AIX installation © Copyright IBM Corp. 2009
Figure 9-19. Block size considerations AN121.1
Notes:
Benefits of a small block size
In JFS, as many whole blocks as necessary are used to store a file or directory's data.
Consider that we have chosen to use a block size of 4 KB, and we are attempting to storefile data which only partially fills a block. Potentially, the amount of unused or wasted space
in the partially filled block can be quite high. For example, if only 500 bytes are stored inthis block, then 3596 bytes are wasted. However, if a smaller block size, say 512 bytes,
was used, the amount of wasted disk space would be greatly reduced - to only 12 bytes. It
is, therefore, better to use small block sizes, if efficient use of available disk space isrequired, in a filesystem which will consist of lots of small files.
Adverse effects of a small block size
Although small block sizes can be beneficial in reducing wasted disk space, they can havean adverse effect on disk I/O activity. For a 4 KB file, stored in a single block of 4 KB, only
one disk I/O operation would be required to either read or write the file. If the choice of theblock size was 512 bytes, a 4 KB file would only be allocated a 4 KB block if one were
available. If a single 4 KB block were not available, 512 byte blocks would be used, with a
© Copyright IBM Corporation 2009
IBM Power Systems
Block size considerations
• Default block size for a JFS2 filesystem is 4K – Possible values are: 512, 1024, 2048, 4096 bytes
• If a directory structure is to contain many small files, it isbeneficial to store them in a separate file system with a smallblock size. – Otherwise, the file system may fill up and still contain lots of free
space.
2000 bytes
4096 bytes
This free space cannotbe used by another file.
4096 bytes
These free blocks canbe used by other files.
1024 1024 1024 1024
2000 bytes
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 333/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 9. File systems administration 9-25
5.2
empty potential to allocate eight blocks for this file. For a read or write to complete, severaladditional disk I/O operations (disk seeks, data transfers, and allocation activity) would be
required. Therefore, for file systems which use a block size of 4 KB, the number of disk I/Ooperations are far less, than file systems which employ a smaller block size.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 334/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
9-26 AIX installation © Copyright IBM Corp. 2009
Figure 9-20. Fragmentation considerations AN121.1
Notes:
Irrespective of the block size, over time data can become fragmented on disk. The defragfs
command will attempt to increases a file system's contiguous free space by reorganizing
free block allocations to be contiguous, rather than scattered across the disk. The filesystem to be defragmented can be specified with the device variable, which can be the
path name of the logical volume (for example, /dev/hd4) or the name of the file system,which is the mount point in the /etc/filesystems file.
Another approach, is to backup and restore the data in a new file system or backup the
data, delete, recreate the file system and restore. This method is certainly cleaner, butrequires some element of downtime.
© Copyright IBM Corporation 2009
IBM Power Systems
Fragmentation considerations
• Over time, due to data relocation, extensions, reductions, anddeletions, contiguous free space can run out and data canbecome fragmented.
• There are three options to deal with this situation. – Try to increases a file system’s contiguous free space using the
defragfs command. – Backup, delete, recreate the file system and restore the data. – Create a new file system and migrate the data.
File system
FileA
Used block
Free block
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 335/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 9. File systems administration 9-27
5.2
empty
Figure 9-21. Verify and repair a file system AN121.1
Notes:
Always run the fsck command on file systems after a system malfunction. The internal
integrity of a file system should be checked before the file system is mounted. By default,
the fsck command runs interactively, prompting the administrator for the action to performin order to repair the file system. If orphaned files or directories (those that cannot be
reached) are found, fsck will attempt to store them file in the /lost+found directory.
For further information, see the fsck man page.
© Copyright IBM Corporation 2009
IBM Power Systems
Verify and repair a file system
• fsck command – Checks file system consistency and interactively repairs the file
system – If no file system name is specified, the fsck command checks all file
systems which have the check=true attribute set in the/etc/filesystems.
– Orphan files are placed in the lost+found directory.
• Unmount the file system before running fsck.
# fsck /data
The current volume is: /dev/fslv00Primary superblock is valid.
J2_LOGREDO:log redo processing for /dev/fslv00
Primary superblock is valid.
*** Phase 1 - Initial inode scan
*** Phase 2 - Process remaining directories
*** Phase 3 - Process remaining files
*** Phase 4 - Check and repair inode allocation map
*** Phase 5 - Check and repair block allocation map
File system is clean.
# fsck /data
The current volume is: /dev/fslv00
Primary superblock is valid.J2_LOGREDO:log redo processing for /dev/fslv00
Primary superblock is valid.
*** Phase 1 - Initial inode scan
*** Phase 2 - Process remaining directories
*** Phase 3 - Process remaining files
*** Phase 4 - Check and repair inode allocation map
*** Phase 5 - Check and repair block allocation map
File system is clean.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 336/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
9-28 AIX installation © Copyright IBM Corp. 2009
Figure 9-22. Documenting file system setup AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Documenting file system setup
• Run the lsfs command.
• Save the contents of the /etc/filesystems file.• Run the df command to check space allocation.
• Check all the mounted file systems by running the mountcommand.
File System Records
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 337/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 9. File systems administration 9-29
5.2
empty
Figure 9-23. System storage review AN121.1
Notes:
Difference between file system and simple directory
It is important to understand the difference between a file system and a directory . A file
system is a section of disk that has been allocated to contain files. This section of disk isthe logical volume. The section of disk is accessed by mounting the file system over a
directory. Once the file system is mounted, it looks like any other directory structure to theuser.
File systems on the visual
The directories on the right of the bottom portion of the visual are all file systems. These file
systems are all mounted on the directories /usr, /tmp, /var and /home. Notice thecorresponding logical volume in the graphic at the top of the visual.
Simple directories
The directories on the left of the bottom portion of the visual are strictly directories that
contain files and are part of the /(root) file system. There is no separate logical volumeassociated with these directories.
© Copyright IBM Corporation 2009
IBM Power Systems
System storage review
Logical Volume Structure
/usr
/(root)
Page Space
log
free
/blv
hd2
hd4
hd6
hd8
hd5
free
/usr
/tmp
/usr
Page Space
/var
hd2
hd3
hd2
hd61
hd9var
hd1
lv00
lv00
free
/home
/home
free
special DB
special DB
free
/home
/home
free
special DB
special DB
hdisk0 hdisk1 hdisk2 hdisk3
rootvg datavgFile Systems
/bin /dev /etc /lib /usr /tmp /var /home
Directories File Systems
/(root)
File System
hd1
lv00
lv00
hd1 hd1
Logical volume storage
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 338/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
9-30 AIX installation © Copyright IBM Corp. 2009
Figure 9-24. Checkpoint (1 of 2) AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Checkpoint (1 of 2)
1. What command will display the i-node information for
a file? ____________
2. Does the size of the file system change when the sizeof the logical volume it is on is increased? ________
3. If you remove a file system, is the logical volume onwhich it sits removed as well? ___________
4. When a file system is created, what needs to be donein order to make it available for use? _____________
5. What size should an external JFS log be set to? ___________
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 339/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 9. File systems administration 9-31
5.2
empty
Figure 9-25. Checkpoint (2 of 2) AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Checkpoint (2 of 2)
6. A file system is 2 GB. How would you do the following?
Add 1 GB _____________________________ Set the size to 5 GB ______________________
7. What command can you use to determine if a filesystem is full? __________
8. What command can produce a report listing the size inMB, of all the files and directories contained in a
specific location? ____________
9. What command checks and interactively repairsinconsistent file systems? ______________
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 340/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
9-32 AIX installation © Copyright IBM Corp. 2009
Figure 9-26. Exercise 9 AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Exercise 9
File systemadministration
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 341/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 9. File systems administration 9-33
5.2
empty
Figure 9-27. Unit summary AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Unit summary
Having completed this unit, you should be able to:
• Identify the components of an AIX file system• Work with enhanced Journaled file systems
– Add, list, change, and delete
• Monitor file system disk space usage• Manage file system growth and control growing files
• Implement basic file system integrity checks
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 342/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
9-34 AIX installation © Copyright IBM Corp. 2009
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 343/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 10. Paging space 10-1
5.2
empty Unit 10.Paging space
What this unit is about
This unit presents the key concepts related to paging space.
What you should be able to do
After completing this unit, you should be able to:
• Define paging space
• Understand why it is required, sizing, and placement guidelines • Add, change, and remove paging space
• List and monitor the paging space utilization
• Perform corrective actions to rectify too little or too much paging
space scenarios
How you will check your progress
Accountability:
• Checkpoint questions
• Exercise
References
Online AIX Version 6.1 Operating system and device
management
Note: References listed as “Online” above are available at the
following address:
http://publib.boulder.ibm.com/infocenter/systems/index.jsp
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 344/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
10-2 AIX installation © Copyright IBM Corp. 2009
Figure 10-1. Unit objectives AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Unit objectives
After completing this unit, you should be able to:• Define paging space• Understand why it is required, sizing, and placement
guidelines• Add, change, and remove paging space• List and monitor the paging space utilization• Perform corrective actions to rectify too little or too much
paging space scenarios
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 345/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 10. Paging space 10-3
5.2
empty
Figure 10-2. What is paging space? AN121.1
Notes:
Use of paging space
The LVM allows a program to use a logical volume as if it was a physical disk, whilehiding the actual location of the physical partitions, thus allowing flexibility. In the same
way, Virtual Memory Management (VMM) allows a program to see its memory usage asvirtual memory, while hiding the real location of that memory. The unit of virtual memory
allocation is a page frame. For performance reasons, we would like that real location to
be in real memory. Sometimes, the total virtual memory of all the programs in thesystem, exceeds the amount of real memory. In that situation, AIX VMM frees upmemory by selecting under utilized memory (the program really has not used it recently)
and making it available to programs that will make active use of it. In that case, it needsto save the old memory contents. If the memory was being used for file caching, VMM
can just page it out to the related file. If is was just a work area for the program, it pagesit out to a special logical volume called paging space. In both cases, the real location of
that virtual memory is on disk. If a program later requests the paged out memory, itneeds to be paged in again.
© Copyright IBM Corporation 2009
IBM Power Systems
What is paging space?
Real Memory (RAM)
Made up of Page Frames
Paging Space
Virtual Memory
Memory usage
Operating System TCP/IP Applications FREE
Active
Inactive, paged out
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 346/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
10-4 AIX installation © Copyright IBM Corp. 2009
Paging space is not a substitute for sufficient real memory. A persistent shortage of realmemory can result in so much paging space page-in and page-out activity, that is will
severely impact the performance of that system. For more information about memoryand paging performance issue, attend the AIX Performance Management course.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 347/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 10. Paging space 10-5
5.2
empty
Figure 10-3. Paging space AN121.1
Notes:
A secondary storage area
Paging space is disk storage for information that is resident in virtual memory, but is notcurrently being accessed. As memory fills, inactive pages are moved to the paging
space on disk.
A temporary holding area for inactive pages
It is very important to remember that paging is a temporary holding area for inactivepages; it is not a substitute for real memory. If your machine has many active
processes, it requires more real memory. You must ensure the machine has enoughmemory to maintain all the active processes. If you run out of memory, your machine
reaches a constant state of paging called thrashing . As it attempts to make room inmemory, it completes a page-out; as soon as the page reaches the disk, it is needed
again because it is still active. Your machine's resources are wasted performing only
paging activity, and no real work gets done.
© Copyright IBM Corporation 2009
IBM Power Systems
Paging space
• Is a secondary storage area for:
– Inactive memory – Over-committed memory
• Holds inactive pages on disk
– Page size historically has been 4KB in size.
– Power5+ and Power6, AIX will dynamically allocate either small(4KB) or medium (64KB) page frames.
• Is not a substitute for real memory
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 348/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
10-6 AIX installation © Copyright IBM Corp. 2009
Thrashing indicates a need for additional memory
Increasing the amount of paging space when your machine is thrashing does not solve
the problem. Thrashing is a result of not enough real memory.
High performance environments
On Power4 (or later) environments, page size can be set to large enabled (16MB). Thisis done through the vmo command, as follows:
# vmo -r -o lgpg_regions=10 -o lgpg_size=16777216
On Power5+ (or later), page size can be set to huge enabled (16GB). This is done on
the HMC through manage system properties.
16MB and 16GB page frames are never paged out to disk. Even if totally unused, theyremain in memory. They are mainly used in High Performance Computing (HPC)
environments.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 349/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 10. Paging space 10-7
5.2
empty
Figure 10-4. Sizing paging space AN121.1
Notes:
Creation of paging space
Paging space is created during AIX installation.
The initial size is dependent on various factors, particularly the amount of RAM in yoursystem. Currently, the initial paging space size is determined according to the following
standards:
• Paging space can use no less than 16 MB, except for hd6, which can use no less than64 MB in AIX V4.3 and later versions.
• Paging space can use no more than 20% of total disk space.
• If RAM is greater than or equal to 256 MB, paging space is 512 MB.
• If RAM is less than 256 MB, paging space is twice the size of RAM.
© Copyright IBM Corporation 2009
IBM Power Systems
Sizing paging space
• hd6 is created at installation time.
– The recommended paging space formula is long standing, but it willlikely result in having more space than is needed.
• Total paging space = 512 MB + (memory size - 256 MB) * 1.25
• However, the amount needed is dependent on applicationsand system usage.
• Paging space should be continually monitored, using:
– # lsps –a or # lsps –s or # svmon
• Running low on paging space is bad.
– New processes will not start and the system may start killingprocesses.
• Paging space can be dynamically increased or decreased insize.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 350/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
10-8 AIX installation © Copyright IBM Corp. 2009
Adjusting the amount of paging space
The initial size of paging space is just a starting point. This is not necessarily the
amount of the paging space that is right for your machine. The number and types ofapplications dictates the amount of paging space needed. Many sizing rules of thumb
have been published, but the only way to correctly size your machine's paging space isto monitor the utilization of your paging space.
Monitoring paging space
Monitoring the utilization of the paging space is done with the command lsps -a. This
command and its output are covered shortly.
Results of low paging space
If your system runs low on paging space, a message is sent to the console andsometimes to users as well. At this point, the system is unable to start until memory is
freed up, either by having processes explicitly free and release allocated memory or byterminating processes (thus automatically freeing memory associated with those
processes). This situation should obviously be avoided. A low paging space conditionmay be indicated by the appearance of one or more of the following messages on the
console, or in response to a command on any terminal:
"INIT: Paging space is low"
"ksh: cannot fork no swap space"
"Not enough memory"
"Fork function failed"
"fork () system call failed"
"unable to fork, too many processes"
"Fork failure - not enough memory available"
"Fork function not allowed. Not enough memory available."
"Cannot fork: Not enough space"
The situation can get worse. If paging space continues to fill, non-system processes areterminated, and the system may even crash. Ensure you have enough paging space.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 351/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 10. Paging space 10-9
5.2
empty The vmo command manages VMM tunable parameters. One parameter which may beof interest is nokilluid. The parameter accepts an integer, which by default is 0 (off).
For example, if the value is set to 1, this will result in processes for user IDs lower thanthis value (in this case, root) becoming exempt from getting killed due to low
page-space conditions.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 352/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
10-10 AIX installation © Copyright IBM Corp. 2009
Figure 10-5. Paging space placement AN121.1
Notes:
Introduction
Placement and size of your paging space does impact its performance. The followingmaterial contains tips regarding placement and size of paging areas.
Configure only one paging space per disk
Do not have more that one paging space per disk. The paging space is allocated in around-robin manner, and uses all paging areas equally. If you have two paging areas onone disk, then you are no longer spreading the activity across several disks.
Use disks with low levels of activity
Paging space performs best when it is not competing with other activity on the disk. Usedisks that do not have much activity.
© Copyright IBM Corporation 2009
IBM Power Systems
Paging space placement
• Placement guidelines:
– Paging spaces roughly the same size – Only one paging space per physical disk
– Use disks with the least activity.
– Do not extend “a paging space” over multiple physical volumes.
– Place on SAN disks for better performance.
hd6 paging00 paging01
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 353/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 10. Paging space 10-11
5.2
empty Create paging spaces of roughly the same size
Paging spaces should be roughly the same size. Because of the round-robin technique
that is used, if they are not the same size, then the paging space usage is not balanced.Smaller paging areas fill faster.
Do not span multiple physical volumesDo not extend a paging space to span multiple physical volumes. Although you can
spread a paging area (like a regular logical volume) across several disk, the round-robintechnique treats the paging area as a single paging area. Therefore, the activity is not
evenly spread across the disks.
Use SAN disks and fibre channel controllers
Using SAN disks generally results in better throughput when reading and writing to thedisk. SAN controllers have large cache which will store the frames, when paged-out, to
disk. If the page frames are required to be paged back-in, and the data is still in cache,the system will not have to read from disk, improving performance. However, we do
have to balance this with the exposure that we may lose connection to the SAN storage.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 354/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
10-12 AIX installation © Copyright IBM Corp. 2009
Figure 10-6. Checking paging space AN121.1
Notes:
The lsps command
The lsps command lists detailed information regarding the paging spaces on thesystem, including whether they are in use at the time and, if so, what percentage of their
total space is allocated.
Another useful option available with the lsps command, is the -s option, whichspecifies the summary characteristics of all paging spaces. The information consists of
the total size of the paging spaces (in MB) and the percentage of paging spacescurrently used.
The paging space created during system installation, is named hd6. Paging spaces
created by the system administrator after system installation, are named paging00,
paging01, and so on.
© Copyright IBM Corporation 2009
IBM Power Systems
Checking paging space
# lsps -a
Page Space Physical Volume Volume Group Size %Used Active Auto Type
hd6 hdisk0 rootvg 512MB 13 yes yes lv
# lsps –sTotal Paging Space Percent Used
512MB 13%
# lsps -a
Page Space Physical Volume Volume Group Size %Used Active Auto Type
hd6 hdisk0 rootvg 512MB 13 yes yes lv
# lsps –sTotal Paging Space Percent Used
512MB 13%
# svmon
size inuse free pin virtual
memory 524288 487242 37046 413337 466371
pg space 131072 17223
...
PageSize PoolSize inuse pgsp pin virtuals 4 KB - 437354 2087 375289 400643
m 64 KB - 3118 946 2378 4108
# svmon
size inuse free pin virtual
memory 524288 487242 37046 413337 466371
pg space 131072 17223
...
PageSize PoolSize inuse pgsp pin virtual
s 4 KB - 437354 2087 375289 400643
m 64 KB - 3118 946 2378 4108
Paging Space Usage = (4KB * 2087) + (64KB * 946) = 68892 KB
Paging Space % Usage = (4KB * 17223) / (4KB * 131072) * 100
= 13.1%
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 355/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 10. Paging space 10-13
5.2
empty svmon is an advanced command which captures and analyzes the current snapshot ofvirtual memory. It is the only system command which shows the breakdown of page
frame sizes.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 356/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
10-14 AIX installation © Copyright IBM Corp. 2009
Figure 10-7. Adding paging space AN121.1
Notes:
Ways of adding extra paging space
To add extra paging space volumes to the system, you can use SMIT (as illustrated onthe visual), the mkps command, or the Web-based System Manager.
Using the mkps command
When using themkps
command, the syntax and options are:mkps [-a] [-n] [-t Type ] -s NumLPs Vgname [Pvname ]
Vgname The volume group within which to create the paging space
Pvname Specifies the physical volume of the volume group
-s NumLPs Sets the size of the new paging space in logical partitions
-a Activate the paging space at the next restart (adds it to
/etc/swapspaces)
© Copyright IBM Corporation 2009
IBM Power Systems
Adding paging space
# smit mkps
Add Another Paging Space
Type or select values in entry fields.
Press Enter AFTER making all desired changes.
[Entry Fields]
Volume group name rootvg
SIZE of paging space (in logical partitions) [10] #
PHYSICAL VOLUME name hdisk1 +
Start using this paging space NOW? yes +
Use this paging space each time the system is yes +
RESTARTED?
Add Another Paging Space
Type or select values in entry fields.
Press Enter AFTER making all desired changes.
[Entry Fields]
Volume group name rootvg
SIZE of paging space (in logical partitions) [10] #
PHYSICAL VOLUME name hdisk1 +
Start using this paging space NOW? yes +
Use this paging space each time the system is yes +
RESTARTED?
mkps –s 10 -n -a rootvg hdisk1
# lsps -a
Page Space PV VG Size %Used Active Auto Type
paging00 hdisk1 rootvg 640MB 1 yes yes lv
hd6 hdisk0 rootvg 512MB 16 yes yes lv
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 357/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 10. Paging space 10-15
5.2
empty -n Activate the paging space immediately.
-t Type Specifies the type of paging space (lv or nfs)
When a paging space is created, the /etc/swapspaces file is also updated, if needed.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 358/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
10-16 AIX installation © Copyright IBM Corp. 2009
Figure 10-8. Change paging space AN121.1
Notes:
Characteristics that can be changed
A paging space may have its size increased or decreased and may have its autostartoptions changed while it is in use (this updates /etc/swapspaces).
These changes can be made through SMIT (as illustrated on the visual) or by using the
chps command.
Decreasing paging space
The ability to dynamically decrease paging space was introduced in AIX 5L V5.1. Theargument -d to the chps command calls the shrinkps shell script to reduce the size of
an active paging space. The use of a shell script reduces the possibility of getting intoan unbootable state because users are not allowed to run out of paging space. The
script checks paging space actually in use and adds a paging space warning thresholdbuffer. The SMIT fastpath is smit chps.
© Copyright IBM Corporation 2009
IBM Power Systems
Change paging space
# smit chps
Change / Show Characteristics of a Paging Space
Type or select values in entry fields.
Press Enter AFTER making all desired changes.
[Entry Fields]
Paging space name paging00
Volume group name rootvg
Physical volume name hdisk1
NUMBER of additional logical partitions [] #
Or NUMBER of logical partitions to remove [5] #
Use this paging space each time the system is yes +
RESTARTED?
Change / Show Characteristics of a Paging Space
Type or select values in entry fields.
Press Enter AFTER making all desired changes.
[Entry Fields]
Paging space name paging00
Volume group name rootvg
Physical volume name hdisk1
NUMBER of additional logical partitions [] #
Or NUMBER of logical partitions to remove [5] #
Use this paging space each time the system is yes +
RESTARTED?
chps –d 5 paging00
# lsps -a
Page Space PV VG Size %Used Active Auto Type
paging00 hdisk1 rootvg 320MB 1 yes yes lv
hd6 hdisk0 rootvg 512MB 16 yes yes lv
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 359/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 10. Paging space 10-17
5.2
empty The process chps decreases an active paging space as follows:
The primary paging space (usually hd6) cannot be decreased below 32 MB.
When you reduce the primary paging space, a temporary boot image and a temporary
/sbin/rc.boot pointing to this temporary primary paging space are created to ensure the
system is always in a state where it can be safely rebooted.
Activating paging space
Inactive paging spaces may be activated dynamically once they have been defined. Todo this enter: swapon /dev/pagingnn
Note: This operation is supported through SMIT as well, fastpath pgsp. Alternatively,use: swapon -a to activate all paging spaces defined in /etc/swapspaces. This
command is run in /etc/rc at system startup.
Examples of chps command use
The following examples illustrate use of the chps command:
• Example 1: Delete one logical partition from the paging00 paging space.
# chps -d 1 paging00
• Example 2: Add one logical partition to the paging00 paging space.
# chps -s 1 paging00
Refer to the entry for chps in the online AIX 6.1 Commands Reference (or the
corresponding man page) for more information regarding the chps command.
Step Action
1Create a new, temporary space from the same volume group as the
one being reduced.
2 Deactivate the original paging space.3 Reduce the original paging space.
4 Reactivate the original paging space.
5 Deactivate the temporary space.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 360/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
10-18 AIX installation © Copyright IBM Corp. 2009
Figure 10-9. Remove paging space AN121.1
Notes:
Deletion of surplus paging space
As we have discussed, paging space can be added to the system, if necessary.Similarly, surplus paging space can be deleted to free up the disk space for other logical
volumes.
Deactivation of paging space
Inactive paging space can be activated dynamically to meet system demand. In order todelete paging space, it must be inactive (that is, not used by the kernel.) Beginning with
AIX 5L V5.1, active paging spaces can be deactivated while the system is running usingthe swapoff command or with the SMIT fastpath swapoff.
© Copyright IBM Corporation 2009
IBM Power Systems
Removing paging space
# smit chps
Remove a Paging Space
Type or select values in entry fields.
Press Enter AFTER making all desired changes.
[Entry Fields]
PAGING SPACE name paging00 +
Remove a Paging Space
Type or select values in entry fields.
Press Enter AFTER making all desired changes.
[Entry Fields]
PAGING SPACE name paging00 +
swapoff /dev/paging00
# lsps -a
Page Space PV VG Size %Used Active Auto Type
hd6 hdisk0 rootvg 512MB 16 yes yes lv
• First, deactivate the paging space.
• Remove the paging space. rmps /dev/paging00
# smit rmps
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 361/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 10. Paging space 10-19
5.2
empty Reasons the swapoff command may fail
The swapoff command may fail due to:
• Paging size constraints: The process to remove an active paging space is to move all
the pages of the paging space being removed to another paging space. If there is notenough active paging space to do this, the command fails.
• I/O errors.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 362/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
10-20 AIX installation © Copyright IBM Corp. 2009
Figure 10-10. Problems with paging space AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Problems with paging space
• Monitor the system carefully – If paging space is running low or gets to 100% full, the system will
panic. Errors will be seen on the console, such as INIT: Paging spaceis low!
– The kernel will randomly start to kill processes.• UNIX version 7 manual, quote: “Absolute mayhem guaranteed”
• Paging space too small: – Dynamically increase the size by allocating more partitions.
OR – Add an additional paging space definition to another physical disk.
• Paging space too large: – Dynamically decrease the size by deallocating partitions.
OR – Remove a paging space definition.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 363/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 10. Paging space 10-21
5.2
empty
Figure 10-11. Documenting paging space setup AN121.1
Notes:
Running lsps
Run lsps to monitor paging space activity. Keep good documentation so that you knowwhat is normal for that system.
The /etc/swapspaces file
The file /etc/swapspaces contains a list of the paging space areas that are activated atsystem startup.
Keep a copy of /etc/swapspaces so that you know what paging spaces are defined tostart at boot.
© Copyright IBM Corporation 2009
IBM Power Systems
Documenting paging space setup
• Run the lsps command.
• Have a hardcopy of the /etc/swapspaces file.
* /etc/swapspaces
*
* This file lists all the paging spaces that are automatically put into
* service on each system restart ('swapon -a‘)*
* WARNING: Only paging space devices should be listed here.
*
* This file is modified by the chps, mkps and rmps commands and
referenced by the lsps and swapon commands.
hd6:
dev = /dev/hd6
auto = yes
paging00:
dev = /dev/paging00
auto = yes
* /etc/swapspaces
*
* This file lists all the paging spaces that are automatically put into
* service on each system restart ('swapon -a‘)*
* WARNING: Only paging space devices should be listed here.
*
* This file is modified by the chps, mkps and rmps commands and
referenced by the lsps and swapon commands.
hd6:
dev = /dev/hd6
auto = yes
paging00:
dev = /dev/paging00
auto = yes
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 364/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
10-22 AIX installation © Copyright IBM Corp. 2009
Figure 10-12. Checkpoint AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Checkpoint
1. What conclusions regarding potential paging space problemscan you reach based on the following listing?
_______________________________________________ _______________________________________________ _______________________________________________
_______________________________________________ _______________________________________________ _______________________________________________
2. True or False: The size of paging00 (in the above example) canbe dynamically decreased.
Page Physical Volume Size %Used Active Auto Type chksum
Space Volume Group
hd6 hdisk0 rootvg 640 MB 43% yes yes lv 0
paging00 hdisk1 rootvg 640 MB 7% yes yes lv 0
paging01 hdisk1 rootvg 160 MB 89% yes yes lv 0
Page Physical Volume Size %Used Active Auto Type chksum
Space Volume Group
hd6 hdisk0 rootvg 640 MB 43% yes yes lv 0
paging00 hdisk1 rootvg 640 MB 7% yes yes lv 0
paging01 hdisk1 rootvg 160 MB 89% yes yes lv 0
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 365/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 10. Paging space 10-23
5.2
empty
Figure 10-13. Exercise 10 AN121.1
Notes:
This lab allows you to add, decrease, monitor, and remove paging space.
© Copyright IBM Corporation 2009
IBM Power Systems
Exercise 10
Pagingspace
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 366/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
10-24 AIX installation © Copyright IBM Corp. 2009
Figure 10-14. Unit summary AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Unit summary
Having completed this unit, you should be able to:• Define paging space• Understand why it is required, sizing, and placement
guidelines• Add, change, and remove paging space• List and monitor the paging space utilization• Perform corrective actions to rectify too little or too
much paging space scenarios
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 367/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 11. Backup and restore 11-1
5.2
empty Unit 11. Backup and restore
What this unit is about
This unit covers how to back up and restore volume groups and file
systems using the facilities built into the AIX operating system.
What you should be able to do
After completing this unit, you should be able to:
• Explain how to back up the operating system
• Create and restore a mksysb image
• Explain and understand the role of both the image.data andbosinst.data files
• Back up and restore a custom volume group
• Use standard UNIX and AIX backup, restore, and compression
utilities
How you will check your progress
Accountability:
• Checkpoint questions
• Exercise
References
Online AIX Version 6.1 Operating system and device
management
AIX Version 6.1 Installation and migration
Note: References listed as “Online” above are available at thefollowing address:
http://publib.boulder.ibm.com/infocenter/systems/index.jsp
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 368/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
11-2 AIX installation © Copyright IBM Corp. 2009
Figure 11-1. Unit objectives AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Unit objectives
After completing this unit, you should be able to:
• Explain how to back up the Operating System• Create and restore a mksysb image• Explain and understand the role of both the image.data and
bosinst.data files• Back up and restore a custom volume group• Use standard UNIX and AIX backup, restore, and compression
utilities
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 369/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 11. Backup and restore 11-3
5.2
empty
Figure 11-2. Backup introduction AN121.1
Notes:
Why back up your data?
The data on a computer is usually far more important and expensive to replace than the
machine itself. Data loss can happen in many ways. The most common causes arehardware failure and accidental deletion. AIX provides several ways in which we can
back up and restore data.
• Volume group backup: AIX provides a mksysb utility which creates a back upimage of the operating system (that is, the root volume group) and the savevg
utility to backup user defined volume groups. It is very important that regularmksysb backups are created as they allow us to reinstall a system to its original
state if it has been corrupted. If you create the backup on external media, forexample tape, the media is bootable and includes the installation programs
needed to install from the backup.
• Full backup: A full backup (sometimes referred to as level 0 backup) will backup all files and directories in the specified location. AIX provides the backup
© Copyright IBM Corporation 2009
IBM Power Systems
Backup introduction
• Why back up? – Data is very important, it is expensive to re-create. – Hardware failure – Accidental deletion – Damage due to software installation or hardware repair – Create a system image for installation cloning – Long term archive – Disaster recovery
• Types of backup:
– Volume group• mksysb utility which records an image backup of the operating system• savevg utility which performs a full backup of a user-created VG
– Full• Backs up all specified data
– Incremental• Records changes since previous backups
Generally handled byenterprise backupmgnt solutions, for
example TSM
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 370/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
11-4 AIX installation © Copyright IBM Corp. 2009
command and several standard UNIX utilities for performing a full backup suchas tar, cpio and pax.
• Incremental backup: An incremental backup, backs up all the files which have
changed since the last full or incremental backup. The backup command on AIXis capable of providing this functionality.
AIX (and Unix) systems are often deployed in high performance, fault tolerant, 24x7
mission critical environments. As a result of this, often enterprise backup solutions aredeployed, like IBM Tivoli Storage Manager (TSM) for System Backup and Recovery
(Sysback). TSM for Sysback is designed to provide centralized, automated dataprotection that can help reduce the risks associated with data loss while also helping to
reduce complexity, manage costs, and address compliance with regulatory dataretention requirements. TSM for Sysback is outside the scope of this class.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 371/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 11. Backup and restore 11-5
5.2
empty
Figure 11-3. System image backup AN121.1
Notes:
The mksysb utility provides the following functions:
• Saves the definition of the paging space
• Provides a non-interactive installation that gives information required at installation time
through a data file
• Saves the inter-disk and intra-disk policies for the logical volumes
• Saves map files for logical volumes, if requested by the user
• Provides the ability to shrink the file system and logical volume in a volume group atsystem installation or mksysb recovery time
• Saves the file system characteristics
• Allows the user to restore single or multiple files from a system image
The volume group image is saved in backup format.
© Copyright IBM Corporation 2009
IBM Power Systems
System image backup
• Backs up rootvg only using the mksysb command
• Unmounted file systems are not backed up
• If device selected is tape, bootable tape is created in backup
format
• Can be completed over a network to a NIM server
• Provides facilities for a non-interactive installation
• Saves system-created paging space definitions
• Saves LV policies and file system attributes
• There should be minimal user and application activity
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 372/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
11-6 AIX installation © Copyright IBM Corp. 2009
System backup or clone?
If the mksysb command is used for to backup the source system, it is considered a
system backup . However, if the intent of the backup is to provide a customized system
for use on other machines, the mksysb is considered a clone . Cloning meanspreserving either all or some of a system's customized information for use on a different
machine. During install, the default option is Enable System Backups to install
any system = Yes. This means that mksysb files are not system specific.Otherwise, if the mksysb by itself, is used to clone a machine or LPAR that is not ahardware clone, it may not work, as it cannot provide support for hardware devices
unique to the new machine or LPAR. For example, loading a mksysb image made froma physical machine will not install correctly on a virtual LPAR because they use different
AIX filesets. However, this is an easy problem to resolve. In addition to the mksysb,you also need to boot using the AIX installation media to provide the filesets needed by
the other machine or LPAR. If using a NIM server, a bosinst.data file must be definedwith the option INSTALL_DEVICES_AND_UPDATES = yes and the lppsource
allocated to the client machine, must also have all the possible device support.
Non-interactive installation
If a system backup is being made to install another system or to reinstall the existingsystem, a customer can predefine installation information so questions at installation
time are already answered. This keeps user interaction at the target node to aminimum. The system backup and BOS install, interact through several files. The
mksysb saves the data, used by the installation, through taking a snapshot of thecurrent system, and its customized state.
System backup components
The components provided as part of the system backup utility, are packaged in thebos.sysmgt.sysbr package.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 373/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 11. Backup and restore 11-7
5.2
empty
Figure 11-4. Creating a mksysb image AN121.1
Notes:
Introduction
The SMIT screen shown in the visual, Back Up the System, performs a a mksysb
operation and only backs up mounted file systems in rootvg.
Create MAP files?
This option generates a layout mapping of the logical-to-physical partitions for eachlogical volume in the volume group. This mapping is used to allocate the same
logical-to-physical partition mapping when the image is restored.
EXCLUDE files?
This option excludes the files and directories listed in the /etc/exclude.rootvg file fromthe system image backup.
List files as they are backed up?
Change the default to see each file listed as it is backed up. Otherwise, you see apercentage-completed progress message while the backup is created.
© Copyright IBM Corporation 2009
IBM Power Systems
Creating a mksysb image
• smit mksysb
• SMIT also provides facilities to do a system backup to CD andDVD, see smit sysbackup
Back Up the System
* Backup DEVICE or FILE [/backups/my_mksysb] +/
Create MAP files? no +
EXCLUDE files? no +
List files as they are backed up? no +
Verify readability if tape device? no +
Generate new /image.data file? yes +
EXPAND /tmp if needed? no +
Disable software packing of backup? no +
Backup extended attributes? yes +
(Leave blank to use a system default)
Location of existing mksysb image [] /
File system to use for temporary work space [] /
(If blank, /tmp will be used.)Back up encrypted files? yes +
Back up DMAPI filesystem files? No +
Back Up the System
* Backup DEVICE or FILE [/backups/my_mksysb] +/
Create MAP files? no +
EXCLUDE files? no +
List files as they are backed up? no +
Verify readability if tape device? no +
Generate new /image.data file? yes +
EXPAND /tmp if needed? no +
Disable software packing of backup? no +
Backup extended attributes? yes +
(Leave blank to use a system default)
Location of existing mksysb image [] /
File system to use for temporary work space [] /
(If blank, /tmp will be used.)
Back up encrypted files? yes +Back up DMAPI filesystem files? No +
/usr/bin/mksysb -i /backups/my_mksysb
Backup to tape, forexample /dev/rmt0 is
also popular
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 374/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
11-8 AIX installation © Copyright IBM Corp. 2009
Verify readability if tape device?
Verifies the file header of each file on the backup tape, and reports any read errors asthey occur.
Generate new /image.data file?
If you have already generated a new /image.data file and don't want a new file created,
change the default to no. The default value is yes (-i flag) on the command line.EXPAND /tmp if needed?
Choose yes if the /tmp file system can automatically expand if necessary during the
backup.
Disable software packing of backup?
The default is no, which means the files are packed before they are archived to tape.Files that cannot be compressed are placed in the archive as is. Restoring the archive
automatically unpacks the files packed by this option. If the tape drive you are usingprovides packing or compression, set this field to yes.
Backup extended attributes?
By default, the mksysb, savevg, and backup utilities save any extended attributes. Ifyou plan to restore to a back-level system which does not understand the format with
extended attributes, then this option allows you to override that default behavior.
Number of BLOCKS to write in a single output
This specifies the number of 512 bytes to write in a single output operation, referred toas the block size. If a number is not specified, the backup command uses a default
value appropriate for the physical device selected. Larger values result in larger
physical transfers to tape devices. The block size must be a multiple of the physicalblock size of the device being used.
Location of existing mksysb image
Specifies the full path name to the location of a previously-created mksysb image thatcan be used to create a bootable tape backup.
File system to be used for temporary work space
Specifies the full path name to the location of a directory or file system to be used astemporary space to create a bootable tape backup. The file system used must have at
least 100MB of available free disk space for the creation of the bootable image. If thisfield is left blank, the /tmp file system is used.
Back up encrypted files?
Specifies if encrypted files should be backed up. AIX 6.1 introduces the ability to
encrypt files on a per file basis without the need of third party tools.
Back up DMAPI file system files?
Specifies if DMAPI file system files are to be backed up.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 375/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 11. Backup and restore 11-9
5.2
empty
Figure 11-5. image.data file AN121.1
Notes:
The image.data file contains information describing the image installed during the BOS
installation process. This information includes the sizes, names, maps, and mount points of
logical volumes and file systems in the root volume group. The mkszfile commandgenerates the image.data file. It is not recommended that the user modify the file.
Changing the value of one field without correctly modifying any related fields, can result ina failed installation, and a corrupted backup image. The only exception to this
recommendation is the SHRINK field, which the user may modify to instruct the BOSinstallation routines to create the file systems as specified in the image.data file, or to
create the file systems only as large as is required to contain all the data in the file system.
The BOS installation process also takes input from the image.data file regarding defaults
for the machine being installed. Any default values in the image.data file will overridevalues obtained when the BOS installation queries the hardware topology and existing root
volume group. The image.data file resides in the / directory.
© Copyright IBM Corporation 2009
IBM Power Systems
image.data file
• The image.data file contains information describing the imageinstalled during the BOS installation process. This includes: – Sizes, names, maps, and mount points of logical volumes and file
systems in the root volume group
• It is a large file arranged in stanza format – Is not recommended that the user modify the file, apart from the shrink
field
• New image.data can be created during a mksysb operation orby calling the mkszfile command.image_data:
IMAGE_TYPE= bff
DATE_TIME= Mon 20 Oct 17:54:07 2008UNAME_INFO= AIX neo 1 6 00CBE2FE4C00
PRODUCT_TAPE= no
USERVG_LIST=
PLATFORM= chrp
OSLEVEL= 6.1.1.0
OSLEVEL_R= 6100-01
CPU_ID= 00CBE2FE4C00
LPAR_ID= 4
logical_volume_policy:
SHRINK= no
EXACT_FIT= no
image_data:
IMAGE_TYPE= bff
DATE_TIME= Mon 20 Oct 17:54:07 2008
UNAME_INFO= AIX neo 1 6 00CBE2FE4C00
PRODUCT_TAPE= no
USERVG_LIST=
PLATFORM= chrp
OSLEVEL= 6.1.1.0
OSLEVEL_R= 6100-01
CPU_ID= 00CBE2FE4C00
LPAR_ID= 4
logical_volume_policy:
SHRINK= no
EXACT_FIT= no
The SHINK field can be setto yes.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 376/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
11-10 AIX installation © Copyright IBM Corp. 2009
To create a mksysb backup image with a customized image.data file:
• Create a new image.data file: # mkszfile.
• Edit the image.data file as appropriate.
• Create mksysb with the customized image.data file: # mksysb /backup/my_mksysb.
This file is part of System Backup and BOS Install Utilities.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 377/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 11. Backup and restore 11-11
5.2
empty
Figure 11-6. bosinst.data file AN121.1
Notes:
/bosinst.data file
This file enables the administrator to specify the requirements at the target system and how
the user interacts with the target system. It provides flexibility by allowing unattendedinstallations. The system backup utilities simply copy the /bosinst.data into the second file
on the mksysb tape. If this file is not in the root directory, the
/usr/lpp/bosinst/bosinst.template is copied to the /bosinst.data.
Key fields (highlight in the visual):
• PROMPT: Will determine if the installation is to be prompted (yes) or non-prompted (no)
• INSTALL_DEVICES_AND_UPDATES: When installing a mksysb image to a system with a
different hardware configuration, boot from product media to get any missing devicedrivers installed. In addition, if the product media is a later level of AIX than the mksysb,
software in the mksysb image will be updated. To prevent either of these additionalinstallations from occurring, set this field to no. The default is yes.
© Copyright IBM Corporation 2009
IBM Power Systems
bosinst.data file
• Defines defaults for variables controlling an installation• Can be used to created non-prompted installations• Key options below, for a full description see:
– /usr/lpp/bosinst/bosinst.template.README
control_flow:
CONSOLE = Default
INSTALL_METHOD = overwrite
PROMPT = no
EXISTING_SYSTEM_OVERWRITE = yes
INSTALL_X_IF_ADAPTER = no
RUN_STARTUP = yes
RM_INST_ROOTS = no
ERROR_EXIT =
CUSTOMIZATION_FILE = SCREEN
TCB = no
INSTALL_TYPE =
BUNDLES =
SWITCH_TO_PRODUCT_TAPE =
RECOVER_DEVICES = no
BOSINST_DEBUG = no
ACCEPT_LICENSES =
DESKTOP = CDE
INSTALL_DEVICES_AND_UPDATES = yes
IMPORT_USER_VGS =
ENABLE_64BIT_KERNEL = Default
CREATE_JFS2_FS = yes
ALL_DEVICES_KERNELS = no
ALT_DISK_INSTALL_BUNDLE = no
control_flow:
CONSOLE = Default
INSTALL_METHOD = overwrite
PROMPT = no
EXISTING_SYSTEM_OVERWRITE = yes
INSTALL_X_IF_ADAPTER = no
RUN_STARTUP = yes
RM_INST_ROOTS = no
ERROR_EXIT =
CUSTOMIZATION_FILE = SCREEN
TCB = no
INSTALL_TYPE =
BUNDLES =SWITCH_TO_PRODUCT_TAPE =
RECOVER_DEVICES = no
BOSINST_DEBUG = no
ACCEPT_LICENSES =
DESKTOP = CDE
INSTALL_DEVICES_AND_UPDATES = yes
IMPORT_USER_VGS =
ENABLE_64BIT_KERNEL = Default
CREATE_JFS2_FS = yes
ALL_DEVICES_KERNELS = no
ALT_DISK_INSTALL_BUNDLE = no
GRAPHICS_BUNDLE = yes
MOZILLA_BUNDLE = no
KERBEROS_5_BUNDLE = no
SERVER_BUNDLE = yes
ALT_DISK_INSTALL_BUNDLE = no
locale:
BOSINST_LANG = en_US
CULTURAL_CONVENTION = en_GB
MESSAGES = en_US
KEYBOARD = en_GB
target_disk_data:
PVID =
PHYSICAL_LOCATION =
CONNECTION =
LOCATION =
SIZE_MB =
HDISKNAME = hdisk0
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 378/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
11-12 AIX installation © Copyright IBM Corp. 2009
• INSTALL_METHOD: Specifies a method of installation: migrate, preserve,erase_only, or overwrite
• CREATE_JFS2_FS: Specifies whether you want to create enhanced journaled file
systems. The choices are yes and no
• ALL_DEVICES_KERNELS: Specifies whether to install all device and kernel filesetsThe choices are yes and no. If you select no, your system will be installed with the
devices and kernel specific to your system configuration. If you select yes, when youcreate a system backup of your system, you can use that system backup to install any
system.
• LOCALE STANZA: Will determine:
- The language to use during installation
- Primary cultural convention to use after reboot
- Primary message catalogs to use after reboot
- Keyboard map to use after reboot
• TARGET DISK STANZA: Will determine where to create the root volume group.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 379/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 11. Backup and restore 11-13
5.2
empty
Figure 11-7. mksysb tape image format AN121.1
Notes:
This visual shows the tape layout of a mksysb image.
BOS boot image
The BOS boot image contains a copy of the system's kernel and device drivers needed
to boot from the tape.
mkinsttape image
The mkinsttape image contains the following files:
• ./image.data holds the information needed to re-create the root volume groupand its logical volumes and file systems.
• ./bosinst.data contains the customizable installation procedures and dictateshow the BOS installation program behaves. This file allows for the
non-interactive installations.
• ./tapeblksz contains the block size setting of the tape drive used during thebackup. This applies to the files in the fourth section.
© Copyright IBM Corporation 2009
IBM Power Systems
mksysb tape image format
BOS Boot
image
mkinsttape
image
dummy
.toc
rootvg
backup image
Blocksize =
512Blocksize =
512
Blocksize =
512
Tape Drive
Blocksize
Kernel
Device Drivers
./image.data
./bosinst.data
./tapeblksz
Dummy TOC Backup
by name
• To list files in the backup image on a mksysb – tctl -f /dev/rmt0 rewind
– tctl -f /dev/rmt0.1 fsf 3
– restore -Tvf /dev/rmt0
• OR – restore -Tv –s4 -f /dev/rmt0
0 1 2 3
1st Section 2nd Section 3rd Section 4th Section
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 380/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
11-14 AIX installation © Copyright IBM Corp. 2009
Dummy TOC
The dummy TOC is used to make mksysb tapes have the same number of files as theBOS installation tapes.
rootvg backup image
The rootvg backup image contains all the data from the backup. This data is saved
using the backup command which is discussed shortlyListing and extracting files in a tape mksysb image
The tctl command can be used to rewind and fast forward the tape to the start of the
fourth section (third tape mark). Then, the restore command, as shown in the visual can beused to extract (-x) or list (-T) files on the tape. Alternatively, if the tape is already rewound,
then restore command can be used directly to extract files from the fourth section (-s4).
For further information regarding tape manipulation, see the tctl man page.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 381/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 11. Backup and restore 11-15
5.2
empty
Figure 11-8. Restoring a mksysb, from tape device (1 of 2) AN121.1
Notes:
Start a mksysb restoration
To restore a mksysb image from tape, boot the machine into SMS just as if you were
performing an installation. As shown previously in the installation unit, select the device toboot from (in this case tape). Then, insert the mksysb tape and start the machine or LPAR.
The machine boots from the tape and prompts you to define the console and select alanguage for installation. Once you have answered those questions, then the Installation
and Maintenance menu is presented.
You can also boot from installation media which presents the same screens. Just be sure toput the mksysb tape in the tape drive before answering the last question.
© Copyright IBM Corporation 2009
IBM Power Systems
Restoring a mksysb, from tape device (1 of 2)
• From the SMS Menu, boot the system from the tape device.• Restore mksysb image from the device, that is, tape
(/dev/rmt0), as follows:
Welcome to Base Operating System
Installation and Maintenance
1 Start Install Now With Default Settings
2 Change/Show Installation Settings and Install
>> 3 Start Maintenance Mode for System Recovery
4 Configure Network Disks (iSCSI)
Welcome to Base Operating System
Installation and Maintenance
1 Start Install Now With Default Settings
2 Change/Show Installation Settings and Install
>> 3 Start Maintenance Mode for System Recovery
4 Configure Network Disks (iSCSI)
1 Access A Root Volume Group
2 Copy a System Dump to Removable Media3 Access Advanced Maintenance Functions
4 Erase Disks
>> 6 Install from a System Backup
1 Access A Root Volume Group
2 Copy a System Dump to Removable Media
3 Access Advanced Maintenance Functions4 Erase Disks
>> 6 Install from a System Backup
Tape Drive Path Name
>> 1 tape/scsi/4mm/2GB /dev/rmt0
Tape Drive Path Name
>> 1 tape/scsi/4mm/2GB /dev/rmt0
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 382/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
11-16 AIX installation © Copyright IBM Corp. 2009
Figure 11-9. Restoring a mksysb, from tape device (2 of 2) AN121.1
Notes:
Changing installation settings
From the Installation and Maintenance menu, select option 2, Change/Show
Installation Settings and Install.
The options from the System Backup and Installation and Settings menu are:
• 1 Disk(s) where you want to install
- Select disks where you want to install.
• 2 Use Maps
- The option Use Maps lets you use the map file created (if you created one) during
the backup process of the mksysb tape. The default is no.
• 3 Shrink Filesystems
- The option Shrink Filesystems installs the file systems using the minimum requiredspace. The default is no. If yes, all file systems in rootvg are shrunk. So remember
© Copyright IBM Corporation 2009
IBM Power Systems
Restoring a mksysb, from tape device (2 of 2)
Welcome to Base Operating System
Installation and Maintenance
Type the number of your choice and press Enter. Choice is indicated by >>.1 Start Install Now With Default Settings
>> 2 Change/Show Installation Settings and Install
3 Start Maintenance Mode for System Recovery
4 Configure Network Disks (iSCSI)
5 Select Storage Adapters
Welcome to Base Operating System
Installation and Maintenance
Type the number of your choice and press Enter. Choice is indicated by >>.1 Start Install Now With Default Settings
>> 2 Change/Show Installation Settings and Install
3 Start Maintenance Mode for System Recovery
4 Configure Network Disks (iSCSI)
5 Select Storage Adapters
System Backup Installation and Settings
Type the number of your choice and press Enter.
1 Disk(s) where you want to install hdisk0
Use Maps No
2 Shrink Filesystems No
3 Import User Volume Groups No
4 Recover devices No0 Install with the settings listed above
System Backup Installation and Settings
Type the number of your choice and press Enter.
1 Disk(s) where you want to install hdisk0
Use Maps No
2 Shrink Filesystems No
3 Import User Volume Groups No
4 Recover devices No
0 Install with the settings listed above
Installing Base Operating System
Please wait...
Approximate Elapsed time
% tasks complete (in minutes)
3 0 Making logical volumes
Installing Base Operating System
Please wait...
Approximate Elapsed time
% tasks complete (in minutes)
3 0 Making logical volumes
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 383/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 11. Backup and restore 11-17
5.2
empty after the restore, evaluate the current file system sizes. You might need to increasetheir sizes.
• 0 Install with the settings listed above
- At the end, select option 0 which installs using the settings selected. Your mksysb
image is restored.
The system then reboots.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 384/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
11-18 AIX installation © Copyright IBM Corp. 2009
Figure 11-10. Restoring a mksysb, from a NIM server (1 of 2) AN121.1
Notes:
Firstly, the resources (mksysb image, bosinst.data, SPOT) have to be allocated to the
client on the NIM server and the NIM server must run a bosinst operation on your client
machine. This is covered in the NIM course, AU08G .
Secondly, boot the client into SMS mode and select option 2, Setup Remote IPL. This
option allows us to define the network parameters of the NIM server and client. Once theIPL details have been entered, press ESC to return to the main menu.
© Copyright IBM Corporation 2009
IBM Power Systems
Restoring a mksysb, from a NIM server (1 of 2)
• Restore a mksysb image from a NIM Server, using the SMSmenu. – Note: NIM server configuration is covered in the AU08G NIM course.
PowerPC Firmware
Version SF240_338
SMS 1.6 (c) Copyright IBM Corp. 2000,2005 All rights reserved.
-------------------------------------------------------------------------------
Main Menu
1. Select Language
2. Setup Remote IPL (Initial Program Load) #then select the adapter & IP Parameters
3. Change SCSI Settings
4. Select Console
5. Select Boot Options
PowerPC Firmware
Version SF240_338
SMS 1.6 (c) Copyright IBM Corp. 2000,2005 All rights reserved.
-------------------------------------------------------------------------------
Main Menu
1. Select Language
2. Setup Remote IPL (Initial Program Load) #then select the adapter & IP Parameters
3. Change SCSI Settings
4. Select Console
5. Select Boot Options
IP Parameters
Interpartition Logical LAN: U9113.550.65F2E7F-V9-C3-T1
1. Client IP Address [10.47.1.21]
2. Server IP Address [10.47.1.33]
3. Gateway IP Address [000.000.000.000]
4. Subnet Mask [255.255.0.0]
IP Parameters
Interpartition Logical LAN: U9113.550.65F2E7F-V9-C3-T1
1. Client IP Address [10.47.1.21]
2. Server IP Address [10.47.1.33]
3. Gateway IP Address [000.000.000.000]
4. Subnet Mask [255.255.0.0]
Enter client and NIMserver IP details.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 385/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 11. Backup and restore 11-19
5.2
empty
Figure 11-11. Restoring a mksysb, from NIM sever (2 of 2) AN121.1
Notes:
The visual shows the rest of the steps involved in completing the mksysb restore.
© Copyright IBM Corporation 2009
IBM Power Systems
Restoring a mksysb, from NIM sever (2 of 2)
BOOTP: chosen-network-type = ethernet,auto,none,auto
BOOTP: server IP = 10.47.1.33
BOOTP: requested filename =
BOOTP: client IP = 10.47.1.21
BOOTP: client HW addr = ea 48 f0 0 90 3
BOOTP: gateway IP = 0.0.0.0
BOOTP: device /vdevice/l-lan@30000003
BOOTP: loc-code U9113.550.65F2E7F-V9-C3-T1
BOOTP: chosen-network-type = ethernet,auto,none,auto
BOOTP: server IP = 10.47.1.33
BOOTP: requested filename =
BOOTP: client IP = 10.47.1.21
BOOTP: client HW addr = ea 48 f0 0 90 3
BOOTP: gateway IP = 0.0.0.0
BOOTP: device /vdevice/l-lan@30000003
BOOTP: loc-code U9113.550.65F2E7F-V9-C3-T1
BOOTP R = 1 BOOTP S = 2
FILE: /tftpboot/alex.lpar.co.uk
FINAL Packet Count = 27900
FINAL File Size = 14284288 bytes.
load-base=0x4000
real-base=0x2000000
Installing Base Operating System
Please wait...
Approximate Elapsed time
% tasks complete (in minutes)
3 0 Making logical volumes
Installing Base Operating System
Please wait...
Approximate Elapsed time
% tasks complete (in minutes)
3 0 Making logical volumes
Client issues a bootp requestto NIM master and downloads
the boot image via tftp
• Return to main menu, by selecting option “5 Boot Options”. Then, select:• 1. Select Install/Boot Device
• 6. Network -- followed by the network adapter to the boot from• 2. Normal Mode Boot• 1. Yes -- to exit System Management Services
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 386/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
11-20 AIX installation © Copyright IBM Corp. 2009
Figure 11-12. Creating a backup of a data volume group AN121.1
Notes:
To back up non-rootvg volume groups, use smit savevg or smit savevg. The parameters
are virtually identical to creating a mksysb image.
The savevg command finds and backs up all files belonging to a specified volume group.The volume group must be varied-on, and the file systems must be mounted. The savevg
command uses the data file created by the mkvgdata command. This data file can be oneof the following:
• / tmp/vgdata/vgname/<vgname >.data
Contains information about a user volume group. The <vgname> variable reflects the
name of the volume group. The savevg command uses this file to create a backupimage that can be used by the restvg command to remake the user volume group.
© Copyright IBM Corporation 2009
IBM Power Systems
Creating a backup of a data volume group
• smit savevg
• SMIT also provides facilities to do a VG backup to CD andDVD (smit vgbackup).
Back Up a Volume Group to Tape/File
* Backup DEVICE or FILE [/tmp/datavg_bk_svg] +/
* VOLUME GROUP to back up [datavg] +
List files as they are backed up? no +
Generate new vg.data file? yes +
Create MAP files? no +
EXCLUDE files? no +
EXPAND /tmp if needed? no +
Disable software packing of backup? no +
Backup extended attributes? yes +
Number of BLOCKS to write in a single output [] #
(Leave blank to use a system default)
Verify readability if tape device? no +
Back up Volume Group information files only? no +Back up encrypted files? yes +
Back up DMAPI filesystem files? no +
Back Up a Volume Group to Tape/File
* Backup DEVICE or FILE [/tmp/datavg_bk_svg] +/
* VOLUME GROUP to back up [datavg] +
List files as they are backed up? no +
Generate new vg.data file? yes +
Create MAP files? no +
EXCLUDE files? no +
EXPAND /tmp if needed? no +
Disable software packing of backup? no +
Backup extended attributes? yes +
Number of BLOCKS to write in a single output [] #
(Leave blank to use a system default)
Verify readability if tape device? no +
Back up Volume Group information files only? no +
Back up encrypted files? yes +Back up DMAPI filesystem files? no +
/usr/bin/savevg –f /tmp/datavg_bk_svg -i datavg
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 387/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 11. Backup and restore 11-21
5.2
empty
Figure 11-13. Restoring a backup of a data volume group AN121.1
Notes:
The visual show the process of restoring a non-rootvg volume group. Standard out from the
smit screen is shown below:
COMMAND STATUS
Command: OK stdout: yes stderr: no
Before command completion, additional instructions may appear
below.
Will create the Volume Group: datavg
Target Disks: hdisk1
Allocation Policy:
Shrink Filesystems: no
Preserve Physical Partitions for each Logical Volume: no
© Copyright IBM Corporation 2009
IBM Power Systems
Restoring a backup of a data volume group
• smit restvg
• Prior to restoring the VG – Unmount all file systems which are part of that VG. – Varyoff and export the volume group.
Remake a Volume Group
* Restore DEVICE or FILE [/tmp/datavg_bk_svg] +/
SHRINK the filesystems? no +
Recreate logical volumes and filesystems only? no +
PHYSICAL VOLUME names [] +
(Leave blank to use the PHYSICAL VOLUMES listed
in the vgname.data file in the backup image)
Use existing MAP files? yes +
Physical partition SIZE in megabytes [] +#
(Leave blank to have the SIZE determined
based on disk size)
Number of BLOCKS to read in a single input [] #
(Leave blank to use a system default)
Alternate vg.data file [] /
(Leave blank to use vg.data stored inbackup image)
Remake a Volume Group
* Restore DEVICE or FILE [/tmp/datavg_bk_svg] +/
SHRINK the filesystems? no +
Recreate logical volumes and filesystems only? no +
PHYSICAL VOLUME names [] +
(Leave blank to use the PHYSICAL VOLUMES listed
in the vgname.data file in the backup image)
Use existing MAP files? yes +
Physical partition SIZE in megabytes [] +#
(Leave blank to have the SIZE determined
based on disk size)
Number of BLOCKS to read in a single input [] #
(Leave blank to use a system default)
Alternate vg.data file [] /
(Leave blank to use vg.data stored in
backup image)
/usr/bin/restvg -q –f /tmp/datavg_bk_svg
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 388/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
11-22 AIX installation © Copyright IBM Corp. 2009
datavg
loglv01
fslv00
New volume on /tmp/datavf_bk_svg:
Cluster size is 51200 bytes (100 blocks).
The volume number is 1.
The backup date is: Mon 20 Oct 20:29:05 2008
Files are backed up by name.
The user is root.
x 11 ./tmp/vgdata/datavg/image.info
x 127 ./tmp/vgdata/vgdata.files598152
x 127 ./tmp/vgdata/vgdata.files
x 2444 ./tmp/vgdata/datavg/filesystems
x 2481 ./tmp/vgdata/datavg/datavg.data
x 340 ./tmp/vgdata/datavg/backup.data
x 0 ./data
x 0 ./data/lost+found
x 1024 ./data/file1
x 1024 ./data/file2
x 1024 ./data/file3
The total size is 5530 bytes.
The number of restored files is 11.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 389/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 11. Backup and restore 11-23
5.2
empty
Figure 11-14. Traditional UNIX and AIX backup commands AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Traditional UNIX and AIX backup commands
• AIX – Backup and restore
• Other popular backup, restore commands across UNIXplatforms: – tar – cpio – pax – dd
• Compression Utilities – Compress, restore using uncompress or zcat – gzip, restore using gunzip
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 390/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
11-24 AIX installation © Copyright IBM Corp. 2009
Figure 11-15. Backup by filename and restore AN121.1
Notes:
The backup command
The backup command is a useful command for making backups of AIX files and
directories. backup supports two different methods:
• Backup by filename
• Backup by inode (also call a file system backup)
When performing a backup by filename, the files must be in a mounted file system to be
backed up. Backup by inode, backs up file systems when they are unmounted.Note: Relative versus full filenames will impact the location of files on recovery!
Popular backup flags
-q: Media is ready
-i: Specifies that files be read from standard input and archived by file name.
-v: Verbose - display filenames during backup
© Copyright IBM Corporation 2009
IBM Power Systems
Backup by filename and restore
• File names are read from standard input
# cat listfile/home/aix/file1
/home/aix/file2
/home/aix/file3
# backup -iqvf /dev/rmt0 < listfile
# find /home/aix | backup -iqvf /dev/rmt0
# cd /home/aix
# find . | backup -iqvf /backup/aix.backup
# cat listfile/home/aix/file1
/home/aix/file2
/home/aix/file3
# backup -iqvf /dev/rmt0 < listfile
# find /home/aix | backup -iqvf /dev/rmt0
# cd /home/aix
# find . | backup -iqvf /backup/aix.backup
Absolute Paths
Relative Paths
# restore -Tvf /backup/aix.backup
# restore -xvf /backup/aix.backup
# restore -xvf /tmp/aix.backup ./file1
# restore -Tvf /backup/aix.backup
# restore -xvf /backup/aix.backup
# restore -xvf /tmp/aix.backup ./file1
List files
Extract (restore)files
Extract individualfile
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 391/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 11. Backup and restore 11-25
5.2
empty -f: device
Popular restore flags
-T: List files
-x: Extract files
For further information see the man pages.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 392/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
11-26 AIX installation © Copyright IBM Corp. 2009
Figure 11-16. Backup and restore by inode AN121.1
Notes:
Backup by inode is useful for performing full (level 0) and incremental backups of
filesystems. Backup by inode should only be completed when the filesystem is unmounted!
Note: The command will complete if the filesystem is in use, but the following warningmessage is displayed, “backup: 0511-251 The file system is still mounted; data may
not be consistent.”
Popular backup by inode flags
-u: update /etc/dumpdates will backup transaction history
-0-9: backup level, 0 is full, 1…9 represents incremental change since level n-1
-f: device
Popular restore by inode flags
-r: restore files
For further information see the man pages.
© Copyright IBM Corporation 2009
IBM Power Systems
Backup and restore by inode
• Only supported if filesystems are unmounted!
# backup -u -0 -f /tmp/databkup_21Oct_level0 /data
# backup -u -1 -f /tmp/databkup_21Oct_level1 /data
# cat /etc/dumpdates
/dev/rfslv00 1 Tue Oct 21 15:45:21 2008
/dev/rfslv00 0 Tue Oct 21 15:40:54 2008
# backup -u -0 -f /tmp/databkup_21Oct_level0 /data
# backup -u -1 -f /tmp/databkup_21Oct_level1 /data
# cat /etc/dumpdates
/dev/rfslv00 1 Tue Oct 21 15:45:21 2008
/dev/rfslv00 0 Tue Oct 21 15:40:54 2008 Incremental backup
Full backup
Backup history
# restore -rqvf /tmp/databkup_21Nov_level0
# restore -rqvf /tmp/databkup_21Nov_level1
# restore -rqvf /tmp/databkup_21Nov_level0
# restore -rqvf /tmp/databkup_21Nov_level1
Must restore first to the last level 0 thenfollowed by each incremental…
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 393/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 11. Backup and restore 11-27
5.2
empty When restoring file system archives, the restore command creates and uses a filenamed restoresymtable. This file is created in the current directory. The file is necessary
for the restore command to do incremental file system restores. Do not remove the
restoresymtable file if you perform incremental file system backups and restores.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 394/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
11-28 AIX installation © Copyright IBM Corp. 2009
Figure 11-17. tar command AN121.1
Notes:
The tar command archives and restores files. tar is most commonly used in tandem with
an external compression utility, since it has no built-in data compression facilities.
Here is a list of the commonly used options:
-c creates a tar backup.
-x extracts (restores) one or more files from a tar file.
-t reads the content of the tar file (verify the backup).
-v verbose output - displays files as they are backed up and restored.
-f identifies the file or device holding the tar image.-h follows symbolic links.
-u appends files to an existing archive.-p preserves file permissions, ignoring the present umask value.
-B forces a consistent blocking factor to help ensure this copy is made correctly.
The final .tar file is usually called a tarball.
© Copyright IBM Corporation 2009
IBM Power Systems
tar command
• tar is derived from tape ar chive – Create a tar backup (-c)
– List files in a tar backup (-t)
– Extract files from a tar backup (-x)
– Copying directories and files using tar
# tar –cvf /dev/rmt0 /home
# tar -cvf /backup/home.tar /home
# tar –cvf /dev/rmt0 /home
# tar -cvf /backup/home.tar /home
# tar –tvf /dev/rmt0# tar –tvf /dev/rmt0
# tar –xvf /dev/rmt0# tar –xvf /dev/rmt0
# cd /data
# tar –cf | (cd /data_backup && tar xBpf -)
# cd /data
# tar –cf | (cd /data_backup && tar xBpf -)
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 395/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 11. Backup and restore 11-29
5.2
empty
Figure 11-18. cpio command AN121.1
Notes:
cpio copies file archives in from, or out to tape, disk, or another location on the local
machine.
Here is a list of the commonly used options:
-o command reads file path names from standard input and copies these files tostandard output, along with path names and status information.
-i command reads from standard input an archive file created by the cpio -o
command and copies from it the files with names that match the Patternparameter.
-p copies files to another directory on the same system.
-d creates directories as needed.
-v verbose (print files)
© Copyright IBM Corporation 2009
IBM Power Systems
cpio command
• cpio is derived from copy in and out – Create a cpio backup (-o)
– List files in a cpio backup (-t)
– Extract files from a cpio backup (-i)
– Copy the contents of the current location to /mydir
# find /home | cpio –ov > /backup/home.bk# find /home | cpio –ov > /backup/home.bk
# cpio -itv < /backup/home.bk# cpio -itv < /backup/home.bk
# cpio –idv < /backup/home.bk# cpio –idv < /backup/home.bk
# find . -depth | cpio -pd /mydir# find . -depth | cpio -pd /mydir
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 396/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
11-30 AIX installation © Copyright IBM Corp. 2009
Figure 11-19. pax command AN121.1
Notes:
The pax command extracts, writes, and lists members of archive files; copies files and
directory hierarchies.
Rather than sort out the incompatible options that have crept up between tar and cpio,along with their implementations across various versions of UNIX, the IEEE designed a
new archive utility. Pax means “peace” in Latin, so the utility is named to create peacebetween the tar and cpio.
© Copyright IBM Corporation 2009
IBM Power Systems
pax command
• tar and cpio syntax differ slightly between UNIX platforms. – IEEE addressed this problem with ‘pax’, meaning peace in Latin.
– Create a pax backup of /home (-w)
– List files in a pax backup (-v)
– Extract files in a pax backup (-r)
# pax -wf /backup/home_pax.ar /home# pax -wf /backup/home_pax.ar /home
# pax -rvf /backup/home_pax.ar# pax -rvf /backup/home_pax.ar
# pax -v –f /backup/home_pax.ar# pax -v –f /backup/home_pax.ar
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 397/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 11. Backup and restore 11-31
5.2
empty
Figure 11-20. dd command AN121.1
Notes:
The dd command reads in standard input or the specified input file, converts it, and then
writes to standard out or the named output.
The common options are:
if= specifies the input file.
of= specifies the output file.
conv= designates the conversion to be done.
Copying specific blocks
The dd command is also useful when you need to copy specific blocks of data. For
example, if a file system’s superblock (stored in the first block of the file system) is corrupt,a copy is kept at the 31st block. The dd command can copy that 31st block back to the first
to repair the file system. The command is:
# dd count=1 bs=4k skip=31 seek=1 if=/dev/hd4 of=/dev/hd4
© Copyright IBM Corporation 2009
IBM Power Systems
dd command
• The primary purpose of dd is the low-level copying andconversion of raw data. – Copy tape to tape. Tape1 block size=1KB. Tape2 block size=2KB
– Perform a raw data backup of /home to tape, then restore
– Convert /etc/passwd from ascii to ebcdic
# dd if=/dev/rmt0 ibs=1024 obs=2048 of=/dev/rmt1# dd if=/dev/rmt0 ibs=1024 obs=2048 of=/dev/rmt1
# tar -cvf - /home | dd obs=1024k of=/dev/rmt0
# tar -cvf - /home | rsh <system> dd obs=1024k of=/dev/rmt0
# dd if=/dev/rmt0 ibs=1024k | tar xvf -
# tar -cvf - /home | dd obs=1024k of=/dev/rmt0
# tar -cvf - /home | rsh <system> dd obs=1024k of=/dev/rmt0
# dd if=/dev/rmt0 ibs=1024k | tar xvf -
# dd if=/etc/passwd of=/etc/passwd.ebcdic conv=ebcdic# dd if=/etc/passwd of=/etc/passwd.ebcdic conv=ebcdic
Writing to a tapedrive on a remote
machine
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 398/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
11-32 AIX installation © Copyright IBM Corp. 2009
Figure 11-21. Compression commands (1 of 2) AN121.1
Notes:
Files which are archived are usually further compressed to reduce their size. Compress,
uncompress and zcat commands are standard commands across UNIX platforms for
compressing and uncompressing files.
© Copyright IBM Corporation 2009
IBM Power Systems
Compression commands (1 of 2)
• Archives created with backup utilities are usually compressed. – Reduce the size of the backup. – This can be done using a number of utilities, such as compress.
• Examples (using compress, uncompress, and zcat):
# compress -v /tmp/data.tar
/tmp/data.tar: Compression: 95.50% This file is replaced
with /tmp/data.tar.Z.
# uncompress /tmp/data.tar.Z
/tmp/data.tar.Z: This file is replaced with /tmp/data.tar.
# zcat /tmp/data.tar.Z | tar -xvf -
# compress -v /tmp/data.tar
/tmp/data.tar: Compression: 95.50% This file is replaced
with /tmp/data.tar.Z.
# uncompress /tmp/data.tar.Z/tmp/data.tar.Z: This file is replaced with /tmp/data.tar.
# zcat /tmp/data.tar.Z | tar -xvf -zcat, expands a
compressed file tostandard out.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 399/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 11. Backup and restore 11-33
5.2
empty
Figure 11-22. Compression commands (2 of 2) AN121.1
Notes:
gzip is a software application used for file compression. gzip is short for GNU zip. The
program is very popular and is a free replacement for the compress program which was
predominately used in early UNIX systems.
Another popular and free compression utility is bzip2 which is based on a lossless data
compression algorithm. Bzip2 compression is generally more effective than gzip. Theusage of bzip2 and bunzip2 (for decompression) is fairly similar to gzip and gunzip
respectively.
© Copyright IBM Corporation 2009
IBM Power Systems
Compression commands (2 of 2)
• Examples (gzip and gunzip)
# gzip -v /tmp/data.tar
/tmp/data.tar: 97.7% -- replaced with
/tmp/data.tar.gz
# gunzip -v /tmp/data.tar.gz
/tmp/data.tar.gz: 97.7% -- replaced with
/tmp/data.tar
# tar -cvf - /data | gzip -c > data_tar.gz
# gunzip -c data_tar.gz | tar xvf -
# gzip -v /tmp/data.tar
/tmp/data.tar: 97.7% -- replaced with
/tmp/data.tar.gz
# gunzip -v /tmp/data.tar.gz
/tmp/data.tar.gz: 97.7% -- replaced with
/tmp/data.tar
# tar -cvf - /data | gzip -c > data_tar.gz
# gunzip -c data_tar.gz | tar xvf -
Creates acompressed
tarball (.tar.gz) ofthe /data
directory.
Decompresses andextracts the
compressed tarball(.tar.gz).
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 400/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
11-34 AIX installation © Copyright IBM Corp. 2009
Figure 11-23. Good practices AN121.1
Notes:
• Take regular backups. Always take regular backups of data. The most efficient way of
doing this is through regular automated incremental backups, as done through products
like TSM.
• Verify your backups. Always verify your backed up data. Use restore -T (or tar -t) to
view the contents. With mksysb tapes, you can position the tape to the correct markerand verify the contents without having to restore the data.
• Check the tape devices. The tapechk command can be used to check a number of
files on a tape. If no argument is specified, then the first block on the tape is checked. Ifa number is specified, that number of files are checked. You can also position the tape
before tapechk is run by specifying a second number. For example, tapechk 2.1 readstwo files after skipping past the first file.The tapechk command can be used to detect
malfunctioning hardware.
• Label your tapes. There is no way to know what is on the tape by looking at it. Thelabel should at least list the tape files, the commands used to create the tape, the date
created, and the block size.
© Copyright IBM Corporation 2009
IBM Power Systems
Good practices
• Take regular backups.
• Verify your backups. – Check the tape device(s). – Label tapes.
• Keep old backups.
• Keep a copy of the backups securely offsite.
• Test recovery procedures before you have to use them!
• Consider deploying an enterprise storage managementsolution like Tivoli Storage Manager (TSM).
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 401/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 11. Backup and restore 11-35
5.2
empty • Keep old backups. Keep old backups in case something goes wrong with the newones.
• Keep a copy of backups securely offsite. Store a set of backups off site in case
something happens to your site.
• Test recovery procedures. Test your recovery procedure before you have to. Knowthat you can recover before you have to recover.
• Consider deploying an enterprise storage solution. Enterprise storage solutions likeTivoli Storage Manager provide centralized, automated storage management and data
protection. TSM storage management software protects you from the risks of data lossand helps you reduce complexity, manage costs, and address compliance with data
retention and availability requirements.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 402/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
11-36 AIX installation © Copyright IBM Corp. 2009
Figure 11-24. Checkpoint AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Checkpoint
1. What is the difference between the following two commands?• find /home/fred | backup -ivf /dev/rmt0
• cd /home/fred; find . | backup -ivf /dev/rmt0 ___________________________________________________ ___________________________________________________ ___________________________________________________
2. On a mksysb tape, if you entered tctl rewind and then tctl -f/dev/rmt0.1 fsf 3, which element on the tape could you look at? _________________________________________________________ _________________________________________________________
3. Which command could you use to restore these files? _________________________________________________________
4. True or False: smit mksysb backs up all file systems, provided theyare mounted. ________________________________________________ _________________________________________________________
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 403/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 11. Backup and restore 11-37
5.2
empty
Figure 11-25. Exercise 11 AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Exercise 11
Backup and restore
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 404/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
11-38 AIX installation © Copyright IBM Corp. 2009
Figure 11-26. Unit summary AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Unit summary
Having completed this unit, you should be able to:
• Explain how to back up the operating system• Create and restore a mksysb image• Explain and understand the role of both the image.data
and bosinst.data files• Back up and restore a custom volume group
• Use standard AIX/UNIX backup, restore, andcompression utilities
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 405/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 12. Security and user administration 12-1
5.2
empty Unit 12.Security and user administration
What this unit is about
This unit describes the key concepts related to AIX security and user
administration.
What you should be able to do
After completing this unit, you should be able to:
• Define the concepts of users and groups, and explain how andwhen these should be allocated on the system
• Describe ways of controlling root access on the system
• Explain the uses of SUID, SGID, and SVTX permission bits
• Administer user accounts and groups
• Understand the basic concepts and implementation of RBAC
• Identify the data files associated with users and security
How you will check your progress
Accountability:
• Checkpoint questions
• Exercise
References
Online AIX 6.1 Information
SG24-7424 AIX 6.1 Advanced Security Features: Introduction andConfiguration (redbook)
SG24-7559 AIX Version 6.1 Differences Guide (redbook)
Note: References listed as “Online” above are available at thefollowing address:
http://publib.boulder.ibm.com/infocenter/systems/index.jsp
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 406/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
12-2 AIX installation © Copyright IBM Corp. 2009
Figure 12-1. Unit objectives AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Unit objectives
After completing this unit, you should be able to:
• Define the concepts of users and groups, and explain how andwhen these should be allocated on the system
• Describe ways of controlling root access on the system
• Explain the uses of SUID, SGID, and SVTX permission bits
• Administer user accounts and groups
• Understand the basic concepts and implementation of RBAC
• Identify the data files associated with users and security
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 407/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 12. Security and user administration 12-3
5.2
empty 12.1. Security and user concepts
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 408/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
12-4 AIX installation © Copyright IBM Corp. 2009
Figure 12-2. Security and user concepts AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Security and user concepts
After completing this topic, you should be able to:
• Understand user accounts and groups• Describe the role of RBAC• Identify key security logs• Understand and apply file permissions
– Including the role of the umask parameter
• Change file ownership and group assignment
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 409/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 12. Security and user administration 12-5
5.2
empty
Figure 12-3. User accounts AN121.1
Notes:
Importance of user accounts
The security of the system is based on a user being assigned a unique name, a unique
user ID (UID) and password, and a primary group ID (GID). When the user logs in, the UIDis used to validate all requests for file access. The UID, associated groups, and GIDs can
be seen by the id command.
File ownership
When a file is created, the UID associated with the process that created the file is assignedownership of the file. Only the owner or root can change the access permissions.
Automatically created user accounts
There are several user accounts automatically created. root, for example, is one. Some
user accounts are not made for login but only to own certain files. adm, sys, and bin areexamples of that type of account.
© Copyright IBM Corporation 2009
IBM Power Systems
User accounts
• Each user has a unique name, numeric ID, and password.
• File ownership is determined by a numeric user ID.• The owner is usually the user who created the file, but
ownership can be transferred by root.
• Default users: – root Superuser
– adm, sys, bin, ... IDs that own system files butcannot be used for login
# id
uid=0(root) gid=0(system)
groups=2(bin),3(sys),7(security),8(cron),10(audit),11(lp)
# id
uid=0(root) gid=0(system)
groups=2(bin),3(sys),7(security),8(cron),10(audit),11(lp)
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 410/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
12-6 AIX installation © Copyright IBM Corp. 2009
Figure 12-4. Groups AN121.1
Notes:
Function of groups
Users that require shared access to a set of files are placed in groups. Each group has
a unique name and Group ID (GID). The GID, like the UID, is assigned to a file when itis created. A user can belong to multiple groups.
Predefined groups
There are several groups predefined on an AIX system. For example, the system
group is root's group and the staff group is for all ordinary users.
Planning and administering groups
The creation of groups to organize and differentiate the users of a system or network ispart of systems administration. The guidelines for forming groups should be part of the
security policy. Defining groups for large systems can be quite complex, and once asystem is operational, it is very difficult to change the group structure. Investing time
and effort in devising group definitions before your system arrives is recommended.
© Copyright IBM Corporation 2009
IBM Power Systems
Groups
• A group is a set of users, all of whom need access to a givenset of files.
• Every user is a member of at least one group and can be amember of several groups.
• The user has access to a file if any group in the user’sgroupset provides access. To list the groupset, use thegroups command.
• The user's real group ID is used for file ownership on creation.To change the real group ID, use the newgrp command.
• Default groups: – System administrators: system – Ordinary users: staff
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 411/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 12. Security and user administration 12-7
5.2
empty Groups should be defined as broadly as possible and be consistent with your securitypolicy. Do not define too many groups because defining groups for every possible
combination of data type and user type can lead to impossible extremes.
A group administrator is a user who is allowed to assign the members andadministrators of a group. It does not imply that the user has any administrative abilities
for the system.
Types of groups
There are three types of groups on the system:
• User Groups
- User groups should be made for people who need to share files on the
system, such as people who work in the same department, or people who areworking on the same project.
• System Administrator Groups
- System administrators are automatically members of the system group.
Membership of this group allows the administrators to perform some of thesystem tasks without having to be the root user.
• System Defined Groups
- Several system-defined groups exist. staff is the default group for allnon-administrative users created in the system. security is another
system-defined group with limited privileges for performing securityadministration. The system-defined groups are used to control certain
subsystems.
Use of the newgrp commandA user's real group identification is used to determine the group ownership of a filecreated by that user. The newgrp command changes a user's real group identification.
If you provide a group name as a parameter to the newgrp command, the systemchanges the name of your real group to the group name specified (if the group name
specified is part of your groupset). If no group name is provided as a parameter, the
newgrp command changes your real group to the group specified as your primary
group in the /etc/passwd file.
Example:
$ id
uid=206(secc) gid=7(security) groups=1(staff)
$ newgrp staff
$ id
uid=206(secc) gid=1(staff) groups=7(security)
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 412/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
12-8 AIX installation © Copyright IBM Corp. 2009
Figure 12-5. Group hierarchy AN121.1
Notes:
Rights to administrative functions
As indicated on the visual, membership in some groups confers rights to the use of certain
administrative functions. Membership in the staff group does not provide rights to the useof administrative functions.
Common groups
Common groups on the system (and their intended uses) are as follows:
• system for most configuration and standard hardware and software maintenance • printq for managing queuing.
- Typical commands which can be run by members of this group are: enable,
disable, qadm, qpri, and so forth.
• security to handle most passwords and limits control
- Typical commands which can be run by members of this group are: mkuser,
rmuser, pwdadm, chuser, chgroup, and so forth.
© Copyright IBM Corporation 2009
IBM Power Systems
Group hierarchy
system security
printqadm
audit
shutdown
staff
Rights toadministrative
functions
Ordinaryusers
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 413/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 12. Security and user administration 12-9
5.2
empty • adm most monitoring functions such as performance, cron, accounting staff, defaultgroup assigned to all new users
- You may want to change this in /usr/lib/security/mkuser.defaults.
• audit for auditors
• shutdown allows use of the shutdown command.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 414/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
12-10 AIX installation © Copyright IBM Corp. 2009
Figure 12-6. User hierarchy AN121.1
Notes:
Capabilities of members of certain groups
The ability to perform certain system tasks (like creating users) depends upon the standard
AIX file permissions. Most system administration tasks can be performed by users otherthan root if those users are assigned to groups such as system, security, printq, cron,
adm, audit, or shutdown. In particular, a user in the security group can add, remove, orchange other users and groups.
Purpose of user hierarchy
To protect important users and groups from users in the security group, AIX has three
levels of user hierarchy: root, admin users and groups, and normal users and groups. Only
root can add, remove, or change an admin user or admin group. Therefore, you can define
a user that has a high level of access, but is protected from users in the security group.
© Copyright IBM Corporation 2009
IBM Power Systems
User hierarchy
• As well as admin groups, AIX has admin users.
• An admin user has the admin group “system” (guid 0) set asthe primary group.
• Only root can add, remove, or change an admin user or admingroup.
• Any user on the system can be defined as an admin userregardless of the group they are in.
• This approach is limited. AIX 6 includes enhanced RBAC.
root
normal user
admin user (admin flag set to true)
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 415/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 12. Security and user administration 12-11
5.2
empty
Figure 12-7. Role based access control AN121.1
Notes:
Why do we need RBAC?
The difficulty with permission (or even access control list) based access control is that
you must secure the needed resource rather than the command. It was often difficult toknow which resources were the ones needed. In some cases we are dealing with kernel
resources. In addition, a given resource may have multiple uses and a single groupaccess to it may not work. Allowing a program to be root with suid allowed one to
bypass the resource permissions, but suid itself was a potential exposure. With
Enhanced Resource Based Access Control (RBAC), resource access is controlledthrough privileged commands and then only users with the proper authorization areallowed to execute the privileged command. The authorization and privileges are fine
grained.
Legacy RBAC
Starting with AIX 4.2.1, a form of RBAC was provided but was difficult to work with.Even though a user was assigned a role, that user was often still unable to execute the
associated tasks until a requisite command was converted to a set uid executable and
© Copyright IBM Corporation 2009
IBM Power Systems
Role based access control
• Enhanced RBAC is a major new feature in AIX 6.
• With Enhanced RBAC: – Authorizations can be hierarchical.
– root can be disabled altogether.
– Can limit or eliminate UNIX based security add-ons like sudo
– Definitions are stored in the kernel table to enhance security.
– Applies also to devices and files
– Support for WPARs
• Authorizations, such as the ability to shutdown the system, areassigned to roles
• Roles such as System Administrator, are assigned to users
Authorizations
Roles1
Roles
Users2
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 416/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
12-12 AIX installation © Copyright IBM Corp. 2009
the user was made a member of the associated group. In addition, the legacyframework was implemented without involvement of the kernel.
Enhanced RBAC
Starting with AIX 6.1, an enhanced form of RBAC is provided. The enhanced RBAC
framework involves the kernel and thus is more secure. The new framework is alsomore granular and extensive than the legacy RBAC. Once a role is assigned to a user,
they have the authorization to do the related tasks without having to play with filepermissions or group membership. While the framework supports user defined
privileged commands, authorizations, and roles, AIX 6.1 provides 10 predefined rolesthat can be used without additional RBAC configuration. The details of the RBAC
framework is outside the scope of this course, however more detail with a simpleexample is included in topic two of this unit.
Sudo
Sudo (su “do”) is free add-on software for UNIX systems which enables a systemadministrator to delegate authority to give certain users, or groups of users, the ability to
run some, or all, commands as root or another user while providing an audit trail of thecommands and their arguments. Enhanced RBAC, eliminates the use of sudo like tools.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 417/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 12. Security and user administration 12-13
5.2
empty
Figure 12-8. Controlling access to the root account AN121.1
Notes:
Guidelines for root account password
If the root password is known by too many people, no one can be held accountable. The
root password should be limited to just two or three administrators. The fewer people whoknow root's password, the better. The system administrator should ensure that distinct
root passwords are assigned to different machines. You may allow normal users to havethe same passwords on different machines, but never do this for root.
Use of the su command
Attempts to become root through su can be investigated. Successful and unsuccessful
attempts might be logged by the audit system.
PATH variable for root account
Do not include unsecured directories in the value of PATH for the root account. Note that
root's PATH is used by many implicit system functions, not just by a user logged in as root.
© Copyright IBM Corporation 2009
IBM Power Systems
Controlling access to the root account
• Restrict access to privileged logins.
• Root's passwords should be changed on an unannouncedschedule by the system administrator.
• Assign different root passwords to different machines.
• System administrators should always login as themselves firstand then su to root instead of logging in as root. This helpsprovide an audit trail for root usage.
• Do not include unsecured directories in root's PATH.
# chuser login=false root
# chuser login=false root
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 418/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
12-14 AIX installation © Copyright IBM Corp. 2009
Figure 12-9. Security logs AN121.1
Notes:
The sulog file
The sulog file is an ASCII text file that can be viewed with more or pg. In the file, the
following information is recorded: date, time, terminal name, and login name. The file alsorecords whether the login attempt was successful, and indicates a success by a plus sign
(+) and a failed login by a minus sign (-).
The utmp and wtmp files
The /etc/utmp file contains a record of users logged into the system, and the
/var/adm/wtmp file contains connect-time accounting records. To obtain information from
either file use the who command with the file name. The who command normally examinesthe /etc/utmp file, but you can specify either one of the files just mentioned as an argument
to the command.
The last command
The last command can also be used to display, in reverse chronological order, all previouslogins and logoffs still recorded in the /var/adm/wtmp file. The /var/adm/wtmp file collects
© Copyright IBM Corporation 2009
IBM Power Systems
Security logs
/var/adm/sulog
/var/adm/wtmp
/etc/security/failedlogin
/etc/utmp
Audit trail ofsu
activity
Log of successful logins
List of users currently
logged in
Information on failedlogin attempts
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 419/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 12. Security and user administration 12-15
5.2
empty login and logout records as these events occur, and holds them until the records areprocessed by the accounting commands.
For example:
# last root displays all the recorded logins and logoffs by the user root.
# last reboot displays the time between reboots of the system.
The utmpd daemon
AIX 5L V5.2 introduced a new daemon called utmpd to manage the entries in the
/etc/utmp file. This daemon monitors the validity of the user process entries at regular
intervals. The default interval time would be 300 seconds. The syntax of the command is:
/usr/sbin/utmpd [ Interval ]
To start utmpd from the /etc/inittab, add the following entry to the file:
utmpd:2:respawn:/usr/sbin/utmpd
The failedlogin file
The /etc/security/failedlogin file maintains a record of unsuccessful login attempts. The
file can be displayed using the who command with the file as an argument.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 420/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
12-16 AIX installation © Copyright IBM Corp. 2009
Figure 12-10. File/Directory permissions AN121.1
Notes:
Permission bits
There are a number of permission bits associated with files and directories. The standard r
(read), w (write), and x (execute) permissions, define three levels of access for the user(owner), group, and others. In addition, there are three permission bits known as SUID (set
UID), SGID (set GID), and SVTX (sticky bit).
The SUID bit
SUID on an executable file means that when the file runs, the process runs with aneffective UID of the owner of the file. SUID is not supported on shell scripts.
SUID has no meaning on a directory.
The SGID bit
SGID on an executable file means that when the file runs, the process runs with aneffective GID of the group owner of the file.
© Copyright IBM Corporation 2009
IBM Power Systems
File/Directory permissions
Must be owner of files todelete files from directory
SVTX--------
Files created in directoryinherit the same group asthe directory
SGIDRun program witheffective GID of group
--------SUIDRun program with
effective UID of owner
Give access to directoryxUse file name to executeas a command
Create and remove files indirectory
wModify content of file
List content of directoryr Read content of file
DirectoryPerm. BitFile
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 421/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 12. Security and user administration 12-17
5.2
empty SGID on a directory means that any file or directory created within the directory will havethe same group ownership as the directory rather than the real group ID or primary group of
the user.
The SGID permission bits are propagated down through the directory structure, so that anydirectory created in a directory with the SGID bit set, also inherits that bit.
The SVTX bit
SVTX on a file has no meaning in AIX. It was used in earlier versions of UNIX.
Traditional UNIX used SVTX to keep a program in memory after it had completed running,but with memory management routines, this is no longer necessary. SVTX is known as the
sticky bit.
SVTX on a directory means that even if the directory has global write permission (forexample, /tmp), users cannot delete a file within it, unless they either own the file, or the
directory.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 422/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
12-18 AIX installation © Copyright IBM Corp. 2009
Figure 12-11. Reading permissions AN121.1
Notes:
How SUID, SGID, and SVTX settings are indicated
The SUID bit is indicated by an S or s in the slot normally reserved for the execute
permission for owner (user). The SGID bit is indicated by an S or s in the slot normallyreserved for the execute permission for group. The SVTX bit is indicated by a T or t in the
slot normally reserved for the execute permission for others. Since this slot must show ifexecute is on/off and whether the additional permission bit is on/off, the uppercase S or T is
used to indicate that the execute permission is off. The lowercase s or t indicates the
execute permission is on.
© Copyright IBM Corporation 2009
IBM Power Systems
Reading permissions
SUID SUID SGID SGID sticky stickyonly + x only + x bit bit
only + x
r wr x
sS
r w x
sS
w x
tT
owner group other
# ls -ld /usr/bin/passwd /usr/bin/crontab /tmp
-r-sr-xr-x root security ... /usr/bin/passwd
-r-sr-sr-x root cron ... /usr/bin/crontab
drwxrwxrwt bin bin ... /tmp
# ls -ld /usr/bin/passwd /usr/bin/crontab /tmp
-r-sr-xr-x root security ... /usr/bin/passwd
-r-sr-sr-x root cron ... /usr/bin/crontab
drwxrwxrwt bin bin ... /tmp
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 423/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 12. Security and user administration 12-19
5.2
empty Discussion of examples on visual
Three examples of files that use these additional permissions are shown on the visual:
• The passwd command allows users to change their passwords even thoughpasswords are stored in a restricted area.
• The crontab command allows users to create a crontab file even though access to the
directory where crontab files reside is restricted for ordinary users. • Permission bit settings for /tmp allow everyone to write to the directory, but only the
owner of a file can remove a file from the /tmp directory.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 424/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
12-20 AIX installation © Copyright IBM Corp. 2009
Figure 12-12. Changing permissions AN121.1
Notes:
Setting the additional permission bits
To set the additional permission bits, you use the same command (chmod) as you do to
set the regular permission bits.
Using octal notation to set the additional permission bits
Using the octal notation, you are probably familiar with setting permissions using acommand like: # chmod 777 file1. When you issue this command, the more complete
command would be: # chmod 0777 file1. The fourth number, a zero, is implied. This fourthposition determines whether the additional bits are turned on.
You normally use the numeric values of 4, 2, and 1 to set r, w, and x. That remains the
same. To set the additional bits, you are affecting the x position in either the user, group, orother area. If you assign numeric values to user (4), group (2), and other (1), these are the
values that you insert into the fourth position to set the additional bit:
• SUID is indicated in the user's area. Therefore use a 4 in the fourth position.
• SGID is indicated in the group area. Therefore use a 2 in the fourth position.
© Copyright IBM Corporation 2009
IBM Power Systems
Changing permissions
# chmod 4 7 7 7 file1 SUID
# chmod 2 7 7 7 file1 SGID
# chmod 1 7 7 7 dir1 SVTX
4SUID
2SGID
1SVTX
owner r w x4 2 1
groupr w x4 2 1
other r w x4 2 1
# chmod u+s file1 SUID
# chmod g+s file1 SGID
# chmod +t dir1 SVTX
OR
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 425/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 12. Security and user administration 12-21
5.2
empty • SVTX is indicated in the others area. Therefore use a 1 in the fourth position.
Using the symbolic method to set the additional permission bits
You can also use the symbolic method to set the additional permission bits. The visualshows how to set the values using the symbolic method.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 426/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
12-22 AIX installation © Copyright IBM Corp. 2009
Figure 12-13. umask AN121.1
Notes:
Function of umask
The umask specifies what permission bits are set on a new file when it is created. It is an
octal number that specifies which of the permission bits are not set.
Default value of umask
If no umask was used, then files would be created with permissions of 666 and directorieswould be created with permissions of 777. The system default umask is 022 (indicating
removal of the 2 bit, or write from the group and others area). Therefore, removing write
from group and other, results in an initial permission for files of 644 and, for directories,
755. Execute permission is never set initially on a file.
Changing the umask to enhance security
The default setting of the umask is 022. For tighter security you should make the umask
027, or even 077.
© Copyright IBM Corporation 2009
IBM Power Systems
umask
• The umask governs permissions on new files and directories.
• System default umask is 022.• 022 calculation Files: 666 Directories: 777
umask: 022 umask: 022644 755rw-r--r-- rwxr-xr-x
• A umask of 027 is recommended.
• 027 calculation Files: 666 Directories: 777umask: 027 umask: 027
640 750rw-r----- rwxr-x---
• /etc/security/user specifies default and individual user umaskvalues.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 427/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 12. Security and user administration 12-23
5.2
empty The umask command
To view or change the value of the umask for the current session, use the umask
command.
Values stored in /etc/security/user file
The umask is specified in /etc/security/user. The default stanza in this file specifies the
system wide default, but a value can be specified on a per-user basis.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 428/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
12-24 AIX installation © Copyright IBM Corp. 2009
Figure 12-14. Changing ownerships and groups AN121.1
Notes:
Using chown to change ownership
As illustrated on the visual, the chown command can be used by root to change the
ownership on a file.
Using chgrp to change group ownership
The chgrp command is used to change the group ownership of a file. Any owner of a filecan change the group ownership to any group in their groupset. The root user can change
the group ownership to any group on the system.
Changing both ownership and group ownership
The chown command can be used by root to set both the ownership, and groupownership, of a file. As illustrated on the visual, this can be done two different ways.
© Copyright IBM Corporation 2009
IBM Power Systems
Changing ownerships and groups
The chown command:
The chgrp command:
Changing both user and group ownership:
# chown fred file1# chown fred file1
# chgrp staff file1# chgrp staff file1
# chown fred:staff file1
- OR -
# chown fred.staff file1
# chown fred:staff file1
- OR -
# chown fred.staff file1
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 429/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 12. Security and user administration 12-25
5.2
empty
Figure 12-15. Checkpoint AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Checkpoint
1. Which file contains an audit trail of su activity?
_____________________________ 2. If the following command was run:
chmod 6754 file1What would the file permissions be for file1? _ _ _ _ _ _ _ _ _
3. A binary executable with the SUID flag set is owned by user root.User michael executes the binary. The executable runs underwhich user, root or michael? _______________
4. A shared directory is created on the system. What flag must beset to ensure only the owner of the files can delete them? _______________
5. Why is an umask of 027 recommended? ________________________________________________
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 430/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
12-26 AIX installation © Copyright IBM Corp. 2009
Figure 12-16. Topic summary AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Topic summary
Having completed this topic, you should be able to:
• Understand user accounts and groups• Describe the role of RBAC• Identify key security logs• Understand and apply file permissions
– Including the role of the umask attribute
• Change file ownership and group assignment
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 431/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 12. Security and user administration 12-27
5.2
empty 12.2. User and group administration
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 432/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
12-28 AIX installation © Copyright IBM Corp. 2009
Figure 12-17. User and group administration AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
User and group administration
After completing this topic, you should be able to:
• Understand the login sequence from a system console• Understand the login initialization process• Add, list, change, and delete users and groups• Set and change passwords
– Recover root password if lost or forgotten
• Understand the key elements of RBAC and configure asimple RBAC implementation
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 433/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 12. Security and user administration 12-29
5.2
empty
Figure 12-18. Console login sequence AN121.1
Notes:
Introduction
When a user attempts to log in, AIX checks a number of files to determine if entry is
permitted to the system and, if permitted, what parts of the system the user can access.This section provides an overview of the checks performed during the login process.
The getty process
Ports set up for login are listed in the /etc/inittab. When init runs, a getty process is
started for each port in the list providing a login prompt on the terminal attached to that port.The actual message displayed, also known as the herald, by the getty process is defined
in /etc/security/login.cfg. Once the message is displayed, the getty process waits for auser to make a login attempt.
Entry of username and password
When a user is ready to log in, they enter their user name at the login prompt. The login
program is passed the user name and password. The login credentials are checkedagainst /etc/passwd and /etc/security/passwd files.
© Copyright IBM Corporation 2009
IBM Power Systems
Console login sequence
getty process
Login: userid and passwd
Spawned by inittab
User verification check
Set up the environment.
Display /etc/motd
Enter login shell
Valid?yes
noLogin failed
Settings in
/etc/security/login.cfg
/etc/passwd /etc/security/passwd
/etc/environment /etc/security/environ
/etc/security/limits /etc/security/user
$HOME/.hushlogin
/etc/profile$HOME/.profile
Log entry in:
/etc/security/failedlogin
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 434/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
12-30 AIX installation © Copyright IBM Corp. 2009
Validation
If the password is incorrect or if an invalid user name was given, then the login fails, and anentry is made in the file /etc/security/failedlogin. Use the command who
/etc/security/failedlogin to view this file. The number of failed attempts is also tracked (byuser account) in /etc/security/lastlog. The login prompt is redisplayed for another attempt.
It is possible to set the characteristics for a user to prevent unlimited attempts on an
account. If the number of attempts exceeds the maximum allowable failed attempts, theaccount is locked. If a user successfully enters the user name and password, the uswstanza in /etc/security/login.cfg is checked. This stanza sets the maximum number of
concurrent logins for a user account. If that number is exceeded, the login is denied and amessage is displayed to the user.
Setup of user's environment
If everything is successful to this point, then the user's environment is set using
/etc/environment, /etc/security/environ, /etc/security/limits, and /etc/security/user.The login program sets the current directory to the user's HOME directory and displays the
content of /etc/motd (if no .hushlogin file is found in the HOME directory), the date of thelast successful login, and the number of unsuccessful login attempts since the last
successful login.
Passing of control to shell
Finally, control is passed to the login shell (as defined in /etc/passwd) which will read
/etc/environment and run /etc/profile and $HOME/.profile when using Korn or Bourneshells.
Results of a user logging out
When a user logs out, the shell terminates and a new getty process is spawned for thatport.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 435/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 12. Security and user administration 12-31
5.2
empty
Figure 12-19. User initialization process AN121.1
Notes:
The /etc/environment file
/etc/environment is used to set variables. No commands should be placed in this file. Only
root can change this file.
The /etc/profile file
/etc/profile will be read and executed during every login. Like the /etc/environment file, thisfile can be changed only by root.
The $HOME/.profile and $HOME/.kshrc files$HOME/.profile and $HOME/.kshrc can be customized by the user. The user can overwrite
any variable set in /etc/environment and /etc/profile.
© Copyright IBM Corporation 2009
IBM Power Systems
User initialization process
LOGIN
/etc/environment
/etc/profile
$HOME/.kshrc
Establishes base environmentsets PATH, TZ, LANG, andNLSPATH
Shell script run at all loginssets TERM, MAILMSG, andMAIL
User's personal file tocustomize their environmentPATH, ENV, PS1
$HOME/.profile
User's personal file to customizethe Korn shell environmentset –o vi, alias
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 436/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
12-32 AIX installation © Copyright IBM Corp. 2009
Common Desktop Environment (CDE) considerations
If you are using CDE, .profile is not read by default. In the user’s HOME directory, the
.dtprofile file is used to establish the environment when working with CDE. .dtprofile
replaces the function of .profile in the CDE environment. If you want to use both, in the
.dtprofile, uncomment the line near the end of the file that references the
DTSOURCEPROFILE variable.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 437/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 12. Security and user administration 12-33
5.2
empty
Figure 12-20. Message of the day AN121.1
Notes:
Using the /etc/motd file
The message of the day (motd ) is a convenient way to communicate information, such as
installed software version numbers or current system news, to all users. The message ofthe day is contained in the /etc/motd file. To change the message of the day, simply edit
this file.
© Copyright IBM Corporation 2009
IBM Power Systems
Message of the day
• The file /etc/motd contains text that is displayed every time auser logs in.
• This file should only contain information necessary for theusers to see.
• If the $HOME/.hushlogin file exists in a user's home directory,then the contents of the /etc/motd file are not displayed to thatuser.
******************************************************************
* *
* *
* AIX Version 6.1 TL 02 HACMP 5.5.0.0. + WPAR ckp *
* *
* Eduction AIX AN12 Build version 318 *
* *
* *
******************************************************************
nimmaster:/
******************************************************************
* *
* *
* AIX Version 6.1 TL 02 HACMP 5.5.0.0. + WPAR ckp ** *
* Eduction AIX AN12 Build version 318 *
* *
* *
******************************************************************
nimmaster:/
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 438/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
12-34 AIX installation © Copyright IBM Corp. 2009
Figure 12-21. Security & Users AN121.1
Notes:
The Security & Users menu
The Security & Users menu is used to manage user and group IDs on the system. The
menu consists of the seven options described below.
Users
This option is used to add users to the system, delete existing users and change thecharacteristics of existing users.
GroupsThis option is used to add groups to the system, delete groups, and change the
characteristics of existing groups.
Passwords
This option is used to change the password for a user. It is also required when setting
up a new user or when a user has forgotten their password.
Login Controls
© Copyright IBM Corporation 2009
IBM Power Systems
Security & Users
# smit security
Security & Users
Move cursor to desired item and press Enter.
Users
Groups
Passwords
Login Controls
PKI
LDAP
Role Based Access Control (RBAC)
Trusted Execution
Security & Users
Move cursor to desired item and press Enter.
Users
Groups
Passwords
Login Controls
PKI
LDAPRole Based Access Control (RBAC)
Trusted Execution
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 439/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 12. Security and user administration 12-35
5.2
empty This option provides functions to restrict access for a user account or on a particularterminal.
PKI
PKI stands for X.509 Public Key Infrastructure certificates. This option is used to
authenticate users using certificates and to associate certificates with processes asproof of a user's identity.
LDAP
LDAP stands for Light Directory Access Protocol. It provides a way to centrallyadminister common configuration information for many platforms in a networked
environment. A common use of LDAP is the central administration of userauthentication. The SMIT option here allows us to configure this platform as either an
LDAP client or an LDAP server.
Roles Based Access Control (RBAC)
This option sets up user roles. User roles allow root to give authority to an ordinary user
to perform a portion of root's functions.
Trusted Execution
Trusted Execution (TE) refers to a collection of features that are used to verify the
integrity of the system and implement advanced security policies, which together can beused to enhance the trust level of the complete system.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 440/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
12-36 AIX installation © Copyright IBM Corp. 2009
Figure 12-22. SMIT users AN121.1
Notes:
Add a User
Add user accounts.
Change a User's Password
Make password changes.
Change/Show Characteristics of a User
Changes the many characteristics that are part of the user account. The password
restrictions are part of this area.
Lock/Unlock a User's Account
This is used to temporarily disable an account. It is a good security practice to disable
accounts if they are not expected to be used for a reasonably long period of time, as whensomeone is on an extended leave of absence.
Reset User's Failed Login Count
© Copyright IBM Corporation 2009
IBM Power Systems
SMIT users
# smit users
Users
Move cursor to desired item and press Enter.
Add a User
Change a User's Password
Change / Show Characteristics of a User
Lock / Unlock a User's Account
Reset User's Failed Login Count
Remove a User
List All Users
Users
Move cursor to desired item and press Enter.
Add a User
Change a User's Password
Change / Show Characteristics of a User
Lock / Unlock a User's Account
Reset User's Failed Login Count
Remove a UserList All Users
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 441/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 12. Security and user administration 12-37
5.2
empty If the administrator has set a limit to the number of failed attempts that can be made on anaccount before locking it, this resets that count.
Remove a User
Removes the user account, but not files owned by that user
List all users
Runs the lsuser command
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 442/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
12-38 AIX installation © Copyright IBM Corp. 2009
Figure 12-23. Listing users AN121.1
Notes:
Function of the lsuser command
The lsuser command is used to list the attributes of all users (ALL) or individual users on
the system.
Using SMIT to list users
When the List All Users option in SMIT is used, the user name, ID and home directoryare listed.
Commonly used lsuser flagsWhen the lsuser command is issued directly, the data may be listed in line format, in
colon format (-c), or in stanza format (-f). Individual attributes or all attributes may beselected. The output can also be generated for individual users.
Sources of information listed
The information reported by lsuser is gathered from the security files: /etc/passwd,
/etc/security/limits, and /etc/security/user.
© Copyright IBM Corporation 2009
IBM Power Systems
Listing users
The lsuser command:
lsuser [-c | -f] [-a attribute …] {ALL | username …}
Example:
# lsuser -a id home ALL
root id=0 home=/
daemon id=1 home=/etc
bin id=2 home=/bin
sys id=3 home=/usr/sys
adm id=4 home=/var/admuucp id=5 home=/usr/lib/uucp
guest id=100 home=/home/guest
alex id=333 home=/home/mancunian
# lsuser -a id home ALL
root id=0 home=/
daemon id=1 home=/etc
bin id=2 home=/bin
sys id=3 home=/usr/sys
adm id=4 home=/var/admuucp id=5 home=/usr/lib/uucp
guest id=100 home=/home/guest
alex id=333 home=/home/mancunian
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 443/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 12. Security and user administration 12-39
5.2
empty
Figure 12-24. Add a user to the system AN121.1
Notes:
Ways of adding a user
The mkuser command or SMIT can be used to add a user. User attributes can be specified
to override the default values.
User name
The only value that must be specified, is the user name. Traditionally, this name wasrestricted to eight characters in length. Beginning with AIX 5L V5.3, this limit can be
changed to allow names as long as 255 characters. The limit is modified in theChange/Show Attributes of the Operating System panel (smit chsys).
Resources involved in user creation process
The following resources are involved in the user creation process:
• Default ID numbers stored in etc/security/.ids
• The usr/lib/security/mkuser.sys shell script used to set up a user ID.
• Default values for characteristics stored in usr/lib/security/mkuser.default
© Copyright IBM Corporation 2009
IBM Power Systems
Add a user to the system
# smit mkuser
Add a User
Type or select values in entry fields.
Press Enter AFTER making all desired changes.
[TOP] [Entry Fields]
* User NAME [alex]
User ID [333] #
ADMINISTRATIVE USER? false +
Primary GROUP [] +
Group SET [] +
ADMINISTRATIVE GROUPS [] +
ROLES [] +
Another user can SU TO USER? true +
SU GROUPS [ALL] +
HOME directory []
Initial PROGRAM []
User INFORMATION []
[MORE...32]
Add a User
Type or select values in entry fields.
Press Enter AFTER making all desired changes.
[TOP] [Entry Fields]
* User NAME [alex]
User ID [333] #
ADMINISTRATIVE USER? false +
Primary GROUP [] +
Group SET [] +
ADMINISTRATIVE GROUPS [] +
ROLES [] +
Another user can SU TO USER? true +
SU GROUPS [ALL] +HOME directory []
Initial PROGRAM []
User INFORMATION []
[MORE...32]
mkuser id=333 alex
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 444/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
12-40 AIX installation © Copyright IBM Corp. 2009
• Default values for characteristics stored in /etc/security/user
• The default .profile stored in etc/security/.profile
Some of these resources are discussed further in the material that follows.
The /usr/lib/security/mkuser.default file
The /usr/lib/security/mkuser.default file contains the defaults for the mkuser command.
This file can only be edited by the root user. This file contains the following information:
user:
pgrp = staff
groups = staff
shell = /usr/bin/ksh
home = /home/$USER
admin:
pgrp = system
groups = system
shell = /usr/bin/ksh
home = /home/$USER
The user stanza of this file is picked up if an ordinary user is being added, and the adminstanza is picked up, if an administrative user is being added.
The /etc/security/.ids file
If the user ID is not specified, then a default ID number is chosen from the/etc/security/.ids file. Administrative users are given IDs starting from six, and normalusers are given IDs starting from 200.
The /usr/lib/security/mkuser.sys shell script
The shell script /usr/lib/security/mkuser.sys is run during the user creation process.
This creates the user's home directory and creates the .profile file. This shell script can bemodified to perform any function that is required when setting up the user.
List of user characteristics
The full list of user characteristics contains entries which are not often used. Many of thesefields may be left empty with no ill effect. For the complete list, refer to SMIT (fastpath smit
mkuser).
Setting a password
When a new user is created, the ID is disabled (an asterisk “*” is placed in the password
field of the /etc/passwd file). To enable the ID, a password must be set with the Change a
User’s Password option or the passwd or pwdadm command.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 445/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 12. Security and user administration 12-41
5.2
empty
Figure 12-25. Change / Show Characteristics of a User AN121.1
Notes:
Changing user characteristics
The Change/Show Characteristics of a User option, which runs the chuser
command, allows any of the user characteristics listed previously, except the user name, tobe changed. This can only be executed by root or a member of the security group. Only
root can change an admin user. This SMIT screen holds exactly the same attributes as theAdd a User screen.
The chuser command
The following command can be used to change characteristics of a user:
# chuser attribute=value username
© Copyright IBM Corporation 2009
IBM Power Systems
Change/Show characteristics of a user
# smit chuser
Change / Show Characteristics of a User
[Entry Fields]
* User NAME alex
User ID [333]
#
ADMINISTRATIVE USER? false +
Primary GROUP [staff] +
Group SET [staff,security] +
ADMINISTRATIVE GROUPS [] +
ROLES [] +
Another user can SU TO USER? true +
SU GROUPS [ALL] +
HOME directory [/home/alex]
Initial PROGRAM [/usr/bin/ksh]
User INFORMATION []
EXPIRATION date (MMDDhhmmyy) [0]
Is this user ACCOUNT LOCKED? false +
User can LOGIN? true +
User can LOGIN REMOTELY(rsh,tn,rlogin)? true +
[MORE...48]
Change / Show Characteristics of a User
[Entry Fields]
* User NAME alex
User ID [333]
#
ADMINISTRATIVE USER? false +
Primary GROUP [staff] +
Group SET [staff,security] +
ADMINISTRATIVE GROUPS [] +
ROLES [] +
Another user can SU TO USER? true +
SU GROUPS [ALL] +
HOME directory [/home/alex]
Initial PROGRAM [/usr/bin/ksh]User INFORMATION []
EXPIRATION date (MMDDhhmmyy) [0]
Is this user ACCOUNT LOCKED? false +
User can LOGIN? true +
User can LOGIN REMOTELY(rsh,tn,rlogin)? true +
[MORE...48]
chuser groups='staff,security' alex
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 446/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
12-42 AIX installation © Copyright IBM Corp. 2009
Figure 12-26. Remove a user from the system AN121.1
Notes:
Ways to remove a user
The Remove a User from the System option in SMIT, or the rmuser command, can
be used to remove any user from the system. Only the root user may removeadministrative users.
The -p option of rmuser
The -p option removes authentication information from the /etc/security/* files. Typically,
this information is the user password, as well as other login restrictions which have beenpreviously set for the ID.
Removing the user's files
The user's home directory and associated files are not removed by this option. They must
be removed separately by the administrator. To do this, you can use the -r option on thermbv command to recursively remove files. Remember to back up any important files
before removing the user's home directory.
© Copyright IBM Corporation 2009
IBM Power Systems
Remove a user from the system
• The rmuser command or SMIT can be used to delete a user
from the system
• When you remove a user, that user’s home directory is notdeleted. Therefore, you must remember to manually clean upthe directories of users you remove. Remember to back up
important files first!
# rmuser –p team01# rmuser –p team01
# rm -r /home/team01# rm -r /home/team01
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 447/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 12. Security and user administration 12-43
5.2
empty
Figure 12-27. Passwords AN121.1
Notes:
Setting an initial password
When a user ID is created with SMIT or with the mkuser command, the user ID is disabled.
(An asterisk (*) is in the password field of /etc/passwd.) To enable the ID, the passwd or
pwdadm command must be used to set up the initial password for the user.
Entry of passwords (things to be aware of)
When passwords are entered, they are not displayed. When changing a password, the new
password is requested a second time for verification.
The ADMCHG flag
If root or a member of the security group sets the password for a user, the ADMCHG flagis set in the flags field in /etc/security/passwd. The user is then prompted to change the
password at the next login.
© Copyright IBM Corporation 2009
IBM Power Systems
Passwords
• A new user ID cannot be used until a password isassigned.
• Two commands for changing passwords:
• SMIT invokes the passwd command for root and thepwdadm if non-root.
• An ordinary user can use the passwd command tochange own password
• Only root or member of security group can changepassword of another user
# pwdadm <username>
OR
# passwd [username]
# pwdadm <username>
OR
# passwd [username]
root or security(group) only
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 448/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
12-44 AIX installation © Copyright IBM Corp. 2009
Recovering from a forgotten password
There is no way to examine an existing password on the system. The only way to recoverfrom a forgotten password, is for an administrator or root, to set a new one for the user.
Invocation of passwd command by SMIT
The option Passwords on the Users menu of SMIT uses the passwd command.
Using the passwd command
Ordinary users who use passwd to change their passwords, are first prompted for the oldpassword, and then they are asked twice for a new password. When root uses passwd to
set a user's password, passwd only prompts twice for the new password.
Using the pwdadm command
Members of the security group, can use pwdadm to change the passwords ofnon-administrative accounts. Members of the security group are first prompted to enter
their own password, and then prompted twice to enter the user's new password. The root
user is only prompted twice for the new password.
Users with ADMIN flag set
Only root can change the password for a user who has the ADMIN flag set in
/etc/security/passwd.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 449/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 12. Security and user administration 12-45
5.2
empty
Figure 12-28. Regaining root's password AN121.1
Notes:
If the root password is lost, just follow the steps as shown in the visual.
© Copyright IBM Corporation 2009
IBM Power Systems
Regaining root's password
1. Boot from optical media, NIM, or a bootable tape.
2. Select Access a Root Volume Group from theMaintenance menu.
3. Follow the options to activate the root volume group andobtain a shell.
4. Once a shell is available, execute the passwd command tochange root's password.
5. Enter the following command:# sync ; sync
6. Reboot the system.
Maintenance
>>> 1 Access a Root Volume Group
2 Copy a System Dump to Removable Media
3 Access Advanced Maintenance Functions
4 Erase Disks
Maintenance
>>> 1 Access a Root Volume Group
2 Copy a System Dump to Removable Media
3 Access Advanced Maintenance Functions
4 Erase Disks
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 450/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
12-46 AIX installation © Copyright IBM Corp. 2009
Figure 12-29. SMIT groups AN121.1
Notes:
Purpose of groups
The purpose of groups is to give a common set of users the ability to share files. The
access is controlled using the group set of permission bits.
Group management restrictions
Only root and members of the security group can create groups. root and security groupmembers, can select a member of the group to be the group administrator. This privilege
allows the user to add and remove users from the group.
Predefined groups
There are a number of predefined groups on AIX systems, like the system group (which is
root's group), and the staff group (which contains the ordinary users).
© Copyright IBM Corporation 2009
IBM Power Systems
SMIT groups
# smit groups
Groups
Move cursor to desired item and press Enter.
List All Groups
Add a Group
Change / Show Characteristics of a Group
Remove a Group
Groups
Move cursor to desired item and press Enter.
List All Groups
Add a Group
Change / Show Characteristics of a Group
Remove a Group
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 451/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 12. Security and user administration 12-47
5.2
empty
Figure 12-30. Listing groups AN121.1
Notes:
The lsgroup command
The lsgroup command is used to list all groups, or selected groups, on the system. The
data is presented in line format by default, in colon format (-c), or in stanza format (-f).
Commonly used options of the lsgroup command
The -c option displays the attribute for each group, in colon separated records.
The -f option displays the group attributes in stanza format with each stanza identified by a
group name.
© Copyright IBM Corporation 2009
IBM Power Systems
Listing groups
The lsgroup command:
lsgroup [-c | -f] [-a attribute …] {ALL | groupname …}
Example:
# lsgroup –f -a id users ALL
system:
id=0
users=root,esaadmin,pconsole
staff:
id=1
users=ipsec,ted,sshd,alex,local,tyrone,daemon
bin:
id=2
users=root,bin
...
# lsgroup –f -a id users ALL
system:
id=0
users=root,esaadmin,pconsole
staff:
id=1users=ipsec,ted,sshd,alex,local,tyrone,daemon
bin:
id=2
users=root,bin
...
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 452/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
12-48 AIX installation © Copyright IBM Corp. 2009
Figure 12-31. Add a Group AN121.1
Notes:
The mkgroup command
The mkgroup command is the command used to create a new group. The group name,
traditionally, must be a unique string of eight or fewer characters. With AIX 5L V5.3 andlater, the maximum name length can be modified to be as large as 255 characters.
Limit on group membership
A user may belong to no more than 32 groups.
The mkgroup/SMIT optionsThe mkgroup -a option is used to indicate that the new group is to be an administrative
group. Only the root user can add administrative groups to the system.
• ADMINISTRATOR list and USER list: In the SMIT screen shown on the visual,
ADMINISTRATOR list is a list of members from the USER list that are allowed tochange the characteristics of a group and add or remove members.
© Copyright IBM Corporation 2009
IBM Power Systems
Add a Group
# smit mkgroup
Add a Group
Type or select values in entry fields.
Press Enter AFTER making all desired changes.
[Entry Fields]
* Group NAME [techies]
ADMINISTRATIVE group? false +
Group ID [101] #
USER list [alex,tyrone] +
ADMINISTRATOR list [] +Projects [] +
Initial Keystore Mode [] +
Keystore Encryption Algorithm [] +
Keystore Access [] +
Add a Group
Type or select values in entry fields.
Press Enter AFTER making all desired changes.
[Entry Fields]
* Group NAME [techies]
ADMINISTRATIVE group? false +
Group ID [101] #
USER list [alex,tyrone] +
ADMINISTRATOR list [] +Projects [] +
Initial Keystore Mode [] +
Keystore Encryption Algorithm [] +
Keystore Access [] +
mkgroup -A id=101 users=alex,tyrone techies
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 453/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 12. Security and user administration 12-49
5.2
empty • Projects: Starting with AIX 5L V5.3, the SMIT Add a Group screen has a new field,Projects, for tracking resource usage in the Advanced Accounting subsystem.
The following fields are related to Encrypted File Systems. This topic is outside the scope
of this class. Attend AU47, AIX Security, for training in this area.
• Initial Keystore Mode: The efs_initalks_mode of admin allows for root, or othersecurity privileged system users, to reset the user's key store password. Otherwise, if
the user forgets their key store password, they will not be able to access their EncryptedFile System files. If the guard mode is selected, then root cannot reset the user's key
store password.
• Keystore Encryption Algorithm: This option specifies the algorithm for the
user's key, within the key store. This key protects the encrypting key of files the user
creates, within the Encrypted File System.
• Keystore Access: The key store enables the user to utilize files in the Encrypted File
System. The selection of file will create a key store file associated with this user. It isrecommended that file is selected. Select none for no key store to be created. All other
EFS (efs_*) attributes will not have any effect.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 454/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
12-50 AIX installation © Copyright IBM Corp. 2009
Figure 12-32. Change or remove a group AN121.1
Notes:
The chgroup command
The chgroup command is used to change the characteristics of a group. It can only be run
by root or a member of the security group.
Group attributes
The group attributes are:
• Group ID (id=groupid): It is not advisable to change the group ID, but it is occasionally
done immediately after a group has been created to match the ID of a previouslydeleted group, or a specific group ID needed for a particular software package.
• ADMINISTRATIVE group? (admin=true|false): Only the root user can change agroup to be an administrative group, or make changes to an existing administrative
group.
• USER list (users=usernames): This is a comma separated list of the names of all the
members of the group. The group may be their primary group or an additional one.
© Copyright IBM Corporation 2009
IBM Power Systems
Change or remove a group
# smit chgroup
Change a Group
Type or select values in entry fields.
Press Enter AFTER making all desired changes.
[Entry Fields]
* Group NAME [techies]
ADMINISTRATIVE group? false +
Group ID [101] #
USER list [alex,tyrone,ted] +
ADMINISTRATOR list [alex] +
Projects [] +
Initial Keystore Mode [] +Keystore Encryption Algorithm [] +
Keystore Access [] +
Change a Group
Type or select values in entry fields.
Press Enter AFTER making all desired changes.
[Entry Fields]
* Group NAME [techies]
ADMINISTRATIVE group? false +
Group ID [101] #
USER list [alex,tyrone,ted] +
ADMINISTRATOR list [alex] +
Projects [] +
Initial Keystore Mode [] +Keystore Encryption Algorithm [] +
Keystore Access [] +
chgroup users=alex,tyrone,ted adms=alex techies
To remove a group: # rmgroup techies
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 455/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 12. Security and user administration 12-51
5.2
empty • ADMINISTRATOR list (adms=adminnames): This is the list of group administrators.
• Projects (projects=projectnames): As previously mentioned, this attribute was addedto support the Advanced Accounting subsystem.
The chgrpmem command
The chgrpmem command can be used by any user to change either the administrators, or
the members of a group, for which the user running the command, is a group administrator.The rmgroup command
The rmgroup command is used to remove a group from the system. This command has
no options and the only parameter is the group name. Only the root user can delete anadministrative group.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 456/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
12-52 AIX installation © Copyright IBM Corp. 2009
Figure 12-33. RBAC overview AN121.1
Notes:
There are over 250 built in pre-defined authorizations, such as manage devices, create
WPARs, and perform OS administration. To view all authorizations, type: # lsrole ALL.
Authorizations are assigned to commands and files which are considered privileged. Byprivileged, we mean that we want to allow them to bypass traditional access controls.
These authorizations are then assigned to roles which, in turn, are assigned to users.Users can then switch roles to perform the necessary administrative actions.
Custom user-defined authorizations and roles can also be created. However, this requires
the kernel security tables to be updated. To do this, execute the setkst command.
© Copyright IBM Corporation 2009
IBM Power Systems
RBAC overview
• RBAC configuration is stored within the Kernel Security Tables(KST).
Authorizations
Roles1
2
Operating System
Administration
CreateSystem WPARs
Manage Devices
Roles
Users
User and Group AccountAdministration
SystemAdministrator
Privileged commands and files
System Operator
Command= /usr/sbin/shutdownAuth = aix.system.boot.shutdown
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 457/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 12. Security and user administration 12-53
5.2
empty
Figure 12-34. RBAC defined roles and authorizations AN121.1
Notes:
There are, by default, 10 predefined system roles and 254 authorizations. They can be
listed with the lsrole and lsauth commands respectively.
To list the roles and the assigned authorizations, type:
# lsrole -f -a authorizations dfltmsg ALL |grep -p dfltmsg
Role Definitions:
isso - Information system security officer
The ISSO role is responsible for creating and assigning roles, and is thus the mostpowerful user-defined role on the system. Some of the ISSO responsibilities include:
• Establishing and maintaining security policy
• Setting passwords for users
• Network configuration
• Device administration
© Copyright IBM Corporation 2009
IBM Power Systems
RBAC defined roles and authorizations
# lsrole -c -a dfltmsg ALL |grep -v "#name"|grep ":"
AccountAdmin:User and Group Account AdministrationBackupRestore:Backup and Restore Administration
DomainAdmin:Remote Domain Administration
FSAdmin:File System Administration
SecPolicy:Security Policy Administration
SysBoot:System Boot Administration
SysConfig:System Configuration Administration
isso:Information System Security Officer
sa:System Administrator
so:System Operator
# lsrole -c -a dfltmsg ALL |grep -v "#name"|grep ":"
AccountAdmin:User and Group Account Administration
BackupRestore:Backup and Restore Administration
DomainAdmin:Remote Domain Administration
FSAdmin:File System Administration
SecPolicy:Security Policy Administration
SysBoot:System Boot Administration
SysConfig:System Configuration Administration
isso:Information System Security Officer
sa:System Administrator
so:System Operator
# lsauth -f ALL |grep dfltmsg |sed 's:dfltmsg=::g'
Operating System AdministrationDevice Administration
Configure Devices
Configure the Random Device
Configure TTY Devices
Manage Devices
Change Attributes of a Device
…….removed for clarify …
# lsauth -f ALL |grep dfltmsg |sed 's:dfltmsg=::g'
Operating System AdministrationDevice Administration
Configure Devices
Configure the Random Device
Configure TTY Devices
Manage Devices
Change Attributes of a Device
…….removed for clarify …
roles
authorizations
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 458/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
12-54 AIX installation © Copyright IBM Corp. 2009
sa - System administrator
The SA role provides the functionality for daily administration and is responsible for:
• User administration (except password setting)
• File system administration
• Software installation update
• Network daemon management
• Device allocation
so - System operator
The SO role provides the functionality for day to day operations and is responsible for:
• System shutdown and reboot
• File system backup, restore, and quotas
• System error logging, trace, and statistics
• Workload administration
AccountAdmin - User and group account administrator
The AccountAdmin role provides the functionality for users and group definitions and is
responsible for:
• Define, modify, and remove users
• Define, modify, and remove groups
BackupRestore - Backup and restore administrator
The BackupRestore role provides the functionality for backup and restore operations for filesystems, using various commands such as:
• cpio, pax, tar, backup and restore
DomainAdmin - Remote domain administrator
The DomainAdmin role provides the functionality for managing network securitymechanisms such as:
• kerberos, ldap, NIS, and PKI
FSAdmin - File system administrator
The FSAdmin role provides the functionality for managing file systems and has the ability
to:
• Create, modify, and remove file systems
• Mount and unmount file systems
• Defrag file systems
• Format file system logs
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 459/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 12. Security and user administration 12-55
5.2
empty • Manage file system user quotas
• Create and manage JFS2 snapshots
SecPolicy - Security policy administrator
The SecPolicy role provides the functionality for security administration and is responsible
for most of what the ISSO covers, except for:
• Domain Administration
• System Configuration
SysBoot - System boot administrator
The SysBoot role provides the functionality for system shutdown and booting through thefacilities for:
• halt, shutdown, and reboot
SysConfig - System configuration
The SysConfig role provides the functionality for system configuration and is responsiblefor such components as:
• inittab
• System console
• Kernel extensions
• uname
• Resource sets
• Date and time zone
• Software license management
• Performance tunables
• Diagnostics
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 460/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
12-56 AIX installation © Copyright IBM Corp. 2009
Figure 12-35. RBAC (basic) implementation steps AN121.1
Notes:
A key part in implementing RBAC, is planning. Start by making a note of all the
administration tasks which may need to be performed, then allocate them to roles, and
assign the roles to userids.
RBAC is enabled by default in AIX 6, and can be checked with the lsattr command as
shown on the visual.
© Copyright IBM Corporation 2009
IBM Power Systems
RBAC (basic) implementation steps
• Steps to configure RBAC
1. Ensure RBAC is enabled (default true, AIX6.1).
2. Plan which predefined administration roles need to be assigned tousers.
3. Assign AIX predefined roles to the relevant users.
• Using chuser command
4. User would then switch to the role and perform the necessaryoperations.
• To switch roles, use swrole command
# lsattr -El sys0 |grep RBAC
enhanced_RBAC true Enhanced RBAC Mode
# lsattr -El sys0 |grep RBAC
enhanced_RBAC true Enhanced RBAC Mode
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 461/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 12. Security and user administration 12-57
5.2
empty
Figure 12-36. RBAC example (1 of 2) AN121.1
Notes:
The visual demonstrates how to provide a user with the capability to start, stop, and reboot
the system.
If you are not sure if the system authorization, aix.system.boot.shutdown , containsthe shutdown command, then the RBAC privileged command file can be checked (stored in
/etc/security), as follows:
/etc/security # grep shutdown privcmds
/usr/sbin/exec_shutdown:
accessauths = aix.system.boot.shutdown
/usr/sbin/shutdown:
accessauths = aix.system.boot.shutdown
© Copyright IBM Corporation 2009
IBM Power Systems
RBAC example (1 of 2)
• Example: Let's give permission for user, alex, to start, stop,and reboot the system. – First, find the predefined role.
– Add the ‘SysBoot’ role to user alex.
# lsrole -f -a authorizations dfltmsg ALL |grep -p dfltmsg | \
grep -p shutdown
SysBoot:
authorizations=aix.system.boot.halt,aix.system.boot.info,aix.system.
boot.reboot,aix.system.boot.shutdown
dfltmsg=System Boot Administration
# lsrole -f -a authorizations dfltmsg ALL |grep -p dfltmsg | \
grep -p shutdown
SysBoot:
authorizations=aix.system.boot.halt,aix.system.boot.info,aix.system.
boot.reboot,aix.system.boot.shutdown
dfltmsg=System Boot Administration
# chuser roles=SysBoot alex
# rolelist -u alex
SysBoot System Boot Administration
# chuser roles=SysBoot alex
# rolelist -u alex
SysBoot System Boot Administration
Confirm theSysBoot role hasbeen allocated to
user alex.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 462/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
12-58 AIX installation © Copyright IBM Corp. 2009
Figure 12-37. RBAC example (2 of 2) AN121.1
Notes:
The rolelist command provides role and authorization information to the invoker, about
their current roles, or the roles assigned to them.
The swrole command creates a new role session, spawed in a sub shell, with the rolesthat are specified by the role parameter (in this example, SysBoot). To exit the new role sub
shell, type:
# exit rolelist –e or # exit rolelist SysBoot
© Copyright IBM Corporation 2009
IBM Power Systems
RBAC example (2 of 2)
– As user, alex, shut down and reboot the system
alex $ rolelistSysBoot System Boot Administration
alex $ rolelist -e
rolelist: There is no active role set
alex $ rolelist -a
SysBoot aix.system.boot.create
aix.system.boot.halt
aix.system.boot.info
aix.system.boot.reboot
aix.system.boot.shutdown
alex $ swrole SysBoot
alex $ alex's Password:
alex $ rolelist -e
SysBoot System Boot Administration
alex $ shutdown –Fr
alex $ rolelistSysBoot System Boot Administration
alex $ rolelist -e
rolelist: There is no active role set
alex $ rolelist -a
SysBoot aix.system.boot.create
aix.system.boot.halt
aix.system.boot.info
aix.system.boot.reboot
aix.system.boot.shutdown
alex $ swrole SysBootalex $ alex's Password:
alex $ rolelist -e
SysBoot System Boot Administration
alex $ shutdown –Fr
SysBoot role isnow active
Lists the assignedroles
Lists the activeroles
Lists the assignedauthorizations
Switch to roleSysBoot
Perform a systemreboot.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 463/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 12. Security and user administration 12-59
5.2
empty
Figure 12-38. Checkpoint AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Checkpoint
1. What is the difference between the commands, pwdadm
and passwd? ___________________________________________
2. Which password change command does SMIT use?
3. True or False: When you delete a user from the system,all the user's files and directories are also deleted.
4. True of False: RBAC is disabled by default on AIX 6.1.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 464/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
12-60 AIX installation © Copyright IBM Corp. 2009
Figure 12-39. Topic summary AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Topic summary
Having completed this topic, you should be able to:
• Understand the login sequence from a system console• Understand the login initialization process• Add, list, change, and delete users and groups• Set and change passwords
– Recover root password if lost or forgotten
• Understand the key elements of RBAC and configure a simpleRBAC implementation
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 465/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 12. Security and user administration 12-61
5.2
empty 12.3. Security files
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 466/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
12-62 AIX installation © Copyright IBM Corp. 2009
Figure 12-40. Security files AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Security files
After completing this topic, you should be able to:
• Identify and understand key security files• Understand how to validate the user environment• Document the system security policy and set-up
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 467/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 12. Security and user administration 12-63
5.2
empty
Figure 12-41. Security files introduction AN121.1
Notes:
Introduction
The security on the system is controlled by a number of ASCII files. Key files are listed
on the visual and briefly described below.
/etc/passwd
The /etc/passwd file lists the valid users, and the user ID, primary group, homedirectory, and default login shell for each of these users.
/etc/groupThe /etc/group file lists the valid groups, their group IDs, and members.
The /etc/security directory
The /etc/passwd and /etc/group files have global read access to all users. A numberof other files control the attributes of users. These files are in the /etc/security directory,
which can only be accessed by root or the security group.
© Copyright IBM Corporation 2009
IBM Power Systems
Security files introduction
• Files used to contain user attributes and control access:
– /etc/passwd Valid users (not passwords) – /etc/group Valid groups
– /etc/security Directory not accessibleto normal users
– /etc/security/passwd User passwords
– /etc/security/user User attributes, passwordrestrictions
– /etc/security/group Group attributes
– /etc/security/limits User limits
– /etc/security/environ User environment settings
– /etc/security/login.cfg Console Login settings
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 468/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
12-64 AIX installation © Copyright IBM Corp. 2009
/etc/security/passwd
/etc/security/passwd contains the encrypted password and update information forusers.
/etc/security/user
/etc/security/user contains extended user attributes.
/etc/security/group
/etc/security/group contains extended group attributes.
/etc/security/limits
/etc/security/limits contains process resource limits for users.
/etc/security/environ
/etc/security/environ contains environment variables for users. This file is not often
used.
/etc/security/login.cfg/etc/security/login.cfg is a configuration file for the login program. This file containssecurity enhancements that limit the logins on a port, for example, the number of login
attempts and the valid login programs (shells).
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 469/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 12. Security and user administration 12-65
5.2
empty
Figure 12-42. /etc/passwd file AN121.1
Notes:
Role of the /etc/passwd file
The /etc/passwd file lists the users on the system and some of their attributes. This file
must be readable by all users, because commands such as ls access it.
Fields in the /etc/passwd file
The fields in the /etc/passwd file are:
• User name: Up to eight alphanumeric characters (not all uppercase)
• Password: On older UNIX systems, this contained the encrypted password. On AIX, iteither contains an exclamation mark (!) to refer to the /etc/security/passwd file or an
asterisk (*), which means the user has no password assigned.
• UID: The user ID number for the user
• GID: The ID of the primary group to which this user belongs
• Information: Any descriptive text for the user
© Copyright IBM Corporation 2009
IBM Power Systems
/etc/passwd file
# cat /etc/passwd
root:!:0:0::/:/usr/bin/ksh
daemon:!:1:1::/etc:
bin:!:2:2::/bin:
sys:!:3:3::/usr/sys:
adm:!:4:4::/var/adm:
uucp:!:5:5::/usr/lib/uucp:
guest:!:100:100::/home/guest:
nobody:!:4294967294:4294967294::/:
pconsole:*:8:0::/var/adm/pconsole:/usr/bin/ksh
sshd:*:202:201::/var/empty:/usr/bin/kshalex:!:333:1::/home/alex:/usr/bin/ksh
tyrone:!:204:1::/home/tyrone:/usr/bin/ksh
ted:*:205:1::/home/ted:/usr/bin/ksh
# cat /etc/passwd
root:!:0:0::/:/usr/bin/ksh
daemon:!:1:1::/etc:
bin:!:2:2::/bin:
sys:!:3:3::/usr/sys:
adm:!:4:4::/var/adm:
uucp:!:5:5::/usr/lib/uucp:
guest:!:100:100::/home/guest:
nobody:!:4294967294:4294967294::/:
pconsole:*:8:0::/var/adm/pconsole:/usr/bin/ksh
sshd:*:202:201::/var/empty:/usr/bin/ksh
alex:!:333:1::/home/alex:/usr/bin/ksh
tyrone:!:204:1::/home/tyrone:/usr/bin/ksh
ted:*:205:1::/home/ted:/usr/bin/ksh
! = Passwd is set /etc/security/passwd* = no password set
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 470/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
12-66 AIX installation © Copyright IBM Corp. 2009
• Directory: The login directory of the user and the initial value of the $HOME variable
• Login program: Specifies the initial program or shell that is executed, after a userinvokes the login command, or su command
Using index files for better login performance
In AIX, additional files can be created to be used as index files for the /etc/passwd,
/etc/security/passwd, and /etc/security/lastlog files. These index files provide for betterperformance during the login process. Use the mkpasswd -f command to create theindexes. The command mkpasswd -c can be used to check the indexes, and rebuild any
that look suspicious.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 471/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 12. Security and user administration 12-67
5.2
empty
Figure 12-43. /etc/security/passwd file AN121.1
Notes:
Role of the /etc/security/passwd file (commonly referred to as the shadow password
file)
The /etc/security/passwd file contains the encrypted user passwords and can only beaccessed by root. The login, passwd, pwdadm, and pwdck commands, which run with
root authority, update this file. This file is in stanza format with a stanza for each user.
Index files
As previously mentioned, in AIX, additional files can be created to be used as index files for
/etc/security/passwd and some related files. These index files provide for better
performance during the login process. These indexes are created using the mkpasswd
command.
Entries in /etc/security/passwd
Valid entries in /etc/security/passwd are:
• Password: Either the encrypted password asterisk (*) for invalid, or blank for nopassword
© Copyright IBM Corporation 2009
IBM Power Systems
/etc/security/passwd file
# cat /etc/security/passwd
root:password = etNKvWlXX5EFk
lastupdate = 1145381446
flags =
daemon:
password = *
bin:
password = *
alex:
password = XAkhucsiyVwAA
lastupdate = 1225381869flags =
tyrone:
password = RWWoFp5iuL.JI
lastupdate = 1225381903
flags = ADMCHG,ADMIN,NOCHECK
# cat /etc/security/passwd
root:password = etNKvWlXX5EFk
lastupdate = 1145381446
flags =
daemon:
password = *
bin:
password = *
alex:
password = XAkhucsiyVwAA
lastupdate = 1225381869flags =
tyrone:
password = RWWoFp5iuL.JI
lastupdate = 1225381903
flags = ADMCHG,ADMIN,NOCHECK
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 472/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
12-68 AIX installation © Copyright IBM Corp. 2009
• Lastupdate: The date and time of the last password update in seconds from 1 January1970
• Flags:
- ADMCHG: The password was last changed by an administrator or root.
- ADMIN: The user's password can only be changed by root.
- NOCHECK: Password restrictions are not in force for this user.
See /etc/security/user for password restrictions.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 473/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 12. Security and user administration 12-69
5.2
empty
Figure 12-44. /etc/security/user file AN121.1
Notes:
admin
This attribute defines the administrative status of the user. Possible values: true or false
login
This attribute defines whether a user can login. Possible values: true or false
su
This attribute defines whether other users can switch to this user account. The su
command supports this attribute. Possible values: true or false
daemon
This attribute defines whether the user can execute programs using the system resource
controller (SRC). Possible values: true or false
© Copyright IBM Corporation 2009
IBM Power Systems
/etc/security/user file
default:
admin = falselogin = true
su = true
daemon = true
rlogin = true
sugroups = ALL
admgroups =
ttys = ALL
auth1 = SYSTEM
auth2 = NONE
tpath = nosak
umask = 000
expires = 0
SYSTEM = "compat"
logintimes =
pwdwarntime = 0
account_locked = false
loginretries = 0
histexpire = 0
histsize = 0
minage = 0
default:
admin = falselogin = true
su = true
daemon = true
rlogin = true
sugroups = ALL
admgroups =
ttys = ALL
auth1 = SYSTEM
auth2 = NONE
tpath = nosak
umask = 000
expires = 0
SYSTEM = "compat"logintimes =
pwdwarntime = 0
account_locked = false
loginretries = 0
histexpire = 0
histsize = 0
minage = 0
* default continued ...
maxage = 0
maxexpired = -1
minalpha = 0
minother = 0
minlen = 0
mindiff = 0
maxrepeats = 8
dictionlist =
pwdchecks =
root:
admin = true
SYSTEM = "compat"
loginretries = 0
account_locked = false
registry = files
admgroups =
alex:
admin = false
* default continued ...
maxage = 0
maxexpired = -1
minalpha = 0
minother = 0
minlen = 0
mindiff = 0
maxrepeats = 8
dictionlist =
pwdchecks =
root:
admin = true
SYSTEM = "compat"
loginretries = 0account_locked = false
registry = files
admgroups =
alex:
admin = false
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 474/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
12-70 AIX installation © Copyright IBM Corp. 2009
rlogin
This attribute defines whether the user account can be accessed by remote logins. rlogin
and telnet commands support this attribute. Possible values: true or false
sugroups
This attribute defines which groups can switch to this user account. Alternatively, you may
explicitly deny groups by preceding the group name with an exclamation mark (!). Possiblevalues: list of valid groups separated by commas, ALL or *
admgroups
This attribute lists the groups that a user administers. The value is a comma-separated listof valid group names.
ttys
This attribute defines which terminals can access the user account. Alternatively you may
explicitly deny terminals by preceding the terminal name with an exclamation mark (!).Possible values: list of device paths separated by commas, ALL or *
auth1
This attribute defines the primary authentication method for a user. The commands login,
telnet, rlogin, and su, support these authentication methods.
auth2
This attribute defines the secondary authentication methods for a user. It is not a
requirement to pass this method to log in.
tpath
This attribute defines the user's trusted path characteristics. Possible values: nosak, notsh,always or on (For more information refer to the online documentation.)
umask
This attribute defines the default umask for the user. Possible values: 3-digit octal value
expires
This attribute defines the expiration time for the user account. Possible values: a valid datein the form MMDDHHMMYY or 0. If 0, the account does not expire. The 'YY' supports the
last two digits of the years 1939 to 2038. If 0101000070, then the account is disabled.
SYSTEM
This attribute can be used to describe multiple or alternate authentication methods the usermust use successfully, before gaining access to the system. Possible tokens are:
• Files: Allows only local users access to the system
• Compat: The normal login procedure and therefore allows local and NIS users accessto the system
• DCE: The Distributed Computing Environment authentication
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 475/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 12. Security and user administration 12-71
5.2
empty logintimes
This attribute defines the times a user can login.
pwdwarntime
This attribute defines the number of days before a forced password change warning
informs the user of the impending password change. Possible values: a positive integer or
0 to disable this featureaccount_locked
This attribute defines whether the account is locked. Locked accounts cannot be used for
login or su. Possible values: true or false
loginretries
This attribute defines the number of invalid login attempts before a user is not allowed tologin. Possible values: a positive integer or 0 to disable this feature
histexpire
This attribute defines the period of time in weeks that a user will not be able to reuse apassword. Possible values: an integer value between 0 and 260. 26 (approximately 6
months) is the recommended value
histsize
This attribute defines the number of previous passwords which cannot be reused. Possiblevalues: an integer between 0 and 50
minage
This attribute defines the minimum number of weeks between password changes. The
default is 0. Possible values: 0 to 52
maxage
This attribute defines the maximum number of weeks a password is valid. The default is 0,
which is equivalent to unlimited. Possible values: 0 to 52
maxexpired
This attribute defines the maximum number of weeks after maxage that an expiredpassword can be changed by a user. The default is -1, which is equivalent to unlimited.
Possible values: -1 to 52. maxage must be greater than 0 for maxexpired to be enforced
(root is exempt from maxexpired)minalpha
This attribute defines the minimum number of alphabetic characters in a password. The
default is 0. Possible values: 0 to 8
minother
This attribute defines the minimum number of non-alphabetic characters in a password.
The default is 0. Possible values: 0 to 8
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 476/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
12-72 AIX installation © Copyright IBM Corp. 2009
minlen
This attribute defines the minimum length of a password. The default is 0. Range: 0 to 8
Note that the minimum length of a password is determined by minlen and/or “minalpha +minother”, whichever is greater. “minalpha + minother” should never be greater than 8. If
“minalpha + minother” is greater than 8, then minother is reduced to “8 - minalpha”.
mindiffThis attribute defines the minimum number of characters in the new password that were
not in the old password. The default is 0. Possible values: 0 to 8
maxrepeats
This attribute defines the maximum number of times a given character can appear in apassword. The default is 8, which is equivalent to unlimited. Possible values: 0 to 8
dictionlist
This attribute defines the password dictionaries used when checking new passwords. The
format is a comma separated list of absolute path names to dictionary files. A dictionary filecontains one word per line where each word has no leading or trailing white space. Words
should only contain 7 bit ASCII characters. All dictionary files and directories should bewrite protected from everyone except root. The default is valueless which is equivalent to
no dictionary checking.
pwdchecks
This attribute defines external password restriction methods used when checking new
passwords. The format is a comma separated list of absolute path names to methods ormethod path names relative to /usr/lib. A password restriction method is a program
module that is loaded by the password restrictions code at run time. All passwordrestriction methods and directories should be write protected from everyone except root.
The default is valueless, which is equivalent to no external password restriction methods.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 477/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 12. Security and user administration 12-73
5.2
empty
Figure 12-45. Group files AN121.1
Notes:
The /etc/group file
The fields in the /etc/group file are:
• Group: Up to eight alphanumeric characters (not all uppercase)
• Password: This field is not used in AIX and should contain an exclamation mark (!)
• ID: The group ID
• Members: A comma-separated list of the users who belong to this group
The /etc/security/group file
The /etc/security/group file is a stanza file with one stanza for each group. The validentries are:
• admin: Defines whether the group is an administrative group; values are true or false
• adms: A comma-separated list of the users who are administrators for the group
• If admin=true, this stanza is ignored because only root can change an administrative
group.
• projects: A list of project names to be associated with the group
© Copyright IBM Corporation 2009
IBM Power Systems
Group files
# cat /etc/group
system:!:0:root,esaadmin,pconsole
staff:!:1:ipsec,sshd,alex,tyrone,tedbin:!:2:root,bin
sys:!:3:root,bin,sys
adm:!:4:bin,adm
uucp:!:5:nuucp,uucp
...
# cat /etc/group
system:!:0:root,esaadmin,pconsole
staff:!:1:ipsec,sshd,alex,tyrone,tedbin:!:2:root,bin
sys:!:3:root,bin,sys
adm:!:4:bin,adm
uucp:!:5:nuucp,uucp
...
# cat /etc/security/group
system:
admin = true
staff:admin = false
bin:
admin = true
...
techies:
admin = false
adms = alex
# cat /etc/security/group
system:
admin = true
staff:admin = false
bin:
admin = true
...
techies:
admin = false
adms = alex
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 478/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
12-74 AIX installation © Copyright IBM Corp. 2009
Figure 12-46. /etc/security/login.cfg file AN121.1
Notes:
herald
This attribute specifies the initial message to be printed out when getty or login prompts
for a login name. This value is a string that is written out to the login port. If the herald is notspecified, then the default herald is obtained from the message catalog associated with the
language set in /etc/environment.
logintimes
This attribute defines the times a user can use this port to login.
logindisable
This attribute defines the number of unsuccessful login attempts before this port is locked.Use this in conjunction with logininterval.
logininterval
This attribute defines the number of seconds during which logindisable unsuccessfulattempts must occur before a port is locked.
© Copyright IBM Corporation 2009
IBM Power Systems
/etc/security/login.cfg file
default:
herald = "Authorized use only.\n\rlogin:"
logintimes =
logindisable = 0
logininterval = 0
loginreenable = 0
logindelay = 0
* Other security attributes (usw stanza):
usw:
shells = /bin/sh,/bin/bsh,/bin/csh,/bin/ksh,/bin/tsh
/bin/ksh93,/usr/bin/sh,/usr/bin/bsh,/usr/bin/csh,/usr/bin
/ksh,/usr/bin/tsh,/usr/bin/ksh93,/usr/bin/rksh,/usr/bin/rksh93,/usr/sbin/uucp/uucico,/usr/sbin/sliplogin,/usr/sbin
/snappd
maxlogins = 32767
logintimeout = 60
auth_type = STD_AUTH
default:
herald = "Authorized use only.\n\rlogin:"
logintimes =logindisable = 0
logininterval = 0
loginreenable = 0
logindelay = 0
* Other security attributes (usw stanza):
usw:
shells = /bin/sh,/bin/bsh,/bin/csh,/bin/ksh,/bin/tsh
/bin/ksh93,/usr/bin/sh,/usr/bin/bsh,/usr/bin/csh,/usr/bin
/ksh,/usr/bin/tsh,/usr/bin/ksh93,/usr/bin/rksh,/usr/bin/rksh93,/usr/sbin/uucp/uucico,/usr/sbin/sliplogin,/usr/sbin
/snappd
maxlogins = 32767
logintimeout = 60
auth_type = STD_AUTH
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 479/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 12. Security and user administration 12-75
5.2
empty loginreenable
This attribute defines the number of minutes after a port is locked, that it automaticallyunlocked.
logindelay
This attribute defines the delay in seconds between unsuccessful login attempts. This
delay is multiplied by the number of unsuccessful logins. Therefore, if the value is two, thenthe delay between unsuccessful logins is two seconds, then four seconds, then sixseconds, and so forth.
Other security attributes (usw stanza):
shells
The list of valid login shells for a user; chuser and chsh will only change a user's login shell
to one of the shells listed here.
maxlogins
This attribute defines the maximum number of simultaneous logins allowed on the system.logintimeout
This attribute defines the number of seconds the user is given to enter their password.
auth_type
This attribute determines whether PAM or the standard UNIX authentication mechanism
will be used by PAM-aware applications. Valid values: STD_AUTH, PAM_AUTH
The chsec command
Changes to the /etc/security/login.cfg file can be done by the command chsec:
# chsec -f /etc/security/login.cfg -s default -a pwdprompt=”Password:”
To reset to the default value:
# chsec -f /etc/security/login.cfg -s default -a pwdprompt=
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 480/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
12-76 AIX installation © Copyright IBM Corp. 2009
Figure 12-47. Validating the user environment AN121.1
Notes:
Use of validation commands
The commands listed on the visual can be executed by root or any user in the security
group to clean up after a change to the user configuration. Because they run with rootpermissions, they give administrative users the ability to make necessary changes to the
/etc/security/passwd file in a controlled way, without knowing the root password.
The usrck command
The usrck command verifies the validity of the user definitions in the user database files,by checking the definitions for all the users or for the users specified by the user parameter.
You must select a flag to indicate whether the system should try to fix erroneous attributes.
© Copyright IBM Corporation 2009
IBM Power Systems
Validating the user environment
• pwdck verifies the validity of local authentication information:
– pwdck {-n|-p|-t|-y} {ALL | username }
– Verifies that /etc/passwd and /etc/security/passwd are consistentwith each other and with /etc/security/login.cfg and /etc/security/user
• usrck verifies the validity of a user definition:
– usrck {-l|-b|-n|-p|-t|-y} {ALL | username }
– Checks each user name in /etc/passwd, /etc/security/user , /etc/security/limits and /etc/security/passwd
– Checks are made to ensure that each has an entry in /etc/group and /etc/security/group.
• grpck verifies the validity of a group:
– grpck {-n|-p|-t|-y} {ALL | groupname }
– Verifies that the files /etc/passwd, /etc/security/user , /etc/groupand /etc/security/group are consistent
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 481/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 12. Security and user administration 12-77
5.2
empty Options for pwdck, usrck, and grpck commands
All the options for pwdck, usrck, and grpck are as follows:
-n Reports errors but does not fix them
-p Fixes errors but does not report them
-t Reports errors and asks if they should be fixed
-y Fixes errors and reports them
Additional options for usrck, are as follows:
-b Reports users who are not able to access the system and the reasons, with the
reasons displayed in a bit-mask format
-l Scans all users or the users specified by the User parameter to determine if theusers can access the system
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 482/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
12-78 AIX installation © Copyright IBM Corp. 2009
Figure 12-48. Documenting security policy and setup AN121.1
Notes:
Planning user and group administration
Plan and organize your user and group administration. Every user does not need their own
group. Good planning up front reduces any reorganizing of users and groups later on.
Use of the sticky bit
Always protect your shared directories by setting the sticky bit. Then users will not removeeach other’s files accidentally, or intentionally.
© Copyright IBM Corporation 2009
IBM Power Systems
Documenting security policy and setup
• Identify the different types of users and what data they willneed to access.
– Consider using enhanced RBAC with AIX 6.1 to perform systemadministration tasks (as opposed to using root).
• Organize groups around the type of work that is to be done.
• Organize ownership of data to fit with the group structure.
• Set SVTX on shared directories.
• Note: Further topics, such as LDAP, SSH,
trusted execution, encrypted filesystems, aixpert,RBAC (detailed), and IPSec, are covered in the
AIX Security course: AU47GSecurity
Policy andSetup
SecurityPolicy and
Setup
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 483/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 12. Security and user administration 12-79
5.2
empty
Figure 12-49. Checkpoint AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Checkpoint
1. If an ordinary user forgets their password, can the system
administrator find out by querying the system as to what theuser's password was set to? ______
Why or why not? _______________________________________
2. True or False: An asterisk “mary:*:” in the second field of the/etc/passwd file, means there is a vaild password set in theshadow password file for user mary.
3. Password restrictions are set in which of the following files?/etc/passwd/etc/security/passwd/etc/security/restrictions/etc/security/user
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 484/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
12-80 AIX installation © Copyright IBM Corp. 2009
Figure 12-50. Topic summary AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Topic summary
Having completed this topic, you should be able to:
• Identify and understand key security files• Understand how to validate the user environment• Document the system security policy and set-up
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 485/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 12. Security and user administration 12-81
5.2
empty
Figure 12-51. Exercise 12 AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Exercise 12
Security and useradministration
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 486/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
12-82 AIX installation © Copyright IBM Corp. 2009
Figure 12-52. Unit summary AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Unit summary
Having completed this unit, you should be able to:
• Define the concepts of users and groups, and explain how andwhen these should be allocated on the system
• Describe ways of controlling root access on the system
• Explain the uses of SUID, SGID, and SVTX permission bits
• Administer user accounts and groups
• Understand the basic concepts and implementation of RBAC
• Identify the data files associated with users and security
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 487/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 13. Scheduling 13-1
5.2
empty Unit 13. Scheduling
What this unit is about
This unit describes how jobs can be scheduled on the system.
What you should be able to do
After completing this unit, you should be able to:
• Understand the role of the cron daemon
• Use crontab files to schedule jobs on a periodic basis• Use the at command to schedule a job or series of jobs at some
time in the future
• Use the batch command to schedule jobs in a queue, to alleviate
immediate system demand
How you will check your progress
Accountability:
• Checkpoint questions
• Exercise
References
Online AIX 6.1 Commands Reference
AIX 6.1 Files Reference
AIX Version 6.1 Operating system and device
management
Note: References listed as “Online” above are available at thefollowing address:
http://publib.boulder.ibm.com/infocenter/systems/index.jsp
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 488/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
13-2 AIX installation © Copyright IBM Corp. 2009
Figure 13-1. Unit objectives AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Unit objectives
After completing this unit, you should be able to:
• Understand the role of the cron daemon
• Use crontab files to schedule jobs on a periodic basis
• Use the at command to schedule a job or series of jobs at
some time in the future
• Use the batch command to schedule jobs in a queue to
alleviate immediate system demand
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 489/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 13. Scheduling 13-3
5.2
empty
Figure 13-2. The cron daemon AN121.1
Notes:
Function of the cron daemon
The system process that enables batch jobs to be executed on a timed basis, is the
cron daemon. Many people rely on cron to execute jobs. Jobs are submitted to the
cron daemon in a number of different ways:
• The at and batch facilities are used to submit a job for one-time execution.
• crontab files are used to execute jobs periodically - hourly, daily, weekly.
Starting of cron
The cron process is usually started at system startup by /etc/inittab. It runs constantlyas a daemon. If killed, it is automatically restarted.
© Copyright IBM Corporation 2009
IBM Power Systems
The cron daemon
• Responsible for running scheduled jobs
• Starts:
– crontab command events
(regularly scheduled jobs)
– at command events
(one time only execution at specified time)
– batch command events(run when CPU load is low)
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 490/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
13-4 AIX installation © Copyright IBM Corp. 2009
Changing how cron event types are handled
The /var/adm/cron/queuedefs file defines how the system handles different cron
daemon event types. The file specifies the maximum number of processes per eventtype to schedule at one time, the nice value of the event type, and how long to wait
before retrying to execute a process. This file is empty as shipped, but can be modifiedto change how the cron daemon handles each event type.
For example, by default, crontab events are inspected every 60 seconds, run at a nice
value of 2 higher than the default, and there may be up to 100 executingsimultaneously.
This may be changed by modifying the /var/adm/cron/queuedefs file.
For example, if crontab jobs were to run at a nice value of 10 higher than the default,
with files inspected every two minutes, and with up to 200 jobs allowed, then thefollowing entry should be made to the file:
c.200j10n120w
| | | || | | wait period (in seconds)
| | |
| | nice value
| |
| jobs
|
cron
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 491/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 13. Scheduling 13-5
5.2
empty
Figure 13-3. crontab files AN121.1
Notes:
Scheduling a job
The cron daemon starts processes at specified times. It can be used to run regularlyscheduled jobs using files in the /var/spool/cron/crontabs directory, or it can be used
to schedule a command for one-time-only execution using the at command.
The /var/adm/cron/cron.deny file
All users by default have the privilege to set up scheduled jobs to be monitored by cron.This is because the file /var/adm/cron/cron.deny, which denies privileges to users,
exists and is empty. As the administrator, you can restrict access to cron by adding usernames to this text file.
© Copyright IBM Corporation 2009
IBM Power Systems
crontab files
• Used to start regularly occurring jobs
• Schedule is defined in:
/var/spool/cron/crontabs/$USER
• Files to control crontab privileges of users:
– /var/adm/cron/cron.deny lists users who cannot usecrontab
– /var/adm/cron/cron.allow lists users who can usecrontab
• An empty cron.deny exists by default.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 492/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
13-6 AIX installation © Copyright IBM Corp. 2009
The /var/adm/cron/cron.allow file
Another file that also restricts users’ privileges, is /var/adm/cron/cron.allow. To use
this file, you should remove the cron.deny file and create the cron.allow file to list theusers that are allowed to use cron. If cron.allow exists and is empty, no user is able to
use cron, that includes root. If both cron.allow and cron.deny exist, then cron.allow is the file that is used. If neither cron.allow nor cron.deny exists, then only root can
use cron.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 493/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 13. Scheduling 13-7
5.2
empty
Figure 13-4. Format of a crontab file AN121.1
Notes:
Viewing a crontab file
Each user can view their crontab file by using the command crontab -l.
The user’s crontab file contains the schedule of jobs to be run on behalf of that user.There is a separate crontab file for each user of the crontab facility. This file is located
in /var/spool/cron/crontab/$USER.
© Copyright IBM Corporation 2009
IBM Power Systems
Format of a crontab file
To view current crontab:
# crontab -l
...
#0 3 * * * /usr/sbin/skulker
#45 2 * * 0 /usr/lib/spell/compress
#45 23 * * * ulimit 5000; /usr/lib/smdemon.cleanu > /dev/null0 11 * * * /usr/bin/errclear -d S,O 30
0 12 * * * /usr/bin/errclear -d H 90
0 15 * * * /usr/lib/ras/dumpcheck >/dev/null 2>&1
0,30,45 * * * * /usr/sbin/dumpctrl -k >/dev/null 2>/dev/null
...
...
#0 3 * * * /usr/sbin/skulker
#45 2 * * 0 /usr/lib/spell/compress
#45 23 * * * ulimit 5000; /usr/lib/smdemon.cleanu > /dev/null0 11 * * * /usr/bin/errclear -d S,O 30
0 12 * * * /usr/bin/errclear -d H 90
0 15 * * * /usr/lib/ras/dumpcheck >/dev/null 2>&1
0,30,45 * * * * /usr/sbin/dumpctrl -k >/dev/null 2>/dev/null
...
Format of entries:
minute hour date-of-month month day-of-week command
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 494/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
13-8 AIX installation © Copyright IBM Corp. 2009
Format of crontab file entries
The format for the lines in this file is as follows:
minute (0-59)
hour (0-23)
date of the month (1-31)
month of the year (1-12)day of the week (0-6, where 0=Sunday, 1=Monday, and so forth)
command
Fields are separated by spaces or tabs. To indicate a field is always true, use anasterisk (*). To indicate multiple values in a field, use a comma (,). A range can also be
specified by using a hyphen (-).
Examples of crontab entries
Here are some examples of crontab entries:
• To start the backup command at midnight, Monday through Friday:
0 0 * * 1-5 /usr/sbin/backup -0 -u -q -f /dev/rmt0
• To execute a command called script1 every 15 minutes between 8 a.m. and 5 p.m.,
Monday through Friday:
0,15,30,45 8-17 * * 1-5 /home/team01/script1
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 495/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 13. Scheduling 13-9
5.2
empty
Figure 13-5. Editing a crontab file AN121.1
Notes:
Creating or updating a crontab file
To schedule a job, you must create a crontab file. The cron daemon keeps the
crontab files in memory, so you cannot update the crontab entries by just modifying
the file on disk.
Using crontab -e to edit the crontab file
To edit the crontab file, one method is to use crontab -e. This opens your crontab filewith the editor set with the EDITOR variable. Edit the file as you normally would any file.
When the file is saved, the cron daemon is automatically refreshed.
© Copyright IBM Corporation 2009
IBM Power Systems
Editing a crontab file
• One way to edit a crontab file:
• A safer method:
# crontab -e# crontab -e
# crontab -l > /tmp/crontmp
# vi /tmp/crontmp
# crontab /tmp/crontmp
# crontab -l > /tmp/crontmp
# vi /tmp/crontmp
# crontab /tmp/crontmp
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 496/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
13-10 AIX installation © Copyright IBM Corp. 2009
Another method of updating your crontab file
The crontab -l command always shows the crontab file that cron is using on your
behalf. Another method to update the file is to use the command crontab -l >
mycronfile. This command creates a copy of the current crontab file and enables you
to safely edit the mycronfile file without affecting the current crontab file. To submityour changes, use the command: crontab mycronfile. The content of the mycronfile
file replaces the content of your file in the crontab directory, and refreshes the cron daemon, all at once. Now, you also have a backup of the crontab file in mycronfile.
Removing your crontab file
Use the command crontab -r if you would like to remove your current crontab file.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 497/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 13. Scheduling 13-11
5.2
empty
Figure 13-6. The at and batch commands AN121.1
Notes:
Use of the at command
The at command submits a job for cron to run once, rather than on a recurring basis, ata specified time. It reads the commands to execute from standard input. The at
command mails you all output from standard output and standard error for thescheduled commands, unless you redirect that output.
Examples of keywords or parameters that can be used with at are: noon, midnight, am,
pm, A for am, P for pm, N for noon, M for midnight, today, tomorrow.
The time can be specified as an absolute time or date (for example, 5 pm Friday), orrelative to now (for example, now + 1 minute).
The Bourne shell is used by default to process the commands. If -c is specified the C
shell is run, and if -k is specified the Korn shell is run. If you specify the -m option, at sends you mail to say that the job is complete.
© Copyright IBM Corporation 2009
IBM Power Systems
The at and batch commands
• The at command submits a uniquely occurring job to be run
by cron at a specified time.
• The batch command submits a job to be run when the
processor load is sufficiently low.
# at 5 pm Friday
banner hello > /dev/pts/0
<ctrl-d>
job user.time.a will be run at date
# for hosts in lpar50 lpar51 lpar52
do
rsh $host "echo '<<EOF nohup shutdown -Fr' | at now "
done
# at 5 pm Friday
banner hello > /dev/pts/0
<ctrl-d>
job user.time.a will be run at date
# for hosts in lpar50 lpar51 lpar52
do
rsh $host "echo '<<EOF nohup shutdown -Fr' | at now "
done
# batch
banner hello world > /dev/pts/0
<ctrl-d>
# batch
banner hello world > /dev/pts/0
<ctrl-d>
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 498/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
13-12 AIX installation © Copyright IBM Corp. 2009
Controlling use of at
The at command can only be used by root unless one of the following files exists:
• /var/adm/cron/at.deny
If this file exists, anybody can use at, except those listed in it. An empty at.deny file
exists by default. Therefore, all users can use at by default.
• /var/adm/cron/at.allow
If this file exists, only users listed in it can use at (root included).
Use of the batch command
The batch command submits a job to be run when the processor load is sufficiently low.
Like the at command, the batch command reads the commands to be run from
standard input and mails you all output from standard output and standard error for thescheduled commands, unless you redirect that output.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 499/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 13. Scheduling 13-13
5.2
empty
Figure 13-7. Controlling at jobs AN121.1
Notes:
Listing at jobs
To list at jobs use the at -l command or the atq command. The root user can look atanother user's at jobs by using the command atq <user >.
Removing at jobs
To cancel anat
job, useat -r
oratrm
followed by the job number. Use the commandatrm - and place nothing after the hyphen (-), to cancel all of your jobs. The root usercan cancel all jobs for another user, using atrm <user >.
© Copyright IBM Corporation 2009
IBM Power Systems
Controlling at jobs
• To list at jobs:at -l [user ]
atq [user ]
• To cancel an at job:
at -r job
atrm [job | user ]
• To cancel all your at jobs:
atrm -
# at –l
root.1118077769.a Mon Jun 6 10:09:29 2007
root.1118078393.a Mon Jun 6 10:19:53 2007
test2.1118079063.a Mon Jun 6 10:31:03 2007
# at –l
root.1118077769.a Mon Jun 6 10:09:29 2007
root.1118078393.a Mon Jun 6 10:19:53 2007
test2.1118079063.a Mon Jun 6 10:31:03 2007
# at -r test2.1118079063.a
at file: test2.1118079063.a deleted
# at -r test2.1118079063.a
at file: test2.1118079063.a deleted
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 500/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
13-14 AIX installation © Copyright IBM Corp. 2009
Figure 13-8. Documenting scheduling AN121.1
Notes:
Overview
It is important to have correct, up-to-date information regarding your system, in case ofan unexpected system failure.
Maintain as much documentation as possible about all aspects of the system by
following the recommendations we have given throughout the course.
© Copyright IBM Corporation 2009
IBM Power Systems
Documenting scheduling
• Have a copy of each user's crontab file
• Have a copy of the /etc/inittab file
Scheduling Records
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 501/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 13. Scheduling 13-15
5.2
empty
Figure 13-9. Checkpoint AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Checkpoint
1. True or False: The at.allow and at.deny files must be used to
specify which users are allowed and denied use of the atcommand.
2. Give a crontab entry that would specify that a job should runevery Thursday at 10 past and 30 minutes past every hour. _____________________________________________
3. How would you schedule a script named myscript, to run 10
minutes from now? _____________________________________________ _____________________________________________ _____________________________________________ _____________________________________________
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 502/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
13-16 AIX installation © Copyright IBM Corp. 2009
Figure 13-10. Exercise 13 AN121.1
Notes:
Introduction
This lab gives you the opportunity to schedule jobs using both at and crontab.
The exercise can be found in your Student Exercises Guide .
© Copyright IBM Corporation 2009
IBM Power Systems
Exercise 13
Scheduling
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 503/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 13. Scheduling 13-17
5.2
empty
Figure 13-11. Unit summary AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Unit summary
Having completed this unit, you should be able to:
• Understand the role of the cron daemon
• Use crontab files to schedule jobs on a periodicbasis
• Use the at command to schedule a job or series of
jobs at some time in the future
• Use the batch command to schedule jobs in a
queue to alleviate immediate system demand
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 504/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
13-18 AIX installation © Copyright IBM Corp. 2009
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 505/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 14. TCP/IP networking 14-1
5.2
empty Unit 14.TCP/IP networking
What this unit is about
This unit describes the essential TCP/IP and networking concepts
required in order to work with and configure TCP/IP in AIX.
What you should be able to do
After completing this unit, you should be able to:
• Define TCP/IP layering terminology • Describe the TCP/IP startup flow on AIX
• Configure Virtual LANs
• Describe IP addressing
• Configure TCP/IP basic functions on AIX • Explain how Ports and Sockets are used • Use standard TCP/IP facilities
• Configure NFS • Set up VNC
How you will check your progress
Accountability:
• Checkpoint
• Machine exercises
References
Online AIX Version 6.1 Operating system and device
management
System Management Guide: Communications and
Networks
Note: References listed as “Online” above are available at thefollowing address:
http://publib.boulder.ibm.com/infocenter/systems/index.jsp
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 506/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
14-2 AIX installation © Copyright IBM Corp. 2009
Figure 14-1. Unit objectives AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Unit objectives
After completing this unit, you should be able to:• Define TCP/IP layering terminology• Describe the TCP/IP startup flow on AIX• Configure Virtual LANs• Describe IP addressing• Configure TCP/IP basic functions on AIX
– IP configuration, routing, aliasing
• Explain how Ports and Sockets are used• Use standard TCP/IP facilities to:
– Log in to another system – Transfer files – Run commands
• Configure NFS• Set up VNC
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 507/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 14. TCP/IP networking 14-3
5.2
empty
Figure 14-2. What is TCP/IP? AN121.1
Notes:
TCP/IP stands for Transmission Control Protocol/Internet Protocol. A more accurate name
is Internet Protocol Suite or IP Stack.
TCP/IP is a set of protocols or rules which define various aspects of how two computers ina network may communicate with each other. A protocol is a set of rules which describes
the mechanisms and data structures involved. Using these definitions, vendors can writesoftware to implement the protocols for particular systems.
There are many different protocols which cover the aspects of addressing hosts in the
network, data representation and encoding, message passing, interprocesscommunications, and application features, such as how to send mail or transfer files across
the network.
Where possible, the protocols are defined independently of any operating system, networkhardware, or machine architecture. In order to implement TCP/IP on a system, interface
software must be written to allow the protocols to use the available communicationshardware.
© Copyright IBM Corporation 2009
IBM Power Systems
What is TCP/IP?
- Transmission Control Protocol/Internet Protocol- Set of protocols (rules) which define how computers (hosts)
communicate on a network- Designed for Heterogeneous systems- Supports different network types- Made up of Open Standards
- Request for comments (RFCs)
- Protocol of the Internet, defined in 5 layers
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 508/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
14-4 AIX installation © Copyright IBM Corp. 2009
This means that heterogeneous environments can be created where machines fromdifferent manufacturers can be connected together, and different types of networks can be
interconnected.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 509/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 14. TCP/IP networking 14-5
5.2
empty
Figure 14-3. TCP/IP layering AN121.1
Notes:
The TCP/IP protocol suite consists of lots of different protocols, which are described in
many thousands of RFCs. Most of these protocols and RFCs are either application specific
(such as RFC 959, which describes the FTP protocol), or describe how data should betransferred over a specific architecture (such as RFC 894, which describes IP over
Ethernet). For now, it is important to understand the working and interdependency of only afew core protocols. Since these protocols are built on top of each other, where one protocol
uses another protocol to get things done, the interdependency is almost as important asunderstanding each protocol independently.
From top to bottom we find the following protocols:
• Applications use either the User Datagram Protocol (UDP) or the Transmission
Control Protocol (TCP) to transmit their data. Both TCP and UDP deliver the data to
the right process, and make use of IP to arrange delivery to the right host. Thedifference between UDP and TCP is that TCP implements a mechanism of
acknowledgements, whereby reliability can be guaranteed. UDP does not have such amechanism, making UDP less reliable.
© Copyright IBM Corporation 2009
IBM Power Systems
TCP/IP layering
Physical
TCPReliable delivery to
correct program
SNMP FTP DNS DHCP VNC
SSH SMTP NFS LDAP MAIL
IP IPsec ICMP
Application
Transport
Networkinterface
Internet
Application
Presentation
Transport
Session
Network
Physical
Data Link
OSI 7 layer
modelTCP/IP layer model
UDPUnreliable delivery to
correct program
LAN(Ethernet, FDDI, ....)
Examples:
1000Base-TX/SX/LX
IEEE 802.11x
WAN(ATM, Leased lines, ....)
Examples:
SONET
T/ E -carrier links
xDSL
Medium (connectors, cabling, distance)
- Router
- Layer 3 switch
- Firewall
- Switch
- Bridge
- NIC
- NIC
- Repeater
- Layer 7 switch
Commonnetwork
devices
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 510/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
14-6 AIX installation © Copyright IBM Corp. 2009
• The Internet layer is responsible for end-to-end (source to destination) packet deliveryincluding routing through intermediate hosts. Internet Control Message Protocol
(ICMP) messages are typically generated in response to errors in IP datagrams or fordiagnostic or routing purposes. The IPsec protocol is responsible for securing Internet
Protocol (IP) communications by authenticating and encrypting each IP packet of a datastream.
• The Network interface is the protocol layer which transfers data between hosts. Inorder to do this, a physical medium is required such as copper or fiber and hence thenetwork interface and physical layers are closely related.
Common network devices
• Repeater. A repeater is an electronic device that receives a signal and retransmits
them at a higher level, higher power or both, so that the signal can cover longerdistances without degradation. Because repeaters work with the actual physical signal,
and do not attempt to interpret the data being transmitted, they operate on the Physicallayer, the first layer of the OSI model.
• Network Interface Card (NIC). A NIC is a LAN adapter which is designed to allowcomputers to communicate over a computer network. It is both a layer 1 (physical layer)
and layer 2 (data link layer) device, as it provides physical access to a networkingmedium and provides a low-level addressing system through the use of MAC
addresses.
• Bridge. A bridge is a hardware device for linking two networks that work with the sameprotocol. Unlike a repeater, which works at the physical level, a bridge works at the
logical level (on layer 2), which means that it can filter frames so that it only lets pastdata whose destination address corresponds to a machine located on the other side of
the bridge. • Switch. A network switch is a device that connects network segments. The term
commonly refers to a network bridge that processes and routes data at the Data link
layer (layer 2) of the OSI model.
- Layer 3. Switches that additionally process data at the network layer (layer 3 andabove), are often referred to as Layer 3 switches or multi-layer switches. A layer 3
switch can perform some or all of the functions normally performed by a router.
- Layer 4. Layer 4 switches process data a the transport layer and are alwaysvendor-dependent. An example of a layer 4 switch, is a Firewall which performs
transport layer function such as: Network Address Translation (NAT), IP filtering andpacket encryption/decryption.
- Layer 7. The most advanced switches, called layer 7 switches (corresponding to the
application layer of the OSI model), can redirect data based on advancedapplication data contained in the data packets, for example, an awareness of the
type of the file being sent by FTP. For this reason, a layer 7 switch can be used forload balancing, by routing the incoming data flow to the most appropriate servers,
which have a lower load or are responding more quickly.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 511/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 14. TCP/IP networking 14-7
5.2
empty
Figure 14-4. TCP/IP start-up flow AN121.1
Notes:
TCP/IP startup is initiated from the inittab processing. /sbin/rc.boot calls cfgmgr during the
second phase processing which will in turn initialize the network interfaces and set up
routing by processing the /etc/rc.net file. TCP/IP subsystems are started from /etc/rc.tcpip script. This script can be edited directly to comment or uncomment subsystem startup. The
inetd daemon is responsible for loading network programs upon request, such as ftp, telnetetc. Once the core TCP/IP subsystems have been initialized, further TCP/IP based
applications such as NFS, NIM, HACMP, can be started.
© Copyright IBM Corporation 2009
IBM Power Systems
TCP/IP start-up flow
Run time init
Partition Activation
/sbin/rc.boot calls cfgmgr
/etc/rc.tcpip
/etc/rc.nfs
Process /etc/rc.net
Starts TCP/IP subsystemssyslogdsnmpd
sendmailportmap
Inetd /etc/inetd.conf Login
Process /etc/inittab
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 512/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
14-8 AIX installation © Copyright IBM Corp. 2009
Figure 14-5. Ethernet adapters AN121.1
Notes:
Brief history of Ethernet
The original Ethernet is called Experimental Ethernet today. It was developed by Robert
Metcalfe in 1972 (patented in 1978) and was based in part on the ALOHAnet protocol. Thefirst Ethernet that was generally used was DIX Ethernet (known as Ethernet II) and was
derived from Experimental Ethernet. Today, there are many different standards, under theumbrella of IEEE 802.3, and the technical community has accepted the term Ethernet for
all of them. Currently, under development is IEEE 802.3ba (40Gb/s and 100Gb/s Ethernet).
For further information see http://www.ieee802.org/3 Ethernet adapter support on AIX
• TX 10/100/1000Mb up to 100m using traditional copper
• SX 1000Mb up to 550m using multi-mode fiber
• LX 1000Mb up to 5km using single-mode fiber (can also run on multi-mode fiber)
• SR (short range) 10Gb up to 300m using multi-mode fiber
© Copyright IBM Corporation 2009
IBM Power Systems
Ethernet adapters
• Many types supported on AIX – Traditional copper (TX). – Single-mode and multi-mode fiber (SX, LX, SR, LR)
• Each adapter (entX) has two interfaces (enX and etX). – enX interface, uses the ‘standard DIX’ ethernet frame format
• Originally designed by Digital, Intel and Xerox
– etX interface, uses IEEE802.3 frame format, (same as DIX exceptType field is replaced by Length)
# lsdev -Cl ent0
ent0 Available 01-08 10/100/1000 Base-TX PCI-X Adapter
# lscfg -v -l ent0 |grep Network
Network Address.............001125BF9018
# lsdev -Cc if
en0 Available 01-08 Standard Ethernet Network Interface
et0 Defined 01-08 IEEE 802.3 Ethernet Network Interface
# lsdev -Cl ent0
ent0 Available 01-08 10/100/1000 Base-TX PCI-X Adapter
# lscfg -v -l ent0 |grep Network
Network Address.............001125BF9018
# lsdev -Cc if
en0 Available 01-08 Standard Ethernet Network Interface
et0 Defined 01-08 IEEE 802.3 Ethernet Network Interface
Adapter Card ent0Layer 1 and 2 physical device
Interface en0 and et0
Layer three logical devices
IP addresses areassigned to the
interfaces. In thiscase, en0.
MACAddress
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 513/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 14. TCP/IP networking 14-9
5.2
empty • LR (long range) 10Gb up to 25km using single-mode fiber
In virtually all cases, on AIX you will configure the en (DIX) interface, et interfaces are rarely(if at all) used.
Note: Fiber versus Fibre. When talking about networks and Fiber it is important to know
when to use the correct spelling. Fiber refers to the medium (wire), whereas Fibre refers tothe protocol, as in, Fibre channel.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 514/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
14-10 AIX installation © Copyright IBM Corp. 2009
Figure 14-6. Virtual LAN AN121.1
Notes:
Virtual LAN (VLAN)
VLANs are used to divide networks into smaller, more manageable chunks. This helps to
reduce the size of the broadcast domain and helps with security through isolation. IEEE802.1Q is the standard for VLANs. It aims to:
• Define an architecture to logically partition bridged LANs and provide services to
defined user groups, independent of physical location.
• Allow interoperability between multivendor equipment.
© Copyright IBM Corporation 2009
IBM Power Systems
Virtual LAN
• VLANs divide physical networks into logical networks. – To form smaller more manageable sub-networks – Provide greater flexibility – Aides performance and security through isolation – Ports in a VLAN share broadcast traffic and belong to the same
broadcast domain.
• The industry standard VLAN protocol is IEEE 802.1Q.
VLAN 1
VLAN 2
Trunk Building 2Building 1
Broadcastdomain
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 515/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 14. TCP/IP networking 14-11
5.2
empty
Figure 14-7. IEEE 802.1Q VLAN tagging (1 of 2) AN121.1
Notes:
802.1Q VLAN
In 802.1Q, the VLAN information is written into the Ethernet packet itself. Each packet
carries a VLAN ID, called a Tag . This allows VLANs to be configured across multipleswitches. Packets can leave the switch tagged or untagged, depending on the setting for
that port's VLAN membership properties. When using 802.1Q, four bytes are added to theEthernet frame, of which 12 bits are used for the VLAN ID. Theoretically, there can be up to
4096 VLANs per network.
© Copyright IBM Corporation 2009
IBM Power Systems
IEEE 802.1Q VLAN tagging (1 of 2)
• VLANs are created by assigning a VLAN ID (VID) to switchports
• By default, all switch ports are assigned a default VLAN ID,referred to as a PVID (Port VLAN ID)
• When an untagged packet enters a port it will be automaticallytagged with the port’s PVID.
• The packet can only travel to a destination port which belongsto the same VLAN group.
• Ports can belong to multiple VLAN groups.• Packets can either leave the switch port tagged or untagged.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 516/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
14-12 AIX installation © Copyright IBM Corp. 2009
Figure 14-8. IEEE 802.1Q VLAN tagging (2 of 2) AN121.1
Notes:
AIX implementation supports the IEEE 802.1Q VLAN tagging standard, with the capability
to support multiple VLAN IDs running on Ethernet adapters. Each VLAN ID is associated
with a separate Ethernet interface to the upper layers (for example, IP), which createsunique logical Ethernet adapter instances per VLAN, for example, ent1, ent2, and so on.
For example, you may only have one physical Ethernet adapter on the system, but want tocreate multiple networks.
© Copyright IBM Corporation 2009
IBM Power Systems
IEEE 802.1Q VLAN tagging (2 of 2)
ent0ent1 VLAN 1 network Aent2 VLAN 2 network Bent3 VLAN 3 network C
Network
• Packets can also be tagged by the operating system, in thiscase from AIX. – This is useful if you want to create multiple networks from a single
Ethernet adapter.
• A host tagged packets, if permitted, are unaffected by the
PVID setting.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 517/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 14. TCP/IP networking 14-13
5.2
empty
Figure 14-9. VLAN group example AN121.1
Notes:
The example in the visual shows three VLANs split across three Ethernet switches. VLANs
100 and 200 are used to segregate hosts and users from the finance and sales groups
respectively.
© Copyright IBM Corporation 2009
IBM Power Systems
VLAN group example
• VLAN 100 is used by the finance group.• VLAN 200 is used by the sales group.
Trunk LinkTrunk Link
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 518/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
14-14 AIX installation © Copyright IBM Corp. 2009
Figure 14-10. AIX VLAN tagging AN121.1
Notes:
Use smit addvlan fast path to configure VLANs. Start by selecting a base adapter, which
will be used to send the packets, and assign a VLAN tag. Optionally, you can also specify a
priority. This is used by the VLAN driver to prioritize packets if multiple VLANs are createdusing the same base adapter. You can specify a value from 0-7, where 0 is the default
priority, 1 is the highest, and then in increasing numerical order from 2 through 7.
After you have configured a VLAN, configure the IP interface (for example, en2) for
standard Ethernet.
© Copyright IBM Corporation 2009
IBM Power Systems
AIX VLAN tagging
• To assign a VLAN ID in AIX, a VLAN adapter must be created. – Go to smit addvlan, and select a base Ethernet adapter.
Available Network Adapters
Move cursor to desired item and press Enter. Use arrow keys to scroll.
ent1 Available 09-08 2-Port 10/100/1000 Base-TX PCI-X Adapter (1410890)
ent0 Available 01-08 10/100/1000 Base-TX PCI-X Adapter (14106902)
Available Network Adapters
Move cursor to desired item and press Enter. Use arrow keys to scroll.
ent1 Available 09-08 2-Port 10/100/1000 Base-TX PCI-X Adapter (1410890)
ent0 Available 01-08 10/100/1000 Base-TX PCI-X Adapter (14106902)
Add A VLAN
[Entry Fields]
VLAN Base Adapter ent1
* VLAN Tag ID [33] +#
VLAN Priority [] +#
Add A VLAN
[Entry Fields]
VLAN Base Adapter ent1
* VLAN Tag ID [33] +#
VLAN Priority [] +#
# lsdev -Cc adapter
ent0 Available 01-08 10/100/1000 Base-TX PCI-X Adapter (14106902)
ent1 Available 09-08 2-Port 10/100/1000 Base-TX PCI-X Adapter (14108902)
ent2 Available VLAN
# lsdev -Cc adapter
ent0 Available 01-08 10/100/1000 Base-TX PCI-X Adapter (14106902)
ent1 Available 09-08 2-Port 10/100/1000 Base-TX PCI-X Adapter (14108902)
ent2 Available VLAN
Packets which getsent from adapter
ent2, are senttagged (33) out of
ent1.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 519/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 14. TCP/IP networking 14-15
5.2
empty
Figure 14-11. IP and subnet addressing (1 of 2) AN121.1
Notes:
In order to be able to deliver the IP packet to the correct destination host, every host needs
an IP address. These IP addresses are 32-bit values and have to be unique. In most cases,
the IP address is not written in its binary form, but in the so-called “decimal dot” notation,where the 32 bits are grouped into four groups of eight bits each, and those eight bits are
written in decimal form, separated with dots. The subnet mask allows us to identify the twokey pieces of information in the IP address. The address of the network and the host
identification (host ID).
Several addresses and address ranges are reserved for special purposes. The mostimportant ones are listed here:
• The IP address 127.0.0.1 (in fact, the whole 127.0.0.0/8 network) is reserved for theloopback address. Hosts use the loopback address to send messages to themselves.
• Any IP address with the hostname part all zeros, such as 129.33.0.0, is reserved as an
identification for the network itself. It is not a valid IP address to be assigned to a host.
© Copyright IBM Corporation 2009
IBM Power Systems
IP and subnet addressing (1 of 2)
• Each host on a network has an assigned unique IP addressand associated subnet mask. – 32 bits, divided into four octets
– The network address = 129.33.0.0 (129.33/16) – The broadcast address = 129.33.255.255 – The first host on the network = 129.33.0.1 – The last host on the network = 129.33.255.254
• Every TCP/IP host contains a special address called theloopback which is assigned an address of 127.0.0.1.
10000001 00100001 10010111 00000111
11111111 11111111 00000000 00000000
129 . 33 . 151 . 7
255 . 255 . 0 . 0
Network identification Host identification
/16
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 520/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
14-16 AIX installation © Copyright IBM Corp. 2009
• Any IP address with the hostname part all ones, such as 129.33.255.255, is reserved asthe local broadcast address. Data sent to this address is delivered to all systems on the
local network.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 521/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 14. TCP/IP networking 14-17
5.2
empty
Figure 14-12. IP and subnet addressing (1 of 2) AN121.1
Notes:
IP addresses need to be assigned in such a way that they are unique across the whole
Internet. That is why there is a special organization that does this. This is the Internet
Assigned Number Authority, or IANA. They are responsible for assigning groups ofaddresses, called classes , to organizations. They do not do this directly, but have
contracted out that responsibility to the InterNIC (http://www.internic.net), who in turndelegates this to local ISPs.
In additional to classes A to C, there are also classes D and E. Class D addresses are
reserved for multicasting. Multicasting is a limited area type of broadcasting. There is nonetwork or host portion in a multicast address. It is an integer number registered with theInterNIC that identifies a group of machines. Class E, is for experimental use only.
Class A and B addresses contain lots of hosts, and therefore, need to be broken down into
smaller more manageable chunks. This is achieved through a process known assubnetting. On the other hand, class C addresses contain very few hosts, which can also
be subnetted into smaller chunks, but very often need to be aggregated together to formlarger networks. This is achieved through a process known as supernetting.
© Copyright IBM Corporation 2009
IBM Power Systems
IP and subnet addressing (1 of 2)
• Network addresses by default are divided into classes:
Class Default subnet mask Range No. of networks No. of hosts A 255.0.0.0 (/8) 1-127 128 16.7 millionB 255.255.0.0 (/16) 128-191 16384 65534C 255.255.255.0 (/24) 192-223 2.1 Million 254
• Network assignment is managed by the IANA (Internet Assigned Numbers Authority) through ISPs. – Network addresses are generally, either broken up and assigned to
physical networks (subnetting), or aggregated together (supernetting). – This is achieved by manipulating the subnet mask.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 522/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
14-18 AIX installation © Copyright IBM Corp. 2009
Figure 14-13. Subnetting example AN121.1
Notes:
The default subnet mask for a class B network is 255.255.0.0. This translates to one
network with ((2^16)-2) with 65534 hosts. Organizations with a class A and B address often
have hundreds, if not thousands of physical networks split across both local andgeographically dispersed locations. The only way to do this is to split the network address
into more manageable chunks. This is achieved by borrowing bits from the host ID andusing them for the network. Using seven bits from the host ID, allows for (2^7) 128 physical
networks. On each of the 128 networks, there can be ((2^9)-2) 510 hosts. We have tosubtract two from the number of hosts, because all zeros are reserved for the network and
all ones are reserved for the broadcast address.
© Copyright IBM Corporation 2009
IBM Power Systems
Subnetting example
• Company bigbucks.com has acquired the class B network address of 129.33.0.0. They need to spilt the address range so they can have up to
128 physical networks and up to 510 hosts per network.
10000001 00100001 0000000 0 00000000
11111111 11111111 1111111 0 00000000
129 . 33 . 0 . 0
255 . 255 . 254 . 0
Network identification Host identification
/23
Assigned by thisorganization to thenetwork
The number of possiblephysical (sub) networks
is:2^7 = 128.
The number of hosts pernetwork is:
(2^9)-2 = 510.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 523/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 14. TCP/IP networking 14-19
5.2
empty
Figure 14-14. Supernetting example AN121.1
Notes:
Having four class C addresses is four physical networks each with up to 254 hosts. Each
network would require a router to route packets between them. Supernetting is the
opposite to subnetting and borrows bits from the network portion of the IP address. In theexample, we have borrowed two bits, changing the subnet mask from 255.255.255.0 to
255.255.252.0. The result is that networks 222.180.109, 110 and 111 have become part ofthe 222.180.108 network. The 222.180.108 network can have up to ((2^10)-2) 1022 hosts.
© Copyright IBM Corporation 2009
IBM Power Systems
Supernetting example
• Company losechange.com has acquired four class C networkaddresses: 222.180.108.0 through to 222.180.111.0. However, they
would like to aggregate these networks together to form one globalnetwork.
11111100 10110100 011011 00 00000000
11111111 11111111 111111 00 00000000
222 . 180 . 108 . 0
255 . 255 . 252 . 0
Network identificationHost identification
/22
One class C networkNetwork address =
222.180.108.0/22The number of hosts
(2^10)-2 = 1022
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 524/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
14-20 AIX installation © Copyright IBM Corp. 2009
Figure 14-15. How is TCP/IP configured on AIX? (1 of 2) AN121.1
Notes:
AIX provides a very quick and easy configuration SMIT panel for configuring TCP/IP on the
system. The essential items you will require are:
• Hostname of the machine
• IP address and network mask
• Interface to be configured
Desirable items are:
• Default Gateway for the environment
• DNS parameters (namserver and domain name)This information populates the /etc/resolv.conf file, as follows:
nameserver 10.47.1.33domain lpar.co.uk
Cable type is generally not required and can be left as N/A. Start now will refresh or start,
the TCP/IP subsystems. Note: they should already be running!
© Copyright IBM Corporation 2009
IBM Power Systems
How is TCP/IP configured on AIX? (1 of 2)
• There are many ways. However, in most cases you start withsmit mktcpip.
Minimum Configuration & Startup
To Delete existing configuration data, please use Further Configuration menus
Type or select values in entry fields.
Press Enter AFTER making all desired changes.
[Entry Fields]
* HOSTNAME [waldorf]
* Internet ADDRESS (dotted decimal) [10.47.1.18]
Network MASK (dotted decimal) [255.255.0.0]
* Network INTERFACE en0
NAMESERVERInternet ADDRESS (dotted decimal) [10.47.1.33]
DOMAIN Name [lpar.co.uk]
Default Gateway
Address (dotted decimal or symbolic name) [10.47.0.1]
Cost [0] #
Do Active Dead Gateway Detection? no +
Your CABLE Type N/A +
START Now no +
Minimum Configuration & Startup
To Delete existing configuration data, please use Further Configuration menus
Type or select values in entry fields.
Press Enter AFTER making all desired changes.
[Entry Fields]
* HOSTNAME [waldorf]
* Internet ADDRESS (dotted decimal) [10.47.1.18]
Network MASK (dotted decimal) [255.255.0.0]
* Network INTERFACE en0
NAMESERVER
Internet ADDRESS (dotted decimal) [10.47.1.33]DOMAIN Name [lpar.co.uk]
Default Gateway
Address (dotted decimal or symbolic name) [10.47.0.1]
Cost [0] #
Do Active Dead Gateway Detection? no +
Your CABLE Type N/A +
START Now no +
A one stop shop forTCP/IP config on
AIX.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 525/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 14. TCP/IP networking 14-21
5.2
empty
Figure 14-16. How is TCP/IP configured on AIX? (2 of 2) AN121.1
Notes:
If SMIT is being used to configure further interfaces, then the fastpath smit chinet should be
used. All fields are optional, but essential items are:
• IP address and network mask
• Interface to be configured
• State of the interface, default is DOWN – so do not forget to switch this to UP – this is avery common configuration error.
The network specific options are beyond the scope of this class.
© Copyright IBM Corporation 2009
IBM Power Systems
How is TCP/IP configured on AIX? (2 of 2)
• smit tcpip should only be used for the first adapter. In a multi-homed host, subsequent adapters should be configured withsmit chinet.
Change / Show a Standard Ethernet Interface
[Entry Fields]
Network Interface Name en1
INTERNET ADDRESS (dotted decimal) [192.168.0.1]
Network MASK (hexadecimal or dotted decimal) [255.255.255.0]
Current STATE up +
Use Address Resolution Protocol (ARP)? yes +
BROADCAST ADDRESS (dotted decimal) []
Interface Specific Network Options('NULL' will unset the option)
rfc1323 []
tcp_mssdflt []
tcp_nodelay []
tcp_recvspace []
tcp_sendspace []
Apply change to DATABASE only no +
Change / Show a Standard Ethernet Interface
[Entry Fields]
Network Interface Name en1
INTERNET ADDRESS (dotted decimal) [192.168.0.1]
Network MASK (hexadecimal or dotted decimal) [255.255.255.0]
Current STATE up +
Use Address Resolution Protocol (ARP)? yes +
BROADCAST ADDRESS (dotted decimal) []
Interface Specific Network Options
('NULL' will unset the option)
rfc1323 []
tcp_mssdflt []
tcp_nodelay []
tcp_recvspace []
tcp_sendspace []
Apply change to DATABASE only no +
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 526/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
14-22 AIX installation © Copyright IBM Corp. 2009
Figure 14-17. Command line TCP/IP configuration AN121.1
Notes:
As well as SMIT, TCP/IP configuration can be driven from the command line. There are two
ways to handle this:
• The AIX way, in which configuration is stored in the AIX internal database (ODM). Thisway, the configuration remains after shutdown/restart.
• The traditional BSD UNIX way. This way configuration does not survive restarts unless
the commands are entered into the /etc/rc.net file.
The /etc/rc.net file is executed by cfgmgr during system boot. The /etc/rc.net fileconfigures AIX style configuration and optionally traditional BSD UNIX configuration. If only
traditional BSD style networking is required, then the following command can be run: #
chdev -l inet0 -a bootup_option=yes. Doing this, causes AIX to process the
/etc/rc.bsdnet instead of rc.net file at boot time. Commands such as hostname, ifconfig,route etc should be appended to /etc/rc.bsdnet as appropriate.
© Copyright IBM Corporation 2009
IBM Power Systems
Command line TCP/IP configuration
• There are two ways to configure network resources: – AIX ODM (chdev or SMIT) – Directly, using BSD UNIX commands: hostname, ifconfig, route
(valid until reboot)
• Setting the hostname – ODM: # chdev –l inet0 –a hostname=sys1
– Directly: # hostname sys1
• Adding an IP address to an adapter – ODM: # chdev -l en0 -a netaddr=192.168.0.1 –a \
netmask=255.255.255.0 -a state=up
– Directly: # ifconfig en0 192.168.0.1 255.255.255.0 up• If the direct method is used, place the commands at the end
of: – /etc/rc.net
or – /etc/bsdnet (if inet0 bootup_option=yes)
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 527/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 14. TCP/IP networking 14-23
5.2
empty
Figure 14-18. Verifying network interfaces AN121.1
Notes:
The netstat –i command shows the state of all configured interfaces. The –n flag shows
network addresses as numbers. When this flag is not specified, the netstat command
interprets addresses, where possible, and displays them symbolically.
The ifconfig –a command is used to display information about all interfaces in the system.
The key flags are UP and RUNNING, which show the interface is available and active.
© Copyright IBM Corporation 2009
IBM Power Systems
Verifying network interfaces
• netstat
• ifconfig
# netstat -inName Mtu Network Address ZoneID Ipkts Ierrs Opkts Oerrs Coll
en0 1500 link#2 ea.48.f0.0.b0.3 3359653 0 238778 0 0
en0 1500 10.47 10.47.1.23 3359653 0 238778 0 0
lo0 16896 link#1 1201 0 1214 0 0
lo0 16896 127 localhost 1201 0 1214 0 0
lo0 16896 ::1 0 1201 0 1214 0 0
# netstat -in
Name Mtu Network Address ZoneID Ipkts Ierrs Opkts Oerrs Coll
en0 1500 link#2 ea.48.f0.0.b0.3 3359653 0 238778 0 0
en0 1500 10.47 10.47.1.23 3359653 0 238778 0 0
lo0 16896 link#1 1201 0 1214 0 0
lo0 16896 127 localhost 1201 0 1214 0 0
lo0 16896 ::1 0 1201 0 1214 0 0
# ifconfig -a
en0:flags=1e080863,480<UP,BROADCAST,NOTRAILERS,RUNNING,SIMPLEX,MULTICAST,GROUPRT,64BIT,CHECK
SUM_OFFLOAD(ACTIVE),CHAIN>
inet 10.47.1.23 netmask 0xffff0000 broadcast 10.47.255.255
tcp_sendspace 262144 tcp_recvspace 262144 rfc1323 1
lo0: flags=e08084b<UP,BROADCAST,LOOPBACK,RUNNING,SIMPLEX,MULTICAST,GROUPRT,64BIT>
inet 127.0.0.1 netmask 0xff000000 broadcast 127.255.255.255
inet6 ::1/0
tcp_sendspace 131072 tcp_recvspace 131072 rfc1323 1
# ifconfig -a
en0: flags=1e080863,480<UP,BROADCAST,NOTRAILERS,RUNNING,SIMPLEX,MULTICAST,GROUPRT,64BIT,CHECK
SUM_OFFLOAD(ACTIVE),CHAIN>
inet 10.47.1.23 netmask 0xffff0000 broadcast 10.47.255.255
tcp_sendspace 262144 tcp_recvspace 262144 rfc1323 1
lo0: flags=e08084b<UP,BROADCAST,LOOPBACK,RUNNING,SIMPLEX,MULTICAST,GROUPRT,64BIT>
inet 127.0.0.1 netmask 0xff000000 broadcast 127.255.255.255
inet6 ::1/0
tcp_sendspace 131072 tcp_recvspace 131072 rfc1323 1
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 528/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
14-24 AIX installation © Copyright IBM Corp. 2009
Figure 14-19. Name resolution AN121.1
Notes:
Systems use different methods for mapping host names to IP addresses. The method
depends upon the environment in which a system is going to participate.
• Flat Network: This method provides name resolution through the file /etc/hosts andworks well in small, stable environments.
• DNS (Domain Name Server): DNS is a system that allows name and IP lookups, in atree like database structure. It was created due to the growth of the Internet and
designed for large networks.
• NIS Server (Network Information System): This method provides a centralized serverfor administration of configuration, and other files, within a LAN environment.
• LDAP Server (Lightweight Directory Access Protocol): LDAP is an application protocol
for querying and modifying directory services running over TCP/IP. Tivoli DirectoryServer (TDS) is IBM's version of an LDAP server
© Copyright IBM Corporation 2009
IBM Power Systems
Name resolution
• Name resolution can be achieved through severalmechanisms: local hosts file, DNS, NIS, and LDAP.
• Local /etc/hosts file:
• The default name resolution order is: – bind (DNS), NIS=auth, local
• To change the default order to local then bind: – Append to /etc/netsvc.conf
• hosts = local, bind
– Set environment variable NSORDER in /etc/environment• NSORDER=local,bind• Change is effective at next login or process start• NSORDER overrides /etc/netsvc.conf
127.0.0.1 loopback localhost
10.10.1.1 system1 nimserver
10.10.1.2 system2
10.10.1.3 system3
127.0.0.1 loopback localhost
10.10.1.1 system1 nimserver
10.10.1.2 system2
10.10.1.3 system3
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 529/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 14. TCP/IP networking 14-25
5.2
empty Default Name resolution
The existence of /etc/resolv.conf determines how a system resolves hostnames and IPaddresses within a domain or flat network.
• If /etc/resolv.conf exists, then the system will attempt to query a DNS server.
• If /etc/resolv.conf does not exist, the system will check to see if NIS is being used and
if the server is available. NIS is authoritative. This means, that if the NIS clientsubsystem is running, and it is not successful in obtaining an answer, then the processstops.
• Finally, the local /etc/hosts file is checked.
Overriding the default name resolution
The default Name resolution can be overwritten in two ways:
• Append to the /etc/netsvc.conf file and specify host ordering. Use the hosts attribute
followed by the name of the resource to use. The resources listed depend on whatname resolution processes are running on the network.
• Create an environment variable NSORDER. NSORDER overrides any name resolution
specified in the /etc/netsvc.conf file.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 530/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
14-26 AIX installation © Copyright IBM Corp. 2009
Figure 14-20. Routing implementation (1 of 2) AN121.1
Notes:
A route does not define the complete path. It defines only the path segment from one host
to a gateway that can forward packets to a destination, or from one gateway to another.
Routes are defined in the kernel routing table. Each routing table entry has twocomponents:
• Destination address, where you want to end up
• Gateway address, where the packet gets sent on its way to its final destination
TCP/IP searches the route table for a best match on the destination in the following order:
• A host route. defines a route to a specific host. The routing IP algorithm still sees ahost address as a network; it is simply a perfect match.
• A network route. defines a route to any of the hosts on a specific network through a
gateway.
• A default route. defines a route to use when the destination did not match any host
route or network specific route. In most hosts, the only type of route the administratorneeds to define is a default route, also known as the default gateway.
© Copyright IBM Corporation 2009
IBM Power Systems
Routing implementation (1 of 2)
9.19.99.17
sys17
sys13
sys11
sys11e
9.19.99.13
9.19.99.20
9.19.98.11
9.19.99.11
sys1
sys5
sys10
9.19.98.1
9.19.98.5
9.19.98.10
destinationaddress
deliver viagateway
9.19.98.1 9.19.99.11
9.19.98/24 9.19.99.11
default 9.19.99.20
sys20
sys20e
Internet
152.64.10.1
default router
subnet mask
255.255.0.0
(/16)
subnet mask
255.255.255.0(/24)
Host Route
Network Route
Default Route
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 531/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 14. TCP/IP networking 14-27
5.2
empty Hosts should not forward IP datagrams unless specifically configured as a router. MostBSD-derived implementations (AIX) include a kernel variable called ipforwarding, which is
used to control this behavior. The no command is used to view or change the value ofipforwarding.
To change it: # no -o ipforwarding=<value>
The values are: ipforwarding=0 (do not forward), ipforwarding=1 (do forward).
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 532/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
14-28 AIX installation © Copyright IBM Corp. 2009
Figure 14-21. Routing implementation (2 of 2) AN121.1
Notes:
Routes can also be manipulated through SMIT (smit route). See the route man page for
further details.
© Copyright IBM Corporation 2009
IBM Power Systems
Routing implementation (2 of 2)
• Route syntax: route [add/delete/change] [destination] [gateway] – Add a default gateway
– Add a host or network route
– Delete a host route
– Empty or flush the routing table
– Configure an AIX host as a router
# route add 0 9.19.99.20# route add 0 9.19.99.20
# route add 9.19.98.1 9.19.99.11
# route add –net 9.19.98 9.19.99.11
# route add 9.19.98.1 9.19.99.11
# route add –net 9.19.98 9.19.99.11
# route delete 9.19.98.1 9.19.99.11# route delete 9.19.98.1 9.19.99.11
# route -f# route -f
# no –o ipforwarding=1# no –o ipforwarding=1
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 533/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 14. TCP/IP networking 14-29
5.2
empty
Figure 14-22. Multipath routing AN121.1
Notes:
From AIX5L, multiple routes can be configured to the same destination. This configuration
is known as multipath routing (MPR). MPR allows us to load balance between gateways or
prioritize paths using the weight option. MPR also allows us to do Dead Gateway Detection(DGD). This enables the system to dynamically change the weight on a route if a router has
failed. There are two methods of DGD, active and passive. The passive mode has lessoverhead on the network, but can be slow to respond to an outage. Active has more
overhead on the network but is more responsive to an outage, because icmp (ping)packets are used to periodically poll/detect if a router is up or down. Active DGD is
deployed by using the –active_dgd option on the route command.
The default MPR policy is Weighted Round-Robin which will load balance by default. This
is defined by the network option mpr_policy. There are 5 policies to choose from:
• Weighted Round-Robin (1): Based on user-configured weights assigned to the multipleroutes, through the route command, round-robin is applied. If no weights are
configured, then it behaves identical to plain round-robin.
• Random (2): Chooses a route at random.
© Copyright IBM Corporation 2009
IBM Power Systems
Multipath routing
• AIX will allow you to add multiple routes to the samedestination. It is known as MPR (multipath routing). – This is for load balancing and high availability.
# route add 0 10.47.0.1 weight 1 –active_dgd
# route add 0 10.47.0.254 weight 10 –active_dgd
# route add 0 10.47.0.1 –weight 1 –active_dgd
# route add 0 10.47.0.254 –weight 1 –active_dgd
Default Router110.47.0.1
Default Router210.47.0.254
Host10.47.1.18
Primary
Backup
Default Router110.47.0.1
Default Router210.47.0.254
Host10.47.1.18
Primary
Primary
1
1
2
2
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 534/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
14-30 AIX installation © Copyright IBM Corp. 2009
• Weighted Random (3): Chooses a route based on user-configured weights and arandomization routine. The policy adds up the weights of all the routes and picks a
random number between zero and the total weight. Each of the individual weights areremoved from the total weight, until this number is zero. This picks a route in the range
of the total number of routes available.
• Lowest Utilization (4): Chooses a route with the minimum number of current
connections going through it.
• Hash-based (5): A hash-based algorithm chooses a route by hashing based on the
destination IP address.
To change the MPR policy type: # no –o mpr_policy=<number>
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 535/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 14. TCP/IP networking 14-31
5.2
empty
Figure 14-23. Additional configuration, IP aliasing AN121.1
Notes:
IP aliasing is used widely in clustering technologies (such as HACMP), and in WPARs. It is
very useful if the network is being transitioned to another IP subnet or network range.
© Copyright IBM Corporation 2009
IBM Power Systems
Additional configuration, IP aliasing
• IP aliasing is a popular function which allows multiple IPaddresses to be assigned to a single IP interface.
• This technology is popular with clustering technologies, suchas PowerHA (HACMP).
# netstat -in -I en1 | grep –v link
Name Mtu Network Address ZoneID Ipkts Ierrs Opkts Oerrs
en1 1500 192.168.0 192.168.0.1 0 0 6 0
# ifconfig en1 alias 172.31.0.1 255.255.0.0
# ifconfig en1 alias 10.47.33.33 255.255.0.0
# netstat -in -I en1 | grep –v link
Name Mtu Network Address ZoneID Ipkts Ierrs Opkts Oerrs
en1 1500 192.168.0 192.168.0.1 0 0 7 0
en1 1500 172.31 172.31.0.1 0 0 7 0
en1 1500 10 10.47.33.33 0 0 8 0
# netstat -in -I en1 | grep –v link
Name Mtu Network Address ZoneID Ipkts Ierrs Opkts Oerrs
en1 1500 192.168.0 192.168.0.1 0 0 6 0
# ifconfig en1 alias 172.31.0.1 255.255.0.0
# ifconfig en1 alias 10.47.33.33 255.255.0.0
# netstat -in -I en1 | grep –v link
Name Mtu Network Address ZoneID Ipkts Ierrs Opkts Oerrs
en1 1500 192.168.0 192.168.0.1 0 0 7 0
en1 1500 172.31 172.31.0.1 0 0 7 0
en1 1500 10 10.47.33.33 0 0 8 0
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 536/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
14-32 AIX installation © Copyright IBM Corp. 2009
Figure 14-24. Testing for remote connectivity AN121.1
Notes:
The ping command sends an ICMP ECHO_REQUEST to obtain an ICMP
ECHO_RESPONSE from a host or router. If the host is operational and on the network, it
responds to the echo.
The default is to continuously send echo requests until an interrupt is received with <ctrl-c>,
but there is an option (-c) to specify the number of packets sent. The ping command sendsone datagram per second and prints one line of output for every response received. It
calculates round trip times and packet loss statistics, and displays a brief summary upon
completion.Be very careful of some options like –f. This will cause ICMP packets to flood the network.
Ping is most useful to test basic connectivity between hosts, but that it can not tell us anything about where the break is in the path. On the other hand, if ping cannot get a
response, traceroute can sometimes still give us information that helps to identify theoutage.
traceroute is useful for displaying all the routers between end to end host connectively. It
may turn out that the remote host is OK but a router has failed along the path. Traceroute
© Copyright IBM Corporation 2009
IBM Power Systems
Testing for remote connectivity
• Note: Sometimes the protocols used by ping (icmp) andtraceroute (udp) are blocked by firewalls or IPSec filters.
# ping sys1
PING sys1: (192.108.14.2): 56 data bytes
64 bytes from 192.108.14.2: icmp_seq=0 ttl=255 time=0 ms
64 bytes from 192.108.14.2: icmp_seq=1 ttl=255 time=0 ms
^C
----seraph PING Statistics----
2 packets transmitted, 2 packets received, 0% packet loss
# traceroute sys1
trying to get source for sys1
source should be 10.47.1.31
traceroute to seraph (192.108.14.2) from 10.47.1.31 (10.47.1.31), 30 hops max
outgoing MTU = 1500
1 merovingian.lpar.co.uk (10.47.1.30) 1 ms 0 ms 0 ms
2 7.7.7.1 (7.7.7.1) 0 ms 0 ms 0 ms3 sys1 (192.108.14.2) 0 ms 0 ms 0 ms
# ping sys1
PING sys1: (192.108.14.2): 56 data bytes
64 bytes from 192.108.14.2: icmp_seq=0 ttl=255 time=0 ms64 bytes from 192.108.14.2: icmp_seq=1 ttl=255 time=0 ms
^C
----seraph PING Statistics----
2 packets transmitted, 2 packets received, 0% packet loss
# traceroute sys1
trying to get source for sys1
source should be 10.47.1.31
traceroute to seraph (192.108.14.2) from 10.47.1.31 (10.47.1.31), 30 hops max
outgoing MTU = 1500
1 merovingian.lpar.co.uk (10.47.1.30) 1 ms 0 ms 0 ms
2 7.7.7.1 (7.7.7.1) 0 ms 0 ms 0 ms
3 sys1 (192.108.14.2) 0 ms 0 ms 0 ms
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 537/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 14. TCP/IP networking 14-33
5.2
empty works by increasing the “time-to-live” value of each successive batch of packets sent. Thefirst three packets sent have a time-to-live (TTL) value of one (implying that they are not
forwarded by the next router and make only a single hop). The next three packets have aTTL value of 2, and so on. When a packet passes through a host, normally the host
decrements the TTL value by one, and forwards the packet to the next host. When a packetwith a TTL of one reaches a host, the host discards the packet and sends an ICMP time
exceeded (type 11) packet to the sender. The traceroute utility uses these returningpackets to produce a list of hosts that the packets have traversed en route to the
destination. The three timestamp values returned for each host along the path are thedelay (known as latency) values typically in milliseconds (ms) for each packet in the batch.
If a packet does not return within the expected timeout window, a star (asterisk) istraditionally printed. Traceroute may not list the real hosts. It indicates that the first host is
at one hop, the second host at two hops, and so on. IP does not guarantee that all thepackets take the same route. Also note, that if the host at hop number N does not reply, the
hop will be skipped in the output.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 538/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
14-34 AIX installation © Copyright IBM Corp. 2009
Figure 14-25. Ports and sockets AN121.1
Notes:
Each process that wants to communicate with another process needs to identify itself in
some way. The logical construct used by TCP/IP to accomplish this task is called a port.
A port uniquely identifies an application (also called network services). The source portnumber and the destination port number are contained in the header of each TCP segment
or UDP packet.
Port numbers are defined in the /etc/services file. Port numbers from 0-1023 are called
well-known published ports and are reserved for standard applications like telnet and ftp.
When a datagram arrives at its destination based on the destination address, IP checks the
protocol. The data delivered to the transport protocol contains the destination port numberthat tells the transport protocol to which application process the data needs to go.
A socket is a combination of IP address and port number and protocol family, which
uniquely identifies a single network process. A socket is also referred to as acommunication end point. A pair of sockets uniquely identifies the end to end connection.
Socket communication can be viewed with the netstat –a command.
© Copyright IBM Corporation 2009
IBM Power Systems
Ports and sockets
• A port identifies the application on the host.• Server side ports are well-known and fixed.
– Stored in /etc/services• Client side ports are dynamic > 1023.
– Every client connection uses a new port• A Socket is a combination of IP address, protocol, and port
number.• A pair of sockets define a unique application network
connection.• TCP and UDP both implement ports independent of each
other.
# grep "^ftp " /etc/services
ftp 21/tcp # File Transfer [Control]
ftp 21/udp # File Transfer [Control]
neo:/ # ftp trinity
neo:/ # netstat -a |grep trinity
tcp 0 0 neo.57413 trinity.ftp ESTABLISHED
# grep "^ftp " /etc/services
ftp 21/tcp # File Transfer [Control]
ftp 21/udp # File Transfer [Control]
neo:/ # ftp trinity
neo:/ # netstat -a |grep trinity
tcp 0 0 neo.57413 trinity.ftp ESTABLISHED
Socket connectionresulting from theftp communication
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 539/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 14. TCP/IP networking 14-35
5.2
empty
Figure 14-26. inetd daemon AN121.1
Notes:
The inetd daemon is started at boot time from /etc/rc.tcpip. When it is started, inetd reads
its configuration from the /etc/inetd.conf file. This file contains the names of the services
that inetd listens for requests and starts as needed, to handle these requests. The file isused to enable and disable network services, such as ftp. To disable ftp on the host, edit
the inetd.conf file, locate and comment out the ftp program, then refresh the inetddaemon.
© Copyright IBM Corporation 2009
IBM Power Systems
vi /etc/inetd.conf, locate and comment out ftp line
#ftp stream tcp6 nowait root /usr/sbin/ftpd ftpd
telnet stream tcp6 nowait root /usr/sbin/telnetd telnetd -a
shell stream tcp6 nowait root /usr/sbin/rshd rshd
refresh –s inetd
0513-095 The request for subsystem refresh was completed successfully.
vi /etc/inetd.conf, locate and comment out ftp line
#ftp stream tcp6 nowait root /usr/sbin/ftpd ftpd
telnet stream tcp6 nowait root /usr/sbin/telnetd telnetd -a
shell stream tcp6 nowait root /usr/sbin/rshd rshd
refresh –s inetd
0513-095 The request for subsystem refresh was completed successfully.
inetd daemon
• Known as the ‘super server daemon’• Loads a network program based upon request
– Example network programs• ftp, tftp, login, telnet, shell, exec, bootp, time.
– To enable or disable a network program, comment or uncomment theappropriate line, and refresh the inetd daemon.
– Example: disable ftp
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 540/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
14-36 AIX installation © Copyright IBM Corp. 2009
Figure 14-27. Remote UNIX commands AN121.1
Notes:
The commands, telnet, rsh, rexec, rlogin, and rsh are all part of the bos.net.tcp.client fileset
which is installed by default. Any passwords entered using these commands are
transferred over the network in clear text and can be easily captured using packet sniffingtools. rsh, rexec, and rlogin commands can be configured so that the client user does not
have to supply a password. This introduces further vulnerabilities in the system. Ideally allr* commands, including telnet, should be disabled. They can be replaced by SSH.
Openssh, including secure copy and file transfer commands, can be installed using the AIXexpansion pack media.
© Copyright IBM Corporation 2009
IBM Power Systems
Remote UNIX commands
• Logging into a UNIX box remotely
• Running commands remotely on a UNIX box
• By default, all data, including passwords, are transferredacross the network in clear text (exception ssh) – There are several types of ssh software available for AIX.
• OpenSSH is contained on the AIX Expansion Pack.
# rsh trinity -l root# rlogin trinity -l root
# telnet trinity
# ssh root@trinity
# rsh trinity -l root# rlogin trinity -l root
# telnet trinity
# ssh root@trinity
# rsh trinity -l root date
# rexec trinity date
# ssh root@trinity date
# rsh trinity -l root date
# rexec trinity date
# ssh root@trinity date
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 541/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 14. TCP/IP networking 14-37
5.2
empty
Figure 14-28. Transferring files over a network (1 of 2) AN121.1
Notes:
The ftp command is possibility the most widely used program for transferring files across a
network. The remote user name specified at the login prompt, must exist, and have a valid
password defined at the remote host.
FTP is an unsecure protocol, as all data including passwords are transferred across the
network unencrypted. These passwords are very easy to sniff and capture. AIX 6 has anew secure feature (-s) which use Transport Layer Security (TSL) to encrypt data. To use
the secure (–s) option, OpenSSL must be installed, minimum level 0.9.7.
To gain a list of all ftp subcommands, type help in an interactive session or see the manpage.
© Copyright IBM Corporation 2009
IBM Power Systems
Transferring files over a network (1 of 2)
# ftp waldorf
Connected to waldorf.lpar.co.uk.220 waldorf.lpar.co.uk FTP server (Version 4.2 Thu Apr 17 02:03:14 CDT 2008)
ready.
Name (waldorf:root):
331 Password required for root.
Password:
ftp> prompt
Interactive mode off.
ftp> mput file*
200 PORT command successful.
150 Opening data connection for file1.
226 Transfer complete.
200 PORT command successful.
150 Opening data connection for file2.
226 Transfer complete.200 PORT command successful.
150 Opening data connection for file3.
226 Transfer complete.
ftp> bye
221 Goodbye.
# ftp waldorf
Connected to waldorf.lpar.co.uk.220 waldorf.lpar.co.uk FTP server (Version 4.2 Thu Apr 17 02:03:14 CDT 2008)
ready.
Name (waldorf:root):
331 Password required for root.
Password:
ftp> prompt
Interactive mode off.
ftp> mput file*
200 PORT command successful.
150 Opening data connection for file1.
226 Transfer complete.
200 PORT command successful.
150 Opening data connection for file2.
226 Transfer complete.200 PORT command successful.
150 Opening data connection for file3.
226 Transfer complete.
ftp> bye
221 Goodbye.
• ftp
AIX 6.1 has newsecure option (-s) which
uses TLS
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 542/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
14-38 AIX installation © Copyright IBM Corp. 2009
Figure 14-29. Transferring files over a network (2 of 2) AN121.1
Notes:
The rcp command is used to copy one or more files between the local host and a remote
host. The scp command is part of OpenSSH and is designed to replace rcp.
Moving files around the network can be neatly done with tar + rsh/ssh. The commandshown in the visual means: create an archive of /tmp/files and write this to standard out (in
this case the rsh command). The file will be transferred to system waldorf anddecompressed/written to directory/backup, if it exists.
To determine the transfer speed you can get between two hosts on a network, a good,
simple test is to use ftp and dd. In the visual, 100MB of data was transferred over thenetwork to /dev/null in 1.36 seconds.
© Copyright IBM Corporation 2009
IBM Power Systems
Transferring files over a network (2 of 2)
# rcp files* waldorf:/tmp/files
# scp file* root@waldorf:/tmp/files
### Using tar and rsh (or ssh) to transfer files over a network ###
# tar cf - /tmp/files | rsh waldorf “cd /backup && tar xBfp –”
### Using ftp and dd to test network performance ###
ftp> put "|dd if=/dev/zero bs=1M count=100" /dev/null
200 PORT command successful.
150 Opening data connection for /dev/null.
100+0 records in.
100+0 records out.
226 Transfer complete.104857600 bytes sent in 1.36 seconds (7.529e+04 Kbytes/s)
local: |dd if=/dev/zero bs=1M count=100 remote: /dev/null
# rcp files* waldorf:/tmp/files
# scp file* root@waldorf:/tmp/files
### Using tar and rsh (or ssh) to transfer files over a network ###
# tar cf - /tmp/files | rsh waldorf “cd /backup && tar xBfp –”
### Using ftp and dd to test network performance ###
ftp> put "|dd if=/dev/zero bs=1M count=100" /dev/null
200 PORT command successful.
150 Opening data connection for /dev/null.
100+0 records in.
100+0 records out.
226 Transfer complete.104857600 bytes sent in 1.36 seconds (7.529e+04 Kbytes/s)
local: |dd if=/dev/zero bs=1M count=100 remote: /dev/null
• rcp, scp and tar
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 543/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 14. TCP/IP networking 14-39
5.2
empty
Figure 14-30. Network File System AN121.1
Notes:
Network File System (NFS) is a facility for sharing files in a heterogeneous environment of
machines, operating systems, and networks. The NFS function is built into the kernel of the
operating system so it is transparent to applications and users. NFS is based on aclient/server model, where the server stores files and provides clients with access.
© Copyright IBM Corporation 2009
IBM Power Systems
Network File System
• File sharing between heterogeneous systems in a TCP/IPnetwork
• Transparent access to remote files and directories• Based on a client/server model• Filesets:
– Server: bos.net.nfs.server – Client: bos.net.nfs.client
nfs_server /home
client1 client2
/data
/home
/data
/data
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 544/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
14-40 AIX installation © Copyright IBM Corp. 2009
Figure 14-31. NFS server configuration (1 of 2) AN121.1
Notes:
The mknfs command configures the system to run the NFS daemons. The mknfs
command accepts the following flags:
-B Adds an entry to the inittab file to execute the /etc/rc.nfs file on systemrestart and executes the /etc/rc.nfs file immediately to start the NFS
daemons
-I Adds an entry to the inittab file to execute the /etc/rc.nfs file on systemrestart
-N Starts the /etc/rc.nfs file to start the NFS daemons immediately, when
started this way, the daemons run until the next system restart
When NFS is started the follow daemons are invoked:
• The biod daemon runs on all NFS client systems. When a user on a client wants toread or write to a file on a server, the biod daemon sends this request to the server. The
biod daemon is activated during system startup and runs continuously.
© Copyright IBM Corporation 2009
IBM Power Systems
NFS server configuration (1 of 2)
• Server configuration – Starting NFS (now and at system restart)
• /usr/sbin/mknfs –B
– Stopping NFS (now)
• /usr/sbin/rmnfs –N
# lssrc –g nfs
biod nfs 352444 active
nfsd nfs 221328 active
rpc.mountd nfs 315524 active
rpc.statd nfs 364738 active
rpc.lockd nfs 258262 active
# lssrc –g nfs
biod nfs 352444 active
nfsd nfs 221328 active
rpc.mountd nfs 315524 active
rpc.statd nfs 364738 active
rpc.lockd nfs 258262 active
# lssrc –g nfs
biod nfs inoperative
nfsd nfs inoperative
rpc.mountd nfs inoperative
rpc.statd nfs inoperative
rpc.lockd nfs inoperative
# lssrc –g nfs
biod nfs inoperative
nfsd nfs inoperative
rpc.mountd nfs inoperative
rpc.statd nfs inoperative
rpc.lockd nfs inoperative
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 545/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 14. TCP/IP networking 14-41
5.2
empty • The nfsd daemon runs on the server and handles client requests for file systemoperations.
• The rpc.mountd daemon answers client requests to mount file systems. The mountd
daemon finds out which file systems are available by reading the /etc/xtab file. The
/etc/xtab file is created when file systems are exported on the server. This process is
covered in the next visual.
• The rpc.statd and rpc.lockd daemons work together to main stateful locking. NFSimplements an advisory locking mechanism, meaning if a program, and does not pay
any attention to the locking messages it receives, it can go ahead and access the file. Inthe event of a server crash, the locking information will be recovered. The status
monitor maintains information on the location of connections as well as the status in the
/etc/sm directory, the /etc/sm.bak file, and the /etc/state file. When restarted, the statd
daemon queries these files and tries to reestablish the connection it had prior totermination.
The rmnfs command changes the configuration of the system to stop running NFS
daemons. It accepts the same flags as mknfs.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 546/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
14-42 AIX installation © Copyright IBM Corp. 2009
Figure 14-32. NFS server configuration (2 of 2) AN121.1
Notes:
In order to configure an NFS server, you have to first decide:
• What directories you want to export
• Which clients you want to have access the directories and files
• The permissions (for example, read-write, read-only) clients will have when accessing
the files
In the example shown in the visual:
• /home is exported to the world with read-write permissions. For security reasons, theclients root user does not have root privileges when accessing the files remotely. The
root user is mapped to the nobody user (UID 2).
• /usr/man directory is exported to the world with read-only permissions.
• /data directory is exported to systems: kenny, kyle, and eric. Systems, kenny and kyle
have read-write access and their root users have root privileges when accessing the
© Copyright IBM Corporation 2009
IBM Power Systems
NFS server configuration (2 of 2)
• To export directories:
# vi /etc/exports
/home
/usr/man -ro
/data -root=kenny:kyle,access=kenny:kyle:eric,rw=kenny:kyle
# vi /etc/exports
/home
/usr/man -ro
/data -root=kenny:kyle,access=kenny:kyle:eric,rw=kenny:kyle
# exportfs -va
Exported /usr/man
Exported /data
Exported /home
# exportfs -va
Exported /usr/man
Exported /data
Exported /home
/etc/xtab rpc.mountd
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 547/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 14. TCP/IP networking 14-43
5.2
empty files remotely. System, eric has read-only access and the root user is mapped to usernobody.
Only when the NFS subsystem is activated, using the mknfs command, can directories be
made available. When the /etc/export file has been configured, the exportfs commandis used to make the directories available for client mounting. The exportfs -a command
exports all items listed in the /etc/exports file and automatically copies the entries to the
/etc/xtab file. /etc/xtab file entries are used by the system and always reflect what iscurrently exported. This leaves the /etc/exports file available for updating at any time. The
/etc/xtab file must never the edited directly.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 548/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
14-44 AIX installation © Copyright IBM Corp. 2009
Figure 14-33. Manual NFS client mounting AN121.1
Notes:
The showmount command is useful for viewing which directories are available for
mounting on a particular NFS server. To mount an NFS directory, first create a directory
point and then issue the mount command, as shown in the visual.
Syntax: mount <NFS_server_name> :<server mount point> <client directory mount
point >
© Copyright IBM Corporation 2009
IBM Power Systems
Manual NFS client mounting
• The showmount command can be used to query thedirectories exported by the NFS server.
• Mounting an NFS server directory
• Predefined mounts can also be defined using smit mknfsmnt.
kenny:/ # showmount -e nfs_server
export list for nfs_server:
/usr/man (everyone)
/data kenny,kyle,eric
/home (everyone)
kenny:/ # showmount -e nfs_server
export list for nfs_server:
/usr/man (everyone)
/data kenny,kyle,eric
/home (everyone)
# mkdir /data_client_mnt
# mount nfs_server:/data /data_client_mnt
# df /data
Filesystem 512-blocks Free %Used Iused %Iused Mounted on
nfs_server:/data 278528 212920 24% 1317 6% /data_client_mnt
# mkdir /data_client_mnt
# mount nfs_server:/data /data_client_mnt
# df /data
Filesystem 512-blocks Free %Used Iused %Iused Mounted on
nfs_server:/data 278528 212920 24% 1317 6% /data_client_mnt
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 549/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 14. TCP/IP networking 14-45
5.2
empty
Figure 14-34. Predefined NFS client mounting AN121.1
Notes:
Predefined mounts are NFS mounts which are defined in /etc/filesystems for ease of use
when manual mounting or to enable remote file systems to be mounted during system start
time.
Key options are:
• Security Method: Possible values are: sys, dh, krb5, krb5i, krb5p, which correspond to
Unix, DES, Kerberos 5, Kerberos 5 with integrity, and Kerberos 5 with privacy. Thedefault NFS security used in most implementations is standard Unix (sys). The other
methods are used in special situations where authentication and encryption is required.These methods are supported by a new version of NFS, NFS version 4. NFS v4 is not
the default version used in AIX and is a large complex topic which is outside the scopeof this class but may wish to refer to the following IBM redbook “Implementing NFSv4
in the Enterprise: Planning and Migration Strategies”, available at:
http://www.redbooks.ibm.com/abstracts/sg246657.html.
• Mode: Read-write or read-only.
© Copyright IBM Corporation 2009
IBM Power Systems
Predefined NFS client mounting
/data_client_mnt:
dev = "/data"
vfs = nfs
nodename = nfs_server
mount = false
options = bg,hard,intr,sec=sys
account = false
/data_client_mnt:
dev = "/data"
vfs = nfs
nodename = nfs_server
mount = false
options = bg,hard,intr,sec=sys
account = false
Add a File System for Mounting
* Pathname of mount point [/data_client_mnt] /
* Pathname of remote directory [/data]
* Host where remote directory resides [nfs_server]
* Security method [sys] +
* Mount now, add entry to /etc/filesystems or both? Both +
* /etc/filesystems entry will mount the directory no +
on system restart.
* Mode for this NFS file system read-write +
* Attempt mount in foreground or background background +
* Mount file system soft or hard hard
Note: Many options removed for clarity.
Add a File System for Mounting
* Pathname of mount point [/data_client_mnt] /
* Pathname of remote directory [/data]
* Host where remote directory resides [nfs_server]
* Security method [sys] +
* Mount now, add entry to /etc/filesystems or both? Both +
* /etc/filesystems entry will mount the directory no +
on system restart.
* Mode for this NFS file system read-write +
* Attempt mount in foreground or background background +
* Mount file system soft or hard hard
Note: Many options removed for clarity.
– smit mknfsmnt
– /etc/filesystems
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 550/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
14-46 AIX installation © Copyright IBM Corp. 2009
• Attempt mount in: Values: background (default) or foreground
If the attempt to mount the directory fails, the mount will be retried in the background. Ifforeground is selected, the mount request stays in the foreground even, if the mount
request fails.
• Mount type: Values: hard or soft
If the mount is soft, the system returns an error if the server does not respond. If the mountis hard, the client continues trying until the server responds. The hard mount is the default.When a hard mount is selected, an extra option is included in /etc/filesystems: intr. The intr
option allow signals to interrupt an NFS call. This is useful for aborting an NFS mountprocess when the server does not respond.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 551/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 14. TCP/IP networking 14-47
5.2
empty
Figure 14-35. Virtual Network Computing AN121.1
Notes:
Virtual Network Computing (VNC) is a graphical desktop sharing system which uses the
RFB (“remote framebuffer”) protocol to remotely connect to another host/server. It
transmits the keyboard and mouse events from one host to another, relaying the graphicalscreen updates back in the other direction, over a network.
VNC is platform-independent. A VNC viewer on any operating system connects to a VNCserver, running in this case, on AIX. Multiple clients may connect to the VNC server at the
same time. Popular uses for this technology include remote technical support and
accessing files on one's work computer from one's home computer, or vice versa.VNC was originally developed at the Olivetti Research Laboratory in Cambridge, United
Kingdom. The original VNC source code and many modern derivatives are open sourceunder the GNU General Public License.
© Copyright IBM Corporation 2009
IBM Power Systems
Virtual Network Computing
• VNC is a ‘free’ graphical desktop sharing system which usesthe RFB protocol to remotely control another computer.
• It is popular in both UNIX and Windows systems.
VNC traffic
VNC AIXServer
VNC viewer eg. UltraVNC
realVNCtightVNC
Can also be tunnelledover an ssh
connection forimproved security
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 552/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
14-48 AIX installation © Copyright IBM Corp. 2009
Figure 14-36. VNC configuration AN121.1
Notes:
To run VNC on AIX, install the following filesets from the AIX Toolbox for Linux Applications
CD. No further configuration is required.
# lslpp -l |egrep -i “vnc|zlib)” freeware.vnc.rte 3.3.3.2 COMMITTED Virtual NetworkComputing
freeware.zlib.rte 1.1.3.2 COMMITTED Data compression library
When a VNC session is started, two TCP/IP ports are opened, 59<number> and
58<number>. The 59 port must be used for the vncviewer application. The 59 prefix isgenerally not required. It is implied and hard coded into the viewer application. The 58 port
is used to access VNC over http. To connect in the way, the full port number (including 58)must be supplied.
© Copyright IBM Corporation 2009
IBM Power Systems
VNC configuration
• In order to set up a VNC server on AIX, install vnc and zlibfrom the AIX Toolbox for Linux Applications.
• Start a vnc session by typing: – vncserver :<port number>
– To access the AIX desktop VNC session from
• UNIX, type: # vncview neo:33• PC VNC viewer
• Also, access can be done through a web browser over httphttp://neo:5833
# vncserver :33
New 'X' desktop is neo:33
Starting applications specified in //.vnc/xstartup
Log file is //.vnc/neo:33.log
# vncserver :33
New 'X' desktop is neo:33
Starting applications specified in //.vnc/xstartup
Log file is //.vnc/neo:33.log
Note: The TCP/IP portstarted is actually 5933.The “59” is implied and
is not required toconnect.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 553/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 14. TCP/IP networking 14-49
5.2
empty
Figure 14-37. Checkpoint AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Checkpoint
1. What are the following used for?
• /etc/rc.tcpip
_____________________________________________
• ssh
_____________________________________________
• VNC _____________________________________________
• /etc/services ______________________________________________
2. What is multipath routing and why should we use it? ______________________________________________
______________________________________________
______________________________________________
3. How can we disable the FTP protocol on AIX?
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 554/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
14-50 AIX installation © Copyright IBM Corp. 2009
Figure 14-38. Exercise 14 AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Exercise 14
TCP/IPimplementation
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 555/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 14. TCP/IP networking 14-51
5.2
empty
Figure 14-39. Unit summary AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Unit summary
Having completed this unit, you should be able to:
• Define TCP/IP layering terminology• Describe the TCP/IP startup flow on AIX• Describe IP addressing• Configure TCP/IP basic functions on AIX
– IP configuration, routing, Aliasing
• Explain how Ports and Sockets are used• Use standard TCP/IP facilities to:
– Log in to another system – Transfer files – Run commands
• Configure NFS• Set up VNC
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 556/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
14-52 AIX installation © Copyright IBM Corp. 2009
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 557/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 15. Introduction to workload partitions 15-1
5.2
empty Unit 15. Introduction to workload partitions
What this unit is about
This unit provides an introduction to workload partitioning.
What you should be able to do
After completing this unit, you should be able to:
• Understand workload partition (WPAR) concepts
• Create, control, and manage WPARs
• Describe the role of WPAR manager
How you will check your progressAccountability:
• Checkpoint • Machine exercises
References
Online AIX Version 6.1 IBM Workload Partitions for AIX
SG24-7559 AIX Version 6.1 Differences Guide (redbook)SG24-7656 Workload Partition Management in IBM AIX Version
6.1 (redbook)
Note: References listed as “Online” above are available at thefollowing address:
http://publib.boulder.ibm.com/infocenter/systems/index.jsp
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 558/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
15-2 AIX installation © Copyright IBM Corp. 2009
Figure 15-1. Unit objectives AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Unit objectives
After completing this unit, you should be able to:
• Understand workload partition (WPAR) concepts
• Create, control, and manage WPARs
• Describe the role of WPAR Manager
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 559/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 15. Introduction to workload partitions 15-3
5.2
empty
Figure 15-2. Workload partition overview (1 of 2) AN121.1
Notes:
Introduction
Workload Partition (WPAR) is a software-based virtualization feature of AIX 6 that will
provide new capabilities to reduce the number of AIX operating system images thatneed to be maintained when consolidating multiple workloads on a single server.
WPARs will provide a way for clients to run multiple applications inside the sameinstance of an AIX operating system, while providing security and administrative
isolation between applications. WPARs complement logical partitions and can be used
in conjunction with logical partitions if desired. WPAR can improve administrativeefficiency by reducing the number of AIX operating system instances that must bemaintained. WPAR can increase the overall utilization of systems by consolidating
multiple workloads on a single system, and is designed to improve cost of ownership.
Global environment
Workload partitions are created within standard AIX 6 instances. The globalenvironment is the part of an AIX 6 instance, which does not belong to any workload
partition. The global environment is therefore similar to the operating system
© Copyright IBM Corporation 2009
IBM Power Systems
WorkloadPartition
ApplicationServer
WorkloadPartition
WebServer
WorkloadPartition
Billing
AIX 6 instance
WorkloadPartition
TestWorkloadPartition
BI
Workload partition overview (1 of 2)
• Workload partitions improve administrative efficiency byreducing the number of AIX images to maintain.
• WPARs act like AIX instances partitioned in software – Appears as a separate instance of AIX – Software-based partitions for
workload management
• Global environment – Owns all the physical resources,
and can be thought of as thetraditional AIX login environment
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 560/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
15-4 AIX installation © Copyright IBM Corp. 2009
environment of earlier versions of AIX. This global environment can be hosted within adedicated LPAR or physical system.
The global environment owns all physical resources of the LPAR: network adapters,disks adapters, disks, processors, memory. It allocates CPU and memory resources to
the workload partitions. It provides them access to the network and storage devices.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 561/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 15. Introduction to workload partitions 15-5
5.2
empty
Figure 15-3. Workload partition overview (2 of 2) AN121.1
Notes:
There are two types of workload partitions that can reside in a global environment.
• System WPAR is a virtual AIX environment.
• Application WPAR is a light-weight transient environment. It is suitable for execution of
one or more processes.
© Copyright IBM Corporation 2009
IBM Power Systems
Workload partition overview (2 of 2)
• Each workload partition (WPAR) – Obtains a regulated share of system resources – Can have unique network attributes and filesystems – Has separate administrative and security domains.
• WPAR prerequisites – AIX 6 and POWER4, 5, or 6
• Two types – System
– Application
• Can be relocated from system to system (LPAR to LPAR) – Requires WPAR manager software and license – WPAR relocation is referred to as “Live Application Mobility”
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 562/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
15-6 AIX installation © Copyright IBM Corp. 2009
Figure 15-4. Reasons to use workload partitions AN121.1
Notes:
WPARs provide unique partitioning values.
• Smaller number of OS images to maintain
• Performance efficient partitioning through sharing of application text and kernel data
and text
• Fine-grain partition resource controls
• Simple, lightweight, centralized partition administration
WPARs enable multiple instances of the same application to be deployed acrosspartitions.
• Many WPARs running DB2, Web Sphere, or Apache in the same AIX image
• Greatly increases the ability to consolidate workloads because often the sameapplication is used to provide different business services
• Enables the consolidation of separate discrete workloads that require separate
instances of databases or applications onto a single system or LPAR
© Copyright IBM Corporation 2009
IBM Power Systems
Reasons to use workload partitions
• Reduced number of AIX systems to administer
• Encapsulate and control applications
• Rapidly create a new AIX environment in minutes
• Separate security at the WPAR level – Users, RBAC
• Ability to dynamically relocate WPARs to another system
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 563/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 15. Introduction to workload partitions 15-7
5.2
empty • Reduced costs through optimized placement of work loads between systems to yieldthe best performance and resource utilization
WPAR technology enables the consolidation of diverse workloads on a single server
increasing server utilization rates.
• Hundreds of WPARs can be created. Far exceeding the capability of other partitioning
technologies.
• WPARs support fast provisioning and fast resource adjustments in response to
normal/unexpected demands. WPARs can be created, and resource controls modified,in seconds.
• WPAR resource controls enable the over-provisioning of resources. If a WPAR is below
allocated levels, the unused allocation is automatically available to other WPARs.
• WPARs can be migrated to another partition in response to normal shift in orunexpected change in demand.
WPARs enable development, test, and production cycles of one workload to beplaced on a single system.
• Different levels of applications (production1, production2, test1, test2) can be deployedin separate WPARs.
• Quick and easy roll out or roll back to production environments
• Reduced costs through the sharing of hardware resources
• Reduced costs through the sharing of software resources such as the operatingsystem, data bases, and tools
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 564/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
15-8 AIX installation © Copyright IBM Corp. 2009
Figure 15-5. WPAR is built on top of WLM AN121.1
Notes:
WPAR technology sits on top of WLM. WLM has been a standard feature of AIX since
version 4.3.3. WLM allows the control and the management of WPAR resources, such as
CPU, memory, and processes. This means that you can assign specific fractions of CPUand memory, to each WPAR. This is managed through WLM.
© Copyright IBM Corporation 2009
IBM Power Systems
WPAR is built on top of WLM
• Workload Manager (WLM) allows WPAR resource control• Resource control allows the administrator to control CPU and
Memory limits.– Plus many advanced options such as max. processes, threads,
pinned memory
AIX
WLM
WPAR
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 565/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 15. Introduction to workload partitions 15-9
5.2
empty
Figure 15-6. AIX workload partitions initial state AN121.1
Notes:
The creation of WPARs requires AIX 6 on your system or logical partition. You can use a
variety of tools to create, monitor, and administrate the workload partitions.
© Copyright IBM Corporation 2009
IBM Power Systems
AIX workload partitions initial state
• When you install AIX 6, either on a stand-alone machine or
an LPAR, there are no WPARs defined.
• When you log in to AIX 6.1, you log in to the globalenvironment. – From this environment you create, monitor, and administer
WPARs using:• SMIT (smit wpar)• WebSM
• Command line interface• AIX System Director console• WPAR Manager
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 566/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
15-10 AIX installation © Copyright IBM Corp. 2009
Figure 15-7. Application WPARs (1 of 2) AN121.1
Notes:
Application Workload Partitions
• Normal WPARs except there is no file system isolation
• Login not supported
• Internal mounts not supported
• Target: Light weight process groups for mobility
© Copyright IBM Corporation 2009
IBM Power Systems
Application WPARs (1 of 2)
Application WPAR
Processes
IPCs
/
/home
/usr /var /tmp
hdiskX PTY
Devices and filesystems visible
from globalenvironment in
WPAR
Create and run
Stop and remove
Global environment
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 567/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 15. Introduction to workload partitions 15-11
5.2
empty
Figure 15-8. Application WPARs (2 of 2) AN121.1
Notes:
Application workload partitions do not provide the highly virtualized system environment
offered by system workload partitions, rather they provide an environment for segregation
of applications and their resources to enable checkpoint, restart, and relocation at theapplication level.
The Application WPAR represents a shell or an envelope around a specific applicationprocess or processes which leverage shared system resources. It is light weight, quick to
create and remove, and does not take a lot of resources, since it uses the global
environment system file system and device resources. Once the application process orprocesses are finished, the WPAR is stopped. There are no login capabilities for the user. Ifyou need to access the application, you must use an application provided mechanism. All
file systems are shared with the global environment. If an application is using devices, it willuse global environment devices.
© Copyright IBM Corporation 2009
IBM Power Systems
Application WPARs (2 of 2)
• Isolate individual applications.
• Light weight; quick to create and remove – Created with wparexec command – Removed when stopped – Stopped when the application finished – File systems and device resources are shared with the global
environment – No user login capabilities
• Can be migrated to another server
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 568/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
15-12 AIX installation © Copyright IBM Corp. 2009
Figure 15-9. Creating an application WPAR: wparexec AN121.1
Notes:
Creating an application WPAR
The creation of an application WPAR is simple, since the only mandatory parameter is the
full path of the executable file to run inside the WPAR. The example in the slide shows the
wparexec command starting an application WPAR immediately after creation. This type of
WPAR only exists while the application is running. When the application ends, the WPARalso ends, and all of its resources are freed.
An application WPAR can automatically mount additional files systems when starting,
where the application WPAR has a dependency on a file system. This filesystem isautomatically unmounted when WPAR stops.
© Copyright IBM Corporation 2009
IBM Power Systems
Creating an application WPAR: wparexec
• Started when created• Removed when stopped or associated application ends• Created using wparexec• Can optionally have a hostname and IP address
# wparexec -n MyAppWpar /start_myapp
Starting workload partition MyAppWpar.
Mounting all workload partition file systems.
Loading workload partition.
Starting myapp on Mon 22 Dec 12:09:35 2008
Shutting down all workload partition processes.
# wparexec -n MyAppWpar /start_myapp
Starting workload partition MyAppWpar.
Mounting all workload partition file systems.
Loading workload partition.
Starting myapp on Mon 22 Dec 12:09:35 2008
Shutting down all workload partition processes.
WPAR andapplication
started
Applicationstopped, WPAR
removed
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 569/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 15. Introduction to workload partitions 15-13
5.2
empty
Figure 15-10. Application WPAR process space AN121.1
Notes:
When executing the wparexec command, the vinit process is started in the global
environment. WPAR represents a shell or an envelope around a specific application
process or processes which use shared system resources. It is light weight and all filesystems are shared with the global environment. If an application is using devices, it will
use global environment devices.
© Copyright IBM Corporation 2009
IBM Power Systems
root@global_env /: # ps -ef |egrep "(wpar|vinit)" \| awk '{print $1,$2,$3,$8,$9,$10}'
UID PID PPID CMDroot 368872 131290 /usr/bin/ksh /usr/sbin/startwpar MyAppWpar root 417934 368872 /usr/lib/corrals/vinit MyAppWpar /start_myapp
Application WPAR process space
Global Environment
WPAR: MyAppWpar
init
srcmstr
PID=1PID=417934
vinit
biod
portmapinetd rpc.statd
Others…
errdemonxmwlmsyncd
cron
/etc/init
/usr/lib/corrals/vinit <wparname><application>
syslogd
Application running
wparexec startwpar
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 570/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
15-14 AIX installation © Copyright IBM Corp. 2009
Figure 15-11. System WPARs (1 of 2) AN121.1
Notes:
System Workload Partition
A System WPAR is a self contained, virtual AIX partition, within the global AIX
environment.
© Copyright IBM Corporation 2009
IBM Power Systems
System WPARs (1 of 2)
System WPAR
//opt/usr /var /tmp
hdiskXPTY
InetdCron
sendmail
Processes
Devices
File Systems
IPCs
Devices and filesystems visible from
the globalenvironment in
WPAR
Devices and filesystems unique
to WPAR
Global environment
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 571/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 15. Introduction to workload partitions 15-15
5.2
empty
Figure 15-12. System WPARs (2 of 2) AN121.1
Notes:
System workload partitions are autonomous virtual system environments with their own
private root file systems, users and groups, login, network space, and administrative
domain.
The systems administrator accesses the WPAR through the administrator console or
through regular network tools such as telnet or ssh. Inter-process communication for aprocess in a WPAR, is restricted to those processes in the same WPAR.
System workload partitions are complete virtualized OS environments, where multiple
services and applications run. It takes longer to create a system WPAR compared to anapplication WPAR, as it builds its own filesystems. A system WPAR is removed only when
requested. It has its own root user, RBAC privileges, and system services like inetd, cron,syslog, and so on.
A system WPAR does not share writable file systems with other workload partitions or the
global environment.
© Copyright IBM Corporation 2009
IBM Power Systems
System WPARs (2 of 2)
• Are autonomous virtual system environments – By default:
• /usr/ and /opt filesystems are shared with the global environment• /, /var and /tmp are private for the WPAR own use:
– Have their own unique set of users, groups, and network addresses – Can be accessed from the global environment using the
administration console (clogin) or from the network using regulartelnet or ssh sessions
– Can be stopped and restarted – Integrated with role-based access control (RBAC)
• Granular privilege and security controls within WPAR
– Processes can only see and signal other processes within a WPAR – System services: Mail, NFS client, inetd, syslog, cron, and so on are
executed independently for each WPAR.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 572/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
15-16 AIX installation © Copyright IBM Corp. 2009
Figure 15-13. System WPAR device access AN121.1
Notes:
The global environment can use physical or virtual devices. The hosted WPARs have no
control of, nor can they directly access, the hardware devices. Therefore, the global
environment also owns all physical I/O adapters needed by the workload partitions.
© Copyright IBM Corporation 2009
IBM Power Systems
System WPAR device access
• WPARs have no device access to: – Storage devices
• Access to data is performed through file systems that are mounted fromthe global environment.
– Physical network devices – Devices that could provide a more global view of the system such as
/dev/mem or /dev/kmem
• WPARs have device access to: – A limited set of safe pseudo devices such as /dev/null, /dev/zero,
/dev/random, /dev/tty
• WPARs are not capable of creating new devices bythemselves.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 573/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 15. Introduction to workload partitions 15-17
5.2
empty
Figure 15-14. Creating a system WPAR: mkwpar AN121.1
Notes:
Creating a System WPAR
System WPARs are created with the mkwpar command. These commands can get quite
complex and many of the flags are beyond the scope of this course.
The example in the visual shows a simple system WPAR being created called wpar1. Thecreation process is as follows:
• Create the filesystems.
• Install AIX or RPM software into the WPAR from the global environment. • Check that the software is correctly synchronized between the global environment and
the WPAR.
• Return the success or failure status.
© Copyright IBM Corporation 2009
IBM Power Systems
Creating a system WPAR: mkwpar
# mkwpar –n wpar1
mkwpar: Creating file systems.../
/home
/opt
/proc
/tmp
/usr
/var
……….
Installp: INSTALLING software for:
syncroot: RPM root packages are currently synchronized.
syncroot: Root part is currently synchronized.syncroot: Returns Status = SUCCESS
Workload partition wpar1 created successfully.
mkwpar: 0960-390 To start the workload partition, execute
the following as root: startwpar [-v] wpar1
# mkwpar –n wpar1
mkwpar: Creating file systems...
/
/home
/opt
/proc
/tmp
/usr
/var
……….
Installp: INSTALLING software for:
syncroot: RPM root packages are currently synchronized.
syncroot: Root part is currently synchronized.syncroot: Returns Status = SUCCESS
Workload partition wpar1 created successfully.
mkwpar: 0960-390 To start the workload partition, execute
the following as root: startwpar [-v] wpar1
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 574/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
15-18 AIX installation © Copyright IBM Corp. 2009
Figure 15-15. System WPAR process space AN121.1
Notes:
The visual shows an example of the processes structure in a system workload partition,
and its interaction with the global environment. The WPAR init process ID is always, within
the WPAR, virtualized to 1 and its parent process 0.
Each system workload partition has its own inittab file and resource manager (srcmstr), so
that it appears to be a standalone operating system.
© Copyright IBM Corporation 2009
IBM Power Systems
root@global_env /: ps -eaf |grep –E rcmstr|315476“
UID PID PPID C STIME TTY TIME CMD
root 1 0 0 Jun 29 - 0:00 /etc/initroot 204946 1 0 Jun 29 - 0:00 /usr/sbin/srcmstr root 282812 315476 0 Jul 03 - 1:57 /usr/bin/xmwlm -Lroot 315476 204946 0 Jul 03 - 0:00 /etc/initroot 348392 315476 0 Jul 03 - 0:00 /usr/sbin/srcmstr root 364660 315476 0 Jul 03 - 0:01 /usr/sbin/cron
System WPAR process space
Global Environment
wpar1
init
srcmstr
PID=1PID=315476 cor_wpar1
biod
portmap
inetdrpc.statd
Others…
errdemon
xmwlmsyncd
cron
/etc/init
/etc/init
biod
cronwmwlm
inetdportmap rpc.statd
Others…
# root@wpar1 /: ps –ef
UID PID PPID C STIME TTY TIME CMDroot 1 0 0 Jul 03 - 0:00 /etc/initroot 233674 348392 0 Jul 03 - 0:00 /usr/sbin/inetdroot 241740 348392 0 Jul 03 - 0:00 /usr/sbin/syslogdroot 258278 348392 0 Jul 03 - 0:00 /usr/sbin/portmaproot 266444 348392 0 Jul 03 - 0:00 /usr/sbin/biod 6root 282812 1 0 Jul 03 - 1:55 /usr/bin/xmwlm -Lroot 307220 1 0 23:06:20 ? 0:00 clogin wpar1root 348392 1 0 Jul 03 - 0:00 /usr/sbin/srcmstr root 364660 1 0 Jul 03 - 0:01 /usr/sbin/cron
srcmstr
syslogd
syslogd
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 575/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 15. Introduction to workload partitions 15-19
5.2
empty
Figure 15-16. Creating a system WPAR with a network definition AN121.1
Notes:
The network connection for a WPAR is implemented using the network alias feature on the
global environment level's physical or virtual network interface. The network alias is a
standard feature that is used to implement both an IP address for each WPAR and allowsfor a WPAR movement to a different system.
Network addresses can also be assigned to application WPARs. This can be achieved asfollows:
# wparexec -c -n wpar30 -N address=10.6.105.130 /wpar30/appstart
© Copyright IBM Corporation 2009
IBM Power Systems
glob_env: # ifconfig en0
en0:
flags=1e080863,480<UP,BROADCAST,NOTRAILERS,RUNNING,SIMPLEX,M
ULTICAST,GROUPRT,64BIT,CHECKSUM_OFFLOAD(ACTIVE),CHAIN>
inet 10.47.110.1 netmask 0xffff0000 broadcast 10.47.255.255
inet 10.47.33.1 netmask 0xffff0000 broadcast 10.47.255.255
inet 3.3.3.3 netmask 0xff000000 broadcast 3.255.255.255
glob_env: # ifconfig en0
en0:
flags=1e080863,480<UP,BROADCAST,NOTRAILERS,RUNNING,SIMPLEX,M
ULTICAST,GROUPRT,64BIT,CHECKSUM_OFFLOAD(ACTIVE),CHAIN>
inet 10.47.110.1 netmask 0xffff0000 broadcast 10.47.255.255
inet 10.47.33.1 netmask 0xffff0000 broadcast 10.47.255.255
inet 3.3.3.3 netmask 0xff000000 broadcast 3.255.255.255
wpar1: # ifconfig en0
en0:
flags=1e080863,480<UP,BROADCAST,NOTRAILERS,RUNNING,SIMPLEX,M
ULTICAST,GROUPRT,64BIT,CHECKSUM_OFFLOAD(ACTIVE),CHAIN>
inet 10.47.33.1 netmask 0xffff0000 broadcast 10.47.255.255
inet 3.3.3.3 netmask 0xff000000 broadcast 3.255.255.255
wpar1: # ifconfig en0
en0:
flags=1e080863,480<UP,BROADCAST,NOTRAILERS,RUNNING,SIMPLEX,M
ULTICAST,GROUPRT,64BIT,CHECKSUM_OFFLOAD(ACTIVE),CHAIN>
inet 10.47.33.1 netmask 0xffff0000 broadcast 10.47.255.255
inet 3.3.3.3 netmask 0xff000000 broadcast 3.255.255.255
Creating a system WPAR with a network definition
# mkwpar -h wpar1 -r -N interface='en0' \
address='10.47.33.1' -n wpar1
# mkwpar -h wpar1 -r -N interface='en0' \
address='10.47.33.1' -n wpar1
# chwpar -N interface='en0' address='3.3.3.3’ \
netmask='255.0.0.0' wpar1
# chwpar -N interface='en0' address='3.3.3.3’ \
netmask='255.0.0.0' wpar1
glob_env
WorkloadPartition: wpar1
10.47.33.1/163.3.3.3/8
en0 (net)
10.47.110.1/16
10.3.2.201
10.47.0.0
3.0.0.0
Additional networkparameters can be
added aftercreation.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 576/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
15-20 AIX installation © Copyright IBM Corp. 2009
Figure 15-17. WPAR routing AN121.1
Notes:
Each WPAR can use the routing table available in the global environment. However, the
WPAR administrator can decide to enable WPAR specific routing and add or delete routes
as necessary.
© Copyright IBM Corporation 2009
IBM Power Systems
WPAR routing
• By default, a system WPAR uses the routing table of the globalenvironment.
• A system WPAR can have its own specific routing table. – In SMIT, set the WPAR specific routing option to yes, or from
command line, use the –i flag.Syntax: -I rtdest=<IP> rtgateway=<IP> [rtnetmask=<IP>] [rttype={net|host}] [rtinterface=<if>]
– Example: To add a specific WPAR default route to wpar1
– To view the routing table for wpar1
Global env # chwpar -I rtdest=default rtgateway=10.47.0.1 wpar1Global env # chwpar -I rtdest=default rtgateway=10.47.0.1 wpar1
Global env # netstat -rn -@ wpar1
Routing tables
WPAR Destination Gateway Flags Refs Use If Exp Groups
Route Tree for Protocol Family 2 (Internet):
wpar1 default 10.47.0.1 UG 7 250 en0 - -
wpar1 10.47/16 10.47.33.30 U 1 39 en0 - -
wpar1 10.47.33.1 127.0.0.1 UGHS 0 0 lo0 - -
wpar1 10.47.255.255 10.47.33.1 UHSb 0 0 en0 - -
Global env # netstat -rn -@ wpar1
Routing tables
WPAR Destination Gateway Flags Refs Use If Exp Groups
Route Tree for Protocol Family 2 (Internet):
wpar1 default 10.47.0.1 UG 7 250 en0 - -
wpar1 10.47/16 10.47.33.30 U 1 39 en0 - -
wpar1 10.47.33.1 127.0.0.1 UGHS 0 0 lo0 - -
wpar1 10.47.255.255 10.47.33.1 UHSb 0 0 en0 - -
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 577/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 15. Introduction to workload partitions 15-21
5.2
empty
Figure 15-18. System WPAR file systems space (1 of 2) AN121.1
Notes:
Storage level access in a system WPAR is through a set of file systems assigned to the
WPAR at creation, and mounted within the WPAR during activation. A system WPAR
operates within a localized view of these file systems:
/
/usr
/opt
/tmp/var
/home
© Copyright IBM Corporation 2009
IBM Power Systems
System WPAR file systems space (1 of 2)
• There are three primary forms of file system access within asystem WPAR. – Shared-system
• /usr and /opt are shared read-only, by default, from the globalenvironment through namefs mounts.
– NFS hosted• A set of file systems, which can include /usr and /opt, are mounted
(read-only or read/write) from a host system through NFS mounts.
– Non-shared• /tmp, /var , /home, / are separate local file systems (jfs/jfs2) within the
WPAR.
# mkwpar -n wpar1 -l# mkwpar -n wpar1 -l
Creates a WPARwith Non-shared /usr and /opt file
systems.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 578/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
15-22 AIX installation © Copyright IBM Corp. 2009
By default /usr and /opt are shared with the global environment (read only). Alternatively, ifthe application requires read/write access to these directories, the WPAR can have its own
non-shared copies. However, this will significantly increase the time required to create,backup, or restore the WPAR.
File systems can also be hosted through NFS. NFS is mandatory if the live application
mobility feature is to be deployed to move WPARs from box to box (LPAR to LPAR).
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 579/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 15. Introduction to workload partitions 15-23
5.2
empty
Figure 15-19. System WPAR file systems space (2 of 2) AN121.1
Notes:
The visual shows an example of the default storage model of a system WPAR. The system
WPAR includes the creation of a base directory. This base directory is the root of the chroot
system WPAR environment. By default, the path to this base directory is /wpars/<name_of_wpar> in the global environment.
By default, the base directory contains 7 filesystems:
• /, /home, /tmp and /var are real filesystems, dedicated to the system partition use.
• /opt and /usr are read-only namefs mounts of the global environment's /usr and /opt.
• The /proc pseudo-file system maps to the global environment /proc pseudo-file system
(/proc in a WPAR only makes available process information for that WPAR).
From the global environment, the file systems and mount points associated with the systemWPAR, are seen as being located within a WPAR-specific sub-directory tree of the global
environment (for example, /wpars/wparname/ ).
© Copyright IBM Corporation 2009
IBM Power Systems
{sys02_p2} / # mountNode mounted mounted over vfs date options-------- -------------- --------------- ------ ------------ ----------
/dev/hd4 / jfs Aug 27 14:05 rw,log=/dev/hd8/dev/hd2 /usr jfs Aug 27 14:05 rw,log=/dev/hd8/dev/hd9var /var jfs Aug 27 14:06 rw,log=/dev/hd8/dev/hd3 /tmp jfs Aug 27 14:06 rw,log=/dev/hd8/dev/hd1 /home jfs Aug 27 14:06 rw,log=/dev/hd8/proc /proc procfs Aug 27 14:06 rw/dev/hd10opt /opt jfs Aug 27 14:06 rw,log=/dev/hd8/dev/fslv01 /wpars/wpar1 jfs2 Sep 03 14:55 rw,log=INLINE/dev/fslv02 /wpars/wpar1/home jfs2 Sep 03 14:55 rw,log=INLINE/opt /wpars/wpar1/opt namefs Sep 03 14:55 ro/proc /wpars/wpar1/proc namefs Sep 03 14:55 rw/dev/fs lv03 /wpars/wpar1/tmp jfs2 Sep 03 14:55 rw,log=INLINE/usr /wpars/wpar1/usr namefs Sep 03 14:55 ro/dev/fslv04 /wpars/wpar1/var jfs2 Sep 03 14:55 rw,log=INLINE
• AIX 6 globalenvironment
• System WPAR – /usr > namefs,
nfs mount or local – /opt > namefs,
nfs mount or local
– /proc > namefs
System WPAR file systems space (2 of 2)
{wpar1} / # mountNode mounted mounted over vfs date options-------- ------------- --------------- ------ ------ ---------
/dev/fslv01 / jfs2 Sep 03 14:55 rw,log=INLINE/dev/fslv02 /home jfs2 Sep 03 14:55 rw,log=INLINE/opt /opt namefs Sep 03 14:55 ro/proc /proc namefs Sep 03 14:55 rw/dev/fslv03 /tmp jfs2 Sep 03 14:55 rw,log=INLINE/usr /usr namefs Sep 03 14:55 ro/dev/fslv04 /var jfs2 Sep 03 14:55 rw,log=INLINE
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 580/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
15-24 AIX installation © Copyright IBM Corp. 2009
From within the WPAR, the file systems are seen as being rooted at /. For example, if theWPAR is established in /wpars/sample, then the / tmp directory for that WPAR will be seen
as /wpars/sample/tmp from the global environment, but simply as /tmp from within theWPAR.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 581/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 15. Introduction to workload partitions 15-25
5.2
empty
Figure 15-20. WPAR management commands AN121.1
Notes:
The visual describes some popular WPAR commands. For further details, refer to the man
pages.
© Copyright IBM Corporation 2009
IBM Power Systems
WPAR management commands
• Basic commands: – Create a system WPAR: /usr/sbin/mkwpar
– Create and run an application WPAR: /usr/sbin/wparexec – List details and status: /usr/sbin/lswpar – Make changes to the WPAR: /usr/sbin/chwpar – Remove a WPAR: /usr/sbin/rmwpar
• Manage system WPARs – Start a WPAR: /usr/sbin/startwpar <wparname> – Stop a WPAR: /usr/sbin/stopwpar -F <wparname> – Reboot a WPAR: /usr/sbin/rebootwpar -F <wparname> – Synchronize the global environment
and WPAR software levels: /usr/sbin/syncwpar • Save and recover system WPARs
– Create a WPAR from a WPAR backup image: /usr/sbin/restwpar – Back up WPAR files: /usr/bin/savewpar – Create a file used by the savewpar and restwpar: /usr/bin/mkwpardata – Restore files from a backup source: /usr/bin/restwparfiles – Lists the contents of a workload partition backup: /usr/bin/lssavewpar
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 582/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
15-26 AIX installation © Copyright IBM Corp. 2009
Figure 15-21. Specification file AN121.1
Notes:
The configuration of a workload partition can be stored in human-readable specification
files. These specification files can be generated by the operating system from already
existing workload partitions, or can be edited, created, or modified by hand.
In an environment where a system administrator has to manage several WPARs,
specification files can help clone new WPARs.
These specification files can be used as input to WPAR creation commands, allowing thesystem administrator to automate the startup and handling of multiple workload partitions.
© Copyright IBM Corporation 2009
IBM Power Systems
Specification file
• A specification file characterizes the WPAR. – A specification file simplifies the creation of future WPARs.
• # mkwpar -n mywpar -o mywpar.spec – A specification file may be generated from an existing WPAR using –w and –o:
• # mkwpar -e mywpar –w –o /tmp/mywpar.spec
– Creating a WPAR using a specification file• # mkwpar-f mkwpar.spec
FILE:mywpar.spec
general:
name = “mywpar"
hostname = “mywpar"
preserve = "no"
directory = "/wpars/mywpar"privateusr = "no"
devices = "/etc/wpars/devexports"
security:
secfile = "/etc/wpars/secattrs"
mount:
dev = "/usr"
directory = "/usr"
vfs = "namefs"
mountopts = "ro"
FILE:mywpar.spec
general:
name = “mywpar"
hostname = “mywpar"
preserve = "no"
directory = "/wpars/mywpar"privateusr = "no"
devices = "/etc/wpars/devexports"
security:
secfile = "/etc/wpars/secattrs"
mount:
dev = "/usr"
directory = "/usr"
vfs = "namefs"
mountopts = "ro"
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 583/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 15. Introduction to workload partitions 15-27
5.2
empty
Figure 15-22. Starting a system WPAR AN121.1
Notes:
The startwpar command activates a workload partition that was defined by the mkwpar
command. It includes:
• Exporting devices from the global environment into the workload partition
• Mounting the workload partition's file systems
• Assigning and activating the workload partition's IP addresses
• Activating the workload partition's WLM class, if any
• Creating the init command
The startwpar command fails if no workload partition exists with the given name.
© Copyright IBM Corporation 2009
IBM Power Systems
Starting a system WPAR
• Start WPAR
root@sys02_p1 /: startwpar -v wpar1
Starting workload partition wpar1.
Mounting all workload partition file systems.
Mounting /wpars/wpar1
Mounting /wpars/wpar1/home
Mounting /wpars/wpar1/opt
Mounting /wpars/wpar1/proc
Mounting /wpars/wpar1/tmp
Mounting /wpars/wpar1/usr
Mounting /wpars/wpar1/var
Loading workload partition.Exporting workload partition devices.
Starting workload partition subsystem cor_wpar1.
0513-059 The cor_wpar1 Subsystem has been started.
Subsystem PID is 282748.
Verifying workload partition startup.
Return Status = SUCCESS.
Start WPAR
cor_<wpar_n
ame>subsystem
started
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 584/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
15-28 AIX installation © Copyright IBM Corp. 2009
Figure 15-23. Stopping and removing a system WPAR AN121.1
Notes:
The stopwpar command deactivates a running workload partition. This includes stopping
the following tasks:
• Stopping processes running within the workload partitions
• Unloading the workload partition's WLM class, if any
• Deactivating the workload partition's IP addresses, if any
• Unmounting the workload partition's file systems, if any
• Restarting the system workload partition
• Removing the application workload partition
The stopwpar command fails if one or more processes cannot be stopped, or one or more
file systems cannot be unmounted. In that case, you can force a workload partition to stopby using the –F flag. This will signal running processes more aggressively and force an
unmount of file systems. If there are processes that cannot be stopped, the workloadpartition is placed in the Broken state, and cannot be restarted.
© Copyright IBM Corporation 2009
IBM Power Systems
root@sys02_p1 /: stopwpar [–F] wpar1root@sys02_p1 /: stopwpar [–F] wpar1
Stopping and removing a system WPAR
root@wpar1 /: shutdown –Froot@wpar1 /: shutdown –F
root@sys02_p1 /: rmwpar wpar1rmwpar: Removing workload partition wpar1
rmwpar: Removing file system /wpars/ wpar1 /var.
rmlv: Logical volume fslv03 is removed.
rmwpar: Removing file system /wpars/wpar1/usr
…….
rmwpar: Return Status = SUCCESS
root@sys02_p1 /: rmwpar wpar1rmwpar: Removing workload partition wpar1
rmwpar: Removing file system /wpars/ wpar1 /var.
rmlv: Logical volume fslv03 is removed.
rmwpar: Removing file system /wpars/wpar1/usr
…….
rmwpar: Return Status = SUCCESS
• Stopping the WPAR from the global environment
• Stopping the WPAR from within the WPAR
• Removing the WPAR from the global environment
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 585/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 15. Introduction to workload partitions 15-29
5.2
empty The rmwpar command deletes the specified workload partition from the system. Thisincludes the following tasks:
• Removing the workload partition's configuration data from the system's workload
partition database
• Deleting the workload partition's file systems
• Removing the workload partition's Workload Manager (WLM) profile
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 586/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
15-30 AIX installation © Copyright IBM Corp. 2009
Figure 15-24. WPAR status: lswpar AN121.1
Notes:
The lswpar command lists both the state of workload partitions and optionally, their
characteristics.
© Copyright IBM Corporation 2009
IBM Power Systems
WPAR status: lswpar
• From the global environment:
• Type = System or Application WPAR• State values
State values Comments
D = Defined System WPAR created with mkwpar and not yet started
A = Active A system WPAR has been started and Daemons are running.
P = Paused Processes are stopped Checkpoint done – Ready to continue
F = Frozen Process stopped checkpoint not done – Usually not seen by the user
T = Transient Intermediate state between Defined and Active
B = Broken System WPAR failed at creation time – need to be removed using rmwpar
root@sys02_p1 /: lswpar
Name State Type Hostname Directory
--------------------------------------------------------------
wpar1 D S wpar1 /wpars/wpar1
oracle D S oracle /wpars/oracle1
db2_95 A S db_serv /wpars/db2_95
apache A A web_serv /
root@sys02_p1 /: lswpar
Name State Type Hostname Directory--------------------------------------------------------------
wpar1 D S wpar1 /wpars/wpar1
oracle D S oracle /wpars/oracle1
db2_95 A S db_serv /wpars/db2_95
apache A A web_serv /
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 587/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 15. Introduction to workload partitions 15-31
5.2
empty
Figure 15-25. WPAR logs AN121.1
Notes:
Logs are available in the /var/adm/wpars directory of the global environment when the
WPAR is created, started, stopped, and so forth. These WPAR events are logged in an
event.log file.
Each system WPAR creation is logged in the /var/adm/ras/wpars.<wpar name>.log file.
© Copyright IBM Corporation 2009
IBM Power Systems
WPAR logs
• Global environment – /var/adm/wpars/event.log
• System WPAR events – File systems creation, exporting WPAR devices – Starting WPAR and stopping WPAR events
• Application WPAR logs start and stop events
– /var/adm/ras/wpars.<wparname>.log• System WPAR installed filesets and root synchronization results
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 588/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
15-32 AIX installation © Copyright IBM Corp. 2009
Figure 15-26. System WPAR management: clogin AN121.1
Notes:
The console of a WPAR is accessed from the global environment. You can log in to a
WPAR using clogin , or a remote mechanism such as rsh, telnet, rlogin , or ssh.
When you need to know whether you are in the global environment or inside a WPAR, youcan execute the uname -W command. This returns 0 if in the global environment, and
non-zero, if inside a WPAR. You can also check the host name or the mounted file systems.
© Copyright IBM Corporation 2009
IBM Power Systems
# clogin wpar10 -l bill "id; date“
uid=202(bill) gid=1(staff)Tue 3 Mar 17:16:50 2009
# clogin wpar10 -l bill "id; date“
uid=202(bill) gid=1(staff)
Tue 3 Mar 17:16:50 2009
System WPAR management: clogin
• With a system WPAR, to log in or execute a command, youcan use: – # clogin <WPAR Name>
– # clogin -l “user” “cmd” “args”
– # telnet
– # ssh
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 589/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 15. Introduction to workload partitions 15-33
5.2
empty
Figure 15-27. AIX command restrictions in WPARs AN121.1
Notes:
Not all applications can run in a WPAR environment. For example, if they require the ability
to manage devices and storage directly, the restrictions of the WPAR environment will be a
problem.
© Copyright IBM Corporation 2009
IBM Power Systems
AIX command restrictions in WPARs
• AIX command restrictions (certain commands are not allowedin WPAR) – LVM commands – File system commands – Special file creation (for example, character and block devices) – Commands accessing /dev/mem – Performance or system tunables are largely restricted to global
environment only.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 590/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
15-34 AIX installation © Copyright IBM Corp. 2009
Figure 15-28. WPAR management: save and restore WPAR AN121.1
Notes:
When the system administrator creates a backup through the mksysb command, the
system administrator usually sends it to a physical device. In a WPAR environment, there
are no physical devices for backup, which means that there is a different way to back up aWPAR. Similar to the savevg command, we can make a backup of the WPAR with the
savewpar command. This saves the files and the configuration of the WPAR. When youhave a system WPAR with shared /usr and /opt, the backup is very small, because it does
not save those file systems. You must be in the global environment to execute the backup.
If you want to save the backup of a WPAR on a DVD, you can use the mkdvd commandwith the –W flag. The –W flag demotes the workload partition to be backed up using the
savewpar command.
The restwpar command creates a workload partition from a workload partition backup
image, created by the savewpar, mkcd, or mkdvd command. A workload partition backupimage contains an image.data file and a workload partition specification file which are
used by default to establish the characteristics of workload partition.
© Copyright IBM Corporation 2009
IBM Power Systems
WPAR management: Save and restore WPAR
• savewpar: Backs up files and metadata from a WPAR
• restwpar: Can be used to recreate or to clone a WPAR
# savewpar -Nif /tmp/wpar1.backup wpar1
Creating information file for workload partition wpar1.
Creating list of files to back up.
Backing up 2067 files
2067 of 2067 files (100%)
0512-038 savewpar: Backup Completed Successfully.
# savewpar -Nif /tmp/wpar1.backup wpar1
Creating information file for workload partition wpar1.
Creating list of files to back up.
Backing up 2067 files
2067 of 2067 files (100%)
0512-038 savewpar: Backup Completed Successfully.
# restwpar –F -f /tmp/wpar1.backup
New volume on /tmp/wpar1.backup:
Cluster size is 51200 bytes (100 blocks).
The volume number is 1.
The backup date is: Thu Nov 8 11:04:42 CST 2007
Files are backed up by name.
The user is root.
x 2772 ./.savewpar_dir/wpar.spec
x 4641 ./.savewpar_dir/image.data
x 124059 ./.savewpar_dir/backup.data
The total size is 131472 bytes
syncroot: Returns Status = SUCCESS
Workload partition wpar1 created successfully.
mkwpar: 0960-390 To start the workload partition, execute the following as root:
startwpar [-v] wpar1.
# restwpar –F -f /tmp/wpar1.backup
New volume on /tmp/wpar1.backup:
Cluster size is 51200 bytes (100 blocks).
The volume number is 1.
The backup date is: Thu Nov 8 11:04:42 CST 2007Files are backed up by name.
The user is root.
x 2772 ./.savewpar_dir/wpar.spec
x 4641 ./.savewpar_dir/image.data
x 124059 ./.savewpar_dir/backup.data
The total size is 131472 bytes
syncroot: Returns Status = SUCCESS
Workload partition wpar1 created successfully.
mkwpar: 0960-390 To start the workload partition, execute the following as root:
startwpar [-v] wpar1.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 591/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 15. Introduction to workload partitions 15-35
5.2
empty The restwpar command has three major steps:
1. Create the necessary file systems according to the image.data file that is created withthe savewpar command, and mount them.
2. Restore the files in the backup to their proper places. This might include the /usr and
/opt depending on the type of WPAR.
3. Synchronize the WPAR with the global environment.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 592/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
15-36 AIX installation © Copyright IBM Corp. 2009
Figure 15-29. Software installation, shared /usr and /opt AN121.1
Notes:
To install software in shared WPARs, the software must first be installed in the global
environment. When software is installed in AIX, there are two parts, root and user , as
shown in the installation summary below. When software is installed in the globalenvironment, the WPAR /usr already has the software installed, but the root part is private
and therefore is not in sync with the user part of the installation. In order to sync the root and /usr parts of the shared WPAR, either run the syncwpar command from the global
environment, or run the syncroot command from within the WPAR.
Installation Summary--------------------
Name Level Part Event Result
-------------------------------------------------------------------------------
bos.games 6.1.0.0 USR APPLY SUCCESS
bos.games 6.1.0.0 ROOT APPLY SUCCESS
© Copyright IBM Corporation 2009
IBM Power Systems
Software installation, shared /usr and /opt
• Software must be installed in the global environment and thensynchronized with the shared WPARs. – This includes updates to the operating system
• To synchronize shared WPARs: – From the global environment, run # syncwpar <wparname>
or – From within the WPAR, run # syncroot
Global env # installp –acd . bos.games
Global env # syncwpar -A
Global env # installp –acd . bos.games
Global env # syncwpar -A
Synchronizes allWPARS
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 593/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 15. Introduction to workload partitions 15-37
5.2
empty
Figure 15-30. Software installation, non-shared /usr and /opt AN121.1
Notes:
The procedure for installing software into a non-shared WPAR is the same as installing into
a regular instance of AIX. There is also a new facility in the AIX SMIT panels which will
enables software to be installed from the global environment in detached (non-shared)WPARs, as shown in the visual.
© Copyright IBM Corporation 2009
IBM Power Systems
Software installation, non-shared /usr and /opt
• Non-shared /usr and /opt – Software can be installed from within the WPAR – Same process as AIX (Using SMIT, installp, rpm)
or – Can be installed into the WPAR from the global environment
# smit install_latest
Install Software
[Entry Fields]
* INPUT device / directory for software .
* SOFTWARE to install [bos.games] > +
PREVIEW only? (install operation will NOT occur) no +
COMMIT software updates? yes +
# fields removed for clarity
WPAR Management
Perform Operation in Global Environment no +
Perform Operation on Detached WPARs yes +
Detached WPAR Names [private] +
Remount Installation Device in WPARs yes +
Alternate WPAR Installation Device []
Install Software
[Entry Fields]
* INPUT device / directory for software .
* SOFTWARE to install [bos.games] > +
PREVIEW only? (install operation will NOT occur) no +COMMIT software updates? yes +
# fields removed for clarity
WPAR Management
Perform Operation in Global Environment no +
Perform Operation on Detached WPARs yes +
Detached WPAR Names [private] +
Remount Installation Device in WPARs yes +
Alternate WPAR Installation Device []
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 594/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
15-38 AIX installation © Copyright IBM Corp. 2009
Figure 15-31. WPAR resource control AN121.1
Notes:
The workload partition resource control is based on the Workload Manager (WLM)
technology which has been incorporated in the AIX kernel since version 4.3.3. Because the
workload partition resource control commands encapsulate and hide WLM details, thesystem administrator does not need to have in-depth knowledge of WLM, in order to use
workload partition resource control.
There are two approaches of specifying CPU and memory allocation: share-based and
percentage-based.
Resource allocation control for each WPAR is performed at the global environment level bythe global administrator. Commands related to resource control are not available within a
workload partition. You can specify resource control attributes using the -R flag of the
mkwpar, chwpar, wparexec, and lswpar commands.
© Copyright IBM Corporation 2009
IBM Power Systems
WPAR resource control
• Resource control enables the administrator to control CPU andMemory limits. – In addition to CPU and memory, you can control other values such as
the total number of processes and threads.
• This facility is provided by workload manager (WLM). – No direct WLM knowledge or configuration is required.
• For CPU and memory there are two approaches: – Share-based (on relative importance) – Percentage-based (on fixed limits)
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 595/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 15. Introduction to workload partitions 15-39
5.2
empty
Figure 15-32. Shared-based approach AN121.1
Notes:
Share-based approach.
Each workload partition receives its part of the specified resource, according to the ratio of
its own share to the sum of shares of all currently active workload partitions.
© Copyright IBM Corporation 2009
IBM Power Systems
Shared-based approach
• To create a WPAR using shared resource controls
• To change or add shared resource controls
System # mkwpar -n wparA -R shares_CPU=10 shares_memory=20
App # wparexec -n wparAPP -R shares_CPU=10 shares_memory=20 <app. path>
System # mkwpar -n wparA -R shares_CPU=10 shares_memory=20
App # wparexec -n wparAPP -R shares_CPU=10 shares_memory=20 <app. path>
# chwpar -R shares_CPU=50 shares_memory=30 wparA
# Note: Same syntax for both system and application WPARs
# chwpar -R shares_CPU=50 shares_memory=30 wparA
# Note: Same syntax for both system and application WPARs
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 596/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
15-40 AIX installation © Copyright IBM Corp. 2009
Figure 15-33. Percentage-based approach AN121.1
Notes:
Percentage-based approach.
There are three parameters that should be specified:
• Minimum percentage is the minimum amount of a resource that a WPAR is guaranteed
to have available at all times.
• Soft maximum percentage is the maximum amount of a resource that a WPAR canhave when multiple WPARs contend for that type of resource. If there is a sufficient
amount of that type of resource available, and resource contention does not occur, theWPAR can exceed this limit.
• Hard maximum percentage is the maximum amount of a resource that a WPAR can
ever have. Even if there is a sufficient amount of that type of resource available, andresource contention does not occur, the WPAR cannot exceed this limit.
© Copyright IBM Corporation 2009
IBM Power Systems
Percentage-based approach
• Three values: – Minimum: Guaranteed capacity – Soft maximum: Maximum capacity if there is contention for resource – Hard maximum: Absolute maximum, cannot be exceed
• Format: – Minimum%-soft maximum%,hard maximum%
• Both percentage and share value can be set. Percentagetakes precedence.
• To create a WPAR with CPU % resource controls
• To change or add CPU % resource controls
System # mkwpar -n wparA -R CPU=5%-30%,50% memory=5%-10%,25%
App. # wparexec -n wparAPP -R CPU=5%-30%,50% memory=5%-10%,25% <app. path>
System # mkwpar -n wparA -R CPU=5%-30%,50% memory=5%-10%,25%App. # wparexec -n wparAPP -R CPU=5%-30%,50% memory=5%-10%,25% <app. path>
# chwpar -R CPU=10%-20%,70% memory=5%-20%,45% wparA# chwpar -R CPU=10%-20%,70% memory=5%-20%,45% wparA
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 597/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 15. Introduction to workload partitions 15-41
5.2
empty
Figure 15-34. Workload Partition Manager overview AN121.1
Notes:
IBM Workload Partition (WPAR) Manager is a platform management solution that provides
a centralized point of control for managing workload partitions or WPARs, across a
collection of managed systems running AIX.
It is an optional product, part of the IBM Systems Director family, designed to facilitate the
management of WPARs and application mobility. WPAR Manager also provides advancedfeatures such as policy-based mobility for the automation of WPAR relocation, based on
current performance state. WPAR Manager is a separate chargeable product, not part of
AIX.
© Copyright IBM Corporation 2009
IBM Power Systems
Workload Partition Manager overview
• Provides centralized management of WPARs across multiple serversand enables infrastructure optimization
• WPAR Manager components require: – One server LPAR running as manager – One agent on each managed LPAR containing WPARs
• Browser-based single GUI for WPAR management: – Basic lifecycle administration
• Create, view, modify, start, stop, and remove
– Advanced management
• Static and live relocation• Checkpoint, restart• Automated relocation, policy driven• Monitoring, performance reporting• Global load balancing• Recovery
WPAR1 WPAR2 WPAR3
LPAR YWPAR Agent
WorkloadPartitionManager
WebServer
Browser
LPAR1Management Server
WPAR A WPAR B WPAR C
LPAR XWPAR Agent
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 598/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
15-42 AIX installation © Copyright IBM Corp. 2009
Figure 15-35. Workload Partition Manager GUI AN121.1
Notes:
WPAR Manager is a JAVA application running in a management server. The WPAR
Manager GUI provides a browser-driven interface to the WPAR management server. The
UI displays information that has been collected through the agents, and also providesmanagement capability such as creation, deletion, and relocation of WPARs. Many of
these tasks can also be accomplished from the command line interface.
© Copyright IBM Corporation 2009
IBM Power Systems
Workload Partition Manager GUI
• Access the WPAR Manager from a browser using a system anywhereon the network.
• WPAR Manager console default URLs: – Public: http://<hostname> :14080/ibm/console – Secured: https://<hostname>:14443/ibm/console
• Single point of control formanaging: – System WPARs – Application WPARs
• WPAR Manager is licensed – Covers all embedded technologies
and products:• Agent services• Database• MetaCluster Checkpoint Restart (MCR)
– Customer required to accept license agreement on all installp filesets
Browser based console
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 599/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 15. Introduction to workload partitions 15-43
5.2
empty
Figure 15-36. Checkpoint AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Checkpoint
1.True or False: Workload partitions require Power6 systems.
2.What are the two types of workload partitions?
3.What command builds and starts an application workload partition?
4.How is the network connection for a WPAR implemented?
5.What are the three forms of file system access within a WPAR?
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 600/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
15-44 AIX installation © Copyright IBM Corp. 2009
Figure 15-37. Exercise 15 AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Exercise 15
Introduction toworkload partitions
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 601/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Unit 15. Introduction to workload partitions 15-45
5.2
empty
Figure 15-38. Unit summary AN121.1
Notes:
© Copyright IBM Corporation 2009
IBM Power Systems
Unit summary
Having completed this unit, you should be able to:
• Understand workload partition (WPAR) concepts
• Create, control, and manage WPARs
• Describe the role of WPAR Manager
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 602/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
15-46 AIX installation © Copyright IBM Corp. 2009
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 603/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Appendix A. Printers and queues A-1
5.3
empty Appendix A. Printers and queues
What this unit is about
This unit describes the concepts behind the AIX print spooling
mechanisms in AIX 6.1.
What you should be able to do
After completing this unit, you should be able to:
• Describe the purpose and the benefits of a queuing system• Identify the major components that are responsible for processing
a print request
• Add a printer queue and device under different circumstances
• Submit jobs for printing• View the status of the print queues
How you will check your progress
Accountability:
• Checkpoint questions• Exercise
References
Online AIX 6.1 System Management Guide
Online AIX 5L Version 5.3 Guide to Printers and Printing
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 604/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
A-2 AIX installation © Copyright IBM Corp. 2009
Figure A-1. Unit objectives AN121.1
Notes:
© Copyright IBM Corporation 2009
Unit objectives
After completing this unit, you should be able to:• Describe the purpose and the benefits of a queuing system• Identify the major components that are responsible for
processing a print request• Add a printer queue and device under different
circumstances• Submit jobs for printing• View the status of the print queue
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 605/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Appendix A. Printers and queues A-3
5.3
empty
Figure A-2. AIX 6.1 printing environments AN121.1
Notes:
Introduction
The visual gives an overview of the different approaches that can be taken to printingunder AIX 5L and later. In the next two visuals, System V printing is compared to the
traditional AIX print subsystem. The remainder of this unit will focus on using the AIXprint subsystem.
Note
You can use either the AIX print subsystem or the System V print subsystem. They will notrun concurrently.
© Copyright IBM Corporation 2009
AIX 6.1 printing environments
• Print subsystems:
– AIX print subsystem
– System V print subsystem
• Print directly to a local printer device.
• Print directly to a remote printer through a socket program.
• Infoprint Manager, or similar advanced print managementsystem
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 606/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
A-4 AIX installation © Copyright IBM Corp. 2009
Print directly to a local printer device
This is the simplest form of printing. If your printer is directly attached to a serial or
parallel port on the local machine, it is possible to print by sending a file directly to thedevice. For example:
# cat /home/karlmi/myfile > /dev/lp0
In this approach, you lose the ability to serialize (spool) print requests. Only one usermay print at a time. On the other hand, if a printer is dedicated to one use, this may be agood solution. Examples might be logging to a printer, or printing checks.
Print directly to a remote printer through a socket program
This is similar to printing to a device driver, except that in this case, you are sending the
output to a program which makes a connection to the printer over the network.
Print using the System V print subsystem
In this environment, files to be printed are sent to the System V print service daemon,lpsched, using the lp or lpr commands. The print service daemon serializes the jobs,
so they will be printed in the order in which they were submitted. The print service mayfilter the file to format the data so that it matches the types of data acceptable to the
printer. The print service then sends files, one at a time, to the interface program, whichmay do additional filtering before sending the file to the local printer driver or network
printing application.
Print using the AIX print subsystem
In this environment, files to be printed are sent to the AIX print spooler daemon,
qdaemon, using any of the AIX print commands (enq, qprt, lp, or lpr). The spooler
daemon serializes the jobs. The spooler sends jobs, one at a time, to programs thatmay filter the data, before sending it to the local printer driver or network printing
application.
Print using IBM’s Infoprint Manager (or similar advanced printmanagement system)
Infoprint Manager provides serialization and filtering similar to the System V or AIX printsubsystems. In addition, it adds extra capabilities of security, customization, and control
not provided by either System V printing or AIX printing. For additional information, referto the Infoprint Manager Web site:
http://www.printers.ibm.com/internet/wwsites.nsf/vwwebpublished/ipmaix_ww
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 607/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Appendix A. Printers and queues A-5
5.3
empty
Figure A-3. AIX print subsystem: Advantages AN121.1
Notes:
Powerful and flexible printer drivers
AIX printer drivers provide many printing options that can be easily controlled usingcommand line options to the qprt command. Printer defaults can be easily managed
using SMIT or the command line.
System management tools
The AIX print subsystem includes mature and powerful system management usingeither the Web-based System Manager or SMIT, as well as the command line. Some
specific system management advantages using the AIX print subsystem are:
• Limits fields and options validation
Gives the user or administrator a range of valid values for print options andprevents the user from using an invalid value
© Copyright IBM Corporation 2009
AIX print subsystem: Advantages
• Powerful and flexible printer drivers
• System management tools: – Limits fields and options validation
– Easy printer customization
– Single step print device and queue creation
• Customizable spooling subsystem
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 608/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
A-6 AIX installation © Copyright IBM Corp. 2009
• Easy printer customization
• Printers can be customized using menu selections or command line options.Under System V printing, customizing printers often requires a knowledge of
shell programming.
• Single step print device and queue creation
• Under System V printing, you must first add a print device and then create theprint queue.
Customizable spooling subsystem
The AIX print subsystem is specifically designed so that it can be used to serialize other
types of jobs beyond just printing.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 609/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Appendix A. Printers and queues A-7
5.3
empty
Figure A-4. System V print subsystem: Advantages AN121.1
Notes:
Compatibility
System administrators with experience in other UNIX variants that use System Vprinting, will find it easy to manage printing under AIX’s System V print subsystem.
Availability of interface programs
Many printer manufacturers provide interface shell scripts to support using theirproducts under System V printing. Usually, only minor modifications are required forindividual UNIX variations. Because the AIX print subsystem is proprietary, an interface
program written for another operating system cannot be used in the AIX printsubsystem. It must be completely rewritten. This has led to a limited number of printers
supported under AIX. With the support of System V printing in AIX 6.1, it is easier formanufacturers to include support for AIX printing.
© Copyright IBM Corporation 2009
System V print subsystem: Advantages
• Compatibility
• Availability of interface programs
• Security
• Support for forms
• Standard PostScript filters
• Long term strategy
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 610/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
A-8 AIX installation © Copyright IBM Corp. 2009
Security
Controlling user access to printers can be an important issue. For example, you might
need to limit access to the printer used to print checks. System V printing includesbuilt-in capabilities for restricting user access to certain printers. Using the AIX print
subsystem, the backend program must be customized to restrict user access.
Support for forms
If you are printing to preprinted forms, it’s important that other users not be able to printwhile the expensive forms are loaded on the printer. The System V print subsystem
provides a mechanism for mounting forms on printers, and allowing or denying, useraccess based on the form which is mounted. To provide this capability under AIX
printing, you must create multiple queues and manage which queues are enabled whilea form is mounted.
Standard PostScript filters
The System V print subsystem includes a number of filters for converting different file
formats to PostScript. Some formatting and page selection capabilities are alsoincluded.
Long term strategy
IBM’s long term printing strategy for AIX is to maintain compatibility with other UNIX
systems. This means that new features and functions are added to the System V print
subsystem in later releases, while the AIX print subsystem is supported, but not
enhanced in future releases.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 611/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Appendix A. Printers and queues A-9
5.3
empty
Figure A-5. Concepts of queues AN121.1
Notes:
Purpose for queues
The purpose of the queuing system is to maintain a queue of jobs that are waiting fortheir turn to run (that is, use some system resource, like a printer or the CPU). The
AIX 6.1 queuing system performs this function.
Benefits of queues
The queues also give control to the system administrator over the queuing mechanism.Therefore, the system administrator can perform tasks like cancelling jobs on queues,
changing priorities of jobs, and so forth.
A queue enables the sharing of resources in an ordered fashion.
© Copyright IBM Corporation 2009
Concepts of queues
file1
file2
file3
file4
/dev/lp0
/dev/lp1
file1
file2
.
.
file3
file4
Queue1
Queue2
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 612/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
A-10 AIX installation © Copyright IBM Corp. 2009
The diagram above illustrates three important issues:
• One print queue can point to a number of printers (and it is the job of the qdaemon to determine the next available printer to print on), for example, Queue1.
• Users may submit their jobs to a number of different queues.
• A printer can have a number of different queues pointing to it, for example, the
printer /dev/lp1 is accessed by both Queue1 and Queue2.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 613/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Appendix A. Printers and queues A-11
5.3
empty
Figure A-6. Printer data flow AN121.1
Notes:
Print request
Local printing is implemented through a queuing mechanism. The user can issue one ofthe printer commands qprt, lp, lpr, or enq to submit a print job. Although a user can
use any one of these four commands, the true entry point to the spooler is the enq command which is responsible for processing the job request, creating a job description
file (JDF), and notifying the qdaemon of the new job.
The qdaemon
The qdaemon process runs at all times. The qdaemon maintains a list of all of the definedqueues and monitors the queues for newly submitted jobs. qdaemon tries to process the
job if the destination device is available, otherwise the job remains in the queue and
qdaemon tries again later.
© Copyright IBM Corporation 2009
Printer data flow
# qprt -Pps [-c] file
starts
Backend(piobe)
submits file to
printer
/dev/lp0
uses spool file
(if it exists)
print request
lp lpr qprt
enq
Queuecopy of file (if requested)
Spool
directorymonitors
qdaemon
Virtual Printer Definition
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 614/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
A-12 AIX installation © Copyright IBM Corp. 2009
Queueing system process
The flow of the queuing system shown in the visual:
• The printing command calls enq. enq checks to see if the requested queue name is a
valid queue and all of the parameters are correct. If so, it continues, if not, an errormessage is returned to the user.
• An entry is made in the /var/spool/lpd/qdir directory identifying the job to be run. If theprinter command uses an option to indicate that a copy of the file is to be made, thecopy is placed in the spool directory /var/spool/qdaemon.
• The qdaemon is notified of a new job in its qdir directory.
• When the queue is ready for the job, the qdaemon reads information from the
/etc/qconfig file describing the queue.
• The qdaemon updates the /var/spool/lpd/stat file for the appropriate queue to show that
the queue is now working on a new job.
• The qdaemon starts the back-end program, passing the file names and appropriateoptions on the command line.
• The back-end determines the correct data stream characteristics, and merges these
with the actual file. The data stream characteristics are stored as virtual printer
definitions in the /var/spool/lpd/pio/@local directory.
• The back-end program sends its data stream to the device driver for the appropriate
printer.
What happens when a file is spooled?
When a file is spooled, a copy of that file is sent to the print spool directory,
/var/spool/qdaemon. The copy remains in that directory until it is printed. This means
that if you spool a file to the printer, a user could continue to make revisions to theoriginal since the copy in the print spool directory will not be altered. This ensures that
the file that is sent to the printer gets printed in its original form, even if a user edits theoriginal file that is on disk. Spooled files take up disk space in /var until they are printed.
When a file is queued, one line of information is sent to the /var/spool/lpd/qdir
directory which points back to the original file on disk. If revisions are made to the file ondisk before it is pulled from the queue to print, the revised file is printed.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 615/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Appendix A. Printers and queues A-13
5.3
empty
Figure A-7. System files associated with printing AN121.1
Notes:
Print related files and directories
The system files and directories used for printing include:
• The /etc/qconfig file describes the queues and devices available for use by theprinting commands.
• The /var/spool directory contains files and directories used by the printing
programs and daemons.
• The /var/spool/lpd/qdir directory contains information about files queued toprint.
• The /var/spool/qdaemon directory contains copies of the files that are spooled
to print.
• The /var/spool/lpd/stat directory is where the information on the status of jobs is
stored. It is used by the qdaemon and backend programs.
© Copyright IBM Corporation 2009
System files associated with printing
/etc/qconfig Queue configuration files
/var/spool/* Spooling directories
/var/spool/lpd/qdir/* Queue requests
/var/spool/qdaemon/* Temporary enqueued files
/var/spool/lpd/stat/* Line printer status information
/var/spool/lpd/pio/@local Virtual printer directories
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 616/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
A-14 AIX installation © Copyright IBM Corp. 2009
• The /var/spool/lpd/pio/@local directory holds virtual printer definitions. This iswhere the attributes of printers are paired with the attributes of corresponding
data stream types.
It is recommended that SMIT be used to update these device-related files. In mostcases, updating standard system files is not recommended.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 617/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Appendix A. Printers and queues A-15
5.3
empty
Figure A-8. qdaemon AN121.1
Notes:
qdaemon introduction
The qdaemon program schedules jobs that have been enqueued. It is a backgroundprocess that is usually started at system IPL through the startsrc command run from
/etc/inittab.
qdaemon is controlled by the /etc/qconfig file. /etc/qconfig contains a stanza for eachqueue. The stanza identifies any queue management options and points to a queue
device stanza, which identifies the destination printer, the formatting options, and theback-end program.
© Copyright IBM Corporation 2009
qdaemon
• Manages queues
• Is started in the /etc/inittab file
• Invokes the back-end programs
• Optionally records accounting data
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 618/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
A-16 AIX installation © Copyright IBM Corp. 2009
The back-end program
The back-end program is called by qdaemon to actually process each request. The
back-end program is determined by how the printer is connected to the AIX system. Forlocal printing, the back-end program is /usr/lib/lpd/piobe. For a remote printer, it is
/usr/lib/lpd/rembak.
The back-end program uses printer attribute information to prepare the printer andformat the data for output. It also prints header and trailer pages, if they are enabled.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 619/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Appendix A. Printers and queues A-17
5.3
empty
Figure A-9. The /etc/qconfig file AN121.1
Notes:
Introduction
The /etc/qconfig file is an attribute file. Some stanzas in this file describe queues, andother stanzas describe devices. Every queue stanza requires that one or more device
stanzas immediately follow it in the file.
This file is the key to customizing the queues. Although the file can be edited directly, itis recommended that it be changed through high-level commands or through SMIT.
Queue stanza
This starts with the queue name, which can be up to 20 characters, followed by a colon.
The queue name is used by the person submitting a job to indicate the requestedqueue. The first queue in the /etc/qconfig file is the default queue, which receives any
job requests submitted without a specific queue name.
© Copyright IBM Corporation 2009
The /etc/qconfig file
lp0: * One queue pointing to one devicedevice = lp0dev
up = TRUE
discipline = fcfslp0dev:
file = /dev/lp0
backend = /usr/lib/lpd/piobe
header = group
trailer = never
feed = never
lpq: * One queue pointing to two devicesdevice = lpqdev1,lpqdev2
lpqdev1:
file = /dev/lp1
backend = /usr/lib/lpd/piobe
lpqdev2:
file = /dev/lp2
backend = /usr/lib/lpd/piobe
ps: * Two queues pointing to one devicedevice = psdev
psdev:
file = /dev/lp3
backend = /usr/lib/lpd/piobe
asc:
device = ascdev
ascdev:
file = /dev/lp3
backend = /usr/lib/lpd/piobe
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 620/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
A-18 AIX installation © Copyright IBM Corp. 2009
Some of the attributes that can be found in the queue stanza include:
Device stanza
The name of a device stanza is arbitrary and can be from one to 20 characters long.
The name is followed by a colon.
The attributes that can be found in the device stanza include:
Attribute Definition Default Other
deviceIdentifies the symbolic name that refers tothe device stanza
discipline Defines the queue serving algorithm fcfs sjn
acctfile Identifies the file used to save printaccounting information false filename
up Defines the state of the queue TRUE FALSE
Attribute Description Default Other
file
Identifies the special file where the output of
back-end is to be redirected
FALSE indicates no redirection and that the
file name is /dev/null.
FALSE
backend
Specifies the full path name of the back-end,
optionally followed by the flags andparameters to be passed to it
access
Specifies the type of access the back-endhas to the file specified by the file fieldThis field is ignored if the file field has the
value, FALSE.
write
both (used
for modemsor backendsneeding
readcapability)
headerSpecifies whether a header page printsbefore each job or group of jobs
neveralways
group
trailerSpecifies whether a trailer page prints after
each job or group of jobsnever
always
group
feedSpecifies either the number of separatorpages to print when the device becomes idleor the value never, which indicates that the
back-end is not to print separator pages
never integer
align
Specifies whether the back-end sends aform-feed control before starting the job, if
the printer was idleFALSE TRUE
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 621/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Appendix A. Printers and queues A-19
5.3
empty The device stanza must contain an attribute that designates the back-end program. Thefunction of the back-end is to manage the printing of the actual job. It also produces the
final data stream that goes to the printer. The most common back-end program for localprinting is piobe.
If different users prefer different default printers, then the PRINTER variable can be set
up, on a per user basis. The PRINTER variable should be set to the queue that the user
wants to be their default queue, for example:
# PRINTER=ps ; export PRINTER
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 622/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
A-20 AIX installation © Copyright IBM Corp. 2009
Figure A-10. Printer menu AN121.1
Notes:
Interface to manage spooling
AIX print spooling System V print spooling are supported by SMIT in AIX 6.1. TheWeb-based System Manager supports both print spooling systems.
© Copyright IBM Corporation 2009
Printer menu
# smit spooler_choice
Print Spooling
Move cursor to desired item and press Enter.
AIX Print Spooling
System V Print Spooling
F1=Help F2=Refresh F3=Cancel F8=Image
F9=Shell F10=Exit Enter=Do
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 623/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Appendix A. Printers and queues A-21
5.3
empty
Figure A-11. AIX printer menu AN121.1
Notes:
SMIT AIX printer menu
The SMIT fastpath to this menu is smit spooler. Printers and print queues can also bemanaged using the Web-based System Manager.
The options on this menu are:
• Start a Print Job
This option starts a print job by submitting the job to a print queue.
• Manage Print Jobs This option opens a submenu which enables you to cancel jobs, show the status
of jobs, prioritize jobs, hold and release jobs, and move jobs between printqueues.
• List All Prinul3t Queues
This option displays a list of all the print queues and their associated printers.
© Copyright IBM Corporation 2009
AIX printer menu
# smit spooler
AIX Print SpoolingMove cursor to desired item and press Enter.
Start a Print Job
Manage Print Jobs
List All Print Queues
Manage Print Queues
Add a Print Queue
Add an Additional Printer to an Existing Print Queue
Change / Show Print Queue Characteristics
Change / Show Printer Connection Characteristics
Remove a Print QueueManage Print Server
Programming Tools
Change / Show Current Print Subsystem
F1=Help F2=Refresh F3=Cancel F8=Image
F9=Shell F10=Exit Enter=Do
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 624/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
A-22 AIX installation © Copyright IBM Corp. 2009
- Manage Print Queues You can start and stop print queues, show the status of print queues and change the
system's default print queue.
- Add a Print Queue This option adds a print queue to the system configuration and creates the
associated queue device and printer device definition, if needed.
- Add an Additional Printer to an Existing Print Queue This option adds another printer to an existing queue.
- Change/Show Print Queue Characteristics This option will provide access to screens that enable you to change the printer
setup, default print job attributes, accounting file setup, and queuing discipline.
- Change/Show Printer Connection Characteristics This option changes or shows printer communication and startup characteristics.
- Remove a Print Queue
This option removes a print queue from the system configuration. It also removesthe associated spooler queue device and printer device definition. If a print queue
has more than one printer associated with it, then all the printers are removed fromthe print queue.
- Manage Print Server
This option configures this machine as a print server. Allows you to control whichclients have print access to this machine, list clients with print access, add and
remove clients, and stop and start the server subsystem.
- Programming Tools
This option enables you to access low-level utilities for manipulating databases andfilters.
- Change/Show Current Print Subsystem Only one of the two print subsystems at the same time can be active. By default,
after installation, the AIX printer subsystem is active.
Other commands
To show the current print subsystem: # switch.prt -d
To change the current print subsystem, you can use either:
-# switch.prt -s AIX
-# switch.prt -d SystemV
To check if binaries are correctly linked, you can use either:
-/usr/bin/lpstat --> /usr/aix/bin/lpstat
-/usr/bin/lpstat --> /usr/sysv/bin/lpstat
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 625/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Appendix A. Printers and queues A-23
5.3
empty
Figure A-12. Configuring a printer with a queue AN121.1
Notes:
Adding a local print queue
In our example, assume that the printer is directly attached to our AIX system. Toconfigure a printer attached in this way, choose local.
Some applications contain their own print control mechanisms and thus require that a
printer be configured without a queue. Use the SMIT fastpath smit pdp to define aprinter without a queue.
© Copyright IBM Corporation 2009
Configuring a printer with a queue
AIX Print Spooling
Move cursor to desired item and press Enter.
Add a Print Queue
Move cursor to desired item and press Enter.Use arrow keys to scroll.#ATTACHMENT TYPE DESCRIPTION
local Printer Attached to Local Hostremote Printer Attached to Remote Host
xstation Printer Attached to Xstationascii Printer Attached to ASCII Terminal
hpJetDirect Network Printer (HP JetDirect)file File (in /dev directory)
ibmNetPrinter IBM Network Printer
ibmNetColor IBM Network Color Printerother User Defined Backend
F1=Help F2=Refresh F3=Cancel
F8=Image F10=Exit Enter=Do/=Find n=Find Next
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 626/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
A-24 AIX installation © Copyright IBM Corp. 2009
Figure A-13. Selecting a printer type (1 of 2) AN121.1
Notes:
Specify the printer manufacturer
The next selection that has to be made is the printer type. Notice that IBM is only one ofthe choices and many other manufacturers are supported as well. Note also that there
is an Other option which will be selected if the printer type is not supported; that is, notpart of the list.
© Copyright IBM Corporation 2009
Selecting a printer type (1 of 2)
AIX Print Spooling
Move cursor to desired item and press Enter.
Printer Type
Move cursor to desired item and press Enter.
BullCanon
Dataproducts
Hewlett-PackardIBM
LexmarkOKI
PrintronixQMS
Texas InstrumentsOther (select this if your printer is not listed above)
F1=Help F2=Refresh F3=Cancel
F8=Image F10=Exit Enter=Do/=Find n=Find Next
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 627/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Appendix A. Printers and queues A-25
5.3
empty
Figure A-14. Selecting a printer type (2 of 2) AN121.1
Notes:
Select the manufacturer’s supported printer
If you do not have the software installed for your printer, you are prompted to insert themedia to install the software first, before configuring the device and the queue.
The choice of printer determines the queue, or the virtual printer, setup. For example,
an IBM 4029 Laser Printer is capable of handling PostScript, ASCII, GL Emulation, andPCL Emulation. The SMIT print spooling menus guide you through the creation of up to
four separate queues which submit to the same printer.
© Copyright IBM Corporation 2009
Selecting a printer type (2 of 2)
AIX Print Spooling
Printer Type
Move cursor to desired item and press Enter.
[MORE...8]ibm2391-2 IBM 2391 Plus printer (Model 2)ibm3112 IBM 3112 Page Printeribm3116 IBM 3116 Page Printeribm3130 IBM 3130 LaserPrinteribm3812-2 IBM 3812 Model 2 Page Printeribm3816 IBM 3816 Page Printeribm4019 IBM 4019 LaserPrinteribm4029 IBM 4029 LaserPrinteribm4037 IBM 4037 LP printeribm4039 IBM 4039 LaserPrinter
[MORE...49]
F1=Help F2=Refresh F3=CancelEsc+8=Image Esc+0=Exit Enter=Do/=Find n=Find Next
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 628/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
A-26 AIX installation © Copyright IBM Corp. 2009
Figure A-15. Printer attachment AN121.1
Notes:
Selecting the printer attachment
After selecting a printer type, a pop-up window is displayed where the printer interfacemust be chosen. Possible values are parallel, RS232, and RS422. Some printers
support multiple attachment methods.
Then, a list of installed adapters that support that method of attachment are presented.
© Copyright IBM Corporation 2009
Printer attachment
Printer InterfaceMove cursor to desired item and press Enter.
parallel
rs232
rs422
Parent Adapter
Move cursor to desired item and press Enter.
ppa0 Available 01-G0 Standard Parallel Port Adapter
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 629/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Appendix A. Printers and queues A-27
5.3
empty
Figure A-16. Add the print queues AN121.1
Notes:
Create the print queues
This menu varies depending on the characteristics of the physical printer. If the printer iscapable of two or three different modes or emulations, the system prompts you for a
separate queue name for each emulation. Once these queues are created, they aresometimes referred to as virtual print devices.
Additional queues can be added to this printer after the initial queues are created.
© Copyright IBM Corporation 2009
Add the print queues
Add a Print Queue
Type or select values in entry fields.Press Enter AFTER making all desired changes.
[Entry Fields]
Description IBM 4029 LaserPrinterNames of NEW print queues to add
ASCII [asc]GL Emulation []PCL Emulation []PostScript [ps]
Printer connection characteristics* PORT number [p] +
Type of PARALLEL INTERFACE [standard] +Printer TIME OUT period (seconds) [600] +#STATE to be configured at boot time available +
F1=Help F2=Refresh F3=Cancel F4=ListF5=Reset F6=Command F7=Edit F8=ImageF9=Shell F10=Exit Enter=Do
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 630/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
A-28 AIX installation © Copyright IBM Corp. 2009
Figure A-17. Remote printing AN121.1
Notes:
Overview of print server setup
Once your system has the local queue set up, any user on that system can print. If themachine is networked, it can also provide printing for client machines by becoming a
print server.
To set up a print server, you need to define the client machine names, or IP addresses,in the /etc/hosts.lpd file, and then start the lpd daemon. Both of these tasks can be
done through SMIT. To use SMIT, the fastpath to identify the client system is smitmkhostslpd.
The lpd daemon is controlled by SRC. You should use SMIT to start it, because SMIT
also adds entries to /etc/inittab to ensure that it is started on reboot. The fastpath forthis screen is smit mkitab_lpd.
© Copyright IBM Corporation 2009
Remote printing
Set up the local print queue. Define client machines in
/etc/hosts.lpd. Start the lpd daemon.
Configure aremote queue.
lp1host1 client1
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 631/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Appendix A. Printers and queues A-29
5.3
empty
Figure A-18. Client authorization AN121.1
Notes:
Set up client authorization
This step is done on the print server. On this screen, enter the client machine's name orIP address. A plus sign ( + ) is also valid. It indicates that this AIX system is a print
server to all machines.
© Copyright IBM Corporation 2009
Client authorization
# smit mkhostslpd
Add Print Access for a Remote Client
Type or select values in entry fields.
Press Enter AFTER making all desired changes.
[Entry Fields]
* Name of REMOTE CLIENT [client1]
(Hostname or dotted decimal address)
F1=Help F2=Refresh F3=Cancel F4=List
F5=Reset F6=Command F7=Edit F8=Image
F9=Shell F10=Exit Enter=Do
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 632/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
A-30 AIX installation © Copyright IBM Corp. 2009
Figure A-19. Start lpd AN121.1
Notes:
Starting the lpd daemon
This step is done on the print server. The lpd daemon is controlled by the systemresource controller (SRC). The commands startsrc and stopsrc can be used to
control lpd. By using SMIT, an entry is placed in the /etc/inittab file to ensure that lpd is started each time the machine is booted.
© Copyright IBM Corporation 2009
Start lpd
# smit mkitab_lpd
Start the Print Server Subsystem
Type or select values in entry fields.Press Enter AFTER making all desired changes.
[Entry Fields]Start subsystem now, on system restart, or both [both] +TRACE lpd daemon activity to syslog? [no] +EXPORT directory containing print attributes? [no] +
Note:Exporting this print server's directorycontaining its print attributes will allowprint clients to mount the directory. Theclients can use this server's print attributes
to display and validate print job attributeswhen starting print jobs destined for thisprint server. Note that the Network FileSystem (NFS) program product must be installedand running
F1=Help F2=Refresh F3=Cancel F4=ListF5=Reset F6=Command F7=Edit F8=ImageF9=Shell F10=Exit Enter=Do
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 633/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Appendix A. Printers and queues A-31
5.3
empty
Figure A-20. Add a remote print queue AN121.1
Notes:
Adding a remote queue on the client
This step is done on the client machine. The procedure to add a remote queue startsthe same way as a local queue: smit spooler > Add a Print Queue. This time, select
remote as the attachment type.
You are prompted to determine if you want to perform any type of filtering orpre-processing to the print job before it is sent. Normally, Standard Processing is
selected. This just sends the job to the printer server and the print server is responsiblefor processing the job.
© Copyright IBM Corporation 2009
Add a remote print queue
AIX Print Spooling
Move cursor to desired item and press Enter.
Add a Print Queue
Move cursor to desired item and press Enter.Use arrow keys to scroll.#ATTACHMENT TYPE DESCRIPTION
local Printer Attached to Local Hostremote Printer Attached to Remote Host
xstation Printer Attached to Xstationascii Printer Attached to ASCII Terminal
hpJetDirect Network Printer (HP JetDirect)file File (in /dev directory)
ibmNetPrinter IBM Network Printer
ibmNetColor IBM Network Color Printerother User Defined Backend
F1=Help F2=Refresh F3=Cancel
F8=Image F10=Exit Enter=Do/=Find n=Find Next
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 634/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
A-32 AIX installation © Copyright IBM Corp. 2009
Figure A-21. Define the print server on the client AN121.1
Notes:
Required input
Only three lines are required to complete the queue set up. You must name your local(to the client) queue name. Then, provide the name of the printer server. Lastly, name
the queue on the print server.
© Copyright IBM Corporation 2009
Define the print server on the client
Add a Standard Remote Print Queue
Type or select values in entry fields.Press Enter AFTER making all desired changes.
[Entry Fields]*Name of QUEUE to add [rq1]*HOSTNAME of remote server [host1]*Name of QUEUE on remote server [lp1]Type of print spooler on remote server AIX Version 3 or 4 +Backend TIME OUT period (minutes) [] #Send control file first? no +TO turn on debugging, specify output []
file pathnameDESCRIPTION of printer on remote server []
F1=Help F2=Refresh F3=Cancel F4=ListF5=Reset F6=Command F7=Edit F8=ImageF9=Shell F10=Exit Enter=Do
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 635/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Appendix A. Printers and queues A-33
5.3
empty
Figure A-22. Let’s review AN121.1
Notes:
© Copyright IBM Corporation 2009
Let's review
1. True or False: The qdaemon is responsible for printing jobs.
________________________________________________
________________________________________________ ________________________________________________
2. To set up remote printing, what daemons are needed, and do theyrun on the server, the client, or both?
________________________________________________ ________________________________________________
3. What does the up = TRUE indicate in the /etc/qconfig file?
________________________________________________
________________________________________________
4. What does discipline mean in reference to the /etc/qconfig file?
What are its possible values? ________________________________________________ ________________________________________________ ________________________________________________
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 636/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
A-34 AIX installation © Copyright IBM Corp. 2009
Figure A-23. Submitting print jobs AN121.1
Notes:
Introduction
There are three sets of commands for submitting, listing and cancelling print jobs. Theycome from either System V, BSD, or IBM versions of UNIX and are all available in AIX.
The commands have slightly different options.
Submitting a print job
To submit a print job to a queue, use either lp, lpr, or qprt. All jobs go to the systemdefault queue, unless the PRINTER or LPDEST variables are set. You can also specify, on
the command line, which queue to use. Use -d with lp or use -P with qprt and lpr.
© Copyright IBM Corporation 2009
Submitting print jobs
• AIX print systems offer compatibility to System V printcommands
• To submit a job to a queue:
System V BSD AIXlp lpr qprt
$ lp -d queuename filename
- OR-
$ qprt -P queuename filename
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 637/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Appendix A. Printers and queues A-35
5.3
empty Spooling
The commands lp and qprt both queue without spooling, by default. Specify the -c
option if spooling is desired. The command lpr spools and queues by default. The -c option will turn off spooling with lpr.
Multiple copiesTo print multiple copies, with qprt use the -N # option, with lp use -n # option, and
with lpr use just a hyphen followed by the number of copies ( - # ).
The lp, lpr, and qprt commands create a queue entry in /var/spool/lpd/qdir and,depending upon the options specified, copy the file to be printed to the
/var/spool/qdaemon directory.
The enq command
All the print commands,lp
,lpr
, andqprt
, actually call theenq
command which placesthe print request in a queue. enq can be used instead of the other commands to submit
jobs, view job status, and so forth. To submit a job using enq:
$ enq -Pqueuename filename
Requesting a specific printer
Ordinarily your request is serviced by the first device on the queue that becomes
available. However, if more than one printer services a queue, you can request a
specific printer by using the name of the queue followed by a colon (:) and then the
name of the printer. For example, if a system with one queue (ps) is serviced by twoprinters (lp0 and lp1), and a print job needs to be printed on the lp1 printer, use thecommand:
$ qprt -Pps:lp1 /home/team01/myfile
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 638/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
A-36 AIX installation © Copyright IBM Corp. 2009
Figure A-24. Listing jobs in a queue AN121.1
Notes:
Checking status with the qchk command
Many of the print job control tasks require the user to supply a job number. The jobnumber, along with other queue status information is available by checking the status of
print jobs.
The fields from the qchk command are as follows:
Queue Queue name
Dev Logical device name for the queue
Status Status of the queue (READY, DOWN, WAITING, RUNNING, and so forth)
Job The job number assigned by the qdaemon
Files Files sent to the queue
User User who sent the print request
© Copyright IBM Corporation 2009
Listing jobs in a queue
• To list jobs in a queue:
SYSTEM V BSD AIXlpstat lpq qchk
For example:
$ qchkQueue Dev Status Job Files User PP % Blks Cp Rnk
ps lp0 DOWNQUEUE 569 /etc/motd root 1 1 1
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 639/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Appendix A. Printers and queues A-37
5.3
empty PP Number of pages printed
% Percent completed
Blks The number of 512-byte blocks the print job has been split into
Cp Copies of each job to be printed
Rnk Order on that queue
Other viewing commands
Other commands that can be used to view printer status include:
lpstat Shows status of all queues
lpq Shows status of the default queue
qchk -A Shows status of all queues
enq -A Shows status of all queues
qchk -W Shows status in wide-form mode
This is helpful if using long queue and device names, and 6-digit job numbers. This optionis available with AIX V4.2.1 and later.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 640/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
A-38 AIX installation © Copyright IBM Corp. 2009
Figure A-25. Change characteristics of a queue AN121.1
Notes:
Attributes for Printer Setup option
After selecting 1. Printer Setup, the following attributes can be changed or shown:
• Automatic mode switching to PostScript
• Paper size in trays and the manual feeder
• Envelope size
• ID of the font cards
• Paper trays for header and trailer pages• Formatting flags for the header and trailer pages
• Users to get the intervention messages
• Flags prohibited for all print files
• Mode in which to leave the printer at the end of the job
• Width of printable area on header page
© Copyright IBM Corporation 2009
Change characteristics of a queue
# smit chpq
Print Queue to Change / Show
Type or select values in entry fields.
Press Enter AFTER making all desired changes.
[Entry Fields]
PRINT QUEUE name [ps] +
Characteristics to Change / Show
Move the cursor to the desired item and press Enter.
1.Printer Setup
2.Default Print Job Attributes
3.Accounting File
4.Queuing Discipline
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 641/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Appendix A. Printers and queues A-39
5.3
empty Attributes for Default Print Job option
After selecting 2. Default Print Job Attributes, the following attributes can be changed
or shown:
• Text print options such as emphasized print
• Job processing options such as page number where printing should begin
• Text formatting options such as top Margin and lines per page• Paper/Page Options such as page orientation
• Header/Trailer Page such as separator pages
• Messages/Diagnostics
Attributes for Accounting File option
After selecting 3. Accounting File, the following attribute can be changed or shown:
• Accounting file name
Attributes for Queuing Discipline option
After selecting 4. Queueing Disciple, the following attribute can be changed or shown:
• Queuing discipline
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 642/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
A-40 AIX installation © Copyright IBM Corp. 2009
Figure A-26. Removing a queue AN121.1
Notes:
Removing a queue with SMIT
It is not possible to remove a queue containing jobs. The jobs would have to beremoved first.
The last option on the screen asks whether the printer device definition should be kept.
This option will only appear if the queue being removed is the only queue defined for aprinter. Note that by default, it will be removed.
© Copyright IBM Corporation 2009
Removing a queue
# smit rmpq
Remove a Print Queue
Type or select values in entry fields.Press Enter AFTER making all desired changes.
[Entry Fields]Print queue to remove ps:lp0Local printer device /dev/lp0
KEEP the local printer device? no +
F1=Help F2=Refresh F3=Cancel F4=ListF5=Reset F6=Command F7=Edit F8=ImageF9=Shell F10=Exit Enter=Do
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 643/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Appendix A. Printers and queues A-41
5.3
empty
Figure A-27. Managing queues AN121.1
Notes:
SMIT Managing Queues options
The following actions can be performed:
• Show Status of Print Queue gives output similar to qchk and lpstat
• Stop a Print Queue runs the disable command
• Start a Print Queue runs the enable command
• Set the System's Default Print Queue reorders the /etc/qconfig file to ensurethe default queue is the first queue in the file
© Copyright IBM Corporation 2009
Managing queues
# smit pqmanage
Manage Print Queues
Move the cursor to the desired item and press Enter.
Show Status of Print Queues
Stop a Print Queue
Start a Print Queue
Set the System's Default Print Queue
F1=Help F2=Refresh F3=Cancel F8=Image
F9=Shell F10=Exit Enter=Do
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 644/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
A-42 AIX installation © Copyright IBM Corp. 2009
Figure A-28. Understanding queue status AN121.1
Notes:
Introduction
The status of the queues and jobs can be displayed with qchk, lpstat, or lpq. Thereare a number of different status states that may be seen.
DEV_BUSY
This status can occur when more than one queue is defined to a print device andanother queue is currently using the print device. It could result when the qdaemon attempts to use the printer port device and another application is currently using that
print device. Normal recovery: You have to wait until the queue or application hasreleased the print device, or kill the job or process that is using the printer port.
© Copyright IBM Corporation 2009
Understanding queue status
Queue Dev Status Job Files User PP % Bks Cp Rnk
ps lp0 DOWN
QUEUED 1569 /etc/motd root 1 1 1
State Description
DEV_BUSY Printer is busy servicing other print requests
DEV_WAIT Queue is waiting for the printer
DOWN Queue is down and no jobs will be servicedfrom this queue until it is brought up
OPR_WAIT The queue is waiting for operator intervention
QUEUED Job is queued and waiting
READY Everything is ready to receive a print request
RUNNING Print file is printing
UNKNOWN Problem with the queue: Need to investigatefurther to determine cause
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 645/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Appendix A. Printers and queues A-43
5.3
empty DEV_WAIT
This status means that the queue is waiting on the printer because the printer is offline,
out of paper, jammed, or the cable is loose, bad or wired incorrectly. Normal recovery:Check to see if the printer is offline, out of paper, jammed, or loosely cabled. Sometimes
the jobs have to be removed from the queue before the problem can be corrected.
DOWN
This status is set when the device driver cannot communicate with the printer afterTIME OUT seconds (which can be set through SMIT). This variable indicates the
amount of time, in seconds, that the queuing system waits for a printer operation. If theprinter is off, the queue will go down. Also, the operator can bring down the queue
intentionally, which might be necessary for system maintenance. Normal recovery:Correct the problem that has brought the queue down and then bring the queue up
again.
OPR_WAIT
This status is set when the back-end program is waiting on the operator to change thepaper, change forms, and so on. This is usually software related. Normal recovery:
Respond appropriately to the request that is made by the queuing system.
QUEUED
This status is set when a print file is queued and is waiting in line to be printed.
READY
This is the status of a queue when everything involved with the queue is ready to queueand print a job.
RUNNING
This status occurs when a print file is printing.
UNKNOWN
This status occurs when a user creates a queue on a device file that another queue is
using, and its status is DEV_WAIT. The queue cannot get a status from the printerdevice when it is on hold. Normal recovery: Bring down the other queue or fix the
problem with the printer (paper out, jammed, offline and so on). Bring the new queuedown and then back up so that the queue will register as READY.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 646/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
A-44 AIX installation © Copyright IBM Corp. 2009
Figure A-29. Bringing queues up and down AN121.1
Notes:
Enabling a queue
Occasionally, problems with printers can bring a queue down. Once the problem hasbeen fixed it can be brought back up with:
# enable <queuename >
Disabling a queue
Sometimes, you may wish to bring a queue down. This is recommended if any
maintenance is going to be performed on the printer. You can do this with either of thecommands:
• # disable <queuename >
• # enq -D -P <queuename >
© Copyright IBM Corporation 2009
Bringing queues up and down
# lpstat
Queue Dev Status Job Files User PP % Bks Cp Rnkdraft lp0 DOWN
QUEUED 132 /etc/motd team01 1 1 1
Quality lp0 READY
• To enable a queue whose status is DOWN:
# enable draft
• To disable a queue whose status is READY:# disable quality
You must be a member of the printq group or root.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 647/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Appendix A. Printers and queues A-45
5.3
empty
Figure A-30. Managing Print Jobs AN121.1
Notes:
Who can manage print jobs?
The root user or a member of the print group can work with any print request. Normalusers can only work with their own print jobs.
© Copyright IBM Corporation 2009
Manage Print Jobs
# smit jobs
Manage Print Jobs
Move the cursor to the desired item and press Enter.
Cancel a Print Job
Show the Status of Print Jobs
Prioritize a Print Job
Hold / Release a Print Job
Move a Job between Print Queues
F1=Help F2=Refresh F3=Cancel F8=Image
F9=Shell F10=Exit Enter=Do
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 648/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
A-46 AIX installation © Copyright IBM Corp. 2009
Figure A-31. Cancel a Print Job AN121.1
Notes:
Introduction
The qcan command cancels either a particular job number or all jobs in a print queue.
Normal users can only cancel their own jobs, whereas root can cancel any job.
Commands to cancel print jobs
To cancel a job you can either use the smit qcan fastpath, or use one of the followingcommands:
• cancel (System V)
• lprm (BSD)
• qcan (AIX)
© Copyright IBM Corporation 2009
Cancel a Print Job
# smit qcan
Cancel a Print Job
Type or select values in entry fields.
Press Enter AFTER making all desired changes.
[Entry Fields]
PRINT QUEUE containing job [ ] +
(required for remote jobs)
* Print JOB NUMBER [ ] +#
F1=Help F2=Refresh F3=Cancel F4=List
F5=Reset F6=Command F7=Edit F8=Image
F9=Shell F10=Exit Enter=Do
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 649/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Appendix A. Printers and queues A-47
5.3
empty Examples
To cancel job number 127 on whatever queue the job is on, you can use either of the
following two commands:
• # qccel 127
To cancel all jobs queued on printer lp0, you can use either of the following two
commands:
• # qcan -X -Plp0
• # cancel lp0
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 650/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
A-48 AIX installation © Copyright IBM Corp. 2009
Figure A-32. Job priority example AN121.1
Notes:
Processing order
The discipline line in the /etc/qconfig file determines the order in which the printerserves the requests in the queue. In the queue stanza, the discipline field can either
be set to fcfs (first-come-first-serve) or sjn (shortest-job-next). If there is no
discipline in the queue stanza, requests are serviced in fcfs order.
Changing print job priorityEach print job also has a priority that can be changed through SMIT (smit qpri) or with
the qpri command. Print jobs with higher-priority numbers are handled before requestswith lower-priority numbers. Only a user who has root authority or who belongs to the
printq group can change the priority of a local print request.
© Copyright IBM Corporation 2009
Job priority example
# qchk -LQueue Dev Status Job Name From To ______ ___ _______ Submitted Rnk Pri Blks Cp PP %
ps lp0 DOWNQUEUED 569 /etc/qconfig root root1/07/03 09:39:25
1 15 2 1/etc/qconfig
QUEUED 570 /etc/motd root root1/07/03 09:40:15 2 15 1 1
/etc/motd
# qpri -#570 -a 25# qchk -LQueue Dev Status Job Name From To ______ ___ ______ Submitted Rnk Pri Blks Cp PP %ps lp0 DOWN
QUEUED 570 /etc/motd root root1/07/03 09:40:15 1 25 1 1
/etc/motd
QUEUED 569 /etc/qconfig root root1/07/03 09:39:25 2 15 2 1
/etc/qconfig
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 651/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Appendix A. Printers and queues A-49
5.3
emptyNote
You can only set priorities on local print jobs. Remote print jobs are not supported.
The qprt -R command can also be used to set job priority.
Example
The example in the visual shows that when print jobs are submitted they receive thedefault priority of 15. The example shows how the qpri command can be used to
change the priority of job number 570 to 25. Use the qchk -L command to show thenew job priorities.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 652/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
A-50 AIX installation © Copyright IBM Corp. 2009
Figure A-33. Holding a job in a queue AN121.1
Notes:
Holding and releasing a print job
The qhld command is used to put a temporary hold on a job that is waiting in thequeue. The qhld command is also the command that is used to release job back in the
queue.
The visual provides a example of using the qhld command to hold and then release job# 1493.
This task can also be accomplished through smit (smit qhld).
© Copyright IBM Corporation 2009
Holding a job in a queue
# qchk
Queue Dev Status Job Files User PP% Blks Cp Rnk
ps lp0 DEV_BUSYQUEUED 1493 /etc/qconfig root 1 1 1
# qhld -#1493
# qchk
Queue Dev Status Job Files User PP% Blks Cp Rnk
ps lp0 DEV_BUSY
HELD 1493 /etc/qconfig root 1 1 1
# qhld -r -#1493
# qchk
Queue Dev Status Job Files User PP% Blks Cp Rnk
ps lp0 DEV_BUSY
QUEUED 1493 /etc/qconfig root 1 1 1
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 653/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Appendix A. Printers and queues A-51
5.3
empty
Figure A-34. Moving a job between queues AN121.1
Notes:
Moving print jobs
You can move jobs between queues in AIX. The command qmov is used. The -m optionspecifies what queue to move the job to and the -# option specifies the job number.
This can be done through smit using smit qmov.
© Copyright IBM Corporation 2009
Moving a job between queues
# qchk -A
Queue Dev Status Job Files User PP% Blks Cp Rnk
asc lp0 DOWN
QUEUE 11 /etc/qconfig root 2 1 1
ps lp0 READY
# qmov -mps -#11
# qchk -A
Queue Dev Status Job Files User PP% Blks Cp Rnk
asc lp0 DOWN
ps lp0 RUNNING 11 /etc/qconfig root 2 1 1
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 654/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
A-52 AIX installation © Copyright IBM Corp. 2009
Figure A-35. Printing-related directories to monitor AN121.1
Notes:
Why directories may fill up
The directories shown in the visual fill up very quickly if the spooling mechanismencounters a problem. For example, if the queue goes down, or if there are many users
submitting jobs, there may not be enough room to handle the requests.
Remember, when print jobs are submitted to spooling rather than just queuing, a copyof that file is created and stored in the /var/spool/qdaemon directory until that job has
printed. At that time, the temporary file is removed. If the queue or multiple queues quitworking, jobs don't get through the system. This could cause a full condition in this
directory structure.
© Copyright IBM Corporation 2009
Printing-related directories to monitor
• Contains queue requests(job description files)
• Temporary copies of enqueued filesif spooling
/
var
spool
lpd
qdir
qdaemon
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 655/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Appendix A. Printers and queues A-53
5.3
empty
Figure A-36. Printing problem checklist AN121.1
Notes:
First step
If you experience problems trying to print, start by checking the simple things first.
The easiest test to perform is to cat a file and redirect standard output to the printerdevice file. This by-passes the queuing system and helps to narrow the problem.
Check hardware
After redirecting a file to the print device, if it does not print, the problem is usually
hardware-related. Check to make sure the cables are attached securely. Make sure theprinter is ready to print (online). Make sure there is paper in the printer and there are no
paper jams.
© Copyright IBM Corporation 2009
Printing problem checklist
# cat file > /dev/lp0
Any output?
Check physical cables Printer online and ready No paper jams Not out of paper
qdaemon running
Check /etc/qconfig Queue enabled /var and /tmp not full
NO YES
Check hardware Check software
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 656/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
A-54 AIX installation © Copyright IBM Corp. 2009
Potential software problems
If something does print out using cat but not print out when using lp, qprt, or lpr, the
problem is most likely software-related.
Check to make sure the qdaemon is running. If not, start it.
# lssrc -s qdaemon
# startsrc -s qdaemon
Look at the contents of /etc/qconfig to make sure it is not corrupt.
Ensure the queue is enabled. If not, enable it.
# lpstat
or
# qprt -A
# enable queuename
Check to make /tmp and /var are not full with the command: df
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 657/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Appendix A. Printers and queues A-55
5.3
empty
Figure A-37. Checkpoint (1 of 2) AN121.1
Notes:
© Copyright IBM Corporation 2009
Checkpoint (1 of 2)
1. True or False: One of the advantages of queues is that each user canhave a different default queue set up for them.
________________________________________________
2. True or False: The /etc/qconfig file is read by the back-end program todetermine what the queue discipline is.
________________________________________________
3. True or False: All printer software is automatically installed when youinstall the base operating system.
________________________________________________
4. What is the difference between these two commands?
# qprt -Pasc file1# qprt -c -Pasc file1
________________________________________________
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 658/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
A-56 AIX installation © Copyright IBM Corp. 2009
Figure A-38. Checkpoint (2 of 2) AN121.1
Notes:
© Copyright IBM Corporation 2009
Checkpoint (2 of 2)
5. What three methods can be used to find out what the system defaultqueue is?
6. What users can bring print queues down?
_______________________________________________
7. True or False: Once the queue is down, no more jobs can be submittedto the printer.
_______________________________________________
8. Can users hold all their print jobs in a specific queue? If so, how?
________________________________________________ ________________________________________________
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 659/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Appendix A. Printers and queues A-57
5.3
empty
Figure A-39. Exercise 18 AN121.1
Notes:
Introduction
This exercise gives you an opportunity to work with the AIX queuing system. If yourclassroom does not have locally attached printers, your instructor needs to supply you
with local modification for this lab.
This exercise can be found in your Student Exercise Guide .
© Copyright IBM Corporation 2009
Exercise 18: Printers and queues
• Add a printer and a queue
• Install printer support software (if needed)
• Check the queue
• Change the characteristics of a queue
• Manage jobs in queues
• Troubleshooting printer problems (optional)
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 660/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
A-58 AIX installation © Copyright IBM Corp. 2009
Figure A-40. Unit summary AN121.1
Notes:
© Copyright IBM Corporation 2009
Unit summary
• Queues can be added for local or remote printing.
• Queue characteristics can be changed either throughSMIT or through high-level commands.
• Queues can be brought up and down by the systemadministrator.
• The following tasks were considered:
– Submit and cancel print jobs
– List the jobs in a queue – Hold and release jobs in a queue
– Move a job from one queue to another
– Change priorities of a print job
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 661/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Appendix B. Checkpoint solutions B-1
5.2
P Appendix B. Checkpoint solutions
Unit 1
© Copyright IBM Corporation 2009
IBM Power SystemsCheckpoint solutions
1.What is the name of the device which creates and controlsLPARs? The HMC.
2. True or False: An AIX operating system can have no realdevices.
3.True or False: Virtualization features provided by the VIOServer can be used by default on any Power system.Lower end machines require a PowerVM license.
4. True or False: The su command enables you to get root
authority even if you signed on using another user ID. You must also know the root password.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 662/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
B-2 AIX installation © Copyright IBM Corp. 2009
Unit 2
© Copyright IBM Corporation 2009
IBM Power Systems
Checkpoint solutions
1. List the three main system management tools available on AIX.SMIT, WebSM, and IBM Systems Director console for AIX
2. What is the purpose of the smit.script file?To obtain the command(s) SMIT has just executed
3. What information can one get from looking at thesystem configuration details in IBM Systems DirectorConsole?
Firmware/model information
Network configuration, IP address etc
Paging Space Information
A list of Top CPU logging processes
File system information
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 663/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Appendix B. Checkpoint solutions B-3
5.2
P Unit 3
© Copyright IBM Corporation 2009
IBM Power Systems
Checkpoint solutions
1. What is the first process that is created on the systemand which file does it reference to initiate all the otherprocesses that have to be started?
The initial process is ignit. The file init references is /etc/inittab for information regarding other processesthat have to be started.
2. Which AIX feature can be used to stop and startsubsystems and groups of daemons ?
The System Resource Controller (SRC)
3. True or False: You can only execute the AIX shutdowncommand from the console.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 664/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
B-4 AIX installation © Copyright IBM Corp. 2009
Unit 4
© Copyright IBM Corporation 2009
IBM Power Systems
Checkpoint solutions
1. AIX V6.1 can that be installed from which of the following?(Select all that are correct)
a. 8 mm tape
b. CD-ROM
c. Diskette
d. NIM Server
2. True or False: A Preservation install preserves all data on the
disks.Preserves some of the existing data on the disk selected for installation. This method overwrites the user (/usr), variable(/var), temporary (/tmp), and root (/) file systems. Otherproduct application files and configuration data are destroyed.
3. What is the console used for during the installation process?
The console is used to display all the system messages and tointeract with the installation.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 665/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Appendix B. Checkpoint solutions B-5
5.2
P Unit 5
© Copyright IBM Corporation 2009
IBM Power Systems
Checkpoint solutions
1.Which of the following states must your software be in, in order for youto be able to use it? Select all that apply.
a. Applied stateb. Removed statec. Install stated.Commit state
2.What command is used to list all installed software on your system?lslpp –l or –L
3.Which of the following can you install as an entity? Select all that apply.a. ifixb.LPPc. Packaged.Bundle
4.True or False: If a problem is found with the inetd subsystem, it ispossible to download and apply a fix to bos.net.tcpip.server fileset tocorrect the problem.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 666/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
B-6 AIX installation © Copyright IBM Corp. 2009
Unit 6
© Copyright IBM Corporation 2009
IBM Power Systems
Checkpoint solutions
1. What does the following location code mean?
Port 1 of a 4Gb Fibre Card, connected to planar 1, card slot 3, in Power550 CEC (U78A0)
2. What is the purpose of a device major number? How would you
locate the major number of a disk, hdisk18?The AIX Kernel can determine the actual driver and device to beaccessed for a user-level request.Perform a long directory list of the /dev directory.
3. True or False: cfgmgr is a binary executable that runs at systeminitialization time to configure devices on the system.
4. What commands can you run on AIX to document the systemconfiguration? prtconf, lsdev, lscfg, lsslot, lssattr
fcs0 U78A0.001.DNWGGRX-P1-C3-T1 4Gb FC PCI Express Adapterfcs0 U78A0.001.DNWGGRX-P1-C3-T1 4Gb FC PCI Express Adapter
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 667/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Appendix B. Checkpoint solutions B-7
5.2
P Unit 7
© Copyright IBM Corporation 2009
IBM Power Systems
Checkpoint solutions (1 of 3)
VGDA
1. Volume Group___
Descriptor Area__
2. Physical Partition
3. Logical Partition
4. Logical Volume
6. Physical Volume
5. Volume Group
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 668/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
B-8 AIX installation © Copyright IBM Corp. 2009
Unit 7
© Copyright IBM Corporation 2009
IBM Power Systems
Checkpoint solutions (2 of 3)
7. How many different physical partition (PP) sizes can be set withina single VG? One
8. By default, how big are PPs? Traditionally 4 MB, but LVMchooses an optimal size based on the #PPs/PV and the sizeof largest PV in the VG.
9. How many volume groups (VGs) can a physical volume (PV)belong to?
a) Depends on what you specify through SMIT
b) Only one
c) As many VGs as exist on the system
10. True or False: All VGDA information on your system is identical,regardless of how many volume groups (VGs) exist. All VGDAswithin a VG are the same.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 669/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Appendix B. Checkpoint solutions B-9
5.2
P Unit 7
© Copyright IBM Corporation 2009
IBM Power Systems
Checkpoint solutions (3 of 3)
Use the following output to answer the questions below:
11. With which logical volume is the /home file system associated? /dev/hd1
12. What type of file systems are being displayed?Enhanced journaled file systems (JFS2), and CD-ROM (CDRFS)
13. What is the mount point for the file system located on the /dev/hd4 logicalvolume? /
14. Which file system is used primarily to hold user data and home directories? /home
# lsfs
Name Nodename Mount Pt VFS Size Options Auto Accounting
/dev/hd4 -- / jfs2 294912 -- yes no
/dev/hd1 -- /home jfs2 32768 -- yes no
/dev/hd2 -- /usr jfs2 3309568 -- yes no
/dev/hd9var -- /var jfs2 65536 -- yes no
/dev/hd3 -- /tmp jfs2 131072 -- yes no
/dev/hd10opt -- /opt jfs2 163840 -- yes no
/dev/cd0 -- /infocd cdrfs ro yes no
/dev/lv00 -- /home/john jfs2 32768 rw yes no
/dev/hd11admin-- /admin jfs2 262144 -- yes no
# lsfs
Name Nodename Mount Pt VFS Size Options Auto Accounting
/dev/hd4 -- / jfs2 294912 -- yes no
/dev/hd1 -- /home jfs2 32768 -- yes no
/dev/hd2 -- /usr jfs2 3309568 -- yes no
/dev/hd9var -- /var jfs2 65536 -- yes no
/dev/hd3 -- /tmp jfs2 131072 -- yes no
/dev/hd10opt -- /opt jfs2 163840 -- yes no
/dev/cd0 -- /infocd cdrfs ro yes no
/dev/lv00 -- /home/john jfs2 32768 rw yes no
/dev/hd11admin-- /admin jfs2 262144 -- yes no
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 670/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
B-10 AIX installation © Copyright IBM Corp. 2009
Unit 8
© Copyright IBM Corporation 2009
IBM Power Systems
Checkpoint solutions
1. True or False: A logical volume can span more than onephysical volume.
2. True or False: A logical volume can span more than onevolume group.
3. True or False: The contents of a physical volume can bedivided between two volume groups.
4. True or False: If mirroring logical volumes, it is not
necessary to perform a backup. False. You still need toback up to external media.
5. True or False: SMIT can be used to easily increase ordecrease the size of an enhanced JFS filesystem.
6. True or False: Striping can be combined with mirroring toprovide increased performance and availability
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 671/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Appendix B. Checkpoint solutions B-11
5.2
P Unit 9
© Copyright IBM Corporation 2009
IBM Power Systems
Checkpoint solutions (1 of 2)
1. What command will display the i-node information fora file? istat
2. Does the size of the file system change when the sizeof the logical volume it is on is increased? No
3. If you remove a file system, is the logical volume on
which it sits removed as well? Yes
4. When a file system is created, what needs to be donein order to make it available for use? The file systemmust be mounted using the mount command.
5. What size should an external JFS log be set to?1 LP
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 672/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
B-12 AIX installation © Copyright IBM Corp. 2009
Unit 9
© Copyright IBM Corporation 2009
IBM Power Systems
Checkpoint solutions (2 of 2)
6. A file system is 2 GB. How would you do the following?Add 1 GB
chfs –a size=+1G <file system>
Set the size to 5 GBchfs –a size=5G <file system>
7. What command can you use to determine if a filesystem is full? df
8. What command can produce a report listing the size inMB, of all the files and directories contained in aspecific location?du
9. What command checks and interactively repairsinconsistent file systems? fsck
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 673/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Appendix B. Checkpoint solutions B-13
5.2
P Unit 10
© Copyright IBM Corporation 2009
IBM Power Systems
Checkpoint solutions
1. What conclusions regarding potential paging space problemscan you reach based on the following listing?
Obviously, it is difficult to come to any conclusions regarding the state of thissystem just by looking at a snapshot picture like the one above. However, at firstglance, the following potential problems can be noticed:
• paging00 is underutilized• paging01 is over utilized, and the size seems to be too small. Both user-defined
paging spaces are on the same disk.• paging01 should be deleted. The administrator should investigate why there is a high
level of paging and possibly increase the size of hd6 and paging00.
2. True or False: The size of paging00 (in the above example)can be dynamically decreased.
Page Physical Volume Size %Used Active Auto Type chksum
Space Volume Group
hd6 hdisk0 rootvg 640 MB 43% yes yes lv 0
paging00 hdisk1 rootvg 640 MB 7% yes yes lv 0
paging01 hdisk1 rootvg 160 MB 89% yes yes lv 0
Page Physical Volume Size %Used Active Auto Type chksum
Space Volume Group
hd6 hdisk0 rootvg 640 MB 43% yes yes lv 0
paging00 hdisk1 rootvg 640 MB 7% yes yes lv 0
paging01 hdisk1 rootvg 160 MB 89% yes yes lv 0
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 674/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
B-14 AIX installation © Copyright IBM Corp. 2009
Unit 11
© Copyright IBM Corporation 2009
IBM Power Systems
Checkpoint solutions
1. What is the difference between the following two commands?• find /home/fred | backup -ivf /dev/rmt0
• cd /home/fred; find . | backup -ivf /dev/rmt0
2. On a mksysb tape, if you entered tctl rewind and then tctl -
f/dev/rmt0.1 fsf 3, which element on the tape could you look at?
You would be at the start of the backed up images of the files, havingskipped over the first three sections of the tape (boot image, mkinsttape,and dummy toc).
3. Which command could you use to restore these files? The files werebacked up using the backup command so you would have to use therestore command.
4. True or False: smit mksysb backs up all file systems, provided they
are mounted. mksysb only backs up rootvg file systems. To back up
other volume groups, you must use the savevg command.
Option a) backs up the files using the full path names, whereasoption b) backs up the file names using the relative path names.Therefore, b)’s files can be restored into any directory.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 675/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Appendix B. Checkpoint solutions B-15
5.2
P Unit 12
© Copyright IBM Corporation 2009
IBM Power Systems
Checkpoint solutions
1. Which file contains an audit trail of su activity? /var/adm/sulog
2. If the following command was run:chmod 6754 file1What would the file permissions be for file1?r w s r w- r - -
3. A binary executable with the SUID flag set is owned by user root.
User michael executes the binary. The executable runs underwhich user, root or michael?root
4. A shared directory is created on the system. What flag must beset to ensure only the owner of the files can delete them?SVTX or sticky bit
5. Why is an umask of 027 recommended?This value removes all permission bits for the “others”category, which enhances security.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 676/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
B-16 AIX installation © Copyright IBM Corp. 2009
Unit 12
© Copyright IBM Corporation 2009
IBM Power Systems
Checkpoint solutions
1. What is the difference between the commands, pwdadmand passwd?
The pwdadm command can only be run by a memberof the security group
2. Which password change command does SMIT use?
passwd
3. True or False: When you delete a user from the system,all the user's files and directories are also deleted.
4. True or False: RBAC is disabled by default on AIX 6.1.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 677/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Appendix B. Checkpoint solutions B-17
5.2
P Unit 12
© Copyright IBM Corporation 2009
IBM Power Systems
Checkpoint solutions
1. If an ordinary user forgets their password, can the systemadministrator find out by querying the system as to what theuser's password was set to?No
Why or why not?Because the passwords are held in encrypted format, soeven the system administrator cannot tell what the passwordwas set to.
2. True or False: An asterisk “mary:*:” in the second field of the/etc/passwd file, means there is a vaild password set in theshadow password file for user mary.
3. Password restrictions are set in which of the following files?/etc/passwd/etc/security/passwd/etc/security/restrictions
/etc/security/user
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 678/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
B-18 AIX installation © Copyright IBM Corp. 2009
Unit 13
© Copyright IBM Corporation 2009
IBM Power Systems
Checkpoint solutions
1. True or False: The at.allow and at.deny files must beused to specify which users are allowed and denied useof the at command.
False. Only one or the other of these files should beused.
2. Give a crontab entry that would specify that a job should
run every Thursday at 10 past and 30 minutes pastevery hour.10,30 * * * 4 <job >
3. How would you schedule the script named myscript, torun 10 minutes from now?
# at now + 10 minutesmyscript^d
#
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 679/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Appendix B. Checkpoint solutions B-19
5.2
P Unit 14
© Copyright IBM Corporation 2009
IBM Power Systems
Checkpoint solutions
1. What are the following used for?
• /etc/rc.tcpipstarts TCP/IP daemons (sendmail, inetd, etc.)
• ssh
to login or run command on a remote machine (securely)
• VNCto use a remote graphical display on a local desktop machine
• /etc/services
to store server side ports of TCP/IP applications2. What is multipath routing and why should we use it?
Multipath routing allows us to specify multiple paths tohosts and gateways for load balancing and high availability
3. How can we disable the FTP protocol on AIX?
Comment out the ftp line in /etc/inetd.conf and refresh theinetd daemon.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 680/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
B-20 AIX installation © Copyright IBM Corp. 2009
Unit 15
© Copyright IBM Corporation 2009
IBM Power Systems
Checkpoint solutions
1.True or False: Workload partitions require Power6 systems.
2.What are the two types of workload partitions?System and Application
3.What command builds and starts an application workload partition?wparexec
4.How is the network connection for a WPAR implemented?Using the network alias feature on the global environment’s physical or virtualnetwork interface
5.What are the three forms of file system access within a WPAR?Shared-system: /usr and /opt are shared read-only from the global environmentthrough namefs mounts.NFS hosted: /usr and /opt filesystems are nfs mounted from a host systemNon shared: /var, /home, /tmp, and / are separate local file systems (jfs/jfs2) withinthe WPAR
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 681/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Appendix B. Checkpoint solutions B-21
5.2
P Appendix A
© Copyright IBM Corporation 2009
Checkpoint solutions (1 of 2)
1. True or False: One of the advantages of queues is that each user can havea different default queue set up for them.
True. This can be accomplished using the PRINTER environment
variable.
2. True or False: The /etc/qconfig file is read by the back-end program todetermine what the queue discipline is.
False. It is read by qdaemon.
3. True or False: All printer software is automatically installed when you install
the base operating system.False. Only a handful of printer software is installed by default.
4. What is the difference between these two commands?# qprt -Pasc file1
# qprt -c -Pasc file1
The -c flag produces a spool file.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 682/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
B-22 AIX installation © Copyright IBM Corp. 2009
Appendix A
© Copyright IBM Corporation 2009
Checkpoint solutions (2 of 2)
5. What three methods can be used to find out what the system defaultqueue is?
First entry in /etc/qconfig file The output from the qchk command with no options The first queue listing from the lpstat command
6. What users can bring print queues down?
The root user or members of the printq group.
7. True or False: Once the queue is down, no more jobs can be submittedto the printer. False. Jobs can be submitted to the queue. However,they will not be printed until the queue is brought up again.
8. Can users hold all their print jobs in a specific queue? If so, how?
Yes, they can by only specifying a queue name and not individual job numbers.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 683/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Glossary X-1
5.3
os Glossary
Note:
The entries in this glossary were developed anumber of years ago and indicate the use of variousterms at a particular point in UNIX history. Hence,
some of the definitions may not be applicable tocurrent UNIX implementations such as AIX 6, andsome other statements in the entries may not becurrent. However, this glossary still providesvaluable information regarding the historical use ofthe terms listed here.
This glossary includes terms and definitions from:
• The American National Standard Dictionary forInformation Systems , ANSI X3.172-1990,copyright 1990 by the American NationalStandards Institute (ANSI). Copies may bepurchased from the American NationalStandards Institute, 11 West 42nd Street, NewYork, New York 10036. Definitions are identifiedby the symbol (A) after the definition.
• The ANSI/EIA Standard— 440-A, Fiber OpticTerminology . Copies may be purchased fromthe Electronic Industries Association, 2001Pennsylvania Avenue, N.W., Washington, DC20006. Definitions are identified by the symbol(E) after the definition.
• The Information Technology Vocabulary ,developed by Subcommittee 1, Joint TechnicalCommittee 1, of the International Organizationfor Standardization and the InternationalElectrotechnical Commission (ISO/IECJTC1/SC1). Definitions of published parts of thisvocabulary are identified by the symbol (I) afterthe definition; definitions taken from draftinternational standards, committee drafts, andworking papers being developed by ISO/IECJTC1/SC1 are identified by the symbol (T) afterthe definition, indicating that final agreement hasnot yet been reached among the participating
National Bodies of SC1.• The Network Working Group Request for
Comments: 1208.
The following cross-references are used in thisglossary:
Contrast with: This refers to a term that has anopposed or substantively different meaning.
Synonym for: This indicates that the term has thesame meaning as a preferred term, which isdefined in its proper place in the glossary.
Synonymous with: This is a backward referencefrom a defined term to all other terms that have thesame meaning.
See: This refers the reader to multiple-word termsthat have the same last word.
See also: This refers the reader to terms that have arelated, but not synonymous, meaning.Deprecated term for: This indicates that the term
should not be used. It refers to a preferred term,which is defined in its proper place in the glossary.
Aaccess mode A matrix of protection information
stored with each file specifying who may do what toa file. Three classes of users (owner, group, allothers) are allowed or denied three levels ofaccess (read, write, execute).
access permission See access mode.access privilege See access mode.
address space The address space of a process isthe range of addresses available to it for code anddata. The relationship between real and perceivedspace depends on the system and supporthardware.
AIX Advanced Interactive Executive. IBM'simplementation of the UNIX Operating System.
AIX Family Definition IBM's definition for thecommon operating system environment for allmembers of the AIX family. The AIX FamilyDefinition includes specifications for the AIX Base
System, User Interface, Programming Interface,Communications Support, Distributed Processing,and Applications.
alias The command and process of assigning a newname to a command.
ANSI American National Standards Institute. Astandards organization. The United States liaisonto the International Standards Organization (ISO).
application program A program used to perform anapplication or part of an application.
argument An item of information following acommand. It may, for example, modify thecommand or identify a file to be affected.
ASCII American Standard Code for InformationInterchange. A collection of public domaincharacter sets considered standard throughout thecomputer industry.
awk An interpreter, included in most UNIX operatingsystems, that performs sophisticated text patternmatching. In combination with shell scripts, awkcan be used to prototype or implement applicationsfar more quickly than traditional programmingmethods.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 684/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
X-2 AIX installation © Copyright IBM Corp. 2009
Bbackground (process) A process is “in the
background” when it is running independently ofthe initiating terminal. It is specified by ending theordinary command with an ampersand (&). Theparent of the background process does not wait forits “death”.
backup diskette A diskette containing information
copied from another diskette. It is used in case theoriginal information is unintentionally destroyed.
Berkeley Software Distribution Disseminating armof the UNIX operating system community at theUniversity of California at Berkeley; commonlyabbreviated “BSD”. Complete versions of the UNIXoperating system have been released by BSD for anumber of years; the latest is numbered 4.3. Thephrase “Berkeley extensions” refers to featuresand functions, such as the C shell, that originatedor were refined at UC Berkeley and that are nowconsidered a necessary part of any fully configuredversion of the UNIX operating system.
bit bucket The AIX file “/dev/null” is a special file
which will absorb all input written to it and return nodata (null or end of file) when read.
block A group of records that is recorded orprocessed as a unit.
block device A device that transfers data in fixedsize blocks. In AIX, normally 512 or 1024 bytes.
block special file An interface to a device capableof supporting a file system.
booting Starting the computer from scratch (poweroff or system reset).
break key The terminal key used to unequivocallyinterrupt the foreground process.
BSD Berkeley Software Distribution.
• BSD 2.x - PDP-11 Research• BSD 4.x - VAX Research• BSD 4.3 - Current popular VAX version of UNIX.
button
1. A word, number, symbol, or picture on thescreen that can be selected. A button mayrepresent a command, file, window, or value, forexample.
2. A key on a mouse that is used to select buttonson the display screen or to scroll the displayimage.
byte The amount of storage required to representone character; a byte is 8 bits.
C
C The programming language in which the UNIXoperating system and most UNIX applicationprograms are written. The portability attributed toUNIX operating systems is largely due to the factthat C, unlike other higher level languages, permitsprogrammers to write systems-level code that willwork on any computer with a standard C compiler.
change mode The chmod command will changethe access rights to your own files only, foryourself, your group or all others.
character I/O The transfer of data byte by byte;normally used with slower, low volume devicessuch as terminals or printers.
character special file An interface to devices notcapable of supporting a file system; a byte orienteddevice.
child The process emerging from a fork commandwith a zero return code, as distinguished from theparent which gets the process id of the child.
client User of a network service. In the client/servermodel, network elements are defined as eitherusing (client) or providing (server) networkresources.
command A request to perform an operation or runa program. When parameters, arguments, flags, orother operands are associated with a command,the resulting character string is a single command.
command file A data file containing shellcommands. See shell file, or shell script.
command interpreter The part of the operatingsystem that translates your commands intoinstructions that the operating system understands.command or previous command key.
concatenate The process of forming one characterstring or file from several. The degenerate case isone file from one file just to display the result usingthe cat command.
console The only terminal known explicitly to theKernel. It is used during booting and it is thedestination of serious system messages.
context The hardware environment of a process,including:
• CPU registers• Program address• Stack• I/O status
context The entire context must be saved during aprocess swap.
control character Codes formed by pressing andholding the control key and then some other key;used to form special functions like End Of File.
control-d See eof character.
cooked input Data from a character device fromwhich backspace, line kill, and interrupt characters
have been removed (processed). See raw input.current directory The currently active directory.
When you specify a file name without specifying adirectory, the system assumes that the file is inyour current directory.
current subtree Files or directories attached to thecurrent directory.
curses A C subroutine library providing flexiblescreen handling. See Termlib and Termcap.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 685/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Glossary X-3
cursor A movable symbol (such as an underline) ona display, usually used to indicate to the operatorwhere to type the next character.
customize To describe (to the system) the devices,programs, users, and user defaults for a particulardata processing system.
DDASD Direct Access Storage Device. IBM's term for
a hard disk.
device driver A program that operates a specificdevice, such as a printer, disk drive, or display.
device special file A file which passes data directlyto/from the device.
directory A type of file containing the names andcontrolling information for other files or otherdirectories.
directory pathname The complete and uniqueexternal description of a file giving the sequence ofconnection from the root directory to the specifieddirectory or file.
diskette A thin, flexible magnetic plate that ispermanently sealed in a protective cover. It can beused to store information copied from the disk.
diskette drive The mechanism used to read andwrite information on diskettes.
display device An output unit that gives a visualrepresentation of data.
display screen The part of the display device thatdisplays information visually.
Eecho To simply report a stream of characters, either
as a message to the operator or a debugging toolto see what the file name generation process isdoing.
editor A program used to enter and modifyprograms, text, and other types of documents.
environment A collection of values passed either toa C program or a shell script file inherited from theinvoking process.
escape The backslash “\” character specifies thatthe single next character in a command is ordinarytext without special meaning.
Ethernet A baseband protocol, invented by theXEROX Corporation, in common use as the local
area network for UNIX operating systemsinterconnected via TCP/IP.
event One of the previous lines of input from theterminal. Events are stored in the (Berkeley)History file.
event identifier A code used to identify a specificevent.
execution permission For a file, the permission toexecute (run) code in the file. A text file must haveexecute permission to be a shell script. For adirectory, the permission to search the directory.
Ffield A contiguous group of characters delimited by
blanks. A field is the normal unit of text processedby text processes like sort.
field separator The character used to separate onefield from the next; normally a blank or tab.
FIFO “First In, First Out”. In AIX, a FIFO is apermanent, named pipe which allows two
unrelated processes to communicate. Only relatedprocesses can use normal pipes.
file A collection of related data that is stored andretrieved by an assigned name. In AIX, files aregrouped by directories.
file index Sixty-four bytes of information describinga file. Information such as the type and size of thefile and the location on the physical device onwhich the data in the file is stored is kept in the fileindex. This index is the same as the AIX OperatingSystem i-node.
filename expansion or generation A procedureused by the shell to generate a set of filenamesbased on a specification using metacharacters,which define a set of textual substitutions.
file system The collection of files and filemanagement structures on a physical or logicalmass storage device, such as a diskette orminidisk.
filter Data-manipulation commands (which, in UNIXoperating systems, amount to small programs) thattake input from one process and perform anoperation yielding new output. Filters includeeditors, pattern-searchers, and commands thatsort or differentiate files, among others.
fixed disk A storage device made of one or moreflat, circular plates with magnetic surfaces on
which information can be stored.fixed disk drive The mechanism used to read and
write information on a fixed disk.
flag See Options.
foreground (process) An AIX process whichinteracts with the terminal. Its invocation is notfollowed by an ampersand.
formatting The act of arranging text in a formsuitable for reading. The publishing equivalent tocompiling a program.
fsck A utility to check and repair a damaged filestructure. This normally results from a powerfailure or hardware malfunction. It looks for blocks
not assigned to a file or the free list and puts themin the free list. (The use of blocks not pointed atcannot be identified.)
free list The set of all blocks not assigned to a file.
full path name The name of any directory or fileexpressed as a string of directories and filesbeginning with the root directory.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 686/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
X-4 AIX installation © Copyright IBM Corp. 2009
Ggateway A device that acts as a connector between
two physically separate networks. It has interfacesto more than one network and can translate thepackets of one network to another, possiblydissimilar network.
global Applying to all entities of a set. For example:
• A global search - look everywhere
• A global replace - replace all occurrences• A global symbol - defined everywhere.
grep An AIX command which searches for stringsspecified by a regular expression. (Global RegularExpression and Print.)
group A collection of AIX users who share a set offiles. Members of the group have access privilegesexceeding those of other users.
Hhardware The equipment, as opposed to the
programming, of a system.
header A record at the beginning of the filespecifying internal details about the file.
heterogeneous Descriptor applied to networkscomposed of products from multiple vendors.
hierarchy A system of objects in which each objectbelongs to a group. Groups belong to other groups.Only the “head” does not belong to another group.In AIX this object is called the “Root Directory”.
highlight To emphasize an area on the displayscreen by any of several methods, such asbrightening the area or reversing the color ofcharacters within the area.
history A list of recently executed commands.
home (directory). 1. A directory associated with anindividual user.
home (directory). 2. Your current directory on loginor after issuing the cd command with no argument.
homogeneous Descriptor applied to networkscomposed of products from a single vendor.
hypertext Term for on-line interactivedocumentation of computer software; to beincluded with AIX.
IIEEE Institute of Electrical and Electronics
Engineers. A professional society active instandards work, the IEEE is the official body forwork on the POSIX (Portable Operating System forComputer Environments) open system interfacedefinition.
index See file index.
indirect block A file element which points at datasectors or other indirect blocks.
init The initialization process of AIX. The ancestor ofall processes.
initial program load The process of loading thesystem programs and preparing the system to run
jobs.
i-node A collection of logical information about a fileincluding owner, mode, type and location.
i number The internal index or identification of ani-node.
input field An area into which you can type data.
input redirection The accessing of input data fromother than standard input (the keyboard or a pipe).
interoperability The ability of different kinds ofcomputers to work well together.
interpreter A program which “interprets” programstatements directly from a text (or equivalent) file.Distinguished from a compiler which createscomputer instructions for later direct execution.
interrupt A signal that the operating system mustreevaluate its selection of which process should berunning. Usually to service I/O devices but also tosignal from one process to another.
IP Internet Protocol.
ipl See initial program load.ISO International Standards Organization. A United
Nations agency that provides for creation andadministration of worldwide standards.
Jjob A collection of activities.
job number An identifying number for a collection ofprocesses devolving from a terminal command.
Kkernel The part of an operating system that contains
programs that control how the computer does itswork, such as input/output, management andcontrol of hardware, and the scheduling of usertasks.
keyboard An input device consisting of various keysallowing the user to input data, control cursor andpointer locations, and to control the user/workstation dialogue.
kill To prematurely terminate a process.
kill character The character which erases an entireline (usually @).
LLAN Local Area Network. A facility, usually a
combination of wiring, transducers, adapterboards, and software protocols, whichinterconnects workstations and other computerslocated within a department, building, orneighborhood. Token-Ring and Ethernet are localarea network products.
libc A basic set of C callable routines.
library In UNIX operating systems, a collection ofexisting subroutines that allows programmers to
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 687/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Glossary X-5
make use of work already done by otherprogrammers. UNIX operating systems ofteninclude separate libraries for communications,window management, string handling, math, andso forth.
line editor An editor which processes one line at atime by the issuing of a command. Usuallyassociated with sequential only terminals such as ateletype.
link An entry in an AIX directory specifying a datafile or directory and its name. Note that files anddirectories are named solely by virtue of links. Aname is not an intrinsic property of a file. A file isuniquely identified only by a system generatedidentification number.
lint A program for removing “fuzz” from C code.Stricter than most compilers. Helps former Pascalprogrammers sleep at night.
Local Area Network (LAN) A facility, usually acombination of wiring, transducers, adapterboards, and software protocols, whichinterconnects workstations and other computerslocated within a department, building, or
neighborhood. Token-Ring and Ethernet are localarea network products.
login Identifying oneself to the system to gainaccess.
login directory See home directory.
login name The name by which a user is identifiedto the system.
logout Informing the system that you are throughusing it.
Mmail The process of sending or receiving an
electronically delivered message within an AIXsystem. The message or data so delivered.
make Programming tool included in most UNIXoperating systems that helps “make” a newprogram out of a collection of existing subroutinesand utilities, by controlling the order in which thoseprograms are linked, compiled, and executed.
map The process of reassigning the meaning of aterminal key. In general, the process of reassigningthe meaning of any key.
memory Storage on electronic memory such asrandom access memory, read only memory, orregisters. See storage.
message Information displayed about an error orsystem condition that may or may not require auser response.
motd “Message of the day”. The login “billboard”message.
MotifT The graphical user interface for OSF,incorporating the X Window System. Behavior ofthis interface is compatible with the IBM/MicrosoftPresentation Manager user interface for OS/2. Alsocalled OSF/Motif.
mount A logical (that is, not physical) attachment ofone file directory to another. “remote mounting”allows files and directories that reside on physicallyseparate computer systems to be attached to alocal system.
mouse A device that allows you to select objectsand scroll the display screen by means of buttons.
move Relinking a file or directory to a different oradditional directory. The data (if any) is not moved,
only the links.multiprogramming Allocation of computer
resources among many programs. Used to allowmany users to operate simultaneously and to keepthe system busy during delays occasioned by I/Omechanical operations.
multitasking Capability of performing two or morecomputing tasks, such as interactive editing andcomplex numeric calculations, at the same time.AIX and OS/2 are multi-tasking operating systems;DOS, in contrast, is a single-tasking system.
multiuser A computer system which allows manypeople to run programs “simultaneously” using
multiprogramming techniques.
Nnamed pipe See FIFO.
Network File System (NFST) A program developedby SUN Microsystems, Inc. for sharing files amongsystems connected via TCP/IP. IBM's AIX, VM, andMVS operating systems support NFS.
NFST See Network File System.
NIST National Institute of Science and Technology(formerly the National Bureau of Standards).
node An element within a communication network.
• Computer• Terminal• Control Unit
null A term denoting emptiness or nonexistence.
null device A device used to obtain empty files ordispose of unwanted data.
null string A character string containing zerocharacters.
Oobject-oriented programming Method of
programming in which sections of program codeand data are represented, used, and edited in theform of “objects”, such as graphical elements,window components, and so forth, rather than asstrict computer code. Through object-orientedprogramming techniques, toolkits can be designedthat make programming much easier. Examples ofobject-oriented programming languages includePareplace Systems, Inc.'s Smalltalk-80T, AT&T'sC++T, and Stepstone Inc.'s Objective-CR.
oem original equipment manufacturer. In the contextof AIX, OEM systems refer to the processors of a
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 688/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
X-6 AIX installation © Copyright IBM Corp. 2009
heterogeneous computer network that are notmade or provided by IBM.
Open Software FoundationT (OSF) A non-profitconsortium of private companies, universities, andresearch institutions formed to conduct opentechnological evaluations of available componentsof UNIX operating systems, for the purpose ofassembling selected elements into a completeversion of the UNIX operating system available to
those who wish to license it. IBM is a foundingsponsor and member of OSF.
operating system The programs and proceduresdesigned to cause a computer to function, enablingthe user to interact with the system.
option A command argument used to specify thedetails of an operation. In AIX an option is normallypreceded by a hyphen.
ordinary file Files containing text, programs, orother data, but not directories.
OSFT See Open Software Foundation.
output redirection Passing a programs standardoutput to a file.
owner The person who created the file or hissubsequent designee.
Ppacket switching The transmission of data in small,
discrete switching “packets” rather than in streams,for the purpose of making more efficient use of thephysical data channels. Employed in some UNIXsystem communications.
page To move forward or backward on screen full ofdata through a file usually referring to an editorfunction.
parallel processing A computing strategy in whicha single large task is separated into parts, each ofwhich then runs in parallel on separate processors.
parent The process emerging from a Fork with anon#zero return code (the process ID of the childprocess). A directory which points at a specifieddirectory.
password A secret character string used to verifyuser identification during login.
PATH A variable which specifies which directoriesare to be searched for programs and shell files.
path name A complete file name specifying alldirectories leading to that file.
pattern-matching character Special characterssuch as * or ? that can be used in a filespecification to match one or more characters. Forexample, placing a ? in a file specification meansthat any character can be in that position.
permission The composite of all modes associatedwith a file.
pipes UNIX operating system routines that connectthe standard output of one process with thestandard input of another process. Pipes arecentral to the function of UNIX operating systems,which generally consist of numerous small
programs linked together into larger routines bypipes. The “piping” of the list directory command tothe word count command is ls | wc. The passing ofdata by a pipe does not (necessarily) involve a file.When the first program generates enough data forthe second program to process, it is suspendedand the second program runs. When the secondprogram runs out of data it is suspended and thefirst one runs.
pipe fitting Connecting two programs with a pipe.pipeline A sequence of programs or commands
connected with pipes.
portability Desirable feature of computer systemsand applications, referring to users' freedom to runapplication programs on computers from manyvendors without rewriting the program's code. Alsoknown as “applications portability”,“machine-independence”, and“hardware-independence”; often cited as a causeof the recent surge in popularity of UNIX operatingsystems.
port A physical I/O interface into a computer.
POSIX “Portable Operating Systems for ComputerEnvironments”. A set of open standards for anoperating system environment being developedunder the aegis of the IEEE.
preprocessor The macro generator preceding theC compiler.
process A unit of activity known to the AIX system,usually a program.
process 0 (zero) The scheduler. Started by the“boot” and permanent. See init.
process id A unique number (at any given time)identifying a process to the system.
process status The process's current activity.
• Non existent• Sleeping• Waiting• Running• Intermediate• Terminated• Stopped.
profile A file in the users home directory which isexecuted at login to customize the environment.The name is .profile.
prompt A displayed request for information oroperator action.
protection The opposite of permission, denyingaccess to a file.
Qquotation Temporarily cancelling the meaning of a
metacharacter to be used as a ordinary textcharacter. A backslash (\) “quotes” the nextcharacter only.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 689/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Glossary X-7
Rraw I/O I/O conducted at a “physical” level.
read permission Allows reading (not execution orwriting) of a file.
recursive A recursive program calls itself or iscalled by a subroutine which it calls.
redirection The use of other than standard input(keyboard or pipe output) or standard output(terminal display or pipe). Usually a file.
regular expression An expression which specifiesa set of character strings using metacharacters.
relative path name The name of a directory or fileexpressed as a sequence of directories followed bya file name, beginning from the current directory.
RISC Reduced Instruction Set Computer. A class ofcomputer architectures, pioneered by IBM's JohnCocke, that improves price#performance byminimizing the number and complexity of theoperations required in the instruction set of acomputer. In this class of architecture, advancedcompiler technology is used to provide operations,
such as multiplication, that are infrequently used inpractice.
root directory The directory that contains all otherdirectories in the file system.
Sscalability Desirable feature of computer systems
and applications. Refers to the capability to use thesame environment on many classes of computers,from personal computers to supercomputers, toaccommodate growth or divergent environments,without rewriting code or losing functionality.
SCCS Source Code Control System. A set of
programs for maintaining multiple versions of a fileusing only edit commands to specify alternateversions.
scope The field of an operation or definition. Globalscope means all objects in a set. Local scopemeans a restriction to a subset of the objects.
screen See display screen.
scroll To move information vertically or horizontallyto bring into view information that is outside thedisplay screen or pane boundaries.
search and replace The act of finding a match to agiven character string and replacing eachoccurrence with some other string.
search string The pattern used for matching in asearch operation.
sed Non-interactive stream editor used to do “batch”editing. Often used as a tool within shell scripts.
server A provider of a service in a computernetwork; for example, a mainframe computer withlarge storage capacity may play the role ofdatabase server for interactive terminals. Seeclient.
setuid A permission which allows the access rightsof a program owner to control the access to a file.
The program can act as a filter for user datarequests.
shell The outermost (user interface) layer of UNIXoperating systems. Shell commands start andcontrol other processes, such as editors andcompilers; shells can be textual or visual. A seriesof system commands can be collected togetherinto a “shell script” that executes like a batch(.BAT) file in DOS.
shell program A program consisting of a sequenceof shell commands stored in an ordinary text filewhich has execution permission. It is invoked bysimply naming the file as a shell command.
shell script See shell program.
single user (mode) A temporary mode used during“booting” of the AIX system.
signal A software generated interrupt to anotherprocess. See kill.
sockets Destination points for communication inmany versions of the UNIX operating system,much as electrical sockets are destination pointsfor electrical plugs. Sockets, associated primarily
with 4.3 BSD, can be customized to facilitatecommunication between separate processes orbetween UNIX operating systems.
software Programs.
special character See metacharacter.
special file A technique used to access I/O devicesin which “pseudo files” are used as the interface forcommands and data.
standard error The standard device at which errorsare reported, normally the terminal. Errormessages may be directed to a file.
standard input The source of data for a filter, whichis by default obtained from the terminal, but which
may be obtained from a file or the standard outputof another filter through a pipe.
standard output The output of a filter whichnormally is by default directed to the terminal, butwhich may be sent to a file or the standard input ofanother filter through a pipe.
stdio A “Standard I/O” package of C routines.
sticky bit A flag which keeps commonly usedprograms “stick” to the swapping disk forperformance.
stopped job A job that has been halted temporarilyby the user and which can be resumed at hiscommand.
storage In contrast to memory, the saving ofinformation on physical devices such as fixed diskor tape. See memory.
store To place information in memory or onto adiskette, fixed disk, or tape so that it is available forretrieval and updating.
streams Similar to sockets, streams are destinationpoints for communications in UNIX operatingsystems. Associated primarily with UNIX System V,streams are considered by some to be more
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 690/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
X-8 AIX installation © Copyright IBM Corp. 2009
elegant than sockets, particularly for interprocesscommunication.
string A linear collection of characters treated as aunit.
subdirectory A directory which is subordinate toanother directory.
subtree That portion of an AIX file systemaccessible from a given directory below the root.
suffix A character string attached to a file name thathelps identify its file type.
superblock Primary information repository of a filesystem (location of i-nodes, free list, and so forth).
superuser The system administration; a user withunique privileges such as upgrading executionpriority and write access to all files and directories.
superuser authority The unrestricted ability toaccess and modify any part of the OperatingSystem. This authority is associated with the userwho manages the system.
SVID System V Interface Definition. An AT&Tdocument defining the standard interfaces to be
used by UNIX System V application programmersand users.
swap space (disk) That space on an I/O deviceused to store processes which have beenswapping out to make room for other processes.
swapping The process of moving processesbetween main storage and the “swapping device”,usually a disk.
symbolic debugger Program for debugging otherprograms at the source code level. Commonsymbolic debuggers include sdb, dbx, and xdbx.
sync A command which copies all modified blocksfrom RAM to the disk.
system The computer and its associated devicesand programs.
system unit The part of the system that containsthe processing unit, the disk drive and the disk, andthe diskette drive.
System V AT&T's recent releases of its UNIXoperating system are numbered as releases of“UNIX System V”.
TTCP Transmission Control Protocol. A facility for the
creation of reliable bytestreams (byte-by-byte,end#to#end transmission) on top of unreliabledatagrams. The transmission layer of TCP/IP isused to interconnect applications, such as FTP, sothat issues of re-transmission and blocking can besubordinated in a standard way. See TCP/IP.
TCP/IP Transmission Control Protocol/InternetProtocol. Pair of communications protocolconsidered de facto standard in UNIX operatingsystem environments. IBM TCP/IP for VM and IBMTCP/IP for MVS are licensed programs thatprovide VM and MVS users with the capability ofparticipating in networks using the TCP/IP protocolsuite.
termcap A file containing the description of severalhundred terminals. For use in determiningcommunication protocol and available function.
termlib A set of C programs for using termcap.
tools Compact, well designed programs to performspecific tasks. More complex processes areperformed by sequences of tools, often in the formof pipelines which avoid the need for temporaryfiles.
two-digit display Two seven-segment light-emittingdiodes (LEDs) on the operating panel used to trackthe progress of power-on self-tests (POSTs).
UUNIX Operating System A multi-user, multi-tasking
interactive operating system created at AT&T BellLaboratories that has been widely used anddeveloped by universities, and that now isbecoming increasingly popular in a wide range ofcommercial applications. See Kernel, Shell,Library, Pipes, Filters.
user interface The component of the AIX FamilyDefinition that describes common user interfacefunctions for the AIX PS/2, AIX/RT, and AIX/370operating systems.
/usr/grpR One of the oldest, and still active, usergroups for the UNIX operating systems. IBM is amember of /usr/grp.
uucp A set of AIX utilities allowing
• Autodial of remote systems• Transfer of files• Execution of commands on the remote system• Reasonable security.
Vvi Visual editor. A character editor with a very
powerful collection of editing commands optimizedfor ASCII terminals; associated with BSD versionsof the UNIX operating system.
visual editor An optional editor provided with AIX inwhich changes are made by modifying an image ofthe file on the screen, rather than through theexclusive use of commands.
Wwild card A metacharacter used to specify a set of
replacement characters and thus a set of file
names. For example "*" is any zero or morecharacters and "?" is any one character.
window A rectangular area of the screen in whichthe dialog between you and a given application isdisplayed.
working directory The directory from which filesearches are begun if a complete pathname is notspecified. Controlled by the cd (change directory)command.
workstation A device that includes a keyboard fromwhich an operator can send information to the
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 691/692
Student Notebook
Course materials may not be reproduced in whole or in part
without the prior written permission of IBM.
© Copyright IBM Corp. 2009 Glossary X-9
system, and a display screen on which an operatorcan see the information sent to or received fromthe computer.
write Sending data to an I/O device.
write permission Permission to modify a file ordirectory.
XX/OpenT An international consortium, including
many suppliers of computer systems, concernedwith the selection and adoption of open systemstandards for computing applications. IBM is acorporate sponsor of X/Open. See CommonApplication Environment.
X Windows IBM's implementation of the X WindowSystem developed at the Massachusetts Instituteof Technology with the support of IBM and DECT,that gives users “windows” into applications andprocesses not located only or specifically on theirown console or computer system. X-Windows is apowerful vehicle for distributing applications amongusers on heterogeneous networks.
Yyacc “Yet Another Compiler# Compiler”. For
producing new command interfaces.
Zzeroeth argument The command name; the
argument before the first.
7/23/2019 AN121STUD
http://slidepdf.com/reader/full/an121stud 692/692
Student Notebook