What Is Partitioning?
The Adaptive Enterprise is all about pooling
and sharing of system resources by running many workloads on the same
system. However, this can sometimes be challenging because:
One or more of the applications would consume more than its fair share of system resources
Applications
have namespace collisions. They share the same network ports, log
files, configuration files, named pipes, patch levels, kernel tunables,
or any one of a number of other system resources
It can be difficult to schedule downtime on the system because multiple workloads are impacted.
Partitioning allows you to
put multiple applications on a server and isolate them from each other.
Each type of partition provides a different level of isolation from
resource or namespace collisions.
The properties of a partition can include one or more of the following:
Hardware-fault isolation:
the ability to ensure that hardware faults and hardware
maintenance in one partition won't impact other partitions on the
system.
Software-fault isolation:
the ability to ensure that a software fault in one partition won't impact applications running in other partitions.
Resource isolation:
the ability to control the amount of critical system resources available to each partition.
Security isolation:
the ability to ensure that the users and processes running in one
partition are not able to access or impact processes in other
partitions.
Namespace isolation:
the ability to ensure that each partition has a duplicated
namespace of one sort or another. It can include a copy of portions of
the file system or a copy of the entire operating system.
Application isolation:
the ability to have different versions and patch levels of the same application in different partitions.
Kernel parameter isolation:
the ability to tune the kernel parameters in each partition to
the application that will be running there. Many applications require a
specific set of kernel parameters to ensure that the application can run
at peak performance.
Operating system isolation:
the ability to run separate operating systems in each partition.
This has the advantage that it typically provides most of the other
types of isolation, the exception being hardware fault isolation. You
can safely run a development workload in a partition on one system that
is running production workloads in other partitions.
Resource flexibility:
the ability to share resources between different partitions. This
is the key benefit of partitions rather than separate systems for each
workload. When a workload runs out of resources on a system, it is not
possible to reconfigure the system to allocate additional resources. And
if the spike in load that caused the need for additional resources is
rare, the utilization of the server will go down if you add resources.
HP's Partitioning Continuum
HP supports
four different partitioning technologies that have progressively
stronger isolation or flexibility depending on your requirements. These
are depicted in Figure 1.
nPartitions
The first partitioning
alternative is hardware-supported partitions, or nPartitions (nPars).
HP introduced nPars during HP World in August 2000, when we introduced
our first cell-based platform, the HP 9000 Superdome. The architecture
of the system was designed to allow components of the system to be
isolated from one another. The key features of nPars include:
Complete hardware-fault isolation:
HP's nPars is unique in the industry because it provides fully
electrically isolated partitions inside a single system. This is
accomplished using a custom chipset design in each cell such that
firewalls are configured to ensure that electrical signals are dropped
if they are destined for a cell that does not belong to the partition.
This ensures that no hardware failure in one partition can affect any
other partition in the system.
Complete software-fault isolation:
Clearly, if the electrical signals can't cross an nPar boundary,
neither can any of the software running there. The partitions look and
act like separate systems. They can run separate OS images with
different versions, different patch levels, kernel tunables, etc.
Cell granularity:
One of the key benefits of nPars over separate servers for each
workload is the fact that an nPar can be resized very quickly.
Currently, HP-UX requires a reboot in order to move a cell from one
partition to another. However, a future version of HP-UX will support
addition and deletion of memory online, which will make possible a
number of interesting features, including online addition and deletion
of cells.
Multiple OS images:
Each partition gets its own hardware and software, including the operating system.
Support for HP-UX, Windows, OpenVMS and Linux:
The Precision Architecture–based HP 9000 Superdome only supports
HP-UX. However, the Integrity Superdome, based on the Itanium
processor, supports HP-UX, Windows, Linux, and OpenVMS in separate
partitions on the same system. Another benefit of this flexibility is
that the HP Integrity platform can be repurposed from an HP-UX platform
to a Windows platform either after the HP-UX workload has been moved to
another system or as an emergency spare in the case of a failed system.
In
late 2005, HP began supporting running Precision Architecture (PA)
processors in one partition and Itanium processors in another. This will
require up-to-date firmware but will be supported on any cell-based
system with either the sx1000 or sx2000 chipsets.
Virtual Partitions
Virtual partitions is
the ability to run multiple copies of the HP-UX operating system on a
single core set of hardware. This can be a separate server or within an
nPartition. Some of the key benefits of HP's vPars include:
Software-fault isolation:
Software faults on one partition, including kernel panics, can't impact other partitions.
Operating system isolation:
Each partition gets its own complete copy of the operating
system. They can be different versions, different patch levels,
different kernel tunables, etc. They also could run different versions
of the applications. This is why vPars are often used to provide
development and test environments.
Single CPU granularity:
vPars can be configured and run using a single CPU and can be allocated in single-CPU increments as well.
Dynamic CPU migration:
CPUs can be moved from one vPar to another while both partitions are up and running.
Minimal overhead:
HP's vPars solution was designed to allow each major hardware
component—CPUs and I/O cards—for example, to be assigned to a partition
in its entirety. Because these components are not shared, there is no
need for a virtualization layer to manage every interface between the OS
and the underlying hardware. Put differently, each OS talks directly to
the hardware assigned to the vPar, ensuring that running vPars on a
system has a minimal impact on performance.
Integrity VM
In 2005, HP
released a new partitioning technology designed specifically for the
Integrity platform called Integrity VM. This is a type of virtual
partition in which the system hardware itself is fully virtualized. The
result is that the operating system can operate inside the VM
unmodified. This means that users will be able to run any operating
system that supports the Integrity platform inside a VM, which includes
HP-UX 11i V2 initially and future support for 11i V3, Windows
Datacenter, Linux, or OpenVMS. Some of the key features of this
technology include:
OS isolation:
Each partition runs its own full copy of the operating system.
This means that the OS can be patched and tuned specifically for the
applications that are running there.
Sub-CPU or whole-CPU granularity:
Since the system is virtualized, each virtual CPU inside a VM
can represent a portion of a CPU or a whole CPU on the physical system.
Differentiated CPU controls:
Users have the ability to give differentiated access to the
physical CPUs to specific VMs. What this means is that you will be able
to define specific CPU entitlements for each VM. For example, you can
assign a four-CPU VM 50% of four physical CPUs, another 25%, and a third
10%.
I/O device sharing:
Integrity VM provides fully virtualized I/O, which means
multiple virtual SCSI cards can represent a single physical SCSI or
fibre channel card.
Because
of the complete virtualization of the system, the OS images are
unchanged. This ensures that all independent software vendor
applications will run with no changes as well.
This is a nice solution
for a test and/or development environment because the VMs are fully
isolated and can be created and destroyed quickly and easily.
Secure Resource Partitions
HP's first
consolidation solution was resource partitions, which have been shipping
in HP-UX for over 10 years. They have been enhanced regularly over the
years to include processor sets, memory, and I/O controls. The most
recent enhancement was the addition of security containment which has
been available in HP VirtualVault for many years making it possible to
run applications in separate Secure Resource Partitions (SRPs) such that
they can't communicate with one another. The key features of Secure
Resource Partitions include:
Sub-CPU or whole-CPU controls:
CPUs can be allocated to each SRP with sub-CPU granularity using
the fair share scheduler (FSS) or whole-CPU granularity using processor
sets (PSETs). CPU controls are implemented by instantiating separate
process schedulers for each partition in the HP-UX kernel.
Real memory controls:
HP-UX is unique in the industry in its implementation of memory
resource groups (MRGs). With MRGs, HP-UX creates a separate
memory-management subsystem for each partition.
Disk I/O bandwidth controls:
It is possible to define bandwidth controls for each LVM or VxVM volume group for each partition.
Application and user assignment to partitions:
Because all partitions are running in the same copy of the
operating system, it is important that processes get placed into the
correct partition when they start up. SRPs provides a number of
utilities that allow you to start up or move application processes to
the correct partition.
Security containment:
This is a new feature in HP-UX 11i V2 that has been integrated
with resource partitions to create what is now called Secure Resource
Partitions. Security containment allows you to define security
compartments for processes belonging to each application workload.
Within a compartment, processes have full access to IPC mechanisms
between processes, network interfaces and files on the file system.
However, it is not possible for a process in one compartment to
communicate with a process in another compartment unless a rule has been
defined to allow that specific communication to occur.
Secure Resource Partitions is
a set of technologies that have been implemented in the HP-UX kernel.
The product that pulls all these features together is Process Resource
Manager. PRM provides a single-configuration interface so users have the
ability to define partitions, assign CPU, memory, disk I/O and security
rules and then assign an application and/or set of users to run in that
partition.
Partitioning Flexibility
A very convenient feature
of the partitioning continuum is the fact that you can combine the
different types of partitions in almost any combination. The only
combination that is not supported is that vPars and Integrity VMs cannot
run in the same nPar. Figure 2 shows an example of the flexibility provided.
You can run Secure Resource
Partitions (SRPs) in an HP-UX partition using any of the other OS-level
partition options. You can run VMs in one nPar and vPars in another,
with Secure Resource Partitions in one or more of those vPars. This
flexibility is a tremendous advantage when trying to increase the
utilization of large servers by placing multiple workloads on them.
The key advantage is that
the partitioning continuum simplifies the consolidation design process
because you can look at each workload individually and determine what
level of isolation is required, what level of granularity is required,
and what level of flexibility is required. Then you can choose an
appropriate combination of partition technologies for all the workloads
on the system and stack the partitions in a combination that provides
all the features required for all the workloads.
