-
pdfcrowd.comopen in browser PRO version Are you a developer? Try
out the HTML to PDF API
Main Page -> QuickSheets -> AIX QuickStart
AIX QuickStart
Version 1.0.0Date: 3/29/10
This document is w ritten based upon AIX 6.1, not all commands
or concepts apply to previous versions of AIX.
Overview
Design Philosophy
AIX is primarily a tool-managed Unix. While some Uniceshave a
file-managed interface, AIX tends to use stanzafiles and ODM
databases as data stores for configurationoptions. This makes many
configuration options ratherdifficult or simply impossible with
just a text editor. TheAIX alternative is to leverage an expansive
set ofspecialized tools for all configuration options.
AIX is well integrated with System P hardware. As typicalwith
big-Unix implementations, AIX has a tightintegration with the
hardware it runs on. The result ofthis integration is an OS that
not only provides extensivediagnosis and reporting of hardware
issues, but also isdesigned to exploit numerous hardware features.
IBMextends this integration even more by allowing AIXinsight into
the virtualization layer with abilities likevirtual processor
folding.
IBM tends to lead with hardware and follow with the OS.Major
releases of the OS tend to coincide with new
Both System P hardware and AIX are heavily gearedtowards
virtualization. AIX is practically a para-virtualizedenvironment in
how well it is integrated with the SystemP virtualization
technologies. At the user level, allperformance and management
commands have beenmodified to account for differences that occur in
avirtualized environment. Despite and because of thesechanges, a
virtualized environment is virtuallyindistinguishable from a
non-virtualized environment tothe user.
AIX has a stable interface. While the management toolsand style
of those tools has not changed within AIX forover a decade, the
technologies supported by AIX hasgrown considerably. This is a
significant feature of AIX inthat it introduces new technologies
within a consistent,approachable, and well designed interface.
The LVM integration with AIX is thorough and mature.From the
install, management, and maintenance every
-
pdfcrowd.comopen in browser PRO version Are you a developer? Try
out the HTML to PDF API
hardware features and leverage those advances in thehardware.
While other Unices may take a software-centric approach to a
solution, IBM tends to rely upon alllayers of the system to an end.
One good example ofthis is the maturity and depth of
virtualizationtechnologies that permeate the System P product
line.
Commands in AIX generally follow a verb-noun syntax.The verbs
tend to be ls (list), mk (make), rm (remove),and ch (change). The
nouns vary by the target area suchas dev, fs, vg, and ps. Even many
of the odd-namedvariants follow a similar syntax such as crfs,
reducevg,and installp.
aspect of LVM design dovetails into other components ofthe OS,
firmware, and hardware to create anunparalleled environment. It is
for this reason that AIXsystems are more likely to be SAN booted
and less likelyto have 3rd party LVM products layered on top
thanother Unices.
A central focus of IBM design has been on RAS
features.Particularly with Power 6 systems, IBM has
designedextensive error detection and recovery into the
products.AIX is just one enabling component to this end. Allsystems
from CPU, memory, I/O busses, to systemprocesses are considered and
accounted for in thisdesign.
Acronyms & Definitions
CoD - Capacity on Demand. The ability to add computecapacity in
the form of CPU or memory to a runningsystem by simply activating
it. The resources must bepre-staged in the system prior to use and
are (typically)turned on with an activation key. There are
severaldifferent pricing models for CoD.
DLPAR - Dynamic Logical Partition. This was used originallyas a
further clarification on the concept of an LPAR asone that can have
resources dynamically added orremoved. The most popular usage is as
a verb; ie: toDLPAR (add) resources to a partition.
HEA - Host Ethernet Adapter. The physical port of the
IVEinterface on some of the Power 6 systems. A HEA portcan be added
to a port group and shared amongstLPARs or placed in promiscuous
mode and used by asingle LPAR. (See IVE)
HMC - Hardware Management Console. An "appliance"server that is
used to manage Power 4, 5, and 6hardware. The primary purpose is to
enable / control the
MSPP - Multiple Shared Processor Pools. This is a
capabilityintroduced in Power 6 systems that allows for more
thanone SPP.
NIM - Network Installation Management / Network InstallManager
(IBM documentation refers to both expansionsof the acronym.) NIM is
a means to perform remote initialBOS installs, and manage software
on groups of AIXsystems.
ODM - Object Data Manager. A database and supportingmethods used
for storing system configuration data inAIX. See the ODM section
for additional information.
PP - Physical Partition. An LVM concept where a disk isdivided
into evenly sized sections. These PP sections arethe backing of LPs
(Logical Partitions) that are used tobuild volumes in a volume
group. See the LVM section foradditional information.
PV - Physical Volume. A PV is an LVM term for an entiredisk. One
or more PVs are used to construct a VG(Volume Group). See the LVM
section for additional
-
pdfcrowd.comopen in browser PRO version Are you a developer? Try
out the HTML to PDF API
virtualization technologies as well as provide
call-homefunctionality, remote console access, and
gatheroperational data.
IVE - Integrated Virtual Ethernet. The capability to
providevirtualized Ethernet services to LPARs without the needof
VIOS. This functionality was introduced on severalPower 6
systems.
IVM - Integrated Virtualization Manager. This is amanagement
interface that installs on top of the VIOSsoftware that provides
much of the HMC functionality. Itcan be used instead of a HMC for
some systems. It is theonly option for virtualization management on
the bladesas they cannot have HMC connectivity.
LHEA - Logical Host Ethernet Adapter. The virtual interfaceof a
IVE in a client LPAR. These communicate via a HEA tothe outside /
physical world. (See IVE)
LPAR - Logical Partition. This is a collection of
systemresources (CPU, Memory, I/O adapters) that can host
anoperating system. To the operating system this collectionof
resources appears to be a complete physical system.Some or all of
the resources on a LPAR may be sharedwith other LPARs in the
physical system.
LV - Logical Volume. A collection of one or more LPs
(LogicalPartitions) in a VG (Volume Group) that provide storagefor
filesystems, journal logs, paging space, etc... See theLVM section
for additional information.
LVCB - Logical Volume Control Block. A LVM
structure,traditionally within the LV, that contains metadata for
theLV. See the LVM section for additional information.
MES - Miscellaneous Equipment Specification. This is achange
order to a system, typically in the form of anupgrade. A RPO MES is
for Record Purposes Only. Bothspecify to IBM changes that are made
to a system.
information.PVID - Physical Volume IDentifier. A unique ID that
is used
to track disk devices on a system. This ID is used inconjunction
with the ODM database to define /devdirectory entries. See the LVM
section for additionalinformation.
SMIT - System Management Interface Tool. An extensible XWindow /
curses interface to administrative commands.See the SMIT section
for additional information.
SPOT - Shared Product Object Tree. This is an installedcopy of
the /usr file system. It is used in a NIMenvironment as a NFS
mounted resource to enableremote booting and installation.
SPP - Shared Processor Pool. This is an organizationalgrouping
of CPU resources that allows caps andguaranteed allocations to be
set for an entire group ofLPARs. Power 5 systems have a single SPP,
Power 6systems can have multiple.
VG - Volume Group. A collection of one or more PVs(Physical
Volumes) that have been divided into PPs(Physical Partitions) that
are used to construct LVs(Logical Volumes). See the LVM section for
additionalinformation.
VGDA - Volume Group Descriptor Area. This is a region ofeach PV
(Physical Volume) in a VG (Volume Group) that isreserved for
metadata that is used to describe andmanage all resources in the
VG. See the LVM section foradditional information.
-
pdfcrowd.comopen in browser PRO version Are you a developer? Try
out the HTML to PDF API
Disks, LVM, & Filesystems
Concepts
LVM (Logical Volume Manager) is the ever-present diskand volume
management framework for AIX. The level ofintegration is visible
not only in fileystem commands thatunderstand the underlying LVM,
but in other, higherlevel, commands like the install and backup
utilities thatcan optionally grow filesytems when necessary.
Physical disks (hdisks) are placed under LVM control byadding
them to a VG (volume group). Within LVM, thesedisks are referred to
as PVs (Physical Volumes).
Each PV in a VG contains a unique ID called a PVID. ThePVID of a
disk is used to track all disks in a VG, but alsoprovides a device
name independence that makesimporting, exporting, and disk
management muchsimpler. Because the unique characteristics of the
diskbecome the identifier, the device name remainsconsistent but
does not need to as (properly) renaming /reordering disks under LVM
control is of littleconsequence.
Once a hdisk is placed into a VG it is divided into PP(Physical
Partitions). PPs are then used to create LVs(Logical Volumes). An
additional layer of abstraction isplaced between an LV and a PP
called a LP (LogicalPartition) that allows for more than one PP to
be used(i.e. mirrored) to back each portion of a LV.
The ODM is central to managing off-disk LVM structuresand
physical device to hdisk mappings. When a VG iscreated or imported
this information is added to the ODMas well as other system files
such as /etc/filesystems.
AIX LVM supports several versions of VGs that have
beenintroduced over the lifetime of the product. The VG typesare
normal, big, and scalable. Normal VGs were theoriginal creation and
are more limited than the big orscalable types. The easiest way to
tell the type of anexisting VG is to look at the Max PV value for
the VG (seeexample in the next section).
VGType
mkvgoption
MaxPV
MaxLV
MaxPP
Notes
Legacy 32 256 3512 Can be converted to BigVG
Big -B 128 512 130048 LVCB data is stored inthe head of the
dataarea in the LV
Scalable -S 1024 4096 2097152 Default LV and PPvalues are lower
andcan be increased toshown maximums
The default filesystem on AIX is JFS2. JFS2, and itpredecessor
JFS, are both journaling filesystems thatutilize the fundamental
Unix filesystem structures such
-
pdfcrowd.comopen in browser PRO version Are you a developer? Try
out the HTML to PDF API
A simplistic logical view of two PVs in a VG providing mirrored
PPsfor a LV.
Several on-disk structures are responsible for holding allLVM
information. The VGDA resides on each disk andholds structural
information such as the member PVs.The VGSA also resides on each
disk and contains statusinformation on all member devices. The LVCB
varies byVG type but traditionally has resided in the first part
ofan LV (when it exists as a separate structure). Inaddition to the
basic LVM commands that manage thesestructures, there are a number
of lower level LVMcommands that accesses this metadata more
directly.
The first disk in a VG will have two copies of the VGDA,and a
two disk VG will have one disk with a single VGDAand the other with
two copies. For three disk and largerVGs, each disk has a single
copy of the VGDA.
The concept of quorum is achieved when > 50% of thecopies of
the VGSA/VGDAs are online. If quorum is lostthen the VG can be
taken offline.
Quorum is problematic for two disk VGs because the lossof the
two VGDA disk means a loss of the entire VG. In amirrored
configuration (a typical case for two-disk VGs) it
utilize the fundamental Unix filesystem structures suchas
i-nodes, directory structures, and block allocations.(Technically,
JFS2 allocates blocks in groups called"extents".)
JFS2 is not an implementation of UFS and expandsconsiderably
over basic filesystem features with suchcapabilities as snapshots,
dynamic i-node allocation,online growth, extended attributes, and
encryption. AIXprovides a layer of abstraction over all
supportedfilesystems that map filesystem specific structures
tostandard Unix filesystem tools so that filesystems likeJFS2
appear as an implementation of UFS.
While most journaled Unix filesystem implementationsuse inline
logs (within the filesystem structure), AIXtends to use a special
type of LV that is created only tocontain log data. The jfs(2)log
LV can provide loggingcapability for more than one filesystem LV.
The log typemust match the filesystem type. JFS2 can log to an
inlinelog, but these implementations tend to be the exceptionto the
rule.
The default filesystems that are installed with AIX:
hd1 /home
hd2 /usr
hd3 /tmp
hd4 / root
hd5 BLV (Boot LogicalVolume)
hd6 Paging space
hd8 JFS2 log
hd9var /var
hd10opt /opt
hd11admin /admin New in 6.1
livedump /var/adm/ras/livedump New in 6.1 TL3
-
pdfcrowd.comopen in browser PRO version Are you a developer? Try
out the HTML to PDF API
is inappropriate to offline the VG for a single disk failure.For
this reason, quorum rules can be turned off in thecase of a two
disk mirrored VG.
livedump /var/adm/ras/livedump New in 6.1 TL3
/proc procfs pseudo filesystem
Management
List all PVs in a system (along) with VG membershiplspv
List all LVs on PV hdisk6lspv -l hdisk6
List all imported VGslsvg
List all VGs that are imported and on-linelsvg -o
The difference between lsvg and lsvg -o are theimported VGs that
are offline.
List all LVs on VG vg01lsvg -l vg01
List all PVs in VG vg02lsvg -p vg02
List filesystems in a fstab-like formatlsfs
Get extended info about the /home filesystemlsfs -q /home
Create the datavg VG on hdisk1 with 64 MB PPsmkvg -y datavg -s
64 hdisk1
Create a 1 Gig LV on (previous) datavgmklv -t jfs2 -y datalv
datavg 16
Create a log device on datavg VG using 1 PPmklv -t jfs2log -y
datalog1 datavg 1
Format the log device created in previous examplelogform
/dev/datalog1
Place a filesystem on the previously created datalvcrfs -v jfs2
-d datalv -m /data01 -A y
Find the file usage on the /var filesystemdu -smx /var
List users & PIDs with open files in /data04 mountfuser -xuc
/data04
List all mounted filesystems in a factor of Gigabytesdf -g (-m
and -k are also available)
Find what PV the LV called datalv01 is onlslv -l datalv01
The "COPIES" column relates the mirror distributionof the PPs
for each LP. (PPs should only be listed inthe first part of the
COPIES section. See the nextexample.) The "IN BAND" column tells
how much ofthe used PPs in this PV are used for this LV.
The"DISTRIBUTION" column reports the number of PPs ineach region of
the PV. (The distribution is largelyirrelevant for most modern SAN
applications.)
Create a LV with 3 copies in a VG with a single PVmklv -c 3 -s n
-t jfs2 -y badlv badvg 4
Note: This is an anti-example to demonstrate howthe COPIES
column works. This LV violates strictnessrules. The COPIES column
from lslv -l badlv lookslike: 004:004:004
Move a LV from hdisk4 to hdisk5migratepv -l datalv01 hdisk4
hdisk5
Move all LVs on hdisk1 to hdisk2migratepv hdisk1 hdisk2
The migratepv command is an atomic command inthat it does not
return until complete. Mirroring /breaking LVs is an alternative to
explicitly migrating
-
pdfcrowd.comopen in browser PRO version Are you a developer? Try
out the HTML to PDF API
A jfs2 log must exist in this VG and be logform(ed).(This was
done in the previous steps.) -m specifiesthe mount point for the
fs, and -A y is a option toautomatically mount (with mount -a).
Create a scalable VG called vg01 with two disksmkvg -S -y vg01
hdisk1 hdisk2
Create a FS using the VG as a parametercrfs -v jfs2 -g simplevg
-m /data04 \
-A y -a size=100M
The VG name here is "simplevg". A default LV namingconvention of
fslvXX will be used. The LV, and in thiscase log-LV, will be
automatically created.
Take the datavg VG offlinevaryoffvg datavg
Vary-on the datavg VGvaryonvg datavg
By default the import operation will vary-on the VG.An explicit
vary-on will be required for concurrentvolume groups that can be
imported onto two (ormore) systems at once, but only varied-on on
onesystem at a time.
Remove the datavg VG from the systemexportvg datavg
Import the VG on hdisk5 as datavgimportvg -y datavg hdisk5
The VG in this example spans multiple disks, but it isonly
necessary to specify a single member disk tothe command. The LVM
system will locate the othermember disks from the metadata provided
on thesingle disk provided.
Import a VG on a disk by PVID as datavgimportvg -y datavg
00cc34b205d347fc
Grow the /var filesystem by 1 Gigchfs -a size=+1G /var
breaking LVs is an alternative to explicitly migratingthem. See
additional migratepv, mirrorvg, andmklvcopy examples in this
section.
Put a PVID on hdisk1chdev -l hdisk1 -a pv=yes
PVIDs are automatically placed on a disk whenadded to a VG
Remove a PVID from a diskchdev -l hdisk1 -a pv=clear
This will remove the PVID but not residual VGDA andother data on
the disk. dd can be used to scrubremaining data from the disk. The
AIX install CD/DVDalso provides a "scrub" feature to (repeatedly)
writepatterns over data on disks.
Move (migrate) VG vg02 from hdisk1 to hdisk2extendvg vg02
hdisk2
migratepv hdisk1 hdisk2
reducevg vg02 hdisk1
Mirroring and then unmirroring is another method toachieve this.
See the next example
Move (mirror) VG vg02 from hdisk1 to hdisk2extendvg vg02
hdisk2
mirrorvg -c 2 vg02
unmirrorvg vg02 hdisk1
reducevg vg02 hdisk1
In this example it is necessary to wait for the mirrorsto
synchronize before breaking the mirror. Themirrorvg command in this
example will not completeuntil the mirror is established. The
alternative is tomirror in the background, but then it is up to
theadministrator to insure that the mirror process iscomplete.
Create a striped jfs2 partition on vg01mklv -C 2 -S 16K -t jfs2
-y vg01_lv01 \
-
pdfcrowd.comopen in browser PRO version Are you a developer? Try
out the HTML to PDF API
chfs -a size=+1G /var
In each of the chfs grow filesystem examples, AIXwill
automatically grow the underlying LV to theappropriate size.
Grow the /var filesystem to 1 Gigchfs -a size=1G /var
List the maximum LPs for LV fslv00lslv fslv00 | grep MAX
Increase the maximum LPs for fslv00 LVchlv -x 2048 fslv00
Create a mirrored copy of fslv08mklvcopy -k -s y fslv08 2
syncvg -l fslv08 must be run if the -k (sync now)switch is not
used for mklvcopy.
Add hdisk3 and hdisk4 to the vg01 VGextendvg vg01 hdisk3
hdisk4
Mirror rootvg (on hdisk0) to hdisk1extendvg rootvg hdisk1
mirrorvg -S rootvg hdisk1
bosboot -ad hdisk0
bosboot -ad hdisk1
bootlist -m normal hdisk0 hdisk1
The -S option to mirrorvg mirrors the VG in thebackground.
Running bosboot on hdisk0 is notrequired - just thorough.
vg01 400 hdisk1 hdisk2
This creates a stripe width of 2 with a (total) stripesize of
32K. This command will result in an upperbound of 2 (same as the
stripe size) for the LV. Ifthis LV is to be extended to another two
disks later,then the upper bound must be changed to 4 orspecified
during creation. The VG in this example wasa scalable VG.
Determine VG type of VG myvglsvg myvg | grep "MAX PVs"
MAX PVs is 32 for normal, 128 for big, and 1024 forscalable
VGs.
Set the system to boot to the CDROM on next bootbootlist -m
normal cd0 hdisk0 hdisk1
The system will boot to one of the mirror pairs(hdisk0 or
hdisk1) if the boot from the CD ROM doesnot work. This can be
returned to normal byrepeating the command without cd0.
List the boot device for the next bootbootlist -m normal -o
Command reference: lspv, lsvg, lslv, mkvg, mklv,
reducevg, extendvg, mklvcopy, chvg, logform, lvmo,exportvg,
importvg, varyonvg, varyoffvg, bosboot,bootlist, /etc/filesystems,
crfs, chfs, lsfs, rmfs, mount,fuser, df, du
NFS
Many of the NFS commands accept the -I, -B, or -Nswitches. These
three switches are used to control thepersistence of the command.
-B is now and future boots,-I is future boot (but not now), and -N
is now (but notnext boot). The -B option tends to be the default.
The
List all exported file systemsshowmount -e
orexportfs
Temporarily export the /varuna_nfs directory
-
pdfcrowd.comopen in browser PRO version Are you a developer? Try
out the HTML to PDF API
following table relates how these options modify the
NFScommands:
Flag Now After Boot
-I
-B
-N
The NFS daemons are started out of /etc/inittab using
the /etc/rc.nfs script. The mknfs and rmnfs commandstoggle the
inittab entries and control if the NFS systemstarts.
The "share" commands are provided for compatibility withother
Unices. The share commands are links to theexportfs command.
Enable NFS daemons now, and on next startmknfs
Disable NFS daemons now, and on next startrmnfs
See if NFS will start on bootlsitab rcnfs
This command simply lists the rcnfs entry in/etc/inittab. If one
exists (and is not commentedout) then the rc.nfs script will be run
from inittab(and start NFS).
Start NFS daemons now, but not at next bootmknfs -N
orstartsrc -g nfs
List the status of the NFS serviceslssrc -g nfs
exportfs -i -o rw,root=vishnu:varuna \
/varuna_nfs
The root users on vishnu and varuna are given rootaccess to this
share. This export was used to createa system WPAR called varuna on
a LPAR calledvishnu that can be found in the WPAR section
below.
Export all entries in /etc/exportsexportfs -av
(Temporarily) unexport the /proj shareexportfs -u /proj
Permanently export the /proj sharemknfsexp -d /proj -t rw
The -N, -I, and -B options are valid with thiscommand. Here, the
-B is implied. If the NFS servicesare not set to re-start on boot
then this export willtechnically not be "permanent" as the share,
eventhough this entry is permanent, will not be enabledafter next
boot.
List clients of this host with share pointsshowmount -a
Add an entry to the /etc/filesystems filemknfsmnt -f /projects
-d /proj \
-h mumbai -A -E
Note that the -A and -E switches cannot be stacked(-AE). -A
specifies to mount on boot and -E specifiesthe intr mount
option.
Command reference: showmount, chnfs, mknfs, rmnfs,
nfso, automount, chnfsexp, chnfsmnt, exportfs,
lsnfsexp,lsnfsmnt, mknfsexp, mknfsmnt, rmnfsexp, rmnfsmnt,mount
Other
-
pdfcrowd.comopen in browser PRO version Are you a developer? Try
out the HTML to PDF API
The procfs is the single (default) pseudo fs.
Interestingly,/proc is not used by commands like ps or topas but
isused by commands like truss. Additional information on/proc can
be found in the header file andthe /proc InfoCenter page.
A list of supported filesystems can be found in the/etc/vfs
file.
The cdromd daemon is used to automount CD / DVDmedia. It is not
enabled by default. cdromd uses the/etc/cdromd.conf file to
configure default options for thecdX device such as the default
mount directory.
Paging spaces are specified in the /etc/swapspaces file.The
chps, mkps, rmps, and lsps commands are used tomodify / view this
file.
Find your CD/DVD ROMlsdev -Cc cdrom
List all paging spaceslsps -a
Grow the hd6 paging space by 4 LPschps -s 4 hd6
The current LP count and LP/PP size can be foundusing lslv
hd6.
Mount DVD media in the DVD drivemount -v udfs -o ro /dev/cd0
/mnt
Mount CD media in the CD/DVD drivemount -rv cdrfs /dev/cd0
/mnt
Both the cdrfs and udfs are different types asdefined in
/etc/vfs, but both seem to work for AIXDVD media.
Command reference: chps, lsps, rmps, swapoff, swapon,
mount, umount, cdromd, cdeject, cdmount, cdcheck,cdumount,
cdutil
Networking
Concepts
Ethernet devices are entX devices while enX and etXdevices
represent different frame types that run on theunderlying entX
device. Typically the enX device is what isplumbed on most networks
and etX is not used.
Attributes of the entX device are physical layer connection
The /etc/resolv.conf uses a traditional format, but canbe
managed via the namerslv and *namsv commands.The /etc/netsvc.conf
file is the AIX version of thensswitch.conf file in that it
determines the servicelookup order for name services.
-
pdfcrowd.comopen in browser PRO version Are you a developer? Try
out the HTML to PDF API
settings such as speed and duplex as well as driversettings such
as transmit and receive queue sizes.Attributes of the enX device
are configurable items suchas IP address, subnet mask, and some
TCP/IP tunables.
Like the enX device, the inet0 device is not a physicaldevice.
It is a representation / management interface forthe Internet
(networking) subsystem. The hostname,routing info and TCP/IP
configuration method areattributes of this device.
Networking is typically started from /etc/rc.net usingthe
settings stored in the ODM (and not from rc.tcpip).When started in
this manner several helper commandsare responsible for pulling the
config from the ODM andconfiguring devices. Alternatively,
/etc/rc.net can beconfigured to use ifconfig commands or
/etc/rc.netcan be bypassed completely and /etc/rc.bsdnet can beused
instead. The setting that determines which method(rc.net or
rc.bsdnet) is used is stored as an attribute tothe inet0 device.
(The point here is not necessarily torecommend the use the
alternative methods but to pointto where the options are set and
where additionaldetails on the process can be found.)
AIX supports trunking (EtherChannel / 802.3ad), taggedVLANs
(802.1q), Virtual IP addresses (VIPA), deadgateway detection
(multiple default gateways), IPmultippath routing, and network
adapter backup. Thenetwork adapter backup does not require
EtherChannelbut is part of the smitty EtherChannel setup
section.
Hostname lookup order is determined using/etc/irs.conf, then
/etc/netsvc.conf and finally$NSORDER. (The order of precedence is
reverse - meaning,for example, a value set in $NSORDER will be used
overthe other two methods.) The irs.conf and $NSORDERmethods are
typically not used.
Network related tunables can be set globally, per-interface, or
per-socket connection. Most global tunablesare managed with the no
command. Interface specifictunables are set on the entX or the enX
devices usingthe chdev command. AIX now recognizes a ISNO(Interface
Specific Network Option) flag that overridesmany of the global
settings and uses the settings foreach interface over those set
globally. This is animportant concept as much application
documentationstill refers to the global settings while the default
is nowto use the local settings. ISNO can be determined
fromquerying with the no command or looking at ifconfigresults.
Examples of retrieving the defaults, ranges, andcurrent values as
well as setting new values are shownin the next section.
Settings for the HEA (Host Ethernet Adapter) are notalways set
from the OS. Physical layer settings for thisdevice are typically
set from the ASMI menus or from theHMC.
Changes were made to the AIX 6.1 network tunables.The no command
will list many tunables as "restricted".IBM recommends against
changing a restricted tunablefrom the default.
Management
The assumption of this section is that rc.net / ODM isused for
IP configuration. If the configuration is notstored in the ODM and
is configured via script then many
To view the (current) route tablenetstat -r
To view the (persistent) route table from the ODM
-
pdfcrowd.comopen in browser PRO version Are you a developer? Try
out the HTML to PDF API
stored in the ODM and is configured via script then manyof these
"temporary" commands could be used topersistently configure the IP
settings.
The following examples also assume the use of en0 overet0.
List all Adapters in the systemlsdev -Cc adapter
List all interfaces in the systemlsdev -Cc if
Initial setup of an interfacemktcpip
Note that mktcpip has an exceptional amount ofoptions. They are
not listed here because thiscommand is a prime example of when to
use SMIT.See next item for more typical use.
Smitty interface to initial TCP/IP setupsmitty mktcpip
This command is usually run once for a system(typically in the
post-install setup if run fromCD/DVD), additional changes can be
done directly viathe chdev command or via the smitty configtcpmenu
screen.
Permanently set the hostnamechdev -l inet0 -a
hostname=bombay
Temporarily add a default routeroute add default 192.168.1.1
Temporarily add an address to an interfaceifconfig en0
192.168.1.2 \
netmask 255.255.255.0
Temporarily add an alias to an interfaceifconfig en0 192.168.1.3
\
netmask 255.255.255.0 alias
To permanently add an IP address to en1chdev -l en1 -a
netaddr=192.168.1.1 \
To view the (persistent) route table from the ODMlsattr -EHl
inet0 -a route
Add an entry for "rhodes" to the hosts filehostent -a
192.168.1.101 \
-h "rhodes.favorite.com rhodes"
The hostent is a command for editing the /etc/hostsfile. Most
edits on this file are done by hand. Thehostent command is
mentioned here first for itspotential use as a scripting tool, but
also as anexample of the pervasive tool-managed nature ofAIX.
List all services represented by inetdlssrc -ls inetd
List all open, and in use TCP and UDP portsnetstat -anf inet
List all LISTENing TCP portsnetstat -na | grep LISTEN
Flush the netcd DNS cachenetcdctrl -t dns -e hosts -f
Get (long) statistics for the ent0 deviceentstat -d ent0
ornetstat -v ent0
Remove the -d option from entstat for shorterresults. The output
of entstat varies by device type.Virtual, physical, and IVE (LHEA)
devices all producedifferent results. Use caution and test
throughlywhen scripting this command.
List all network tunablesno -a
List all tunable settings in long formatno -L
The "long" format is more readable as well asdisplaying current,
default, persistent, min and maxvalues.
-
pdfcrowd.comopen in browser PRO version Are you a developer? Try
out the HTML to PDF API
-a netmask=0xffffff00
Permanently add an alias to an interfacechdev -l en0 -a \
alias4=192.168.1.3,255.255.255.0
Remove a permanently added alias from an interfacechdev -l en0
-a \
delalias4=192.168.1.3,255.255.255.0
Remove all TCP/IP configuration from a hostrmtcpip
View the settings on inet0lsattr -El inet0
This can be run for ent0 and en0 as well. Thesesettings are
typically stored in the ODM objectrepository CuAt and are
retrievable via odmget -qname=inet0 CuAt.
Determine if rc.bsdnet is used over rc.netlsattr -El inet0 -a
bootup_option
Find actual (negotiated) speed, duplex, and linkentstat -d
ent0
The interface must be up (ifconfig en0 up) for statsto be valid.
The netstat -v ent0 command givessimilar results.
Set (desired) speed is found through the entX devicelsattr -El
ent0 -a media_speed
Set the ent0 link to Gig full duplexchdev -l ent0 -a \
media_speed=1000_Full_Duplex -P
Auto_Negotiation is another option (see the nextexample).
View all configurable options for speed and duplexlsattr -Rl
ent0 -a media_speed
Find the MTU of an interfacenetstat -I en0
values.Get a description of the use_isno tunableno -h
use_isno
These descriptions were expanded in AIX 6.1.Additionally many
will be listed as restricted wherethey were not in previous
versions.
Turn off Interface Specific Network Optionsno -p -o
use_isno=0
The following tcpdump examples are simplistic and limited,an
extended usage description for tcpdump is beyond thescope of this
document. The intent is to give a few easyexamples that can be
expanded to the users needs.Additional help with filter expressions
and command lineoptions is available on the tcpdump InfoCenter
page.Also note that while efforts have been made to accountfor line
wraps in the printed version, these commandsremain un-wrapped for
readability.
Watch all telnet packets from aachentcpdump -Nq 'host aachen and
(port telnet)'
-N gives short host names.Watch connect requeststcpdump -q
'tcp[tcpflags] & tcp-syn != 0'
-q gives abbreviated packet info.Watch all connection requests
to port 23tcpdump -q 'tcp[tcpflags] & tcp-syn != 0 and port
telnet'
Command reference: mktcpip, rmtcpip, ifconfig, netcdctrl,
no, tcpdump, chdev, lsattr, entstat, netstat, route,
host,hostname
-
pdfcrowd.comopen in browser PRO version Are you a developer? Try
out the HTML to PDF API
System Configuration & Management
Devices
Physical device to /dev device representations aremapped via ODM
database entries. Actual locations ofdevices can be retrieved using
the lscfg or lsdevcommands. The mapping provided by the ODM
provides apersistent binding for device names across boots of
thesystem.
The mapping of physical devices to the logical devices in/dev is
an automated process performed by theoperating system. It is
typically not required to move orotherwise re-order these devices.
In a highly dynamicenvironment where devices are added and removed,
itmay be advantageous to clear previous instances of adevice from
the ODM and /dev directory.
New devices are added to the system with the cfgmgrcommand.
Logical instances of of devices can beremoved from the system via
the rmdev command. rmdevsimply tells the system to forget the
device, so unless thephysical device is actually removed it will
simply be foundand re-created when the cfgmgr command is run
again(e.g. at next boot).
Device support requires that the appropriate packages(drivers)
are installed for each device. The default AIXinstall includes
support for devices not on the system. Ifa device is newer or a
minimal OS install was done thensupport may not be included for new
devices. In thiscase the cfgmgr command will flag an error that
anunsupported device has been found.
Device configuration options are stored in the pre-defineddevice
databases of the ODM. Information about actualdevices are stored in
the configured device databases of
Get device address of hdisk1getconf DISK_DEVNAME hdisk1
orbootinfo -o hdisk1
This is the same information available from othercommands, just
not requiring greping or awking toretrieve this specific data.
bootinfo is not officiallysupported as an administrative
command.
Get the size (in MB) of hdisk1getconf DISK_SIZE /dev/hdisk1
orbootinfo -s hdisk1
Note that a full path to the device is required for thegetconf
version.
Find the possible parent devices of hdisk0lsparent -Cl
hdisk0
This lists all devices that support that device type,not the
specific parent of this device. See thefollowing lsdev examples for
methods of findingparent devices.
List all child devices of scsi1lsdev -Cp scsi1
List all disks belonging to scsi1lsdev -Cc disk -p scsi1
Test if hdisk2 is a child device of scsi2lsdev -Cp scsi2 -l
hdisk2
This command will list all devices that meet thecriteria of
being hdisk2 and belonging to scsi2.Either it will list a device or
it will not.
Find the location of an Ethernet adapter
-
pdfcrowd.comopen in browser PRO version Are you a developer? Try
out the HTML to PDF API
the ODM. These configured options include instances andwell as
configuration options to the devices / drivers.
The lsdev command is used to list devices in thepredefined and
configured device (ODM) databases. Thelscfg command is used to
display VPD (Vital ProductData) information about each device. To
find all devicesthe system knows or has configured at one time use
thelsdev command. To search for a device by a specific type,class,
parent device or other complex criteria use thelsdev command. To
find the serial number or devicespecific identifier of a device use
the lscfg command.
List all devices on a systemlsdev
lsdev queries the predefined or configureddatabases using the -P
and -C flags respectively. Inthis case the -C flag is implied.
Addition of the -Hoption includes column header info.
List all disk devices on a systemlsdev -Cc disk
See next example for a list of potential classes asarguments to
the -c option.
List all customized device classeslsdev -Cr class
Customized device classes mean that they exist (orhave existed)
on the system. For a list of predefineddevices (ones that AIX could
support) change the -Coption for -P.
List locations of all hdisks in the systemlscfg -l 'hdisk*'
This can be accomplished via the lsdev command.The point here is
to show the use of wildcards in alscfg option.
Remove hdisk5
Find the location of an Ethernet adapterlscfg -l ent1
Find device specific info of an Ethernet adapterlscfg -vl
ent1
One key piece of device specific info would be theMAC address.
This command works for HBAs andother addressed adapters. The *stat
commandsalso tend to return addresses, often formatted in amore
readable manner. See the next example for anHBA / with the grep
command to isolate the address.
Find the WWN of the fcs0 HBA adapterlscfg -vl fcs0 | grep
Network
Get statistics and extended information on HBA fcs0fcstat
fcs0
Similar *stat commands exist for numerous types ofdevices such
as entstat, ibstat, tokstat, fddistat,etc..
List all MPIO paths for hdisk0lspath -l hdisk0
Temporarily change console output to /cons.outswcons
/cons.out
Use swcons to change back.Find the slot of a PCI Ethernet
adapterlsslot -c pci -l ent0
The lsslot command is used to find cards that arehot-swappable.
Not all systems will support thiscommand.
Command reference: lsdev, lsparent, lscfg, lsattr, chdev,
rmdev, cfgmgr, lscons, swcons, fcstat, entstat, ibstat,getconf
getconf, lsslot, drslot
-
pdfcrowd.comopen in browser PRO version Are you a developer? Try
out the HTML to PDF API
rmdev -dl hdisk5
The -d option removes the configured device entryfrom the ODM.
Unless the device is physicallyremoved, cfgmgr will bring it
back.
SMIT (System Management Interface Tool)
SMIT is a system management tool that assists theadministrator
with AIX utilities by providing an ASCII(curses) / X-Window GUI
interface to those tools. SMITprovides pick lists and menus for
command line optionsto AIX tools. The interface is designed to aid
withrecognition of more obscure switches, provide
additionalsecurity & accounting, and perform some validation
onthe input to those commands.
The SMIT interface is not a monolithic binary, but anextensible
framework of screens that relies uponunderlying OS commands to do
the work. Each SMITscreen is stored as a collection of ODM objects
in SMITspecific object classes.
Stepping through the complex menu system can beavoided by
jumping directly to a screen when a fastpathis specified when SMIT
is invoked. Fast paths are singleword (no spaces) phrases that
typically are thecommand that will be run in that screen. The fast
pathfor the current screen can be determined by using the F8key
while in that screen.
Sample fastpaths:
mktcpip Initial TCP/IP setup
lvm Root of the LVM menus
mkuser Screen to add a user
pgsp Root of the paging space menus
_nfs Root of NFS menus
SMIT can be invoked from the command line using smit orsmitty.
smit will start either the curses based version orthe X Window
version depending upon the presence ofthe X Window system. smitty
will always start thecurses (tty) version.
Additional information on customizing the SMIT interfacecan be
found on the "Extending SMIT For CommonLocalized Tasks" page.
Key sequences (for the curses version)
F3 (Esc-3) Exit current screen
F4 (Esc-4) Generate a pop-up list that can be chosen from
F6 (Esc-6) List the command that will be run
F5 (Esc-5) Reset the field to the original / default value
F8 (Esc-8) Show the fast-path tag for this screen
F10 (Esc-0) Exit SMIT
/phrase Search for phrase in a list
n Used to find the next occourence of the searchphrase
Tab Used to alternatively select items from a "ring"(a short
list).
Symbols that denote field data requirements:
* This is a required field
# This field requires a numeric value
-
pdfcrowd.comopen in browser PRO version Are you a developer? Try
out the HTML to PDF API
subserver inetd config
mpio Root screen for all MPIO operations
etherchannel Root of EtherChannel / 802.3ad memus
chgenet Configure paramaters on the ent device(s)
vlan Root of menus to manage VLAN configurations
mkvg Beginning screen to create a new VG
SMIT will save a script of runnable commands in~/smit.script and
~/smit.transaction as well as a logof commands run in ~/smit.log.
When invoked with the -x switch, SMIT will not run any of the
commands but willwrite the commands it would run to ~/smit.script
and~/smit.transaction. (Note: With the -x switch SMIT willstill run
the discovery commands to build lists and finddefault/existing
values but not the action commands.)
# This field requires a numeric value
/ This field requires a path
X This field requires a hexadecimal number
? The data entered will not be displayed
+ Data can be retrieved from a list
SRC
The SRC (System Resource Controller) is a processmanager that is
used to spawn, monitor, and controlservices. Many of the standard
Unix daemons aremanaged via this interface on AIX.
SRC does not have a persistent "service profile" andtherefore
does not comprehend persistence beyond thecurrent boot. For this
reason, it is necessary to findwhere the service is started and add
or remove thestartsrc (service start) command there. The
mostpopular locations for this are rc.tcp and inittab.
SRC controlled processes must be started and stoppedvia the SRC
interface. If a SRC process dies or is killedthe srcmstr daemon
will re-spawn that process and logan error to the system error
log.
The core process for SRC (srcmstr) is spawned from
Start the cdromd servicestartsrc -s cdromd
There is not a persistent flag for the startsrccommand. For this
service to automatically start onthe next boot, a change must be
made to one of thesystem initialization files. In this case, an
entry mustbe made in /etc/initttab.
Stop the cdromd servicestopsrc -s cdromd
Send a refresh request to the syslogd servicerefresh -s
syslogd
This would typically be communicated via a HUPsignal. Not all
SRC controlled processes respond to arefresh request and may
require a HUP signal.
-
pdfcrowd.comopen in browser PRO version Are you a developer? Try
out the HTML to PDF API
/etc/initttab. Services that run under SRC control donot leave
their process group (ie: have a PPID of 1), butinstead, stay
children of srcmstr.
List the status of the cdromd servicelssrc -s cdromd
List the status of inetd subserviceslssrc -l -s inetd
List the status of all members of the NFS grouplssrc -g nfs
Command reference: lssrc, startsrc, stopsrc, refresh,
srcmstr
Performance / Kernel / Tuning
The primary statistics provider for most basic
performancecommands on AIX is the Perfstat API / kernel
extension(See /usr/include/libperfstat.h.) This API supportsmost
non-trace based performance related tools.
The trace-based tools (denoted by a "T" in the list
below)utilize the trace facility. These tools generate
significantlymore detail than the perfstat based tools.
Unfortunatelythe level of detail provided by these tools comes at
theexpense of performance. Caution should be used whenrunning these
tools on a production system.
AIX 6.1 introduced probevue, a lightweight dynamic tracefacility
that provides trace-like insight but with a minimalperformance
impact. The probevue command utilizesscripts written in the Vue
language to define whatevents to capture data on and how to report
that data.Additional information can be found on the
ProbeVuepage.
With the introduction of Micro-partitions many commandswere
modified both to account for performance statisticgathering in the
virtualized environment as well asreporting virtual statistics.
When WPARs were introducedmany commands were extended to report
per-WPAR or
splat - [T] Simple Performance Lock Analysis Tool.Provides lock
statistics. Must be run on asystem booted with lock trace
reportingenabled.
spray - Network load generation tool using a remotesprayd
daemon. Requires the RPC daemon(rpc-sprayd) to be registered.
svmon - Displays general to detailed reports of VMusage on the
system as a whole or forindividual processes.
tcpdump - Capture network packets. Packets can befiltered by
type, port, interface, address, orother criteria. Packets can be
captured withdetail or in summary. See examples at theend of the
networking examples section.
topas - topas is a curses-based, interactive, multi-area,
general performance reporting tool.topas is often the first tool
used in aperformance tuning exercise. New topasusers may find
useful info on the localintroduction to topas page.
-
pdfcrowd.comopen in browser PRO version Are you a developer? Try
out the HTML to PDF API
WPAR specific statistics. The WPAR specific options aretypically
enabled with the -@ switch. Commands in thefollowing list that
support this option are marked withthe "@" symbol.
The *o commands (vmo, schedo, no, nfso, raso, ioo, andlvmo) are
used to view and set system related tunables.Persistent tunables
are saved in/etc/tunables/nextboot. Some persistent tunables
areinserted in and set from the BLV (therefore they requirethat
bosboot run to set the value for next boot.
The following is a list of general and lower-level
systemcommands for performance and diagnostics:
atmstat - Show statistics and device details for ATMadapters
curt - [T@] CPU Utilization Reporting Tool. A tracebased tool
for monitoring CPU activity.
entstat - Show statistics and device details forEthernet
adapters
fcstat - Show statistics and device details for FCHBAs
fddistat - Show statistics and device details for
FDDIadapters
fileplace - Show fragmentation and block / fs usage fora
file.
filemon - [T@] Generate a report of advanced /detailed disk
statistics that highlights whereI/O was generated and what
generated it.
gprof - Generate profiling statistics for a binary.
iostat - [@] Supports I/O statistics on multipledevice types,
but used primarily as a firstline disk I/O statistic reporting
tool.
ipcrm - [@] Remove IPC (InterProcess
introduction to topas page.
tprof - [T@] A trace based profiling tool.
truss - Reports syscall, signals, and most aspects ofsystem
interaction by a process.
uptime - Reports system uptime as well as 1, 5, and15 minute
system load averages.
vmstat - [@] Report statistics from the virtual
memorysubsystem.
Note: The examples section is not meant to be
comprehensive or even well representative of theavailable
options and performance monitoring methods.The scope and design of
this page does not allow for afull treatment of the performance
tools. Each sectionrequires a careful selection of the command
examplesand information that is of use. This section
requiressignificantly more abbreviation to fit in a
reasonablespace. The goal has been to give a mix of some
commonexamples along with some that are slightly atypical.
Most iterative commands here use two second intervals.This is
done only to make them consistent when showingthe iterative
options.
List processes in ptree-like outputps -T1
List all file opens for the ls processtruss -topen ls
List all file opens for a running PIDtruss -topen -p 274676
274676 is simply a PID that was active on thesystem when I
created the example.
List all open files for a running PIDprocfiles -n 274676
List all memory segments for a running PID
-
pdfcrowd.comopen in browser PRO version Are you a developer? Try
out the HTML to PDF API
ipcrm - [@] Remove IPC (InterProcessCommunication) semaphores,
messagequeues, and shared memory segments
ipcs - [@] List IPC (InterProcess Communication)semaphores,
message queues, and sharedmemory segments
iptrace - Network packet tracing daemon. Results canbe viewed
with ipreport
istat - A command line stat() tool. It gives similarinfo to ls
but in potentially more scriptableoutput.
kdb - An interactive user-space command forviewing kernel
structures, memory locations,tables, etc... from a running system
or adump of the kernel.
lparstat - [@] Reports per-LPAR statistics - primarilymemory and
CPU utilization. Also reportsvirtualization-aware statistics such
asentitlement consumption and hypervisorcalls. The WPAR flag on
this command is -Wnot -@.
lvmstat - Reports I/O statistics on VG structures (asopposed to
per-disk statistics). Statisticsgathering must be enabled with the
-eswitch before use.
mpstat - [@] Reports performance statistics such asinterrupts,
context switches, min/maj faults,system calls, and processor
affinity.
netpmon - [T@] Reports detailed network, socket, andNFS related
statistics over an interval.
netstat - [@] Show networking status for TCP/UDPthrough physical
layers.
pmcycles - A tool to measure actual CPU speed(presumably for
CPUs that may go into
svmon -P 274676
Get a filename for an inode from previous resultsncheck -i 1041
/dev/hd4
Once again, this example is of a local (to thissystem) inode
value. In this case svmon returned theinode and filesystem of the
file - the actual filenamewas desired.
Enable advanced statistics gathering on VG datavglvmstat -v
datavg -e
Use -e to enable, -d to disable.Monitor network throughput for
ent0while [ 1 ] ; do entstat -r ent0 | grep Bytes ;
sleep 2 ; done
First column is transmit and second is receive. This isa
non-curses based example, see the next examplefor a topas based
solution.
Monitor network throughput for all interfacestopas -E
Paging - in usesvmon -i 2
The -i 2 parameter tells to iterate every twoseconds.
Paging - activityvmstat 2
Show top-like CPU usage by processtopas -P
Show system wide CPU usagempstat 2
Get NFS server statisticswhile [ 1 ] ; do nfsstat -s ; sleep 2 ;
done
Generate CPU loaddd if=/dev/random of=/dev/null
List I/O stats organized by adapteriostat -a 2
-
pdfcrowd.comopen in browser PRO version Are you a developer? Try
out the HTML to PDF API
(presumably for CPUs that may go intopower save).
pprof - [T@] Reports detailed statistics on kernelthreads.
probevue - Lightweight dynamic tracing tool that utilizesthe Vue
language. Additional ProbeVueresources are available locally on
theProbeVue page.
ps - [@] List processes
pstat - Show the contents of several system tablesfrom a core
file or active kernel.
rmss - Tool to simulate a reduced memory footprintfor an
application. Running the LPAR withreduced memory may be a more
popularalternative to this command.
Get extended I/O stats on just two disksiostat -D hdisk0 hdisk1
2
List I/O stats by file systemiostat -F 2
Not supported on 5.3Show network statistics for
interfacesnetstat 2
ODM
The ODM (Object Data Manager) is a database store forsystem
information on AIX. The ODM is primarily used forsystem items such
as device instances and theconfiguration options for those devices
but may also beused for applications such as SMIT.
The ODM is a collection of object classes (files) that
areprimarily in /etc/objrepos but also stored in/usr/lib/objrepos,
/usr/share/lib/objrepos and theBLV. The copy and/or location of the
ODM to use isspecified either by an application or the ODMDIR /
ODMPATHenvironmental variables. For example, the SMIT screensare
stored in object classes in /usr/lib/objrepos butcan be stored in
an alternate ODM source. See the "Extending SMIT For Common
Localized
Tasks" page for info on using an alternate ODMsource for
SMIT.
Object classes are implemented as one or two filesdepending upon
the data types used in the definition ofthe object class. The
primary file has the same name asthe object class. An optional file
ending in .vc is used forvariable length and multi-byte nchar data.
The ODM datafiles are not recognized by the file command so I
haveincluded a sample MAGIC for both file types.
0 long 0x000dcfac ODM data file0 long 0x000caa1c ODM variable
data file
MAGIC entries for ODM files
Many introductions to the ODM use typical databaseexamples to
show how data is stored and retrieved.While this is useful for
understanding the structure of anobject class it is
counter-productive in that it masks what
-
pdfcrowd.comopen in browser PRO version Are you a developer? Try
out the HTML to PDF API
While applications can create object classes anywherethey wish,
the system object classes primarily exist inthe three directories
listed in the previous point. This isdone to separate data based
upon the type of filesystemit is in. Data that is specific to a
system is stored in/etc/objrepos. Platform specific data that can
be sharedacross systems (such as a network boot) is stored
in/usr/lib/objrepos. Platform independent data that canbe share
across systems is stored in/usr/share/lib/objrepos. One example of
this is the lppobject class that exists in all three locations. The
lslpp -l will query each of these object classes and displayeach in
its own group.
The primary benefits of the ODM is that it stores complexdata,
enforces data types on that data, and provides arich API / set of
command line utilities to access it. TheAPI supports locking that
insures a view consistency thatis not guaranteed with flat
files.
When mapping ODM to database concepts, an ODMobject class is the
equivalent of a database table, and isimplemented as one or more
files. An ODM object wouldbe a row in that table. An object
descriptor would be theequivalent of a database column
definition.
The ODM supports relations in the form of the "link" datatype.
It does not allow for joins of the data, nor does itenforce
referential integrity during inserts. The ODM doesnot enforce a
primary key, specifically the uniqueconstraint of a key. For this
reason, it is possible to haveduplicate objects in a object
class.
ODM command line tools:
odmget Query data from an ODM object class. Specificqueries are
supported with the -q option, but it isnot possible to limit
results to specific "columns"without using another command like
grep. If thequery string is omitted, then all data will be
object class it is counter-productive in that it masks whatis
really stored in the ODM. Another method of learningthe ODM is to
use the truss-query method. This meansthat you wrap a command in
truss (truss -topen) tocapture the file opens, then query the
resulting objectclasses for the data they contain.
The ODM command line tools work on two differentformats of
input/output from the object classes. Thestructure of the object
classes are defined in a syntaxthat is very similar to a C struct.
Actual object data isstructured in a stanza format.
class my_object_class { short descriptor1; short descriptor2;
vchar text[1024];};
Example of odmcreate/odmshow struct. (Nonsensical table withtwo
short int(eger)s and a string.)
CuAt: name = "inet0" attribute = "hostname" value = "mumbai"
type = "R" generic = "DU" rep = "s" nls_index = 24
Example of odmadd/odmget stanza syntax. (Actual output from
asystem.)
Steps to shrink an ODM object class called "Bloat"odmshow Bloat
> Bloat.definition
odmget Bloat > Bloat.data
odmcreate Bloat.definition
-
pdfcrowd.comopen in browser PRO version Are you a developer? Try
out the HTML to PDF API
query string is omitted, then all data will bereturned. (This is
an effecive way to back up thedata from the object class.) The data
will bereturned in the odmadd/odmget stanza format.
odmadd Insert data into an ODM object class. The datamust be in
the odmadd/odmget stanza format.Because null values are not
allowed, all"columns" must be filled with appropriate data.
odmchange Change data in an ODM object class. A querysyntax
allows the user to specify a limited set ofobjects (rows). The data
changed is specified in aodmadd/odmget stanza format. The stanza
filedoes not need to be complete as only thedescriptors (columns)
present in the stanza filewill be changed in each matched
object.
odmcreate Creates an ODM object class based upon
anodmcreate/odmshow "struct" file. The ODM filewill be created in
the default directory. Existingobject classes with the same name
will beoverwritten without warning.
odmdelete Will delete objects (rows) from an ODM objectclass.
The -q query syntax is supported to limitthe objects deleted. If
the query is omitted, allitems will be deleted. Selective delete
operationscan lead to bloated object class files.
odmdrop Deletes an entire ODM object class. All objects(rows)
and the object class itself will be deleted.All object class files
are deleted. Future queriesto this object class will fail.
odmshow Create a odmcreate/odmshow struct outputbased upon the
description of the ODM objectclass. The results will define each
descriptor(column) in the object class (table) as well ashave other
data related to the current contents ofthe object class in comment
format. This outputcan be used to re-create an empty object
class
odmadd Bloat.data
odmshow saves the table definition. odmget saves thetable data.
odmcreate re-creates the table. odmaddrestores the data. This is
not a popular task on AIX.The example here is more to relate the
purposes ofthe commands and give some insight into how theycan be
used.
Determine the ODM files opened by lsattrtruss -topen lsattr -El
inet0
Query CuAt for the inet0 configodmget -o CuAt -q name=inet0
The SMIT customization page has more ODM command
examples. Command reference: odmget, odmadd, odmchange,
odmcreate, odmdelete, odmdrop, odmshow
-
pdfcrowd.comopen in browser PRO version Are you a developer? Try
out the HTML to PDF API
using the odmcreate command.
Software Management
A fileset is the smallest manageable component in theLPP
(Licensed Program Product) hierarchy. A package is acollection of
related filesets. An LPP is a group ofpackages that tend to fall
within one product type, suchas "bos" - the base operating
system.
Filesets are divided by what part of the system theyinstall to.
This is either "root", "usr", or "share". Thesedivisions are
determined by install location as well asplatform dependence /
independence. Use the lslpp -Oflag with r, u, or s options to list
filesets from only onelocation. (Additional discussion of this is
found in theODM section and the three separate lpp ODM datastores -
one for each fileset install location.)
Most administrators perform installs via the SMIT or NIMmethods.
SMIT is most popular for simple one-off installsand smaller
environments. Use of installp directly fromthe command line is
significantly more complex than SMITor NIM.
The most popular SMIT fast paths are install_latestand
update_all. The install fast path requires that apackage repository
be specified on the first screen thenpresents the user with a
screen of install options toinclude the option to browse and select
from thesupplied repository.
Bundles are simply formatted lists of packages to beinstalled as
a unit. Bundle files are stored locally
in/usr/sys/inst.data/sys_bundles
and/usr/sys/inst.data/user_bundles. Bundles can beinstalled using
the smitty easy_install command.
Filesets can be installed in the applied or committed
List all software packages on /dev/cd0installp -l -d
/dev/cd0
It is not necessary to explicitly mount /dev/cd0. Theinstallp
command will do it automatically. None ofthe examples using
/dev/cd0 (including SMIT) in thissection require the explicit
mounting of the CD/DVDROM.
List the software in the default repository locationinstallp -ld
/usr/sys/inst.images
List all RPM packages on the systemrpm -qa
List all files in the installed gcc RPMrpm -ql gcc-4.2.0-3
List all filesets that are applied, and can be committed
orrejectedinstallp -s
List packages on media in /dev/cd0gencopy -Ld /dev/cd0
Copy contents of CD to local directorygencopy -d /dev/cd0 -t
/proj/instsrc \
-UX all
Copy contents of CD to default local directorygencopy -d
/dev/cd0 -UX all
Download AIX 5.3 TL10 updates to local repositorysuma -x -a
Action=Download \
-a RqType=TL -a RqName=5300-10
The updates will be placed in the default localrepository in
/usr/sys/inst.images.
Install the mkinstallp toolinstallp -acgXYd /usr/sys/inst.images
\
-
pdfcrowd.comopen in browser PRO version Are you a developer? Try
out the HTML to PDF API
states. Applied filesets retain previous versions and canbe
rolled back to the previous version (rejected). Thefirst version of
a fileset installed on a system is alwayscommitted.
SUMA (Service Update Management Assistant) is amethod to
automate the retrieval of system updatesfrom the Internet.
List all installed filesets separated by filesystem typelslpp
-l
List all installed filesets with combined filesystem infolslpp
-L
Adding the -c option will make this output scriptablein that it
will be colon delimited. See the nextexample.
List just the filesets on a systemlslpp -Lc | cut -d : -f 2
List all files in the bos.mp64 filesetlslpp -f bos.mp64
List all files in the root part of bos.rte.shelllslpp -Or -f
bos.rte.shell
List what known fileset provides kshwhich_fileset ksh
List the installed fileset that provides /usr/bin/kshlslpp -w
/usr/bin/ksh
*ksh* would have worked, but more results.
installp -acgXYd /usr/sys/inst.images \
bos.adt.insttools
The options are:-a Apply-c Commit-g Install prerequsites-X
Extend filesystems if necessary-Y Agree to licenses-d Specify a
sourcebos.adt.insttools pagkage to install
Backup the rootvgmksysb -eivX /mnt/bombay.mksysb
The options are:-e Exclude files listed in /etc/exclude.rootvg-i
Create an /image.data file-v List files as they are backed up-X
Extend /tmp if necessary/mnt/bombay.mksysb The file to create
As this command will back up all mounted filesystemsin rootvg it
is necessary to account for the potentialsize of this file. The
root user has a file size limit(fsize) and can be temporarily
disabled with ulimit-f unlimited
Command reference: installp, inutoc, lslpp, emgr,
gencopy, suma, mksysb
Users / Groups
AIX users and groups have an administrative attributethat
determines who can make changes to that user or
-
pdfcrowd.comopen in browser PRO version Are you a developer? Try
out the HTML to PDF API
that determines who can make changes to that user orgroup. Only
the root user (or equivalent RBAC role) canmodify a user or group
that has the admin attribute set.Regular, non-admin accounts, may
be modified bymembers of the security group. Non-admin groups
canhave group administrators (that are not part of thesecurity
group) that can modify the group members.
The following is a table that represents how the adminattribute
of a user/group effects who can modify thatitem:
adminattribute =
rootuser
securitygroup
users on the groupadms list
user true Yes No N/A
false Yes Yes N/A
group true Yes No No
false Yes Yes Yes
RBAC (Role Based ACcounting) is a natural maturation
from using simple SUID/SGID binaries to a more granularmethod of
granting privileges to users to accomplishtasks. Legacy RBAC was
introduced in AIX 4.2.1, and wasupgraded to Enhanced RBAC in AIX
6.1. This documentrefers to the Enhanced version of RBAC and
onlymentions Legacy RBAC in contrast where appropriate.
Legacy RBAC was a simplified method to divide root tasksinto
groups and give non-root users ability to performthose tasks. This
was done with traditional SUID/SGIDapplications that then checked
to see if the user wasassigned the privilege before the task was
attempted.As a result, it required specialized binaries that
werepotentially open to exploit because the processes theyspawned
still had effective root access. The benefit wasthe more granular
division of responsibilities that RBACpromises. Unfortunately,
Legacy RBAC was not sufficient
Relationship between RBAC files.
Create an admin group called wfavorit with GID 501
-
pdfcrowd.comopen in browser PRO version Are you a developer? Try
out the HTML to PDF API
to change many administrator's minds on the use of rootfor all
tasks administrative.
Enhanced RBAC does not rely upon SUID/SGIDapplications but
instead allows for granular permissionsbased upon the users role
membership and only thepermissions required to complete the task.
The kernelonly allows authorizations to non-root users for
veryspecific actions instead of relying on the application codeto
grant that access.
A user is assigned a role that aligns with anadministrative task
such as the ability to restart (orshutdown) the system. The role is
a grouping methodthat defines all authorizations that are required
toaccomplish that type of task. Commands, files, anddevices are
added to priv* files that define whatauthorizations are required to
perform that specific taskor access that file / device. When a
command is run, therequired authorizations are checked against
theauthorizations assigned to roles for the user running
thecommand. If the user lacks sufficient access thenpermission is
denied.
The following table lists the key configuration files in
theEnhanced RBAC system, the commands used toaccess/modify those
files and what the files are for.
user.roles chusermkuserlsuser
Provides a mapping betweenexisting users and existing roles
-both of which are definedelsewhere.
roles chrolemkrolelsrolermrole
Defines roles as either a group ofauthorizations or of
sub-roles.
authorizations mkauthchauthlsauth
Defines user created authorizations.System authorizations are
definedelsewhere.
Create an admin group called wfavorit with GID 501mkgroup -a
id=501 wfavorit
List the attributes of the just-created group wfavoritlsgroup
wfavorit
Create an admin user called wfavorit with UID 501mkuser -a
id=501 shell=/usr/bin/ksh \
home=/home/wfavorit pgrp=wfavorit \
wfavorit
Set the password for user wfavorit (run as privileged
user)pwdadm wfavorit or passwd wfavorit
Add wfavorit as member of the security groupchgrpmem -m +
wfavorit security
Make a group with wfavorit as the adminmkgroup adms=wfavorit
favorite
Make wfavorit an administrator of the proj groupchgrpmem -a +
wfavorit proj
List all users on the systemlsuser -a ALL
The -a switch lists specific attributes, but in this caseit is
empty and only the user names are displayed.See other lsuser
examples in this section for otheruses of the -a switch.
List all admin users on the systemlsuser -a admin ALL | grep
=true
List attributes for user wfavorit in a stanza formatlsuser -f
wfavorit
List login history for user wfavoritlast wfavorit
List the fsize ulimit for user wfavoritlsuser -a fsize
wfavorit
Change the file size ulimit to unlimited for wfavoritchuser
fsize=-1 wfavorit
List all groups and their IDslsgroup -a id ALL
List all members of the favorite group
-
pdfcrowd.comopen in browser PRO version Are you a developer? Try
out the HTML to PDF API
rmauth
privcmds setsecattrlssecattrrmsecattr
Lists all authorizations that arerequired for a command to
completeits task.
privfiles setsecattrlssecattrrmsecattr
Lists all authorizations that arerequired to read or write to a
file.
privdevs setsecattrlssecattrrmsecattr
Lists all authorizations that arerequired to read or write to
adevice.
The user environmental variables are stored in/etc/environment
and /etc/security/environ. Thevariables set in /etc/environment are
given to all usersand processes while the settings
in/etc/security/environ are per-user.
User limits are set for login processes from
the/etc/security/limits file. The chuser command can beused to
modify this file.
The default options for the mkuser command are stored
in/usr/lib/security/mkuser.default.
The /etc/security/passwd file is the shadow passwordfile.
The last command returns login information for thesystem (from
the /var/adm/wtmp file. The/etc/security/lastlog file contains
per-user informationon each users login attempts.
chgrpmem favorite
User / Group admin command reference: mkuser, chuser,
rmuser, lsuser, pwdadm, mkgroup, chgroup, rmgroup,lsgroup,
chgrpmem, usrck, grpck, pwdck
RBAC command reference: setkst, chrole, mkrole, lsrole,rmrole,
mkauth, chauth, lsauth, rmauth, ckauth,setsecattr, lssecattr,
rmsecattr
User command reference: users, w, who, whoami,whodo, id, chsh,
passwd, setgroups, ulimit, setsenv,last, finger
Other
Boot Process
The normal numbers represent what you see as the step cfgcon
configures console c31
-
pdfcrowd.comopen in browser PRO version Are you a developer? Try
out the HTML to PDF API
begins. The red numbers are error codes when thatcommand / step
fails. This is not a complete list of errorcodes. A more complete
set can be found in DiagnosticInformation for Multiple Bus
Systems.
Power on
Hardware initialization
Retrieve bootlist from NVRAM
Locate BLV and load into memory 20EE000B
Kernel initializes and mounts RAM FS
Phase 1 (rc.boot 1)
RAM FS is resized
Logging begins
restbase copies ODM to RAM FS 548
cfgmgr configures base devices in ODM 510
bootinfo determines boot device 511,554
Phase 2 (rc.boot 2)
ipl_varyon varies on rootvg 551,552,554,556
fsck of / 517,555
mount of / 517,557
fsck & mount of /usr 517,518
fsck & mount of /var 517,518
copycore, umount /var 517
swapon /dev/hd6 517
RAM FS version of ODM copied to/etc/objrepos
517
cfgcon configures console c31
(cfgcon exit codes. c33 is assumed here) c32, c33, or
c34
System hang detection is started c33
Graphical desktop is (optionally) started
savebase updates ODM copy on BLV 530
syncd & errdemon started
System LED is turned off
rm -f /etc/nologin
Start several optional services
log: "System initialization completed"
Phase 3 complete, init continues processinginittab
The previous boot process listing is for a normal diskboot. This
will vary for network, tape, and CD boots.Read the contents of
/sbin/rc.boot for specifics on eachboot device method and type
(normal or service).
The boot order is stored in NVRAM. The settings are setand
retrieved using the bootlist command.
The BLV (Boot Logical Volume) is /dev/hd5. It is created
/updated with the bosboot command.
bosboot updates the boot record at the start of the disk,copies
the SOFTROS from /usr/lib/boot/aixmon.chrp,copies the bootexpand
utility, copies the kernel from/unix, creates a copy of the RAM FS
from the list of filesin /usr/lib/boot/chrp.disk.proto, and creates
a baseODM.
-
pdfcrowd.comopen in browser PRO version Are you a developer? Try
out the HTML to PDF API
/etc/objrepos
RAM FS version of /dev copied to disk 517
mount /var 517,518
Actual boot log written to (from RAM FSversion)
517
rc.boot 2 is finished 553
Kernel changes root from RAM FS to disk 553
Phase 3 553
Kernel invokes init from rootvg 553
init invokes rc.boot 3 553
fsck & mount of /tmp 517,518
syncvg -v rootvg & 517
Load streams modules 517
Configure secondary dump device 517
cfgmgr -p2 (Normal) or cfgmgr -p3(Service)
517, 521-529
Continued
Layout of a bootable disk with hd5 shown.
The kernel loaded from hd5 (the BLV) is the kernel thesystem
will run under for the entirety of the boot (untilthe system is
shutdown or restarted). For this reason itis important to re-run
bosboot every time that the kernelis updated or some boot-time
kernel options are set.
This is an abbreviated list of boot codes. cfgmgr
(alone)produces numerous display messages and potentialerror codes,
far more than is practical to display here.
Command reference: bosboot, bootlist
Error Logging
AIX has three error logging and reporting methods; alog,errlog,
and syslog. The alog is an extensible collection oflogs, but
primarily is used for boot and console logging.errlog is used
primarily for system and hardwaremessages. syslog is the
traditional logging method.
HMC managed systems will also have a log of serviceableevents
relating to all systems on that HMC.
Both errpt and alog keep binary circular logs. For thisreason,
neither requires the rotation process that isused for syslog
logs.
A curses based error log browser can be found locally on
Write a message to the errlogerrlogger "This is not
Solaris!"
Display the entire contents of the errlogerrpt
Add -a or -A for varying levels of verbosity.Clear all entries
from the errlogerrclear 0
Clear all entries from the errlog up to 7 days agoerrclear 7
List info on error ID FE2DEE00errpt -aDj FE2DEE00
-
pdfcrowd.comopen in browser PRO version Are you a developer? Try
out the HTML to PDF API
the errbr page. The AIX syslog.conf uses *.debug for all, not
*.* The following alog examples use the boot log as an
example. These examples are transferable to any of theother
existing logs as well as those created in additionto the AIX
supplied logs.
List all logs alog knows aboutalog -L
Dump the contents of the boot log to stdoutalog -o -t boot
Send the current date to the boot logdate | alog -t boot
Increase the size of the boot log to twice the default.alog -C
-t boot -s 8192
Note: This changes the definition in the ODM, thesize will be
applied the next time that the log is re-created.
Clear the boot logrm /var/adm/ras/bootlog
echo "boot log cleared on `date`" \
| alog -t boot
Find the current alog file size setting for the boot logodmget
-q attribute="boot_logsize" \
SWservAt
errpt -aDj FE2DEE00
The ID is from the IDENTIFIER column in errptoutput.
Put a "tail" on the error logerrpt -c
List all errors that happened todayerrpt -s `date
+%m%d0000%y`
List all errors on hdisk0errpt -N hdisk0
To list details about the error log/usr/lib/errdemon -l
To change the size of the error log to 2 MB/usr/lib/errdemon -s
2097152
syslog.conf line to send all messages to a log file*.debug
/var/log/messages
syslog.conf line to send all messages to error log*.debug
errlog
Command reference: alog, errpt, errlogger, errdemon,
errclear
WPAR
WPARs (Workload PARtitions) are an AIX 6.1 feature thatcan be
used to capture a process tree and lock it into itsown environment.
An AIX system can host multipleWPARs that each appear to be nearly
identical to aregular system. All processes in the WPAR are subject
tothe environment of that WPAR such as devices,
Create the rudra WPAR with default optionsmkwpar -n rudra
This command will pull the IP configuration for rudafrom DNS.
Naturally, rudra must be defined in DNSfor the global environment
to find.
Start the rudra WPAR
-
pdfcrowd.comopen in browser PRO version Are you a developer? Try
out the HTML to PDF API
filesystems, configurations, and networking unique tothat
WPAR.
There are two types of WPARs, system and application.The key
differences are that a system WPAR begins atthe init process while
an application WPAR begins atthe application process and the system
WPAR hasdedicated file systems while the application may not.System
WPARs can be "sparse" or "whole root" but it isthe application WPAR
that is most different from theother container implementations.
The hosting AIX system is called the "globalenvironment". The
key differences in the globalenvironment is that it runs the
kernel, owns the devices,and can host WPARs. Significant effort has
been takenfor the user environment of a WPAR to beindistinguishable
from the global environment. That said,the administrator needs to
be aware of whatenvironment she is in to perform various tasks.
Because of the limited and contextually relevantadministrative
environment of a WPAR, some commandsbehave differently than others
when run in a WPAR orthe global environment. Generally speaking,
the morelower level the command, the more appropriate it is torun
in the global environment. One example ofadministration tasks most
appropriate for the globalenvironment is device management
commands. While a(system) WPAR has devices, the devices in a WPAR
aremuch different than those in the global environment.
WPARs are started from /etc/inittab with the/etc/rc.wpars
script, using the configuration informationin /etc/wpars/.
By default, the root filesystems of sytem WPARs arecreated in
/wpars/WPAR_name/. The filesystems arebrowsable by (properly
permissioned) users of the globalenvironment. Users in a WPAR
cannot see filesystems of
Start the rudra WPARstartwpar -v rudra
Log into the console of rudraclogin rudra -l root
Create indra WAPR with useful optionsmkwpar -A -n indra -r -s
-v
-A = Start automatically on system boot. -n name = Workload
partition name. -r = Copy global network name resolution
configuration
into the workload partition. -s = Start after creation. -v =
Verbose mode.
Create a WPAR on a dedicated VGmkwpar -n varuna -A -g varuna_vg
\
-r -s -v
If a VG or other filesystem options are not suppliedthen the
filesystems for a system WPAR will becreated from LVs on the
rootvg. This command usesa dedicated VG called varuna_vg. The /usr
and /optfilesystems will still be shared with the global WPARand
therefore will still come from rootvg but will nottake any
additional space. If the -l option was usedin the above command
then a new /usr and /optwould have been created for this WPAR using
thespecified VG.
Create an additional fs on dedicated VGcrfs -v jfs2 -g varuna_vg
\
-m /wpars/varuna/data01 -u varuna \
-a size=100M
This command is run from the global environment.The mount point
is within the varuna root filesystem(/wpars/varuna) so that it can
be seen by the varunaWPAR. The -u varuna option specifies this fs
as partof the varuna mount group so that it will be mountedwhen
varuna starts.
-
pdfcrowd.comopen in browser PRO version Are you a developer? Try
out the HTML to PDF API
other WPARs. By default the /usr, /opt, and /proc filesystems of
a
system WPAR are shared with the global environment viaa
read-only "namefs" vfs type. (/proc is mounted read-write in each
of the non-global WPARs.) As a result,software and updates cannot
be applied to these read-only WPAR views of the filesystems from
the WPAR.Filesystems that are local to the WPAR (such as /home,
/,/tmp, and /var) can be modified from within the WPAR.Examples in
this section show the default read-only andalternate options for
these filesystems.
Some options for system WPAR filesystems include: Using a
dedicated VG or external NFS mount for WPAR
filesystems. (Unless otherwise specified, system WPARfilesystems
are created from rootvg.)
Using a single LV for all local filesystems. (The
defaultfilesystem layout is similar to traditional AIX installs
inthat it will be broken into multiple LVs / filesystems.)
Creating a dedicated (local copy) of the /usr and /opt
filesystems. (In the default filesystem setup /home, /, /tmp,and
/var are unique to the WPAR while /usr and /optare views on the
actual file systems in the globalenvironment.)
Creating additional filesystems dedicated to the WPAR.(This can
take the form of a NFS mount or a dedicatedfilesystem just for the
WPAR.)
A number of commands support a new -@ flag for WPARrelated
output. The required parameters and output ofthe -@ flag varies by
command, and what environmentthe command is run in (WPAR or
global).
A system WPAR is started and stopped much like aseparate OS with
the startwpar and stopwparcommands. These act effectively as boot
and shutdownoperations. The shutdown will be the most familiar,
whilethe boot operation is significantly different from booting
Remove the varuna WPARrmwpar -s varuna
-s stops it first, -p preserves the filesystems. (In thiscase we
delete the underlying filesystems.)
Create a WPAR with mount optionsmkwpar -n varuna -r -s \
-M directory=/ vfs=nfs \
dev=/varuna_nfs host=shiva \
-M directory=/var vfs=directory \
-M directory=/home vfs=directory \
-M directory=/tmp vfs=directory \
-M directory=/usr vfs=directory \
-M directory=/opt vfs=directory
The mkwpar command in this example uses a remoteNFS share to
host the filesystems for this systemWPAR. It also specifies that
each of the regularmount points will instead be directories and
notmounts. The resulting WPAR will have only twomount points, one
for the / filesystem and one forthe /proc filesystem. The NFS mount
in this examplemust be root mountable by both the globalenvironment
and the system WPAR. An example ofthe actual (but temporary) NFS
share is given in theNFS section above.
List all WPARs on the systemlswpar
Default output will include Name, State, Type,Hostname, and
Directory. Valid types are S (System),A (Application) and C
(Checkpointable).
Determine if you are in global WPARuname -W
This command will print 0 to stdout and return 0 if ina global
environment, and give non-zero values if ina system WPAR. Another
method is to look for the
-
pdfcrowd.comopen in browser PRO version Are you a developer? Try
out the HTML to PDF API
the boot operation is significantly different from bootinga
system. Instead of bootstrapping the system from adisk, the WPAR
startup process involves bringing onlineall the required
filesystems, changing to that rootfilesystem / environment, and
then picking up the bootprocess at init. (This is a simplistic
treatment of theprocess designed to illustrate the difference from
asystem boot of something like a LPAR in a
virtualizedenvironment.)
Application WPARs are not started like a system WPAR. Itis more
appropriate to describe them as being executedin a different
context. Application WPARs can see theglobal environment
filesystems and devices, they inheriteverything not explicitly set
by the wparexec command.The large majority of examples and
discussion in thissection refer to system WPARs.
The Solaris implementation of containers offers acommand called
zonename that tells what zone the user isin. It works like the
hostname command when run from azone but returns the word "global"
when run from theglobal environment. AIX provides the uname -W to
tell ifyou are in a WPAR or not. I have included the logic(script)
to create a wparname command that tells if youare in a WPAR as well
as the hostname of the WPAR (likethe zonename command).
#!/bin/sh
if (( `uname -W > /dev/null 2>&1` ))then echo
"global"else hostnamefi
Sample source of wparname command.
wio0 device in lsdev output - wio0 only exists in asystem
WPAR.
List WPARs with (basic) network configurationlswpar -N
Change rudra WPAR to start on system bootchwpar -A rudra
List all processes in the indra WPAR from globalps -ef@
indra
List ports / connections for the global environmentnetstat -naf
inet -@ Global
Run in global environmnet.Stop WPAR rudra from globalstopwpar -v
rudra
Start apache in an application WPARwparexec -n varuna \
/usr/sbin/apachectl start &
In this example varuna is defined in DNS. Becausethe -h flag is
not used, the hostname will default tothe WPAR name, and will pull
IP configuration fromDNS for that host. Subnet mask, name
resolution,and all other settings will be inherited from
theappropriate interface in the Global environment.
Command reference: mkwpar, chwpar, lswpar, rmwpar,
startwpar, stopwpar, wparexec, rebootwpar, syncwpar,syncroot
-
pdfcrowd.comopen in browser PRO version Are you a developer? Try
out the HTML to PDF API
About this QuickStart
Created by: William Favorite ([email protected]) Updates
at: http://www.tablespace.net/quicksheet/ Disclaimer: This document
is a guide and it includes no express warranties to the
suitability, relevance, or compatibility of its contents with
anyspecific system. Research any and all commands that you inflict
upon your command line. Distribution:Copies of this document are
free to redistribute as long as credit to the author and
tablespace.net is retained in the printed andelectronic
versions.