번호   제목 닉네임 조회 등록일
Notice [공지] 게시자료 열람자유. 불펌금지입니다. imagefile
조인상
67427 2010-12-07
215 MegaCli Common Commands and Procedures
ischo
1133 2017-04-06
원문 : http://www.ischo.net -- 조인상 //시스템 엔지니어 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ MegaCli Common Commands and Procedures General Parameters Adapter parameter -aN The parameter -aN (where N is a number starting with zero or the string ALL) specifies the adapter ID. If you have only one controller it’s safe to use ALL instead of a specific ID, but you’re encouraged to use the ID for everything that makes changes to your RAID configuration. Physical drive parameter -PhysDrv [E:S] For commands that operate on one or more pysical drives, the -PhysDrv [E:S] parameter is used, where E is the enclosure device ID in which the drive resides and S the slot number (starting with zero). You can get the enclosure device ID using MegaCli -EncInfo -aALL. The E:S syntax is also used for specifying the physical drives when creating a new RAID virtual drive (see 5). Virtual drive parameter -Lx The parameter -Lx is used for specifying the virtual drive (where x is a number starting with zero or the string all). Running the executable can be accomplished by: shell> /opt/MegaRAID/MegaCli/MegaCli <cmd>or shell> cd /opt/MegaRAID/MegaClishell> ./MegaCli <cmd> Gather information Controller information MegaCli -AdpAllInfo -aALL MegaCli -CfgDsply -aALL MegaCli -adpeventlog -getevents -f lsi-events.log -a0 -nolog Enclosure information MegaCli -EncInfo -aALL Virtual drive information MegaCli -LDInfo -Lall -aALL Physical drive information MegaCli -PDList -aALL MegaCli -PDInfo -PhysDrv [E:S] -aALL Battery backup information (Cisco MSPs do not have the battery backup unit installed, but in case yours has one) MegaCli -AdpBbuCmd -aALL Check Battery backup warning on boot. If this is enabled on an MSP, it will require manual intervention every time the system boots MegaCli -AdpGetProp BatWarnDsbl -a0 Controller management Silence active alarm MegaCli -AdpSetProp AlarmSilence -aALL Disable alarm MegaCli -AdpSetProp AlarmDsbl -aALL Enable alarm MegaCli -AdpSetProp AlarmEnbl -aALL Disable battery backup warning on system boot MegaCli -AdpSetProp BatWarnDsbl -a0 Change the adapter rebuild rate to 60%: MegaCli -AdpSetProp {RebuildRate -60} -aALL Virtual drive management Create RAID 0, 1, 5 drive MegaCli -CfgLdAdd -r(0|1|5) [E:S, E:S, ...] -aN Create RAID 10 drive MegaCli -CfgSpanAdd -r10 -Array0[E:S,E:S] -Array1[E:S,E:S] -aN Remove drive MegaCli -CfgLdDel -Lx -aN Physical drive management Set state to offline MegaCli -PDOffline -PhysDrv [E:S] -aN Set state to online MegaCli -PDOnline -PhysDrv [E:S] -aN Mark as missing MegaCli -PDMarkMissing -PhysDrv [E:S] -aN Prepare for removal MegaCli -PdPrpRmv -PhysDrv [E:S] -aN Replace missing drive MegaCli -PdReplaceMissing -PhysDrv [E:S] -ArrayN -rowN -aNThe number N of the Array parameter is from the "Span Reference:" line you get using MegaCli -CfgDsply -aALL, minus the 0x0 part. For VSM systems it's normally 0. The number N of the row parameter is the Physical Disk in that span or array starting with zero (it can be but is not always the physical disk’s slot!). Rebuild drive - Drive status should be "Firmware state: Rebuild" MegaCli -PDRbld -Start -PhysDrv [E:S] -aN MegaCli -PDRbld -Stop -PhysDrv [E:S] -aN MegaCli -PDRbld -ShowProg -PhysDrv [E:S] -aN MegaCli -PDRbld -ProgDsply -physdrv [E:S] -aNClear drive MegaCli -PDClear -Start -PhysDrv [E:S] -aN MegaCli -PDClear -Stop -PhysDrv [E:S] -aN MegaCli -PDClear -ShowProg -PhysDrv [E:S] -aNBad to good MegaCli -PDMakeGood -PhysDrv[E:S] -aN Changes drive in state Unconfigured-Bad to Unconfigured-Good. Hot spare management Set global hot spare MegaCli -PDHSP -Set -PhysDrv [E:S] -aNRemove hot spare MegaCli -PDHSP -Rmv -PhysDrv [E:S] -aNSet dedicated hot spare MegaCli -PDHSP -Set -Dedicated -ArrayN,M,... -PhysDrv [E:S] -aN Walkthrough: Rebuild a Drive that is marked 'Foreign' when Inserted: Bad to good MegaCli -PDMakeGood -PhysDrv [E:S] -aALLClear the foreign setting MegaCli -CfgForeign -Clear -aALLSet global hot spare MegaCli -PDHSP -Set -PhysDrv [E:S] -aNWalkthrough: Change/replace a drive 1. Set the drive offline, if it is not already offline due to an error MegaCli -PDOffline -PhysDrv [E:S] -aN2. Mark the drive as missing MegaCli -PDMarkMissing -PhysDrv [E:S] -aN3. Prepare drive for removal MegaCli -PDPrpRmv -PhysDrv [E:S] -aN4. Change/replace the drive 5. If you’re using hot spares then the replaced drive should become your new hot spare drive MegaCli -PDHSP -Set -PhysDrv [E:S] -aN6. In case you’re not working with hot spares, you must re-add the new drive to your RAID virtual drive and start the rebuilding MegaCli -PdReplaceMissing -PhysDrv [E:S] -ArrayN -rowN -aN MegaCli -PDRbld -Start -PhysDrv [E:S] -aNGathering Standard logs On every instance of a hard drive problem with an MSP server, we need to run the following commands to have any information about the problem: shell> rm –f MegaSAS.log shell> /opt/MegaRAID/MegaCli/MegaCli -adpallinfo -a0 shell> /opt/MegaRAID/MegaCli/MegaCli -encinfo -a0 shell> /opt/MegaRAID/MegaCli/MegaCli -ldinfo -lall -a0 shell> /opt/MegaRAID/MegaCli/MegaCli -pdlist -a0 shell> /opt/MegaRAID/MegaCli/MegaCli -adpeventlog -getevents -f lsi-events.log -a0 -nolog shell> /opt/MegaRAID/MegaCli/MegaCli -fwtermlog -dsply -a0 -nolog > lsi-fwterm.logCollect the MegaSAS.log, lsi-events.log, and the lsi-fwterm.log files from the directory where the commands are run (they can be run from any directory on the MSP server) and attach the logs to the service request. You may use a program such as WinSCP (freeware) to pull the files off of the server.
214 SAS RAID controller for AIX file
ischo
2334 2017-02-03
원문 : http://www.ischo.net -- 조인상 //시스템 엔지니어 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ SAS RAID controller for AIX IBM pSeries 용 PCI-X SAS RAID card용 지침서 및 유지보수 문서 : 첨부파일 참조 RAID정보 확인용 RAID contoller Command 형식 ) # sissasraidmgr -L -j1 -l <장치명> 예) # sissasraidmgr -L -j1 -l sissas0
213 AIX 환경에서 TCP dump 뜨기
ischo
12631 2014-12-04
원문 : http://www.ischo.net -- 조인상 //시스템 엔지니어 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ <CASE> 서버 : 192.168.0.1 Client : 192.168.0.2 Client 에서 서버로 telnet 접속시 들어오는 패킷들을 dump 뜨고자 함. 사용 명령어 iptrace / ipreport iptrace Daemon Purpose Provides interface-level packet tracing for Internet protocols. Syntax /usr/sbin/iptrace [ -a ] [ -b ][ -e ] [ -u ] [ -PProtocol_list ] [ -iInterface ] [ -pPort_list ] [ -sHost [ -b ] ] [ -dHost ] [ -L Log_size ] [ -B ] [ -T ] [ -S snap_length] LogFile ipreport Command Purpose Generates a packet trace report from the specified packet trace file. Syntax /usr/sbin/ipreport [ -e ] [ -r ] [ -n ] [ -s ] LogFile /usr/sbin/ipreport [ -C ] [ -e ] [ -n ] [ -r ] [ -s ] [ -S ] [ -v ] [-x ] [ -1 ] [ -N ] [ -T ] [ -c count ] [ -j pktnum ] [ -X bytes ] tracefile Description The /usr/sbin/ipreport command generates a trace report from the specified trace file created by the iptrace command. The LogFile parameter specifies the name of the file containing the results of the Internet Protocol trace. This file is created by the iptrace command. 192.168.0.2 호스트로 en0 인터페이스를 통하여 23번 포트로 통신하는 패킷을 tcpdump.bin 으로 저장한다. # iptrace -b -s 192.168.0.2 -i en0 -p 23 tcpdump.bin [20906126] 위 명령어의 결과 background 로 동작하며 덤프를 저장한다. # ps -ef | grep iptrace root 8978508 20971746 0 23:35:47 pts/1 0:00 grep iptrace root 20906126 1 0 23:35:23 - 0:00 iptrace -b -s 192.168.0.2 -i en0 -p 23 tcpdump.log dump 중단시 kill # kill -9 20906126 binary 형식인 tcpdump.bin 파일을 ACSII 형태로 바꾸고자 할때 # ipreport tcpdump.bin > tcpdump.txt
212 AIX에서 시스템의 hostname 변경하기
ischo
24038 2013-04-30
원문 : http://www.ischo.net -- 조인상 //시스템 엔지니어 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ AIX에서 시스템의 hostname 변경하기 1. inet0 장치의 hostname을 ODM에 영구히 적용하기 # chdev -l inet0 -a hostname=신규호스트네임 or # smitty hostname 2. uname의 hostname을 변경하기 # uname -S 신규호스트네임 or # /etc/rc.net 실행 * hostname을 변경하더라도 uname의 결과값은 바뀌지 않는다. 이는 /etc/rc.net 에서 uname -S 가 실행되기 때문인데, 이를 위해서 해주는 작업이다. 각종 라이센스류의 결과값은 이 uname의 결과를 따른다. 3. 현재 운영값만 변경하기 # hostname 신규호스트네임 4. 신규호스트네임을 반영하기 위하여 /etc/hosts 파일을 변경하기 # vi /etc/hosts 5. 해당되는 경우 DNS 변경
211 kill 과 함께 쓰이는 SIGNAL NUMBER 들
ischo
18280 2013-02-15
원문 : http://www.ischo.net -- 조인상 //시스템 엔지니어 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ /usr/include/sys/signal.h 파일에서 정의됨. /* * valid signal values: all undefined values are reserved for future use * note: POSIX requires a value of 0 to be used as the null signal in kill() */ #define SIGHUP 1 /* hangup, generated when terminal disconnects */ #define SIGINT 2 /* interrupt, generated from terminal special char */ #define SIGQUIT 3 /* (*) quit, generated from terminal special char */ #define SIGILL 4 /* (*) illegal instruction (not reset when caught)*/ #define SIGTRAP 5 /* (*) trace trap (not reset when caught) */ #define SIGABRT 6 /* (*) abort process */ #define SIGEMT 7 /* EMT intruction */ #define SIGFPE 8 /* (*) floating point exception */ #define SIGKILL 9 /* kill (cannot be caught or ignored) */ #define SIGBUS 10 /* (*) bus error (specification exception) */ #define SIGSEGV 11 /* (*) segmentation violation */ #define SIGSYS 12 /* (*) bad argument to system call */ #define SIGPIPE 13 /* write on a pipe with no one to read it */ #define SIGALRM 14 /* alarm clock timeout */ #define SIGTERM 15 /* software termination signal */ #define SIGURG 16 /* (+) urgent contition on I/O channel */ #define SIGSTOP 17 /* (@) stop (cannot be caught or ignored) */ #define SIGTSTP 18 /* (@) interactive stop */ #define SIGCONT 19 /* (!) continue (cannot be caught or ignored) */ #define SIGCHLD 20 /* (+) sent to parent on child stop or exit */ #define SIGTTIN 21 /* (@) background read attempted from control terminal*/ #define SIGTTOU 22 /* (@) background write attempted to control terminal */ #define SIGIO 23 /* (+) I/O possible, or completed */ #define SIGXCPU 24 /* cpu time limit exceeded (see setrlimit()) */ #define SIGXFSZ 25 /* file size limit exceeded (see setrlimit()) */ #define SIGMSG 27 /* input data is in the ring buffer */ #define SIGWINCH 28 /* (+) window size changed */ #define SIGPWR 29 /* (+) power-fail restart */ #define SIGUSR1 30 /* user defined signal 1 */ #define SIGUSR2 31 /* user defined signal 2 */ #define SIGPROF 32 /* profiling time alarm (see setitimer) */ #define SIGDANGER 33 /* system crash imminent; free up some page space */ #define SIGVTALRM 34 /* virtual time alarm (see setitimer) */ #define SIGMIGRATE 35 /* migrate process */ #define SIGPRE 36 /* programming exception */ #define SIGVIRT 37 /* AIX virtual time alarm */ #define SIGALRM1 38 /* m:n condition variables - RESERVED - DON'T USE */ #define SIGTALRM 38 /* per-thread alarm clock */ #define SIGWAITING 39 /* m:n scheduling - RESERVED - DON'T USE */ #define SIGSYSERROR 48 /* kernel error */ #define SIGRECOVERY 49 /* kernel recovery occurring */ /* * Signals 50 to 57 are assigned to POSIX real-time signals. * See SIGRTMIN and SIGRTMAX below. */ #define SIGRECONFIG 58 /* Reserved for Dynamic Reconfiguration Operations */ #define SIGCPUFAIL 59 /* Predictive De-configuration of Processors - */ /* RESERVED - DON'T USE */ #define SIGKAP 60 /* keep alive poll from native keyboard */ #define SIGGRANT SIGKAP /* monitor mode granted */ #define SIGRETRACT 61 /* monitor mode should be relinguished */ #define SIGSOUND 62 /* sound control has completed */ #define SIGSAK 63 /* secure attention key */
210 AIX에서 process 당 thead 개수 (maximum number of thread per process)
ischo
20720 2013-02-05
원문 : http://www.ischo.net -- 조인상 //시스템 엔지니어 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ /usr/include/pthread.h 파일의 내용을 확인 /* PTHREAD_THREADS_MAX has the same value as PTHREAD_THREADS_MAX in limits.h */ #ifdef PTHREAD_THREADS_MAX #undef PTHREAD_THREADS_MAX #endif #ifndef PTHREAD_THREADS_MAX #ifdef _LARGE_THREADS #define PTHREAD_THREADS_MAX 32767 #else #define PTHREAD_THREADS_MAX 512 #endif #endif PTHREAD_THREADS_MAX 값으로 확인할 수 있으며 limits.h 안의 PTHREAD_THREADS_MAX 값과 같다고 되어있다. 단지 파일내용을 보면 # 와 같이 remark 처리되어있는데 이는 AIX 6.1 부터는 ulimit 명령어로 직접 수정이 가능해졌기 때문이다. 이전 버전에서는 AIX 5.1 ~ 5.3 : 32767 이 기본값으로 지정되어있으며, AIX 6.1의 기본값은 32768 이다.
209 AIX 6.1에 Apache 설치하기
ischo
26300 2013-01-31
원문 : http://www.ischo.net -- 조인상 //시스템 엔지니어 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ AIX 6.1 기준 apache 설치법(source compile) 1. compile 할 것이므로 먼저 AIX용 Linux Toolbox를 다운로드한다. ULR : http://www-03.ibm.com/systems/power/software/aix/linux/toolbox/ezinstall.html 필요 패키지 ./autoconf-2.59-1.aix5.1.noarch.rpm ./automake-1.8.5-1.aix5.1.noarch.rpm ./gcc-4.2.0-3.aix6.1.ppc.rpm ./gcc-cplusplus-4.2.0-3.aix6.1.ppc.rpm ./libgcc-4.2.0-3.aix6.1.ppc.rpm ./libstdcplusplus-4.2.0-3.aix6.1.ppc.rpm ./libstdcplusplus-devel-4.2.0-3.aix6.1.ppc.rpm ./libtool-1.5.8-2.aix5.1.ppc.rpm ./make-3.80-1.aix5.1.ppc.rpm ./m4-1.4.1-1.aix5.1.ppc.rpm 2. rpm 패키지 설치 # rpm -Uvh 파일명.rpm 위 rpm 패키지들을 모두 설치한다. 의존성이 있는 패키지는 선행 패키지를 먼저 설치한후에 설치한다. 3. apache 소스를 다운받는다. http://www.apache.org 4. 다운받은 소스를 압축해제 # gzip -d httpd-2.2.23.tar.gz # tar xf httpd-2.2.23.tar 5. apache 설치 # ./configure --prefix=/usr/local/apache2 \ --enable-module=rewrite \ --enable-module=so \ --enable-module=shared \ --enable-so=rewrite \ --enable-module=proxy \ --enable-so=proxy# make # make install 6. 아파치 설치후 세팅 # cd /usr/local/apache2/conf # vi httpd.conf 여기서 기본설정을 해주는데, 기본으로 user,group이 daemon으로 되어있는데, AIX에는 daemon계정이 없으므로 적당한 계정으로 설정해준다(root는 허용되지 않는다. 적당한 일반계정을 추가하여 설정해준다) 7. test # /usr/local/apache2/bin # ./apachectl start 웹브라우저에서 확인.
208 AIX 시스템상의 core수 확인하기
ischo
40555 2013-01-09
원문 : http://www.ischo.net -- 조인상 //시스템 엔지니어 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ core개수 확인 # lsdev -Cc processor 여기에 나온 프로세서가 실제 core개수 이 코어들이 SMT(Simultaneous Multi Threading)로 인하여 다중의 Thread로 나뉘게 된다. SMT정보 확인 # smtctl # lsattr -El proc0 현재 OS에서 사용가능한 프로세서개수 확인하기 # bindprocessor -q
207 named 1분 간격으로 검사하여 살리는 스크립트
ischo
17321 2012-12-26
원문 : http://www.ischo.net -- 조인상 //시스템 엔지니어 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ #!/bin/ksh ########################################################### # script by ischo # http://www.ischo.net # chosim1@naver.com # Shell script : Check named alive & start that if it dead. ########################################################### TTIME=`date +%H:%M:%S` DDATE=`date +%Y%m%d` PROG_HOME=/home/admin/chk_named LOGFILE=${PROG_HOME}/chk_named.log DAEMON_NAME=/usr/sbin/named echo "${DDATE} ${TTIME} SHELL START!" >> ${LOGFILE} while [ 0 ]; do NAMED_STATUS=`ps -ef | grep ${DAEMON_NAME} | grep -v grep | wc -l` if [ ${NAMED_STATUS} -eq 1 ]; then sleep 60 else TTIME=`date +%H:%M:%S` DDATE=`date +%Y%m%d` stopsrc -s named sleep 1 startsrc -s named echo "${DDATE} ${TTIME} named restarted." >> ${LOGFILE} echo >> ${LOGFILE} fi done
206 AIX 튜닝포인트 - CPU,MEM,VG + FAQ
ischo
25070 2012-11-20
원문 : http://www.ischo.net -- 조인상 //시스템 엔지니어 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1. CPU 튜닝 1-1. CPU 스케줄링 튜닝 - 기본적으로 튜닝할 필요가 없음. - polling등을 하는 프로세스의 응답시간 단축을 위해 할 수 있는 튜닝 # schedo –p –o smt_snooze_delay=-1 :: smt_snooze_delay 값에 지정된 시간동안 CPU 부하가 없을 경우 SMT thread가 snooze 상태로 들어가는 것을 의미함. -1 값은 disable을 의미하며 이 경우 SMT thread가 항상 깨어있게됨. micro-partition 처럼 공유 CPU pool 을 사용하는 시스템에서는 사용하지 않는 것이 좋음. 공유CPU가 아닌 전용 CPU가 될 것이기 때문에... - Power7에서는 smt_snooze_delay를 무조건 0 으로 놓아야 함. 성능악화됨. 1-2. CPU folding 이슈 - CPU folding : 선택된 가상 CPU에 물리적 core의 computing power를 몰아줘서 성능을 높일 수 있음 # schedo –p –o vpm_xvcpus=0 으로 활성화 가능 (default) - 그러나 ORACLE, Sybase 등에서는 CPU folding 으로 인한 성능악화로 비활성화 할것을 권고. # schedo –p –o vpm_xvcpus=-1 으로 비활성화 2. MEM 튜닝 2-1. 파일시스템 캐시쪽으로 메모리가 몰려 어플리케이션 구동에 필요한 메모리가 부족해 지는 이슈 - AIX 5.3 까지의 default 값에 의하여 : minperm% = 20 : maxperm% = 80 : maxclient% = 80 : strict_maxperm = 0 : strict_maxclient = 1 : lru_file_repage = 1 : page_steal_method = 0 파일시스템 I/O가 많이 발생할 경우 파일시스템 캐시를 위한 메모리가 많이 사용되어 정작 어플리케이션 등이 사용해야할 메모리가 부족한 일이 발생하게 됨. 이를 방지하기 위하여 강제로 파일시스템캐시로 사용할 메모리영역을 제한함으로써 메모리를 확보할 수 있음. 대개 아래와 같은 권장값으로 구현. # vmo –p –o maxclient%=20 –o maxperm%=20 –o minperm%=10 –o lru_file_repage=0 ///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// - AIX 6.1 에서부터 나온 신규 방식에서는 파일캐시와 연산용 메모리 풀을 별도로 관리함. 이 방식에서는 연산용 메모리가 전체 메모리의 97% 이상을 사용하지 않는 한 페이징스페이스 out이 발생하지 않게됨. - lru_file_repage 값이 1이면 파일캐시/연산용메모리 중에서 많이 사용하는 쪽에 우선권을 주고, 0이면 연산용메모리에 우선권을 줌. - page_steal_method 값이 0 이면 파일캐시와 연산용메모리를 하나의 풀에서 관리, 1이면 별도의 풀에서 각각 관리. - 다음 명령어로 구현할 수 있음. # vmo –p –o maxclient%=90 –o maxperm%=90 –o minperm%=3 –o lru_file_repage=0 # vmo –r –o page_steal_method=1 (리부팅 필요) 3. VG 이슈 - VG 별 사양 Standard VG BIG VG Scalable VG MAX PVs 32 128 1024 MAX LVs 255 511 4095 MAX active VGs 255 255 255 LVM 작업속도 fast slow slow (by number of LVs) * LVM 작업속도란 lvcreate 등의 LVM관련 작업에 대한 속도로써 파일시스템 I/O속도를 의미하는것이 아님. * BIG VG에서 raw-device를 사용하기 위해 mklv 옵션에 -TO 를 사용하게 되어있는데 이는 BIG VG 설계시 오라클을 위한 옵션으로 Standard VG나 Scalable VG에서는 사용할 필요 없음. - 특별한 이유가 없는한 Scalaeble VG를 사용하는 것이 좋음. 4. 네트웍 튜닝 4-1. 기본 네트웍 파라미터 조정 - 기본적으로는 기본값으로 운영하는 것이 좋으나, 웹서버 등 집중된 부하를 사용하는 서버들을 위하여 다음의 값들을 조정하여 사용. # no –p –o tcp_recvspace = 65536 –o tcp_sendspace = 131072 –o udp_recvspace = 655360 –o udp_sendspace = 65536 –o rfc1323 = 1 –o tcp_nodelayack=1 –o tcp_nagle_limit=0 - 10Gbit Ethernet의 경우는 좀 더 큰 값으로 조정함. # chdev –l en# -a tcp_recvspace=655360 -a tcp_sendspace=262144 –a tcp_nodelay=1 -o rfc1323=1 - 시세 서버와 같이 균일한 브로드캐스팅 성능이 필요한 경우 ethernet 에서 과도한 버퍼링을 하지 않도록 다음과 같이 조정. 버퍼링을 작게 해줌으로써 데이터가 밀려있다가 한번에 내려오는 현상을 방지하는 튜닝. # chdev -l ent# -a large_send=no -a chksum_offload=no -a tx_que_sz=4096 -a txdesc_que_sz=256 –P # no –p –o udp_recvspace=42080 –o udp_sendspace=9216 –o tcp_nodelayack=1 4-2. 방화벽/L4 사이의 서버에서 에러가 발생할 경우 - 대부분의 트랜잭션 처리 어플리케이션에서는 connection pool을 이용하여 기존 접속된 connection을 ESTABLISHED 상태에 두고 데이터를 전송함 (TCP OPEN/CLOSE 단계를 거치지 않아도 되므로 유리) - ESTABLISHED에서 CLOSE 가 될때까지의 시간은 tcp_keepidle, tcp_keepcnt, tcp_keepintvl 파라미터로 조정가능함. - L4 등의 네트웍스위치 밑에서 두개의 서버가 운영중인 경우 각 서버에서 설정된 tcp_keepidle 보다 L4에서 설정된 tcp_keepidle 값이 더 짧을 경우 서버에서는 ESTABLISHED 되어있는 소켓이 L4에서는 먼저 CLOSE되어 끊어져버리는 경우가 발생할 수 있음. - 이 경우 서버의 tcp_keepidle 값을 L4 보다 낮게 잡아주어야 함. # no -p -o tcp_keepidle=1080 -o tcp_keepcnt=4 -o tcp_keepintvl=10 (default) tcp_keepcnt = 8  probe 발송 회수 tcp_keepidle = 14400  idle 유지 기간 (half second) tcp_keepintvl = 150  probe 발송 주기 (half second) 5. TimeZone - AIX 6.1 에서 새로 변경된 Timezone 설정에 버그가 존재. - 이상이 있을 경우 AIX 5.3 과 동일한 방법으로 설정하면 됨. # smitty chtz_date Standard Time ID(only alphabets) --> KORST Standard Time Offset from CUT([+|-]HH:MM:SS) ---> -9 로 설정. 나머지는 그대로 둠. [ 재부팅 필요 ] 6. 기타 FAQ - SMT 기능을 사용하면 성능이 향상? SMT는 CPU 사용률 (특히 logical CPU 사용률)이 대략 40~50%를 넘어설 때부터 본격적으로 성능 향상 효과를 발휘. SMT의 성능 향상 효과는 최대 60%까지이지만, 이는 application 특성과 시스템 환경에 따라 변화. - AIX OS에서만 12GB의 메모리를 잡아먹음? 실제로 kernel heap, other kernel segments 에서 12GB의 메모리를 사용함. Lab의 설명: 주로 process and thread tables, i/o buffers, pinned code, kernel data structures, filesystem metadata, RAS requirement에서 사용함. : device가 많거나 I/O가 심하거나, 물리메모리가 많을 경우 kernel 메모리 사용이 증가함. : 12GB이상의 많은 메모리가 OS가 먹는 것은 설정이 잘못됨이 아니라 정상.
205 lsof 설치 없이 해당 포트를 열고 있는 프로세스 확인하는 법
ischo
24130 2012-10-17
원문 : http://www.ischo.net -- 조인상 //시스템 엔지니어 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1. 열고있는 포트번호 조회. 21번 포트를 열고 있는 프로세스를 조회하고 싶을 경우. [root :/]# netstat -anA | grep LISTEN f1000d0001bed390 tcp 0 0 *.21 *.* LISTEN f1000d00002e3390 tcp4 0 0 *.22 *.* LISTEN f1000d0002a7ab90 tcp4 0 0 *.80 *.* LISTEN f1000d0000458390 tcp4 0 0 *.111 *.* LISTEN f1000d0002776390 tcp4 0 0 *.443 *.* LISTEN 위의 결과에서 f1000d0001bed390 는 소켓주소임. 2. 소켓주소로부터 PID 조회 [root :/]# rmsock f1000d0001bed390 tcpcb The socket 0x1bed000 is being held by proccess 626780 (inetd). 본래 rmsock 은 해당 소켓주소에 해당하는 ESTABLISH 되어있는 소켓을 제거하는 명령어이다. 하지만 프로세스가 열고 있는 메인 소켓주소를 삭제하려고 하면 경고메시지로 어떤 프로세스가 물고 있으므로 종료할수 없다는 메시지를 뿌리고 종료가 안된다는 점에 착안하여 꼼수로써 PID를 알아낼수 있다. 3. 프로세스 조회 [root :/]# ps -ef | grep 626780 root 626780 1 0 9¿ù 28ÀÏ - 0:00 /usr/sbin/inetd -d 이제 해당 프로세스를 알아냈다.
204 p시리즈 장비 OP패널에서 강제 shutdown 방법
조인상
19136 2012-10-12
원문 : http://www.ischo.net -- 조인상 //시스템 엔지니어 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1. 메인메뉴에서 (UP)버튼으로 2 를 선택후 (ENTER)로 진입 2. (UP) 을 누를때마다 > 표시가 바뀜. (UP) 버튼으로 N 으로 > 를 옮긴후 (ENTER)를 눌러 M으로 변경 3. (ENTER)를 다시 눌러 메인화면으로 이동 4. (UP)을 눌러 8 메뉴에서 (ENTER) 로 들어가서 진행하면 강제 OFF 수행됨 * 절차2에서 M으로 바꾼 값은 다시 N으로 원상복구 해줘야 함
203 [IBM] x시리즈 M3,M4 블레이드센터 제원
조인상
16816 2012-10-05
원문 : http://www.ischo.net -- 조인상 //시스템 엔지니어 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ [IBM] x시리즈 M3,M4 블레이드센터 제원 장비 크기, 소음, 발열량, 전압, 주파수, 소비전력,온도,습도 등 제원 멤버스 : http://www.ischo.net/8273
202 IBM System x Sales Tech and Sales School
조인상
17964 2012-08-09
원문 : http://www.ischo.net -- 조인상 //시스템 엔지니어 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ IBM System x Sales Tech and Sales School Ch-1.pdf - Introduction to System X List the features of IBM X-architecture Recognize the System x server product line Articulate the elements the comprise IBM Smarter Planet Describe how System x plays a key role in IBM Smarter Planet List the three key requirements of IBM Smarter Planet IBM System x Sales Tech and Sales School Ch-5.pdf - Sysnem x systems management •ArticulatethefeaturesofthelntegratedManagementModule (lMM) .Listthefeaturesoflightpathdiagnostics .DescribetheUnifiedExtensibleFirmwarelnterface(UEFI) .ArticulatethebenefitsoflBMSystemsDirector .DescribethenewvirtualizationextensionoflBMSystemsDirector: VMControl .ArticulatethewaysthatlBMActiveEnergyManagercansavea typicaldatacenterpowerandcoolingcosts •Listallthedeployment,update,diagnostic,andc•nfigurationtools availablefromthelBM Toolscenter IBM System x Sales Tech and Sales School Ch-5.pdf - Sysnem x tools and support . Recognize the benefit to installing the Standalone Solutions ConfigurationTbol(SSCT) . List the features of the lBM Hardware Configurator . Describe benefits of using the Configuration and •ptions Guide . Understand the value of the BIadecenter and System x Power Configurator1bol . Describe the recommendations provided by the Sizing Guides . Recognize the key components listed in the lBM Workload Estimator(WLE) Memers : http://www.ischo.net/8051
201 Power6 System Reference Code
조인상
17230 2012-08-09
원문 : http://www.ischo.net -- 조인상 //시스템 엔지니어 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ Members only : http://www.ischo.net/8046
200 IBM x3650 M3 Service Guide file
조인상
18947 2012-08-03
원문 : http://www.ischo.net -- 조인상 //시스템 엔지니어 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ IBM x3650 M3 Service Guide
199 펌웨어 업그레이드 for old p5 series Servers(SF240-417) file
조인상
18744 2012-07-26
원문 : http://www.ischo.net -- 조인상 //시스템 엔지니어 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ 펌웨어 업그레이드 for old p5 series Servers 1. 현재 펌웨어 레벨 확인 # lsmcode The current permanent system firmware image is SF220_005. The current temporary system firmware image is SF220_006. The system is currently booted from the temporary image. - permanent level은 backup level임 - 현재 시스템이 temporary image로 부팅하였다고 하므로 현재 적용레벨은 temporary system firmware 임 2. 펌웨어를 서버로 업로드 3. 서버에서 펌웨어 unpack 하기 # rpm -Uvh --ignoreos /tmp/fwupdate/<파일명.rpm> -> /tmp/fwupdate 디렉토리에 unpack된 펌웨어 fix 파일이 01SF2xx_yyy_zzz 형식으로 저장된다. 4. unpack 한 펌웨어를 서버에 적용시키기 # cd /tmp/fwupdate # /usr/lpp/diagnostics/bin/update_flash -f <펌웨어레벨> 펌웨어레벨은 01SF2xx_yyy_zzz 형식으로 지정해준다. 5. 펌웨어 적용 확인하기 # lsmcode 6. (옵션사항) 펌웨어 fix를 영구적으로(permanently) 설치하기 - 펌웨어 fix를 설치하면 permanently 하게 설치하기 전까지는 temporary 하게 설치된다. 펌웨어 적용후 정상동작하는지 일정기간이 지난후 안전하다고 생각되면 펌웨어 fix를 permanently 하게 설치할수 있다. - 적용방법 # /usr/lpp/diagnostics/bin/update_flash -c -> 10분 이상 걸릴수 있음
198 디버그툴 dbx 사용법 file
조인상
21534 2012-07-26
원문 : http://www.ischo.net -- 조인상 //시스템 엔지니어 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ 디버그툴 dbx 사용법 - 프로그램 디버깅이나 덤프파일 분석에 사용되는 디버깅 툴 dbx 사용법
197 IBM AIX Version 6.1 Differences Guide file
조인상
29722 2012-07-26
원문 : http://www.ischo.net -- 조인상 //시스템 엔지니어 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ IBM AIX Version 6.1 Differences Guide Chapter 1. Application development and system debug. . . . . . . . . . . . . . . 1 1.1 Transport independent RPC library. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 1.2 AIX tracing facilities review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 1.3 POSIX threads tracing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 1.3.1 POSIX tracing overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 1.3.2 Trace event definition . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 1.3.3 Trace stream definition . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 1.3.4 AIX implementation overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20 1.4 ProbeVue . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21 1.4.1 ProbeVue terminology. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23 1.4.2 Vue programming language . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24 1.4.3 The probevue command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25 1.4.4 The probevctrl command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25 1.4.5 Vue: an overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25 1.4.6 ProbeVue dynamic tracing example . . . . . . . . . . . . . . . . . . . . . . . . . 31 Chapter 2. File systems and storage. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35 2.1 Disabling JFS2 logging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36 2.2 JFS2 internal snapshot . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36 2.2.1 Managing internal snapshots . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37 2.2.2 Error handling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39 2.2.3 Considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39 2.3 Encrypted File System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40 2.3.1 Encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41 2.3.2 Keystore modes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41 2.3.3 File access permissions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42 2.3.4 Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42 iv IBM AIX Version 6.1 Differences Guide 2.3.5 Enable and create EFS file systems . . . . . . . . . . . . . . . . . . . . . . . . . 44 2.3.6 File encryption and de-encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . 45 2.3.7 Encryption inheritance. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48 2.3.8 Considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49 2.4 iSCSI target mode software solution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50 2.4.1 iSCSI software target considerations . . . . . . . . . . . . . . . . . . . . . . . . 50 2.4.2 SMIT interface. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51 Chapter 3. Workload Partitions overview and resource management . . . 53 3.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54 3.2 WPAR based system virtualization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55 3.3 Management tools. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56 3.3.1 Packaging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56 3.4 System trace support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57 3.4.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57 3.4.2 WPAR tracing capabilities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58 3.4.3 Trace WPAR filtering from the global environment . . . . . . . . . . . . . . 58 3.4.4 Trace report filtering from the Global environment . . . . . . . . . . . . . . 60 3.4.5 Tracing from within a WPAR. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63 3.5 File system metrics support. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64 3.6 Network metrics support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65 3.7 Performance tools updates for WPAR support . . . . . . . . . . . . . . . . . . . . . 65 3.7.1 Updates for the curt command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66 3.7.2 Updates for the filemon command . . . . . . . . . . . . . . . . . . . . . . . . . . 68 3.7.3 Updates for the iostat command . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71 3.7.4 Updates for the netpmon command . . . . . . . . . . . . . . . . . . . . . . . . . 74 3.7.5 Updates for the pprof command . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78 3.7.6 Updates for the procmon plug-in. . . . . . . . . . . . . . . . . . . . . . . . . . . . 80 3.7.7 Updates for the proctree command. . . . . . . . . . . . . . . . . . . . . . . . . . 81 3.7.8 Updates for the svmon command . . . . . . . . . . . . . . . . . . . . . . . . . . . 83 3.7.9 Updates for the topas command . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84 3.7.10 Updates for the tprof command. . . . . . . . . . . . . . . . . . . . . . . . . . . . 87 3.7.11 Updates for the vmstat command . . . . . . . . . . . . . . . . . . . . . . . . . . 89 3.8 Standard command updates for WPAR support . . . . . . . . . . . . . . . . . . . . 92 3.9 Network file system support for WPARs . . . . . . . . . . . . . . . . . . . . . . . . . . 97 3.9.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97 3.9.2 NFS user interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98 3.9.3 AutoFS user interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99 3.9.4 CacheFS user interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99 3.9.5 Continuous availability enhancements for NFS . . . . . . . . . . . . . . . 100 Contents v Chapter 4. Continuous availability. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103 4.1 Storage protection keys. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104 4.2 Component trace and RTEC adoption . . . . . . . . . . . . . . . . . . . . . . . . . . 105 4.2.1 VMM component trace and RTEC adoption . . . . . . . . . . . . . . . . . . 110 4.2.2 AIX storage device driver component trace and RTEC support . . . 114 4.2.3 Virtual SCSI device driver component trace and RTEC adoption. . 115 4.2.4 MPIO and RAS component framework integration . . . . . . . . . . . . . 116 4.2.5 InfiniBand device driver component trace and RTEC support . . . . 118 4.2.6 LAN device driver component trace and RTEC support . . . . . . . . . 120 4.2.7 Error level checking for TCP kernel and kernel extension . . . . . . . 124 4.2.8 IPsec component trace exploitation . . . . . . . . . . . . . . . . . . . . . . . . 126 4.2.9 PCI device driver component trace adoption . . . . . . . . . . . . . . . . . 127 4.2.10 Virtual bus device driver component trace adoption . . . . . . . . . . . 128 4.2.11 Component trace for USB system driver. . . . . . . . . . . . . . . . . . . . 129 4.2.12 Component trace for USB audio . . . . . . . . . . . . . . . . . . . . . . . . . . 130 4.2.13 Component trace for 2D graphics device drivers . . . . . . . . . . . . . 131 4.2.14 System loader runtime error checking . . . . . . . . . . . . . . . . . . . . . 132 4.2.15 NFS and CacheFS runtime error checking . . . . . . . . . . . . . . . . . . 133 4.2.16 Runtime error checking for watchdog timer . . . . . . . . . . . . . . . . . 135 4.2.17 System memory allocator adoption of run-time error checking. . . 136 4.3 Dump facilities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 149 4.3.1 The dumpctrl command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151 4.3.2 Component dump facility. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 152 4.3.3 Live dump facility. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 157 4.3.4 System dump facility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 164 4.4 Performing a live dump . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 172 4.5 Kernel error recovery. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 174 4.5.1 Recovery concepts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 174 4.5.2 Kernel error recovery management . . . . . . . . . . . . . . . . . . . . . . . . 176 4.6 Concurrent update. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 179 4.6.1 Concurrent update method . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 179 4.6.2 The emgr command concurrent update operations . . . . . . . . . . . . 181 4.7 Core dump enhancements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 183 4.8 Trace hook range expansion. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 185 4.9 LVM configuration and trace logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 187 4.9.1 LVM configuration log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 187 4.9.2 LVM detailed trace configuration log. . . . . . . . . . . . . . . . . . . . . . . . 189 4.9.3 The gsclvmd daemon log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 192 vi IBM AIX Version 6.1 Differences Guide 4.10 Group Services Concurrent LVM enhancements . . . . . . . . . . . . . . . . . 194 4.11 Paging space verification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 197 Chapter 5. System management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 201 5.1 Web-based System Manager enhancements . . . . . . . . . . . . . . . . . . . . . 202 5.1.1 The mknfsproxy and rmnfsproxy interfaces . . . . . . . . . . . . . . . . . . 202 5.1.2 Modified Web-based System Manager menus . . . . . . . . . . . . . . . . 207 5.2 AIX Print spooler redesign. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 208 5.2.1 Spooler command changes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 209 5.3 Increase default size of argument area . . . . . . . . . . . . . . . . . . . . . . . . . . 209 5.4 Limit threads per process . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 212 5.4.1 Background . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 212 5.4.2 Implemented mechanisms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 212 5.4.3 Implemented functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 213 5.4.4 Implemented changes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 213 5.4.5 How to configure these limits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 214 5.5 Threading pthread default 1:1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 217 5.6 RFC 2790 SNMP host resource groups . . . . . . . . . . . . . . . . . . . . . . . . . 218 5.6.1 The Running Software information group . . . . . . . . . . . . . . . . . . . . 219 5.6.2 The Running Software Performance information group . . . . . . . . . 220 5.7 IBM Systems Director Console for AIX . . . . . . . . . . . . . . . . . . . . . . . . . . 220 5.7.1 Packaging and requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 221 5.7.2 The layout of the IBM Systems Director Console . . . . . . . . . . . . . . 223 5.7.3 My Startup Pages (customization) . . . . . . . . . . . . . . . . . . . . . . . . . 226 5.7.4 Health Summary plug-in . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 226 5.7.5 OS management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 226 5.7.6 Managing Workload Partitions . . . . . . . . . . . . . . . . . . . . . . . . . . . . 236 5.7.7 Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 236 5.7.8 AIX security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 237 5.7.9 Configuration and management . . . . . . . . . . . . . . . . . . . . . . . . . . . 240 5.8 VMM dynamic variable page size . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 240 5.8.1 Variable page size concept . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 241 5.8.2 Page size promotion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 242 5.8.3 The vmo command tunables. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 243 5.8.4 The svmon command enhancements . . . . . . . . . . . . . . . . . . . . . . . 244 Chapter 6. Performance management. . . . . . . . . . . . . . . . . . . . . . . . . . . . 247 6.1 Unique tunable documentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 248 6.2 Restricted tunables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 249 6.2.1 New warning message for restricted tunables . . . . . . . . . . . . . . . . 250 6.2.2 New error log entry for restricted tunables . . . . . . . . . . . . . . . . . . . 252 6.2.3 AIX V6 tunables lists . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 253 Contents vii 6.3 AIX V6 out-of-the-box performance. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 262 6.3.1 Virtual Memory Manager default tunables . . . . . . . . . . . . . . . . . . . 263 6.3.2 AIX V6 enables I/O pacing by default . . . . . . . . . . . . . . . . . . . . . . . 264 6.3.3 AIX V6 new AIO dynamic tunables . . . . . . . . . . . . . . . . . . . . . . . . . 265 6.3.4 NFS default tunables. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 270 6.4 Hardware performance monitors. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 271 6.4.1 Performance Monitor (PM) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 272 6.4.2 Hardware Performance Monitor (HPM). . . . . . . . . . . . . . . . . . . . . . 273 6.4.3 AIX V6.1 PM and HPM enhancements . . . . . . . . . . . . . . . . . . . . . . 274 Chapter 7. Networking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 279 7.1 Internet Group Management Protocol Version 3. . . . . . . . . . . . . . . . . . . 280 7.2 Network Data Administration Facility enhancements . . . . . . . . . . . . . . . 283 7.2.1 Integration of NDAF to the base AIX V6.1 distribution . . . . . . . . . . 283 7.2.2 NDAF commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 284 7.2.3 NDAF SMIT fast paths . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 284 7.2.4 NDAF logs online information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 284 7.2.5 NDAF data transfer methods . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 285 7.2.6 NDAF case study . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 285 7.3 Enabling SSL support for FTP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 286 7.4 NFS proxy serving enhancements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 287 7.4.1 NFS server proxy prerequisites. . . . . . . . . . . . . . . . . . . . . . . . . . . . 288 7.4.2 Comprehensive RPCSEC_GSS Kerberos support . . . . . . . . . . . . . 289 7.4.3 NFSv3 exports for back-end NFSv4 exports. . . . . . . . . . . . . . . . . . 291 7.4.4 NFSv4 global namespace . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 291 7.4.5 Cachefs improvements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 293 7.5 Network caching daemon . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 293 7.5.1 The netcd architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 293 7.5.2 netcd AIX integration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 295 7.5.3 netcd configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 296 7.5.4 Managing netcd. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 298 7.6 IPv6 RFC compliances . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 301 7.6.1 RFC 4007 - IPv6 Scoped Address Architecture . . . . . . . . . . . . . . . 301 7.6.2 RFC 4443 - Internet Control Message Protocol (ICMPv6) . . . . . . . 301 Chapter 8. Security, authentication, and authorization . . . . . . . . . . . . . . 303 8.1 The /admin/tmp system directory . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 304 8.2 AIX Security Expert enhancements. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 306 8.2.1 Centralized policy distribution through LDAP . . . . . . . . . . . . . . . . . 306 8.2.2 User-defined policies. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 307 8.2.3 More stringent check for weak root passwords. . . . . . . . . . . . . . . . 307 8.2.4 Enabling Stack Execution Disable (SED) . . . . . . . . . . . . . . . . . . . . 310 8.2.5 File permission Manager (fpm) for managing SUID programs . . . . 310 viii IBM AIX Version 6.1 Differences Guide 8.2.6 Secure by Default . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 312 8.2.7 SOX-COBIT assistant . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 313 8.2.8 Performance enhancements for the graphical interface . . . . . . . . . 315 8.3 Enhanced Role Based Access Control . . . . . . . . . . . . . . . . . . . . . . . . . . 315 8.3.1 Authorizations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 317 8.3.2 Privileges. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 322 8.3.3 Roles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 324 8.3.4 Summary of differences . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 326 8.4 Web-based GUI for RBAC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 326 8.4.1 Tasks and roles. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 328 8.5 LDAP support enablement . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 330 8.6 RBAC and Workload Partition environments . . . . . . . . . . . . . . . . . . . . . 332 8.7 Enhanced and existing mode switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . 334 8.8 Trusted AIX . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 335 8.8.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 336 8.8.2 Considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 338 8.8.3 Identification and authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . 339 8.8.4 Discretionary access control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 340 8.8.5 Role Based Access Control elements . . . . . . . . . . . . . . . . . . . . . . . 342 8.8.6 Trusted AIX packages. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 347 8.8.7 Trusted AIX commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 348 8.9 The Trusted Execution environment . . . . . . . . . . . . . . . . . . . . . . . . . . . . 349 8.9.1 Trusted Signature Database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 350 8.9.2 Trusted Execution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 351 8.9.3 Trusted Execution Path and Trusted Library Path . . . . . . . . . . . . . 354 8.10 Password length and encryption algorithms . . . . . . . . . . . . . . . . . . . . . 354 8.10.1 Existing crypt() . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 355 8.10.2 Password hashing algorithms . . . . . . . . . . . . . . . . . . . . . . . . . . . . 355 8.10.3 Loadable Password Algorithm . . . . . . . . . . . . . . . . . . . . . . . . . . . 355 8.10.4 Support greater than eight character passwords . . . . . . . . . . . . . 356 8.10.5 LPA configuration file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 356 8.10.6 System password algorithm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 357 8.10.7 Support more valid characters in passwords . . . . . . . . . . . . . . . . 358 8.10.8 Setup system password algorithm . . . . . . . . . . . . . . . . . . . . . . . . 358 8.10.9 Changes to support long passwords. . . . . . . . . . . . . . . . . . . . . . . 359 Chapter 9. Installation, backup, and recovery . . . . . . . . . . . . . . . . . . . . . 363 9.1 AIX graphical installer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 364 9.2 Network Install Manager NFSv4 support. . . . . . . . . . . . . . . . . . . . . . . . . 367 9.2.1 NFSv4 NIM integration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 368 9.2.2 NFSv4 security overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 370 9.2.3 RPCSEC_GSS Kerberos sample scripts . . . . . . . . . . . . . . . . . . . . 371 9.2.4 Considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 375 Contents ix Chapter 10. National language support . . . . . . . . . . . . . . . . . . . . . . . . . . 377 10.1 Azerbaijani locale support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 378 10.1.1 Packaging and installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 379 10.1.2 Locale definitions, keyboard definition, and input methods. . . . . . 381 10.2 Euro symbol support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 385 10.3 Maltese locale support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 388 10.3.1 Packaging and installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 389 10.3.2 Locale definitions, keyboard definition, and input methods. . . . . . 391 10.4 Urdu India and Urdu Pakistan locale support . . . . . . . . . . . . . . . . . . . . 394 10.4.1 Packaging and installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 395 10.4.2 Locale definitions, keyboard definition, and input methods. . . . . . 398 10.5 Welsh locale support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 400 10.5.1 Packaging and installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 402 10.5.2 Locale definitions, keyboard definition, and input methods. . . . . . 404 10.6 Olson time zone support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 407 10.7 Unicode 5.0 support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 411 10.8 International Components for Unicode . . . . . . . . . . . . . . . . . . . . . . . . . 411 Chapter 11. Hardware and graphics support . . . . . . . . . . . . . . . . . . . . . . 413 11.1 Hardware support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 414 11.2 Universal Font Scaling Technology Version 5. . . . . . . . . . . . . . . . . . . . 414 11.3 X Window System Version 11 Release 7.1. . . . . . . . . . . . . . . . . . . . . . 415 11.3.1 X11R5, X11R6.1, and X11R7.1 compatibility issues . . . . . . . . . . 415 11.3.2 AIX V6.1 X Client enhancements . . . . . . . . . . . . . . . . . . . . . . . . . 416 11.3.3 X11R5, X11R6, and X11R7.1 coexistence . . . . . . . . . . . . . . . . . . 417 11.4 32 TB physical memory support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 417 11.5 Withdrawal of the 32-bit kernel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 418 Appendix A. Transport-independent RPC. . . . . . . . . . . . . . . . . . . . . . . . . 419 Appendix B. Sample script for tunables . . . . . . . . . . . . . . . . . . . . . . . . . . 429 Abbreviations and acronyms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 433 Related publications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 439 IBM Redbooks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 439 Other publications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 440 How to get Redbooks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 440 Help from IBM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 441 Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 443
196 IBM AIX Version 7.1 Differences Guide file
조인상
21559 2012-07-25
원문 : http://www.ischo.net -- 조인상 //시스템 엔지니어 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ IBM AIX Version 7.1 Differences Guide Chapter 1. Application development and debugging . . . . . . . . . . . . . . . . . 1 1.1 AIX binary compatibility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 1.2 Improved performance using 1 TB segments . . . . . . . . . . . . . . . . . . . . . . . 2 1.3 Kernel sockets application programming interface . . . . . . . . . . . . . . . . . . . 5 1.4 UNIX08 standard conformance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 1.4.1 stat structure changes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 1.4.2 open system call changes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 1.4.3 utimes system call changes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 1.4.4 futimens and utimensat system calls . . . . . . . . . . . . . . . . . . . . . . . . 10 1.4.5 fexecve system call . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 1.5 AIX assembler enhancements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 1.5.1 Thread Local Storage (TLS) support. . . . . . . . . . . . . . . . . . . . . . . . . 10 1.5.2 TOCREL support. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 1.6 Malloc debug fill. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 1.7 proc_getattr and proc_setattr enhancements . . . . . . . . . . . . . . . . . . . . . . 12 1.7.1 Core dump enhancements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 1.7.2 High resolution timers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14 1.8 Disabled read write locks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14 1.9 DBX enhancements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17 1.9.1 Dump memory areas in pointer format . . . . . . . . . . . . . . . . . . . . . . . 17 1.9.2 dbx environment variable print_mangled . . . . . . . . . . . . . . . . . . . . . 18 1.9.3 DBX malloc subcommand enhancements . . . . . . . . . . . . . . . . . . . . 19 1.10 ProbeVue enhancements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20 1.10.1 User function probe manager for Fortran . . . . . . . . . . . . . . . . . . . . 21 1.10.2 User function exit probes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22 1.10.3 Module name support in user probes . . . . . . . . . . . . . . . . . . . . . . . 23 iv IBM AIX Version 7.1 Differences Guide 1.10.4 ProbeVue support for pre-compiled C++ header files . . . . . . . . . . . 24 1.10.5 Associative array data type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24 1.10.6 Built-in variables for process- and thread-related information. . . . . 25 1.10.7 Interval probes for profiling programs . . . . . . . . . . . . . . . . . . . . . . . 27 Chapter 2. File systems and storage. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29 2.1 LVM enhancements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30 2.1.1 LVM enhanced support for solid-state disks . . . . . . . . . . . . . . . . . . . 30 2.2 Hot files detection in JFS2. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35 Chapter 3. Workload Partitions and resource management . . . . . . . . . . . 43 3.1 Trusted kernel extension loading and configuration . . . . . . . . . . . . . . . . . 44 3.1.1 Syntax overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44 3.1.2 Simple example monitoring. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45 3.1.3 Enhancement of the lspwar command . . . . . . . . . . . . . . . . . . . . . . . 47 3.1.4 mkwpar -X local=yes|no parameter impact . . . . . . . . . . . . . . . . . . . . 47 3.2 WPAR list of features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50 3.3 Versioned Workload Partitions (VWPAR) . . . . . . . . . . . . . . . . . . . . . . . . . 50 3.3.1 Benefits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50 3.3.2 Requirements and considerations. . . . . . . . . . . . . . . . . . . . . . . . . . . 50 3.3.3 Creation of a basic Versioned WPAR AIX 5.2 . . . . . . . . . . . . . . . . . 51 3.3.4 Creation of an AIX Version 5.2 rootvg WPAR. . . . . . . . . . . . . . . . . . 60 3.3.5 Content of the vwpar.52 package . . . . . . . . . . . . . . . . . . . . . . . . . . . 65 3.3.6 Creation of a relocatable Versioned WPAR . . . . . . . . . . . . . . . . . . . 67 3.3.7 SMIT interface. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68 3.4 Device support in WPAR. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68 3.4.1 Global device listing used as example . . . . . . . . . . . . . . . . . . . . . . . 68 3.4.2 Device command listing in an AIX 7.1 WPAR. . . . . . . . . . . . . . . . . . 69 3.4.3 Dynamically adding a Fibre Channel adapter to a system WPAR . . 72 3.4.4 Removing of the Fibre Channel adapter from Global . . . . . . . . . . . . 74 3.4.5 Reboot of LPAR keeps Fibre Channel allocation . . . . . . . . . . . . . . . 74 3.4.6 Disk attached to Fibre Channel adapter . . . . . . . . . . . . . . . . . . . . . . 77 3.4.7 Startwpar error if adapter is busy on Global . . . . . . . . . . . . . . . . . . . 79 3.4.8 Startwpar with a Fibre Channel adapter defined. . . . . . . . . . . . . . . . 79 3.4.9 Disk commands in the WPAR. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82 3.4.10 Access to the Fibre Channel attached disks from the Global . . . . . 83 3.4.11 Support of Fibre Channel devices in the mkwpar command. . . . . . 84 3.4.12 Config file created for the rootvg system WPAR. . . . . . . . . . . . . . . 92 3.4.13 Removing an FC-attached disk in a running system WPAR. . . . . . 93 3.4.14 Mobility considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93 3.4.15 Debugging log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94 3.5 WPAR RAS enhancements. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95 3.5.1 Error logging mechanism aspect. . . . . . . . . . . . . . . . . . . . . . . . . . . . 95 Contents v 3.5.2 Goal for these messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 96 3.5.3 Syntax of the messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 96 3.6 WPAR migration to AIX Version 7.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98 Chapter 4. Continuous availability. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113 4.1 Firmware-assisted dump . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 114 4.1.1 Default installation configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . 114 4.1.2 Full memory dump options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115 4.1.3 Changing the dump type on AIX V7.1. . . . . . . . . . . . . . . . . . . . . . . 116 4.1.4 Firmware-assisted dump on POWER5 and earlier hardware . . . . . 120 4.1.5 Firmware-assisted dump support for non-boot iSCSI device . . . . . 121 4.2 User key enhancements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 122 4.3 Cluster Data Aggregation Tool . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123 4.4 Cluster Aware AIX. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129 4.4.1 Cluster configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 130 4.4.2 Cluster system architecture flow . . . . . . . . . . . . . . . . . . . . . . . . . . . 142 4.4.3 Cluster event management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143 4.4.4 Cluster socket programming . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 144 4.4.5 Cluster storage communication configuration . . . . . . . . . . . . . . . . . 147 4.5 SCTP component trace and RTEC adoption . . . . . . . . . . . . . . . . . . . . . 150 4.6 Cluster aware perfstat library interfaces . . . . . . . . . . . . . . . . . . . . . . . . . 152 Chapter 5. System management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 159 5.1 Processor interrupt disablement . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 160 5.2 Distributed System Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161 5.2.1 The dpasswd command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 162 5.2.2 The dkeyexch command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 163 5.2.3 The dgetmacs command. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 164 5.2.4 The dconsole command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 164 5.2.5 The dcp command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 166 5.2.6 The dsh command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 167 5.2.7 Using DSM and NIM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 168 5.3 AIX system configuration structure expansion . . . . . . . . . . . . . . . . . . . . 179 5.3.1 The kgetsystemcfg kernel service. . . . . . . . . . . . . . . . . . . . . . . . . . 180 5.3.2 The getsystemcfg subroutine . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 180 5.4 AIX Runtime Expert. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 181 5.4.1 AIX Runtime Expert overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 182 5.4.2 Changing mkuser defaults example . . . . . . . . . . . . . . . . . . . . . . . . 186 5.4.3 Schedo and ioo profile merging example . . . . . . . . . . . . . . . . . . . . 189 5.4.4 Latest enhancements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 191 5.5 Removal of CSM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 192 5.6 Removal of IBM Text-to-Speech . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 194 5.7 AIX device renaming . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 195 vi IBM AIX Version 7.1 Differences Guide 5.8 1024 Hardware thread enablement. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 196 5.9 Kernel memory pinning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 199 5.10 ksh93 enhancements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 202 5.11 DWARF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 202 5.12 AIX Event Infrastructure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 202 5.12.1 Some advantages of AIX Event Infrastructure . . . . . . . . . . . . . . . 203 5.12.2 Configuring the AIX Event Infrastructure. . . . . . . . . . . . . . . . . . . . 203 5.12.3 Use of monitoring samples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 204 5.13 Olson time zone support in libc . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 214 5.14 Withdrawal of the Web-based System Manager . . . . . . . . . . . . . . . . . . 215 Chapter 6. Performance management. . . . . . . . . . . . . . . . . . . . . . . . . . . . 217 6.1 Support for Active Memory Expansion . . . . . . . . . . . . . . . . . . . . . . . . . . 218 6.1.1 The amepat command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 218 6.1.2 Enhanced AIX performance monitoring tools for AME . . . . . . . . . . 243 6.2 Hot Files Detection and filemon . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 249 6.3 Memory affinity API enhancements. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 264 6.3.1 API enhancements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 265 6.3.2 The pthread attribute API . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 266 6.4 Enhancement of the iostat command . . . . . . . . . . . . . . . . . . . . . . . . . . . 267 6.5 The vmo command lru_file_repage setting . . . . . . . . . . . . . . . . . . . . . . 269 Chapter 7. Networking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 271 7.1 Enhancement to IEEE 802.3ad Link Aggregation . . . . . . . . . . . . . . . . . . 272 7.1.1 EtherChannel and Link Aggregation in AIX. . . . . . . . . . . . . . . . . . . 272 7.1.2 IEEE 802.3ad Link Aggregation functionality . . . . . . . . . . . . . . . . . 272 7.1.3 AIX V7.1 enhancement to IEEE 802.3ad Link Aggregation . . . . . . 273 7.2 Removal of BIND 8 application code. . . . . . . . . . . . . . . . . . . . . . . . . . . . 282 7.3 Network Time Protocol version 4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 283 Chapter 8. Security, autentication, and authorization . . . . . . . . . . . . . . . 289 8.1 Domain Role Based Access Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . 290 8.1.1 The traditional approach to AIX security . . . . . . . . . . . . . . . . . . . . . 290 8.1.2 Enhanced and Legacy Role Based Access Control . . . . . . . . . . . . 291 8.1.3 Domain Role Based Access Control . . . . . . . . . . . . . . . . . . . . . . . . 293 8.1.4 Domain RBAC command structure . . . . . . . . . . . . . . . . . . . . . . . . . 296 8.1.5 LDAP support in Domain RBAC . . . . . . . . . . . . . . . . . . . . . . . . . . . 306 8.1.6 Scenarios . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 308 8.2 Auditing enhancements. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 345 8.2.1 Auditing with full pathnames . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 345 8.2.2 Auditing support for Trusted Execution . . . . . . . . . . . . . . . . . . . . . . 347 8.2.3 Role-based auditing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 349 8.2.4 Object auditing for NFS mounted files . . . . . . . . . . . . . . . . . . . . . . 351 8.3 Propolice or Stack Smashing Protection . . . . . . . . . . . . . . . . . . . . . . . . . 352 Contents vii 8.4 Security enhancements. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 353 8.4.1 ODM directory permissions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 353 8.4.2 Configurable NGROUPS_MAX. . . . . . . . . . . . . . . . . . . . . . . . . . . . 353 8.4.3 Kerberos client kadmind_timeout option . . . . . . . . . . . . . . . . . . . . . 354 8.4.4 KRB5A load module removal . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 355 8.4.5 Chpasswd support for LDAP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 355 8.4.6 AIX password policy enhancements . . . . . . . . . . . . . . . . . . . . . . . . 355 8.5 Remote Statistic Interface (Rsi) client firewall support . . . . . . . . . . . . . . 360 8.6 AIX LDAP authentication enhancements . . . . . . . . . . . . . . . . . . . . . . . . 360 8.6.1 Case-sensitive LDAP user names . . . . . . . . . . . . . . . . . . . . . . . . . 361 8.6.2 LDAP alias support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 361 8.6.3 LDAP caching enhancement. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 361 8.6.4 Other LDAP enhancements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 362 8.7 RealSecure Server Sensor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 362 Chapter 9. Installation, backup, and recovery . . . . . . . . . . . . . . . . . . . . . 363 9.1 AIX V7.1 minimum system requirements . . . . . . . . . . . . . . . . . . . . . . . . 364 9.1.1 Required hardware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 364 9.2 Loopback device support in NIM. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 370 9.2.1 Support for loopback devices during the creation of lpp_source and spot resources. . . . . . . . . . . . . . . . . . . . . . . . . . . . 370 9.2.2 Loopmount command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 370 9.3 Bootlist command path enhancement . . . . . . . . . . . . . . . . . . . . . . . . . . . 372 9.3.1 Bootlist device pathid specification . . . . . . . . . . . . . . . . . . . . . . . . . 372 9.3.2 Common new flag for pathid configuration commands . . . . . . . . . . 373 9.4 NIM thin server 2.0 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 374 9.4.1 Functional enhancements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 375 9.4.2 Considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 376 9.4.3 NIM commands option for NFS setting on NIM master. . . . . . . . . . 377 9.4.4 Simple Kerberos server setting on NIM master NFS server . . . . . . 378 9.4.5 IPv6 boot firmware syntax. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 378 9.4.6 /etc/export file syntax . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 378 9.4.7 AIX problem determination tools . . . . . . . . . . . . . . . . . . . . . . . . . . . 379 9.5 Activation Engine for VDI customization . . . . . . . . . . . . . . . . . . . . . . . . 379 9.5.1 Step-by-step usage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 380 9.6 SUMA and Electronic Customer Care integration . . . . . . . . . . . . . . . . . . 385 9.6.1 SUMA installation on AIX 7 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 386 9.6.2 AIX 7 SUMA functional and configuration differences . . . . . . . . . . 387 Chapter 10. National language support . . . . . . . . . . . . . . . . . . . . . . . . . . 391 10.1 Unicode 5.2 support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 392 10.2 Code set alias name support for iconv converters . . . . . . . . . . . . . . . . 392 10.3 NEC selected characters support in IBM-eucJP . . . . . . . . . . . . . . . . . . 393 viii IBM AIX Version 7.1 Differences Guide Chapter 11. Hardware and graphics support . . . . . . . . . . . . . . . . . . . . . . 395 11.1 X11 font updates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 396 11.2 AIX V7.1 storage device support. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 397 11.3 Hardware support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 403 11.3.1 Hardware support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 403 Abbreviations and acronyms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 405 Related publications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 411 IBM Redbooks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 411 Other publications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 412 Online resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 412 How to get Redbooks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 415 Help from IBM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 415 Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 417