When to use workload partitions

Workload Partitions offer new possibilities for managing AIX environments. They
complement other virtualization solutions available for System p6 platforms. The
following scenarios are examples of when you could benefit from using WPARs.
1.5.1 Improvement of Service Level Agreements
Hardware components of an IT infrastructure may need to undergo maintenance
operations requiring the component to be powered off. If an application is not
part of a cluster of servers providing continuous availability, either for technical,
organizational or cost reasons, then WPARs can help to reduce the application
downtime. Using the live partition mobility feature, the applications that are
executing on a physical server can be temporarily moved to another server,
without an application blackout period during the period of time required to
perform the server physical maintenance operations.
Long running jobs can take advantage of the checkpoint/restart feature of
WPARs. It can be used to protect them against a failure which would require
restarting all computation from scratch. The checkpoint feature can be used to
regularly capture a snapshot of the application runtime environment, without
having to instrument the code. In the case where the job would need to be
stopped before reaching completion of the computation, the job can be resumed
in the state it was when the last checkpoint was saved.
The checkpoint/restart feature can also be used to execute long lasting batch
jobs on a system with limited resources. This job can be run at night time, be
paused during the daytime, when the computer resources have to be dedicated
to other applications, such as transaction handling or web serving, and then
resumed at the beginning of the next night.
The workload partition technology can also help in an environment where an
application needs to be started often, on-demand, and quickly. This may apply,
for example, in test environments where resources are too scarce to keep
multiple application executing concurrently when not in use. Using WPARs, many
applications can be defined on a server, but not activated. Activation of the
workload partitions executing each of these application can be performed only
when needed for a test.
1.5.2 Protection of legacy hardware investment
Although customers using POWER4 IBM Eserver pSeries® servers cannot
take advantage of physical or hypervisor based virtualization technology, the
7431CH_INTRODUCTION.fm Draft Document for Review August 6, 2007 12:52 pm
14 Workload Partitions in IBM AIX Version 6.1
WPAR technology relies only on IBM AIX Version 6.1, with no dependency on the
underlying hardware. It can be used on POWER4, POWER5 and POWER6
based servers.
Customers having many applications, each running an a dedicated POWER
based server or dedicated partition, and requiring only a fraction of the available
processing power can, thanks to the WPAR technology, consolidate these
application within one LPAR. Each application can be executed within one
WPAR, providing a dedicated environment isolated from the other applications
environments, while all WPARs share the physical resource of one LPAR.
1.5.3 Optimization of resource usage
The IBM System p family offers many ways to optimize resource utilization
through virtualization technologies, such as LPARs, DLPARs, and
micropartitions. The WPAR technology complements the existing solution
offerings thanks to its unique characteristics.
The WPAR technology gives you additional flexibility in system capacity planning
as part of a strategy for maximizing system utilization and provisioning efficiency.
Due to the static allocation of partitions in physical servers, in a typical IT
environment, each server is sized with spare capacity to allow for resource
consumption increase of all applications executing within this server. Thanks to
the mobility feature of WPARs, the server sizing and planning can be based on
the overall resources of a group of servers, rather than being performed server
per server. It is possible to allocate applications to one server up to 100% of its
resources. When an application grows and requires resources that can no longer
be provided by the server, the application can be moved to a different server with
spare capacity.
The same mobility feature, combined with the policy based relocation functions
of the WPAR Manager allows to size a set of servers to handle the peak load,
based on the overall resource capacity of the set of server, and not for each
server. In a classical environment, each server must be able to support the peak
load of all partitions hosted within this server. Thanks to the WPAR mobility, it is
possible to take advantage of free resources in one physical server to offload
another physical server hosting applications that require more resources than
locally available.
AIX 6 provides very fine grained control of CPU and memory resource allocation
to workload partitions (down to 0.01% increments). This technology is therefore
suitable for server consolidation of very small workloads. This could be
particularly interesting for the replacement of old servers, for which even 10% of
one POWER5 or POWER6 processor, (the smallest micropartition) exceeds the
application needs.
Chapter 1. Introduction to Workload Partitions (WPAR) Technology in AIX 6 15
Draft Document for Review August 6, 2007 12:52 pm 7431CH_INTRODUCTION.fm
The theoretical upper limit on the number of workload partitions that can be
executed within one LPAR is 8192. In actual practice, your application
environment will probably require far less than 8192 WPARs running within a
single LPAR. And in practice we would expect you would encounter other AIX
system limitations preventing you from actually approaching this theoretical limit.
1.5.4 Fine grain control of resource allocation
When multiple applications are executing within the same AIX instance, the
system administrator may want to control how much cpu and memory resources
are used by each application. One way to perform this control is to set up the
Workload Manager (WLM) functions which is part of standard AIX features.
The WPAR technology provides a new way to perform this resource control. The
WPAR resource control is reusing the WLM technology, but encapsulates it in a
way that WLM is not visible to the system administrator. There is no need for the
system administrator to know about WLM. The resource control is available
through options of the WPAR command line and SMIT interfaces.
The WPAR resource control feature allows the system administrator to arbitrate
between applications competing for CPU and memory resources. This
guarantees that each application receives a share of the cpu and memory
resource available from the global environment. These resources are separate
from the requirements of the other applications executing in WPARs within the
same operating system instance.
1.5.5 Control of security and privilege command
In large AIX environments, where a partition hosts many applications, it is not
unusual to have multiple people acting as system administrators. However, all of
them may not have the need for root or superuser privileges in all domains of
system administration. They can be specialized for activities such as for example
user administration, network control, storage control, or software maintenance.
The WPAR technology supports this specialization of roles, and can help restrict
the privileges given to one person to just the scope he needs to control. System
workload partitions have their own user set, independent from the user set
defined at the global environment level. An individual who is using root within a
Note: In practice, the number of WPARs which could be created and made
active in an LPAR depends upon the capacity of the system, the configuration
of the WPARs, and the characteristics of the applications being run in those
WPARs.
7431CH_INTRODUCTION.fm Draft Document for Review August 6, 2007 12:52 pm
16 Workload Partitions in IBM AIX Version 6.1
system workload partition only has superuser privileges for the resources visible
within this WPAR. He cannot control global environment resources, such as
network adapter or physical devices, and he cannot act on resources belonging
to other workload partitions. Many application have the need for the application
administrator to use the root user to control the application, even if this person
does not need to manage the operating system. The WPAR technology allows to
delegate the superuser privileges to one individual, and limit them to an
application environment, without jeopardizing the global environment.
The separation of user sets (or security domains) between different system
workload partitions also enables the system administrators to isolate groups of
users logging on in AIX environments according to their application access
control requirements. Users defined in one system WPAR are unaware of the
applications executing in the global environment or in other WPARs. They can’t
see the list of users or processes outside their WPAR.
IBM AIX Version 6.1 provides improvement over the previous AIX 5L™ Version
5.3 for role based control of user privileges. This feature is known as Role Based
Access Control (RBAC). An exhaustive description of these new features is
available in IBM AIX V6.1 Security Enhancements, SG24-7430.
WPAR integrates the use of RBAC features for controlling privileges. A default
RBAC setting is provided with each WPAR, but the system administrator can also
further customize the RBAC configuration used in a WPAR context.
1.5.6 Simplified handling of software stack
The WPAR technology can help the system administrator simplify the way he
maintains the operating systems and application software stacks.
A traditional approach to application deployment has been for a long time to
dedicate one server to one application. With the advent of virtualization and
partitioning technologies, it has been possible to host multiple applications within
partitions of a physical server. But this solution still implies that the system
administrator needs to maintain one operating system instance for each
application. The WPAR technology allows to share an AIX instance between
multiple applications, while still running each application within its own
environment, providing isolation between application. In this case, the more
applications that are consolidated within one AIX instance, the less the system
administrator has to perform OS fix applications, backups, migration, and other
OS maintenance tasks. However, it must be noted that such a consolidation
requires that all applications can run under the same version and maintenance
level of the OS.
Chapter 1. Introduction to Workload Partitions (WPAR) Technology in AIX 6 17
Draft Document for Review August 6, 2007 12:52 pm 7431CH_INTRODUCTION.fm
In addition to sharing the operating system, the system administrator can take
advantage of the WPAR technology to share application code. In a traditional AIX
environment, if several Apache web servers are needed, they would each be
deployed in a dedicated server or LPAR. In a WPAR environment, it is possible to
install Apache in one LPAR, and then execute multiple instances of the Apache
server within this LPAR, by starting multiple WPARs. Each WPAR runs its own
Apache server, with its own data in dedicated disk space, but shares the Apache
code with all other WPARs. Such a configuration optimizes memory utilization by
eliminating duplication of code, and reduces administration maintenance of the
Apache code, which only needs to be updated once for all server instances.
IBM AIX Version 6.1 introduces a new concept in software installation and
management: relocatable software packages. A relocatable application is an
application where the files can be installed relative to a base directory which is
different from the / root directory of the AIX environment. Using this feature, it is
possible to deploy multiple versions of the same application within one AIX
instance. The system administrator can take advantage of relocatable
application, by starting each version of the application in a specific WPARs,
therefore providing multiple servers with different server code version, from one
LPAR.
1.5.7 Simplified handling of application OS environment.
The workload partition configuration can be stored in human-readable
specification files. These specification files can be generated by the operating
system from already existing workload partitions, or can be edited, created or
modified by hand. In an environment where a system administrator has to
manage several application environments, the WPAR technology can help him
quickly clone and define new application environments. These specification files
can be used as input to WPAR creation commands, allowing the system
administrator to automate through scripts and programs the startup and handling
of multiple workload partitions.
1.5.8 Business continuity: disaster/failure recovery:
The WPAR technology can be integrated as one element of a solution to provide
a business continuity plan.
The checkpointing feature of WPAR allows to capture a snapshot of an executing
application without having to instrument the code. The application checkpoint
image is then saved to a file that can later be used to resume execution of an
application. Combined with a backup of the application data, the WPAR
checkpoint feature can provide an alternate disaster or failure recovery solution
7431CH_INTRODUCTION.fm Draft Document for Review August 6, 2007 12:52 pm
18 Workload Partitions in IBM AIX Version 6.1
for application that do not use other solutions such as HACMP™ or server
clusters.
1.5.9 Supporting “Green” computing strategies
Using WPAR relocation features for live application mobility means you have the
flexibility to consolidate workloads during periods of low usage onto smaller
numbers of operating server platforms. In this strategy you still provide
continuous application availability, but you do so using a smaller number of
powered up servers. As you approach normal high usage periods you could then
power up additional peak demand server resources and relocate cyclic
workloads back to those machines during those peak demand periods. For
example, if your data center peak workload periods are 12 hrs per day, 5 days
per week, then peak load systems would only need to be powered up ~%35 of
the time.