Monday, November 30, 2009

User and Group Administration - Part 2

GROUP ADMINISTRATION


Few Restrictions on the Group Name:

1. Group names cannot start with the below signs:
  • Dash or minus sign (-).
  • Plus sign (+)
  • At symbol (@)
  • Tilde (~)
2. Groups cannot be named ALL or default, as these names are reserved for the AIX OS.
 
3. Group names cannot include :

  • Colon (:)  
  • Quotation marks—single or double (' or ")
  • Pound or hash sign (#)
  • Comma (,)
  • Equal sign (=)
  • Slashes—back or forward (\ or /)
  • Question mark (?)
  • Back quote or tick (`)
  • White space (space or tab)
  • New-line characters
4.  Group names can have max. 8 characters in AIX V 5.2 or earlier. Starting with AIX 5.3, you can have a
max. of 255 characters.



Now let us look at the configuration files for groups.


/etc/group :

This file contains the basic group configuration details in the following format.

Group Name : Password Flag : GID : User(s)

where
Password Flag - This field is not used in AIX.
GID                 - Group ID is the unique identification number for every group. 0 is the gid for system group.
User(s)             - List of users belonging to the group

/etc/security/group :

This file contains the extended attribtues for the groups.
Here are the parameters used in this file.

adms  - List of users with admin rights to ths group
admin - If set to true, this group will have administrative rights.

There are 4 main commands used in the administration of group :

mkgroup - Add a group
chgroup - Change an attribtue of a group
lsgroup  - List the attribtues of a group
rmgroup - Remove a group

These words can also be used as fastpaths for smitty.

For example, # smitty mkgroup will open a form to create a group.

For doing the whole group administration, you can use

# smitty group and go thru the menu items for various operations.


Now let us see the commands to administrate groups ...

1. To create a group called dba :

# mkgroup dba

2. To create a admin group called admin1 :

# mkgroup -a admin1

3. To create dba group and add jack as the admin :

# mkgroup adms=jack dba

4. To change the members of dba group, you can use any of the below commands :

# chgroup users=jack,tom,michelle dba

# chgrpmem dba

# chgrpmem -m + raja dba

5. To remove the membership of a user from the dba group :

# chgrpmem -m - jack dba

6. To add a user as admin for the dba group :

# chgrpmem -a + raja dba

7. To remove the group administrator :

# chgrpmem -a - raja dba

8. To list the attributes of a group :

# lsgroup dba

9. To remove a group from the system :

# rmgroup test
Print Friendly and PDF
8 comments
at 11:38 AM Posted by Raja

Friday, November 27, 2009

User and Group Administration - Part 1

USER ADMINISTRATION


Few Restrictions on the User Name:


1. User names cannot start with a
  • dash or minus sign(-)
  • plus sign (+)
  • At symbol (@)
  • Tilde (~)
 2. User names cannot include
  • colon (:)
  • single or double quotation marks( ' or ")
  • hash symbol (#)
  • comma (')
  • equal sign
  • Back or forward Slashes ( \ or /)
  • Question mark (?)
  • Back quote (`)
  • White space (space or tab)

3. User names cannot be names ALL or default. Becoz those names are reserved for the AIX OS.

4. User names can have max. 8 characters in AIX V 5.2 or earlier. Starting with AIX 5.3, you can have a
max. of 255 characters. You can change this setting by using the below command,

# chdev -l sys0 -a max_logname=255

To view the setting, use any of the below commands

# lsdev -l sys0 -a max_logname
# getconf LOGIN_NAME_MAX


Configuration Files:

/etc/passwd :

        Contains the basic user configuration details like user name, password flag, uid, gid, gecos (description), home directory, shell.

/etc/security/.profile :


It is the template for the user's .profile file. It has been copied to the user's home directory when we create the user.

/etc/security/limits :

 It contains all the resource limits (ulimits) for the users.

Here are the various ulimit values ...

fsize, fsize_hard - Soft and hard limit for the size of a file a user can create
core, core_hard - Soft and hard limit for the Size of core file a user can create
cpu, cpu_hard - Soft and hard limit for the amount of system time allowed
data, data_hard - Soft and hard limit for the size of the process data segment
stack, stack_hard - Soft and hard limit for the size of the process stack segment
rss, rss_hard - Soft and hard limit for the physical memory allowed
nofiles, nofiles_hard - Soft and hard limit for the number of open file descriptors at one time
nproc, nproc_hard - Soft and hard limit for the number of running processes at one time

/etc/security/passwd :

This file contains the user's password information such as password, lastupdate and flags.

Here are the various flags user

ADMIN - It can be set so that only the root user can change the user's password.

ADMCHG - It can be set so that the user is prompted to change his or her password on the next login/su.

NOCHECK - It can be set so that any additional restrictions in /etc/security/user are ignored.


/etc/security/user :  This file contains very very important settings for every user.

Here are the parameters configured in the file for each and every user :

account_locked - To lock the user account. This can takes values TRUE or FALSE

admin - To specify whether the user is admin or not. It can take calues TRUE or FALSE

expires - It is configured to set the expiration date for the user beyond which the user will be locked. It can take values in the format MMDDHHYY.

histexpire - To specify the # of weeks the user can't reuse a password. It can takes values between 0-260

histsize - To specify the # of passwords previously used that can't be reused. It can take values between 0-50

login - To specify whether a user can log in or not. It can take values TRUE or FALSE.

maxage - To specify the # of weeks a password is valid. It can take values between 0-52.

minage - To specify the # of weeks a user must wait before changing his or her password. It can take values between 0-52.

rlogin - To specify whether a user can be accessed remotely via telnet,ssh, ftp. It can take values TRUE or FALSE.

su - To specify whether other user can use su to access this account. It can take values TRUE or FALSE.


/usr/lib/security/mkuser.default :  This file contains the default values that are set while creating an user.


/etc/security/login.cfg : This file contains the message that is displayed whenever you login to the system.
You can always change it using chsec command or by editing this file directly in vi editor.


Here are the few attributes of a user which you may be interested.


id - User Identification Number is a unique i dfor every user. root user's id is always 0.

pgrp - Primary Group of a user

groups - Secondary Groups of a user. An user can belong to maximum 128 groups in AIX 5.3 and 6.1.

home - Home directory to store the user's files

shell - Shell that runs when the user login

gecos - Description or some comments about the user


There are 6 main commands used in the administration of user :

mkuser     - Add a user
chuser      - Change an attribtue of a user
lsuser       - List the attribtues of a user
rmuser     - Remove a user
passwd    - To set password for a user and for various other purposes

These words can also be used as fastpaths for smitty.
For example, # smitty mkuser will open a form to create a user.

For doing the whole user administration, you can use

# smitty user and go thru the menu items for various operations.

Now let us see the commands to administrate users ...

To create a user called 'jack' with default settings and allocate the next available uid :
# mkuser jack

To create a user with home dir as /opt/$username, primay group as 'dba' :
# mkuser home=/opt/jack pgrp=dba jack

To know about the user :
# finger jack

To change the primary group for a user :
# chuser pgrp=oracle jack

To list the attributes of a user in stanza structure :
# lsuser -f jack

To list the attributes of a user delimited by comma :
# lsuser -c jack

To list home and shell attributes for the users jack and tom :
# lsuser -a shell home jack,tom

To set the password for a newly created user :
# passwd jack

To clear the flag ADMCHK for jack :
# pwdadm -c jack

If you dont do this after setting a password for jack, he will be prompted to change his password on the first login.

To change the gecoz for a user :
# passwd -f jack

To change the shell for a user :
# passwd -s jack

To list the last password update date/time and the flags for a user :
# passwd -q jack

To set the ADMIN flag for a user :
# passwd -f ADMIN jack

ADMIN flag ensures that only the root user can change the password for Jack.

To remove the user :
# rmuser jack

Note: rmsuer doesn't remove the home directory for a user.
You have to remove it may be after the backup.

To remove the user along with his password information :
# rmuser -p jack

To list the currently logged in users :
# who
Note: This command will show the contents of /etc/utmp which is a binary file.

To list the login and logout information for the machine :
# last
Note: This command will show the contents of /var/adm/wtmp file, which is a binary file. Over a period of time, this file will occupy the /var file system a lot. Hence nullify the file once in a 6 months or depending upon the # of login/logout actions in the system.

To clear(nullify) the wtmp file, you can use any of the below commands

# cp /dev/null /var/adm/wtmp
# > /var/adm/wtmp

To change the default message(herald) that is shown after user login :
# chsec -f /etc/security/login.cfg -a default -herald

As a user, you have to protect (lock) your terminal whenever you go for a coffee break.
# lock -> To lock your telnet or ssh terminal

If you use XWindowsm you can use the below command
# xlock

20. Sometimes you may want to login as root to execute some admin commands. For this you dont have to logout from current user and login as root.You can use su command to swtich user and execute the commands and say 'exit' to come out of the su window.

To su to root, you can use any of the below commands

# su - root
# su -

To su to other user called tom,
# su - tom
These su operations are logged into /var/adm/sulog file. You have to nullify this file on certain period of time to make some space in /var file system.

How to disable direct root login via telnet and ssh ?
To disable direct root login thru telnet or ssh, you have to set 'rlogin' attribtue for root user to false.

 You can use the below command to do so.
# chuser rlogin=false root

How to enforce automatic logoff after certain timeout period ?

To enforce automatic logoff after timeout period of 10 minutes, enter the following line in /etc/security/.profile after the AIX installation.

TMOUT=600 ; TIMEOUT=600 ; export readonly TMOUT TIMEOUT


I will update this blog whenever I come across other commands.

We will talk about group administration in the next part.

Thanks for visiting.

- Raja
Print Friendly and PDF
12 comments
at 12:11 PM Posted by Raja

Tuesday, November 24, 2009

Sytem Dump in AIX

               A system dump is created when the system gets an unexpected system halt or a crash. The dump will be written to the primary dump device, if not available then to the secondary dump device.
You can also initiate it using certain commands.

              After the reboot, if the cofy flag is set to TRUE, a menu will be displayed on the console requesting the removable media to copy the dump. It can be either /dev/rmtn or /dev/fd0. Otherwise, it will be copied to a file named vmcoren under /var/adm/ras.


Default Dump Device:

AIX V 4.1 and earlier :
Default dump device is /dev/hd7


AIX 5.1 and above :
Primary : /dev/hd6          Secondary : /dev/sysdumpnull
Note: If the real memory size is larger than 4GB, then a dedicated dump device called "lg_dumplv" will be created.


Here are some commands:

1. To view the current dump configuration :

# sysdumpdev -l

 primary /dev/hd6
secondary /dev/sysdumpnull
copy directory /var/adm/ras
forced copy flag TRUE
always allow dump FALSE
dump compression OFF

To change the primary dump device temporarily :
# sysdumpdev -p /dev/dumplv

To change the primary dump device permanently :
# sysdumpdev -P -p /dev/dumplv

To change the secondary dump device temporarily :
# sysdumpdev -s /dev/dumplv

To change the secondary dump device permanently :
# sysdumpdev -P -s /dev/dumplv

To set the copy flag :
# sysdumpdev -K

To unset the copy flag :
# sysdumpdev -k

To estimate the dump size :
# sysdumpdev -e

To list the last dump information :
# sysdumpdev -L
Device name: /dev/lg_dumplv
Major device number: 12
Minor device number: 4
Size: 42123543 bytes
Date/Time: Wed Jan 01 12:03:00 CDT 2009
Dump status: 0
dump completed successfully
Dump copy filename: /var/adm/ras/vmcore.1

To copy the saved vmcoren file to tape :
# snap -gfkD -o /dev/rmt0

To read the dump file :
# crash dump unix
>

To change the dump file location and if the copy fails it should ask external media to copy the dump file :
# sysdumpdev -D /opt/dumpfiles

To change the dump file location and if the copy fails it should ignore the system dump :
# sysdumpdev -d /opt/dumpfiles

To specify the dumps should not be compressed :
# sysdumpdev -c

To specify the dumps should be always compress :
# sysdmpdev -C

To find out whether a new systemp dump has occured before the last reboot :
# sysdumpdev -z
Print Friendly and PDF
1 comments
at 2:14 PM Posted by Raja

Friday, November 20, 2009

Sendmail Configuration in AIX

Daemon : sendmail

To start the daemon :

# startsrc -s sendmail -a "-bd -q30m"
where
bd - To start the sendmail as a SMTP mail relay router
q - Is the interval in which the sendmail daemon processes the saved messages

To start the daemon automatically after the system boot:

a. # vi /etc/rc.tcpip

b. Uncomment the below line
start /usr/lib/sendmail "$src_running" "-bd -q${qpi}"

To display the status of the daemon :

# lssrc -s sendmail
# ps -ef | grep sendmail

To stop the daemon :

# stopsrc -s sendmail
# kill -1 `cat /etc/sendmail.pid`

Configuration File:

/etc/sendmail.cf - Where the hostname, Relay server name,... are stored.

Alias File :

/etc/aliases - Where the group(alias) to member mapping is stored.


To Add the hostname in the sendmail configuration :

a. Vi /etc/sendmail.cf

b. Change "#DwYourHostName" to "Dw{hostname of local server}"

c. # refresh -s sendmail


To Add the mail (relay) server in the sendmail configuration :

a. Vi /etc/sendmail.cf

b. Change "#DSrelayhostname" to "DS{hostname of the Relay Server}"

c. # refresh -s sendmail


To send the mails,

# echo "Test Message" | sendmail -v raja@server1.domain.com


If you add any alias in /etc/aliases file, then do the following

# sendmail -bi
This will make the sendmail daemon to re-read the aliases file.



To display the list of messages in the mail queue :


# mailq (or) # sendmail -bp


Duirectory containing log files and temp files associated with messages in the mail queue :

/var/spool/mqueue

To delete the first 1000 messages in the root's mail queue :
# mail -u root , then enter "d 1-1000"


Please let me know for any improvements or addons.
Print Friendly and PDF
3 comments
at 12:33 PM Posted by Raja

Tuesday, November 17, 2009

Backup and Restoration

System [rootvg] Backup :

Few Points:
a. rootvg backup can be taken thru mksysb command. Most people refer it as mksysb backup.
b. This type of backup on a tape is bootable. Hence its been widely used to restore the system incase of system crash.
c. Mksysb backup contains 4 images
i. BOS Boot Image - Kernel Device Drivers
ii. mkinsttape image - ./image.data, ./tapeblksz, ./bosinst.data and few other commands
iii. dummy .toc - Nothing but a dummy table of contents file
iv. rootvg data - This is where the actual data resides

Files used by mksysb:

/image.data :
Contains information about the image installed during the BOS installation process. This includes the sizes, names, mount points of LVs and file systems in the rootvg [Actually nothing but the rootvg structure]. It can be created using mkszfile command.

/var/adm/ras/bosinst.data :
It allows you to customize the OS installtion. Modified mostly to use the mksysb image to install new servers.

Few Commands :

To generate just /image.data :
# mkszfile

To create /image.data and generate a system backup on the tape :
# mksysb -i /dev/rmt0

To generate a system backup on the tape but to exclude /home directory and to create /image.data :
# echo /home > /etc/exclude.rootvg
# mksysb -ei /dev/rmt0

To list the contents of a mksysb image :
# lsmksysb -f /backup/system1.mksysb

To restore a specific file from mskysb image :
a. Rewind the tape :
# tctl -f /dev/rmt0 rewind
b. Move the tape forward to the end of 3rd image :
# tctl -f /dev/rmt0.1 fsf 3
c. Restore the specific file:
# restore -xqvf /dev/rmt0.1 /home/user1/file1

Non-rootvg Backup :

Few Points:
a. Volume groups other than rootvg can be backup'ed using savevg command.
b. You can exclude certain files by creating /etc/exclude.vgname.
c. VG data files are kept under,  /tmp/vgdata/vg-name/vg-name.data.

Few Commands :

To backup a datavg to the tape drive :
# savevg -if /dev/rmt0 datavg

To backup a datavg to the tape drive and exclude certain files :
# savevg -ief /dev/rmt0 datavg

To restore the datavg image from the tape onto the disks specified in /tmp/vgdata/datavg/datavg.data file :
# restvg -f /dev/rmt0

To create the data file (/tmp/vgdata/oravg/oravg.data) for oravg :
# mkvgdata oravg

File System Backup :
File systems can be backup'ed using many ways.Few commands used for this are backup, cpio, dsm [TSM Client].

To back up all the files and subdirectories in the /home directory using full path names :
# find /home -print l backup -if /dev/rmt0

To back up all the files and subdirectories in the /home directory using relative path names :
# cd /home
# find . -print l backup -if /dev/rmt0

I have used "l" for the pipe symbol as it was not displaying properly in blog.

To backup a list of files:
# cat bakfile
/home/raja/file1.txt
/home/raja/file2.txt
/home/raja/file3.txt

# backup -iqvf /dev/rmt0

I-node Base Backup:


Here is  the syntax for the backup command in case of inode based backup

Syntax:
# backup [-u] [-level] [-f device] filesystem

u -> Updates the /etc/dumpdates file
-level -> Values available from 0 to 9 where 0 is the full backup and 1-9 for backup the changes since the previous level.

To back up the /home file system by i-node :
# backup -0 -uf /dev/rmt0 /home

i-node based backup has the advantage of making incremental and differential backups. Here we use the numeric flags (0 to 9) to make the difference in the way it back ups. It actually updates the date/time/mode of last backup in /etc/dumpdates when you use the 'u' flag.

Here are the different numeric flags used and their meanings,

0 - Full Backup
1 - Back ups the files created/modified from the date/time of 0th backup
2 - Back ups the files created/modified from the date/time of 1th backup
3 - Back ups the files created/modified from the date/time of 2th backup
4 - Back ups the files created/modified from the date/time of 3th backup
5 - Back ups the files created/modified from the date/time of 4th backup
6 - Back ups the files created/modified from the date/time of 5th backup
7- Back ups the files created/modified from the date/time of 6th backup
8 - Back ups the files created/modified from the date/time of 7th backup
9 - Back ups the files created/modified from the date/time of 8th backup

Few Examples for i-node based backup :


Scenario 1 - Full and Incremental Backup :


If you want to have full backup of /home on sunday night and incremental backup on other nights, then follow the below procedure.

Sunday Night - Full Backup :
# backup -0 -uf /dev/rmt0 /home

Monday Night - Incremental Backup :
# backup -1 -uf /dev/rmt0 /home

Tuesday Night - Incremental Backup
# backup -2 -uf /dev/rmt0 /home

Wednesday Night - Incremental Backup :
# backup -3 -uf /dev/rmt0 /home

Thursday Night - Incremental Backup :
# backup -4 -uf /dev/rmt0 /home

Friday Night - Incremental Backup
# backup -5 -uf /dev/rmt0 /home

Saturday Night - Incremental Backup :
# backup -6 -uf /dev/rmt0 /home

Advantages of Incremental Backup:
a. It takes lesser time to restore the specific data.For example, if you lose a file that was created on thursday morning, then you need only the wednesday night tape to restore the specific file.
b. This method consumes less tapes for backup. Hence its cost effective compared to differential backup.

Disadvantages of Incremental Backup:
a. You need more number of tapes (from sunday-full to last night-incre) to restore the entire file system.

Scenario 2 - Full and Differential Backup :


If you want to have full backup of /home on sunday night and differential backup on other nights, then follow the below procedure.

Sunday Night - Full Backup :
# backup -0 -uf /dev/rmt0 /home

Monday Night - Differential Backup :
# backup -1 -uf /dev/rmt0 /home

Tuesday Night - Differential Backup :
# backup -1 -uf /dev/rmt0 /home

Wednesday Night - Differential Backup :
# backup -1 -uf /dev/rmt0 /home

Thursday Night - Differential Backup :
# backup -1 -uf /dev/rmt0 /home

Friday Night - Differential Backup :
# backup -1 -uf /dev/rmt0 /home

Saturday Night - Differential Backup :
# backup -1 -uf /dev/rmt0 /home

Advantages of Differential Backup:
a. It takes less tapes (from sunday-full and last night-incre) to restore the entire file system.Hence it is easy for the backup operator to restore the data.

Disadvantages of Differential Backup:
a. It consumes more tapes for backup. (since we are going to backup the same old files again and again for the whole week).Hence cost is more in this type of backup.

To list the contents of backup on the tape :
# restore -Tvf /dev/rmt0

To restore individual files from backup created by 'backup -i' command :
# restore -xvf /dev/rmt0 /home/user1/file1

To restore the entire file system :
# restore -rvf /dev/rmt0

Other Unix Backup Commands:

TAR:
tar is the only command (i think so) in UNIX which doesnot require a dash(-) infront of a flag.

To create a tar image in /tmp for a directory :
# tar cvf /tmp/oradata.tar /opt/oradata

To view the contents of a tar image :
# tar tvf /tmp/oradata.tar

To restore the tar image :
# tar xvf /tmp/oradata.tar

CPIO :
cpio reads and writes from stdin and stdout.

To backup the current directory to a /tmp/file.cpio file :
# find . -print cpio -ov > /tmp/file.cpio
To view the table of contents of the cpio archived tape :
# cpio -itvcC1 < /dev/rmt0


To restore data from the cpio archive file :
# cpio -idv < /tmp/file.cpio

To restore a selective file from cpio archived tape :
# cpio -imv /home/roger/.profile < /dev/rmt0

To restore selectively only the *.c and *.cpp file :
# cpio -i "*.c" "*.cpp" < /dev/rmt0


DD Command :
'dd' command copies (also converts) from an input device to an output device. This command will not span multiple tapes.
To copy a file and converting all the chars to upper case :
# dd if=/tmp/unixfile.txt of=/tmp/dosfile.txt conv=ucase

Tcopy Command :
Copies from one tape device to another.
To list the contents of a tape media :
# tcopy /dev/rmt0
To copy all the data from one tape to another tape device :
# tcopy /dev/rmt0 /dev/rmt1

tctl Command :
tctl has been widely used to control tape drives.
To rewind a tape device :
# tctl -f /dev/rm0 rewind
To fast forward to the beginning of 2nd tape mark :
# tctl -f /dev/rmt0.1 fsf
To do retension :
# tctl -f /dev/rmt0 retension
Retension is nothing but moving the tape to beginning, end and again to the beginning. You have to do this, if you encounter multiple read errors during the restoration operation.
To display the status of atape device :
# tctl -f /dev/rmt0 status
To eject a tape device :
# tctl -f /dev/rmt0 offline
TSM Client :

Few Points:
a. It requires a connection to TSM server and also a registeration in the TSM server.
b. You can take the 'backup' and 'archive' based on the TSM server configuration.
c. Archive can be taken for 90 days, 180 days, ... based on the management class.
d. Backup can have different versions. Last backup is the new and current version and oldest backup is the old version for every file that is backed up.
e. Most of the small sized companies keep 3 versions of backup, that means can have 3 backup version for each file.

To Backup a file :
# dsm backup /tmp/file1

To archive a file :
# dsm archive /tmp/file1

To list all the backed up filesystems :
# dsm query filespace

To verify the backup of a file :
# dsmc query backup /tmp/file1

To verify the inactive version of a backup of a file :
# dsmc query backup -inactive /tmp/file1

To verify the archive of a file :
# dsmc query archive /tmp/file1


To backup VIO Server :

To take the OS backup in a CD ROM :
# backupios –cd /dev/cd1 -cdformat

To take the OS backup in a DVD-RAM :
# backupios –cd /dev/cd1 -udf

To take the OS backup in a tape drive :
# backupios –tape /dev/rmt0

To verify the backup available in a tape :
# backupios –tape /dev/rmt0 -verify

To generate vio backup (tar file) in a file  :
# backupios –file /opt/file1

To generate vio backup (mksysb image) in a file :
# backupios –file /opt/file1 -mksysb

Note:    To restore a backup image on vio server, you have to use "installios" command in HMC. installios is a menu driven command (tool) which will ask for machine name, vio server(lpar) name, profile name for restoring the mksysb image.

Please let me know for any comments or corrections.
Print Friendly and PDF
2 comments
at 2:07 PM Posted by Raja

Friday, November 13, 2009

Tips on VIrtualization and Micropartitioning

1. What are the different types of installation of VIO server ?

a. Installation from CD
b. NIM Based installation

2. What is the maximum # of virtual processor per partition (lpar) ?

64 Virtual Processors

3. What is the maximum # of logical processor supported by AIX Operating System ?

128 Logical Processors

4. What are the different types of processor sharing modes ?

Capped or Uncapped modes

5. What are the different types of I/O virtualization that can be implemented in a p5 server ?

a. Virtual Ethernet
b. Shared Ethernet Adapters
c. Shared Fibre Channel Adapters
d. Virtual Disks

6. What is the range for variable capacity weight ?

0 to 255 is the range for the variable capacity weight.
128 is the default weight for uncapped partitions.
Weight 0 is equivalent to capped mode.

7. What is the LMB for Power 4 and Power 5 machines ?

Power 4 - 256 MB Logical Memory Block
Power 5 - 16 MB LMB

LMB is the minimum memory block that can allocatable to an LPAR.

8. What is the minimum allocatable processing unit for an lpar ?

Initial assignment is a minimum of 0.10 (1/10th) processing unit.
Increments can be made at a minimum of 0.01 (1/100th) proccessing unit.

9. How can we calculate hypervisor overhead for an lpar ?

It can be calculated by dividing the maximum memory setting by 64 and rounding up to the nearest logical memory block size.

10. TIP :

You can have maximum of 256 VIO slots per partition

11. TIP :

In VIO Server, you can have maximum of 65535 virtual I/O slots

12. TIP :

You can have maximum of 256 Virtual Ethernet Adapters per partition

13. TIP :

You can have 254 partitions or 10 * # processors per power machine

14.

Under construction ...
Print Friendly and PDF
0 comments
at 3:19 PM Posted by Raja

Performance Monitoring and Tuning in AIX

Performance Monitoring :

1. How to find out the system-wide memory usage ?
# svmon -G -i 2 5

2. How to list top 10 memory consuming processes ?

You can use any of the below commands
# svmon -Put 10
# ps aux head -1; ps aux sort -rn +3 head

3. How to list top 10 cpu consuming processes ?

# ps aux head -1; ps aux sort -rn +2 head -10

4. What is the best command for general performance monitoring :

# topas

You can even use 'jtopas', which is a java based system monitoring tool.

5. How to start trace for the entire system ?

# trace -a

6. How to stop trace ?

# trcstop

7. Where is the log file for trace tool located ?

/var/adm/ras/trcfile

8. What is the command used to generate trace report from a trace log file ?

# trcrpt

9. How to generate report on utilization statistics related to an LPAR ?

# lparstat

10. How to display the LPAR configuration report ?

# lpstat -i

11. What are the mostly used commands to find the cpu, memory,disk i/o statistics ?

# sar -> CPU, Memory statistics
# vmstat -> CPU, Memory statistics
# iostat -> CPU, Disk I/O satistics
# topas -> CPU, Memory, Network and Disk I/O statistics
# ps aux -> CPU, Memory statistics

12. How to display processes related to a specific user ?

# ps -fu username

13. How to list all the 64bit processes running in a system ?

# ps -efM

14. How to enable Interface Specific Network Options in AIX ?
# no -o use_isno=1

By enabling use_isno option, you can set buffer settings on a specific interface, giving you better control over performance management of network interfaces.

15. What is 'thewall' and how to set ?
'thewall' in AIX defines the upper limit for network kernel buffers.

When running AIX 5L V5.3 running a 32 bit kernel is 1GB or half the size of real memory depending on which of the two is the smallest. If you have AIX 5L V5.3 running a 64bit kernel the size of thewall will be 65GB or half the size of real memory, depending on which of the two is smaller.
To display the size of the thewall,

# no -o thewall

Note:
the size of thewall is static from AIX 5L Version 5.1 and later, and cannot be changed, to reduce the upper limit of memory used for networking make use of the maxmbuf tunable.

16. What is maxbuf tunable variable and how to set it ?

The maxmbuf tunable used by AIX specifies the maximum amount of memory that can be used by the networking subsystem.

It can displayed by using the below command,
# lsattr -El sys0 -a maxbuf

By default the maxmbuf tunable is disabled, it is set to 0, this means that the value of thewall will be used to define the maximum amount of memory used for network communications. By setting a non zero value to maxmbuf will override the value of thewall. This is the only way of reducing the value set by thewall.

The value of maxbuf's is defined by 1Kb units. To set its value to 1GB,
# chdev -l sys0 -a maxmbuf=1000000

17. How to find out the media speed of a network interface ?

# netstat -v ent0 grep Media

18. How to view the statistics for a specific network adapter ?

# entstat -d ent1

You can also use "netstat -v ent1".

19. How to reset the above network statistics ?

# entstat -r ent1

20. How to start iptrace on a specific network adapter ?

To Start :
# startsrc -s iptrace -a "-i en0 iptrc.out" &

To Stop:
# stopsrc -s iptrace

21. How to generate report from the iptrace's output file ?

# ipreport -r -s iptrc.out > ipreport

22. How to get the NFS statistics ?

NFS server RPC statistics : # nfsstat -sr
NFS server NFS statistics : # nfsstat -sn
NFS client RPC statistics : # netstat -cr
NFS client NFS statistics : #netstat -cn
Statistics on mounted file systems : # nfsstat -m
To reset the nfsstat statistics : # nfsstat -z

23. How to list the current values of all the network tunables?

# no -a

24. How to display the current value of a specific network tunable?

# no -o tcp_recvspace

25. How to display all the values (current, default, boot, min, max..) values of a network tunable ?

# no -L tcp_recvspace

26. What is the file that holds the next boot tunables's values ?

/etc/tunables/nextboot

27. What is the file that automatically generated with all the values of the network tunables that were set immediately after the reboot ?

/etc/tunables/lastboot

28. How to change the current value of a network tunable's value as well as add the entry to the /etc/tunables/nextboot file ?

Use the 'p' flag in the no command.

For Ex., # no -p -o tcp_recvspace=16k

29. How to display all the NFS network variables ?

# nfs -a

30. How to enable the collection of disk input/output statistics ?

# chdev -l sys0 -a iostat=true

31. How to display the 5 busiest logical volumes in a VG ?

# lvmstat -v datavg -c 5

32. How to display, enable and disable the statistics collection for a VG ?

To enable: # lvmstat -v datavg -e
To disable: # lvmstat -v datavg -d
To show : # lvmstat -v datavg

33. How to display the statistics for a LV ?

# lvmstat -l lv001

34. How to report disk statistics ?

# sar -d 5 60
Abovc command displays the disk i/o statistics 60 times in 5 sec interval.

35. How to list top 10 real memory consuming processes ?

# svmon -Put 10

36. How to list top 10 paging space consuming processes ?

# svmon -Pgt 10

37. How to list the files opened by a process ?

# svmon -pP Process_id

38. How to find out the memory usage of a specific process ?

# svmon -wP

39. How to display the paging (swap) usage ?

# swap -s allocated = 4718592 blocks used = 1475527 blocks free = 3243065 blocks

#swap -l
device maj,min total free
/dev/paging02 38, 4 4608MB 3166MB
/dev/paging01 38, 3 4608MB 3168MB
/dev/paging00 10, 14 4608MB 3167MB
/dev/hd6 10, 2 4608MB 3167MB

40.

Under Construction ....
Print Friendly and PDF
7 comments
at 1:54 PM Posted by Raja
Subscribe to: Posts (Atom)