Getting Started with Z/OS Container Extensions and Docker
Total Page:16
File Type:pdf, Size:1020Kb
Front cover Getting started with z/OS Container Extensions and Docker Lydia Parziale Zach Burns Marco Egli Redelf Janßen Volkmar Langer Subhajit Maitra Edward McCarthy Eric Marins Jim Newell Redbooks IBM Redbooks Getting started with z/OS Container Extensions November 2019 SG24-8457-00 Note: Before using this information and the product it supports, read the information in “Notices” on page ix. First Edition (November 2019) This edition applies to z/OS Version 2 Release 4, Program Numner 5650-ZOS with APARs OA58008 and at least OA58267. © Copyright International Business Machines Corporation 2019. All rights reserved. Note to U.S. Government Users Restricted Rights -- Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp. Contents Notices . ix Trademarks . .x Preface . xi Authors. xi Now you can become a published author, too! . xiii Comments welcome. xiii Stay connected to IBM Redbooks . xiii Chapter 1. Introduction. 1 1.1 z/OS Container Extensions overview . 2 1.2 Container concepts . 2 1.2.1 Why do we have containers . 4 1.2.2 Docker overview . 6 1.3 zCX architecture . 9 1.4 Why use z/OS Container Extensions . 13 1.4.1 Qualities of service . 14 1.4.2 Colocation of applications and data . 14 1.4.3 Security . 16 1.4.4 Consolidation . 17 1.4.5 Example use cases. 18 1.5 Additional considerations . 18 Chapter 2. z/OS Container Extensions planning . 19 2.1 Prerequisites . 20 2.1.1 IBM Z hardware . 20 2.1.2 z/OS Version 2, Release 4 . 24 2.1.3 z/OS Management Facility (z/OSMF) . 25 2.1.4 Base DASD requirements. 27 2.1.5 Planning for network connectivity . 31 2.2 Planning for containers . 36 2.3 Private registry considerations . 36 2.4 Backup and recovery considerations . 36 Chapter 3. Security - Overview . 39 3.1 zCX instance security . 40 3.1.1 Implications of zCX running as a started task. 40 3.1.2 zCX RACF planning . 40 3.1.3 RACF groups and user IDs for zCX . 41 3.1.4 zFS files and VSAM linear data sets. 41 3.1.5 USS directory and files . 42 3.1.6 TCPIP Networking . 43 3.1.7 z/OSMF. 43 3.1.8 Other data sets . 43 3.2 Security within the zCX instance. 43 3.2.1 Linux in the zCX instance . 43 3.2.2 The SSH container . 43 3.2.3 zCX administration user IDs . 44 3.3 Docker in zCX versus Docker on distributed. 45 © Copyright IBM Corp. 2019. All rights reserved. iii 3.3.1 Docker capabilities of the SSH container . 45 3.3.2 Considerations regarding the mounting of file systems . 45 Chapter 4. Provisioning and managing your first z/OS Container . 47 4.1 Overview of zCX provisioning process . 48 4.2 RACF planning . 48 4.2.1 Overview . 48 4.2.2 The zCX Admin user ID . 49 4.2.3 Planning the first logon to a zCX instance . 49 4.2.4 Create RACF groups . 50 4.2.5 Create RACF user IDs . 50 4.2.6 Create SSH Keys . 51 4.3 USS planning . 52 4.3.1 zCX directories . 52 4.4 z/OSMF . 53 4.4.1 z/OSMF configuration . 53 4.5 Configure TCPIP addresses . 55 4.6 SMS planning . 57 4.7 zCX property file . 58 4.7.1 Customizing the properties file . 58 4.7.2 Setting the SSH key in property file . 59 4.8 Run zCX provisioning workflow. 60 4.8.1 Log on to z/OSMF. 60 4.8.2 Select the zCX provisioning workflow . 61 4.8.3 Execute the first step of the workflow . ..