Linux and z/VM on IBM System z and zSeries update
IBM Systems & Technology Group
Daniel Schwarzentruber dswt@ch.ibm.com
© 2006 IBM Corporation IBM Systems Trademarks and notices
The following terms are trademarks or registered trademarks of International Business Machines Corporation in the United States or other countries or both:
TM ƒ AIX7 ƒ GDDM7 ƒ PrintWay ƒ xSeries7 TM TM ƒ AnyNet7 ƒ GDPS7 ƒ PR/SM ƒ z/Architecture TM ƒ AS/4007 ƒ HiperSockets ƒ pSeries7 ƒ z/OS7
ƒ Candle7 ƒ IBM7 ƒ RACF7 ƒ z/VM7 TM ƒ CICS7 ƒ Infoprint7 ƒ Redbooks ƒ zSeries7 TM TM ƒ CICSPlex7 ƒ IMS ƒ Redbooks (logo) TM ƒ CICS/ESA7 ƒ IP PrintWay ƒ S/3907 TM ƒ DB27 ƒ iSeries ƒ System/3907 TM TM ƒ DB2 Connect ƒ Language Environment7 ƒ System z9
ƒ DPI7 ƒ MQSeries7 ƒ ThinkPad7 TM ƒ DRDA7 ƒ MVS ƒ Tivoli7 TM ƒ e business(logo)7 ƒ MVS/ESA ƒ Tivoli (logo)7
ƒ ESCON7 ƒ NetView7 ƒ VM/ESA7 TM TM ƒ eServer ƒ OS/27 ƒ VSE/ESA TM ƒ ECKD ƒ OS/3907 ƒ VTAM7 TM ƒ FFST ƒ Parallel Sysplex7 ƒ WebSphere7
‹Java and all Java-based trademarks are trademarks of Sun Microsystems, Inc. in the United States, other countries, or both. ‹Microsoft, Windows, Windows NT, and the Windows logo are trademarks of Microsoft Corporation in the United States, other countries, or both. ‹Intel, Intel Inside (logos), MMX and Pentium are trademarks of Intel Corporation in the United States, other countries, or both. ‹UNIX is a registered trademark of The Open Group in the United States and other countries. ‹Linux is a trademark of Linus Torvalds in the United States, other countries, or both. ‹Red Hat is a trademark of Red Hat, Inc. ‹SUSE® LINUX Professional 9.2 from Novell® ‹Other company, product, or service names may be trademarks or service marks of others. ‹This information is for planning purposes only. The information herein is subject to change before the products described become generally available. ‹All statements regarding IBM future direction and intent are subject to change or withdrawal without notice, and represent goals and objectives only.
Refer to www.ibm.com/legal/us for further legal information.
66. GSE zOS Expertenforum 2007, Interlaken IBM Systems Agenda
ß Linux on IBM System z and zSeries ß z/VM support for Linux ß Linux Update and Distribution ß Summary
66. GSE zOS Expertenforum 2007, Interlaken IBM Systems Trend: Open Computing
° Open standards Open Computing Improving information sharing by simplifying integration of disparate Open technologies standards Promoting interoperability by using open published specifications ° Open architecture Increasing collaboration by easily Community extending business processes – eg Innovation SOA Open Open Innovating on top of common hardware architecture source specifications ° Open source Promoting innovation by leveraging community development Accelerating open standards adoption
66. GSE zOS Expertenforum 2007, Interlaken IBM Systems Linux on IBM System z z900 Linux + Virtualization + System z = SYNERGY z800 z990 ° The legendary IBM mainframe – IBM System z™ z890 Legendary dependability Extremely security-rich, highly scalable Designed for multiple diverse workloads executing concurrently Proven high volume data acquisition and management ° The IBM mainframe virtualization capabilities – z/VM® 5.3 Improved scalability for applications with large memory requirements Increased number of virtual guests possible with dedicated devices z9 EC z9 BC … and improved performance and enhanced SCSI disk support ° The easy deployment and configuration of virtual Linux® servers – IBM Director Extensions 5.20 Automated deployment of z/VM virtual servers and installation of Linux systems Reduced customization steps for z/VM hosted virtual Linux servers ° Open standards operating system – Linux for System z Reliable, stable, security-rich Available from multiple distributors Plentiful availability of skills administrators and developers Large selection of applications middleware and tooling from IBM, ISV’s and Open Source IBM System z9™ Enterprise Class (z9 EC) – formerly called z9-109 – and the System z9 Business Class (z9 BC)
66. GSE zOS Expertenforum 2007, Interlaken IBM Systems Integrated Facility for Linux (IFL) The specialty engine for the Linux workload ° Supports Linux on System z and z/VM ° Traditional mainframe software charges unaffected IBM mainframe software IFL Capacity 300% % Increased Value Independent Software Vendor products 262% ° Linux and z/VM charged only against the IFLs 244% ° IFL supports Capacity on Demand (On/Off CoD), Capacity Upgrade on Demand, and Capacity BackUp 164% (CBU) 132% ° IFLs on z9 BC, z890 and z800 run always on “full speed” 37% performance increase comparing z9 BC & z890 IFL 79% ° The IFL price for the new z9 BC servers is CHF180K This is a 24% reduction when compared to other System z servers z800 z900 z890 z990 z9 BC z9 EC ° Aside from the reduced price for the IFL on the z9 BC, price/performance gains with each successive generation of technology Consistent IFL price for all other System z generations
66. GSE zOS Expertenforum 2007, Interlaken IBM Systems Integrated Facility for Linux (IFL) Support
° z/VM Version 5 can run in an LPAR defined with IFL processors ° IFLs are processor processors dedicated to Linux only workloads Only IPLA software can be licensed on IFL processors Allocated from the set of spare processors on MCM Less expensive than standard processors Will not support traditional mainframe operating systems Only usable in LPAR mode; cannot be mixed with standard processors
LPAR LPAR LPAR LPAR LPAR LPAR No: Yes: Yes: Yes: Std IFL IFL IFL IFL IFL IFL IFL IFL
° IFL processors are available on the z9 EC, z9 BC, z990, z890, z900, and z800 One standard processor must exist before IFLs can be added Exceptions: z9 EC, z9 BC, z990, z890, and z800-0LF servers Some servers don't have spare processors available for IFLs ° Adding IFLs does not change a server's model designation No increase in fees for IBM software installed on standard processors
VMV53_160 66. GSE zOS Expertenforum 2007, Interlaken IBM Systems Exkurs: z/VSE
° Businesslösungen auf System z mit z/VSE und Linux von Dr. Klaus Goebel, Labor Böblingen, Deutschland.
66. GSE zOS Expertenforum 2007, Interlaken IBM Systems IBM System z and zSeries processing capacity for Linux
°The Integrated Facility for Linux® (IFL) is a Central Processor (CP) dedicated to Linux workloads is available for IBM System z9, zSeries z990, z900, z890, and z800
°O/O CoD - On/Off Capacity on Demand - Temporary capacity upgrade - Non disruptive temporary of CP's or IFL's or ICF's or zAAPs in any situation °CBU - Capacity Backup - Temporary emergency upgrade – Non disruptive temporary addition of CPs in an emergency situation supports IFL on z9 °CIU - Customer Initiated Upgrade - Permanent upgrade Customer capability to order and install permanent upgrade
66. GSE zOS Expertenforum 2007, Interlaken IBM Systems ß Linux on IBM System z and zSeries ß z/VM support for Linux ß Linux Update and Distribution ß Summary
66. GSE zOS Expertenforum 2007, Interlaken IBM Systems Reale Hardware z/VM – The Virtual Machine Virtuelle Hardware
RDR z/VSE z/VM 192 z/OS PUN VM_ALPHA PRT 550
CMS ...IPL CMS 191 (Virtuelle (Conversational „Privater Management Bereich“ Monitor System) Console) VCP
- verwaltet reale Hardware CP (Control Program) - Simuliert virtuelle Maschinen ...IPL CMS CP0 CP1 CP2 CP3 (Hardware IFL Management Console)
RDR 520 521 Page Spool PUN OSA 550 PRT (Open 0 0
9 191 RDR 9 Systems 3 3 3 3 Adapter)
66. GSE zOS Expertenforum 2007, Interlaken IBM Systems z/VM Evolution
Expand your opportunities with z/VM z/VM z/VM z/VM Version 3 Version 4 Version 5
06/2007
12/2005 09/2004 08/2003 05/2002 10/2001 07/2001 02/2001 z/VM z/VM z/VM V5.1 V5.2 V5.3 z/VM z/VM z/VM z/VM V4.4 (CCC)* z/VM V4.1 V4.2 V4.3 V3.1
12/2005 06/2003 12/2003 05/2005 09/2006 09/2007 04/2009 09/2010
Withdrawn from marketing Currently being marketed XX/XXXX - Service Discontinued and no longer serviced (bottom of box)
XX/XXXX - Planned general availability (top of box)
•The EAL3+ evaluated copy of z/VM V5.1 is available as the Common Criteria Certification feature of z/VM V5.2 •The Common Criteria Certification feature and z/VM V5.2 are planned to be withdrawn from marketing on June 15, 2007. VMV53_020 66. GSE zOS Expertenforum 2007, Interlaken IBM Systems Primary Uses of z/VM Platform by Function ° Guest Support ° On demand business ° Systems Management Applications for VSE/ESA™, Linux, Automated Operations ® Highly secure Access to: z/VSE™, z/VM, OS/390 , z/OS.e, OSA/SF ®, • WWW z/OS TPF, and z/TPF • Databases Systems Management API Crypto Express2 support for z/OS and ® TCP/IP Coordination of DirMaint™ and RACF Linux changes ® VM guest LAN Parallel Sysplex Support Enhanced directory management ® FICON , FICON Express and Virtual Simplified VLAN management with FICON CTCA support for GVRP Enhanced memory utilization using HCD and HCM VMRM between z/VM and Linux Performance Toolkit for VM™ guests OBSERVER Support Enhanced memory management for z/VM I/O Priority Queuing Linux guests (CMMA) V5.3 VM Resource Manager (VMRM) Guest LAN sniffer IPL from SCSI disks ° Communications N-Port Identifier virtualization TCP/IP RSCS FL530 SNA NJE ° Application Development MQSeries® Client C/C++ for z/VM Compiler ° Data OSA-Express and OSA-Express2 IBM Debug Tool for z/VM Distributed Relational Databases OSA-Express2 OSA for NCP (OSN) REXX Shared File System HiperSockets™ IPv6 CMS Pipelines Storage Management Subsystem VM guest LAN POSIX Byte File System REXX Sockets Network File System ° Security Reusable Server Kernel LDAP server and client services Binder/Loader RACF FL530data and file protection Converged C Sockets Libraries Longer passwords VMV53_030 66. GSE zOS Expertenforum 2007, Interlaken IBM Systems The Value of z/VM for Linux
° z/VM enables a large number of Linux server images to run on a single System z9 and zSeries ° z/VM version (V5) contains significant support for Linux virtual servers, including exploitation of new System z9 and zSeries ° Infrastructure Simpification Consolidate distributed, discrete servers and their networks Can help improve IBM mainframe qualities of service Exploit built-in z/VM systems management ° Speed-to-Market Deploy servers, networks, and solutions fast React quickly to challenges and opportunities Allocate server capacity when needed ° Technology Exploitation Linux with z/VM offers more function than Linux alone Linux can exploit unique z/VM technology features Build innovative on demand business solutions z/VM provides support specific for Linux
66. GSE zOS Expertenforum 2007, Interlaken IBM Systems Potential Total Cost of Ownership (TCO) Savings with z/VM
° Deploying virtual servers can reduce hardware requirements, which may result in savings when purchasing, installing and configuring new hardware ° Fewer hardware servers occupy less space, which may result in savings on raised floor requirements, heating, cooling and electricity ° Guest support for zAAPs and zIIPs can help use available zAAP and zIIP capacity not being used by z/OS LPARs to be allocated to a z/VM LPAR hosting z/OS guests running Java and DB2 workloads ° Virtual servers can be created in minutes, which can help reduce cost and time associated with planning for new business opportunities ° Sharing operating systems and application code between virtual servers can help you save on software, systems management and staffing ° System management tools are delivered as part of the system which can help avoid the cost of additional software to perform these tasks ° Network costs may be reduced since virtual servers communicate using HiperSockets or VM guest LANs, Inter-User Communication Vehicle (IUCV), and virtual channel-to-channel adapters
VMV53_050 66. GSE zOS Expertenforum 2007, Interlaken IBM Systems Costs of power of Intel Servers – 3 years
66. GSE zOS Expertenforum 2007, Interlaken IBM Systems Servers Supported by z/VM V5.3
° z/VM V5.3 requires hardware that implements the IBM 64-bit z/Architecture in order to execute properly: IBM System z9™ Enterprise Class (z9 EC) IBM System z9 Business Class (z9 BC) IBM eServer zSeries® 990 (z990) IBM eServer zSeries 890 (z890) IBM eServer zSeries 900 (z900) IBM eServer zSeries 800 (z800)
z/VM Version 5 Release 3 Availability – June 29, 2007
VMV53_060 66. GSE zOS Expertenforum 2007, Interlaken IBM Systems IBM System z9 Enterprise Class (z9 EC)
° 5 Models - S08, S18, S28, S38 and S54 ° Processor Units (PUs) 12 (16 for Model S54) PUs per book 2 SAPs per book, standard 2 spares per server 8, 18, 28, 38 or 54 PUs available CPs, IFLs, ICFs, zAAPs, zIIPs, optional SAPs ° Improved performance over the z990 ° Up to 512 GB of central processor storage ° Up to 4 Logical Channel SubSystems (LCSSs) Up to 1024 channel paths/Up to 15 LPARs per LCSS ° Up to 60 LPARs LPAR Mode only - No basic mode ° FICON Express4/FICON Express2/FICON Express Up to 84 features / 336 channels (FICON Express4/2) ° Up to 1024 ESCON® channels ° N-Port ID virtualization (NPIV) ° OSA-Express2/OSA-Express Up to 24 features Fast Ethernet, 1000BASE-T Ethernet, Gigabit Ethernet, 10 Gigabit Ethernet ° Up to 8 configurable Crypto Express2 ° IPL from FCP-attached SCSI disks ° Up to 16 HiperSockets
VMV53_070 66. GSE zOS Expertenforum 2007, Interlaken IBM Systems IBM System z9 Business Class (z9 BC)
° 2 Models – R07, S07 (73 Capacity Indicators) ° 8 Processor Units (PUs) 1 SAP per system, standard 0 spares per server Up to 7 PUs available CPs, IFLs, ICFs, zAAPs, zIIPs, optional SAP ° Improved performance over the z890 ° Up to 64 GB of central processor storage ° Up to 2 Logical Channel SubSystems (LCSSs) Up to 15 LPARs per LCSS ° Up to 30 LPARs LPAR Mode only - No basic mode ° FICON Express4/FICON Express2/FICON Express Up to 28 features / 112 FICON channels ° Up to 420 ESCON® channels ° N-Port ID virtualization (NPIV) ° OSA-Express2/OSA-Express Up to 24 features Fast Ethernet, 1000BASE-T Ethernet, Gigabit Ethernet, 10 Gigabit Ethernet ° Up to 8 configurable Crypto Express2 ° IPL from FCP-attached SCSI disks ° Up to 16 HiperSockets
VMV53_080 66. GSE zOS Expertenforum 2007, Interlaken IBM Systems IBM eServer zSeries 990
° 4 Models (A08, B16, C24, D32), 1 - 32 way Up to 32 IFLs ° Improved performance over the z900 ° Up to 256 GB of central processor storage ° Up to 4 Logical Channel SubSystems (LCSSs) Up to 1024 channel paths Up to 15 LPARs per LCSS ° Up to 30 LPARs LPAR Mode only - No basic mode ° Up to 120 FICON Express Channels ° Up to 240 FICON Express2 Channels ° Up to 512 ESCON channels/no parallel channels ° Support for cascaded FICON directors ° IPL from FCP-attached SCSI disks ° Up to 16 HiperSockets for high-speed interconnections ° Up to 48 OSA-Express ports ° Virtual LAN (IEEE 802.1q) supported ° OSA-Integrated Console Controller (OSA-ICC) ° Support for Crypto Express2 ° OSA-Express2
VMV53_090 66. GSE zOS Expertenforum 2007, Interlaken IBM Systems IBM eServer zSeries 890
° 1 Model - 28 capacity settings, 1 - 4 way Model 110 has select features Up to 4 IFLs ° Improved performance over the z800 ° Up to 32 GB of central processor storage ° Up to 2 Logical Channel SubSystems (LCSSs) Up to 512 channel paths Up to 15 LPARs per LCSS ° Up to 30 LPARs LPAR Mode only - No basic mode ° Up to 20 FICON Express cards (40 channels) ° Up to 80 FICON Express2 Channels ° Up to 420 ESCON channels/no parallel channels ° Support for cascaded FICON directors ° IPL from FCP-attached SCSI disks ° Up to 16 HiperSockets for high-speed interconnections ° Up to 40 OSA-Express ports ° Virtual LAN (IEEE 802.1q) supported ° OSA-Integrated Console Controller (OSA-ICC) ° Secure cryptographic functions (Crypto Express2) ° OSA-Express2
VMV53_100 66. GSE zOS Expertenforum 2007, Interlaken IBM Systems IBM eServer zSeries 900
° 41 general purpose models ° Up to 16-way (20 PUs), up to 64 GB memory Up to 15 IFLs ° Up to 15 LPARs ° Maximum 64 GB of storage per LPAR ° Up to 256 ESCON / 88 parallel channels ° Up to 96 FICON channels ° FCP channel in support of Linux environments ° FICON Support for cascaded directors ° IPL from FCP-attached SCSI disks ° z/Architecture (64-bit) supported ° Enhanced I/O subsystem supports greater bandwidth PCI Cryptographic Accelerator (PCICA) for IFL processors OSA-Express enhancements ° HiperSockets for high-speed internal TCP/IP network ° Multiple clustered LPARs CPU and dynamic channel management Channel subsystem priority queuing
VMV53_110 66. GSE zOS Expertenforum 2007, Interlaken IBM Systems IBM eServer zSeries 800
° 10 General Purpose Models (1- 4 way) Up to 3 IFLs ° Up to 32 GB of central processor storage ° Up to 15 LPARs ° Maximum 32 GB of storage per LPAR ° Up to 240 ESCON/No parallel channels ° Up to 32 FICON channels ° FCP channel in support of Linux environments ° FICON Support of cascaded directors ° IPL from FCP-attached SCSI disks ° z/Architecture (64-bit) supported ° I/O subsystem supports: OSA-Express Gb and Fast Ethernet 155 ATM Token-Ring PCI Cryptographic Accelerator and Coprocessor PCICA for IFL processors ° HiperSockets for high-speed internal TCP/IP network ° zSeries Entry License Charge™ (zELC) Software pricing ° Also available as an integral component of: IBM eServer zSeries Offering for Linux
VMV53_120 66. GSE zOS Expertenforum 2007, Interlaken IBM Systems z/Architecture Supported by z/VM
° IBM z/Architecture is an extension of the IBM Enterprise Systems Architecture/390® (ESA/390) and features: 64-bit general registers, 64-bit operations, and 64-bit virtual and real addressing Compatibility for ESA/390 application programs ° z/VM support of z/Architecture Requires 64-bit capable processor Exploits central storage greater than 2 GB for guest and virtual disk (VDISK) pages and for minidisk cache Enhanced exploitation of large real memory providing 2 GB real-storage constraint relief Runs 64-bit capable guests with greater than 2 GB of virtual storage (z/OS, z/OS.e, z/VM, and Linux for System z)
VMV53_130 66. GSE zOS Expertenforum 2007, Interlaken IBM Systems z/VM Version 5.3 Enhancements
° Enhanced scalability and constraint relief ° Networking virtualization enhancements Enhanced virtual network management Support for greater than 128 GB real storage Enhanced failover support for IPv4 and IPv6 devices Up to 32 real processors in a single z/VM image Virtual IP Address (VIPA) support for IPv6 Enhanced memory management for Linux guests Enhanced memory utilization using VMRM ° Security between z/VM and Linux guests Delivery of LDAP server and client ™ HyperPAV support for IBM System Storage Enhanced system security with longer passwords DS8000™ ® Conformance with industry standards and SSL server Enhanced FlashCopy support enhancements Tape data protection with support for encryption ° Virtualization enhancements for Linux and other ° Systems management enhancements guests Enhanced management functions for Linux and other virtual images Guest support for IBM System z specialty Enhanced Performance Toolkit for VM engines (processors) Enhanced guest configuration Enhanced VSWITCH and guest LAN usability Guest support for Modified Indirect Data Address Words (MIDAWs) ° Installation, service, and packaging changes Guest ASCII console support Service and installation enhancements Enhanced SCSI support RSCS repackaged as an optional feature New RACF® Security Server for z/VM z/Architecture CMS shipped as a sample program Withdrawal of the ROUTED and BOOTP servers
VMV53_140 66. GSE zOS Expertenforum 2007, Interlaken IBM Systems z/VM Version 5 Terms and Conditions
° International Program License Agreement (IPLA) Program Use License One-time charge (OTC) for standard or IFL processors – Engine-based Value Units Can be transferred within an enterprise Service by mail, fax, and e-mail only under basic warranty Subscription and Support (S&S) Comparable service as traditional ICA products Not required but highly recommended Must decline when ordering if not desired Annual renewable charge per processor Adds telephone support No additional charges for updates, new versions and releases ° SoftwareXcel available for an additional charge ° IPLA applies to z/VM base code and the optional features DirMaint, RSCS, RACF Security Server for z/VM, and the Performance Toolkit for VM ° No-charge upgrade to the Performance Toolkit for VM for: Customers who purchased z/VM V4 S&S for the RTM, PRF, or Performance Toolkit for VM features Customers who purchased the FCON/ESA program (5788-LGA)
VMV53_150 66. GSE zOS Expertenforum 2007, Interlaken IBM Systems Example of IPLA Charges for z/VM Version 5
L L C C V i i n n M M S u u z/OS z/OS S S E x x Linux Linux
z/OS z/OS z/OS z/VM z/VM Linux LPAR1 LPAR2 LPAR3 LPAR4 LPAR5 LPAR6
CP CP zAAP zIIP CP CP CP IFL IFL IFL IFL IFL 1 2 1 1 3 4 5 1 2 3 4 5 System z
z/VM charges - 5 processors z/VM charges – 5 processors
VMV53_170 66. GSE zOS Expertenforum 2007, Interlaken IBM Systems Statements of Direction
° Common Criteria Certification: IBM intends to evaluate z/VM V5.3 with the RACF Security Server optional feature for conformance to the Controlled Access Protection Profile (CAPP) and Labeled Security Protection Profile (LSPP) of the Common Criteria standard for IT security, ISO/IEC 15408, at Evaluation Assurance Level 4 (EAL4). This new SOD represents a modification to IBM's previously expressed Statement of Direction of July 27, 2005, which stated IBM's intent "to evaluate z/VM V5.2 with the RACF for z/VM optional feature for conformance to the Controlled Access Protection Profile (CAPP) and Labeled Security Protection Profile (LSPP) of the Common Criteria standard for IT security, ISO/IEC 15408, at Evaluation Assurance Level 4 (EAL4).“ Based on additional assessment of requirements, IBM no longer intends to evaluate z/VM V5.2. ° OSA-Express2 link aggregation and failover support: IBM intends to provide virtual switch (VSWITCH) support for IEEE Standard 802.3ad Link Aggregation in z/VM V5.3. This support is designed to allow all OSA-Express2 features that are associated with a virtual switch to be grouped and used as a single "fat pipe", helping to increase bandwidth and provide near-seamless failover in the event of a link failure. This z/VM support requires associated OSA- Express2 support that is planned to be available on IBM System z9 servers. ° RPC server support: IBM intends to withdraw support for the RPC/CSL interface from the System Management API server in a future z/VM release. ° TCP/IP functions: IBM intends to withdraw support for the Network Database (NDB) system, Trivial File Transfer Protocol (TFTP) server, X25 interface (includes X25IBI server), and SNALINK server in a future z/VM release. ° 3480 Distribution Media: IBM intends to withdraw 3480 tape as a distribution medium in a future z/VM release. z/VM is planned to continue distribution on 3590 tape, on DVD, and electronic delivery of z/VM from ShopzSeries.
Note: All statements regarding IBM’s future direction and intent are subject to change or withdrawal without notice, and represent goals and objectives only.
VMV53_180 66. GSE zOS Expertenforum 2007, Interlaken IBM Systems Virtualization Technology for Linux Guests
© 2006 IBM Corporation IBM Systems
VMV53_190 Rapid Horizontal Growth with Linux on z/VM
Typical UNIX environment Linux on z/VM
Network Network
Virtual networking options available with z/VM
App App App App App App App App
UNIX UNIX UNIX UNIX Linux Linux Linux Linux
Server Server Server Server z/VM Shared processors, memory, network, ...
Shared Disks
° Dedicated processors, disks, adapters... ° Shared resources Resources wasted when idle Idle capacity given to servers that need it ° Complex system management ° Simplified system management Networking and software products required for Everything in one box command and control Automation tools included in z/VM ° New servers available in hours/days ° New servers online in minutes/seconds ° Capacity on Demand available
VMV53_210 66. GSE zOS Expertenforum 2007, Interlaken IBM Systems Server Consolidation with Linux on z/VM
Traditional Server Farm Server farm in a box
Intel Intel Sun Sun HP System z9 Linux Linux Linux Linux Intel Intel Sun Sun HP IBM eServer Linux Linux Linux Linux Intel Intel Sun Sun HP IBM eServer Linux Linux Linux Linux Intel Intel Sun Sun HP IBM eServer Linux Linux Linux Linux Intel Intel Sun Sun HP System z9 Linux Linux Linux Linux Intel Intel Sun Sun HP IBM eServer Linux Linux Linux Linux Intel Intel Sun Sun HP IBM eServer z/VM in IBM System z9 and zSeries
° Discrete servers consume incremental ° Can help reduce costs without sacrificing server expense autonomy (one server per application) Hardware price and maintenance ° Virtual, high-speed, inter-server connectivity Floor space, power, cooling ° Exploit an architecture designed for high availability Additional support staff ° Mainframe qualities of service Per server (processor) software fees ° Tested disaster recovery services ° Connectivity requires kilometers of cables ° Connect to discrete servers as required ° High availability enabled by spares/re-boots ° Disaster recovery difficult to test
Server farm in a box
VMV53_220 66. GSE zOS Expertenforum 2007, Interlaken IBM Systems z/VM Virtual Networking – Using z/VM Guest LANs ° A guest LAN is a "virtual" LAN created by the z/VM Control Program ° OSA-Express (QDIO) and HiperSockets guest LANs can be created Point-to-point, Multicast, and Broadcast (QDIO) connections are supported ° Linux images can connect to one or more guest LANs And connect to real network adapters at the same time This enables a Linux image to provide external routing and firewall services for other Linux images
Linux Linux Linux Linux Guest LAN #2 Guest LAN #1 Linux Linux Linux Linux Linux Real Network Linux Linux Linux Linux Linux
Guest LAN #3 Linux
Linux Linux Linux Linux z/VM
VMV53_230 66. GSE zOS Expertenforum 2007, Interlaken IBM Systems z/VM Virtual Networking – Using Virtual IP Switches
° Virtual switches allow virtual-QDIO connections to physical LAN segments without requiring a router Allows virtual machines on the guest LAN to be in the same subnet with the physical LAN segment Reduces copying of the data being transported Provides centralized network configuration and control May reduce overhead associated with router virtual machines
z/VM guests in Linux TCP/IP VM Linux Linux Linux TCP/IP z/OS same z/VM LPAR Guest 1 guest 1 Guest 2 Guest 3 Guest 4 guest Guest 2 Virtual QDIO adapters Operates as Virtual Switch (Guest LAN) part of z/VM CP Same network z/VM CP subnet
QDIO OSA- Express
Physical Ethernet LAN IPv4
VMV53_240 66. GSE zOS Expertenforum 2007, Interlaken IBM Systems Enhanced scalability and constraint relief
© 2006 IBM Corporation IBM Systems
VMV53_250 Support for more than 128 GB real storage
° Changes to page table allocation allow z/VM images to support significantly more real storage (memory) than the prior limit of 128 GB as well as more total host virtual (guest real) storage. ° Page management control blocks (PGMBKs) now reside above the 2 GB address line ° May help reduce or eliminate the need to spread large workloads across multiple z/VM images ° Management of contiguous frames may also reduce storage management overhead and help improve performance
° Potential benefit: Benefits most customers who experience storage constraints, regardless of the amount of central storage configured for z/VM use
IBM Systems VMV53_260 66. GSE zOS Expertenforum 2007, Interlaken Up to 32 real processors in a single z/VM image
° Allow up to 32 real processors in a single z/VM image An increase from the prior maximum of 24
° Potential benefit: z/VM overhead is expected to be lower with fewer, more CPU-intensive guests than with many lightly loaded guests Excessive over commitment of storage could also contribute to increased overhead
VMV53_270 66. GSE zOS Expertenforum 2007, Interlaken IBM Systems Enhanced memory management for Linux guests ° Real memory constraint detected and Linux images signaled to reduce virtual memory consumption ° Exchange page usage information between Linux guests and z/VM ° Reclaim “unused” pages at higher priority Virtual ° Demand on real memory and z/VM paging Memory subsystem is reduced z/VM Paging Subsystem ° Helps improve overall system Disk space performance and guest image Linux Linux Linux Linux Linux throughput ° Guest further benefits from the Host Page-Management Assist (HPMA) to Real re-instantiate pages for next use Memory ° Potential benefit: Expanded Storage z/VM Exchange of information can allow both the z/VM host and its guests to optimize their use and = Unused = Volatile management of memory = Stable = Volatile discarded
VMV53_280 66. GSE zOS Expertenforum 2007, Interlaken IBM Systems Enhanced memory utilization using VMRM between z/VM and Linux guests
° Assists in managing memory contention in the system between z/VM and Linux guests ° Detects when memory is constrained and notifies the Linux guests Guests can then take action to adjust their memory consumption to help relieve the memory constraint Virtual Memory ° Demand on real memory and z/VM z/VM Paging paging subsystem is reduced Subsystem ° z/VM V5.2 support available Disk space with CMS PTF for APAR VM64085 Linux Linux Linux Linux Linux ° Linux support currently available with SLES 9 and 10
° Potential benefit: Real Can significantly improve overall system Memory performance in cases where the overall z/VM Expanded system is constrained for real storage and much of that storage is being held by one Storage z/VM or more Linux guests = Inactive virtual memory = Active virtual memory More information available at: www.ibm.com/servers/eserver/zseries/zvm/sysman/vmrm/vmrmcmm.html VMV53_290 66. GSE zOS Expertenforum 2007, Interlaken IBM Systems HyperPAV support for IBM System Storage DS8000 ° IBM System Storage DS8000 HyperPAV is designed to: Provide more efficient Parallel Access Volumes (PAV) function Help customers who implement larger volumes to scale I/O rates without the need for additional PAV-alias definitions Help to reduce overhead, help improve addressing efficiencies, and provide storage capacity and performance enhancements Enable a dynamic response to changing workloads Reduce costs via simplified management of aliases Enable customers to stave off migration to larger volume sizes ° z/VM support is designed to: Potentially reduce the number of alias-device addresses needed for parallel I/O operations Provide support of HyperPAV volumes as linkable minidisks for guest operating systems, such as z/OS, that exploit this new PAV architecture ° Potential benefit: Transparently provide the potential benefits of HyperPAV volumes for minidisks owned or shared by guests that do not specifically exploit HyperPAV volumes, such as Linux and CMS
IBM Systems VMV53_300 66. GSE zOS Expertenforum 2007, Interlaken Enhanced FlashCopy support
° Support for the FlashCopy V2 feature of IBM System Storage disk devices has been enhanced to include the capabilities to: Specify multiple target minidisks accepting up to 12 target minidisks to be copied Determine the status of FlashCopy requests by allowing the user to query the number of Flashcopy relationships active for one or more of their virtual DASD Exploit hardware asynchronous cache destage and discard designed to eliminate delayed hardware response messages and providing quicker responses Makes a FlashCopy appear synchronous to the virtual machine FlashCopy May facilitate automation of processes that exploit this technology. ° Potential Benefits: Help simplify the tasks required to automate backups and make multiple copies of disk data
IBM Systems VMV53_310 66. GSE zOS Expertenforum 2007, Interlaken Virtualization Technology and Linux Enablement
© 2006 IBM Corporation IBM Systems
VMV53_320 Support for IBM System z specialty processors
° z/VM V5.3 introduces support for zAAP and zIIP specialty processors System z Application Assist Processors (zAAPs) provide an economical Java execution environment under z/OS and z/OS.e System z9 Integrated Information Processors (zIIPs) are designed to help improve resource optimization and lower the cost for eligible z/OS and z/OS.e workloads by offloading software system overhead from standard Central Processors (CPs); this includes certain DB2 processing ° New z/VM guest support for zAAPs and zIIPs includes: Simulation support Dispatches the virtual processors on real CPs to help eliminate the cost associated with purchasing and installing new real specialty-processor hardware Provides a test platform for z/VM guests to exploit mixed-processor configurations Virtualization support Dispatches the virtual processors on corresponding specialty processors of the same type in the real configuration Can help improve your total cost of ownership by allowing spare zAAP and zIIP capacity to be used for guest Java and DB2 workloads. zAAPs and zIIPs cost less than standard CPs ° Potential benefit: Can allow users to assess the operational and CPU utilization implications of configuring a z/OS system with zIIP or zAAP processors without requiring the real specialty processor hardware Avoiding the purchase of additional CPs, thereby helping to reduce your costs both for additional hardware and for software licensing fees Consistent with z/OS, there are no z/VM license fees associated with real zAAP or zIIP processors
VMV53_330 66. GSE zOS Expertenforum 2007, Interlaken IBM Systems Enhanced VSWITCH and guest LAN usability
° Dynamic change support for VLAN ID and promiscuous mode authorization Changes are effective immediately and no longer require a revoke, grant, and uncouple/couple to take effect ° New capability to configure a native VLAN identifier Provides ability to specify a native VLAN identifier for untagged traffic and a default VLAN identifier for guest ports The DEFINE VSWITCH command now supports specification of a native VLAN identifier ° New virtual network monitor domain Virtual NIC data counts are now included in records found in a new Virtual Network monitor domain Recorded data includes: Inbound packets Outbound bytes Frame counts per MAC/VLAN Provided for virtual NICs coupled to any Guest LAN or VSWITCH ° Potential benefit: Enhanced ease-of-use for the VSWITCH and guest LAN environments
VMV53_340 66. GSE zOS Expertenforum 2007, Interlaken IBM Systems Guest support for Modified Indirect Data Address Words (MIDAWs)
° MIDAW facility is a CCW-indirect-data-address word facility being added to z/Architecture to coexist with the current IDAW facility offering alternatives to using CCW data chaining in channel programs ° z/VM V5.3 is designed to provide: Guest use of MIDAWs Operating systems such as z/OS 1.6 (or later) to use this new aspect of z/Architecture without regard to whether the operating systems are running in a logical partition or a virtual machine Capability for guest operating systems to exercise their code-paths just as they would on the real machine ° Potential benefits: Reduce channel, director, and control unit overhead by reducing the number of CCWs and frames processed Decrease response time for exploiting I/O Increase the number of I/O operations per second that can be processed and thus move more data per second, especially on faster FICON channels
VMV53_350 66. GSE zOS Expertenforum 2007, Interlaken IBM Systems Guest ASCII console support
° System ASCII console is a facility that comes with all System z models and is presented by the Hardware Management Console (HMC) ° z/VM V5.3 provides guest access to the system ASCII console Can facilitate recovery of the guest during an emergency situation Uses tools (such as vi and emacs) that are familiar to Linux support staff Supports a VT220 data stream
° Potential benefit: Can help lower system costs by helping to reduce the need to provide alternative facilities, such as duplicate network resources, to achieve desired guest- recoverability characteristics
VMV53_360 66. GSE zOS Expertenforum 2007, Interlaken IBM Systems Enhanced SCSI support
° z/VM V5.3 provides additional enhancements for SCSI disk support for Linux users, including: Point-to-Point Fibre channel links Potential benefit: may provide a lower-cost installation than the current requirement for a Fibre channel switched fabric Dynamically determined preferred paths for emulated FBA devices (EDEVICEs) on SCSI disks in an IBM System Storage DS6000 Potential benefit: No longer need to specify which paths are preferred in a SET EDEVICE command or an EDEVICE configuration-file statement Faster formatting of emulated FBA devices (EDEVICEs) on SCSI disks in an IBM Enterprise Storage Server (ESS) or IBM System Storage DS8000 Display of additional SCSI device characteristics when using the QUERY EDEVICE DETAILS command Checking for erroneous mapping of multiple emulated-device (EDEVICE) definitions onto the same SCSI disk when bringing emulated disks online
VMV53_370 66. GSE zOS Expertenforum 2007, Interlaken IBM Systems SSL Support for additional Linux distributions
° Support will be provided for: Novell SUSE Linux Enterprise Server (SLES) 9 Service Pack 3 (64-bit) Novell SUSE Linux Enterprise Server (SLES) 9 Service Pack 3 (31-bit) Red Hat Enterprise Linux (RHEL) AS 4 Update 4) (64-bit) Red Hat Enterprise Linux (RHEL) AS 4 Update 4) (31-bit) ° SSL server has been enhanced to allow a Linux guest to remain active after a critical error is encountered during server operations. ° SSLADMIN command has been enhanced to: Allow the specification of the number of days that a self-signed certificate is to be valid Enhance the management of the SSL server LOG files, by providing the ability to: Maintain log information in a file named other than SSLADMIN LOG Specify a maximum size to be established for the SSL server log Purge log information accumulated by the SSL server ° Potential benefits: Additional Red Hat Package Manager (RPM) packages supports more distributions
VMV53_380 66. GSE zOS Expertenforum 2007, Interlaken IBM Systems Network virtualization
© 2006 IBM Corporation IBM Systems
VMV53_390 Enhanced virtual network management
° z/VM V5.3 provides: Simple Network Management Protocol (SNMP) data for virtual networking devices SNMP subagent that will return bridge Management Information Base (BRIDGE-MIB) data for the z/VM Virtual Switch (VSWITCH) MIB data returned is defined by RFC 1493 Subagent acquires the information using a Control Program Diagnose interface (Diagnose x‘26C’) Programming interface to obtain information about virtual networks
° Potential benefit: z/VM Helps network administrators: SNMP SNMP Linux Linux Manage virtual network performance Server Subagent NIC NIC Find and solve virtual network problems Diagnose 26C Plan virtual network growth z/VM TCP/IP z/VM Virtual Switch
OSA OSA Network Management Switch Station
VMV53_400 66. GSE zOS Expertenforum 2007, Interlaken IBM Systems Enhanced failover support for IPv4 and IPv6
° Business continuance support – enables failover capability for the z/VM TCP/IP stack in the event of an adapter connection failure Requires two )or more) QDIO or LAN Channel Station (LCS) EthernetI dXevices on the same network When one devices stops or fails, another device is designed to take over responsibility for the traffic destined for the failed device ° Failover support includes: SNA OSA-Express devices (in QDIO Ethernet or LCS Ethernet mode) Virtual IP Addresses (VIPA) Proxied addresses – those which PROXYARP services are being provided through a takeover-eligible device ° Potential benefit: Failover support for Internet Protocol version 4 (IPv4) and Internet Protocol version 6 (IPv6) devices has been enhanced
VMV53_410 66. GSE zOS Expertenforum 2007, Interlaken IBM Systems Virtual IP Address (VIPA) support for IPv6
° Enable and configure a virtual device for IPv6 ° Associate real IPv6-capable network adapters with a specific IPv6 virtual link
° Potential benefit: Designed to improve the capability of the TCP/IP stack to maintain connections in the event that a real network device fails
VMV53_420 66. GSE zOS Expertenforum 2007, Interlaken IBM Systems Additional TCP/IP for z/VM FL530 enhancements
° New Trace Route (TRACERTE) authorization Eliminates the restriction that TRACERTE can only be used by privileged users Potential Benefit: TRACERTE is useful for anyone debugging networking issues ° Dynamic DEVICE and LINK deletion support TCP/IP stack no longer has to be re-cycled to remove devices and links from the stack configuration Potential Benefit: Programmatic access via C and REXX socket interface ° SMTP enhancements Fixes SMTP processing of nickname files; enhances host name resolution Potential Benefit: Allows users to specify a nickname label in SMTP NAMES that matches any of the userids in the list defined by that nickname
VMV53_430 66. GSE zOS Expertenforum 2007, Interlaken IBM Systems Security
© 2006 IBM Corporation IBM Systems
VMV53_440 z/VM LDAP server and client support services
° z/VM LDAP server has been adapted from the IBM z/OS 1.8 Tivoli Directory Server ° Executes in a CMS virtual machine; a subcomponent of z/VM TCP/IP ° Enables a common user name space between z/VM and Linux ° z/VM LDAP server provides: LDAP Version 2 and Version 3 protocol support Interoperability with LDAP V2 or V3 protocol-capable clients Native authentication using: Challenge-Response Authentication Method (CRAM-MD5) DIGEST-MD5 authentication Simple (unencrypted) authentication Access controls on directory information SSL communication (SSL V3 and TLS V1) Client and server authentication using SSL/TLS ° LDAP client utilities provide a way to add, modify, search, and delete entries in any server that accepts LDAP protocol requests ° Interoperates with z/VM RACF Security Server feature ° Potential benefit: New user authentication, authorization, and auditing capabilities
VMV53_450 66. GSE zOS Expertenforum 2007, Interlaken IBM Systems Enhanced system security with longer passwords
° Supports the use of passwords that are longer than eight characters, called password phrases (also known as passphrases) Requires presence of an external security manager (e.g., RACF) May contain mixed-case letters, numbers, blanks, and special characters ° New Callable Services Library (CSL) routine, DMSPASS, allows authorized CMS applications to authenticate passwords or password phrases ° z/VM subcomponents/functions changed to support passphrases: LOGON command File Transfer Protocol (FTP) System Management API Remote Execution Protocol (REXEC) server Internet Message Access Protocol (IMAP) server Performance Toolkit for VM ° Potential benefits: Allows for an exponentially greater number of possible combinations of characters than traditional passwords Enables a z/VM system to meet the enterprise password requirements imposed by many companies, governments, and institutions
IBM Systems VMV53_460 66. GSE zOS Expertenforum 2007, Interlaken SSL server enhancements
° z/VM V5.3 adds Secure Sockets Layer/Transport Layer Security (SSL/TLS) support for: industry-standard secure FTP (RFC 4217) Telnet (draft specification #6) SMTP sessions (RFC 3207) ° New socket APIs to control the acceptance and establishment of TCP sessions that are encrypted with SSL/TLS ° Potential benefit: Helps to reduce the need to dedicate a separate port for secure connections ° z/VM SSL server has been enhanced to more easily allow weak cipher suites to be excluded ° Potential benefit: Helps to enable enforcement of enterprise requirements for strong encryption on network connections (128 bits or higher)
IBM Systems VMV53_470 66. GSE zOS Expertenforum 2007, Interlaken IBM System Storage TS1120 Model E05 Tape Drive encryption support
° Drive-based tape encryption is a standard feature on all newly-shipped IBM System Storage TS1120 Model E05 drives Designed to help address tape data security concerns Chargeable upgrade feature for existing E05 drives ° z/VM supports drive-based data encryption Requires that the IBM Encryption Key Manager be running on another operating system, using an out-of-band (such as TCP/IP) connection to the tape control unit Includes encryption for DDR and SPXTAPE, as well as for guests that do not provide for their own encryption, such as CMS and Linux on System z Enables encryption of tapes by guests, such as z/OS, that have the ability to control the tape- encryption facilities themselves and to optionally run the Encryption Key Manager Support is included in the z/VM V5.3 base product z/VM V5.1 and V5.2 require the PTF for APAR VM64063 ° DFSMS/VM FL221 with the PTF for APAR VM64062: – Supports locating encryption-capable 3592 tape drives in an Enterprise Automated Tape Library – Provides tape-encryption capabilities for a z/VSE guest running on z/VM ° Potential benefit Help protect your data on tape in a more efficient way
IBM Systems VMV53_480 66. GSE zOS Expertenforum 2007, Interlaken Systems management
© 2006 IBM Corporation IBM Systems
VMV53_490 Enhanced management functions for Linux and other virtual images ° New sockets-based server interface for z/VM Systems Management API Multitasking capable and supports both AF_INET and AF_IUCV socket requests Replaces the Remote Procedure Call (RPC) and CSL routines of prior z/VM releases RPC server is still available at a function level that matches z/VM V5.2 IBM intends to remove the RPC server in a future z/VM release ° New functions available with new server include: Create, delete, and query the IPL statement in a virtual image's directory entry Create and delete virtual switches and guest LANs Obtain processor, memory, and device information for active virtual images Check the validity of a given user ID and password combination ° Enhancements to existing functions include: Exploitation of new Asynchronous CP Command function Password phrase support Providing a list of active virtual images Architected output is provided for some query functions that previously returned command responses in a data buffer ° Potential benefit: Applications can be more easily written by customers or solution providers to help administrators, especially those who lack in-depth VM knowledge, manage large numbers of virtual images running in a single z/VM system
VMV53_500 66. GSE zOS Expertenforum 2007, Interlaken IBM Systems Performance Toolkit for VM enhancements
° V5.3 new function includes: Support for passphrases when accessing the Performance Toolkit using the Web interface Change the service process for Performance Toolkit from a full-individual object MODULE to service by individual object parts, reducing the size of the service deliverable Provide new or updated displays and reports to support the following new z/VM V5.3 functions: Linux monitor data for CPU IDs and "steal time" counters Monitor data for virtual network devices and virtual switches Monitor data for guest simulation of zAAPs, zIIPs, and IFLs Monitor data for up to 32 processors in a z/VM image
° Potential benefit: Helps manage your performance more efficiently
VMV53_510 66. GSE zOS Expertenforum 2007, Interlaken IBM Systems Enhanced guest configuration
° DIRECTXA supports a new COMMAND statement in a virtual machine definition or profile to configure the virtual machine ° Any form of a command may be invoked using this capability, including privileged class commands (such as SET RESERVED), on behalf of the virtual machine ° Eliminates the need to provide some other method to configure it
° Potential benefits: Helps improve the guest LOGON process Offers added flexibility and convenience for configuring large-scale virtual server environments
VMV53_520 66. GSE zOS Expertenforum 2007, Interlaken IBM Systems Asynchronous CP Command API
° Introduces a new IUCV service (*ASYNCMD) and a new CP command (FOR) ° The *ASYNCMD system service allows CP command responses from the FOR command to be captured by a program ° The z/VM System Management API (SMAPI) server uses *ASYNCMD ° A REXX exec using the "STARMSG" CMS Pipeline stage can capture the responses
° Potential benefit: Provides an asynchronous method to initiate CP commands for another userid and capture responses which are specific to those commands
VMV53_530 66. GSE zOS Expertenforum 2007, Interlaken IBM Systems Installation, service, and packaging
© 2006 IBM Corporation IBM Systems
VMV53_540 Installation and service changes
° Additional DVD installation options Second-level DVD installation process now supports moving the contents to an FTP server directory or a second-level CMS minidisk and then installing from the server or minidisk Potential benefit: Provides more options for customer environments and can facilitate electronic delivery of z/VM
° Enhanced status information Automated service command, SERVICE, has been enhanced Displays the service and production levels for preventive service (RSU) Displays an applied, built, and production status for corrective service. Potential benefit: Can provide a quicker and easier way to determine service status.
VMV53_550 66. GSE zOS Expertenforum 2007, Interlaken IBM Systems RSCS repackaged as an optional feature
° Remote Spooling Communications Subsystem (RSCS) V3.2.0 (5684-096) has been repackaged as a priced, optional feature of z/VM V5.3 Licensed as an IPLA optional feature OTC charge based on engine-based Value Units Operates only on z/VM V5.3 Operates on standard and IFL processors S&S required for traditional service and no-charge upgrades Preinstalled but disabled, license required ° Provides dynamic command authorization support through a new server: RSCSAUTH Runs in a disconnected virtual machine and is authorized for all RSCS commands Can eliminate the need to re-cycle RSCS when changing system and link authorizations ° Potential benefit: Can be licensed on standard and IFL processors
Note: The stand-alone RSCS V3.2.0 (5684-096) product is planned to be withdrawn from marketing effective September 30, 2007
IBM Systems VMV53_560 66. GSE zOS Expertenforum 2007, Interlaken New RACF Security Server for z/VM
° Licensed as an IPLA optional feature of z/VM V5.3 OTC charge based on Engine-based Value Units Operates on standard and IFL processors Operates only on z/VM V5.3 S&S required for traditional service and no-charge upgrades Preinstalled but disabled, license required ° Provides support for mixed-case passwords and password phrases Password phrase can be a string of up to 100 characters, including blanks, and can be used in addition to, or in place of, the traditional 8-character password An installation exit is provided to help enable customers to define rules governing the length and content of password phrases ° Additional password management enhancements have also been added ° RACF SMF Unload utility has been updated to store the unloaded data in industry-standard XML format, making it suitable to be examined by a variety of applications, including XML browsers and spreadsheets
° Note: IBM intends to withdraw the stand-alone RACF for VM V1.10.0 (5740-XXH) product from marketing on March 5, 2007 and to discontinue service support for the standalone RACF for VM V1.10.0 (5740-XXH) product to be effective May 5, 2008.
All statements regarding IBM's future direction and intent are subject to change or withdrawal without notice, and represent goals and objectives only.
IBM Systems VMV53_570 66. GSE zOS Expertenforum 2007, Interlaken Miscellaneous changes
° U.S. Daylight Saving Time (DST) effect on z/VM U.S. Government's Energy Policy Act of 2005 and corresponding legislation enacted by the governments of Canada and Bermuda extends DST by four weeks, beginning in 2007 in the United States, Canada, and Bermuda New sample system configuration file statements will be shipped with z/VM V5.3 System programmers should change the dates that are specified on TIMEZONE_BOUNDARY statements in the existing system configuration files that their systems use Language Environment PTF for APAR VM64117 must be applied to z/VM V5.1 and V5.2 ° z/Architecture CMS shipped as a sample program Enables the use of z/Architecture instructions, including those that operate on 64-bit registers, by CMS programs Does not exploit or explicitly support 64-bit addressing mode but it does not impose serious restrictions on programs that enter 64-bit addressing mode themselves No formal support available ° Withdrawal of the ROUTED and BOOTP servers The ROUTED and BOOTP servers have been removed from z/VM V5.3 MPRoute is the only dynamic routing server supported by TCP/IP for z/VM FL530
VMV53_580 66. GSE zOS Expertenforum 2007, Interlaken IBM Systems Performance Toolkit for VM FL530
° Licensed as an IPLA optional feature of z/VM V5 OTC charge based on Engine-based Value Units Operates on standard and IFL processors S&S required for traditional service and no-charge upgrades Preinstalled but disabled, license required ° New function level for z/VM V5.3 ° Helps simplify performance analysis and resource management on your z/VM system by analyzing system monitor data and produces performance reports and history files, including: System resource utilization, transaction response time, and throughput Resource utilization by userID, DASD activity, and channel utilization
VMV53_590 66. GSE zOS Expertenforum 2007, Interlaken IBM Systems Directory Maintenance Facility (DirMaint) FL530
° Licensed as an IPLA optional feature of z/VM V5.3 OTC charge based on Engine-based Value Units Operates on standard and IFL processors Operates only run on z/VM V5.3 S&S required for traditional service and no-charge upgrades Preinstalled but disabled, license required ° New function level for z/VM V5.3 ° Provides efficient and security-rich interactive facilities for maintaining your z/VM system directory ° Required support for z/VM V5.3 is applied to the DirMaint feature supplied with the V5.3 system DDRs and system image (DVD)
VMV53_600 66. GSE zOS Expertenforum 2007, Interlaken IBM Systems Primary Uses of z/VM Platform by Product ° Guest ° Systems Management ° Data – Linux on System z – DITTO/ESA – DB2 for VSE and VM – DB2 for VSE and VM – NtuneMON – NFS – DITTO/ESA – CA-VM:Manager – DITTO/ESA – DirMaint, RACF Security – Extended Facilities Product Server, RSCS, Performance – QMF™ Toolkit for VM – STK SnapShot – DFSMS/VM ° Application Development – IBM Backup and Restore Manager, Tape Manager, – C/C++ Compiler z/VM Archive Manager, and – IBM Debug Tool for z/VM V5.3 Operations Manager – COBOL, FORTRAN, PL/I – Tivoli OMEGAMON XE for ® – VisualAge Millennium z/VM and Linux Language Extensions – VisualAge Generator Server – CCCA ° e-business – High Level Assembler – TCP/IP ° Communications – Web390 – ESAWEB – ACF/NCP, ACF/SSP – UltraQuest Reporter – TCP/IP – WebFOCUS – RSCS ° End-User Computing – CA-VM:Webgateway – VM/Pass-Through – DB2 for VSE and VM – EnterWEB – ACF/VTAM, SNA – GDDM®
VMV53_610 66. GSE zOS Expertenforum 2007, Interlaken IBM Systems ß Linux on IBM System z and zSeries ß Hardware Support ß z/VM support for Linux ß Linux Update and Distribution ß Summary
66. GSE zOS Expertenforum 2007, Interlaken IBM Systems Linux Versions
° Former version of Linux for S/390 - 31-bit addressing Linux 31-bit distributions are supported on 9672 S/390 G5 and G6 and S/390 Multiprise® 3000 servers. IBM System z9 and zSeries hardware can also run code built for the 31-bit mainframe systems ° Linux for System z9 and zSeries - 64-bit addressing Linux 64-bit is supported on IBM System z9 and zSeries architecture (z9 EC, z9 BC, z9 109, z990, z890, z900 and z800) ° Applications for Linux on IBM System z or zSeries will either be 64 bit binaries or 31 bit binaries certified for running in 31 bit compatibility mode on 64 bit linux version or Strict 31 bit binaries
66. GSE zOS Expertenforum 2007, Interlaken IBM Systems Kernel 2.6 with Linux on System z and zSeries
° O(1) Scheduler ° New POSIX compliant threading model Allows faster and more processes Kernel assisted threading Response time improvements: linear Speedup for Java multi-threaded appls complexity in 2.6 vs square complexity ° with 2.4 IPv6 and IPsec additional features ° Allows for cryptographic security at network Block I/O protocol level Allows customizable I/O priorities Enables stage I for HW crypto exploitation Asynchronous I/O layer improvements ° New file system and volume manager Big improvement for Web servers and DB features ° Memory Management enhancements XA (extended attributes) Provides more capacity for swapping Mgmt and security improvements for systems Samba servers ° SMP scalability enhancements and per- ext3 with ACL support CPU optimizations ° Constraint relief Performance improvement by lock Support for disks larger than 2 TB contention reduction Support for > 32 CPUs Improved memory consumption
66. GSE zOS Expertenforum 2007, Interlaken IBM Systems Kernel 2.6 – Support for large configurations
Maximum CPU (IA32) 64 Maximum CPU (System z) 64 (hard limit) Maximum RAM (IA32) 64 GB Maximum RAM (System z) 256 GB Maximum major devices 1095 Maximum minor devices 1M Maximum FS size (IA32) 16 TB Maximum FS size (System z) 8 EB Threading Library NPTL Native Posix Threading Library Max. PIDs (Process/ Threads) 1 billion Max. UIDs / GIDs (users/groups) 4 billion
66. GSE zOS Expertenforum 2007, Interlaken IBM Systems Distributions for Linux on System z Latest service Based on Gcc Glibc level kernel D D i i s s t SLES 8 SP4 2.4.21 3.2 2.2.5 t r r i i b b u u t t i SLES 9 SP3 update1 2.6.5 3.3 2.3.3 i o o n n
U U p SLES 10 GA 2.6.16 4.1 2.4 p d d a a t t e RHEL 3 Update 8 2.4.21 3.2.3 2.3.2 e
RHEL 4 Update 4 2.6.9 3.4 2.3.4
RHEL 5 GA 2.6.18 4.1 2.4
66. GSE zOS Expertenforum 2007, Interlaken IBM Systems SLES9 SP3 U1: New Enhancements
zfcp Performance Statistics DIAG250 for 64 bit guests Linux kernel module to access PR/SM LPAR performance data based on diag204 FICON: Add DASD runtime switch for logging FCP performance data collection - I/O statistics
66. GSE zOS Expertenforum 2007, Interlaken IBM Systems RHEL5.0: New Enhancements
•Disaster/Recovery: access by VOLSER •3592 Control Unit recognition •qeth - set IP v4/v6 routers separately •Linux kernel module to access PR/SM •Linux-z/VM Monitor Stream LPAR performance data (diag 204) •Linux API for access to z/VM Monitor records •Channel Path measurement Data •DASD DS6000 support: pref. path •FCP point-to-point support •APPLDATA Enhancements (Linux & •Linux usage of CPU timer z/VM monitor stream) •N-Port-ID Virtualization (NPIV) •Enhance APPLDATA record layout for •Adjustment of CPU Accounting steal time information (Linux & z/VM •(big) xip2fs integration into ext2 monitor stream) •FCP re-IPL/reboot support •s390dbf support for crash •Kernel machine check handling •FCP DS6000 support •SCSI IPL: Export SCSI IPL Parameter List •Software Support for CP Assit for AES, •DASD support for write barriers SHA, and PRNG •s390 debug feature optimization •Exploit zSeries Support for HAL •Enhance zfcp traces & logs - DD •SNMP - include netsnmp package •Enhance zfcp traces & logs - tool •Restrict RHEL 5 on zSeries to 64 bit •Multiple Subchannel Set (MSS) Support for PAV Aliases •dump device configuration •V=V QDIO Pass-thru stage 2 •Provide 31 bit development environment •DIAG250 for 64 bit guests on 64 bit distribution •Support for GuestLAN Sniffer •Pick up newest version of s390tools •Kernel Access to Crypto Hardware: AES & SHA •tune gcc to z9-109 •DASD fast fail support •z990-follow-on new instruction support •ADTools Oprofile Call-Graph-Patch •z990-follow-on tuning •Open source 3590 tape device driver •Kernel stack overflow •Linux PAV support for LPAR avoidance/detection •HyperSwap support in DASD device driver and Common I/O layer •Compiler back-end perfomance improvements stage 2 •DASD awareness for multipath-tools •(= Enable multipath tools for LPAR PAV)
•Deprecate Linux Claw NW DD for IP •Deprecate Linux CTC NW DD for IP
66. GSE zOS Expertenforum 2007, Interlaken IBM Systems Distribution Life Cycle
°
SLES D D i Support (1) –since 8/2005 i s s t t
General Support: GA + 5 years r r i i b Extended Support: GA + 7 years b u Self Support: GA + 10 years u t t
i SLES 8: End of support 11/2007 i o o n n
U ° RHEL U p p d Support (2) d a Full Support: GA + 2.5 years a t t e Deployment : GA + 3 years e Maintenance: GA + 7 years
(1) http://support.novell.com/lifecycle/index.jsp?sourceidint=suplnav5_lifecycle, http://support.novell.com/lifecycle/lcSearchResults.jsp?st=linux&sl=-1&sg=-1&pid=1000&x=34&y=9 (2) http://www.redhat.com/security/updates/errata/ http://www.redhat.com/security/updates/
66. GSE zOS Expertenforum 2007, Interlaken IBM Systems Is SLES 8 supported on System z9?
° SLES 8 is supported by Novell until 11/2007.
° SLES 8 is supported on System z9 in “z990 compatibility mode”: A customer running a workload with SLES 8 on a z990 can safely migrate that workload to a System z9 SLES 8 will not exploit new features of the System z9
° Two “exceptions” apply The System z9 does not support token ring None of the Crypto adapters available for System z9 is supported by SLES 8
° We strongly encourage SLES 8 customers to migrate to SLES 9 or SLES 10.
66. GSE zOS Expertenforum 2007, Interlaken IBM Systems Functional Restrictions
Goal: stream line design of Linux on System z A urge customers to use the best technology available A d d j reduce development & maintenance efforts j u u s s t t i i n ° Restriction to 64 bit distribution support for SLES 10, RHEL 5 & later n g Requires 31bit execution & SW development environment g
H H W W ° Stop support of legacy devices
S S
SLES 10, RHEL 5 & later u u p CTC, CLAW for IP (CTC will remain for SNA: CTCmpc) p p IUCV for IP (IUCV infrastructure remains) p o o r r t “SLES 11” and “RHEL 6” and later t FBA DASD
66. GSE zOS Expertenforum 2007, Interlaken IBM Systems Consequences of 64-bit only Distributions
° HW: S/390 architecture no longer supported A A d
G5, G6, MP3000 d j j u u s s t ° t
z/VM: only 31-bit guests no longer supported i i n n g g
H ° User space applications: H W W
both 31 bit and 64 bit applications supported S S u 31-bit compatibility libraries u p p
Requirement to service and maintain 31 bit applications p p o Which tools do ISVs need to service & maintain their 31-bit SW? o r r t – Debuggers, Profilers, t – Interpreters, … – …
66. GSE zOS Expertenforum 2007, Interlaken IBM Systems Compilers & Architecture Support
° IBM continuously provides enhancements to exploit the new instructions of each new HW generation A A d to tune performance to HW generations d j j u ° Yet SW (Distributions, IBM MW, ISV SW) will be compiled with options that u s s t allow to run SW on all supported HW generations t i i n n g Intention to deal with this in the future g
H Tune each major distribution wrt the key HW generation in the field at GA H W of that distribution W
S With a new major distribution IBM may drop the support of the oldest S u currently supported HW generation u p p p In general no changes between SPs or updates p o o r ° E.g., gcc default options for SLES 10 r t t -tune=z-109 -march=z900
66. GSE zOS Expertenforum 2007, Interlaken IBM Systems Themes & Focus 2007
Themes Pervasive VM Thru Virtualization leadership & ease of use z/OS integration E.g. Linux Utilities for System z, seamless integration, … Large Servers E.g. RAS, I/O scalability & performance
Technology Focus Areas Security E.g. Cryptography improvements (E2E stack!), data security & data integrity Business resiliency & RAS (throughout the SW stack, top down) E.g. thru Multi-system virtualization, application mobility Ease of use Avoiding complexity in the first place and thru improved Systems Management
Basic Hygiene future HW and storage support, as well as software currency
66. GSE zOS Expertenforum 2007, Interlaken IBM Systems Pervasive VM Through Virtualization leadership & ease of use
° Reduce virtualization overhead Directed diag support R CMM2 ° Fast boot support for z/VM guests e l
Kernel NSS support e ° Support Linux Guest monitoring through z/VM tooling (APPLDATA) a s Application data support e Support for dynamic CPU de/attachment
Steal time support T ° Linux guest management (IBM director support) h e AF IUCV support m ° Increase flexibility in z/VM device configuration Improved handling of dynamic subchannel mapping e s
66. GSE zOS Expertenforum 2007, Interlaken IBM Systems z/OS Integration
Share data with z/OS R
3592 tape encryption e l e a s
Share time (stamps) with z/OS e
ETR support T h e m
Joint z/OS Linux D/R solution e s HyperSwap support
66. GSE zOS Expertenforum 2007, Interlaken IBM Systems Large Servers
E.g. LPAR support, I/O scalability & performance R
° Monitoring of virtual servers e l • Linux kernel module to access PR/SM LPAR performance data e a • Channel Path measurement data s e
• High performance data serving T
• Linux PAV support for LPAR h e • I/O & NW Performance tuning m • Dynamic switch for qeth_perf and qdio_perf e s • DASD runtime switch for logging • FCP performance data collection
• Server Management • snIPL SCSI Load
66. GSE zOS Expertenforum 2007, Interlaken IBM Systems Cross Theme Efforts
° Security • Enhanced Linux System Layout • Secure Key Crypto • Sysfs support for Crypto DD • In-kernel Pseudo Random Number Generation R • (3592 tape encryption support) e l e a
° RAS s e • (Dynamic switch for qeth_perf and qdio_perf) • (DASD runtime switch for logging) T • (FCP performance data collection) h • s390dbf for crash e • dump tool enhancements m
• Reboot with alternate parameters from FCP e • IPL/dump on panic s • Device Support • 3592 control unit recognition • (3592 tape encryption)
66. GSE zOS Expertenforum 2007, Interlaken IBM Systems Open source Code Drop 10/2005 and 3/2006
° Kernel ° Kernel Kernel machine check handling ADTools Oprofile Call Graph patch HAL support stage I In-kernel Crypto API access to Hardware Crypto ° Virtual Server ° Virtual Server Adjustment of CPU accounting Collaborative memory management stage 2 xip2fs integration into ext2 ° Networking Linux usage of CPU timer Support for GuestLAN Sniffer User space access to CP commands (1) V=V QDIO Pass-thru stage 2 ° Networking Deprecate the following Linux networking device Linux NCP CDLC support drivers CTC (IP only) ° Storage - ESCON/FICON IUCV (for AF_INET traffic, IUCV base DASD tool harmonization infrastructure is kept) ° Storage - FCP CLAW (IP only) N-Port-ID Virtualization (NPIV) ° Common I/O FCP re-IPL/reboot support Multiple Subchannel Set (MMS) Support zfcp Performance Statistics ° Storage - ESCON/FICON SCSI IPL: Export SCSI IPL Parameter List DIAG250 for 64 bit guests ° RAS HyperSwap support in DASD driver and common Support for new 64bit Vmdump format I/O layer Update SCSI System dumper DASD fast fail support ° Security *All statements regarding IBM’s future direction and intent are subject to CEX2A (PCIXCC fast path) DD support change or withdrawal without notice, and represent goals and objectives only. (1) ... Pre-req for IBM Director and XDR
66. GSE zOS Expertenforum 2007, Interlaken IBM Systems Major ISVs Supporting Linux on System z9 and zSeries
ERP, Production Planning, Logistics Stock tracking °ABAS Software AG °RTS Realtime Systems °SAP Core Banking Applications ° IFS °Sanchez, M2M, S2, ... Database Mail & Calendaring server ° Oracle 9i & 10g °Sendmail (Mail) ° Software AG Tamino (XML Database) °Bynari (Mail & Calendaring) Application & e-business Integration °Nexus Neon °Tibco Development & Testing Tools ° Iona °Logics Software ° BEA WebLogic °Rational Software (now IBM) ° Aeonware (B2B/B2C) °Rogue Wave Software Systems Management °Dignus °BMC Patrol °ACTS (testing) °BMC Mail Server Knowledge Agent °Acucorp Inc. (Cobol solutions) °BMC Web Server Knowledge Agent °MicroFocus °Computer Associates Firewall ° Legato Networker for Linux °zGuard ° LinuxCare (Levanta) °StoneSoft (Stonegate) °Veritas Software Corp. Grid Computing Windows migration (ASP, .NET) °Platform ° Stryon Software °Data Synapse Print server °Globus Toolkit °Macro4
ISVs are constantly releasing new applications for Linux on zSeries
66. GSE zOS Expertenforum 2007, Interlaken IBM Systems ITSO Redbooks / Redpapers
° z/VM and Linux on IBM System z: The Virtualization Cookbook for SLES9,SG24-6695-01 ° Solaris to Linux Migration: A Guide for System Administrators, SG24-7186-00 ° Linux for zSeries and System z9,SG24-6694-00 ° z/VM and Linux on zSeries: From LPAR to Virtual Servers in Two Days,SG24-6695-00 ° Linux on IBM eServer zSeries and S/390: Best Security Practices, SG24-7023-00 ° A Shared WebSphere Application Server Installation for Linux on zSeries,REDP-3998-00 ° WebSphere Portal Installation on Linux for zSeries, REDP-3699-00 ° IBM Communication Controller Migration Guide, SG24-6298-01 ° Linux on zSeries: Samba-3 Performance Observations, REDP-3988-00 ° IBM Lotus Domino 6.5 for Linux on zSeries Implementation, SG24-7021-01 ° IBM Dynamic Infrastructure for mySAP Business Suite on IBM zSeries, SG24-6473-00 ° Experiences with Oracle 10g Database for Linux on zSeries, SG24-6482-00 ° Networking Overview for Linux on zSeries, REDP-3901-00 ° Linux on zSeries: Fibre Channel Protocol Implementation Guide, SG24-6344-00 ° Linux Handbook A Guide to IBM Linux Solutions and Resources, SG24-7000-01
66. GSE zOS Expertenforum 2007, Interlaken IBM Systems ß Linux on IBM System z and zSeries ß Linux Hardware Support ß z/VM support for Linux ß Linux Update and Distribution ß Summary
66. GSE zOS Expertenforum 2007, Interlaken IBM Systems Linux for IBM System z Choosing the correct Linux platform can provide significant advantages
° The legendary IBM mainframe - IBM System z ° The IBM mainframe virtualization capabilities - z/VM 5.2 ° The easy server deployment and configuration – IBM Director Extensions 5.10 ° Open standards operating system - Linux for System z
Linux for System z ° Increased performance and security for application Infrastructure simplification communication Linux NCP CDLC support via OSA OSA Layer 2 sequence numbers for CCL ° Increased service level management N-Port-ID Virtualization (NPIV) retrofit ° FCP re-IPL/reboot support retrofit Increased resource utilization s Security e ° Increased business continuity and disaster recovery g CEX2A (PCIXCC fast path) DD support a
t ° Increased availability, security, and robustness of the Software Support for CP Assist for AES, n SHA, and PRNG a applications
v Integrated Crypto and Related Functions d ° Increased administrator efficiency
A Systems Management ° Reduced number of places one needs to troubleshoot User space access to CP commands Support for new 64-bit VMdump format ° Reduced number of software licenses required to DASD tool harmonization support applications Update SCSI System dumper Enhance FCP traces and logs
66. GSE zOS Expertenforum 2007, Interlaken IBM Systems Linux on IBM System z Take back control of your IT infrastructure ° Unify the infrastructure IT optimization and server consolidation based on virtualization technology and Linux Linux can help to simplify systems management with today's heterogeneous IT environment ° Leverage the mainframe data serving strengths New solution deployed in less time, accessing core data on DB2® on z/OS Reduced networking complexity and improved security network “inside the box” ° A secure and flexible business environment Linux open standards support for easier application integration Unparalleled scale up / scale out capabilities Virtual growth instead of physical expansion on Intel® or RISC servers ° Leverage strengths across the infrastructure Superior performance, simplified management, security-rich environment High-performance security-rich processing with PCICX cryptographic co-processors Backup and restore processes, Parallel Sysplex and GDPS for Disaster Recovery
66. GSE zOS Expertenforum 2007, Interlaken IBM Systems Why should you use Linux on System z?
° Mainframe qualities of service ° The ability to scale up and out ° System z virtualization for consolidation and control ° The ability to add processing power quickly, when it’s needed ° Benefit from established processes and disciplines ° Proximity to data running on other operating systems on the same System z ° To help reduce the cost of operation ° To help reduce complexity and simplify maintenance tasks
For the same reasons that IBM does – it makes good business sense.
66. GSE zOS Expertenforum 2007, Interlaken IBM Systems [email protected]
66. GSE zOS Expertenforum 2007, Interlaken IBM Systems