KNOW-HOW Hercules Mainframe Emulator BIGHercules mainframe BOXES emulator Kirsty Pargeter, Fotolia
Many enterprises still rely heavily on mainframes, which makes it all the more difficult to get your hands on one and install Linux on it. The Hercules emulator gives you a full-fledged alternative. BY BERNHARD BABLOK
ainframes commonly are re- tions, making it unsuitable for the pur- important to configure the host system garded as being reliable, but poses of this article. correctly. First, you need to modify the Malso big, complicated, pricey, In a directory of your choice (e.g., privileges for the /usr/local/bin/hercifc and outmoded in today’s IT landscapes. /usr/local/src), unpack the sources, script, which configures the Tun/Tap Here, the Hercules mainframe editor, change to the /usr/local/src/hercules-3.05 network device when Hercules starts up. which emulates the CPU architecture, directory, and enter configure as shown Just as for any direct device access, you can help. Even if Linux is running in a in Listing 1. After doing so, don’t forget need root privileges for this. The --en- production environment on a main- to check config.log, paying particular at- able-setuid-hercifc configure option (see frame, Hercules still can provide a useful tention to whether Zlib support is avail- Listing 1, line 9) sets the SUID bit, but service for testing and development. able. If the zlib-devel package is not in- the installation script sets group owner- In this article, I will describe how to stalled on SUSE, you will still be able to ship for the file to root, making it impos- set up and configure Hercules and its build and use Hercules, but you will not sible to execute the script as a non-privi- virtual hardware, and then I will focus be able to use the typical Zlib com- leged user. The following lines will set on installing zLinux on Hercules. Finally, pressed virtual hard disks. the permissions correctly: I’ll take a quick look at z/OS – the native After completing the configuration mainframe operating system – and its phase, follow the normal make and su -c # chgrp users U freely available predecessor MVS. "make install" procedure. Now Hercules /usr/local/bin/hercifc is installed, but some manual finishing # chmod 4750 U Download and Installation work is necessary. The HTML-formatted /usr/local/bin/hercifc Hercules 3.04 does not support current documentation is available in /usr/local/ zLinux variants, which is why you share/hercules, with links to additional The following sections only apply to should download the current source resources on the Internet; if you run into openSUSE systems; some details will code for version 3.05 [1]. The RPM, also difficulty, try the mailing list. vary for other operating systems. For the available from the homepage, will install If you will be using TCP/IP network- network connection, Hercules uses the but does not support network connec- ing with a Hercules guest system, it is Tun/Tap device; on a normal system, the
54 ISSUE 90 MAY 2008
054-059_hercules.indd 54 12.03.2008 11:22:10 Uhr Hercules Mainframe Emulator KNOW-HOW
At system launch time, /etc/ Hercules supports emulated printers, init.d/boot.udev copies a num- there are no Linux drivers for the old, ber of devices from /lib/udev/ line-oriented 1403 printer (Figure 1). devices to /dev, so you will However, this is not a major drawback; need to delete the Tun device you can print over the network to the in this directory or modify its host’s CUPS server or to any other print permissions: server available on the network. The virtual hardware is defined in a chgrp users U configuration file (Listing 2), which is /lib/udev/devices/net/tun passed in to the emulator with the -f op- chmod 660 U tion when it’s launched. Hercules does /lib/udev/devices/net/tun not impose any restrictions with respect to the name and directory structure. De- Network Preparation pending on your personal preferences, The Tun/Tap device supports a you can store all your files in a single point-to-point connection be- directory or organize them in subdirecto- tween the host and the guest, ries by file type. which other virtualization so- Virtual hard disks are normal files, as Figure 1: A throwback to the good old days: an IBM lutions call host-only network- with any other emulator. In IBM speak, 1403 line printer. ing. If you want to grant the hard disks are referred to as DASDs (for guest system access to the direct-access storage devices). To create device is owned by root:root and has per- local network – or even the Internet – hard disks for your zLinux installation, missions of 0600. Again, this rules out you also will need to set up NAT. To do enter: access by normal users. However, chang- so, first enable IP forwarding, either per- ing the permissions manually will not do manently in /etc/sysconfig/sysctl (IP_ dasdinit -z -lfs U you much good because the original sta- FORWARD=yes) or manually: dasd/sys1.dasd 3390-3 SYS1 tus is restored when you reboot. dasdinit -z -lfs U Udev is used for device management echo "1" > U dasd/sys2.dasd 3390-3 SYS2 on today’s systems, which is why you /proc/sys/net/ipv4/ip_forward will need to modify the corresponding The -z option configures Zlib compres- Udev rule. On an openSUSE system, Then use iptables to define two rules: sion. Alternatively, you could select -bz2 the /etc/udev/rules.d/50-udev-default. for Bzip2 compression; note that the rules file controls this, and you must iptables -t nat -A POSTROUTING U method is slower, and thus means per- add: -o eth0 -j MASQUERADE formance hits without giving you major iptables -A FORWARD -i U disk space savings. The -lfs option refers KERNEL=="tun", GROUP="users", U tun0 -j ACCEPT NAME="net/%k",MODE="0660" This completes To give /dev/net/tun the right permis- preparation of the sions, type rm /dev/net/tun and mod- host system. Next probe tun. If the device still has incorrect comes creating and permissions after a reboot, don’t worry. configuring the virtual hardware. Listing 1: Building Hercules: Configure Arguments Virtual 01 #!/bin/bash Hardware 02 Hercules supports a whole bunch of vir- 03 PREFIX=/usr/local tual hardware com- 04 ponents, but you 05 ./configure --prefix=$PREFIX \ just need some hard 06 --enable-cckd-bzip2 disks and a network \ connection for 07 zLinux. Because --enable-optimization=yes \ this is a high-end 08 server system, --disable-external-gui \ video, audio, and 09 USB support are ir- Figure 2: The Hercules console showing the supported features on --enable-setuid-hercifc relevant. Although startup.
MAY 2008 ISSUE 90 55
054-059_hercules.indd 55 12.03.2008 11:22:14 Uhr KNOW-HOW Hercules Mainframe Emulator
Listing 2: Hercules Configuration for CentOS 4.5 01 # 17 TZOFFSET +0000 02 # Configuration file for Hercules & CentOS 4.5 18 OSTAILOR LINUX # OS tailoring s390 19 PANRATE SLOW # Panel refresh rate 03 # 20 ARCHMODE ESAME # Architecture mode S/370, 04 ESA/390 or ESAME 05 MODPATH ${MODPATH_HERCULES:=/usr/local/lib/ 21 PGMPRDOS RESTRICTED hercules} 22 06 23 07 CPUSERIAL 002623 24 # Device list 08 CPUMODEL 2096 25 # ------09 MAINSIZE 780 26 10 XPNDSIZE 0 # Expanded storage size in 27 # DASD megabytes 28 11 CNSLPORT 3270 # TCP port number to which 29 0A01 3390 dasd/sys1.dasd consoles connect 30 0A02 3390 dasd/sys2.dasd 12 HTTPROOT ${HTTPROOT_HERCULES:=/usr/local/share/ hercules/} 31 13 HTTPPORT 9091 # HTTP server 32 # Channel to channel: CTCI ip-linux-guest ip-linux-host 14 NUMCPU 1 # Number of CPUs 33 15 NUMVEC 1 # Vector facilities emulated 34 0cc0.2 3088 CTCI 192.168.2.2 192.168.2.1 16 SYSEPOCH 1900
to large file support; that is, dasdinit tion gives you a list of available types ing the device addresses for Linux to will not split up the hard disk into 2GB and their respective sizes [2]. reference the disks. chunks. Depending on your DASD size, The last parameter for dasdinit, the you might want to omit this option so VOLSER name (the disk label), really is Network Interface you can store files on DVD media. not necessary for Linux, but the installa- Hercules emulates various types of net- The file names (dasd/sys?.dasd) are tion writes the label anyway. As a final work connections. The easiest type to arbitrary. The hard disk type (3390-3) step, the administrator needs to add the configure is the channel-to-channel defines the size, which is about 2.7GB in disks to the Hercules configuration file (CTC) connection. To configure two my example. The Hercules documenta- (Listing 2, lines 29-30), thereby assign- type-3088 CTC devices at the addresses 0cc0 and 0cc1, you just need to Listing 3: Verifying the Network Configuration add one line to the configuration 01 [root@sirius:~] # route -n file (Listing 2, line 34), and assign an address of 192.168.2.2 to the 02 Kernel IP routing table guest and 192.168.2.1 to the host. 03 Destination Gateway Genmask Flags Metric Ref Use Iface The HTML documentation explains 04 192.168.2.2 0.0.0.0 255.255.255.255 UH 0 0 0 tun0 the syntax for the device addresses 05 ... in particular. 06 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo To launch Hercules, type the 07 [root@sirius:~] # ifconfig command: 08 eth0 ... hercules -f conf/ U 09 centos45.conf U 10 lo ... > hercules.log 11 12 tun0 Link encap:UNSPEC HWaddr Figure 2 shows the initial output 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 at the Hercules console. Here, the 13 inet addr:192.168.2.1 P-t-P:192.168.2.2 Mask:255.255.255.255 critical message is HHCCT073I, 14 UP POINTOPOINT RUNNING MTU:1500 Metric:1 which tells me that the tun0 net- 15 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 work device is open. Unfortu- 16 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 nately, the message isn’t com- pletely reliable because it depends 17 collisions:0 txqueuelen:500 on the permissions for hercifc; to 18 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) be certain, you have to check
56 ISSUE 90 MAY 2008
054-059_hercules.indd 56 12.03.2008 11:22:16 Uhr Hercules Mainframe Emulator KNOW-HOW
the output from route -n and ifconfig Listing 4: Installation of zLinux: First Phase (Listing 3). Both the routing table (line 4ff.) and 001 Which kind of network device do you intend to use: the network configuration (lines 29-35) 002 .ctc must have entries for the tun0 device. 003 Enter the bus ID and the device number of your CCW devices. 004 CTC/ESCON and LCS need two subchannels: Using Hercules 005 (e.g. "0.0.0600,0.0.0601" will configure the CTC or ESCON interface The Hercules console is used to control 006 with the subchannels 0x600 and 0x601) the system. Hercules supports a large 007 QETH needs three subchannels p.e. 0.0.0300,0.0.0301,0.0.0302 number of commands, the most impor- tant of which is ipl (initial program 008 .0.0.0cc0,0.0.0cc1 load), which initiates the boot process. 009 Enter the FQDN of your new Linux guest (e.g. s390.redhat.com): The maxrates command is useful, too; it 010 .emu-guest.bablokb-local.de outputs the performance in MIPS (mil- 011 Enter the IP address of your new Linux guest: lion instructions per second). 012 .192.168.2.2 Hercules supports alternate consoles. 013 Enter the network address of the new Linux guest: Pressing the Esc key toggles between the line-oriented console shown in Figure 1 014 .192.168.2.0 and the semi-graphic console shown in 015 Enter the IP of your CTC / ESCON / IUCV point-to-point partner: Figure 3. This view gives you the current 016 .192.168.2.1 performance data, and you can see the 017 Select which protocol should be used for the CTC interface register values flash past. 018 0 for compatibility with p.e. VM TCP service machine (default) To run Hercules remotely, you also can 019 1 for enhanced package checking for Linux peers use an http console (Figure 4), which 020 3 for compatibility with OS/390 or z/OS peers the administrator must set up in the con- figuration file (Listing 2, lines 12-13). 021 .0 Also, you can set up username- and 022 Enter your DNS server(s), separated by colons (:): password-based authentication, but this 023 .10.173.112.250 does not change the fact that the http 024 Enter your DNS search domain(s) (if any), separated by colons (:): connection is insecure. 025 . Installing zLinux 026 Enter DASD range (e.g. 200-203 or 200,201,202,203) Mainframes support two system archi- 027 Press
MAY 2008 ISSUE 90 57
054-059_hercules.indd 57 12.03.2008 11:22:17 Uhr KNOW-HOW Hercules Mainframe Emulator
tem to be busy configuring itself for the Hercules console to next hour or so. introduce the new With a real mainframe, on which you device: can opt between HMC (hardware man- agement console) and bootable tapes or attach 0a03 U prepare a volume for zLinux z/OS-side, 3390 dasd/U this process looks very different. home.dasd
After the Installation On the zLinux The ipl command will boot an installed page, typing lsdasd system on Hercules. As a parameter, -s -a shows a list of Hercules expects the boot volume ad- available DASD de- dress (ipl 0a01, in my example). After vices; you can see IPL, a grub-style boot menu appears, al- that a new device Figure 4: The clear-cut Hercules web console. though the system automatically will is available, but of- boot after waiting 15 seconds. The con- fline. Whereas a mainframe operator If you are setting up multiple partitions, sole shows typical startup messages for would now type vary online, root would you need to call fdasd without the -a a (Red Hat) Linux system up until the do this: parameter, which takes you to an fdisk- login prompt. Working directly at the style partitioning menu. console is impractical because it means echo 1 > /sys/bus/ccw/U In the example, you will be using the typing a dot in front of every command drivers/dasd-eckd/U whole volume as a large partition; how- and because some programs will not run 0.0.0a03/online ever, the new device is lost on rebooting. at the console. The use of an SSH con- To prevent this, you need to add a line nection from a different machine makes A quick check with lsdasd and a peek for the device to the Hercules configura- more sense. at the /dev directory show that a dasdc tion file and add a mount entry in /etc/ now exists. fstab. Dynamically Adding Disks Now you need to low-level format and The dasd_mod kernel module expects In principle, zLinux is no different from partition the device: dasdfmt handles the the available devices as a start option; a Linux on any other platform, except for first of these tasks, and fdasd handles change to /etc/modprobe.conf takes care the way it handles hardware. The follow- the second: of this: ing example mounts another disk in /home on the system, but first you must dasdfmt -p -v -l HOME01 -b U options dasd_mod U generate the new disk (file dasd/home. 4096 -d cdl -f /dev/dasdc dasd=0a01-0a03 dasd). Hercules emulates a high-avail- fdasd -a /dev/dasdc ability system; the administrator does mke2fs -j /dev/dasdc To start the system, you need a new Ini- not shut down zLinux but does use the mount /dev/dasdc /home trd. If you want to be on the safe side,
The Mainframe Principle Although Linux still relies on various are SYSUT1 and SYSUT2. Optimization entails additional effort. In schedulers to ensure fair and optimum SYSUT1 (line 5), the input file, is desig- the past, when mainframes were much resource usage, the mainframe world nated as “OLD” – which means that you smaller, this kind of safeguard was more has gone its own way. On a mainframe, need the file exclusively. If another job is important, whereas today’s mainframes users specify the resources they need, processing this file, your job will have to include options that simplify the process. which enables the system to decide wait. An alternative to this is DISP=SHR, The goal of maximizing use has not whether the program should run now, which allows shared (read) access (and changed. Utilization values of 90 percent later, or not at all. Listing 5, a classic might be a more realistic alternative for for 24x7 operations are possible, and copying program, looks fairly compli- a copying program). they make financial sense. cated compared with the cp command, Note the specification of the target file in The protocol that mainframe terminals but complexity has both disadvantages lines 6-9. (NEW,CATLG) stipulates that use to communicate with the host pro- and advantages. the file must not exist and that it should vides another example of maximum Jobs on a mainframe are not much more be cataloged after successful processing. resource utilization. Physical terminals than a stack of punch cards shifted to a If the file exists, the job will not run. The no longer exist; programs such as x3270 file. The job printed here starts with a job other details specify the space require- emulate the protocol. In contrast to Unix card that specifies the memory, run time, ments (primary 5 cylinder, additionally keyboard drivers, which process every and job class, which makes it fairly easy up to 15 times 2 cylinders) and the physi- single key press, the user of a 3270 ter- to prioritize. Next comes the copying cal file format. On Linux, a rogue pro- minal fills out all the fields on the screen program, IEBGENER, and its parameters. gram can completely fill up the filesys- and then transmits everything at once. Host programs use logical filenames to tem; on a mainframe, the program is This reduces the number of processing access files; for IEBGENER, these names stopped if it oversteps its space assign- steps, at the cost of making programs – defined by DD (data definition) cards – ment. such as Vi or Emacs impossible to run.
58 ISSUE 90 MAY 2008
054-059_hercules.indd 58 12.03.2008 11:22:17 Uhr Hercules Mainframe Emulator KNOW-HOW
you might want to copy the existing Ini- the changes from, for example, sys1_ able because operating systems at the trd and add an entry to the boot menu 2.dasd to sys1_1.dasd. To write changes time were distributed openly. in /etc/zipl.conf, to be able to launch the to the original files, you must specify sf- A “turnkey” MVS system is available previous version in case of an error: * force (or omit the read-only option ro). for Hercules: the MVS Turnkey System The Hercules suspend and resume [7][8]. The only additional software you cd /boot commands save and restore the com- need is a 3270 terminal emulator; Linux mv initrd-2.6.9-55.EL.img U plete system state; however, this mecha- users can install the x3270 package that initrd-2.6.9-55.U nism does not work reliably – zLinux comes with their distributions. EL.img.orig will not work after you use it. If you think you can set up a main- mkinitrd -v initrd-2.6.9-55.EL.U frame system quickly and start using it, img 2.6.9-55.EL z/OS and MVS you will be disappointed. Although you vi /etc/zipl.conf From a Linux perspective, the mainframe can boot and down the system using the # -> Modify to load the U is just one architecture out of many, so it “Cookbook” [8], it will not help you original initrd makes sense to look at the operating sys- much if you do not have any previous zipl -V tems that normally run on mainframes. mainframe experience. If you are seri- On the current crop of systems, the oper- ously interested in immersing yourself This procedure is something like the leg- ating system is z/OS 1.x. (Version 1.9 in this material and working your way acy Linux bootloader, lilo, in which you was released in September 2007.) through the available documentation – needed to launch the lilo program after Unfortunately, z/OS is not free. Al- including the current z/OS documenta- modifying the configuration file. though there is an “ADCD” package for tion, which is freely available from IBM developers and a z/OS demo package, – you will enjoy the experience of your Shadow Files Instead of you at least need to lease an IBM ma- own mainframe. Snapshots chine to use it legally. This just leaves Hercules does not use snapshots like the granddaddy of today’s z/OS, MVS Conclusions other virtualization programs, but it (version 3.8), as an alternative for exper- Hercules offers a stable emulator for does implement shadow files, which can imenting at home. mainframe architecture. Running on a be put to similar use. To use a shadow MVS (Multiple Virtual Storage) was powerful midrange system, the perfor- file, you need to change the lines with developed from earlier IBM operating mance should be sufficient to replace a the hard disk configuration slightly (List- systems; its direct predecessor is the OS/ zLinux test LPAR. If you are thinking ing 2, line 29ff.): 360 MVT (Multitasking with a Variable of porting your software to zLinux, you number of Tasks) variant. MVS then be- can use Hercules or the Community 0A01 3390 dasd/sys1.dasd ro U came the operating system for the next Development System for Linux (LCDS), sf=shadow/sys1_*.dasd generation of hardware, the System/370 a service provided by IBM [9]. ■ 0A02 3390 dasd/sys2.dasd ro U computer, which supported virtual sf=shadow/sys2_*.dasd memory as of 1972. INFO Interestingly, the older S/360-67 mod- [1] Hercules: After starting, Hercules automatically els did support virtual memory, but at http:// www. hercules-390. org writes the shadow/sys?_1.dasd files. The the time, batch processing was regarded [2] Conversion table for DASD sizes: sf+ * command at the Hercules console as far more important and hardware sup- http:// www. sdisw. com/ vm/ dasd_ca- creates a new set of shadow files, up to port for memory virtualization was thus pacity. html a maximum of eight files. sf- * merge or omitted from the S/370 series. [3] ThinkBlue/ 64 Linux for zSeries: sf- * nomerge accepts or discards the MVS was released in 1974 and led di- http:// linux. zseries. org changes to the current shadow step. rectly via MVS/XA, MVS/ESA, and OS/ [4] CentOS: http:// www. centos. org Accepting means that sf- merge writes 390 to z/OS. Now MVS is freely avail- [5] MacIsaac, Michael, Ronald Annuss, Wolfgang Engel, et al. Linux for IBM eServer zSeries and S/390: Distribu- Listing 5: Copying a File with IEBGENER tions. Redbooks, 2001: 01 //MYJOB JOB (COPY),'COPY',CLASS=A,MSGCLASS=A,REGION=256K, http:// www. redbooks. ibm. com/ redbooks/ pdfs/ sg246264. pdf 02 // TIME=5,MSGLEVEL=(1,1),NOTIFY=HERC04 [6] Linux Redbook portal: 03 //COPY EXEC PGM=IEBGENER http:// www. redbooks. ibm. com/ Redbooks. nsf/ portals/ Linux 04 //SYSPRINT DD SYSOUT=* [7] The MVS 3.8j Turnkey System: 05 //SYSUT1 DD DISP=OLD,DSN=HERC04.DATEI2 http:// www. ibiblio. org/ jmaynard/ 06 //SYSUT2 DD DSN=HERC04.FILE2.BAK,DISP=(NEW,CATLG), turnkey-mvs-3. zip [8] Information about the MVS Turnkey 07 // UNIT=SYSDA,VOL=SER=PUB002, System: http:// www. bsp-gmbh. com/ 08 // SPACE=(CYL,(5,2,0)), turnkey/ index. html 09 // DCB=(RECFM=FB,LRECL=80,BLKSIZE=4096,DSORG=PS) [9] Community Development System for Linux (LCDS): http:// www-03. ibm. 10 //SYSIN DD DUMMY com/ systems/ z/ os/ linux/ lcds
MAY 2008 ISSUE 90 59
054-059_hercules.indd 59 12.03.2008 11:22:18 Uhr