Cover image for The Virtualization Cookbook for IBM Z Volume 1: IBM z/VM 7.2

The Virtualization Cookbook for IBM Z Volume 1: IBM z/VM 7.2

Release Date: 2021/07/01
ISBN: 9780738459721
Topic:
0%
29
Chapters
0-1
Hours read
0k
Total Words
    Start Reading Now    
       Add to Wishlist       
View table of contents

This IBM® Redbooks® publication is volume one of five in a series of books entitled The Virtualization Cookbook for IBM Z.

The series includes the following volume:


  • The Virtualization Cookbook for IBM z Systems® Volume 1: IBM z/VM® 7.2, SG24-8147
  • The Virtualization Cookbook for IBM Z Volume 2: Red Hat Enterprise Linux 8.2 Servers, SG24-8303
  • The Virtualization Cookbook for IBM z Systems Volume 3: SUSE Linux Enterprise Server 12, SG24-8890
  • The Virtualization Cookbook for IBM z Systems Volume 4: Ubuntu Server 16.04, SG24-8354
  • Virtualization Cookbook for IBM Z Volume 5: KVM, SG24-8463

    It is recommended that you start with Volume 1 of this series because the IBM z/VM hypervisor is the foundation (or base "layer") for installing Linux on IBM Z®.

    This book series assumes that you are generally familiar with IBM Z technology and terminology. It does not assume an in-depth understanding of z/VM or Linux. It is written for individuals who want to start quickly with z/VM and Linux, and get virtual servers up and running in a short time (days, not weeks or months).

    Volume 1 starts with a solution orientation, discusses planning and security, and then, describes z/VM installation methods, configuration, hardening, automation, servicing, networking, optional features, and more.

    It adopts a "cookbook-style" format that provides a concise, repeatable set of procedures for installing, configuring, administering, and maintaining z/VM. This volume also includes a chapter on monitoring z/VM and the Linux virtual servers that are hosted.

    Volumes 2, 3, and 4 assume that you completed all of the steps that are described in Volume 1. From that common foundation, these volumes describe how to create your own Linux virtual servers on IBM Z hardware under IBM z/VM. The cookbook format continues with installing and customizing Linux.

    Volume 5 provides an explanation of the kernel-based virtual machine (KVM) on IBM Z and how it can use the z/Architecture®. It focuses on the planning of the environment and provides installation and configuration definitions that are necessary to build, manage, and monitor a KVM on Z environment. This publication applies to the supported Linux on Z distributions (Red Hat, SUSE, and Ubuntu).

Table of Contents

  1. Front cover
  2. Notices
    1. Trademarks
  3. Preface
    1. Concept of the series
    2. Volumes in this series
    3. Conventions
    4. Operating system releases that are used
    5. Authors
    6. With gratitude
    7. Now you can become a published author, too!
    8. Comments welcome
    9. Stay connected to IBM Redbooks
  4. Summary of changes
    1. Summary of changes in this book
  5. Part 1 z/VM cloud concepts and planning
  6. Chapter 1. Conceptual overview
    1. 1.1 Basic concepts
    2. 1.2 Why choose this hardware platform, and why z/VM?
    3. 1.2.1 Virtualization and cloud computing originated here
    4. 1.2.2 The ultimate virtualization platform
    5. 1.2.3 Optimized for Linux
    6. 1.2.4 The hidden secret
    7. 1.2.5 A community of friends
    8. 1.3 The philosophy that was adopted in authoring this book
    9. 1.4 A high-level overview of components and terminology
    10. 1.4.1 Hardware
    11. 1.4.2 Software
    12. 1.4.3 z/VM capabilities and enhancements by version and release
    13. 1.5 Choices and decisions for this book
    14. 1.6 Single system image design
    15. 1.7 Infrastructure design
    16. 1.8 Usability tests that are performed
    17. 1.9 Critical differences of LOGOFF versus DISCONNECT
    18. 1.10 Summary of Linux and z/VM similarities
  7. Chapter 2. Planning
    1. 2.1 Hardware operation and interface mode
    2. 2.1.1 Processor Resource/Systems Manager
    3. 2.1.2 IBM Dynamic Partition Manager
    4. 2.2 Choosing a z/VM installation method
    5. 2.2.1 Understanding traditional and upgrade installations
    6. 2.2.2 Classifications used in this book
    7. 2.2.3 New and upgrade installations to DASD
    8. 2.2.4 Installing as VMSSI with live guest relocation
    9. 2.2.5 Planning aids
    10. 2.3 Bill of materials
    11. 2.3.1 Hardware
    12. 2.3.2 Software
    13. 2.3.3 Networking
    14. 2.4 Disk planning
    15. 2.4.1 Primary considerations
    16. 2.5 HiperDispatch planning
    17. 2.6 Storage planning
    18. 2.6.1 z/VM 7.2 initial installation and migrations considerations
    19. 2.6.2 Storage allocation
    20. 2.6.3 Global aging list
    21. 2.7 Paging
    22. 2.7.1 Recommendations, tips, and hints
    23. 2.7.2 Calculating paging space
    24. 2.8 Passwords and passphrases
    25. 2.9 Network
    26. 2.9.1 Involvement of stakeholders
    27. 2.9.2 Open Systems Adapters
    28. 2.9.3 Network attachment options and considerations
    29. 2.9.4 Maximum transmission unit size matters
    30. 2.9.5 IBM HiperSockets
    31. 2.9.6 IPv4 and IPv6
    32. 2.10 Channel-to-channel adapter planning
    33. 2.11 z/VM standardized naming conventions
    34. 2.11.1 DASD volume labeling convention
    35. 2.11.2 Virtual network device naming convention
    36. 2.11.3 Minidisk and virtual disk naming convention for Linux
    37. 2.11.4 Backup file naming convention
    38. 2.11.5 Command retrieve convention
    39. 2.12 Architectural overview of this book’s environment
    40. 2.13 Example planning worksheet
    41. 2.13.1 IBM Shop Z
    42. 2.13.2 Hardware Management Console
    43. 2.13.3 z/VM installation planning panels
    44. 2.13.4 z/VM networking resources
    45. 2.13.5 z/VM DASD
    46. 2.13.6 FCP devices
    47. 2.13.7 Linux resources
    48. 2.13.8 Host names and IP addresses
  8. Chapter 3. Security considerations
    1. 3.1 Security policy
    2. 3.2 External Security Manager
    3. 3.2.1 How hypervisor security protects you
    4. 3.2.2 z/VM built-in security
    5. 3.2.3 Improving z/VM security by using an External Security Manager
    6. 3.3 Separation of authority
    7. 3.3.1 Surrogate logon: Logon-by capability
    8. 3.3.2 Maintaining separation of administration tasks
    9. 3.4 Multifactor authentication
    10. 3.5 TLS for network traffic
    11. 3.5.1 Why secure z/VM traffic?
    12. 3.5.2 Enabling TLS for z/VM TN3270 server
  9. Chapter 4. Optional extra features of z/VM
    1. 4.1 IBM Cloud Infrastructure Center
    2. 4.1.1 Infrastructure management
    3. 4.1.2 Automation
    4. 4.1.3 Integration
    5. 4.2 OpenShift
    6. 4.2.1 Benefits of Red Hat OpenShift Container Platform
    7. 4.2.2 Benefits of RHOCP on IBM Z and IBM LinuxONE
    8. 4.2.3 Typical RHOCP deployments and Topologies
    9. 4.2.4 Production environment
    10. 4.2.5 Virtualization and hypervisors
    11. 4.3 Operations Manager
    12. 4.4 Backup and Restore Manager
    13. 4.5 CMS Pipelines and VM utilities
    14. 4.5.1 CMS Pipelines
    15. 4.5.2 VM Utilities
    16. 4.6 zSecure Manager for RACF z/VM
  10. Part 2 Installation, configuration, and service
  11. Chapter 5. Installing z/VM
    1. 5.1 Obtaining z/VM through electronic download
    2. 5.1.1 Placing the order
    3. 5.2 Configuring an FTP server for z/VM installation
    4. 5.2.1 Creating directories on the FTP server and upload the installation image
    5. 5.3 Installing z/VM from a DVD or an FTP server
    6. 5.4 Starting the z/VM installation
    7. 5.4.1 Logging on to HMC
    8. 5.4.2 In-memory z/VM system loaded
    9. 5.5 Installing VMSSI
    10. 5.5.1 Copying the in-memory z/VM system to DASD
    11. 5.5.2 IPL the first VMSSI member
    12. 5.5.3 IPL for the remaining VMSSI members
    13. 5.6 Installing non-SSI z/VM
    14. 5.6.1 Copying in-memory z/VM system to DASD
    15. 5.6.2 IPL the new z/VM 7.2
    16. 5.7 Initial TCP/IP configuration
    17. 5.7.1 Using the z/VM IPWIZARD tool
    18. 5.8 Adding CTCAs to an SSI cluster
    19. 5.8.1 Adding the CTC devices dynamically
    20. 5.8.2 Adding the CTC devices permanently
    21. 5.8.3 Configuring TCPIP to automatically start during the system IPL
  12. Chapter 6. Configuring z/VM
    1. 6.1 Configuring z/VM
    2. 6.2 Configuring the XEDIT PROFILE
    3. 6.3 z/VM parm disks
    4. 6.4 System Configuration file
    5. 6.5 Editing the z/VM SYSTEM CONFIG file
    6. 6.5.1 Modifying features and optimizing parameter settings
    7. 6.5.2 Enabling and configuring virtual networking components
    8. 6.5.3 Using CPSYNTAX to validate the modified system configuration file
    9. 6.5.4 Initializing the allocated DASD for z/VM Service data
    10. 6.5.5 Service-level validation and subscribing to service notifications
    11. 6.6 Enabling and configuring DirMaint
    12. 6.7 Enabling and configuring RACF
    13. 6.7.1 Creating the RACF RPIDIRCT command file
    14. 6.7.2 Customizing SMF
    15. 6.7.3 Copying the RACF databases
    16. 6.7.4 Setting up the AUTOLOG1 and AUTOLOG2 virtual machines
    17. 6.7.5 Enabling RACF
    18. 6.7.6 Putting RACF into production on all members
    19. 6.7.7 Configuring SMAPI to work with RACF
    20. 6.7.8 Configuring LogonBy processing
    21. 6.7.9 Using the RACF SMF data unload utility
    22. 6.8 Implementing more network features
    23. 6.8.1 Enabling z/VM FTP and Network File System functions
    24. 6.8.2 Reconfiguring TCP/IP for high availability by using a VSWITCH
    25. 6.9 Shutting down and IPLing the SSI cluster again
    26. 6.9.1 IPLing the other SSI members
    27. 6.10 Validating and testing your changes
    28. 6.11 Adding page volumes and perm (user) volumes
    29. 6.11.1 Formatting volumes for page space
    30. 6.11.2 Copying the utilities to Shared File System file pools
    31. 6.11.3 Using the CPFORMAT EXEC
    32. 6.11.4 Formatting DASD for minidisks
    33. 6.11.5 Updating the SYSTEM CONFIG file
    34. 6.11.6 Attaching minidisk volumes to the system for use
    35. 6.11.7 Shutting down and IPLing the SSI cluster again
    36. 6.12 Enabling z/VM basic system automation
    37. 6.12.1 Configuring AUTOLOG1’s PROFILE EXEC
    38. 6.12.2 Configuring and enabling the programmable operator facility
    39. 6.13 z/VM User Directory
    40. 6.13.1 z/VM User Directory PROFILEs
    41. 6.13.2 Role-based access controls and CP privilege classes
    42. 6.13.3 Creating and using z/VM User Directory prototypes
    43. 6.13.4 Creating CMSPROTO
    44. 6.13.5 Creating LNXPROTO
    45. 6.13.6 Creating a time-based virtual service machine named CRONSVM
    46. 6.13.7 Creating a console logs repository
    47. 6.14 z/VM security and hardening
    48. 6.14.1 Using an external security manager for correct resource security
    49. 6.14.2 Using LOGONBY for correct accountability
    50. 6.14.3 High-level z/VM security
    51. 6.14.4 Encrypting communications by using SSL/TLS on z/VM
    52. 6.15 Backing up and restoring your z/VM system
    53. 6.16 Creating an SFS file pool for Linux virtual machines
    54. 6.16.1 SFS file pools characteristics
    55. 6.16.2 Adding a directory entry for the new SFS server machine
    56. 6.16.3 Generating the SFS file pool for Linux guest systems
    57. 6.16.4 Adding a directory entry for the SFS administration machine
    58. 6.16.5 Enrolling the Linux virtual machines as USERS
    59. 6.16.6 Adding Linux parm files and REXX EXECs to the LNX file pool
    60. 6.17 Creating identity LNXADMIN for Linux administration
    61. 6.18 Monitoring SFS file pool usage
  13. Chapter 7. z/VM live guest relocation
    1. 7.1 LGR considerations
    2. 7.1.1 General considerations before relocation
    3. 7.1.2 Mandatory memory checking that is performed during relocation
    4. 7.1.3 Optional memory checking that is performed during relocation
    5. 7.1.4 Minimizing link and resource contention
    6. 7.2 Relocate a Linux system
  14. Chapter 8. Servicing z/VM
    1. 8.1 z/VM release schedule
    2. 8.2 Recommended service upgrades
    3. 8.3 Applying a recommended service upgrade
    4. 8.3.1 Getting service from the internet
    5. 8.3.2 Downloading the service files
    6. 8.3.3 Receive, apply, and build the service
    7. 8.3.4 Putting the service into production
    8. 8.4 Applying a program temporary fix
    9. 8.4.1 Getting service by using Shopz
    10. 8.4.2 Determining whether a PTF was applied
    11. 8.4.3 Downloading the service to z/VM
    12. 8.4.4 Receiving, applying, and building the service
    13. 8.4.5 Putting the service into production
    14. 8.4.6 Checking for APARMEMO files
    15. 8.5 Determining the TCP/IP service level
    16. 8.6 Moving on to Linux
  15. Chapter 9. z/VM Centralized Service Management
    1. 9.1 z/VM CSM structure
    2. 9.1.1 z/VM CSM flow overview
    3. 9.1.2 z/VM CSM system requirements
    4. 9.2 Setting up z/VM CSM
    5. 9.2.1 VMPSFS file pool changes
    6. 9.2.2 User ID privilege class
    7. 9.2.3 TCP/IP configuration changes
    8. 9.2.4 VMCSM APAR installation
    9. 9.3 Working with z/VM CSM
    10. 9.3.1 Initializing z/VM CSM by using SERVMGR INIT
    11. 9.3.2 Creating a service level
    12. 9.3.3 Adding a managed system
    13. 9.3.4 Building a service package
    14. 9.3.5 Sending the service package to the managed systems
    15. 9.3.6 Putting the service into production
  16. Part 3 System management
  17. Chapter 10. DirMaint, RACF-connector, and SMAPI
    1. 10.1 IBM Directory Maintenance Facility
    2. 10.1.1 DirMaint features
    3. 10.1.2 DirMaint structure
    4. 10.1.3 Finding DirMaint
    5. 10.1.4 Enabling DirMaint
    6. 10.2 Tailoring DirMaint
    7. 10.2.1 Changing default passwords
    8. 10.2.2 Configuring DirMaint
    9. 10.2.3 Working with DirMaint AUTHFOR file
    10. 10.2.4 Customizing the EXTENT CONTROL file
    11. 10.2.5 Copy User Direct to be initialized by DirMaint
    12. 10.3 Starting DirMaint
    13. 10.3.1 Validating DirMaint
    14. 10.4 DirMaint-RACF Connector
    15. 10.4.1 Configuring RACF-Connector
    16. 10.4.2 Adding RACF connector configuration
    17. 10.4.3 Verifying that DirMaint and RACF work together
    18. 10.5 Systems Management API
    19. 10.5.1 Who needs SMAPI
    20. 10.5.2 Configuring SMAPI to work with RACF
    21. 10.5.3 Shared File System that is used by SMAPI
    22. 10.5.4 SMAPI requirements
    23. 10.5.5 Configuring DirMaint to support SMAPI
    24. 10.5.6 Setting up basic SMAPI configuration
    25. 10.5.7 Defining SMAPI on RACF
    26. 10.5.8 Start SMAPI at IPL time
    27. 10.5.9 Testing SMAPI from the Conversational Monitor System
    28. 10.5.10 Testing SMAPI from Linux by using smaclient
    29. 10.6 Adding a z/VM user ID
    30. 10.6.1 DirMaint commands
  18. Chapter 11. Deploying and maintaining Linux workloads
    1. 11.1 Planning a Linux virtual machine
    2. 11.2 Considerations for disk storage types
    3. 11.2.1 Direct-attached storage devices (DASD)
    4. 11.2.2 Direct-attached Fibre Channel
    5. 11.2.3 Emulated DASD
    6. 11.2.4 Minidisks
    7. 11.2.5 HyperPAV
    8. 11.3 Network attachment options and considerations
    9. 11.3.1 z/VM virtual switch (VSWITCH)
    10. 11.3.2 Direct-attached Open Systems Adapter
    11. 11.3.3 Configuring z/VM to provide direct-attached OSA interfaces
    12. 11.3.4 Configuring z/VM to provide HiperSockets network interfaces
    13. 11.4 Common DirMaint tasks
    14. 11.4.1 DirMaint and the user directory characteristics
    15. 11.4.2 Checking the status of DirMaint and subcomponents
    16. 11.4.3 Adding a USER to z/VM by using a prototype
    17. 11.4.4 Adding a user to z/VM without the use of a prototype
    18. 11.4.5 Adding an IDENTITY to z/VM by using a prototype
    19. 11.4.6 Adding an IDENTITY to z/VM without the use of prototypes
    20. 11.4.7 Changing the amount of memory that is assigned to a user
    21. 11.4.8 Modifying a user
    22. 11.4.9 Deleting a user
    23. 11.4.10 Adding a minidisk to a user or identity
    24. 11.4.11 Getting a copy of the user directory
    25. 11.4.12 Getting and updating the EXTENT CONTROL file
    26. 11.4.13 Cleaning up the work units
    27. 11.4.14 Checking the DirMaint disk map
    28. 11.4.15 Dedicating crypto domains
  19. Chapter 12. Monitoring z/VM and Linux
    1. 12.1 Using basic z/VM commands
    2. 12.1.1 Using the INDICATE command
    3. 12.1.2 CP Query commands
    4. 12.1.3 Other basic and useful z/VM commands
    5. 12.2 z/VM Performance Toolkit
    6. 12.2.1 Configuring IBM Performance Toolkit for VM
    7. 12.2.2 Configuring web browser support
    8. 12.2.3 Configure PERFSVM
    9. 12.2.4 Starting the IBM Performance Toolkit for VM
    10. 12.2.5 Using the IBM Performance Toolkit for VM
    11. 12.3 Collecting and using raw CP monitor data
    12. 12.3.1 Collecting CP monitor data
    13. 12.3.2 Using CP monitor data
    14. 12.4 Monitoring Linux performance for troubleshooting
    15. 12.4.1 Monitoring Linux performance from z/VM
  20. Chapter 13. Disk storage administration
    1. 13.1 Adding disk space to Linux virtual machines
    2. 13.1.1 Making new minidisks or count key data DASD available in Linux
    3. 13.1.2 Making new emulated DASD available in Linux
    4. 13.1.3 Making new zFCP LUN available in Linux
    5. 13.2 Adding a logical volume
    6. 13.2.1 Creating a logical volume and file system
    7. 13.2.2 Updating the file system table
    8. 13.3 Extending a logical volume
    9. 13.4 Moving a physical volume
  21. Chapter 14. Working with networks
    1. 14.1 Setting up a private interconnect
    2. 14.1.1 Directory Network Authorization
    3. 14.1.2 Creating a VSWITCH for interconnect
    4. 14.1.3 Creating an interconnect VLAN on a VSWITCH
    5. 14.2 Creating a HiperSockets device between logical partitions
    6. 14.2.1 Verifying HiperSockets hardware definitions
    7. 14.2.2 Creating a TCP/IP stack on z/OS
    8. 14.2.3 Configuring the HiperSockets interface on Linux
    9. 14.2.4 Verifying connectivity
    10. 14.3 Configuring a port group by using Link Aggregation Control Protocol
    11. 14.3.1 Exclusive-mode port group
    12. 14.3.2 Multiple VSWITCH Link Aggregation
    13. 14.3.3 Global VSwitch recovery
    14. 14.3.4 Link Aggregation Control Protocol
    15. 14.4 Linux network commands
  22. Chapter 15. Miscellaneous recipes and helpful information
    1. 15.1 Installing a package from the IBM VM Download Library
    2. 15.1.1 CMS-based z/VM web browser
    3. 15.1.2 Quick and easy display of DIRMAINT directory records
    4. 15.1.3 Automatic closure of spooled consoles
    5. 15.1.4 TOOLSRUN
    6. 15.1.5 EDEVICE path management
    7. 15.2 Modifying the z/VM LOGON panel
    8. 15.3 Using DirMaint to set special passwords for an ID
    9. 15.4 Resuming a revoked ID in RACF/VM
    10. 15.5 System modifications for wide-screen terminals
    11. 15.6 Manually formatting DASD for use
    12. 15.7 Running Linux under z/VM with restricted permissions
    13. 15.8 Mitigating SSH client timeout disconnects
    14. 15.9 Sharing IBM WebSphere Application Server binaries
  23. Part 4 Appendixes
  24. Appendix A. Configuring a workstation to deploy and administer z/VM
    1. Basic requirements
    2. 3270 terminal emulators
    3. TTY clients
    4. PuTTY: A no-charge SSH client for Microsoft Windows
    5. Setting up a VNC client
    6. IBM 3270 emulators
  25. Appendix B. Reference, cheat sheets, blank worksheets, and education
    1. Related books and publications
    2. Online resources
    3. Important z/VM files
    4. Cheat sheets
    5. Blank planning worksheet
  26. Appendix C. Additional material
    1. Locating the web material
    2. Using the web material
    3. z/VM REXX EXECs and XEDIT macros
    4. Sample files
    5. Linux code
  27. Related publications
    1. IBM Redbooks
    2. Other publications
    3. Online resources
    4. Help from IBM
    5. IBM wants your input
  28. Back cover
18.218.168.16