Re: VTS question
Hi Paul, Is there a more friendlier name for this - "Advanced TS Migrations VTS built on Dell power edge servers … 3480, 3490, and 3590 support"? OP, in addition to Luminex, you can consider - Optica zVT BMC Model9 (called AMI Ops something these days) Visara I don't believe there's a small bro option for TS4500. Sent with Proton Mail secure email. On Friday, May 10th, 2024 at 05:12, Paul Gorlinsky wrote: > Yes … Advanced TS Migrations VTS built on Dell power edge servers … 3480, > 3490, and 3590 support. AES256 and zSTD compressed images and smart support > for replication up to 8 locations, as well as scratch retention for any > duration site chooses. > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: Anyone exploiting ZEDC?
Turning off s/w compression in CICS & Db2 doesn't always work as advertised (meaning, it's not always better to turn off s/w compr and let h/w handle it). Uncompressed = more I/O for SMF processor tooling to handle. With either way of compressing, bytes stored will be around the same but the above was an added waste of CPU. On Wednesday, April 17th, 2024 at 04:49, Andrew Rowley wrote: > On 17/04/2024 7:52 am, Michael Oujesky wrote: > > > My current recommendation is to remove internal compression from CICS > > CMF (110/112) and DB2 (100-102) records, Zedc compress the SMF > > logstreams, then compress the logstream offloads via SMS zEDC > > compression. > > > Have you compared compressed size of zEDC with/without the CICS > compression? I have limited samples, but it looks like zEDC might > compress data better if it has been already been compressed by CICS. Of > course, there is the CPU time to consider. > > I think I/O can also be much faster for zEDC compressed data. > > -- > Andrew Rowley > Black Hill Software > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: Continous Delivery
Could the images and links be updated to reflect what's there in 2024, please. I've scrolled half way through and all the images are of sites that have undergone re-design. On Saturday, March 23rd, 2024 at 20:25, Marna WALLE wrote: > Hello, > There is a Redbook on z/OS Continuous Delivery: > https://www.redbooks.ibm.com/redpapers/pdfs/redp5340.pdf > > (I found it quicky by doing a google search of "z/OS continuous delivery" and > it was the first hit.) > > -Marna WALLE > z/OS System Install and Upgrade > IBM Poughkeepsie > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: ZOS Sending Logs to Sumologic Experience?
Awesome, I know & do tell you directly that you're doing excellent & needed work like zOS-ifying distributed tools. On Thursday, March 7th, 2024 at 15:08, David Crayford <0595a051454b-dmarc-requ...@listserv.ua.edu> wrote: > > On 7 Mar 2024, at 10:08 am, kekronbekron > > 02dee3fcae33-dmarc-requ...@listserv.ua.edu wrote: > > > > > You are making a mistake if you discount the effectiveness of > > > industry-standard tools in analyzing mainframe data. > > > > Let me clarify... I'm not saying don't use it at all. Just saying that > > there seems to be a tendency to lean too heavily on it, after it has gotten > > its foot through the door (for receiving security events). > > I don't expect it to be great for either real-time processing of high > > volume perf data or for archival of said data efficiently, and allowing for > > historical reporting/charting etc. > > I have a solid background in sending metrics to analytical platforms, having > focused on this for the past decade. While platforms like Splunk and Elastic > are primarily designed for logs, they excel in handling metrics, especially > when scaled out in a cluster with sensible retention policies. Incorporating > Kafka as a broker enhances this setup, allowing for efficient stream > aggregation and anomaly detection using tools like the Kafka Streams API or > ksqlDB. We've seen our customers adopt this approach, as evidenced by our > recent service update enabling Kafka to utilize RACF keyring for TLS > connections, a case initiated by your employer, KB. > > The product I'm currently engaged with streamlines seamless streaming to > platforms such as Splunk, Elastic, Instana, and supports Prometheus metrics > visualized through Grafana. Additionally, we're actively pursuing > compatibility with Otel, driven by customer demand. Notably, the introduction > of the Grafana UI in RMF for z/OS 3.1 offers a modernized experience compared > to the outdated 3270 interface, earning praise even from our most seasoned > and skeptical professionals. > > The mainframe is just one piece of a larger puzzle. Customers operate > distributed systems that have long employed modern stacks for visualization > and analysis, and they desire z/OS to seamlessly integrate into that > ecosystem. We face an abundance of requirements that need addressing. The > traditional approach of relying solely on batch reporting tools for > performance analysis is becoming obsolete. Here's a compelling customer case > study that illustrates how upgrading our tools supports them in their > modernization journey. You can find it at > https://www.ibm.com/case-studies/bankdata. > > > On Wednesday, March 6th, 2024 at 21:32, Charles Mills charl...@mcn.org > > wrote: > > > > > I of course saw first-hand a lot of mainframe -> SIEM or Splunk > > > integrations, and they ran the gamut. Some were as you describe; some > > > were quite effective. The worst I saw was one company that was printing > > > an SMF report to spool, using a mainframe product to convert the spooled > > > report to a PDF, and sending it to the SIEM, which dutifully archived it. > > > Made the auditors happy: mission accomplished. On the other hand, believe > > > me, there were customers doing truly amazing "production" and ad hoc > > > analyses both of security and performance data, using Splunk and other > > > tools. (Recall I have no financial or similar interest in BMC, Splunk, or > > > anything similar.) Splunk is not my favorite product -- the company was > > > extremely difficult to deal with and the product is expensive to license, > > > but it is an AMAZING product and many customers and customer people > > > absolutely LOVE it. (That of course is why they are able to charge what > > > they charge.) > > > > > > I was personally on a Zoom call with a very major financial institution > > > that you would recognize in a heartbeat, doing a product new-feature > > > demo, when we caught an intruder in the mainframe, real time. It was a > > > contractor who was authorized to be on the mainframe but who had managed > > > to improperly elevate his privileges to SPECIAL. it was an amazing > > > moment, going from routine vendor product demo to "what the heck is HE > > > doing -- hey, we gotta go." > > > > > > I was not aware of all of the exact details but our processing in > > > conjunction with a SIEM was instrumental in uncovering a money-laundering > > > scheme at a large bank in Mexico. > > > &
Re: ZOS Sending Logs to Sumologic Experience?
> You are making a mistake if you discount the effectiveness of > industry-standard tools in analyzing mainframe data. Let me clarify... I'm not saying don't use it at all. Just saying that there seems to be a tendency to lean too heavily on it, after it has gotten its foot through the door (for receiving security events). I don't expect it to be great for either real-time processing of high volume perf data or for archival of said data efficiently, and allowing for historical reporting/charting etc. On Wednesday, March 6th, 2024 at 21:32, Charles Mills wrote: > I of course saw first-hand a lot of mainframe -> SIEM or Splunk integrations, > and they ran the gamut. Some were as you describe; some were quite effective. > The worst I saw was one company that was printing an SMF report to spool, > using a mainframe product to convert the spooled report to a PDF, and sending > it to the SIEM, which dutifully archived it. Made the auditors happy: mission > accomplished. On the other hand, believe me, there were customers doing truly > amazing "production" and ad hoc analyses both of security and performance > data, using Splunk and other tools. (Recall I have no financial or similar > interest in BMC, Splunk, or anything similar.) Splunk is not my favorite > product -- the company was extremely difficult to deal with and the product > is expensive to license, but it is an AMAZING product and many customers and > customer people absolutely LOVE it. (That of course is why they are able to > charge what they charge.) > > > I was personally on a Zoom call with a very major financial institution that > you would recognize in a heartbeat, doing a product new-feature demo, when we > caught an intruder in the mainframe, real time. It was a contractor who was > authorized to be on the mainframe but who had managed to improperly elevate > his privileges to SPECIAL. it was an amazing moment, going from routine > vendor product demo to "what the heck is HE doing -- hey, we gotta go." > > I was not aware of all of the exact details but our processing in conjunction > with a SIEM was instrumental in uncovering a money-laundering scheme at a > large bank in Mexico. > > My main interest was the security stuff, but yes, customers are doing very > effective analysis of RMF and similar data. You are making a mistake if you > discount the effectiveness of industry-standard tools in analyzing mainframe > data. > > Charles > > On Wed, 6 Mar 2024 15:26:47 +, kekronbekron kekronbek...@protonmail.com > wrote: > > > Exactly. I have my reservations on whether we as mainframe folks are > > choosing this (log analytics products) or are defaulting to it because no > > one is challenging for appropriate options from the mainframe technical > > side. > > For an org, there is of course the valid point of correlation that Charles > > mentions, however, if you objectively work out costs and that, I don't > > think it works out as cost-effective. > > > > We may see kubernetes platforms sending auth logs, syslog, and whatever > > else to log analytics, but they don't send system metrics. > > Time-series data is a different beast altogether. However much > > elastic/splunk/whoever else says they also do metrics, they're only > > secondary features at best. > > There's a reason time-series databases exist, and are necessary. > > > > On Wednesday, March 6th, 2024 at 20:48, Dave Beagle > > 0525eaef6620-dmarc-requ...@listserv.ua.edu wrote: > > > > > We used Splunk at a former employer. Well, not really used it. An auditor > > > “suggested” we implement it to “improve” our mainframe security. The > > > auditor knew nothing about mainframe security. Likely read about Splunk > > > somewhere or saw a session on it at a conference. And of course the topic > > > of “security” is at the top of the heap among executives who wouldn’t > > > know Top Secret from ACF2 from RACF. Especially when they hear that other > > > companies are being hacked or blackmailed in the media nearly every day. > > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: ZOS Sending Logs to Sumologic Experience?
Exactly. I have my reservations on whether we as mainframe folks are choosing this (log analytics products) or are defaulting to it because no one is challenging for appropriate options from the mainframe technical side. For an org, there is of course the valid point of correlation that Charles mentions, however, if you objectively work out costs and that, I don't think it works out as cost-effective. We may see kubernetes platforms sending auth logs, syslog, and whatever else to log analytics, but they don't send system metrics. Time-series data is a different beast altogether. However much elastic/splunk/whoever else says they also do metrics, they're only secondary features at best. There's a reason time-series databases exist, and are necessary. On Wednesday, March 6th, 2024 at 20:48, Dave Beagle <0525eaef6620-dmarc-requ...@listserv.ua.edu> wrote: > We used Splunk at a former employer. Well, not really used it. An auditor > “suggested” we implement it to “improve” our mainframe security. The auditor > knew nothing about mainframe security. Likely read about Splunk somewhere or > saw a session on it at a conference. And of course the topic of “security” is > at the top of the heap among executives who wouldn’t know Top Secret from > ACF2 from RACF. Especially when they hear that other companies are being > hacked or blackmailed in the media nearly every day. > > > Sent from Yahoo Mail for iPhone > > > On Wednesday, March 6, 2024, 10:02 AM, kekronbekron > 02dee3fcae33-dmarc-requ...@listserv.ua.edu wrote: > > > I guess you might say that the whole point of products such as these is > > converting dense "strings & numbers" into logs. > > I agree, except that I think the goal is not to squirrel metrics into logs, > but to get metrics and/or logs (actual SYSLOG) to tooling used outside of > mainframe. > > > no, we want to manage mainframe security 100% on the mainframe" and that > > may be valid, but not every enterprise feels that way. > > Not saying this, I certainly see the value in common tools, especially if it > means adopting good tech from distributed. > > I just don't see how high volume metrics (even if we filter down to just a > few 100, from all SMF types) can be equated to more or less logs, and handle > them like that, except because it's already in use elsewhere in the org. > Instead of chosing the right tool for the job. > > > > On Wednesday, March 6th, 2024 at 20:20, Charles Mills charl...@mcn.org wrote: > > > I guess you might say that the whole point of products such as these is > > converting dense "strings & numbers" into logs. A mainframe security > > "event" is surely as significant to the enterprise as a Linux server > > security event -- it makes sense to many enterprises to get it into their > > enterprise security analysis solution (Splunk, Sumo Logic, or a "SIEM"). > > You may say "no, we want to manage mainframe security 100% on the > > mainframe" and that may be valid, but not every enterprise feels that way. > > I feel that there is a benefit to correlating the two worlds, and > > correlation is what SIEMs and Splunk are good at. In other words, it may be > > relevant that the mainframe is seeing hundreds of invalid password attempts > > at the same time that a Linux server is seeing DoS attacks. > > > > When you think of SMF you may primarily think in terms of job accounting > > and resource management, but the first record type that customers usually > > want to export to Splunk or a SIEM is RACF's type 80. > > > > Yes, SMF is very "dense" and Syslog -- the industry standard logging > > "thing" -- too loosely defined to be called a standard, and not to be > > confused with what we mainframers call SYSLOG -- is basically > > human-readable ASCII text and not very dense at all. The most common format > > is some variant of tag = value, so one binary byte at offset 20 into an SMF > > 80 record might become EventCode = 1 or perhaps Event = RACINIT. > > > > It's a big job. I just looked. At the point I turned the product over to > > BMC it consisted of about 100,000 lines of C++, 26,000 lines of assembler, > > and 60,000 lines of a proprietary schema that mapped, for example, a binary > > byte at offset 20 in an SMF 80 record, to EventCode = nn. > > > > Charles > > > > On Wed, 6 Mar 2024 02:15:14 +, kekronbekron kekronbek...@protonmail.com > > wrote: > > > > > I don't understand this at all... we all know that SMF is not a log, it's > > > a whole bunch of strings & mostly
Re: IBM Announces the z/OS Container Platform
It's neither a supplement or a replacement. So it's an 'other'. This is how I interpret the situation - zCX is for people who don't have Linux on Z, and/or would like to keep this slice of linux in the mainframe domain's garden. zCX is not just Ubuntu. A few other distros will work too, if not all. As you say DJ, zCP is "just" isolation for USS processes. They don't code today for USS, but a whole world of possibility w.r.t tooling is opening up because of the LLVM-based compiler options that IBM provides now. Decades of tools written in C/C++ (now with make, cmake, clang working in zOS) are now "game" in zOS. Same for tools written in Go from recent times. So zCP is a way to deploy them as they would be off of mainframe. The more that native zOS stuff is unix-ified, the more of zOS administration can be managed/controlled from OpenShift Operator for zOS or whatever it's called. At the moment, Ansible is trying to help for working with the MVS-native side. I say "trying to" because I see automated workflows getting horribly complicated -- and still embedding JCL -- and being sold as modernized/improved. 300+ lines of python + yaml to replace 20 lines of JCL... where the 300+ lines embeds said JCL. On Wednesday, March 6th, 2024 at 19:01, Allan Staller <0387911dea17-dmarc-requ...@listserv.ua.edu> wrote: > Classification: Confidential > > How does this compare to z/CX. IS this a supplement? Replacement? Other? > > -Original Message- > From: IBM Mainframe Discussion List IBM-MAIN@LISTSERV.UA.EDU On Behalf Of > Timothy Sipples > > Sent: Tuesday, March 5, 2024 7:45 PM > To: IBM-MAIN@LISTSERV.UA.EDU > Subject: IBM Announces the z/OS Container Platform > > [CAUTION: This Email is from outside the Organization. Unless you trust the > sender, Don't click links or open attachments as it may be a Phishing email, > which can steal your Information and compromise your Computer.] > > I'd like to draw your attention to this IBM announcement: > > https://www.ibm.com/docs/en/announcements/zos-container-platform-delivers-industry-standard-cloud-technologies-build-run-zos-unix-applications-as-containers-natively-zoshttps://www.ibm.com/docs/en/announcements/zos-container-platform-delivers-industry-standard-cloud-technologies-build-run-zos-unix-applications-as-containers-natively-zos?region=US > > > - > Timothy Sipples > Senior Architect > Digital Assets, Industry Solutions, and Cybersecurity IBM Z/LinuxONE, > Asia-Pacific sipp...@sg.ibm.com > > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, send email to > lists...@listserv.ua.edu with the message: INFO IBM-MAIN > ::DISCLAIMER:: > > The contents of this e-mail and any attachment(s) are confidential and > intended for the named recipient(s) only. E-mail transmission is not > guaranteed to be secure or error-free as information could be intercepted, > corrupted, lost, destroyed, arrive late or incomplete, or may contain viruses > in transmission. The e mail and its contents (with or without referred > errors) shall therefore not attach any liability on the originator or HCL or > its affiliates. Views or opinions, if any, presented in this email are solely > those of the author and may not necessarily reflect the views or opinions of > HCL or its affiliates. Any form of reproduction, dissemination, copying, > disclosure, modification, distribution and / or publication of this message > without the prior written consent of authorized representative of HCL is > strictly prohibited. If you have received this email in error please delete > it and notify the sender immediately. Before opening any email and/or > attachments, please check them for viruses and other defects. > > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: ZOS Sending Logs to Sumologic Experience?
> I guess you might say that the whole point of products such as these is > converting dense "strings & numbers" into logs. I agree, except that I think the goal is not to squirrel metrics into logs, but to get metrics and/or logs (actual SYSLOG) to tooling used outside of mainframe. > no, we want to manage mainframe security 100% on the mainframe" and that may > be valid, but not every enterprise feels that way. Not saying this, I certainly see the value in common tools, especially if it means adopting good tech from distributed. I just don't see how high volume metrics (even if we filter down to just a few 100, from all SMF types) can be equated to more or less logs, and handle them like that, except because it's already in use elsewhere in the org. Instead of chosing the right tool for the job. On Wednesday, March 6th, 2024 at 20:20, Charles Mills wrote: > I guess you might say that the whole point of products such as these is > converting dense "strings & numbers" into logs. A mainframe security "event" > is surely as significant to the enterprise as a Linux server security event > -- it makes sense to many enterprises to get it into their enterprise > security analysis solution (Splunk, Sumo Logic, or a "SIEM"). You may say > "no, we want to manage mainframe security 100% on the mainframe" and that may > be valid, but not every enterprise feels that way. I feel that there is a > benefit to correlating the two worlds, and correlation is what SIEMs and > Splunk are good at. In other words, it may be relevant that the mainframe is > seeing hundreds of invalid password attempts at the same time that a Linux > server is seeing DoS attacks. > > When you think of SMF you may primarily think in terms of job accounting and > resource management, but the first record type that customers usually want to > export to Splunk or a SIEM is RACF's type 80. > > Yes, SMF is very "dense" and Syslog -- the industry standard logging "thing" > -- too loosely defined to be called a standard, and not to be confused with > what we mainframers call SYSLOG -- is basically human-readable ASCII text and > not very dense at all. The most common format is some variant of tag = value, > so one binary byte at offset 20 into an SMF 80 record might become EventCode > = 1 or perhaps Event = RACINIT. > > It's a big job. I just looked. At the point I turned the product over to BMC > it consisted of about 100,000 lines of C++, 26,000 lines of assembler, and > 60,000 lines of a proprietary schema that mapped, for example, a binary byte > at offset 20 in an SMF 80 record, to EventCode = nn. > > Charles > > On Wed, 6 Mar 2024 02:15:14 +, kekronbekron kekronbek...@protonmail.com > wrote: > > > I don't understand this at all... we all know that SMF is not a log, it's a > > whole bunch of strings & mostly numbers... metrics. > > Why has it become acceptable to send metrics to a log search tool, knowing > > full well that these are different categories with different solutions. > > Splunk etc. are meant to collect and search through things like http web > > server log, not metrics. > > The information density in a log is low. In SMF, it's very high (there are > > no fluff words, just metrics which may or may not be of use during a given > > activity). > > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: ZOS Sending Logs to Sumologic Experience?
I don't understand this at all... we all know that SMF is not a log, it's a whole bunch of strings & mostly numbers... metrics. Why has it become acceptable to send metrics to a log search tool, knowing full well that these are different categories with different solutions. Splunk etc. are meant to collect and search through things like http web server log, not metrics. The information density in a log is low. In SMF, it's very high (there are no fluff words, just metrics which may or may not be of use during a given activity). On Tuesday, March 5th, 2024 at 00:13, Steve Estle <05dcac13570d-dmarc-requ...@listserv.ua.edu> wrote: > All, > > We are embarking on an endeavor to explore sending logics to a tool called > Sumologic(sumologic.com). For those who are unaware, Sumologic is a > competitor to Splunk and contains a very powerful real time log parsing > analytics engine which can be used to build dashboards, alerts, and more. My > basic question is has anyone heard of or actually been involved in devising > ways to send ZOS logs into Sumalogic - our initial efforts will be security > related, but for now am just asking if anyone has any experience in this > realm at all? Or maybe you are doing something similar to Splunk? If so, you > can post in forum or feel free to reach directly out to me: > > Thanks much, > > Steve Estle > sest...@gmail.com > 303-817-9954 > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: RACF, external password management
MFA and this aren't either or. They're different things. Can the exit only run REXX, or can any language's compiled code be called there (with ADDRESS ...)? On Friday, March 1st, 2024 at 18:17, Robert S. Hansel wrote: > Hi Linda, > > Short term solution is to implement the RACF password change exit ICHPWX01 > and its companion System REXX module IRRPWREX module. Relatively simple to > implement and governs all password changes. IRRPWREX has numerous options you > can activate, such as disallowing repeating characters and specific character > strings, that can address the common password prohibition requirement. The > IBM-provided exit code is available on GitHub: > > https://github.com/IBM/IBM-Z-zOS/tree/main/zOS-RACF/Downloads/RexxPwExit > > Also, implement KDFAES password encryption if you have not already done so. > And I recommend a single SETROPTS PASSWORD RULE of LENGTH(8) MIXEDALL(1:8), > which requires a password to be 8 characters in length and have at least one > letter, one number, and one special character (e.g., National Characters). > This rule alone will block many of the common passwords. Be sure all your > resource managers processing logons can handle special characters. > > Longer term solution is MFA. > > I recommend you contact the authors of this regulation and ask them to > provide you with the list of common passwords they expect you to disallow. > > Regards, Bob > > Robert S. Hansel 2024 IBM Champion > Lead RACF Specialist > RSH Consulting, Inc. > 617-969-8211 > www.linkedin.com/in/roberthansel > www.rshconsulting.com > > -Original Message- > Date: Thu, 29 Feb 2024 14:53:36 -0600 > From: Linda Hagedorn linda.haged...@gmail.com > > Subject: Re: RACF, external password management > > The regulations are from NY state, NYDFS. > https://www.dfs.ny.gov/system/files/documents/2023/12/rf23_nycrr_part_500_amend02_20231101.pdf > > 500.7 Access privileges and management. > > 500.7(c) Each class A company shall monitor privileged access activity and > shall implement: > (1) a privileged access management solution; and > (2) an automated method of blocking commonly used passwords for all accounts > on > information systems owned or controlled by the class A company and wherever > feasible > for all other accounts. > > To automatically block commonly used passwords, a corpus is necessary. For > example, Cybernews Investigation team was able to collect 15m passwords.* If > they can do it, software vendors will see the opportunity here. > > It's one option to force all RACF password changes through a single point. > However, there's a lot of ways to reach the password change process in MVS, > and writing blocks for all of them isn't reasonable. > > The ZMFA holds promise, if I can find a software company that has > bought/collected the same 15m passwords that Cybernews did. I can route all > RACF password changes to the software company for > validation. > > > > *https://cybernews.com/best-password-managers/most-common-passwords/ > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: RACF, external password management
Hi Bob, If it is what I am thinking... I didn't think this day would come. There are hashes of known, breached passwords generally collected. Here's the most prominent one - https://haveibeenpwned.com/Passwords There are blog posts on the same site explaining what it is, how to use that collection, etc. Would be fun indeed if the collection can be brought to zOS and RACF/ACF2 adapted to look up a new pw in it, before using/setting it. On Thursday, February 29th, 2024 at 17:13, Robert S. Hansel wrote: > Hi Linda, > > How do you define "common password"? > > Regards, Bob > > Robert S. Hansel 2024 IBM Champion > Lead RACF Specialist > RSH Consulting, Inc. > 617-969-8211 > www.linkedin.com/in/roberthansel > www.rshconsulting.com > > -Original Message- > Date: Wed, 28 Feb 2024 15:35:54 -0600 > From: Linda Hagedorn linda.haged...@gmail.com > > Subject: RACF, external password management > > My company wants an external password manager to substitute for RACF. > I need to know if anyone has experience with this, or common password > matching in RACF. > > Background > Regulations NYDFS require preventing common passwords to be used. > Vendor tools (Courion, CyberArk, etc.) have a corpus to match password > changes to prevent the use of common passwords. > RACF passwords can be changed from TSO, the internal reader, JCL, Candle > Session manager, etc., so trying to block password changing through RACF and > forcing everyone through one of these 3rd party tools may be near impossible. > > Any input is appreciated. Thanks! Linda > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: Tn3270 back door
Is it an option to turn off cert expiration check in your 3270 desktop software? Are you able to share any cert chain listing... for why it "doesn't see it". On Friday, February 16th, 2024 at 19:31, Kayhan Tanriverir <01bdd42c15bc-dmarc-requ...@listserv.ua.edu> wrote: > Hi > You can find the solution to the error in the IP Diagnosis Guide. Or you can > issue the error code on this site. > If you have decided to use non-secure. You have to reorganize the > TCPPARMS(PROFILE) according to non-SSL usage. Example below: You have to use > port 23 instead of a secure port. > ; -- ; > Configure Telnet ; > -- ; ; > TELNETPARMS: Configure the Telnet Server ; ; - TN3270(E) server port 23 > options ; TelnetParms Port 23 ; Port number 23 (std.) CodePage ISO8859-1 > IBM-1047 ; Linemode ASCII, EBCDIC code pages FULLDATATRACE Inactive 0 ; Let > connections stay around PrtInactive 0 ; Let connections stay around > ScanInterval 900 TimeMark 10800 EndTelnetParms > And ; BeginVTAM Port 23 923 ; Define the LUs to be used for general users. > DEFAULTLUS TCPS0001..TCPS0099 ENDDEFAULTLUS LINEMODEAPPL TSO ; Send all > line-mode terminals directly to TSO. ALLOWAPPL TSO* DISCONNECTABLE ; Allow > all users access to TSO ; applications. ; TSO is multiple applications all > beginning with TSO, ; so use the * to get them all. If a session is closed, ; > disconnect the user rather than log off the user. ALLOWAPPL * ; Allow all > applications that have not been ; previously specified to be accessed. > EndVTAM ; > > > > > > > > > > > > iyi çalışmalar,saygılar / Regards > > > > Kayhan TANRIVERİR > Senior Systems Programmer > > VBT Yazılım A.Ş > > www.vbt.com.tr > > > > > > > > > > > > > > > > > 16 Şubat 2024 Cuma 13:54:52 GMT+3 tarihinde, James Cradesh > 05a6576c6fa2-dmarc-requ...@listserv.ua.eduşunu yazdı: > > > I’m locked out of my test lpar. The ssl cert expired. A new cert was uploaded > but the tn3270 doesn’t see it. I did refresh Pagent but it didn’t help. How > do you get around this situation? Is there a way to enable the non ssl port? > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: Question
Someone will correct me if/where I'm wrong. Open Enterprise SDK for Python - Just python. Comes with pip and virtualenv or venv, which are included in Python distribution these days. pip = package manager. virtualenv / venv = environment manager. Rocket Python = Rocket delivers the open source tools it delivers through Anaconda, which is a Python environment + package manager. I haven't looked but I believe they deliver Bash, and some other tools also via Anaconda "channels". ZOSOpen Tools's Python = It's an empty wrapper. At the moment, it just exists to add itself as a dependency to any Python project you may want to port. All it does is check if Python exists in your sys. Upstreaming zOS-relevant bits of code to Python, I think, is happening completely separate from ZOSOpen Tools's Python. Some of it may well be tied with "Python AI Toolkit for Z". PATZ = Close to OE SDK for Python, but delivered via an IBM hosted & managed repository manager (ex: JFrog Artifactory, Sonatype Nexus). The difference is, PATZ is also a source for python packages that have zOS support (+ acceleration where possible I think) added. There's also the layer of safety of it coming from an IBM "stash" rather than pypi.org directly. pypi = the "stash" where "pip install thing" will get a package from, by default. On Thursday, February 8th, 2024 at 00:01, Rick Troth wrote: > The closest standard is Python's "ctypes". > Now ... some of the guides I have read say that CTYPES only works with > C, but I've found that (within limits) LE calling convention works well > with other languages, not just C. > > In a previous life, I was able to call C from Python (the point being > "to call /native/") without any special rigging other than CTYPES > (included w Python). > > -- R; <>< > > > > On 2/7/24 12:32, Lionel B. Dyck wrote: > > > Add to that question how does the z/OS Open Tools port of python compare to > > Rockets and to the IBM Open Enterprise SDK? > > > > Lionel B. Dyck <>< > > Github:https://github.com/lbdyck > > System Z Enthusiasts Discord: > > https://discord.gg/system-z-enthusiasts-880322471608344597 > > > > “Worry more about your character than your reputation. Character is what you > > are, reputation merely what others think you are.” - - - John Wooden > > > > -Original Message- > > From: IBM Mainframe Discussion listibm-m...@listserv.ua.edu On Behalf Of > > Frank Swarbrick > > Sent: Wednesday, February 7, 2024 11:30 AM > > To:IBM-MAIN@LISTSERV.UA.EDU > > Subject: Re: Question > > > > So here's a curious question. Are IBM Open Enterprise SDK for Python and > > the Python from Rocket Software basically the same, or no? > > > > Frank > > > > From: IBM Mainframe Discussion listibm-m...@listserv.ua.edu on behalf of > > Peter sylvesterpeter.sylves...@gmail.com > > Sent: Tuesday, February 6, 2024 11:15 PM > > To:IBM-MAIN@LISTSERV.UA.EDU IBM-MAIN@LISTSERV.UA.EDU > > Subject: Re: Question > > > > Yes, from the IBM pax installation. And a bit of pipifax. :-) > > > > Python 3.12.0 (heads/pyz_dev-3.12:ef647e3673, Oct 31 2023, 19:02:59) [Clang > > 14.0.0 (build 1465bdb)] on zos On 06/02/2024 19:47, Ed Jaffe wrote: > > > > > Yes. > > > > > > : >python > > > Python 3.11.4 (heads/pyz_dev-3.11.ziip:39640ccf4b, Jul 15 2023, > > > 05:46:13) [Clang 14.0.0 ] on zos Type "help", "copyright", "credits" > > > or "license" for more information > > > On 2/6/2024 10:15 AM, Steve Beaver wrote: > > > > > > > Does anyone have Python installed in your shop? > > > > > > > > Steve > > > > -- > > For IBM-MAIN subscribe / signoff / archive access instructions, send email > > tolists...@listserv.ua.edu with the message: INFO IBM-MAIN > > > > -- > > For IBM-MAIN subscribe / signoff / archive access instructions, send email > > tolists...@listserv.ua.edu with the message: INFO IBM-MAIN > > > > -- > > For IBM-MAIN subscribe / signoff / archive access instructions, > > send email tolists...@listserv.ua.edu with the message: INFO IBM-MAIN > > > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: Reading a scratch tape
In case the sync between CTM-T and OAM isn't real-time, you get some amount of time to unscratch the tape in CTM-T. As a last resort, there are some settings (sorry, I don't remember which ones) in TS7700 that specify how long it keeps the scratched/deleted "tapes" around. So if it comes to that, I believe IBM h/w support can get to the volume from the SE interface (or whatever it's called) of TS7K and extract what you want. On Wednesday, February 7th, 2024 at 20:30, Doug Fuerst wrote: > Clearly this is going to have to be marked as Master or User in the > library and Control-M. RMM it is fairly easy, not sure about Control-M. > The 7700 should also be no issue. > > Doug Fuerst > d...@bkassociates.net > > > -- Original Message -- > From "Gadi Ben-Avi" gad...@malam.com > > To IBM-MAIN@LISTSERV.UA.EDU > Date 2/7/2024 7:13:00 AM > Subject Re: Reading a scratch tape > > > When I did that, I got these messages: > > IGD330I ERROR OCCURRED DURING CBRXLCS PROCESSING- > > FOR DATA SET > > VOLUME REQUESTED BY SPECIFIC VOLUME SERIAL IS A SCRATCH VOLUME > > THE FAILING VOLSER IS P18488 > > IGD306I UNEXPECTED ERROR DURING ?CBRXLCS PROCESSING > > RETURN CODE 8 REASON CODE 51 > > > > Gadi > > > > -Original Message- > > From: IBM Mainframe Discussion List IBM-MAIN@LISTSERV.UA.EDU On Behalf Of > > Doug Fuerst > > Sent: יום ד 07 פברואר 2024 14:05 > > To: IBM-MAIN@LISTSERV.UA.EDU > > Subject: Re: Reading a scratch tape > > > > [You don't often get email from d...@bkassociates.net. Learn why this is > > important at https://aka.ms/LearnAboutSenderIdentification ] > > > > Yes. Just use a VOL=SER reference for the tape, and refer to the file by > > DSN. > > My guess is most of us has hit this issue, and it really is not that > > difficult. I've done it many times. > > > > Doug Fuerst > > d...@bkassociates.net > > > > -- Original Message -- > > From "Gadi Ben-Avi" gad...@malam.com > > To IBM-MAIN@LISTSERV.UA.EDU > > Date 2/7/2024 6:45:39 AM > > Subject Reading a scratch tape > > > > > Hi, > > > We've been asked to attempt to read a file from a scratched tape. > > > > > > We use Control-M/Tape as our tape management system. > > > The tapes are virtual 3490's stored on a TS7770. > > > The tape has many files, but we only need once specific one. > > > If it matters, the file is the output of DB/2 backup. > > > > > > Is this possible? > > > > > > Thanks > > > > > > Gadi > > > > > > -- > > > For IBM-MAIN subscribe / signoff / archive access instructions, send > > > email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > > > -- > > For IBM-MAIN subscribe / signoff / archive access instructions, send email > > to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > > > -- > > For IBM-MAIN subscribe / signoff / archive access instructions, > > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: Opinion
Chiming in to say that the big screen consideration is a real (seeing the whole screen without moving much) reason to want curved. However, if you have 2 screens you can experiment with, just set them tilted in and see if that works for you. I'm assuming big, curved screens cost more, compared to 2x 27" (or whatever) turned inwards. Next thing to consider is 1080p vs 1440p vs higher. BTW, dual or single, a dual-monitor arm is helpful and will be future proof, in case you get another later and want to mount it. On Tuesday, January 16th, 2024 at 11:31, Brian Westerman wrote: > I have a 42 inch curved. The curved screen is very clear and everything is > the same size all the way from left to right. Previously I had a 42 in flat > screen (which I gave to my kid who loves it), but the problem I had was that > as I age, my eyesight isn't able to refocus as quickly so I had to actually > move my chair over to see things on the far left or right. > > The curved screen resolved that issue because no matter where I look it > appears to be the same size and is clear without moving even my head very > much. > > With a smaller screen (say 30 or 32 inch), I don't think it would be as big a > deal because the distance from side to side isn't really enough to cause any > distortion. > > I think going to 49 inches would almost require it to be curved to be usable > as something to program with. With a big screen TV you are far enough back > from it that you don't see any real issues, but sitting just a couple feet > away makes a really big difference. > > Brian > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: NFS Export of Data Set File System
But, if you're willing to pay, this can do it - https://virtualzcomputing.com/ On Wednesday, January 10th, 2024 at 20:36, Paul Gilmartin <042bfe9c879d-dmarc-requ...@listserv.ua.edu> wrote: > On Wed, 10 Jan 2024 14:37:22 +, Mark Jacobs wrote: > > > Can /dsfs and the directories under it be NFS exported such that > > Windows/Linux clients can connect to it and then directly read/write z/OS > > datasets? > > What are you looking for beyond: > https://www.ibm.com/docs/en/zos/3.1.0?topic=introduction-zos-conventional-mvs-data-sets > > > Where's the DSFS User's Guide, which ought to treat such topics? > > -- > gil > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAINBu -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: NFS Export of Data Set File System
Ah yes sorry. Although what I said sounds "interesting", thinking about it a bit more, I don't think what I said below is possible. User has to interact with the unionfs and the "root" of it has to be NFS (for reachability over network). But, I don't think NFS allows its sub-tree or whatever to be anything other than further NFS sub-mounts. On Wednesday, January 10th, 2024 at 20:20, Mark Jacobs <0224d287a4b1-dmarc-requ...@listserv.ua.edu> wrote: > Do you mean the Union File System? > > Mark Jacobs > > Sent from ProtonMail, Swiss-based encrypted email. > > GPG Public Key - > https://api.protonmail.ch/pks/lookup?op=get=markjac...@protonmail.com > > > On Wednesday, January 10th, 2024 at 9:42 AM, kekronbekron > 02dee3fcae33-dmarc-requ...@listserv.ua.edu wrote: > > > > > Something called OverlayFS was recently added to zOS. > > So in theory, > > > > top-level overlayfs --> NFS mount in zOS --> DSFS underneath (serving some > > paths/directories for the overlayFS) > > > > ... this sounds possible? > > > > On Wednesday, January 10th, 2024 at 20:07, Mark Jacobs > > 0224d287a4b1-dmarc-requ...@listserv.ua.edu wrote: > > > > > Can /dsfs and the directories under it be NFS exported such that > > > Windows/Linux clients can connect to it and then directly read/write z/OS > > > datasets? > > > > > > Mark Jacobs > > > > > > Sent from ProtonMail, Swiss-based encrypted email. > > > > > > GPG Public Key - > > > https://api.protonmail.ch/pks/lookup?op=get=markjac...@protonmail.com > > > > > > -- > > > For IBM-MAIN subscribe / signoff / archive access instructions, > > > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > > > -- > > For IBM-MAIN subscribe / signoff / archive access instructions, > > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: NFS Export of Data Set File System
Something called OverlayFS was recently added to zOS. So in theory, top-level overlayfs --> NFS mount in zOS --> DSFS underneath (serving some paths/directories for the overlayFS) ... this sounds possible? On Wednesday, January 10th, 2024 at 20:07, Mark Jacobs <0224d287a4b1-dmarc-requ...@listserv.ua.edu> wrote: > Can /dsfs and the directories under it be NFS exported such that > Windows/Linux clients can connect to it and then directly read/write z/OS > datasets? > > Mark Jacobs > > Sent from ProtonMail, Swiss-based encrypted email. > > GPG Public Key - > https://api.protonmail.ch/pks/lookup?op=get=markjac...@protonmail.com > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: OpenSSH CVE-2023-48795 vulnerability
Yup, just post a comment on the PR, requesting a release. On Monday, January 8th, 2024 at 22:36, Rick Troth wrote: > Thanks! > > I don't see the artifacts for the 9.6p1 build. Do the project > maintainers need to cut a release? > > -- R; <>< > > > > On 1/5/24 20:04, kekronbekron wrote: > > > You could grab the latest (unsupported) release from this repo, once it's > > published. > > Here's a link to the pull request, which introduces the latest version. > > The build has succeeded. > > > > https://github.com/ZOSOpenTools/opensshport/pull/6 > > > > On Saturday, January 6th, 2024 at 05:26, Filip Palian s3...@pjwstk.edu.pl > > wrote: > > > > > For this type of verification SBOMs seems to be the way moving forward: > > > https://cyclonedx.org/use-cases/#known-vulnerabilities > > > > > > Cheers, > > > FP > > > > > > W dniu piątek, 5 stycznia 2024 rpinion865 < > > > 042a019916dd-dmarc-requ...@listserv.ua.edu> napisał(a): > > > > > > > Does anyone know if the z/OS implementation of ssh is vulnerable to > > > > CVE-2023048795? I tried searching > > > > for z/OS and OpenSSH (CVE-2023-48795). But, I did not get any hits > > > > specific to z/OS. Thanks in advance. > > > > > > > > Cross posting to IBMTCP-L and IBM Main > > > > > > > > Sent with Proton Mail secure email. > > > > > > > > -- > > > > For IBM-MAIN subscribe / signoff / archive access instructions, > > > > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > > > > > -- > > > For IBM-MAIN subscribe / signoff / archive access instructions, > > > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > > -- > > > For IBM-MAIN subscribe / signoff / archive access instructions, > > > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: OpenSSH CVE-2023-48795 vulnerability
You could grab the latest (unsupported) release from this repo, once it's published. Here's a link to the pull request, which introduces the latest version. The build has succeeded. https://github.com/ZOSOpenTools/opensshport/pull/6 On Saturday, January 6th, 2024 at 05:26, Filip Palian wrote: > For this type of verification SBOMs seems to be the way moving forward: > https://cyclonedx.org/use-cases/#known-vulnerabilities > > Cheers, > FP > > W dniu piątek, 5 stycznia 2024 rpinion865 < > 042a019916dd-dmarc-requ...@listserv.ua.edu> napisał(a): > > > Does anyone know if the z/OS implementation of ssh is vulnerable to > > CVE-2023048795? I tried searching > > for z/OS and OpenSSH (CVE-2023-48795). But, I did not get any hits > > specific to z/OS. Thanks in advance. > > > > Cross posting to IBMTCP-L and IBM Main > > > > Sent with Proton Mail secure email. > > > > -- > > For IBM-MAIN subscribe / signoff / archive access instructions, > > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: SSH tunneling for unattended process.
Thank you. You know how we sometimes only have vague understanding that somehow stays vague.. Your explanation below popped things into place and cleared the fog I had. Thanks again! On Saturday, December 30th, 2023 at 12:26, Jon Perryman wrote: > On Sat, 30 Dec 2023 04:02:22 +0000, kekronbekron kekronbek...@protonmail.com > wrote: > > > So SSH is used for auth and encryption, > > > SSH has multiple features. Understand that SSH primary feature is "Secure > SHell" where you can issue UNIX commands on a remote UNIX system thru an > encrypted connection. You must login to that remote system thru SSH using one > of the implemented methods (e.g. userid / password). SSH is delivered on most > UNIX systems although it may require some configuration. > > > and mainly just as a tunnel (as the first mail mentioned). > > > Port tunneling is a second feature which I believe disables shell commands > (never bothered to try it). There's plenty of documentation on the internet > (e.g. https://linuxize.com/post/how-to-setup-ssh-tunneling/). > > An unencrypted 3270 connection: > tn3270 -host MVSsystem.com -port 3270 > > Encrypted 3270 connection > ssh -L localhost:100:MVSsystem.com:3270 unix_use...@mvssystem.com > TN3270 -host localhost -port 100 > > Specifying localhost is important because it limits access to his specific > machine. 0.0.0.0 would allow other machines to access MVSsystem.com thru this > machine. > > The server and client can be on either side but I always used the client app > on the machine issuing the SSH with the server on the other machine. > > > The traffic that's tunnelled may be any protocol or a TCP socket. > > > In theory, yes but I've only used it with TCP. > > > and the goal is to just use SSH's ubiquity (say port 22) to make life > > easier w.r.t firewalls and all that. > > > The goal is encryption which is provided by SSH instead of building it into > the application. As for firewalls, I don't see how it changes anything. > Firewall implements NAT, filtering, proxy servers and ???. I would think that > implementing SSL into the client / server would be more secure. > > > I wonder if spiped fits the bill - https://www.tarsnap.com/spiped.html > > > I'm not familiar with SPIPED but from that documentation, it appears it could > be used for this purpose. The drawback is that you must install the client. > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: SSH tunneling for unattended process.
Ah... ok. So SSH is used for auth and encryption, and mainly just as a tunnel (as the first mail mentioned). The traffic that's tunnelled may be any protocol or a TCP socket... and the goal is to just use SSH's ubiquity (say port 22) to make life easier w.r.t firewalls and all that. Is this right? I wonder if spiped fits the bill - https://www.tarsnap.com/spiped.html On Saturday, December 30th, 2023 at 09:17, Paul Gilmartin <042bfe9c879d-dmarc-requ...@listserv.ua.edu> wrote: > On Sat, 30 Dec 2023 02:47:28 +, kekronbekron wrote: > > > Correct me if I'm wrong but I think "ssh -L ..." is just to get to SSH on a > > target machine via a non-standard port? > > I believe that's "ssh -oPort=" which I use regularly to get to a > nonstandard > (portmapped) port. > > I once knew how to use ssh to set up an encrypted connection for a > non-encrypted > service, such as ftp. I no longer remember how. Perhaps see "-L" in > https://linux.die.net/man/1/ssh > > > On Friday, December 29th, 2023 at 20:35, Rick Troth wrote: > > > > > I can't speak for Frank, but he started his inquiry with this: > > > > > > > We're looking at using an SSH tunnel (or reverse tunnel)to encrypt a > > > > > > connection > > > > > > > where the application on the other end does not support TLS. > > > > > > SSH is an excellent choice for this kind of job. > > > You can use SSH directly (with client invoking SSH to launch a service > > > program on the target) > > > or you can establish one or more TCP listeners (either direction) over > > > an SSH session, or any combination. > > > ALL of the traffic handled by way of the SSH session would be encrypted. > > > > > > So I might not have understood exactly what Frank needs, but I'm a firm > > > believer in SSH. > > > > > > Authentication of the remote SSH host is done using the SSH host key(s) > > > on the target system. That's standard. > > > > > > Authentication of the client can be done using an SSH client key (as is > > > my practice) or using PKI certificates (as Colin describes in his blog). > > > Frank indicated that what he needs is unattended/automatic, easily > > > supported using either method. > > > > > > Does that help? > > > > > > -- R; <>< > > > > > > On 12/29/23 09:20, kekronbekron wrote: > > > > > > > Hi Rick/Frank, > > > > > > > > If you have time, could you explain more about this setup. > > > > I don't get what's desired.. > > > > > > > > On Friday, December 29th, 2023 at 19:04, Rick Troth tro...@gmail.com > > > > wrote: > > > > > > > > > Hi Frank -- > > > > > > > > > > BT/DT and it works great. > > > > > > > > > > I took the usual means of capturing the host key of the target: signed > > > > > on as the service account and ran 'ssh' interactively. Ever after, the > > > > > client would not be prompted, but it would fail if the key changed. > > > > > (And > > > > > that's the point.) > > > > > > > > > > The client signed on using an SSH client key. Of course, I had to > > > > > break > > > > > a rule here and magically obviate the need for a pass phrase. (Dark > > > > > magic. Not something we speak about in public.) > > > > > > > > > > In this particular case, I ran it from/etc/inittab on a traditional > > > > > Unix > > > > > (Linux) system. That way when the session would die it would be > > > > > restarted. > > > > > > > > > > This hack used either -L or -R, I forget which, but established a TCP > > > > > listener. All traffic was limited to local (which is the default), so > > > > > no > > > > > risk of someone off-box sending or seeing cleartext. > > > > > > > > > > -- R; <>< > > > > > > > > > > On 12/29/23 04:53, Colin Paice wrote: > > > > > > > > > > > Frank, > > > > > > What do you have on the z/OS end? If the back end supports it, it > > > > > > can map > > > > > > from a certificate to a userid. > > > > > > See Using certificates to logon to z/OS > > > > > > https://colinpaice
Re: SSH tunneling for unattended process.
Thanks Rick. This is the part I don't follow... "You can use SSH directly (with client invoking SSH to launch a service program on the target)". Is it possible to make a simple example? User A at Machine A wants to connect via port 4321 to machine B port 22, and it's just good old SSH connectivity. I don't understand the "encrypt a connection" part. Meaning, SSH-ing into machines is well known and there's encryption etc. Correct me if I'm wrong but I think "ssh -L ..." is just to get to SSH on a target machine via a non-standard port? On Friday, December 29th, 2023 at 20:35, Rick Troth wrote: > I can't speak for Frank, but he started his inquiry with this: > > > We're looking at using an SSH tunnel (or reverse tunnel)to encrypt a > > connection > > > where the application on the other end does not support TLS. > > > SSH is an excellent choice for this kind of job. > You can use SSH directly (with client invoking SSH to launch a service > program on the target) > or you can establish one or more TCP listeners (either direction) over > an SSH session, or any combination. > ALL of the traffic handled by way of the SSH session would be encrypted. > > So I might not have understood exactly what Frank needs, but I'm a firm > believer in SSH. > > Authentication of the remote SSH host is done using the SSH host key(s) > on the target system. That's standard. > > Authentication of the client can be done using an SSH client key (as is > my practice) or using PKI certificates (as Colin describes in his blog). > Frank indicated that what he needs is unattended/automatic, easily > supported using either method. > > Does that help? > > -- R; <>< > > > > On 12/29/23 09:20, kekronbekron wrote: > > > Hi Rick/Frank, > > > > If you have time, could you explain more about this setup. > > I don't get what's desired.. > > > > On Friday, December 29th, 2023 at 19:04, Rick Troth tro...@gmail.com wrote: > > > > > Hi Frank -- > > > > > > BT/DT and it works great. > > > > > > I took the usual means of capturing the host key of the target: signed > > > on as the service account and ran 'ssh' interactively. Ever after, the > > > client would not be prompted, but it would fail if the key changed. (And > > > that's the point.) > > > > > > The client signed on using an SSH client key. Of course, I had to break > > > a rule here and magically obviate the need for a pass phrase. (Dark > > > magic. Not something we speak about in public.) > > > > > > In this particular case, I ran it from/etc/inittab on a traditional Unix > > > (Linux) system. That way when the session would die it would be restarted. > > > > > > This hack used either -L or -R, I forget which, but established a TCP > > > listener. All traffic was limited to local (which is the default), so no > > > risk of someone off-box sending or seeing cleartext. > > > > > > -- R; <>< > > > > > > On 12/29/23 04:53, Colin Paice wrote: > > > > > > > Frank, > > > > What do you have on the z/OS end? If the back end supports it, it can > > > > map > > > > from a certificate to a userid. > > > > See Using certificates to logon to z/OS > > > > https://colinpaice.blog/2023/03/28/using-certificates-to-logon-to-z-os/ > > > > andWhat’s the difference between RACDCERT MAP and RACMAP? > > > > https://colinpaice.blog/2020/07/28/whats-the-difference-between-racdcert-map-and-racmap/ > > > > Colin > > > > > > > > On Fri, 29 Dec 2023 at 06:27, Frank swarbrickfrank.swarbr...@outlook.com > > > > wrote: > > > > > > > > > We're looking at using an SSH tunnel (or reverse tunnel) to encrypt a > > > > > connection where the application on the other end does not support > > > > > TLS. > > > > > The POC looks to be working. I am now pondering on the steps required > > > > > to > > > > > make setting up the tunnel an automated process. It seems to me that > > > > > we'd > > > > > want the z/OS user to be a "protected" user > > > > > (NOPASSWORD/NOPHRASE/NOOIDCARD). Would this require that we use SSH > > > > > host > > > > > based authentication? I imagine that the user would require an OMVS > > > > > segment. I wonder if it would need a shell or home directory. Any > > > > > othe
Re: Checking status of multiple datasets in CLIST and REXX
Yup, I originally wanted to add a note saying it won't work for the second part. Left it out as I then thought that'll be known already. On Friday, December 29th, 2023 at 20:35, David Spiegel <0468385049d1-dmarc-requ...@listserv.ua.edu> wrote: > Hi KB, > CSI won't tell you anything about ALLOCATEd DDNAMES. > > Regards, > David > > On 2023-12-29 09:55, kekronbekron wrote: > > > There's a catalog search interface (CSI), and I think there's a sample REXX > > for using it in SAMPLIB. > > > > On Friday, December 29th, 2023 at 20:17, Seymour J Metz sme...@gmu.edu > > wrote: > > > > > I need to check whether any of a list of datasets exists and whether any > > > of a list of ddnames is allocated. I'd rather not trap and parse the > > > output of LISTALC and LISTCAT, and I'd rather not call LISTDSI for each > > > one. Is there a simple way to do that in REXX, or would it be better to > > > write a small service routine in assembler? > > > > > > I don't have a requirement to handle XTIOT. > > > > > > -- > > > Shmuel (Seymour J.) Metz > > > http://mason.gmu.edu/~smetz3 > > > עַם יִשְׂרָאֵל חַי > > > נֵ֣צַח יִשְׂרָאֵ֔ל לֹ֥א יְשַׁקֵּ֖ר > > > > > > -- > > > For IBM-MAIN subscribe / signoff / archive access instructions, > > > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > > -- > > > For IBM-MAIN subscribe / signoff / archive access instructions, > > > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: Checking status of multiple datasets in CLIST and REXX
https://www.ibm.com/support/pages/apar/II14316 https://public.dhe.ibm.com/servers/storage/support/software/dfsms/cattools/ On Friday, December 29th, 2023 at 20:25, kekronbekron <02dee3fcae33-dmarc-requ...@listserv.ua.edu> wrote: > There's a catalog search interface (CSI), and I think there's a sample REXX > for using it in SAMPLIB. > > > > On Friday, December 29th, 2023 at 20:17, Seymour J Metz sme...@gmu.edu wrote: > > > > > I need to check whether any of a list of datasets exists and whether any of > > a list of ddnames is allocated. I'd rather not trap and parse the output of > > LISTALC and LISTCAT, and I'd rather not call LISTDSI for each one. Is there > > a simple way to do that in REXX, or would it be better to write a small > > service routine in assembler? > > > > I don't have a requirement to handle XTIOT. > > > > -- > > Shmuel (Seymour J.) Metz > > http://mason.gmu.edu/~smetz3 > > עַם יִשְׂרָאֵל חַי > > נֵ֣צַח יִשְׂרָאֵ֔ל לֹ֥א יְשַׁקֵּ֖ר > > > > -- > > For IBM-MAIN subscribe / signoff / archive access instructions, > > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: Checking status of multiple datasets in CLIST and REXX
There's a catalog search interface (CSI), and I think there's a sample REXX for using it in SAMPLIB. On Friday, December 29th, 2023 at 20:17, Seymour J Metz wrote: > I need to check whether any of a list of datasets exists and whether any of a > list of ddnames is allocated. I'd rather not trap and parse the output of > LISTALC and LISTCAT, and I'd rather not call LISTDSI for each one. Is there a > simple way to do that in REXX, or would it be better to write a small service > routine in assembler? > > I don't have a requirement to handle XTIOT. > > -- > Shmuel (Seymour J.) Metz > http://mason.gmu.edu/~smetz3 > עַם יִשְׂרָאֵל חַי > נֵ֣צַח יִשְׂרָאֵ֔ל לֹ֥א יְשַׁקֵּ֖ר > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: SSH tunneling for unattended process.
Hi Rick/Frank, If you have time, could you explain more about this setup. I don't get what's desired.. On Friday, December 29th, 2023 at 19:04, Rick Troth wrote: > Hi Frank -- > > BT/DT and it works great. > > I took the usual means of capturing the host key of the target: signed > on as the service account and ran 'ssh' interactively. Ever after, the > client would not be prompted, but it would fail if the key changed. (And > that's the point.) > > The client signed on using an SSH client key. Of course, I had to break > a rule here and magically obviate the need for a pass phrase. (Dark > magic. Not something we speak about in public.) > > In this particular case, I ran it from/etc/inittab on a traditional Unix > (Linux) system. That way when the session would die it would be restarted. > > This hack used either -L or -R, I forget which, but established a TCP > listener. All traffic was limited to local (which is the default), so no > risk of someone off-box sending or seeing cleartext. > > -- R; <>< > > > > > > On 12/29/23 04:53, Colin Paice wrote: > > > Frank, > > What do you have on the z/OS end? If the back end supports it, it can map > > from a certificate to a userid. > > See Using certificates to logon to z/OS > > https://colinpaice.blog/2023/03/28/using-certificates-to-logon-to-z-os/ > > andWhat’s the difference between RACDCERT MAP and RACMAP? > > https://colinpaice.blog/2020/07/28/whats-the-difference-between-racdcert-map-and-racmap/ > > Colin > > > > On Fri, 29 Dec 2023 at 06:27, Frank swarbrickfrank.swarbr...@outlook.com > > wrote: > > > > > We're looking at using an SSH tunnel (or reverse tunnel) to encrypt a > > > connection where the application on the other end does not support TLS. > > > The POC looks to be working. I am now pondering on the steps required to > > > make setting up the tunnel an automated process. It seems to me that we'd > > > want the z/OS user to be a "protected" user > > > (NOPASSWORD/NOPHRASE/NOOIDCARD). Would this require that we use SSH host > > > based authentication? I imagine that the user would require an OMVS > > > segment. I wonder if it would need a shell or home directory. Any other > > > thoughts? > > > > > > Thanks, > > > Frank > > > > > > -- > > > For IBM-MAIN subscribe / signoff / archive access instructions, > > > send email tolists...@listserv.ua.edu with the message: INFO IBM-MAIN > > > > -- > > For IBM-MAIN subscribe / signoff / archive access instructions, > > send email tolists...@listserv.ua.edu with the message: INFO IBM-MAIN > > > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: SQA overflow condition
Yup, I've used V CN(*),ROUT=ALL and V CN(*),ROUT=NONE right before and right after IPLs to keep tabs on what's going on. On Wednesday, December 13th, 2023 at 18:32, Steve Horein wrote: > System Automation can use SYSCONS with the Processor Operations (ProcOps) > functionality. I take advantage of that, having SYSCONS activated in PD > mode 24/7, but issue VARY CN(),ROUT=NONE on that console once the system > is fully up (the MONITOR JOBNAMES/SESS/STATUS console attribute is honored > regardless of ROUT settings) . At system shutdown time, another VARY > CN(),ROUT=(1,2,10) is issued for monitoring progress and "external" > automation when the time comes. D C,CN= may show some > > undesirable routing codes or DEL attributes included in the CONSOLxx > "DEVNUM(SYSCONS)" definitions. > > https://www.ibm.com/docs/en/zos/2.5.0?topic=rc-routing-code-meaning-1 > https://www.ibm.com/docs/en/zos/2.5.0?topic=consolxx-syntax-parameters-console-statement > > On Wed, Dec 13, 2023 at 4:29 AM Peter dbajava...@gmail.com wrote: > > > Finally found the reason for this condition > > > > Our HMC operating system message(SYSCONS) were flooding with a product > > error message > > > > After resetting the SYSCONS > > > > ESQA got a relief and deactivated SYSCONS from operating system message > > console in HMC > > > > On Tue, Dec 12, 2023, 2:34 PM Peter dbajava...@gmail.com wrote: > > > > > Are there any tools available in cbttape to view 78-2 ? > > > > > > On Tue, Dec 12, 2023, 2:01 PM Martin Packer martin_pac...@uk.ibm.com > > > wrote: > > > > > > > Right. To Allan’s point it’s CSA that shows up by key. Though SQA > > > > subpools are in the 78-2. > > > > > > > > I also agree with Paul’s point that a longitudinal view can prove > > > > helpful. Even Time Of Day could be helpful. Even comparing one system to > > > > another, likewise. > > > > > > > > Cheers, Martin > > > > > > > > From: IBM Mainframe Discussion List IBM-MAIN@LISTSERV.UA.EDU on > > > > behalf > > > > of Paul Feller prjfeller1...@gmail.com > > > > Date: Monday, 11 December 2023 at 14:20 > > > > To: IBM-MAIN@LISTSERV.UA.EDU IBM-MAIN@LISTSERV.UA.EDU > > > > Subject: [EXTERNAL] Re: SQA overflow condition > > > > Peter, several people have given you some good suggestions. There are a > > > > few things you need to think about. > > > > > > > > 1) As others have said, EQSA overflow is not a bad thing as long as your > > > > ECSA is okay. At the place I last worked at we routinely saw ESQA > > > > overflow > > > > on some of our larger lpars that had lots of activity. > > > > 2) Has you ESQA always been "running" high and now it finaly has statred > > > > to overflowing? > > > > 3) If you have RMF and have SMF history data you can look back at how > > > > your CSA/SQA usage has been doing. You can use the batch reporting > > > > function of RMF. I think the manual is "z/OS Resource Measurement > > > > Facility > > > > Report Analysis" that should help you. > > > > 4) I would suggest you talk to the vendor about your question around the > > > > SVC module. > > > > > > > > Paul > > > > > > > > -Original Message- > > > > From: IBM Mainframe Discussion List IBM-MAIN@LISTSERV.UA.EDU On > > > > Behalf > > > > Of Allan Staller > > > > Sent: Monday, December 11, 2023 7:39 AM > > > > To: IBM-MAIN@LISTSERV.UA.EDU > > > > Subject: Re: SQA overflow condition > > > > > > > > Classification: Confidential > > > > > > > > RMF will do this provided VSTOR(D) is specified in ERBRMFxx. It will > > > > show the alllocations, but not necessarily the "actual" user. > > > > E,g. VTAM, TCPIP,. > > > > > > > > HTH > > > > > > > > -Original Message- > > > > From: IBM Mainframe Discussion List IBM-MAIN@LISTSERV.UA.EDU On > > > > Behalf > > > > Of Peter > > > > Sent: Sunday, December 10, 2023 10:29 PM > > > > To: IBM-MAIN@LISTSERV.UA.EDU > > > > Subject: Re: SQA overflow condition > > > > > > > > [CAUTION: This Email is from outside the Organization. Unless you trust > > > > the sender, Don’t click links or open attachments as it may be a > > > > Phishing > > > > email, which can steal your Information and compromise your Computer.] > > > > > > > > The ESQA usage has gone to 108%. > > > > > > > > Is there any tool available in CBTTAPEA which can tell me or trace SQA > > > > users and who are not releasing the storage? > > > > > > > > On Mon, Nov 27, 2023, 5:37 PM Allan Staller < > > > > 0387911dea17-dmarc-requ...@listserv.ua.edu> wrote: > > > > > > > > > Classification: Confidential > > > > > > > > > > 100% concur w/Martin > > > > > > > > > > -Original Message- > > > > > From: IBM Mainframe Discussion List IBM-MAIN@LISTSERV.UA.EDU On > > > > > Behalf Of Martin Packer > > > > > Sent: Sunday, November 26, 2023 2:39 AM > > > > > To: IBM-MAIN@LISTSERV.UA.EDU > > > > > Subject: Re: SQA overflow condition > > > > > > > > > > [CAUTION: This Email is from outside the Organization. Unless you > > > > > trust the sender, Don’t click links or
Re: What happens if you IPL a LPAR defined as being in a parallel sysplex but the CF LPAR is not there
Awesome, how do we even find such gems with TechDocs being what it is... Luckily for this one, I seem to have it bookmarked. On Thursday, November 16th, 2023 at 05:14, Attila Fogarasi wrote: > Answered a decade ago including how to continue the IPL and get running > (either single system or sysplex without CF) > https://www.ibm.com/support/pages/system/files/inline-files/Where_is_My_Coupling_Facility.pdf > "The paper is being written to provide clear and concise instructions on > how to address the sysplex support team’s most common callout. Where is My > Coupling Facility?" > > On Thu, Nov 16, 2023 at 10:42 AM Mark Jacobs < > 0224d287a4b1-dmarc-requ...@listserv.ua.edu> wrote: > > > GRS will attempt to connect to ISGLOCK, fail and z/OS will go into a > > X'0A3' wait state. > > > > Mark Jacobs > > > > Sent from ProtonMail, Swiss-based encrypted email. > > > > GPG Public Key - > > https://api.protonmail.ch/pks/lookup?op=get=markjac...@protonmail.com > > > > On Wednesday, November 15th, 2023 at 5:49 PM, Laurence Chiu < > > lch...@gmail.com> wrote: > > > > > Thinking about a LPAR defined as being in a parallel sysplex with > > > GRS=STAR. > > > > > > What happens if you IPL that LPAR and the CF is not active? Will it > > > start, > > > issue a WTOR or just fail? We are wondering what would happen if our LPAR > > > was started at the DR site (off a replicated set of volumes) but the DR > > > CEC > > > did not have a CF defined. Thanks > > > > > > -- > > > For IBM-MAIN subscribe / signoff / archive access instructions, > > > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > > > -- > > For IBM-MAIN subscribe / signoff / archive access instructions, > > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: SMF record for number of program executions?
Nice one Rob! Good to see MFM (or a rebirth of it) makes its way to SDSF. On Friday, November 10th, 2023 at 04:09, Rob Scott wrote: > As others have pointed out, monitoring the "fetch" of a load module is very > doable, whereas monitoring any subsequent usage of the executable is much > more difficult. > > In z/OS 3.1, SDSF introduced the "module fetch monitor" feature that was > inspired by the previous Poughkeepsie tool "MFM". We sit on the CSVFETCH and > CSVLLIX1 dynamic exits to capture both program fetch and VLF fetch events (no > need to front-end SVCs). > > This capability might provide some insight into what you require, however it > cannot tell the whole story. > > Rob Scott > Rocket Software > > > From: IBM Mainframe Discussion List IBM-MAIN@LISTSERV.UA.EDU on behalf of > Steve Thompson ste...@wkyr.net > > Sent: Thursday, November 9, 2023 10:15:12 PM > To: IBM-MAIN@LISTSERV.UA.EDU IBM-MAIN@LISTSERV.UA.EDU > > Subject: Re: SMF record for number of program executions? > > EXTERNAL EMAIL > > > > > > If you are willing to write an exit to get the info, you can get > it via a CSV exit (I forget its name, but ALL "LOAD"s go through > it). Understand, if you use that exit, it has to have a very > short code path, can't cause a wait of any kind, or you will > cause problems for all address spaces in that LPAR. The idea is > to capture the DSN & member and immediately write it to an SMF > buffer or similar so you can immediately return control. > > But other than what others have said, there is no other way to > see all dynamically loaded subroutines or load-modules. You will > not capture static routines as the LNKEDT doesn't use that > interface. > > I believe that IBM Products make use of that or another > undocumented path through VLF that is handling LLA and a bit of > caching of modules. > > Regards, > Steve Thompson > > > > On 11/9/2023 4:56 PM, Glenn Miller wrote: > > > Hi Linda, > > When I have been requested to provide that information, I have used the IBM > > Z Software Asset Management ( aka iZSAM ) software product, which was > > previously known as IBM Tivoli Asset Discovery for z/OS ( aka TADz ). > > > > Glenn Miller > > > > -- > > For IBM-MAIN subscribe / signoff / archive access instructions, > > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > > > Rocket Software, Inc. and subsidiaries ? 77 Fourth Avenue, Waltham MA 02451 ? > Main Office Toll Free Number: +1 855.577.4323 > Contact Customer Support: > https://my.rocketsoftware.com/RocketCommunity/RCEmailSupport > Unsubscribe from Marketing Messages/Manage Your Subscription Preferences - > http://www.rocketsoftware.com/manage-your-email-preferences > Privacy Policy - http://www.rocketsoftware.com/company/legal/privacy-policy > > > This communication and any attachments may contain confidential information > of Rocket Software, Inc. All unauthorized use, disclosure or distribution is > prohibited. If you are not the intended recipient, please notify Rocket > Software immediately and destroy all copies of this communication. Thank you. > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: Anyone with zCX docker hands on?
I'm not an expert in many/most things, and don't have time to look up arbitrary things. Just responded to a statement that 'a tech one doesn't know is automatically hacky' is bizzare. Pretty sure you know how to enlighten yourself. On Thursday, November 9th, 2023 at 11:14, David Crayford wrote: > Seeing as you're the expert here can you provide some links where people > are using WireGuard to run a HA cluster in Docker without using Swarm? Like > I said, I'm not a WG expert but I'm always happy to be enlightened :) > > On Thu, Nov 9, 2023 at 1:33 PM kekronbekron < > 02dee3fcae33-dmarc-requ...@listserv.ua.edu> wrote: > > > I didn't misunderstand. It's a bit alarming that you'd say something is > > hacky without knowing anything about it... just because it's something new > > to you vs something you're familiar with. > > In your perspective, using wg for docker connectivity is hacky. I don't > > suppose you looked up how many people combine these two. > > There's a tinge of something being right because you're doing it that way, > > but I may be wrong though. > > I'm a fan of Swarm too, especially suggesting its consideration before > > thinking about kubernetes. > > > > On Thursday, November 9th, 2023 at 10:29, David Crayford < > > dcrayf...@gmail.com> wrote: > > > > > You misunderstood my point. I'm not bashing WireGuard. I'm sure it's a > > > brilliant product and all power to them. My point is that using it to > > > hack > > > a clustering solution seems a bit odd if you have Docker Swarm to create > > > a > > > multi-host network using the overlay protocol. I know nothing about WG, > > > but > > > I use Docker every day. > > > > > > On Thu, Nov 9, 2023 at 10:51 AM kekronbekron < > > > 02dee3fcae33-dmarc-requ...@listserv.ua.edu> wrote: > > > > > > > > ... instead of hacking together solutions that don’t work? > > > > > > > > Say that with a straight face to the companies building or relying on > > > > WireGuard and see what happens. > > > > > > > > On Wednesday, November 8th, 2023 at 19:30, David Crayford < > > > > dcrayf...@gmail.com> wrote: > > > > > > > > > > On 8 Nov 2023, at 9:36 pm, Timothy Sipples sipp...@sg.ibm.com > > > > > > wrote: > > > > > > > > > > > > Dave Jousma wrote: > > > > > > > > > > > > > Thanks Timothy. Yep found all that, have the instance up and > > > > > > > working > > > > > > > just fine > > > > > > > > > > > > > it’s the peer to peer networking that is not working. The fine > > > > > > > folks > > > > > > > at > > > > > > > > > > > > > Rocket indicate that their software is picking up the internal > > > > > > > container IP, > > > > > > > > > > > > > and not using the Host IP causing the problem. They are working > > > > > > > up > > > > > > > their own > > > > > > > > > > > > > testing, and believe that docker overlay networking can resolve > > > > > > > this. > > > > > > > > > > > > OK, it’s interesting the software works that way. > > > > > > > > > > What software are you referring to, Docker? That’s fundamental to how > > > > > Docker networking works. Publishing ports using “-p ” > > > > > doesn’t make > > > > > the services discoverable in docker containers. You meed overlay > > > > > networking. TE Web is a typical clustering architecture using > > > > > active/passive HA. You will also find that you can not run curl from > > > > > within > > > > > a Docker image. Most docker containers are built to take up as small > > > > > a > > > > > footprint as necessary so utilities like curl are not installed and > > > > > you > > > > > cannot instal them using apt if security keys are not enabled, which > > > > > is > > > > > best practice. > > > > > > > > > > > (“Thinking out loud...”) Could you run a “bigger” Linux container > > > > > > image that includes a VPN tunnel (such as WireGuard) to connect > > > > > > these two > > > > > > peers with one
Re: Anyone with zCX docker hands on?
I didn't misunderstand. It's a bit alarming that you'd say something is hacky without knowing anything about it... just because it's something new to you vs something you're familiar with. In your perspective, using wg for docker connectivity is hacky. I don't suppose you looked up how many people combine these two. There's a tinge of something being right because you're doing it that way, but I may be wrong though. I'm a fan of Swarm too, especially suggesting its consideration before thinking about kubernetes. On Thursday, November 9th, 2023 at 10:29, David Crayford wrote: > You misunderstood my point. I'm not bashing WireGuard. I'm sure it's a > brilliant product and all power to them. My point is that using it to hack > a clustering solution seems a bit odd if you have Docker Swarm to create a > multi-host network using the overlay protocol. I know nothing about WG, but > I use Docker every day. > > On Thu, Nov 9, 2023 at 10:51 AM kekronbekron < > 02dee3fcae33-dmarc-requ...@listserv.ua.edu> wrote: > > > > ... instead of hacking together solutions that don’t work? > > > > Say that with a straight face to the companies building or relying on > > WireGuard and see what happens. > > > > On Wednesday, November 8th, 2023 at 19:30, David Crayford < > > dcrayf...@gmail.com> wrote: > > > > > > On 8 Nov 2023, at 9:36 pm, Timothy Sipples sipp...@sg.ibm.com wrote: > > > > > > > > Dave Jousma wrote: > > > > > > > > > Thanks Timothy. Yep found all that, have the instance up and working > > > > > just fine > > > > > > > > > it’s the peer to peer networking that is not working. The fine folks > > > > > at > > > > > > > > > Rocket indicate that their software is picking up the internal > > > > > container IP, > > > > > > > > > and not using the Host IP causing the problem. They are working up > > > > > their own > > > > > > > > > testing, and believe that docker overlay networking can resolve this. > > > > > > > > OK, it’s interesting the software works that way. > > > > > > What software are you referring to, Docker? That’s fundamental to how > > > Docker networking works. Publishing ports using “-p ” doesn’t > > > make > > > the services discoverable in docker containers. You meed overlay > > > networking. TE Web is a typical clustering architecture using > > > active/passive HA. You will also find that you can not run curl from > > > within > > > a Docker image. Most docker containers are built to take up as small a > > > footprint as necessary so utilities like curl are not installed and you > > > cannot instal them using apt if security keys are not enabled, which is > > > best practice. > > > > > > > (“Thinking out loud...”) Could you run a “bigger” Linux container > > > > image that includes a VPN tunnel (such as WireGuard) to connect these > > > > two > > > > peers with one another to work around the issue? > > > > > > Why not just use a Docker clustering such as swarm instead of hacking > > > together solutions that don’t work? > > > -- > > > For IBM-MAIN subscribe / signoff / archive access instructions, > > > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > > > -- > > For IBM-MAIN subscribe / signoff / archive access instructions, > > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: Anyone with zCX docker hands on?
It will indeed be a good day for the mainframe ecosystem if wg fully works on Z. I don't know what portion of it works today; will have to try building in linux/s390x. On Thursday, November 9th, 2023 at 10:01, Tony Harminc wrote: > On Wed, 8 Nov 2023 at 21:51, kekronbekron < > 02dee3fcae33-dmarc-requ...@listserv.ua.edu> wrote: > > > > ... instead of hacking together solutions that don’t work? > > > > Say that with a straight face to the companies building or relying on > > WireGuard and see what happens. > > > Do the zArch crypto instructions support the crypto operations used by > Wireguard? I see PCKMO supports Curve25519 for key exchange, but I'm not > seeing any of the others. Does the apparent high performance of the > symmetric crypto running on a CP or specialty engine outdo the crypto > hardware on z? > > Tony H. > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: Anyone with zCX docker hands on?
> ... instead of hacking together solutions that don’t work? Say that with a straight face to the companies building or relying on WireGuard and see what happens. On Wednesday, November 8th, 2023 at 19:30, David Crayford wrote: > > On 8 Nov 2023, at 9:36 pm, Timothy Sipples sipp...@sg.ibm.com wrote: > > > > Dave Jousma wrote: > > > > > Thanks Timothy. Yep found all that, have the instance up and working just > > > fine > > > > > it’s the peer to peer networking that is not working. The fine folks at > > > > > Rocket indicate that their software is picking up the internal container > > > IP, > > > > > and not using the Host IP causing the problem. They are working up their > > > own > > > > > testing, and believe that docker overlay networking can resolve this. > > > > OK, it’s interesting the software works that way. > > > What software are you referring to, Docker? That’s fundamental to how Docker > networking works. Publishing ports using “-p ” doesn’t make the > services discoverable in docker containers. You meed overlay networking. TE > Web is a typical clustering architecture using active/passive HA. You will > also find that you can not run curl from within a Docker image. Most docker > containers are built to take up as small a footprint as necessary so > utilities like curl are not installed and you cannot instal them using apt if > security keys are not enabled, which is best practice. > > > > > (“Thinking out loud...”) Could you run a “bigger” Linux container image > > that includes a VPN tunnel (such as WireGuard) to connect these two peers > > with one another to work around the issue? > > > Why not just use a Docker clustering such as swarm instead of hacking > together solutions that don’t work? > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: AI will surpass human intelligence!
Not on anyone's side. Just a reminder as to where it started - "Yours included?", and whether it was necessary. - KB --- Original Message --- On Friday, September 15th, 2023 at 21:29, Michael Oujesky wrote: > It appears it is well past time to remove Bill from IBM-MAIN. > > > > At 02:26 PM 9/14/2023, Bill Johnson wrote: > > > It's already passed yours. > > > > Sent from Yahoo Mail for iPhone > > > > On Thursday, September 14, 2023, 3:22 PM, David Spiegel > > 0468385049d1-dmarc-requ...@listserv.ua.edu wrote: > > > > Yours included? > > > > On 2023-09-14 13:29, Bill Johnson wrote: > > > > > AI will surpass human intelligence. > > > > https://www.cnbc.com/2023/09/14/softbanks-masayoshi-son-says-tech-can-surpass-human-intelligence.html > > > > > -- > > > For IBM-MAIN subscribe / signoff / archive access instructions, > > > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > > > -- > > For IBM-MAIN subscribe / signoff / archive access instructions, > > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > > > -- > > For IBM-MAIN subscribe / signoff / archive access instructions, > > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: Switching between SMT-1 and SMT-2
Hi Scott, Could you expand on this please. > But z/OS "densely packs" the cores, meaning that if a work unit is running on > a zIIP core and another zIIP eligible work unit comes in it will run on the > second thread on the already busy zIIP core instead of being dispatched to an > available but unused zIIP core. As I understand it, this was done because > PR/SM dispatches cores, not threads, to the LPARs and this dense packing > makes that easier. What does "dispatches cores" mean, and how is "run on second thread on already busy zIIP" an example of that (dispatching cores), and the second part (dispatch to a new core) isn't? Also a general Q to all - why is SMT a big topic with mainframes? Distributed's hyperthreading is everywhere. - KB --- Original Message --- On Thursday, August 31st, 2023 at 18:20, Scott Chapman <03fffd029d68-dmarc-requ...@listserv.ua.edu> wrote: > On Wed, 30 Aug 2023 12:14:29 +, Peter Relson rel...@us.ibm.com wrote: > > > I'll bite. Why would you want to switch? Activating it is one thing. > > > > There are situations where a job might run better not multi-threaded. > > It's not clear that the system ever would run better not multi-threaded. > > > There are multiple considerations as to whether SMT should be enabled. As Ed > Jaffe said, my preference would be to add real zIIPs if I at all could and > only use SMT when that was not (or no longer) feasible. My recommendation is > to not enable SMT until you have a defined reason to and where it's then > proven to be beneficial. > > As a review for those stumbling across this who might not know: > If there's only single unit of work running on the zIIP, SMT matters not at > all because there's no contention for that zIIP core. But when there's two > active threads on a zIIP, both will contend for the common core resources and > so run somewhat slower. So it is never a single job that runs worse > multi-threaded, if SMT is negatively impacting individual workloads it will > always be impacting work in groups of two work units. > > But z/OS "densely packs" the cores, meaning that if a work unit is running on > a zIIP core and another zIIP eligible work unit comes in it will run on the > second thread on the already busy zIIP core instead of being dispatched to an > available but unused zIIP core. As I understand it, this was done because > PR/SM dispatches cores, not threads, to the LPARs and this dense packing > makes that easier. > > So depending on the arrival pattern and volume of the work, how busy the > zIIPs are, what the LPAR configuration is like, etc. it is possible that work > could be densely packed on the zIIPs while there's unused zIIP cores that > would allow the work to run better. zIIPs are often lowly utilized compared > to GCPs and at certain points in time, it's entirely conceivable that it > would be better to utilize under-utilized zIIP cores without SMT. > > In general, SMT is more valuable at higher zIIP utilization levels. However > (depending on lots of things) it can be useful at lower utilizations where, > for example, there's spikes in the arrival patterns of very short-running > transactions. That can certainly happen in DDF environments, but the most > egregious cases of this I've seen have been in Websphere environments. > > The threshold for "at higher zIIP utilization levels" is variable again > depending. E.G. in a configuration with low zIIP utilization levels where > there's only 1 or 2 zIIPs shared amongst several LPARs, SMT might be useful > because an LPAR may not have access to both zIIP cores simultaneously so > having that extra thread on the single core that PR/SM gave it could be > useful. > > Another, less significant, consideration is capacity planning. Because > performance and zIIP consumption is so variable with SMT enabled and because > the workloads' zIIP consumption in the SMF 30 and SMF 72 records are recorded > as an estimate of what they would have consumed if SMT was not enabled, > accurate zIIP capacity planning (especially at the workload level) is pretty > much impossible with SMT enabled. But this is of relatively little concern if > your zIIP capacity planning is "we'll buy more when we start to see > problems... or when we do the next upgrade". Which, to be fair, most > customers are in that situation: they don't do any real detailed planning for > zIIP capacity. > > Scott Chapman > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: Strange results for the PS1 prompt with z/OS Unix
Ah ok, I misunderstood then. When you said it'll spare you the effort of continuous maintenance, I thought you meant further work/whatever will be based off of zopen stuff. Of course, RS can't offer support for zopen content directly. Well... giving back as in more than star-ing a repo. Keeping the supply chain sustainable. I'm seeing quite a bit of zopen patches being accepted upstream. But I do know what you mean... there are some projects/orgs that don't want to accept patches without having access to h/w where they can test/run those patches on. >> Comfort? That's hardly the case. > no responsible IT manager would be at ease without... In other words... comfort, albeit for a professional setting. I didn't use that word in a derogatory manner. It is what it is. Supported open source is certainly not a "must". It's just far more common/expected in the mainframe world. ... which is hilarious; it was the mainframe ecosystem that was originally open (I'm assuming)... with CBT etc. - KB --- Original Message --- On Monday, August 21st, 2023 at 13:57, David Crayford wrote: > > On 21 Aug 2023, at 1:35 pm, kekronbekron > > 02dee3fcae33-dmarc-requ...@listserv.ua.edu wrote: > > > > > I intend to leverage the z/OS Open Tools ports as they spare me the > > > effort of continuous maintenance. > > > > That sounds like it's going to lead to RS offering supported option of > > stuff, relying on other people's open sourced work... with what amount of > > giving back involved? > > > There is zero chance of RS offering commercial support for code ported by the > z/OS Open Tools community. They don’t need to. If they thought there was a > market for a tool that they would just provide their own port. > > I’m not quite sure what you mean by “giving back”? If you’re talking about > upstreaming changes then we’ve had this conversation before many times. The > maintainers of open source projects, such as Python, want nothing to do with > z/OS patches in their mainline code. That’s why IBM and Rocket keep their own > patch files. > > > In other words, what's the value add apart from the comfort of support, and > > the SMP/E install option? > > > Comfort? That's hardly the case. Deploying anything into production without > proper support is unheard of. If you're just a casual enthusiast downloading > development tools for personal use, that's one thing. However, when an > organization aims to adopt Git for managing critical source code, no > responsible IT manager would be at ease without round-the-clock support. This > principle applies universally, encompassing mainframes and all systems alike. > Support is a must, either directly from the product vendor or through > services provided by specialized organizations. As an example, consider > enterprise Linux distributions like RHEL, which are predominantly constructed > from open source software. RedHat (now IBM) or SUSE stands behind them, > delivering essential support. Same for cloud operators. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: Strange results for the PS1 prompt with z/OS Unix
> I intend to leverage the z/OS Open Tools ports as they spare me the effort of > continuous maintenance. That sounds like it's going to lead to RS offering supported option of stuff, relying on other people's open sourced work... with what amount of giving back involved? In other words, what's the value add apart from the comfort of support, and the SMP/E install option? Just looking to understand, nothing else. - KB --- Original Message --- On Monday, August 21st, 2023 at 10:12, David Crayford wrote: > On 19/8/2023 6:18 pm, Sebastian Welton wrote: > > > On Fri, 18 Aug 2023 19:33:03 +0800, David crayforddcrayf...@gmail.com wrote: > > > > > I'm feeling a bit puzzled here! Bash doesn't come pre-installed with > > > z/OS; rather, it's a tool ported by Rocket, so there shouldn't be any > > > compatibility problems, right? If IBM decides to include zsh, which is > > > considered superior to bash, this could be a game-changer. > > > Currently trying this one out > > > If you're using it don't forget to star the repo on Github. That really > helps the maintainers gauge how many people are using the port. > > > not too sure if there is any Rocket influence or not: > > > Not that I know of. The distinction between the z/OS Open Tools > initiative and Rocket's ported tools lies in Rocket's provision of > commercial support and SMP/E packaging. Customers tend to approach > open-source solutions on z/OS cautiously, especially after the > Shellshock incident with bash. Rocket remains vigilant about addressing > any new Common Vulnerabilities and Exposures (CVE), promptly releasing > patches. Bash is a dependecy for Git, which holds significant importance > as a ported tool. In recent customer presentations, the predominant > focus has been on modernization, involving Git integration, whether > directly or through bridging from existing legacy SCM systems. > > I extend my appreciation to IBM for their commitment to the z/OS Open > Tools initiative. The community is commendable, well-guided, and staffed > with highly skilled engineers. Numerous packages have been ported, some > of which I have undertaken myself, like CMake. I intend to leverage the > z/OS Open Tools ports as they spare me the effort of continuous > maintenance. > > > https://github.com/ZOSOpenTools/bashport > > > > Sebastian. > > > > -- > > For IBM-MAIN subscribe / signoff / archive access instructions, > > send email tolists...@listserv.ua.edu with the message: INFO IBM-MAIN > > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: Strange results for the PS1 prompt with z/OS Unix
Does it say in any 3.1 note that zsh is going to be included? zsh port doesn't (publicly) exist yet. Might want to check the zopen install command for powerline. --- Original Message --- On Friday, August 18th, 2023 at 17:03, David Crayford wrote: > On 18/8/2023 7:07 pm, Seymour J Metz wrote: > > > While, IMHO, zsh should have been included in MVS/ESA SP V4.3 OpenEdition, > > I don't see it killing bash, due to compatibility. > > > I'm feeling a bit puzzled here! Bash doesn't come pre-installed with > z/OS; rather, it's a tool ported by Rocket, so there shouldn't be any > compatibility problems, right? If IBM decides to include zsh, which is > considered superior to bash, this could be a game-changer. > > Once IBM introduced their Python SDK for z/OS, Rocket's Python started > struggling and eventually became obsolete. > > It's perfectly fine to skip commenting on every discussion, especially > when it's not within your field of expertise. > > > -- > > Shmuel (Seymour J.) Metz > > http://mason.gmu.edu/~smetz3 > > > > > > From: IBM Mainframe Discussion List [IBM-MAIN@LISTSERV.UA.EDU] on behalf of > > David Crayford [dcrayf...@gmail.com] > > Sent: Friday, August 18, 2023 5:38 AM > > To:IBM-MAIN@LISTSERV.UA.EDU > > Subject: Re: Strange results for the PS1 prompt with z/OS Unix > > > > What version of bash are you using? Rocket software's port or IBM z/OS > > Open Tools? > > > > Irrespective, bash is an enhanced ASCII application so make sure you > > have the following environment variables set in your profile login > > scripts by entering "env | sort" from the shell command line. > > > > _BPXK_AUTOCVT=ON > > _CEE_RUNOPTS=FILETAG(AUTOCVT,AUTOTAG) TERMTHDACT(UADUMP) ABTERMENC(ABEND) > > _TAG_REDIR_ERR=txt > > _TAG_REDIR_IN=txt > > _TAG_REDIR_OUT=txt > > > > Incidentally, I noticed that IBM are shipping zsh as part of z/OS 3.1 so > > bye, bye bash. > > > > I've being using zsh for years and it turbo charges the shell. For > > example, there are open source themes such as oh-my-zsh and > > powerline10k. The powerline customizes PS1 with fancy glyphs. The > > current Git branch, commits and other information is shown. It's next > > level to the dull one your using :). Also, there is zsh-autosuggestions > > which recalls previous commands for auto completion. oh-my-zsh also > > provides a plugin for git command completion and other super cool > > command completions that make using the shell as easy as an IDE. > > > > https://github.com/ohmyzsh/ohmyzsh/tree/master > > https://github.com/romkatv/powerlevel10k > > https://github.com/zsh-users/zsh-autosuggestions > > > > To enable the cool glyphs you will need to install Nerd fonts and > > configure your terminal emulator. If you're a Windows user and using > > PuTTY I recommend switching to Windows Terminial (preferably with WSL2) > > which has tabs, tiled windows and is just miles better. If you're on a > > Mac like me it's easy to configure Termimal, iTerm2 or whatever emulator > > you use. Same with Linux desktops. On z/OS "export TERM=xterm-256color" > > > > In the meantime, there is a port of powerline-go as part of the Z/OS > > Open Tools project. If you have downloaded the installer you can install > > it simply by running "zopen install powerlinegoport". > > > > https://github.com/justjanne/powerline-go # instructions how to > > configure it with bash > > > > Z Shell (Zsh) on z/OS > > > > The Z Shell (Zsh), specifically Zsh 5.8.1, has been ported and made > > available on z/OS 3.1. Zsh is a UNIX command interpreter that is used as > > an interactive login shell and as a shell script command processor. It > > has command-line editing, built-in spelling correction, programmable > > command completion, shell functions (with autoloading), a history > > mechanism, and a host of other features. With the extensibility, rich > > customization, and advanced features, Zsh provides a modern and powerful > > shell on z/OS. It is designed to accelerate users' daily work and have > > consistent behavior with other open platforms. > > > > On 17/8/2023 11:31 pm, Tom Longfellow wrote: > > > > > I am confused and am throwing out a Hail Mary for help. Here is the > > > situation. > > > Two cloned LPARs. (same sysres and unix root file systems) > > > > > > On system 1 - the /etc/profile has a PS1 of > > > export PS1="[\\u@\\H \\W \\@]\\$ " > > > > > > On system 2 - the /etc/profile has a PS1 of > > > export PS1="[\\u@\\H \\W \\@]\\$ " > > > > > > Why YES they do look the same... at least they do to me. > > > -=-=-= > > > The results however are very different. > > > > > > On system one the displayed PS1 is > > > [TECH905@jismvs_test ~ 11:26 AM]$ > > > > > > On system two the displayed PS1 is > > > [\u@\H \W \@]$ > > > -=-=-=-= > > > I am using the same SHELL program in my environment. (/usr/bin/bash) > > > > > > Anybody have any ideas why the two different LPARs are reading the same > > >
Re: TRSMAIN AMATERSE
Is the **algorithm** documented... you know, in words, with examples? --- Original Message --- On Saturday, August 12th, 2023 at 10:21 PM, Erik Janssen wrote: > See: > https://github.com/openmainframeproject/tersedecompress > > Kind regards, > Erik. > > > On Sat, 12 Aug 2023 05:19:43 +, kekronbekron kekronbek...@protonmail.com > wrote: > > > By any chance, is the algorithm for tersing/untersing publicly available? > > > > -- > > For IBM-MAIN subscribe / signoff / archive access instructions, > > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: TRSMAIN AMATERSE
Is LZW the exact same as TRSMAIN/AMATERSE? --- Original Message --- On Sunday, August 13th, 2023 at 1:42 AM, Farley, Peter <031df298a9da-dmarc-requ...@listserv.ua.edu> wrote: > At a guess, in the IBM and Unisys patent files that have expired at the US > Patent Office. Not sure if USPO requires any payment to view/print patent > files, but they are supposed to be “public record” so should be available. > > For Lempel-Ziv-Welch compression, Wikipedia article here: > https://en.wikipedia.org/wiki/Lempel–Ziv–Welch > > Peter > > From: IBM Mainframe Discussion List IBM-MAIN@LISTSERV.UA.EDU On Behalf Of > kekronbekron > > Sent: Saturday, August 12, 2023 9:30 AM > To: IBM-MAIN@LISTSERV.UA.EDU > Subject: Re: TRSMAIN AMATERSE > > > > From the thread... > > > > "The algorithm is reasonably well documented, and the encapsulation is not > complex. And > > as I said, the patents have expired." > > > > Well-documented where? > > > > > > --- Original Message --- > > On Saturday, August 12th, 2023 at 5:17 PM, Mike Schwab > mailto:mike.a.sch...@gmail.com> wrote: > > > > > > > > https://urldefense.com/v3/__https://hercules-390.yahoogroups.narkive.com/gYwJ3QUu/terse-for-pcs-windows-aix-linux__;!!Ebr-cpPeAnfNniQ8HSAI-g_K5b7VKg!KgFPMf4W43fW9fcVLr7EhIaqolCaXFEi6c4Eyn8KvEeFq0rbFE7vXdS9bjmOCJ82dR98eJ0K7rxzp6thvoX4Ot5MCrSG6LFC8_kf5FjA$https://urldefense.com/v3/__https:/hercules-390.yahoogroups.narkive.com/gYwJ3QUu/terse-for-pcs-windows-aix-linux__;!!Ebr-cpPeAnfNniQ8HSAI-g_K5b7VKg!KgFPMf4W43fW9fcVLr7EhIaqolCaXFEi6c4Eyn8KvEeFq0rbFE7vXdS9bjmOCJ82dR98eJ0K7rxzp6thvoX4Ot5MCrSG6LFC8_kf5FjA$ > > > Now over at groups.io . > > > On Sat, Aug 12, 2023, 00:20 kekronbekron < > > > 02dee3fcae33-dmarc-requ...@listserv.ua.edumailto:02dee3fcae33-dmarc-requ...@listserv.ua.edu> > > wrote: > > > > By any chance, is the algorithm for tersing/untersing publicly available? > > > -- > > > > This message and any attachments are intended only for the use of the > addressee and may contain information that is privileged and confidential. If > the reader of the message is not the intended recipient or an authorized > representative of the intended recipient, you are hereby notified that any > dissemination of this communication is strictly prohibited. If you have > received this communication in error, please notify us immediately by e-mail > and delete the message and any attachments from your system. > > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: TRSMAIN AMATERSE
>From the thread... "The algorithm is reasonably well documented, and the encapsulation is not complex. And as I said, the patents have expired." Well-documented where? --- Original Message --- On Saturday, August 12th, 2023 at 5:17 PM, Mike Schwab wrote: > https://hercules-390.yahoogroups.narkive.com/gYwJ3QUu/terse-for-pcs-windows-aix-linux > > Now over at groups.io . > > On Sat, Aug 12, 2023, 00:20 kekronbekron < > 02dee3fcae33-dmarc-requ...@listserv.ua.edu> wrote: > > > By any chance, is the algorithm for tersing/untersing publicly available? > > > > -- > > For IBM-MAIN subscribe / signoff / archive access instructions, > > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
TRSMAIN AMATERSE
By any chance, is the algorithm for tersing/untersing publicly available? -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: IBM C/C++ for Open Enterprise Languages
> > zoslib has been available for a few years now..
> Have you used it?
Yes, to port something. Not a hugely complex undertaking, I should add.
> > as I believe it's available with xlclang.
> I would no if it did. We’ve discussed this with the IBM compiler team in ISV
> technical disclosure meetings. There are library implementations that use
> pthreads.
Cool, sounds like you know what you're doing, and are doing something about it
(the gaps you mention) already.
I'm sure you know this too already... that open source works by pitching in,
and aligning on common goals.
--- Original Message ---
On Thursday, August 10th, 2023 at 8:30 AM, David Crayford
wrote:
> > On 9 Aug 2023, at 3:08 pm, kekronbekron
> > 02dee3fcae33-dmarc-requ...@listserv.ua.edu wrote:
> >
> > Thanks for your notes.
> >
> > On more compilers - when working through a transition, intermediates are a
> > small price to pay.
> > In the end xlclang and regular clang (which will have zOS bits upstreamed)
> > may be the only two remaining.
> >
> > zoslib has been available for a few years now..
>
>
> Have you used it?
>
> > What is a thunk routine?
>
>
> https://github.com/ibmruntimes/zoslib/blob/cc10b7c1d6211a2c28b10b540bf406c7148fbf4f/src/zos.cc#L1892
>
> > Thread-local-storage must be coming…
>
>
> It’s my understanding that it requires binder work so I wouldn’t expect it
> any time soon.
>
> > as I believe it's available with xlclang.
>
>
> I would no if it did. We’ve discussed this with the IBM compiler team in ISV
> technical disclosure meetings. There are library implementations that use
> pthreads.
>
> https://github.com/ibmruntimes/zoslib/blob/main/src/zos-tls.cc
>
> > --- Original Message ---
> > On Wednesday, August 9th, 2023 at 12:28 PM, David Crayford
> > dcrayf...@gmail.com wrote:
> >
> > > As if we didn’t already have enough z/OS C/C++ compilers :)
> > >
> > > I've recently been working on Python bindings for z/OS products and
> > > wanted to share some useful notes. IBM recently released the IBM C/C++
> > > for Open Enterprise Languages on z/OS compiler [1], a free version of IBM
> > > Open XL C/C++, which is a port of LLVM/clang. This compiler can only be
> > > used for open source. For example, to build Python, Node, go packages
> > > that require a build phase when installed or contributing to z/OS open
> > > source projects. It's important to note that the IBM Open XL C/C++
> > > compiler is not compatible with XL C/C++ or xlclang compilers. This
> > > incompatibility may pose challenges. Python 3.11 is developed using IBM
> > > Open XL C/C++, while Python 3.10 uses xlclang. As a result, binary
> > > packages created for Python 3.10 won't work with the IBM Open XL C/C++
> > > compiler.
> > > To overcome this issue, the recommended solution is to build Python
> > > distributions that include the source C/C++ code. During the installation
> > > process using pip, this code can be built. There are a few issues with
> > > the new compiler. Firstly, there is no support for "OS" linkage, meaning
> > > no #pragma linkage(module,OS) or extern 'OS' {}. Custom thunk routines
> > > need to be written to address this. Additionally, the compiler supports
> > > inline assembly, but the -qasmlib= option is not
> > > available, making macros unusable. A workaround I found is to assemble
> > > some HLASM code and copy-paste from the listing.
> > >
> > > Moreover, the runtime library is not entirely compatible with XL C/C++. I
> > > discovered that the __amrc structure is missing, which breaks my pzfile
> > > package and makes accessing VSAM files nearly impossible. I plan to open
> > > a case with IBM to address this issue.
> > > Another limitation is that the compiler does not produce source/assembly
> > > listings. Furthermore, thread level storage is not supported, which
> > > complicates the process of porting certain libraries.
> > >
> > > On a positive note, IBM has open-sourced their zoslib library [2], which
> > > assists in porting applications to z/OS. There is a lot of useful
> > > function in this library. It supports dynamically loading and calling
> > > modules using thunk routines. Unfortunately, there is a comment in the
> > > code which states it only works with xlclang. The library is Apache 2.0
> > > licensed but it has IBM copyright. I'm not a lawyer so I'm unsure of the
> > > le
Re: IBM C/C++ for Open Enterprise Languages
Thanks for your notes.
On more compilers - when working through a transition, intermediates are a
small price to pay.
In the end xlclang and regular clang (which will have zOS bits upstreamed) may
be the only two remaining.
zoslib has been available for a few years now..
What is a thunk routine?
Thread-local-storage must be coming... as I believe it's available with xlclang.
--- Original Message ---
On Wednesday, August 9th, 2023 at 12:28 PM, David Crayford
wrote:
> As if we didn’t already have enough z/OS C/C++ compilers :)
>
> I've recently been working on Python bindings for z/OS products and wanted to
> share some useful notes. IBM recently released the IBM C/C++ for Open
> Enterprise Languages on z/OS compiler [1], a free version of IBM Open XL
> C/C++, which is a port of LLVM/clang. This compiler can only be used for open
> source. For example, to build Python, Node, go packages that require a build
> phase when installed or contributing to z/OS open source projects. It's
> important to note that the IBM Open XL C/C++ compiler is not compatible with
> XL C/C++ or xlclang compilers. This incompatibility may pose challenges.
> Python 3.11 is developed using IBM Open XL C/C++, while Python 3.10 uses
> xlclang. As a result, binary packages created for Python 3.10 won't work with
> the IBM Open XL C/C++ compiler.
> To overcome this issue, the recommended solution is to build Python
> distributions that include the source C/C++ code. During the installation
> process using pip, this code can be built. There are a few issues with the
> new compiler. Firstly, there is no support for "OS" linkage, meaning no
> #pragma linkage(module,OS) or extern 'OS' {}. Custom thunk routines need to
> be written to address this. Additionally, the compiler supports inline
> assembly, but the -qasmlib= option is not available, making
> macros unusable. A workaround I found is to assemble some HLASM code and
> copy-paste from the listing.
>
> Moreover, the runtime library is not entirely compatible with XL C/C++. I
> discovered that the __amrc structure is missing, which breaks my pzfile
> package and makes accessing VSAM files nearly impossible. I plan to open a
> case with IBM to address this issue.
> Another limitation is that the compiler does not produce source/assembly
> listings. Furthermore, thread level storage is not supported, which
> complicates the process of porting certain libraries.
>
> On a positive note, IBM has open-sourced their zoslib library [2], which
> assists in porting applications to z/OS. There is a lot of useful function in
> this library. It supports dynamically loading and calling modules using thunk
> routines. Unfortunately, there is a comment in the code which states it only
> works with xlclang. The library is Apache 2.0 licensed but it has IBM
> copyright. I'm not a lawyer so I'm unsure of the legalities of using this
> library for product code.
>
> [1]
> https://www.ibm.com/docs/en/cloud-paks/z-modernization-stack/2023.2?topic=languages-cc-open-enterprise-zos
> [2] https://github.com/ibmruntimes/zoslib
>
>
> --
> For IBM-MAIN subscribe / signoff / archive access instructions,
> send email to lists...@listserv.ua.edu with the message: INFO IBM-MAINz
--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: AT-TLS and CSSMTP setup
Hi Brian, You may find useful bits of info here - https://colinpaice.blog/2023/02/21/sending-an-email-from-z-os/ Either in this post or generally in this blog. - KB --- Original Message --- On Saturday, July 29th, 2023 at 10:18 AM, Phil Smith III wrote: > No errors anywhere? Just RC=8? > > > > "It's a certificate error" -Hansen's Law > > > > https://bit.listserv.ibm-main.narkive.com/4Iu5ZeUA/setting-up-gmail-as-outbound-mail-server-on-z-os > might be a hint, especially the > bit about enabling gsktrace, which is your friend. > > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: Need DFSORT control statements to extract data from smf15 with storclas blank
Hi Sri, So for example, SMF15_HIPER_SIZE will be 20 bytes (if the HiperBatch section exists)? https://www.ibm.com/docs/en/zos/2.4.0?topic=mapping-hiperbatch-section - KB --- Original Message --- On Friday, July 21st, 2023 at 9:48 PM, Sri h Kolusu wrote: > > > I am not a DFSort expert but we have a requirement to extract datasets > > > which has storclas (SMF15SCN) = blank. > > > Shivang Sharma, > > SMF15SCN is a part of Extended Information Segment which does NOT have a > standard offset. You need to dynamically calculate the offset based on the > formula 244 + SMF15SDC + (SMF15NUC * SMF15SUC) + SMF15_HIPER_SIZE + SMF15SET). > > Unfortunately DFSORT cannot do it , so you need to write an exit in language > of your choice (COBOL, ASM...) and get the SMF 15 record. > > Thanks, > Kolusu > DFSORT Development > > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: Will z/OS be obsolete in 5 years?
> There are a lot of very wise an experienced folks who have quite clearly > stated that conatainers are critical to the future of z/OS. And I don't doubt them, and surely my knowledge is far more limited. What portion of it (containers being critical to zOS's future) is because zOS has to play nice with the rest of the industry vs. zOS containers offering something uniquely powerful? > I don’t have a a problem with that (zOS Operator for Kubernetes etc.). Neither do I, people & companies end up doing what they have resolved to anyway. What makes me sad is that a solution such as this brutally hides all the intelligent things that went into zOS over decades. Unless zOS's python can get *real* hooks into the guts of zOS, the abstraction of using Ansible to use python to issue zOS commands is... convoluted. I don't know how it's acceptable to use 100 lines of YAML and Jinja and whatnot, to parameterize a 10-line JCL. What happened to ISPF skeletons and REXX, and provider abstractions to already existing interfaces? The other part is about messaging. zOS or mainframe are modern enough. Maybe I'm interpreting material wrong, but showcasing Jenkins and 10-year old distributed tech/techniques as modernization... I believe we can do better. - KB --- Original Message --- On Wednesday, July 19th, 2023 at 10:37 AM, David Crayford wrote: > > On 19 Jul 2023, at 12:44 pm, kekronbekron > > 02dee3fcae33-dmarc-requ...@listserv.ua.edu wrote: > > > > The "gift" is not containers but container tech... layering. > > Just lifting and shifting distributed tech onto mainframe, with no > > consideration of the extreme complexities is very wasteful. > > Container orchestration exists because some of those containers (or the > > hosts they may run on) may have a problem. > > How likely is that to happen on Z? > > I know there's also the thing about service boundary, isolation etc. but do > > we really need all of that, totally ignoring equivalent patterns that > > already exist in zOS? > > > There are a lot of very wise an experienced folks who have quite clearly > stated that conatainers are critical to the future of z/OS. > > > Yes, zCX lets you treat a container as just another address space. > > But at the added complexity of container-related setup itself that needs to > > happen within/across zCX. > > With native containers being controlled with systemd (which will be > > possible if LSS exists), we needn't touch kubernetes with a 100 foot poll. > > Just because everyone is jumping about K doesn't mean it makes sense as a > > universal solution. > > > > Anyway, there's already a lot of work from IBM indicating that zOS will > > become just another dumb box that's controllable by the kuberlords (not > > using this term in a derogatory manner, just referring to container people, > > usually distributed folks). > > > I don’t have a a problem with that. I recently saw a demo from IBM where they > spun up a z/OS system running on OCP on Linux for Z. IBM has written a large > collection of Ansible modules to do useful things like define a DB2 system, > IMS system gens, CICS stuff etc. I was impressed. We have Ansible where I > work and can stand up development z/OS images on z/VM. Very handy if you > doing systems level programming and don’t want to hose the LPAR you share > with your team. This new stuff was next level. > > > - KB > > > > --- Original Message --- > > On Wednesday, July 19th, 2023 at 9:39 AM, David Crayford > > dcrayf...@gmail.com wrote: > > > > > > On 19 Jul 2023, at 9:52 am, kekronbekron > > > > 02dee3fcae33-dmarc-requ...@listserv.ua.edu wrote: > > > > > > > > Here's a dumb and bold prediction - the guts of RHEL (CoreOS) will be > > > > laid bare within zOS. > > > > > > Nice idea, but I doubt it. > > > > > > > USS becomes LSS. zOS native containers are actually normal containers > > > > that you see in the linux world. > > > > DSFS and zCX end up helping to blur the boundaries between zOS and LSS. > > > > > > Containers on their own are of limited use. You really need clusters and > > > orchestration for it to be useful. We have z/CX Foundation for Red Hat > > > OpenShift which requires 6 zIIPs just to idle. I’m sure it will get there > > > in the end but it’s a dog at the moment. > > > > > > > zOS is not going away. But we could all use a total re-think of zOSMF. > > > > > > > > - KB > > > > > > > > --- Original Message --- > >
Re: Will z/OS be obsolete in 5 years?
The "gift" is not containers but container tech... layering. Just lifting and shifting distributed tech onto mainframe, with no consideration of the extreme complexities is very wasteful. Container orchestration exists because some of those containers (or the hosts they may run on) may have a problem. How likely is that to happen on Z? I know there's also the thing about service boundary, isolation etc. but do we really need all of that, totally ignoring equivalent patterns that already exist in zOS? Yes, zCX lets you treat a container as just another address space. But at the added complexity of container-related setup itself that needs to happen within/across zCX. With native containers being controlled with systemd (which will be possible if LSS exists), we needn't touch kubernetes with a 100 foot poll. Just because everyone is jumping about K doesn't mean it makes sense as a universal solution. Anyway, there's already a lot of work from IBM indicating that zOS will become just another dumb box that's controllable by the kuberlords (not using this term in a derogatory manner, just referring to container people, usually distributed folks). - KB --- Original Message --- On Wednesday, July 19th, 2023 at 9:39 AM, David Crayford wrote: > > On 19 Jul 2023, at 9:52 am, kekronbekron > > 02dee3fcae33-dmarc-requ...@listserv.ua.edu wrote: > > > > Here's a dumb and bold prediction - the guts of RHEL (CoreOS) will be laid > > bare within zOS. > > > Nice idea, but I doubt it. > > > USS becomes LSS. zOS native containers are actually normal containers that > > you see in the linux world. > > DSFS and zCX end up helping to blur the boundaries between zOS and LSS. > > > Containers on their own are of limited use. You really need clusters and > orchestration for it to be useful. We have z/CX Foundation for Red Hat > OpenShift which requires 6 zIIPs just to idle. I’m sure it will get there in > the end but it’s a dog at the moment. > > > zOS is not going away. But we could all use a total re-think of zOSMF. > > > > - KB > > > > --- Original Message --- > > On Wednesday, July 19th, 2023 at 6:17 AM, Jon Perryman jperr...@pacbell.net > > wrote: > > > > > IBM RHEL announced it's move to closed source (IBM RedHat Enterprise > > > Linux). With some changes, DB2, RACF and other z/OS products could run in > > > Linux on z16 in one sysplexed Linux image. We know it's possible because > > > IBM moved Unix and TCP into z/OS. IBM RHEL said closed source would force > > > non-paying customers to buy RHEL licenses but this makes no sense. > > > Something else must be in play. > > > I created a survey at https://forms.gle/ZTPXsDJo8Z4H93sv7 to gain > > > insights into IBM's decision to close source RHEL. You can skip the > > > survey if you don't want to take it and view the survey results through > > > this website. Feel free to pass this along. > > > I think IBM wants to integrate z/OS products to retain their investments > > > and expand their customer base.. > > > Why is the z/OS community ignoring IBM RHEL closed source? Are software > > > vendors preparing their products for Linux? > > > > > > -- > > > For IBM-MAIN subscribe / signoff / archive access instructions, > > > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > > > -- > > For IBM-MAIN subscribe / signoff / archive access instructions, > > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: Will z/OS be obsolete in 5 years?
Here's a dumb and bold prediction - the guts of RHEL (CoreOS) will be laid bare within zOS. USS becomes LSS. zOS native containers are actually normal containers that you see in the linux world. DSFS and zCX end up helping to blur the boundaries between zOS and LSS. zOS is not going away. But we could all use a total re-think of zOSMF. - KB --- Original Message --- On Wednesday, July 19th, 2023 at 6:17 AM, Jon Perryman wrote: > IBM RHEL announced it's move to closed source (IBM RedHat Enterprise Linux). > With some changes, DB2, RACF and other z/OS products could run in Linux on > z16 in one sysplexed Linux image. We know it's possible because IBM moved > Unix and TCP into z/OS. IBM RHEL said closed source would force non-paying > customers to buy RHEL licenses but this makes no sense. Something else must > be in play. > I created a survey at https://forms.gle/ZTPXsDJo8Z4H93sv7 to gain insights > into IBM's decision to close source RHEL. You can skip the survey if you > don't want to take it and view the survey results through this website. Feel > free to pass this along. > I think IBM wants to integrate z/OS products to retain their investments and > expand their customer base.. > Why is the z/OS community ignoring IBM RHEL closed source? Are software > vendors preparing their products for Linux? > > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: Python 3.11 on z/OS - UTF-8 errors
Andrew - could you please explain what you mean by "checkout in git as UTF8". I can't remember which project I saw this in, but it mentioned needing to use UTF8. So, similar to what Andrew has shown below, I suspect. If all files on host are tagged ISO8859-1 then, and even if a project has build.sourceEnconding UTF8, will that be fine as long as there aren't any "special" chars? I tried following this for getting Maven to work on zOS, but it doesn't work - https://github.com/HeinekenBilly/Maven-zOS mvn -v shows gibberish. If I don't set "MAVEN_OPTS=-Dfile.encoding=UTF-8", without messing with iconv, then it works with IBM-1047, zOS-native. - KB --- Original Message --- On Thursday, July 13th, 2023 at 4:50 AM, Andrew Rowley wrote: > On 13/07/2023 9:02 am, David Crayford wrote: > > > I'd like to understand your reasons for wanting to encode your Java source > > files in UTF-8. It's important to note that the default encoding on z/OS is > > IBM-1047 (EBCDIC). We typically use ISO8859-1 and have to specify the > > "-encoding iso8859-1" option when using the javac compiler. As mentioned > > earlier, tagging files as UTF-8 can lead to unexpected issues, which is why > > it's not commonly done. > > > I commonly see > UTF-8 > > specified for Java projects. > > I have wondered how this works if you try to compile on z/OS. The > obvious but possibly wrong answer would be to checkout in git as UTF8 > and tag the files. > > If you encode as ISO8859-1, what happens to e.g. literals with > characters not in ISO8859-1? An obvious one would be the Euro character, > but I'm sure there are more. > > -- > Andrew Rowley > Black Hill Software > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: OSA-ICC question
For our benefit here, could you please share what the conclusion is? - KB --- Original Message --- On Wednesday, July 12th, 2023 at 9:17 AM, Laurence Chiu wrote: > Thanks. I thought as much as Googled for this but this link didn't pop up. > That is pretty conclusive. > > On Wed, Jul 12, 2023 at 12:11 PM Joe Monk joemon...@gmail.com wrote: > > > Page 129 > > > > https://www.redbooks.ibm.com/redbooks/pdfs/sg245444.pdf > > > > Joe > > > > On Tue, Jul 11, 2023 at 5:12 PM Laurence Chiu lch...@gmail.com wrote: > > > > > We are having a LPAR being stood up on an outsourcing company's host. It > > > will be for our use but they will manage it via the HMC's and possibly > > > the > > > OSA-ICC port. All regular access to the LPAR will be via 3270 and using > > > our accounts. But a question was asked, what about OSA-ICC access. My > > > understanding is if the OSA Express cards have been defined in IOCD and > > > assigned to the LPAR, and a port(s) configured as OSA-ICC then the > > > outsourcer can access it so long as they have IP connectivity to that IP > > > address. And Z/OS Communications Manager does not need to be started. > > > > > > Is that correct? This is not my area of expertise but one of my > > > colleagues > > > said the OSA Express cards are assigned to the hardware and not to the > > > LPAR > > > which of course makes no sense to me at all. After all you can share OSA > > > Express cards across the LPARs on a CEC. > > > > > > -- > > > For IBM-MAIN subscribe / signoff / archive access instructions, > > > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > > > -- > > For IBM-MAIN subscribe / signoff / archive access instructions, > > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: Python 3.11 on z/OS - UTF-8 errors
Hi David,
A quick question -
Will the same chtag command work for, say, Java packages/projects?
Or, would I have to use chtag -R -tc UTF-8 if a project expects to things to be
in UTF8?
- KB
--- Original Message ---
On Tuesday, July 11th, 2023 at 3:34 AM, David Crayford
wrote:
> It’s difficult to use modern tools when the systems you work on are air
> gapped.
>
> I can’t recreate your problem but I used a different method. I downloaded a
> zip file from Github, uploaded it to z/OS and followed these steps:
>
> jar xf psutill-master.zip
> cd psutil-master
> chtag -R -tc iso8859-1 .
> python3 setup.py
>
> > platform zos is not supported
>
>
> Like I said, it’s a heavy lift to port this package to z/OS.
>
> > On 9 Jul 2023, at 11:08 pm, Frank Allan Rasmussen f...@nal-net.dk wrote:
> >
> > Hi
> >
> > I'm doing this on the company sandbox so I can not make a git clone.
> >
> > And trying 8859-1 (cp 819) does not change anything:
> >
> > /home/bc6608/psutil:chtag -p setup.py
> > t ISO8859-1 T=on setup.py
> >
> > PYTHONWARNINGS=all python3 setup.py build_ext -i `python3 -c "import sys,
> > os; py36 = sys.version_info[:2] >= (3, 6); cpus = os.cpu_count() or 1 if
> > py36 else 1; print('--parallel %s' % cpus if cpus > 1 else '')"`
> > Traceback (most recent call last):
> > File "/home/bc6608/psutil/setup.py", line 47, in
> > from _common import AIX # NOQA
> > ^^^
> > UnicodeDecodeError: 'utf-8' codec can't decode byte 0x97 in position 2:
> > invalid start byte
> >
> > I'm know that getting to run and move it back to github will be
> > clumbersome, but if I do not try I do not learn.
> >
> > BR
> > Frank Allan Rasmussen
> >
> > --
> > For IBM-MAIN subscribe / signoff / archive access instructions,
> > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
>
>
> --
> For IBM-MAIN subscribe / signoff / archive access instructions,
> send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: Code Page for dataset names
Special = any non-alphanumeric symbol that zOS (all access methods, catalogs, etc.) is ok with. It's not necessarily for use in JCL, so doesn't need to be one among those 12. Something PDS/PDSE would accept, like the $-prefixed member names we see today. - KB --- Original Message --- On Friday, July 7th, 2023 at 10:08 PM, Tony Harminc wrote: > On Fri, 7 Jul 2023 at 17:40, kekronbekron > 02dee3fcae33-dmarc-requ...@listserv.ua.edu wrote: > > > Hi Matt, > > > > I suppose... even if the char is different in different code pages, it is > > ok. > > Don't we just need some special char that's available in all known & used > > code pages? > > > That's the "syntactic character set" mentioned earlier. Of course such > a character set will by definition not contain all the characters > needed to satisfy everyone. > > > $ in US, or £ in UK code page, whether they look the same or not in hex, > > isn't the aim to find a special char that works in "all" code pages? > > > What is "special" in this context? > > Tony H. > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: Code Page for dataset names
> > $ in US, or £ in UK code page, whether they look the same or not in hex, > > isn't the aim to find a special char that works in "all" code pages? > > There's a peculiar hazard in using the same code point to represent different > local currency symbols. > May I choose how to print my payment coupon? Yes, so at least for me, I'm interpreting this as what "new" special character can we safely make a standard. Example: Many people use '$' as the first char in PDS/PDSE member names. What other special chars like it work, and can be reserved (for some other OS-specific purpose)? So it doesn't matter how it looks, but rather just a char that needs to exist in all the commonly used pages today. It wouldn't be too far fetched to expect IBM to do a customer survey to find out what code pages are out there and in active use... to then find a char that's present in most/all of them... to then anoint the char as a "new" special char that is going to be used for some project. - KB --- Original Message --- On Friday, July 7th, 2023 at 10:04 PM, Paul Gilmartin <042bfe9c879d-dmarc-requ...@listserv.ua.edu> wrote: > On Fri, 7 Jul 2023 15:39:52 +, kekronbekron wrote: > > > I suppose... even if the char is different in different code pages, it is > > ok. > > Don't we just need some special char that's available in all known & used > > code pages? > > I extended Matt's test. The 3 national characters plus the 12 special > characters > in the JCL Ref. have identical code points in 037, 500, and 1047. > > The Ref. doesn't mention "037" anywhere. I suspect the authors are in denial > concerning the existence of other code pages. > > > $ in US, or £ in UK code page, whether they look the same or not in hex, > > isn't the aim to find a special char that works in "all" code pages? > > There's a peculiar hazard in using the same code point to represent different > local currency symbols. > May I choose how to print my payment coupon? > > > --- Original Message --- > > On Thursday, July 6th, 2023 at 9:51 PM, Matt Hogstrom wrote: > > > > > I did some testing by creating a file in USS in CP047 with the characters > > > “@#$” and then used iconv to convert them to a variety of code pages and > > > compare the results. Some conversions failed but when looking at the code > > > pages that failed they didn’t appear to me to be what I would consider > > > mainstream. For the ones I’m familiar with they all converted correctly. > > > I'd take a neutral view and say "similarly" rather than "correctly". > > -- > gil > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: Code Page for dataset names
Hi Matt, I suppose... even if the char is different in different code pages, it is ok. Don't we just need some special char that's available in all known & used code pages? $ in US, or £ in UK code page, whether they look the same or not in hex, isn't the aim to find a special char that works in "all" code pages? - KB --- Original Message --- On Thursday, July 6th, 2023 at 9:51 PM, Matt Hogstrom wrote: > The original question was posed on StackOverflow here > https://stackoverflow.com/questions/76569347/what-are-the-supported-code-points-for-special-characters-for-valid-z-os-datas > > There is a whole set of answers (opinions) on the subject. > > I did some testing by creating a file in USS in CP047 with the characters > “@#$” and then used iconv to convert them to a variety of code pages and > compare the results. Some conversions failed but when looking at the code > pages that failed they didn’t appear to me to be what I would consider > mainstream. For the ones I’m familiar with they all converted correctly. > > The command was 'iconv -f 1047 -t 37 special > converted;chtag -t -c 37 > converted;cmp special converted’ I changed to the encoding of 37 to other > code pages and most worked fine. You can find the list of cps supported by > issuing 'iconv -l’ and there are a lot of them. > > > Thanks for your comments and feedback. Always interesting how a thread will > go on such a topic as this. > > Matt Hogstrom > > “It may be cognitive, but, it ain’t intuitive." > — Hogstrom > > > > On Jul 5, 2023, at 3:00 PM, John McKown john.archie.mck...@gmail.com wrote: > > > > All JCL is CP-037. This predates any idea of code pages in the OS. The JCL > > converter/interpreter only works with that encoding. > > > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: SORTWK space usage
Yes, IEFUSI is in use. MEMLIT, about 2-6G. - KB --- Original Message --- On Tuesday, July 4th, 2023 at 11:32 AM, Sri h Kolusu wrote: > > > From the few tests I've seen, it seems that DFSORT prefers hiperspaces > > > over memory objects or real memory. > > MEMLIMIT and REGION are decent enough, size-wise, but DFSORT doesn't seem to > touch MO at all; goes directly to Hiperspace. > > KB, > > Do you have any IEFUSI exit in place? Also, what is the MEMLIMIT value in > SMFPRMxx member? > > > Thanks, > Kolusu > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: SORTWK space usage
> DFSORT has the capability of using memory (real and auxiliary storage) and if > it runs out of it, it will then use disk workspace. Hi Sri, I understand you can't share the inner workings any more than what's documented in docs. >From the few tests I've seen, it seems that DFSORT prefers hiperspaces over >memory objects or real memory. MEMLIMIT and REGION are decent enough, size-wise, but DFSORT doesn't seem to touch MO at all; goes directly to Hiperspace. Assume I have MOSIZE=MAX already.. - KB --- Original Message --- On Monday, July 3rd, 2023 at 9:58 PM, Sri h Kolusu wrote: > > > I will only get the primary space of 5000 cylinders, and the other > > > 14x2000 cylinders is never used. Is that right? > > > Billy, > > No. Incorrect. DFSORT will make use of BOTH primary and secondary space > allocations ( 1 primary + 15 Secondary) for a total of 16 extents. So if you > allocated 1 sortwk dataset with (CYL,(5000,2000)), then DFSORT would use 5000 > + 15* 2000 = 5000 + 3 = 35,000 cylinders. Also note that the secondary > extents will only come into picture ONLY when needed. > > > > Is there a written explanation I can forward to the programmers so they > > > understand this? > > > Also (since I know it will come), is there any good way to calculate how > > > much DASD sortwork would be used? I know this depends on what is in > > > memory at the time, but want to get a better handle on how Sort > > > determines what it needs. > > > I would suggest that you use DFSORT's Dynamic Allocation as it will allocate > the required workspace optimally rather than programmers calculating it. The > reason is you don't want to change the allocation every time there is an > increase/decrease in the number of records to be sorted. > > Having said that, here is a general formula that you want to use. > > The amount of sortwk space required depends on the size of the file. It > usually ranges from 1.3X to 1.8X of the size of the file to be sorted > depending on the sorting path that DFSORT chose. > > Filesize = Number of records * Avg length of the record ( for Fixed length > RECFM=F or FB , it is the LRECL value, or RECFM=V or RECFM=VB is the average > length of the record) > > However, that range is applicable ONLY when the entire file is being sorted > using Disk workspace. DFSORT has the capability of using memory (real and > auxiliary storage) and if it runs out of it, it will then use disk workspace. > > > Thanks, > Kolusu > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: z/OSMF
In an attempt to steer this to a brainstorming thing... What are the components of zOSMF, and what are the warts people have noticed? Apart from the UI or that a UI itself exists. Websphere Liberty,... what else? What parts are tunable, what capabilities are needed, etc? - KB --- Original Message --- On Saturday, July 1st, 2023 at 2:38 AM, Tom Marchant <000a2a8c2020-dmarc-requ...@listserv.ua.edu> wrote: > I don't see why, and that wouldn't be consistent with what they have done in > the past. > Some examples: > z/OS 2.1 was available September 2013. It was not supported on a z990 or a > Z890. Support for those were dropped in 2014 and 2016 > z/OS 2.2 was available in 2015. It was not supported on a z9. z9 EC was > supported until 2017. z9 BC was supported until 2019. > z/OS 2.3 was available in 2017. It was not supported on a z196 (support > dropped 2021) or z114 (supported until 2022). > z/OS 2.5 was available in 2021. It was not supported on a zEC12 or a zBC12. > AFAIK, support for those have not yet been dropped. > > I'm not sure, but I think that what IBM has done is to support a level of > hardware until the last release of z/OS that is supported on that machine is > off support, or at least withdrawn from marketing. Not to support a new > release of the operating system on all processors that are currently > supported at GA. > > -- > Tom Marchant > > On Fri, 30 Jun 2023 01:01:21 -0500, Brian Westerman > brian_wester...@syzygyinc.com wrote: > > > So is IBM definitely dropping support for the z13s BEFORE z/OS 3.1 is > > officially out? If not, then it should be supported by z/OS 3.1. . . . > > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: z/OSMF
Mainframe s/w giants may continue today's practice, but as a h/w provider, IBM have really got to up their game. If anyone has seen the hardware coming out of AMD and NVIDIA, they're wild... w.i.l.d. And without even seeing the TCO of an IBM vs AMD/NVIDIA solution, it's safe to say you get far more out of the latter. Having said that, disruption in software pricing would be very, very welcome. At least transparency, rather than what's-he-wearing-based pricing. In general news, IBM announced they're going to aquire Apptio. Could pricing get better or worse? :) - KB --- Original Message --- On Tuesday, June 27th, 2023 at 4:52 PM, Jack Zukt wrote: > A long time ago, when the only computers available were mainframes, IBM and > ISV pricing strategy may have made a lot of sense. > When I first started working on IT, four decades ago, around here there > were a few dozen of places running IBM MVS, VSE and VM. > Today, after bank and insurance consolidation, plus outsourcing, there are > very, very few remaining. And where before you could only rely on big iron > to run your loads, today there are several much cheaper alternatives being > aggressively offered. > It seems to me that IBM is not concerned with the smaller clients. If you > cannot pay the big bucks then, by all means, take your business elsewhere. > Those clients that need multiple LPARs on multiple boxes, probably will > continue with IBM for the foreseeable future. The others will give up due > to the price. > It is a suicidal strategy as those giving up today will pave the way for > the bigger ones to get out in the future. > Regards > Jack > > On Tue, Jun 27, 2023, 06:51 Neil O'Connor ver.z...@outlook.com wrote: > > > I used z/OSMF on a z13s from 2018 till the end of 2022. Since then it's on > > a z15 T02. I have not found performance to be an issue. It was really bad > > in the early days before it exploited Liberty Profile, but much better > > after that. > > > > Neil. > > > > -Original Message- > > From: IBM Mainframe Discussion List IBM-MAIN@LISTSERV.UA.EDU On Behalf > > Of Brian Westerman > > Sent: Tuesday, 27 June 2023 14:48 > > To: IBM-MAIN@LISTSERV.UA.EDU > > Subject: Re: z/OSMF > > > > I manage 3 sites that each have a z13s with no specialty processors, they > > were deemed unnecessary at the time of the purchase, and at the time IBM > > didn't disclose that shortly afterwards they would be shifting to z/OSMF > > which all but locks them out of installing the next release. > > > > Possibly IBM should not sell processors that are under powered for the > > mandatory processes, or possibly not force sites to upgrade the processor > > they purchased jsut because IBM has decided that z/OSMF is "easier" than > > Serverpac. > > > > It would have been smarter for IBM to keep z/OSMF based installation > > optional until the z13s was no longer a supported processor. > > > > Brian > > > > -- > > For IBM-MAIN subscribe / signoff / archive access instructions, send email > > to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > > > -- > > For IBM-MAIN subscribe / signoff / archive access instructions, > > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: z/OSMF
QQ - what's a PCI? - KB --- Original Message --- On Tuesday, June 27th, 2023 at 10:37 AM, Timothy Sipples wrote: > Andrew Rowley wrote: > > > I've said it before but I'll say it again - to avoid embarrassment > > alongside 5 year old laptops or perhaps even a Raspberry Pi, IBM needs > > to figure out how to bring the smallest z/OS systems up to a modern > > configuration - I would suggest minimum 4 processors and 200 MSU. > > > IBM doesn't require anyone to order/configure less than 200 MSUs (PCIs) of > general purpose processor capacity. If you want to order a configuration like > that go for it! > > Bearing in mind that VSEn is important and also exists, and IBM really ought > to be building machines that also cater to VSEn customers, here's the current > minimum orderable machine configuration (latest model) for z/OS and VSEn: > > * IBM z16 A02 (or AGZ for rack mount) > * Capacity Model A01 > * Base CP capacity: 105 PCIs (13 MSUs) > * z/OS System Recovery Boosted capacity (standard/no additional charge): > 1,982 PCIs > * 64GB of usable memory (plus HSA) > > Add just 1 zIIP and you get ~1,900 PCIs of full-time zIIP capacity with 2 > processor threads (SMT2). You can add as many zIIPs as you wish up to the > physical capacity of the machine. > > Capacity Model A01 continues to be zELC eligible on the full capacity. Even > though it has 105 PCIs (plus System Recovery Boost, plus more and far better > on chip accelerators, plus optional zIIPs) it still qualifies for the same > software licensing tier that the ~26 PCIs IBM z890 Model 110 did 19 years ago. > > I don't see any problem here. If 105 PCIs/13 MSUs (plus a zIIP I suggest) is > all you need for your z/OS computing, well OK then! That model is available, > and (in most countries) you can get a nifty rack mounted form factor if you'd > like. If you need more, OK, that's available too. > > Here's the recent history of minimum orderable/configurable CP capacity (all > Capacity Models A01): > > IBM z16 A02/AGZ: 105 PCIs* > IBM z15 T02: 98 PCIs** > IBM z14 ZR1: 88 PCIs > IBM z13s: 80 PCIs > IBM zBC12: 50 PCIs > IBM z114: 26 PCIs > > * System Recovery Boost capacity: 1,982 PCIs > ** System Recovery Boost capacity: 1,761 PCIs > > The z114 was announced in 2011 and the z16 A02/AGZ in 2023. Over that period > IBM increased the minimum orderable CP capacity by ~12.4% per year > (compounded), plus SRB. > > — > Timothy Sipples > Senior Architect > Digital Assets, Industry Solutions, and Cybersecurity > IBM zSystems/LinuxONE, Asia-Pacific > sipp...@sg.ibm.com > > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: Trace XL C Preprocessor input
Sprinkle a bunch of #warning "I'm here" in all code paths. Unique messages of course. - KB --- Original Message --- On Saturday, June 24th, 2023 at 5:30 AM, Eric Erickson wrote: > Using XL C on z/OS V2R5. I've got a set of #ifdefs in a header file that are > not giving me the results I expect. I know on other compilers I've used in > the past that there were options to output all input statements showing the > #ifdefs and how the logic was processed. I need the same thing for the XL C > compiler, but can not seem to find the proper options. I tried PPONLY, but it > only showed the output after preprocessing it does not show the #ifdefs, > which I need to see how the logic is getting executed. > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: Coupling Facility Structure Resizing
Hi Bill, everyone On top of this, we manually factor for failover, headroom for growth etc. as 20% of current avg/peak (for example), and then allocate 1.2x memory for the CF LPAR itself? In short, how does one go from structure size calculations to CF LPAR memory sizing, in the context of machine or CFCC upgrades. - KB --- Original Message --- On Sunday, June 18th, 2023 at 8:05 AM, Bill Neiman wrote: > The appropriate tool for resizing structures during a migration from one > CFLevel to another is the SIZER utility, which is distinct from CFSizer. > SIZER uses the IXLMG and IXCQUERY APIs to collect structure attribute and > count information from all allocated structures, and then uses the IXLCSP API > to direct structure size computation requests based on that collected > information to all CFs connected to the system from which it is running. You > can download the SIZER package, containing the executable, linkedit JCL, > execution JCL, and a user guide, from the CFSizer alternate sizing techniques > page at > https://www.ibm.com/support/pages/cfsizer-alternate-sizing-techniques. The > utility runs as a batch job or started task. The documentation explains the > use case, procedure for use, and interpretation of the results. Read it > carefully before running the utility. Note in particular that for SIZER to be > helpful during migration, you must run it when both old and new CFs are > installed in the sysplex. > > Bill Neiman > IBM Parallel Sysplex Development > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: Best practice for /etc and /var when upgrading
I'm only taking into consideration the work cultures in different sites, and all that it entails. At your employer, "obvious things" may be easily accepted. I don't know if it's fair to say, therefore that's how it is everywhere. Honestly, what % of mainframe sysadmins use Artifactory vs the rest (mainframe developers, distributed folks). Are you really saying mainframe sysadmins prevalently use rsync to keep config backups? - KB --- Original Message --- On Thursday, June 8th, 2023 at 6:36 AM, David Crayford wrote: > On 7/6/2023 10:04 pm, kekronbekron wrote: > > > > Git is not the right tool for tracking systems directories such as /etc > > > and var. No sysadmin wants a .git directory in system directories. > > > Maybe it's easier if zOSMF used it internally, and maintains a mirror of > > > (a selected subset perhaps) system config? > > > As you can infer, I'm just trying to find the holes in having config as > > > code, where zOSMF is the centre-piece... since it's doing zOS config > > > anyway. > > > > I don't think any sysadmin will want system configs out in an artifact repo > > either... > > > Really? That's a rather odd statement considering it's one of it's use > cases. Back in the day admins would use rsync now they use Artifactory. > > > - KB > > > > --- Original Message --- > > On Wednesday, June 7th, 2023 at 6:52 PM, David Crayford dcrayf...@gmail.com > > wrote: > > > > > Git is not the right tool for tracking systems directories such as /etc > > > and var. No sysadmin wants a .git directory in system directories. We > > > use Artifactory which has an excellent API with diffs, versioning and > > > other tools such as hosting. It has a REST API but you can use a Python > > > library to script it https://pypi.org/project/pyartifactory/. > > > > > > On 7/6/2023 11:52 am, kekronbekron wrote: > > > > > > > True, which is why a colourized and visually easy interface to viewing > > > > the diff (like the diff view in GitHub or JetBrains IDEs) is important > > > > to make its use a lot easier. > > > > > > > > - KB > > > > > > > > --- Original Message --- > > > > On Wednesday, June 7th, 2023 at 9:15 AM, Gibney, Dave > > > > 03b5261cfd78-dmarc-requ...@listserv.ua.edu wrote: > > > > > > > > > On occasion, I tried the USS diff to evaluate my running /etc against > > > > > a new serverpac version. And sometimes to compare the previous > > > > > serverpac version with the new one. > > > > > > > > > > The utility of this exercise varied. > > > > > > > > > > > -Original Message- > > > > > > From: IBM Mainframe Discussion List IBM-MAIN@LISTSERV.UA.EDU On > > > > > > Behalf Of kekronbekron > > > > > > Sent: Tuesday, June 6, 2023 7:36 PM > > > > > > To: IBM-MAIN@LISTSERV.UA.EDU > > > > > > Subject: Re: Best practice for /etc and /var when upgrading > > > > > > > > > > > > Integrating git is not something we as customers need to take on > > > > > > ourselves > > > > > > (for system upgrade workflows like this). > > > > > > It's something best given in a polished manner by IBM, as a part of > > > > > > zOSMF. > > > > > > And again, getting git ourself is another thing; so the suggestion > > > > > > on IBM > > > > > > establishing a dependency on git (ex: for zOSMF's use) and working > > > > > > backwards > > > > > > up to what is required. > > > > > > Of course, they can choose IBM zOS Change tracker, but it's not > > > > > > free, and is yet > > > > > > another thing to learn. > > > > > > As long as there's a solution that hides the complexities and > > > > > > delivers the > > > > > > niceness in an interface, that'll be the way to go. > > > > > > > > > > > > CA's Mainframe/Chorus Software Manager was ahead of its time. > > > > > > It or zOSMF needs to be far, far better today than CSM was years > > > > > > ago. > > > > > > > > > > > > - KB > > > > > > > > > > > > --- Original Message --- > > > > > > On Wednesday, June 7th, 2023 at 7:56
Re: Kafka
Frank, There are Kafka client libraries available in multiple languages. You should be able to use one of them, depending on how integrated you want it to be. Ex: If there's a need to do it from COBOL or something, I have no clue. If it's from Python/Go/C/C++, something will be available. - KB --- Original Message --- On Wednesday, June 7th, 2023 at 11:37 PM, Frank Swarbrick wrote: > Ah, I should have known I'd get a "systems" answer. I am wondering about user > applications usage. > Frank > > From: IBM Mainframe Discussion List IBM-MAIN@LISTSERV.UA.EDU on behalf of > Matt Hogstrom m...@hogstrom.org > > Sent: Wednesday, June 7, 2023 9:02 AM > To: IBM-MAIN@LISTSERV.UA.EDU IBM-MAIN@LISTSERV.UA.EDU > > Subject: Re: Kafka > > For SMF data, Console Logs and other operational data the ones I’m familiar > with are: > > IBM Common Data Provider > Precisely IronStream (formerly SyncSort) > Broadcom has the means to forward data through their CA Common Services > > > Matt Hogstrom > m...@hogstrom.org > +1-919-656-0564 > PGP Key: 0x90ECB270 > Facebook https://facebook.com/matt.hogstrom LinkedIn > https://linkedin/in/mhogstrom Twitter https://twitter.com/hogstrom > > > “It may be cognitive, but, it ain’t intuitive." > — Hogstrom > > > > On Jun 6, 2023, at 4:00 PM, Frank Swarbrick frank.swarbr...@outlook.com > > wrote: > > > > Does anyone publish messages to Kafka from z/OS? If so, what technology do > > you use? > > > > -- > > For IBM-MAIN subscribe / signoff / archive access instructions, > > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: Best practice for /etc and /var when upgrading
> Git is not the right tool for tracking systems directories such as /etc and > var. No sysadmin wants a .git directory in system directories. Maybe it's easier if zOSMF used it internally, and maintains a mirror of (a selected subset perhaps) system config? As you can infer, I'm just trying to find the holes in having config as code, where zOSMF is the centre-piece... since it's doing zOS config anyway. I don't think any sysadmin will want system configs out in an artifact repo either... - KB --- Original Message --- On Wednesday, June 7th, 2023 at 6:52 PM, David Crayford wrote: > Git is not the right tool for tracking systems directories such as /etc > and var. No sysadmin wants a .git directory in system directories. We > use Artifactory which has an excellent API with diffs, versioning and > other tools such as hosting. It has a REST API but you can use a Python > library to script it https://pypi.org/project/pyartifactory/. > > On 7/6/2023 11:52 am, kekronbekron wrote: > > > True, which is why a colourized and visually easy interface to viewing the > > diff (like the diff view in GitHub or JetBrains IDEs) is important to make > > its use a lot easier. > > > > - KB > > > > --- Original Message --- > > On Wednesday, June 7th, 2023 at 9:15 AM, Gibney, Dave > > 03b5261cfd78-dmarc-requ...@listserv.ua.edu wrote: > > > > > On occasion, I tried the USS diff to evaluate my running /etc against a > > > new serverpac version. And sometimes to compare the previous serverpac > > > version with the new one. > > > > > > The utility of this exercise varied. > > > > > > > -Original Message- > > > > From: IBM Mainframe Discussion List IBM-MAIN@LISTSERV.UA.EDU On > > > > Behalf Of kekronbekron > > > > Sent: Tuesday, June 6, 2023 7:36 PM > > > > To: IBM-MAIN@LISTSERV.UA.EDU > > > > Subject: Re: Best practice for /etc and /var when upgrading > > > > > > > > Integrating git is not something we as customers need to take on > > > > ourselves > > > > (for system upgrade workflows like this). > > > > It's something best given in a polished manner by IBM, as a part of > > > > zOSMF. > > > > And again, getting git ourself is another thing; so the suggestion on > > > > IBM > > > > establishing a dependency on git (ex: for zOSMF's use) and working > > > > backwards > > > > up to what is required. > > > > Of course, they can choose IBM zOS Change tracker, but it's not free, > > > > and is yet > > > > another thing to learn. > > > > As long as there's a solution that hides the complexities and delivers > > > > the > > > > niceness in an interface, that'll be the way to go. > > > > > > > > CA's Mainframe/Chorus Software Manager was ahead of its time. > > > > It or zOSMF needs to be far, far better today than CSM was years ago. > > > > > > > > - KB > > > > > > > > --- Original Message --- > > > > On Wednesday, June 7th, 2023 at 7:56 AM, Mark Zelden > > > > m...@mzelden.com wrote: > > > > > > > > > I don't know git so I can't really comment. I did google gif diff and > > > > > see what > > > > > you mean > > > > > now by a patch. > > > > > > > > > > For one, it seems like overkill. Two, I don't have git diff on z/OS > > > > > so somehow > > > > > I'd have to > > > > > get all my existing /etc (and /var) out there to compare what IBM > > > > > would put > > > > > out there > > > > > that matches the /etc (and /var) you get with a new OS? > > > > > > > > > > To go back to my parmlib example, why would I need to compare > > > > > IPO1.PARMLIB sample > > > > > members to my running parmlib members from a system I'm about to > > > > > upprade. > > > > > The LNKLST, APF, SVCs, etc are are locally customized for my running > > > > > system. > > > > > However, if > > > > > a new sample member was introduced that could be used if I implemented > > > > > some new > > > > > feature, then it may be nice to have that sample in my running > > > > > parmlib with > > > > > the > > > > > "merge" process or "IEBCOPY, no replace" if you will
Re: Best practice for /etc and /var when upgrading
True, which is why a colourized and visually easy interface to viewing the diff (like the diff view in GitHub or JetBrains IDEs) is important to make its use a lot easier. - KB --- Original Message --- On Wednesday, June 7th, 2023 at 9:15 AM, Gibney, Dave <03b5261cfd78-dmarc-requ...@listserv.ua.edu> wrote: > On occasion, I tried the USS diff to evaluate my running /etc against a new > serverpac version. And sometimes to compare the previous serverpac version > with the new one. > > The utility of this exercise varied. > > > -Original Message- > > From: IBM Mainframe Discussion List IBM-MAIN@LISTSERV.UA.EDU On > > Behalf Of kekronbekron > > Sent: Tuesday, June 6, 2023 7:36 PM > > To: IBM-MAIN@LISTSERV.UA.EDU > > Subject: Re: Best practice for /etc and /var when upgrading > > > > Integrating git is not something we as customers need to take on ourselves > > (for system upgrade workflows like this). > > It's something best given in a polished manner by IBM, as a part of zOSMF. > > And again, getting git ourself is another thing; so the suggestion on IBM > > establishing a dependency on git (ex: for zOSMF's use) and working backwards > > up to what is required. > > Of course, they can choose IBM zOS Change tracker, but it's not free, and > > is yet > > another thing to learn. > > As long as there's a solution that hides the complexities and delivers the > > niceness in an interface, that'll be the way to go. > > > > CA's Mainframe/Chorus Software Manager was ahead of its time. > > It or zOSMF needs to be far, far better today than CSM was years ago. > > > > - KB > > > > --- Original Message --- > > On Wednesday, June 7th, 2023 at 7:56 AM, Mark Zelden > > m...@mzelden.com wrote: > > > > > I don't know git so I can't really comment. I did google gif diff and see > > > what > > > you mean > > > now by a patch. > > > > > > For one, it seems like overkill. Two, I don't have git diff on z/OS so > > > somehow > > > I'd have to > > > get all my existing /etc (and /var) out there to compare what IBM would > > > put > > > out there > > > that matches the /etc (and /var) you get with a new OS? > > > > > > To go back to my parmlib example, why would I need to compare > > > IPO1.PARMLIB sample > > > members to my running parmlib members from a system I'm about to > > > upprade. > > > The LNKLST, APF, SVCs, etc are are locally customized for my running > > > system. > > > However, if > > > a new sample member was introduced that could be used if I implemented > > > some new > > > feature, then it may be nice to have that sample in my running parmlib > > > with > > > the > > > "merge" process or "IEBCOPY, no replace" if you will. :) > > > > > > Not really a good comparison because in this scenario the new parmlib > > > member would be put > > > in the SMP/E target IBM.PARMLIB or in SAMPLIB, but it is the best I could > > > come up with > > > right now. > > > > > > BTW, A better approach to what the OP said happened in his upgrade (done > > > by some > > > 3rd party) is to not touch it at all and just use your existing /etc and > > > /var for > > > your OS > > > upgrade or a copy of it with documented required changes from the upgrade > > > workflow, > > > just like you would handle required parmlib changes. > > > > > > Regards, > > > > > > Mark > > > -- > > > Mark Zelden - Zelden Consulting Services - z/OS, OS/390 and MVS > > > ITIL v3 Foundation Certified > > > mailto:m...@mzelden.com > > > Mark's MVS Utilities: > > > https://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Furld > > > efense.com%2Fv3%2F__http%3A%2F%2Fwww.mzelden.com%2Fmvsutil.ht > > > ml__%3B!!JmPEgBY0HMszNaDT!pk5HXJWpgjdGm1ZKxIR0jXpfieiYVx5kXcbXxI > > > juUxrbI5Q96ZNuTbnMoBubxwv4x6Hh483- > > > uHawPpVeYyZWlAbrCog_VLTF%24=05%7C01%7CGIBNEY%40WSU.ED > > > U%7C503456fbfcbe4365386708db67000c1a%7Cb52be471f7f147b4a8790 > > > c799bb53db5%7C0%7C0%7C638217022129812477%7CUnknown%7CTWF > > > pbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJX > > > VCI6Mn0%3D%7C3000%7C%7C%7C=u1zF6wTztHDEhj1jeBW4YCupjk > > > 1DpKQjwtgLZgrRxFI%3D=0 > > > > > > On Wed, 7 Jun 2023 01:53:40 +, kekronbekron > > > kekronbek...@protonmail.com
Re: Best practice for /etc and /var when upgrading
Integrating git is not something we as customers need to take on ourselves (for system upgrade workflows like this). It's something best given in a polished manner by IBM, as a part of zOSMF. And again, getting git ourself is another thing; so the suggestion on IBM establishing a dependency on git (ex: for zOSMF's use) and working backwards up to what is required. Of course, they can choose IBM zOS Change tracker, but it's not free, and is yet another thing to learn. As long as there's a solution that hides the complexities and delivers the niceness in an interface, that'll be the way to go. CA's Mainframe/Chorus Software Manager was ahead of its time. It or zOSMF needs to be far, far better today than CSM was years ago. - KB --- Original Message --- On Wednesday, June 7th, 2023 at 7:56 AM, Mark Zelden wrote: > I don't know git so I can't really comment. I did google gif diff and see > what you mean > now by a patch. > > For one, it seems like overkill. Two, I don't have git diff on z/OS so > somehow I'd have to > get all my existing /etc (and /var) out there to compare what IBM would put > out there > that matches the /etc (and /var) you get with a new OS? > > To go back to my parmlib example, why would I need to compare IPO1.PARMLIB > sample > members to my running parmlib members from a system I'm about to upprade. > The LNKLST, APF, SVCs, etc are are locally customized for my running system. > However, if > a new sample member was introduced that could be used if I implemented some > new > feature, then it may be nice to have that sample in my running parmlib with > the > "merge" process or "IEBCOPY, no replace" if you will. :) > > Not really a good comparison because in this scenario the new parmlib member > would be put > in the SMP/E target IBM.PARMLIB or in SAMPLIB, but it is the best I could > come up with > right now. > > BTW, A better approach to what the OP said happened in his upgrade (done by > some > 3rd party) is to not touch it at all and just use your existing /etc and /var > for your OS > upgrade or a copy of it with documented required changes from the upgrade > workflow, > just like you would handle required parmlib changes. > > Regards, > > Mark > -- > Mark Zelden - Zelden Consulting Services - z/OS, OS/390 and MVS > ITIL v3 Foundation Certified > mailto:m...@mzelden.com > Mark's MVS Utilities: http://www.mzelden.com/mvsutil.html > > > On Wed, 7 Jun 2023 01:53:40 +, kekronbekron kekronbek...@protonmail.com > wrote: > > > Consider, for example, you upgrade from Ubuntu 20.04 to 22.04, and have > > updated the sudoers file. > > When upgrading, you get a prompt showing a diff between the new version and > > your customized version. > > > > And quoting a bit from your reply... > > > > > compare the distributed /etc to what you already have to see if possible > > > other changes > > > may be desired. > > > > "compare the..." > > > > Normal diff, git diff... > > > > /untouched/etc/ > > /custom/etc > > > > (git) diff against both to see what we customized. > > create a patch > > > > /new-untouched/etc/ > > /new-custom/etc/ > > > > Here, I'm saying /new-custom/etc/ can be created by doing a git apply of > > the patch from earlier. > > > > I mean... creating patches is quite common to keep just the delta, on a > > version-controlled repository. > > > > If it still doesn't make sense, it would be good to correct my > > understanding... without being pointed to the git website :) > > > > - KB > > > > --- Original Message --- > > On Tuesday, June 6th, 2023 at 9:29 PM, Mark Zelden m...@mzelden.com wrote: > > > > > On Tue, 6 Jun 2023 03:15:46 +, kekronbekron > > > kekronbek...@protonmail.com wrote: > > > > > > > I do wonder... with git now available, and this being normal USS, maybe > > > > zOSMF can start formally adopting/requiring git. > > > > Then, moving updates from these files onto newer versions is a matter > > > > of applying git patches on the new ones, where possible. > > > > Something that the zOSMF UI can accomodate. > > > > > > > > Do let me know if this doesn't make sense lol. > > > > > > No, that makes no sense. Think of /etc as the SYS1.PARMLIB for z/OS Unix. > > > Any customization to > > > existing files should not be touched. That is why it only makes sense to > > > copy what's new
Re: Best practice for /etc and /var when upgrading
Consider, for example, you upgrade from Ubuntu 20.04 to 22.04, and have updated the sudoers file. When upgrading, you get a prompt showing a diff between the new version and your customized version. And quoting a bit from your reply... > compare the distributed /etc to what you already have to see if possible > other changes may be desired. "compare the..." Normal diff, git diff... /untouched/etc/ /custom/etc (git) diff against both to see what we customized. create a patch /new-untouched/etc/ /new-custom/etc/ Here, I'm saying /new-custom/etc/ can be created by doing a git apply of the patch from earlier. I mean... creating patches is quite common to keep just the delta, on a version-controlled repository. If it still doesn't make sense, it would be good to correct my understanding... without being pointed to the git website :) - KB --- Original Message --- On Tuesday, June 6th, 2023 at 9:29 PM, Mark Zelden wrote: > On Tue, 6 Jun 2023 03:15:46 +, kekronbekron kekronbek...@protonmail.com > wrote: > > > I do wonder... with git now available, and this being normal USS, maybe > > zOSMF can start formally adopting/requiring git. > > Then, moving updates from these files onto newer versions is a matter of > > applying git patches on the new ones, where possible. > > Something that the zOSMF UI can accomodate. > > > > Do let me know if this doesn't make sense lol. > > > No, that makes no sense. Think of /etc as the SYS1.PARMLIB for z/OS Unix. Any > customization to > existing files should not be touched. That is why it only makes sense to copy > what's new into it > and also compare the distributed /etc to what you already have to see if > possible other changes > may be desired. I can't think of many required changes of the years but when > there are > they are (or should be) in the migration manual or upgrade workflow for > current versions. > > Regards, > > Mark > -- > Mark Zelden - Zelden Consulting Services - z/OS, OS/390 and MVS > ITIL v3 Foundation Certified > mailto:m...@mzelden.com > Mark's MVS Utilities: http://www.mzelden.com/mvsutil.html > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: z/OS 3.1: Now UNIXR Certified
> Porting applications to Linux-s390x has never been particularly difficult. It starts getting hairy when attempts are made for vectorized apps, or other acceleration frameworks that are available for x86 Intel or AMD. Can't port all of them but maybe need to re-create them, to have the same capabilities on Z. - KB --- Original Message --- On Tuesday, June 6th, 2023 at 2:25 AM, Rick Troth wrote: > Porting applications to Linux-s390x has never been particularly difficult. > The biggest challenge has always been such things as endianness. > Linux-s390x presents the same kernel interface to userland as Linux-i386. > > Porting to USS has (at least) two significant hurdles: EBCDIC and a > different system interface. Being Unix certified doesn't really help the > porting process. > Even so, I wish that more packages would be ported to USS. It's better > FOR ANY GIVEN PACKAGE that it be ported to USS (and/or to other Unix, > such as Slolaris or AIX). The more broadly a package ports, the better > the health of its heart/core. > But I'm not being altrustic: I wish that they were available on USS. I > miss them! > > -- R; <>< > > > > On 6/5/23 11:01, kekronbekron wrote: > > > True, however, I expect it to at least be less difficult than it was in the > > past. > > Less difficult that it was with linux/s390x. > > Some of the key things IBM has done (and is doing) are > > LinuxONE community cloud, > > Wazi as a Service (on IBM cloud), > > and upstreaming LLVM and Golang bits. > > > > Icing on the cake will be zDT Learner's Edition, if it ever sees the light > > of day again. > > > > Are there any other noteworthy ports that haven't been upstreamed to > > because of this? > > > > - KB > > > > --- Original Message --- > > On Monday, June 5th, 2023 at 5:31 PM, David Crayford dcrayf...@gmail.com > > wrote: > > > > > On 5/6/2023 7:42 pm, kekronbekron wrote: > > > > > > > > porting RocksDB > > > > > Is zOS support upstreamed too, by any chance? > > > > > > The likelihood of the Meta maintainers accepting a z/OS patch PR is > > > extremely low. Due to z/OS being a niche platform, maintainers tend to > > > be hesitant in accepting patches unless they are supported by > > > organizations such as IBM (in the case of Node.js) with a commitment to > > > support the port. A notable example is the Perl community, which faced > > > significant challenges when removing EBCDIC support after the original > > > porters (IBM) lost interest. As a result, it is more commonplace to > > > maintain a separate patch file for z/OS-specific modifications. > > > > > > > - KB > > > > --- Original Message --- > > > > On Monday, June 5th, 2023 at 4:35 PM, David Crayford > > > > dcrayf...@gmail.com wrote: > > > > > > > > > One compelling reason to embrace zFS is its potential for > > > > > modernization > > > > > and facilitating the development of contemporary tools. While > > > > > acknowledging the significance of QSAM, VSAM KSDS, and other older > > > > > technologies, it is crucial to recognize the advancements made in data > > > > > structure formats for disk files since the days of VSAM. In the > > > > > present > > > > > era, LSM-trees have gained popularity for their application in NoSQL > > > > > key-value stores, blazing-fast TSDBs, and highly optimized logging > > > > > systems. > > > > > > > > > > Attempting to implement an LSM-tree using VSAM would be an arduous > > > > > endeavor, bordering on a nightmare. Even with the assistance of Media > > > > > Manager, it remains a Herculean task to reconcile these two disparate > > > > > technologies. > > > > > > > > > > I dedicated a couple of hours to porting RocksDB, and the results have > > > > > been nothing short of exceptional. It operates seamlessly on z/OS, > > > > > demonstrating its prowess and resilience. Another noteworthy aspect of > > > > > LSM-trees is their inherent ability to merge and compact while in > > > > > operation, eliminating the need for reorgs. > > > > > https://github.com/facebook/rocksdb > > > > > > > > > > https://www.youtube.com/watch?v=I6jB0nM9SKU > > > > > > > > > > On 5/6/2023 5:55 pm, David Crayford wrote: > > > > > &g
Re: Best practice for /etc and /var when upgrading
I do wonder... with git now available, and this being normal USS, maybe zOSMF can start formally adopting/requiring git. Then, moving updates from these files onto newer versions is a matter of applying git patches on the new ones, where possible. Something that the zOSMF UI can accomodate. Do let me know if this doesn't make sense lol. - KB --- Original Message --- On Tuesday, June 6th, 2023 at 1:49 AM, Gibney, Dave <03b5261cfd78-dmarc-requ...@listserv.ua.edu> wrote: > No > > > -Original Message- > > From: IBM Mainframe Discussion List IBM-MAIN@LISTSERV.UA.EDU On > > Behalf Of Pew, Curtis G > > Sent: Monday, June 5, 2023 11:01 AM > > To: IBM-MAIN@LISTSERV.UA.EDU > > Subject: Best practice for /etc and /var when upgrading > > > > [EXTERNAL EMAIL] > > > > How do people handle /SYSTEM/etc and /SYSTEM/var when upgrading z/OS? > > In the past we’ve had these filesystems on an auxiliary volume, so that they > > remained the same during any upgrades unless we deliberately changed > > something. For our last upgrade (this past weekend) our management > > outsourced the upgrade to a 3rd party service provider, and the sysprog > > doing > > it configured completely new filesystems for these that were the generic > > IBM- > > provided versions, without any of our customizations. He claims this is a > > best > > practice. What say ye? > > > > -- > > Curtis Pew > > ITS Campus Solutions > > curtis@austin.utexas.edu > > > > -- > > For IBM-MAIN subscribe / signoff / archive access instructions, > > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: z/OS 3.1: Now UNIXR Certified
True, however, I expect it to at least be less difficult than it was in the past. Less difficult that it was with linux/s390x. Some of the key things IBM has done (and is doing) are LinuxONE community cloud, Wazi as a Service (on IBM cloud), and upstreaming LLVM and Golang bits. Icing on the cake will be zDT Learner's Edition, if it ever sees the light of day again. Are there any other noteworthy ports that haven't been upstreamed to because of this? - KB --- Original Message --- On Monday, June 5th, 2023 at 5:31 PM, David Crayford wrote: > On 5/6/2023 7:42 pm, kekronbekron wrote: > > > > porting RocksDB > > > Is zOS support upstreamed too, by any chance? > > > The likelihood of the Meta maintainers accepting a z/OS patch PR is > extremely low. Due to z/OS being a niche platform, maintainers tend to > be hesitant in accepting patches unless they are supported by > organizations such as IBM (in the case of Node.js) with a commitment to > support the port. A notable example is the Perl community, which faced > significant challenges when removing EBCDIC support after the original > porters (IBM) lost interest. As a result, it is more commonplace to > maintain a separate patch file for z/OS-specific modifications. > > > - KB > > --- Original Message --- > > On Monday, June 5th, 2023 at 4:35 PM, David Crayford dcrayf...@gmail.com > > wrote: > > > > > One compelling reason to embrace zFS is its potential for modernization > > > and facilitating the development of contemporary tools. While > > > acknowledging the significance of QSAM, VSAM KSDS, and other older > > > technologies, it is crucial to recognize the advancements made in data > > > structure formats for disk files since the days of VSAM. In the present > > > era, LSM-trees have gained popularity for their application in NoSQL > > > key-value stores, blazing-fast TSDBs, and highly optimized logging > > > systems. > > > > > > Attempting to implement an LSM-tree using VSAM would be an arduous > > > endeavor, bordering on a nightmare. Even with the assistance of Media > > > Manager, it remains a Herculean task to reconcile these two disparate > > > technologies. > > > > > > I dedicated a couple of hours to porting RocksDB, and the results have > > > been nothing short of exceptional. It operates seamlessly on z/OS, > > > demonstrating its prowess and resilience. Another noteworthy aspect of > > > LSM-trees is their inherent ability to merge and compact while in > > > operation, eliminating the need for reorgs. > > > https://github.com/facebook/rocksdb > > > > > > https://www.youtube.com/watch?v=I6jB0nM9SKU > > > > > > On 5/6/2023 5:55 pm, David Crayford wrote: > > > > > > > On 2/6/2023 11:31 pm, René Jansen wrote: > > > > > > > > > What I remember of it is that he was convinced it was a lot slower. > > > > > He was mistaken! I've tested it out, and QSAM is no match for zFS. You > > > > > can find the details in this gist: > > > > > https://gist.github.com/daveyc/14b45d6d70d8dd9af1848e539d78881f. > > > > > Adding an fsync() call after writing each record barely incurs any > > > > > overhead. zFS, operating with highly optimized Media Manager APIs, > > > > > handles it efficiently. Additionally, zFS functions as a caching file > > > > > system. > > > > > > > > I have observed a certain degree of snobbery among many > > > > traditionalists when it comes to USS. I can recall an incident from > > > > approximately 15 years ago when I advocated for the use of sqlite in > > > > one of our products. My boss dismissed the idea, expressing concerns > > > > that customers might be deterred by using the UNIX file system. > > > > Consequently, we opted for a VSAM KSDS, despite its inherent > > > > limitations. Interestingly, it is worth noting that there are now > > > > numerous IBM z/OS products that embrace sqlite, with some even > > > > integrating it with HLASM. > > > > > > > > > So I told him that nobody forced him not to use QSAM for datasets > > > > > just because it ran in USS. And it think that is a great asset of it. > > > > > Just because Unix forces you to have a hierarchical directory system > > > > > does not mean, in USS, that you need to use it for all I/O. > > > > > > > > > > René. > > > > > > > > > > >
Re: z/OS 3.1: Now UNIXR Certified
> porting RocksDB Is zOS support upstreamed too, by any chance? - KB --- Original Message --- On Monday, June 5th, 2023 at 4:35 PM, David Crayford wrote: > One compelling reason to embrace zFS is its potential for modernization > and facilitating the development of contemporary tools. While > acknowledging the significance of QSAM, VSAM KSDS, and other older > technologies, it is crucial to recognize the advancements made in data > structure formats for disk files since the days of VSAM. In the present > era, LSM-trees have gained popularity for their application in NoSQL > key-value stores, blazing-fast TSDBs, and highly optimized logging systems. > > Attempting to implement an LSM-tree using VSAM would be an arduous > endeavor, bordering on a nightmare. Even with the assistance of Media > Manager, it remains a Herculean task to reconcile these two disparate > technologies. > > I dedicated a couple of hours to porting RocksDB, and the results have > been nothing short of exceptional. It operates seamlessly on z/OS, > demonstrating its prowess and resilience. Another noteworthy aspect of > LSM-trees is their inherent ability to merge and compact while in > operation, eliminating the need for reorgs. > https://github.com/facebook/rocksdb > > https://www.youtube.com/watch?v=I6jB0nM9SKU > > On 5/6/2023 5:55 pm, David Crayford wrote: > > > On 2/6/2023 11:31 pm, René Jansen wrote: > > > > > What I remember of it is that he was convinced it was a lot slower. > > > > He was mistaken! I've tested it out, and QSAM is no match for zFS. You > > can find the details in this gist: > > https://gist.github.com/daveyc/14b45d6d70d8dd9af1848e539d78881f. > > Adding an fsync() call after writing each record barely incurs any > > overhead. zFS, operating with highly optimized Media Manager APIs, > > handles it efficiently. Additionally, zFS functions as a caching file > > system. > > > > I have observed a certain degree of snobbery among many > > traditionalists when it comes to USS. I can recall an incident from > > approximately 15 years ago when I advocated for the use of sqlite in > > one of our products. My boss dismissed the idea, expressing concerns > > that customers might be deterred by using the UNIX file system. > > Consequently, we opted for a VSAM KSDS, despite its inherent > > limitations. Interestingly, it is worth noting that there are now > > numerous IBM z/OS products that embrace sqlite, with some even > > integrating it with HLASM. > > > > > So I told him that nobody forced him not to use QSAM for datasets just > > > because it ran in USS. And it think that is a great asset of it. Just > > > because Unix forces you to have a hierarchical directory system does not > > > mean, in USS, that you need to use it for all I/O. > > > > > > René. > > > > > > > On 2 Jun 2023, at 17:03, Seymour J metzsme...@gmu.edu wrote: > > > > > > > > Dubbing is part of the setup overhead for a task, and only occurs once, > > > > so except for very short tasks it is just noise in measuring > > > > performance. > > > > > > > > As for the general overhead of Unix System Services, the Devil is in > > > > the details. For a comparison to be reasonable, the two programs have > > > > to be using the services in a comparable fashion. Was your COBOL > > > > programmer really comparing the overhead of conventional access methods > > > > to Unix file I/O, or were the numbers drowned out by, e.g., differences > > > > in application logic? > > > > > > > > -- > > > > Shmuel (Seymour J.) Metz > > > > http://mason.gmu.edu/~smetz3 > > > > > > -- > > > For IBM-MAIN subscribe / signoff / archive access instructions, > > > send email tolists...@listserv.ua.edu with the message: INFO IBM-MAIN > > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: z/OS 3.1: Now UNIXR Certified
> Interestingly, it is worth noting that there are now numerous IBM z/OS > products that embrace sqlite, with some even integrating it with HLASM. Hey David, Are you able to share the names of such products? Has zOS support been upstreamed to SQLite? I don't remember seeing anything.. - KB --- Original Message --- On Monday, June 5th, 2023 at 3:25 PM, David Crayford wrote: > On 2/6/2023 11:31 pm, René Jansen wrote: > > > What I remember of it is that he was convinced it was a lot slower. > > > He was mistaken! I've tested it out, and QSAM is no match for zFS. You > can find the details in this gist: > https://gist.github.com/daveyc/14b45d6d70d8dd9af1848e539d78881f. Adding > an fsync() call after writing each record barely incurs any overhead. > zFS, operating with highly optimized Media Manager APIs, handles it > efficiently. Additionally, zFS functions as a caching file system. > > I have observed a certain degree of snobbery among many traditionalists > when it comes to USS. I can recall an incident from approximately 15 > years ago when I advocated for the use of sqlite in one of our products. > My boss dismissed the idea, expressing concerns that customers might be > deterred by using the UNIX file system. Consequently, we opted for a > VSAM KSDS, despite its inherent limitations. Interestingly, it is worth > noting that there are now numerous IBM z/OS products that embrace > sqlite, with some even integrating it with HLASM. > > > So I told him that nobody forced him not to use QSAM for datasets just > > because it ran in USS. And it think that is a great asset of it. Just > > because Unix forces you to have a hierarchical directory system does not > > mean, in USS, that you need to use it for all I/O. > > > > René. > > > > > On 2 Jun 2023, at 17:03, Seymour J metzsme...@gmu.edu wrote: > > > > > > Dubbing is part of the setup overhead for a task, and only occurs once, > > > so except for very short tasks it is just noise in measuring performance. > > > > > > As for the general overhead of Unix System Services, the Devil is in the > > > details. For a comparison to be reasonable, the two programs have to be > > > using the services in a comparable fashion. Was your COBOL programmer > > > really comparing the overhead of conventional access methods to Unix file > > > I/O, or were the numbers drowned out by, e.g., differences in application > > > logic? > > > > > > -- > > > Shmuel (Seymour J.) Metz > > > http://mason.gmu.edu/~smetz3 > > > > -- > > For IBM-MAIN subscribe / signoff / archive access instructions, > > send email tolists...@listserv.ua.edu with the message: INFO IBM-MAIN > > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: Searching for a process to clean my VTS
There was an excellent presentation in IBM TechDocs called "Tape 101" that did exactly this. Of course, it is lost now... unless someone has a local copy. - KB --- Original Message --- On Sunday, June 4th, 2023 at 10:16 PM, rpinion865 <042a019916dd-dmarc-requ...@listserv.ua.edu> wrote: > I've watched this thread for quite sometime. I come from a small systems > background, and did not have any exposure to tape libraries and VTS's. Now > that I'm working for a larger company, I feel lost in regards to the whole > VTS thing. I wish there was a z/OS VTS class that would start from the > beginning and work its way up to advanced concepts like clustering and the > subject that you guys have been talking about. Just saying. > > > > > Sent with Proton Mail secure email. > > > --- Original Message --- > On Sunday, June 4th, 2023 at 12:28 PM, jony cecil cecilj...@gmail.com wrote: > > > > > Hello, > > Pls correct me if I misunderstood the situation: > > - you need to clean 0012 and 001F tapes on the cluster only, right? > > There's no Rmm or Tcdb information for them, right? > > Did you tried, just for one tape, to define it on tcdb with CREA VOLENT > > with UATTR(SCRATCH) and force an ALTER on it? Did the category changed to a > > scratch category, if so, you can an eject on it with LI E, tape, p. > > HTH, regards > > > > A domingo, 4 de jun de 2023, 11:32, Nobuhiko Furuya furu...@v-sol.co.jp > > > > escreveu: > > > > > Hi, > > > > > > If category code 0002 doesn't have Expire Hold=On, you don't have to > > > wait the expire time passes before eject request. > > > > > > Best regards, > > > > > > Nobuhiko Furuya(古谷信彦) > > > V-SOL Inc. > > > > > > On 2023/06/03 23:54, Tom Longfellow wrote: > > > > > > > I have had some progress. Here is the sequence of command for one of > > > > my volumes. > > > > > > > > DELETE 'VTD0900' VOLUMEENTRY > > > > IDC3012I ENTRY VTD0900 NOT FOUND+ > > > > IDC3009I ** VSAM CATALOG RETURN CODE IS 8 - REASON CODE IS IGG0CLEG-42 > > > > IDC0551I ** ENTRY VTD0900 NOT DELETED > > > > IDC0014I LASTCC=8 > > > > CREATE VOLUMEENT(NAME(VTD0900) LIBRARYNAME(JISVTS1) LOCATION(LIBRARY) > > > > STORGRP(SCRTCH) MEDIATYPE(MEDIA2) RECORDING(36TRACK) > > > > USEATTRIBUTE(SCRATCH) > > > > RMM DV 'TD0900' FORCE > > > > RMM AV TD0900 STATUS(VOLCAT) > > > > RMM CV TD0900 RETPD(0) STATUS(USER) RELEASEACTION(SCRATCH) > > > > RETENTIONMETHOD(EXPDT) > > > > RMM DV TD0900 RELEASE > > > > > > > > This also works on volumes in Category 001F (PRIVATE). These commands > > > > were then followed by EDGPLSCS with the command. > > > > SQ TD0900 > > > > > > > > The final results are tapes in Category 0002. > > > > > > > > My next decision is when to try the EQ commands. Some are still > > > > holding space until internal VTS reclaim process cleans the cache ( > > > > Prefer Keep) status. > > > > Some have a 'Expire Time' of two weeks. Others have an 'Expire Time' > > > > of 'Not Set'. > > > > I may just go ahead and give it a try after waiting for a RMM > > > > Housekeeping to have a pass or two through the CDS. > > > > > > > > -- > > > > For IBM-MAIN subscribe / signoff / archive access instructions, > > > > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > > > > > -- > > > For IBM-MAIN subscribe / signoff / archive access instructions, > > > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > > > -- > > For IBM-MAIN subscribe / signoff / archive access instructions, > > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: REGION curiosity
I sure would benefit from reading "the final word" on this topic... to help me understand this memory/storage business 100%. With worked out example based on PARMLIB values, IEFUSI values, sample job REGION parm, it'll be one for the history books. - KB --- Original Message --- On Friday, June 2nd, 2023 at 8:56 PM, Radoslaw Skorupka <0471ebeac275-dmarc-requ...@listserv.ua.edu> wrote: > FYI > I just did some tests with SMFLIMxx and found the following curiosity > > Background: > Without SMFLIMxx, IEFUSI etc. when you request REGION=4M you get 4M > below the line and 32M above the line. > That works for 4M and all available values below 16M line. When you > request too much you'll get S822. > When you request REGION=20M you will get all available 24-bit memory and > ...32M. :-) > When you request REGION=45M you will get all available 24-bit memory and > 45M. > So far, so good. > Now we have REGIONX. You can now specify values for 24-bit and 31-bit > memory. > However when you specify null value, you get > all available memory below the line > 128M above the line. > (simplified a little bit) > > > > Now SMFLIMxx > When you change/adjust REGIONBELOW to NOLIMIT for your job, you will > also get ...128M > While it can be fine to change all the 4M's 1M's and so on to all below > the line, the "gift" of 128M above is a little bit surprising. > > Any comments? > > > > -- > Radoslaw Skorupka > Lodz, Poland > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: Searching for a process to clean my VTS
Maybe write to the tapetools email addr that's within the file(s)? The last resort is to find a h/w support crew that supports IBM VTLs. - KB --- Original Message --- On Thursday, June 1st, 2023 at 8:11 PM, Tom Longfellow <03e29b607131-dmarc-requ...@listserv.ua.edu> wrote: > If they have something in TAPETOOLS, they hide it well. > I can find nothing anywhere that allows me to send the 'super secret' > override to change a tape from private category to scratch with the hopes of > being able to EJECT them from the entire VTS grid. > > The IBM 'Nanny state' does not allow for a 'Do what I tell you' override of > tape data. > > Everything I find assumes that changes to scratch are done with RELEASE > actions from within DFSMSrmm. My RMM system was purged of all this > information years ago. > > RMM is currently bipolar. It will not take AV commands to add tapes because > they are already there. At the same time, no reports, queries or ISPF > interfaces can show these tapes. > > I feel this is going to be a long process for me thanks to Big Brother IBM. > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: z/OS 3.1: Now UNIXR Certified
Conceptually, it should be thought of as the mainframe equivalent of Windows Subsystem for Linux or Windows Subsystem for Android. Yes, a whole new OS runs inside... as a subsystem, with tight integration to Windows (zOS in our case). - KB --- Original Message --- On Thursday, June 1st, 2023 at 7:56 PM, kekronbekron wrote: > What I don't get is OpenShift running inside zCX, which is most definitely a > product or an offering. > What I meant is that if zOS can essentially run linux inside zCX, why not > just upgrade USS to LSS, and let containers run 'bare' in LSS. > > It can save money (zIIP offload), maybe... but at what (complexity) cost. > > > - KB > > --- Original Message --- > On Thursday, June 1st, 2023 at 6:57 PM, David Crayford dcrayf...@gmail.com > wrote: > > > > > Maybe your missing the point of zCX. Nobody expects to run big > > distributed stacks as that would be dumb. Distributed software is > > designed to run on commodity hardware that can fail, hence the CAP > > theorem and RAFT protocols. zCX can save customers money > > https://ibm-messaging.github.io/mqperf/MQ with zCX.pdf > > > > On 1/6/2023 7:33 pm, kekronbekron wrote: > > > > > > I think K8s is the USS of yesteryear > > > > Sad noises... I would like to see zOS native containers integrated > > > > directly to WLM instead. > > > > WLM is literally the workload manager. > > > > It may not make sense for it to do everything k8s does, but could maybe > > > > do what consul or docker swarm does? > > > > > > Me stomach turns seeing OpenShift inside zCX. > > > How many layers of faking do we need? PR/SM -> (maybe) zVM -> zOS -> zCX > > > -> container. > > > zOS security/network configuration ... zCX security/network configuration > > > ... OpenShift/k8s/containers security/network configuration ... contained > > > application's security/network configuration > > > > > > It would be fun to see zCX "unwrapped" and presented as Linux System > > > Services instead. > > > Like OMVS STC is to USS, zCX-renamed could be that to LSS. > > > > > > - KB > > > > -- > > For IBM-MAIN subscribe / signoff / archive access instructions, > > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: z/OS 3.1: Now UNIXR Certified
What I don't get is OpenShift running inside zCX, which is most definitely a product or an offering. What I meant is that if zOS can essentially run linux inside zCX, why not just upgrade USS to LSS, and let containers run 'bare' in LSS. It can save money (zIIP offload), maybe... but at what (complexity) cost. - KB --- Original Message --- On Thursday, June 1st, 2023 at 6:57 PM, David Crayford wrote: > Maybe your missing the point of zCX. Nobody expects to run big > distributed stacks as that would be dumb. Distributed software is > designed to run on commodity hardware that can fail, hence the CAP > theorem and RAFT protocols. zCX can save customers money > https://ibm-messaging.github.io/mqperf/MQ with zCX.pdf > > On 1/6/2023 7:33 pm, kekronbekron wrote: > > > > I think K8s is the USS of yesteryear > > > Sad noises... I would like to see zOS native containers integrated > > > directly to WLM instead. > > > WLM is literally the workload manager. > > > It may not make sense for it to do everything k8s does, but could maybe > > > do what consul or docker swarm does? > > > > Me stomach turns seeing OpenShift inside zCX. > > How many layers of faking do we need? PR/SM -> (maybe) zVM -> zOS -> zCX -> > > container. > > zOS security/network configuration ... zCX security/network configuration > > ... OpenShift/k8s/containers security/network configuration ... contained > > application's security/network configuration > > > > It would be fun to see zCX "unwrapped" and presented as Linux System > > Services instead. > > Like OMVS STC is to USS, zCX-renamed could be that to LSS. > > > > - KB > > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: z/OS 3.1: Now UNIXR Certified
> I think K8s is the USS of yesteryear Sad noises... I would like to see zOS native containers integrated directly to WLM instead. WLM is literally the workload manager. It may not make sense for it to do everything k8s does, but could maybe do what consul or docker swarm does? Me stomach turns seeing OpenShift inside zCX. How many layers of faking do we need? PR/SM -> (maybe) zVM -> zOS -> zCX -> container. zOS security/network configuration ... zCX security/network configuration ... OpenShift/k8s/containers security/network configuration ... contained application's security/network configuration It would be fun to see zCX "unwrapped" and presented as Linux System Services instead. Like OMVS STC is to USS, zCX-renamed could be that to LSS. - KB --- Original Message --- On Thursday, June 1st, 2023 at 3:57 PM, Matt Hogstrom wrote: > Similar experience. Not sure if its the same person but I had dinner with > Jeff Nick (former Felllow with Z) and his story was that they needed Posix to > meet a Federal requirement. He also said that it was contentious internally > and so they assembled a team and isolated them from the others so they could > make fast progress. > > In an update on how they were doing they were finally able to fork a process. > He said it was more like foo. Clearly, they fixed the > performance and little did they know that it was such a critical decision for > the platform that it saved z/OS. I think K8s is the USS of yesteryear. No one > knows it yet but it will add another 25 years to the platform. > > Matt Hogstrom > PGP key 0F143BC1 > > > On Jun 1, 2023, at 05:34, David Crayford dcrayf...@gmail.com wrote: > > > > I've worked with a few ex-OE guys, including my close colleague who used to > > the IBM DE running the OE project out of POK. Let me tell you, some of the > > stories they have are absolutely fascinating! It's my understanding that > > the POSIX certification was mainly pursued to meet the requirements set by > > NASA. But here's an interesting twist: NASA doesn't run a mainframe anymore. > > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: Searching for a process to clean my VTS
That's good news then. The tapetool I linked to earlier should have everything you need. - KB --- Original Message --- On Tuesday, May 30th, 2023 at 11:07 PM, Tom Longfellow <03e29b607131-dmarc-requ...@listserv.ua.edu> wrote: > Yes I have the list -- I know them by naming standard and I can do a Virtual > Volume Search to the Cluster and get a downloadable list of volume names and > their current category status. I already have a REXX roughed out that > generates the command I think I need. But I really need to find the set of > actions that have be performed so I can generate all the commands I need. > Along with RMM/IDCAMS/LI requests to kill these zombies for good and eject > them from my life. > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: Searching for a process to clean my VTS
Hi Tom, Do you already know the names of the volumes that are now in no man's land? Isn't that required for Brian's suggestion to work? I suggest digging through https://public.dhe.ibm.com/storage/tapetool/ to see if anything in there will help. You may not find anything to find the volumes, but the stuff in there will definitely help to script/automate actions. - KB --- Original Message --- On Tuesday, May 30th, 2023 at 1:35 AM, Tom Longfellow <03e29b607131-dmarc-requ...@listserv.ua.edu> wrote: > Well Gang, Brian has throw out a challenge. Does product B have the same > utility as product A And will it do this? > > Anybody used CATSYNC under EDGUTIL of DFSMSrmm? Does this even apply to this > situation? Any examples, or, better yet a working example? > > I only have a 1000 or so volumes I am trying to clear out. But each step > (VOLCAT, RMM AV, RELEASE, and EJECT) is another set of jobs with thousands of > commands. I am trying to get the commands generated as efficiently as > possible. Plus develop the jobs required to have RMM do the 'movements' > generated. > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: z/OSMF log size
Sorry, I don't know the exact name for it, but there's some timed cut-off capability that can be used to archive or make cuts in some intervals. Then, let them get actually archived into some archival product or datasets. - KB --- Original Message --- On Thursday, May 18th, 2023 at 11:31 AM, Gadi Ben-Avi wrote: > Hi, > The size of the STDOUT output in our z/OSMF started task IZUSVR1 is over 13 > million lines. > > Can anyone suggest how to make it a bit smaller? > > We are running under z/OS v2.3. > > Thanks > > Gadi > > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: TSO Rexx C2X Incorrect Output
There's a thing called DCOLREXX here - https://www.ibm.com/docs/en/zos/2.4.0?topic=tools-arctools-job-sample-tool-members Don't know if it'll meet your exact needs, but REXX parsers for DCOL data are already out there. - KB --- Original Message --- On Monday, April 24th, 2023 at 8:40 PM, David Spiegel <0468385049d1-dmarc-requ...@listserv.ua.edu> wrote: > Hi, > I am writing a TSO Rexx Exec to Parse fields from a DCOLLECT output > (VB/32756/32760). > One statement is: created=C2x(Substr(dcollect.i,105,4)) > (In DCOLLECT parlance, this is DCDCREDT). > For any date greater than 2000-01-01, I get the expected result. > But, when the field contains x'1999160F' (I BROWSEd the DCOLLECT output > to make sure), "created" has the value "19D9160F". > I'm stumped. (The third character in the result is "D" (as in "Dog"), > instead of "9"). > I'm using PCOMM (in case that matters.) > Please help. > > Thank you in advance. > > Regards, > David > > > > > > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: IOF End of Support Direction.....
Phoenix Software has (E)JES, and Syzygy has SyzSPOOL/z and SyzMAIL/z. SDSF also has mail capability of some sort (adding mail notification to jobs and maybe some more related functionality). - KB --- Original Message --- On Saturday, April 22nd, 2023 at 2:42 AM, Longnecker, Dennis wrote: > Please excuse me if this is been asked already, haven't seen it. > > https://www.triangle-systems.com/End of IOF Support.shtml > > We have used IOF for quite a awhile, and frankly it has some wonderful > functionality that I haven't seen in SDSF (like the ability to send the > output to email address). > > Curious what sites that use that product plans are. > > Dennis > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: Rexx Exec to Build 10,000 PDS Members: ALLOC vs ISPF Services vs ?
A legendary post from Sri, from 19 years ago is here to help! https://www.mvsforums.com/helpboards/viewtopic.php?p=8260 Perhaps I was talking about IEBUPDTE - https://www.ibm.com/docs/en/zos/2.4.0?topic=examples-example-11-create-new-partitioned-data-set - KB --- Original Message --- On Thursday, April 20th, 2023 at 9:30 AM, kekronbekron <02dee3fcae33-dmarc-requ...@listserv.ua.edu> wrote: > Hi Paul, > > I don't remember the exact thing here but there's a way to flatten PDS files > to a PS. > It'll add things like ./ADDMEMBER or something at the top of each member's > content. > > Then, the PS can be used to recreate a PDS. Don't know about PDSEs... > > - KB > > --- Original Message --- > On Thursday, April 20th, 2023 at 8:02 AM, Paul Gilmartin > 042bfe9c879d-dmarc-requ...@listserv.ua.edu wrote: > > > > > On Thu, 20 Apr 2023 02:13:08 +, kekronbekron wrote: > > > > > How about IEBPTPCH? Write out the members as a huge flatfile, and insert > > > member building control cards wherever appropriate. > > > Then build a PDS from that? > > > > Will IEBPTPCH create a PDS(E)? The description and examples I see use > > a PDS(E) only as input, not output. > > > > Perhaps I didn't read the right example. > > https://www.ibm.com/docs/en/zos/2.5.0?topic=program-iebptpch-examples > > > > -- > > gil > > > > -- > > For IBM-MAIN subscribe / signoff / archive access instructions, > > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: Rexx Exec to Build 10,000 PDS Members: ALLOC vs ISPF Services vs ?
Hi Paul, I don't remember the exact thing here but there's a way to flatten PDS files to a PS. It'll add things like ./ADDMEMBER or something at the top of each member's content. Then, the PS can be used to recreate a PDS. Don't know about PDSEs... - KB --- Original Message --- On Thursday, April 20th, 2023 at 8:02 AM, Paul Gilmartin <042bfe9c879d-dmarc-requ...@listserv.ua.edu> wrote: > On Thu, 20 Apr 2023 02:13:08 +, kekronbekron wrote: > > > How about IEBPTPCH? Write out the members as a huge flatfile, and insert > > member building control cards wherever appropriate. > > Then build a PDS from that? > > Will IEBPTPCH create a PDS(E)? The description and examples I see use > a PDS(E) only as input, not output. > > Perhaps I didn't read the right example. > https://www.ibm.com/docs/en/zos/2.5.0?topic=program-iebptpch-examples > > > -- > gil > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: Rexx Exec to Build 10,000 PDS Members: ALLOC vs ISPF Services vs ?
How about IEBPTPCH? Write out the members as a huge flatfile, and insert member building control cards wherever appropriate. Then build a PDS from that? - KB --- Original Message --- On Thursday, April 20th, 2023 at 6:46 AM, Paul Gilmartin <042bfe9c879d-dmarc-requ...@listserv.ua.edu> wrote: > On Wed, 19 Apr 2023 18:49:14 -0500, Mark Zelden wrote: > > > On Wed, 19 Apr 2023 13:44:39 -0400, David Spiegel wrote: > > > > > Hi, > > > I am writing a Rexx Exec (Batch TSO) to build 10,000+ members in a PDS > > > (FB/159/27984). > > > The average member size is 900 lines. > > > > > > In terms of performance, which method should I use?: > > > 1) ALLOC ... EXECIO DISKW > > > 2) LMOPEN ... LMINIT ... LMPUT > > > 3) Something else > > > 4) Makes no difference > > > > You didn't explain much else other than the desire to build the PDS. > > > > How important is the actual performance / wall clock time? Is it one off? > > Will it run daily? > > Hourly? Every 15 minutes? > > > > I would just use whatever method you are most comfortable with depending on > > that answer. But if you are already using REXX, I don't know why you would > > then > > use ISPF services on top of that. When I've done similar things I've used > > ALLOC / EXECIO. > > ISPF services can avoid 99.99% of the ALLOC overhead. > > Kolusu's suggestion depends on PDSE for concurrency. Is that acceptable, > or is PDS a requirement. > > What about a UNIX directory as an alternative? No ENQ entanglement. > > -- > gil > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: IBM z16 Model A02 Announcement
If you have time, could you give us some examples of the interesting deployment options? Apart from the "embedded" DS8K you've mentioned. Thank you! - KB --- Original Message --- On Monday, April 17th, 2023 at 10:17 AM, Timothy Sipples wrote: > Enzo D'Amato wrote: > > > I think that it's very good that we now have something like the > > multiprise 3000 back again. > > > Radoslaw Skorupka wrote: > > > IMHO "back again" is not correct > > > I assume Enzo's point is that IBM hasn't offered a physical model mainframe > in less than a single frame form factor for many, many years. Until now. > Prior to the IBM z16 AGZ (and LinuxONE Rockhopper 4 AGL) the physically > smallest mainframe required a whole rack footprint, a rack that IBM supplied. > Now it doesn't; the physical dimensions are much smaller. > > There was some significant progress in recent years to pave the way for these > rack mount models. One big change was between the IBM z13s/LinuxONE > Rockhopper I and the IBM z14 ZR1/LinuxONE Rockhopper II. In that model cycle > IBM reduced the frame size significantly, converging on the industry standard > 19 inch rack size. And those models (and the IBM z15/LinuxONE III LT2) also > have some optional internal mounting space for a few use cases. As a notable > example, you can equip those models with internal ECKD storage (IBM DS8910F). > > But I agree with Enzo that these new rack mount models available in most > countries are attractive. They open up some interesting new deployment > options. > > — — — — — > Timothy Sipples > Senior Architect > Digital Assets, Industry Solutions, and Cybersecurity > IBM zSystems/LinuxONE, Asia-Pacific > sipp...@sg.ibm.com > > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: What is "Mapped-I/O-addressing facility" in z16?
If I were to guess, I think this is plumbing related to the new (?) capability of PCIe-attached NVMe storage. Also, what's "CP support of Linux on Z"? - KB --- Original Message --- On Monday, April 17th, 2023 at 12:17 AM, Seymour J Metz wrote: > IBM has been using PCI and PCIe internally for some time. > > Memory-mapped I/O is a process whereby an address generated by the CPU os > translated to an address in an I/O device connected to the CPU, in this case > an I/O device on a PCIe bus. > > Does anybody use that feature other than Linux on Z and CP support of Linux > on Z? > > > -- > Shmuel (Seymour J.) Metz > http://mason.gmu.edu/~smetz3 > > > From: IBM Mainframe Discussion List [IBM-MAIN@LISTSERV.UA.EDU] on behalf of > Farley, Peter [031df298a9da-dmarc-requ...@listserv.ua.edu] > Sent: Sunday, April 16, 2023 11:42 AM > To: IBM-MAIN@LISTSERV.UA.EDU > Subject: What is "Mapped-I/O-addressing facility" in z16? > > A question out of pure curiosity: In the z16 version of PoOP (SA22-7832-13) > there is mention in the "Summary of Changes in Fourteenth Edition" section of > this enhancement: > > Mapped-I/O-addressing facility [PCI ONLY] > > I can find no other reference to such a facility anywhere in that document. > > Does anyone know what that item refers to? > > Peter > > > > This message and any attachments are intended only for the use of the > addressee and may contain information that is privileged and confidential. If > the reader of the message is not the intended recipient or an authorized > representative of the intended recipient, you are hereby notified that any > dissemination of this communication is strictly prohibited. If you have > received this communication in error, please notify us immediately by e-mail > and delete the message and any attachments from your system. > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: Tape compression and modern encryption facilities.
Thank you, found it here - https://www.ibm.com/docs/en/zos/2.4.0?topic=keywords-compress Is it just me or does one need to be in 100% concentration just to understand what this means. A simple decision flowchart would have made it a lot easier on the common man's brain. - KB --- Original Message --- On Sunday, April 16th, 2023 at 8:20 AM, Michael Oujesky wrote: > SMS compression is limited to sequential DASD datasets, but some > utilities (ADRDSSU) uses it internally for tape files. For those > that do, turning off IRDC save cycles in the tape controller. > > > > At 09:12 PM 4/15/2023, kekronbekron wrote: > > > And an add-on question if I may - zEDC or z15+ on-chip > > compression... does this apply only to data heading to disk, or does > > it apply for data heading to tape too. > > If it applies for data heading to tape also, does that mean there > > are 2 levels of compression now - CP's on-chip compression + zstd on > > the TS7700? > > > > - KB > > > > --- Original Message --- > > On Sunday, April 16th, 2023 at 7:17 AM, John Young > > john.b.yo...@cox.net wrote: > > > > > Although my post today is probably rhetorical question, I wanted > > > to find out whether this matters anymore or not. > > > > > > Back in the late 2000's, IBM developed encryption facilities > > > within the tape drives, as this is also where compression was being > > > performed. The idea was that compression of data must occur before > > > encryption, as encrypted data does not compress well, and obviates > > > the use of compression. > > > > > > Nowadays, we've got pervasive encryption on z/OS. As a result, > > > any data that is backed up (for instance, ADRDSSU/FDR), is already > > > encrypted. > > > > > > Also, we now have zEDC, to compress data prior to storage, > > > typically on disk. > > > > > > To my question: With all the encryption and compression being > > > performed on disk, to what degree does TAPE COMPRESSION matter anymore? > > > > > > -- > > > For IBM-MAIN subscribe / signoff / archive access instructions, > > > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > > > -- > > For IBM-MAIN subscribe / signoff / archive access instructions, > > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: Tape compression and modern encryption facilities.
And an add-on question if I may - zEDC or z15+ on-chip compression... does this apply only to data heading to disk, or does it apply for data heading to tape too. If it applies for data heading to tape also, does that mean there are 2 levels of compression now - CP's on-chip compression + zstd on the TS7700? - KB --- Original Message --- On Sunday, April 16th, 2023 at 7:17 AM, John Young wrote: > Although my post today is probably rhetorical question, I wanted to find out > whether this matters anymore or not. > > Back in the late 2000's, IBM developed encryption facilities within the tape > drives, as this is also where compression was being performed. The idea was > that compression of data must occur before encryption, as encrypted data does > not compress well, and obviates the use of compression. > > Nowadays, we've got pervasive encryption on z/OS. As a result, any data that > is backed up (for instance, ADRDSSU/FDR), is already encrypted. > > Also, we now have zEDC, to compress data prior to storage, typically on disk. > > To my question: With all the encryption and compression being performed on > disk, to what degree does TAPE COMPRESSION matter anymore? > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: TS7700 abandoned volumes questions
Is it an option to use a h/w service provider such as BlueChip (UK-based)... or any org in your location that would do a one-off? - KB --- Original Message --- On Tuesday, April 11th, 2023 at 8:59 PM, Tom Longfellow <03e29b607131-dmarc-requ...@listserv.ua.edu> wrote: > Yes, I agree that the only safe way out is to leave it to the professionals > that created the problem. The first hurdle would be having a relationship > with them that allows me to make requests or demands. Unless it is a broken > situation that I can report to support as a 'problem' I have no alternatives. > My disagreement in their great and holy design does not rise to the point of > getting them to fix what is not deemed as being wrong. > > I would still be interested to know their response to the security exposure > to data that cannot be wiped from the system. An army of Security Auditors > could descend upon them any day. Because 'if it exists, it can be hacked' is > their world view. While I would like to make it no longer exist, I am not > given that option with the current design. > > The take it down, tear it apart, reformat it and put it all back together is > the most daring approach I have ever seen. Very bold and high risk. I have > spent my career avoiding breadboards, soldering irons and screwdrivers for > very good reasons. The approval for me to do that layer of tinkering to get > rid of annoying zombie abandoned tapes will never happen. Plus, the skills to > do that are not available. > > I do not hate these zombie volumes enough to nuke the village in order to > save it. But it is sorta fun to think about. > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: TS7700 abandoned volumes questions
I'm afraid the best bet is to work with IBM VTL engineers to manually get rid of them. - KB --- Original Message --- On Monday, April 10th, 2023 at 7:15 AM, Mark Jacobs <0224d287a4b1-dmarc-requ...@listserv.ua.edu> wrote: > I'm not able to answer your question but I totally sympathize. There have > been many times where I wanted "systems programmer mode" to be enabled where > the @#$!!**@#$ software would let me do what I asked, regardless of whether > it thought it was smarter than I am and wouldn't do what I asked for. > > Mark Jacobs > > > Sent from ProtonMail, Swiss-based encrypted email. > > GPG Public Key - > https://api.protonmail.ch/pks/lookup?op=get=markjac...@protonmail.com > > > --- Original Message --- > On Sunday, April 9th, 2023 at 9:37 PM, Tom Longfellow > 03e29b607131-dmarc-requ...@listserv.ua.edu wrote: > > > > > I have a TS7700 Grid of three cluster members. In the past volumes were > > created for a z/OS system that no longer exists. We have hundreds of tapes > > in scratch (0012) and private (001F) category. So now, the data is taking > > up space in my newest grid member because of COPYRFSH activities. > > > > What I would like to do is totally remove the existence of these volumes > > from the Grid. Every standard method I have found via management GUIs fails > > because these volumes have once left the 'INSERT' status at some time in > > the past. Everything that implies it might work from Z host to 'EJECT' > > these tapes require all the infrastructure of RMM, DEVSUP00 changes, and a > > Tape Volume Catalog (TVC). I do not want to rebuild an entire z/OS LPAR so > > that it will talk the special DEVSUP language to manipulate these tapes. > > Nor do I wish to add hundreds of volumes to my tape management system and > > TVC) just to turn around and delete them again. > > > > I really need a way for this GRID to never mention these tapes in any way > > ever again. One of the prime directives of the TS7700 seems to be 'never > > delete data until you have no other choice'. For example a 'scratch' tape > > is still there even after the hold period expires and is still known after > > storage RECLAIM has happened. Those 'zombie' reclaimed volumes are > > preserved in perpetuity as you migrate from TS7700 to TS7700. I am trying > > to Stop the Madness. The 'Default' of 'We shall delete no data before its > > time' needs to be broken. A full mind wipe for these volumes is in order. > > > > I know this defeats the 'feature' of miraculous unexpected recoveries of > > data that has served its purpose and been honorably discharged but reality > > does have to play a role here. If I say keep it for 8 days, I do not want > > it storing data forever and deleted by its own arcane incomprehensible > > rules. If it is available for miracle unexpected recoveries, there may be > > some security auditors interested what that equipment is up to. > > > > Anybody know a fast and efficient way to accomplish this? > > > > -- > > For IBM-MAIN subscribe / signoff / archive access instructions, > > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: z/OS 3.1 Announcement US Letter
Anything that involves Liberty or zOSMF immediately dampens my enthusiasm... - KB --- Original Message --- On Wednesday, March 1st, 2023 at 6:51 AM, David Crayford wrote: > Interesting article on IBM SMF Explorer with Python > https://zos-hot-topics.com/2022/SMF-Explorer/. Looks like the young'uns > are gonna have some fun playing with SMF data in Jupyter. > > On 1/3/23 06:30, David Crayford wrote: > > > There is a lot of AI related stuff in the announcement, including a > > new SMF explorder that leverages Jupyter Notebooks. The z16 Telum chip > > has integrated AI on die and a C library was published. Does anybody > > know if this has been ported to Python numpy or tensorflow? > > > > In z/OS 3.1, AI and analytics solutions such as the following plan to > > be infused into the operating system using intelligent automation and > > accelerated inferencing at scale to extract and leverage valuable data > > insights: > > > > * AI Framework support, intended to augment z/OS with intelligence > > that optimizes IT processes, simplifies management, improves > > performance, and reduces skill requirements > > * The AI ecosystem, which z/OS 3.1 intends to extend by supporting a > > leading AI portfolio with the ability to deploy AI co-located with > > z/OS applications, designed for low latency response times > > * AI-Powered WLM, designed to intelligently predict upcoming batch > > workload and react accordingly for optimized system resources > > * IBM SMF Explorer, a data access and analysis toolkit designed to > > help even novice users access SMF data and extract insights in an > > easy and modern way, leveraging Python and Jupyter Notebooks > > > > On 28/2/23 23:35, Lionel B. Dyck wrote: > > > > > This is the US Version of the announcement letter > > > > > > https://www.ibm.com/common/ssi/ShowDoc.wss?docURL=/common/ssi/rep_ca/3/897/E > > > NUS223-013/index.html=en_locale=en > > > > > > Lionel B. Dyck <>< > > > Website:https://www.lbdsoftware.com > > > Github:https://github.com/lbdyck > > > > > > “Worry more about your character than your reputation. Character is what > > > you > > > are, reputation merely what others think you are.” - - - John Wooden > > > > > > -- > > > For IBM-MAIN subscribe / signoff / archive access instructions, > > > send email tolists...@listserv.ua.edu with the message: INFO IBM-MAIN > > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: FW: OPS/MVS
In addition to RACF, there is a layer of security rules refresh within OPSMVS itself. Don't know the specifics of it, but the OPS/MVS docs will surely cover it. - KB --- Original Message --- On Thursday, February 23rd, 2023 at 4:53 AM, Shawn Prenevost wrote: > Another consideration is that OPS/MVS can also be configured to make SAF > calls for specific access. This can be all SAF or a mix of SAF and OPS )SEC > rules. > > On Wed, Feb 22, 2023, 11:25 AM Steve Beaver st...@stevebeaver.com wrote: > > > Thanks Bill > > > > -Original Message- > > From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On > > Behalf Of William J Bishop > > Sent: Wednesday, February 22, 2023 10:24 AM > > To: IBM-MAIN@LISTSERV.UA.EDU > > Subject: Re: FW: OPS/MVS > > > > It has been a while since I supported OPS/MVS, but where I was, there was a > > security environment built with OPS Rules. It was based upon the userid of > > the requestor and was set to allow or disallow functions with OPS/MVS. > > > > I think the rules dataset we used ended in 'security.rules'. > > > > We would update the appropriate member(s) and then deactivate and > > reactivate them. Make sure you reset them to auto-enable. > > > > You may have to enable them via console commands as you may not have all > > the authority to work within the SPF application. > > > > Bill Bishop > > > > On Wed, Feb 22, 2023 at 10:16 AM Steve Beaver st...@stevebeaver.com > > wrote: > > > > > I'm in a shop that the person that setup OPS/MVS is gone. > > > > > > So I went looking and found that the SYSTEM is using FACILITY. > > > > > > What am I missing? It's has to be something minor and stupid > > > > > > From: Beaver, Steve > > > Sent: Wednesday, February 22, 2023 10:07 AM > > > Subject: OPS/MVS > > > > > > Current OPSVIEW command not authorized - ATTEMPTED OPSMVS SYSVIEW PANEL > > > ACCESS BY A819822 REJECTED, > > > > > > Also since I am the SYSPROG and have SPECIAL. I have added myself to > > > with > > > READ > > > > > > FACILITY OPSAOF > > > > > > FACILITY OPSBRW > > > > > > FACILITY OPSCMD > > > > > > FACILITY OPSCTL > > > > > > FACILITY OPSDOM > > > > > > FACILITY OPSEPI > > > > > > FACILITY OPSGLOBAL > > > > > > FACILITY OPSHFI > > > > > > FACILITY OPSLOG > > > > > > FACILITY OPSOSF > > > > > > FACILITY OPSPARM > > > > > > FACILITY OPSREPLY > > > > > > FACILITY OPSREQ > > > > > > FACILITY OPSRMT > > > > > > FACILITY OPSSMTBL > > > > > > FACILITY OPSSSMTBL > > > > > > FACILITY OPSWTO > > > > > > What am I missing, and I also the logoff/Logon > > > > > > -- > > > For IBM-MAIN subscribe / signoff / archive access instructions, > > > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > > > -- > > For IBM-MAIN subscribe / signoff / archive access instructions, > > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > > > -- > > For IBM-MAIN subscribe / signoff / archive access instructions, > > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: How long for an experiened z/OS sysprog to come up to speed on a new environment?
"but honestly I can't remember ever asking anyone if they had a problem with me doing so." I'm sure they would be very upset if they knew. Those whose reputation precede them can get away with it. Or if there is still trust to be found in workplaces (as David said). For the rest of us, we're merely Jira janitors. - KB --- Original Message --- On Monday, February 20th, 2023 at 11:22 AM, Brian Westerman wrote: > The USB is just for emergencies, I can download from my phone just as well, > and from my NAS at home if necessary. It seems odd to me to lock down a > systems programmer from getting information that may save the site, but maybe > it's just me. I can honestly say that no one has ever told me I could not > load my stuff, but honestly I can't remember ever asking anyone if they had a > problem with me doing so. > > Most things I could probably just retype, especially when I have the data > already displayable. It seems very short sighted to "lock down" use of a tool > that could very well fix a major problem, but again, maybe it's just that I > have never asked anyone if they minded me fixing their site. :) > > Brian > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: DFSORT APAR
Thank you very much Sri! What had happened to it? I really miss the old TechDocs site. With that, I could have at least went back all the way to the first page, and scrape APAR name, title, and URLs. Something like this (https://public.dhe.ibm.com/s390/newfunctionapars/mvsstore.zosnewfu.html) is very much needed for TechDocs. - KB --- Original Message --- On Monday, January 23rd, 2023 at 8:18 PM, Sri h Kolusu wrote: > KB, > > As promised, we have restored the info apar and it is available here > > https://www.ibm.com/support/pages/apar/II13495 > > Thanks, > Kolusu > DFSORT Development > IBM Corporation > > -Original Message- > From: IBM Mainframe Discussion List IBM-MAIN@LISTSERV.UA.EDU On Behalf Of Sri > h Kolusu > > Sent: Saturday, January 21, 2023 7:13 AM > To: IBM-MAIN@LISTSERV.UA.EDU > Subject: [EXTERNAL] Re: DFSORT APAR > > KB, > > It is weekend over here; we will check with our web support and get it back > restored on Monday. > > Thanks, > Kolusu > DFSORT Development > IBM Corporation > > -Original Message- > From: IBM Mainframe Discussion List IBM-MAIN@LISTSERV.UA.EDU On Behalf Of > kekronbekron > > Sent: Friday, January 20, 2023 11:20 PM > To: IBM-MAIN@LISTSERV.UA.EDU > Subject: [EXTERNAL] DFSORT APAR > > Hello, > > Does anyone have a copy of this? > > APAR II13495 - HOW DFSORT TAKES ADVANTAGE OF 64-BIT REAL ARCHITECTURE > > I don't know what IBM has against TechDocs and treating their technical > employees' work with respect, to not properly organize & archive it. > > - KB > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, send email to > lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, send email to > lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
DFSORT APAR
Hello, Does anyone have a copy of this? APAR II13495 - HOW DFSORT TAKES ADVANTAGE OF 64-BIT REAL ARCHITECTURE I don't know what IBM has against TechDocs and treating their technical employees' work with respect, to not properly organize & archive it. - KB -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: ZFS Address Space, shared ENQ but filesystem isn't mounted
Personally, I was hoping there'd be more benefit, rather than just the zOSMF startup time. Was hoping OMVS STC itself would show reduced MSU somehow (than OMVS + zFS as it were). Or at least a significant EXCP drop. - KB --- Original Message --- On Friday, January 6th, 2023 at 12:16 AM, Ed Jaffe wrote: > On 1/5/2023 4:34 AM, Patrick Loftus wrote: > > > Interested to know more about that recommendation for zOSMF, as the zFS > > manuals indicate since v2r3 it's beneficial to move zFS back to OMVS > > address space. > > https://www.ibm.com/docs/en/zos/2.4.0?topic=zfs-running-in-zos-unix-address-space > > > We moved our zFS function back to OMVS last year (as recommended). Did > not see any negative impact to z/OSMF. > > That said, we don't have a lot of users or transaction volume... > > > -- > Phoenix Software International > Edward E. Jaffe > 831 Parkview Drive North > El Segundo, CA 90245 > https://www.phoenixsoftware.com/ > > > > This e-mail message, including any attachments, appended messages and the > information contained therein, is for the sole use of the intended > recipient(s). If you are not an intended recipient or have otherwise > received this email message in error, any use, dissemination, distribution, > review, storage or copying of this e-mail message and the information > contained therein is strictly prohibited. If you are not an intended > recipient, please contact the sender by reply e-mail and destroy all copies > of this email message and do not otherwise utilize or retain this email > message or any or all of the information contained therein. Although this > email message and any attachments or appended messages are believed to be > free of any virus or other defect that might affect any computer system into > which it is received and opened, it is the responsibility of the recipient > to ensure that it is virus free and no responsibility is accepted by the > sender for any loss or damage arising in any way from its opening or use. > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
