To me, all this seems to suggest some weakness in the virtualisation
infrastructure, which seems odd for something as mature as z/VM.
So then the follow up question would be: is the host infrastructure
being used properly here? Is there not some other (managable) way to
set things up such that
Thanks Robert and others,
We figured there would be a learning curve, I think we'll get it figured
out, we just need to figure out everything, then how you do those things
on SLES12.
On 9/8/2017 3:28 PM, Robert J Brenneman wrote:
Ancient history:
Ancient history: http://www.redbooks.ibm.com/redpapers/pdfs/redp3871.pdf
Without NPIV you're in that same boat.
Even if you had NPIV you would still have to mount the new clone and fix
the ramdisk so that it points to the new target device instead of the
golden image.
This is especially an
On Friday, 09/08/2017 at 04:46 GMT, Scott Rohling
wrote:
> Completely agree with you ..I might make an exception if the only
FCP
> use is for z/VM to supply EDEVICEs
AND the PCHID is configured in the IOCDS as non-shared.
Alan Altmark
Senior Managing z/VM and
On Friday, 09/08/2017 at 05:14 GMT, canzon...@verizon.net wrote:
> I'm a proponent of NPIV. But, limitations on how many NPIV wwpns can
connect
> to a SAN storage unit is a big problem. Am I right that only 64 allowed
with
> z14 per channel? With that rate, we ran out of slots for FICON
>>> On 9/8/2017 at 10:19 AM, Greg Preddy wrote:
> Bingo! No NPIV so our only hope is fixing the clone with it mounted to
> gold server or in recovery mode, but if "It's all tooling, no direct
> editing of any config files with SLES." then how do we fix this?
As others have
>>> On 9/7/2017 at 09:08 AM, Greg Preddy wrote:
> All,
>
> We're doing SLES 12 on 100% LUN, with gold copy on a single 60GB LUN.
> This is a new cloning approach for us so we're not sure how to make this
> work. Our Linux SA got the storage admin to replicate the LUN, but when
In reference to some of the previous email traffic "Gold On LUN", is there a
documented method to clone a SLES12 server that is installed on an FCP LUN and
create a new guest using the cloned LUN? I know this is routinely done with
EDEVs, but haven't seen much relating to accomplishing the
Hi Scott/Alan,
I'm a proponent of NPIV. But, limitations on how many NPIV wwpns can connect
to a SAN storage unit is a big problem. Am I right that only 64 allowed with
z14 per channel? With that rate, we ran out of slots for FICON cards.
Regards,
Tom
-Original Message-
From: Scott
Completely agree with you ..I might make an exception if the only FCP
use is for z/VM to supply EDEVICEs -- but I haven't seen an EDEVICE-only
implementation yet myself - it's always in combination with some guest
attached FCPs. I have had a hard time explaining FCP/NPIV to mainframe
On Friday, 09/08/2017 at 02:20 GMT, Greg Preddy wrote:
> Bingo! No NPIV
*sigh* Folks have GOT to switch to NPIV!! If I audit such a system, it
fails. It's like sharing passwords. No accountability, no separation, no
access control, no assurance that the Golden Master is
This document describes the device drivers available to SUSE Linux
Enterprise Server 12 SP3 for the control of IBM Z devices and attachments.
It also provides information on commands and parameters relevant to
configuring Linux on z Systems. New security features include FIPS mode and
On 09/08/2017 04:46 PM, Steffen Maier wrote:
On 09/08/2017 04:19 PM, Greg Preddy wrote:
gold server or in recovery mode, but if "It's all tooling, no direct
editing of any config files with SLES." then how do we fix this?
You could run the customization in a chroot environment on the cloned
On 09/08/2017 04:46 PM, Steffen Maier wrote:
On 09/08/2017 04:19 PM, Greg Preddy wrote:
Bingo! No NPIV so our only hope is fixing the clone with it mounted to
NPIV won't solve clone customization. It just solves perfect access
control. Your boot from the un-customized clone disk would fail
On 09/08/2017 04:19 PM, Greg Preddy wrote:
Bingo! No NPIV so our only hope is fixing the clone with it mounted to
NPIV won't solve clone customization. It just solves perfect access
control. Your boot from the un-customized clone disk would fail with
perfect access control because of access
Bingo! No NPIV so our only hope is fixing the clone with it mounted to
gold server or in recovery mode, but if "It's all tooling, no direct
editing of any config files with SLES." then how do we fix this?
On 9/8/2017 9:05 AM, Scott Rohling wrote:
That depends on whether NPIV is enabled ...
That depends on whether NPIV is enabled ... otherwise this guest could
have the same access as the one it was cloned from..
Scott Rohling
On Fri, Sep 8, 2017 at 6:41 AM, Steffen Maier
wrote:
> Volume access control (LUN masking / host mapping) should prevent access
>
Volume access control (LUN masking / host mapping) should prevent access
to a golden volume. You'd still need to customize disk clones to make
them work but it should at least break early during boot and not accecss
the golden image (especially not writable and thus potentially
destroying its
18 matches
Mail list logo