User Experience: Remote Console Web Interface 12700 ...User Experience: Remote Operations using the...
Transcript of User Experience: Remote Console Web Interface 12700 ...User Experience: Remote Operations using the...
Jump to first page
Session 2826User Experience: RemoteOperations using theHardware ManagementConsole Web Interface
SHARE 93MVS/SCP Project
August 24, 1999
Sam KnutsonLandmark Systems Corporation12700 Sunrise Valley DriveReston, VA 20191-5804USA(703) [email protected]
Session 2826 Abstract
User Experience: Remote Operations using theHardware Management Console Web InterfaceDid you know that the IBM HardwareManagement Console includes a FREE remoteoperations facility? Come and find out how toenable this free facility to allow you to IPL andperform other system tasks from anywhere youchoose.
The presentation will include a live demo doinga STANDALONE DUMP and IPL of a parallelsysplex partition on a remote 9672.
Jump to first page
Previously AvailableRemote OperationsSolutions
•!Candle AF/Remote•CA-Automation Point•IBM TSCF•IBM VM•Roll Your Own
Jump to first page
Landmark RemoteOperations in the “ good olddays”
IBM VM/ESA 2.2 running on anIBM 9021-200 allowed any guest operating system to be IPLed remotely
Jump to first page
Changes
Parallel Sysplex did not run under VM prior to VM/ESA 2.3 so MVS development partitions were created along with a Coupling Facility partition.
Jump to first page
Changes
PROD continued to run under VM/ESA as did VSE guests.
Development of products that exploitedParallel Sysplex and the Coupling Facilityrequired us to move the PROD image to an LPAR.
Developers and IS staff no longer hadthe ability to remotely IPL a failed MVS.
Upgraded 9021 with 9672-R72
Jump to first page
HMC Web Server
Driver 98 is the system code for9672/9674 G3 & G4, Multiprise 2000,and StarterPak 3000 which makes theHMC Web Server available.
Available as of November 1997Refer to PSP bucket 9672DEVICE
Jump to first page
Client Requirements
HTML 2.0 and JavaScript 1.0Tested combinations:OS/2 Warp & Netscape 2.02Windows NT & either Netscape 3.0 orIE 3.02Windows 95 & either Netscape 3.01/4.0or IE 3.02/4.0
Jump to first page
Network Requirements
•Token Ring•Ethernet LAN
Connection via router or bridge to yournetwork.
Jump to first page
Network Security
TCP/IP access to the HMC + validuserid and password now allows aremote user to shutdown theconfiguration controlled by the HMC.
Unix/Network types may provideassistance with configuring limitedaccess.
Jump to first page
Landmark Network
Landmark’s current facility is wired withIBM Token Ring and our G3 came fittedwith token ring connectivity for it’s HMCso the physical connection merelyinvolved plugging a token ring cableinto the MAU inside the 9672 into theOlicom OC-8600 Crossfire Token-RingSwitch at Landmark.
The cable runs from the9672 to the Olicom OC-8600Crossfire Token-RingSwitch. Your networkconfiguration will likely bedifferent but you have toplan for physical and logicalnetwork connectivity to theHMC LAN.
Jump to first page
Highli ghts
•Free•Easy to Configure•Provides remote IPL,Shutdown, andStandalone dump•More in latest releases
Jump to first page
Setup Web Server on HMC
Select Console Actions and then“Enable Hardware ManagementConsole Services” icon
You need to login using ACSADMINin order to see this Option.
Enable the Web Server. You may select to allow ordeny use of the web console while a user is loggedinto the HMC
Users must be specifically permitted to usethe Web Server. You might want to createdifferent userid’s than those already definedfor user in the control room to limit access tothe Web Server.
The Web Server starts when the HMC is booted up. TheIBM name for the Web Server has changed several times.Here you will see IBM Connection Server but this may bedifferent if you have a more current level of system code.
Jump to first page
Web HMC CapabilitiesRemote Web browser operation of the Hardware Management Console
The Hardware Management Console may be remotely operated using a Webbrowser.
For each of the systems being managed by the Hardware ManagementConsole, the user can:
•Monitor the status•Monitor and handle hardware messages•Monitor and handle (console integration) operating system messages•Perform the following tasks: Activate, Deactivate, Load, Reset Normal andReset Clear
Jump to first page
Web HMC Capabilities
IBM Announcement
“This is intended for occasionalremote operation of the systems beingmanaged by the HMC.”
Our Experience is that it can be usedas the primary operations platform.
Jump to first page
Windows 95 IPL Station
The public accesspart of the datacenter includesseveral computersrunning Windows 95with Web Browserson which the WebHMC may beaccessed.
Jump to first page
HMC behind closed doors
The real HMC islocated next to theProcessor theDASD in a moresecured non-public part of thedata center.
Jump to first page
Caveat Emptor I
•Physical Security is important•The only downtime so far on Web Server has been whenusers at the real HMC inadvertently shut it down.
•Network Security is important•Access to Web Server•Passwords flow in the clear•Web server does not use a secured session i.e. SSL•Password Security does not use external securitymanager
Jump to first page
Caveat Emptor II
•Operatin g Procedures are important•Coordinate actions being taken at HMC and on WebConsole if you allow concurrent access
•IBM Direction is not to replace HMC•“This is intended for occasional remote operation of thesystems being managed by the HMC” IBMAnnouncement letter
Jump to first page
Caveat Emptor III LOGIN
Original Implementation of Web Server login had problemwith retaining userid/password temporarily withoutproviding any way for the user to control this. This wasworking as designed.
Password was remembered by Web Browser whichexposed Web HMC to access after authorized user closedthe Web Browser and left the workstation.
No way to switch to a different userid.
Jump to first page
LOGOFF
IBM has fixed the userid/password retention problem byproviding the ability to explicitly LOGOFF the Web HMC ina recent EC.
This is available free from IBM as
• Driver 22 with Feature Code 0041 forthe HMC
Jump to first page
WSC Flash W98015BTitle: Web Browser Interface problem with HMCs and DRV98G
MACHINE TYPE: 967X, 2003, 3000MODELS AFFECTED: All Models at Driver 98G
DESCRIPTION: At Driver 98G, there is a web browser interface to the HMC. This interface allows different tasks to be performed on the CPC, including activate, deactivate, load,reset, assign activation profiles and viewing messages. The problem is if you use the push button to doone of these functions, then later use the WEB Browser's "BACK" button to go back to that page, thefunction will besent again. An example is if you had activated a CEC and it had completed, then youused the WEB Browser "BACK" function to return to that page, the CEC would be activated again.This would happen even after a long period of time and many URLs.
RECOMMENDED ACTION: The workaround is to use the return button at the bottom of the HMCWEBPAGES.If you are on other web pages besides HMC, do not use the BACK function into the HMCpages. MCLs are currently in development and will be released into the HMC EC Stream F10644 andfor the Standalone SE EC Stream F10651. If any of your Customers have a HMC at a remote site anduse the WEB Browser interface, please advise them of this potential problem.
WSC Flashes onlinehttp://www.ibm.com/support/techdocs
Jump to first page
Related SHARERequirements
•SHARE requirement SSMVSE98500Increase security on the HMC WebBrowser was submitted to IBM followingSHARE in Washington D.C.
IBM will be responding to this requirement at thisSHARE.
Session 2802: MVS/SCP Project RequirementsSession at 6:00pm in the Sheraton, Level 2 -Superior
Stand-alone Dump to DASD
� Stand-alone Dump to DASD wasintroduced with MVS/ESA V4.3
� SAD to DASD is ideal if you areoperating remotely without a taperobot or tape drives.
� Some shops prefer SAD to DASDbecause they feel it reduces theopportunities for error during SAD
� SAD to DASD is slower thandumping to tape
SAD to DASD Preparation
� DASD Volume available� Allocate SYS1.SADMP data set
using REXXSYS1.SAMPLIB(AMDSADDD)
� Supply DASD unit address to SADwhen asked for output device.
� Operator is prompted by default ifthe output data set has been used.This default can be changed whenyou generate SAD
IPL Prompts
� If you want to be able to IPLremotely you need to do someplanning to either avoid or be ableto reply to prompts during NIP
� Remove NIPCONS specificationsand allow NIP to use HMC if youwant any prompts to come there
� You can use a LOAD parameter toeliminate normal IPL prompts
IPL Prompts II
� For complete documentation onhow to control prompting foroperator responses during IPL see:
OS/390MVS System Commands
Document Number GC28-1781-05
“Loading the System Software”
IPL Prompts IIIThe following table shows the possible values for the IMSIcharacter. The 1 4 5 6 7 8
+-------------------------------------------------------+
¦ IODF DASD ¦ LOADxx ¦PROMPT FEAT.¦ ALT NUCx ¦
+-------------------------------------------------------+
IODF LOADxx prompt nucleus
device suffix feature suffix
number
Figure 1. The Format of the LOAD Parameter
The LOAD parameter is specified ina LOAD profile on your HMC.
IPL Prompts IVThe following table shows the possible values for the IMSI character. Thedefault value is period (.).
+----------------------------------------------------------+
¦ IMSI ¦ Display ¦ Prompt for ¦ Prompt for ¦
¦ Character ¦ Informational ¦ Master Catalog ¦ System ¦
¦ ¦ Messages ¦ Response ¦ Parameters ¦
¦ ¦ ¦ ¦ Response ¦
+------------+---------------+----------------+------------¦
¦ period (.) ¦ No ¦ No ¦ No ¦
¦ or blank ¦ ¦ ¦ ¦
+------------+---------------+----------------+------------¦
¦ A ¦ Yes ¦ Yes ¦ Yes ¦
+------------+---------------+----------------+------------¦
¦ C ¦ No ¦ Yes ¦ No ¦
+------------+---------------+----------------+------------¦
¦ D ¦ Yes ¦ Yes ¦ No ¦
+------------+---------------+----------------+------------¦
¦ M ¦ Yes ¦ No ¦ No ¦
+------------+---------------+----------------+------------¦
¦ P ¦ No ¦ Yes ¦ Yes ¦
+------------+---------------+----------------+------------¦
¦ S ¦ No ¦ No ¦ Yes ¦
+------------+---------------+----------------+------------¦
¦ T ¦ Yes ¦ No ¦ Yes ¦
+----------------------------------------------------------+
IPL Prompts V
For complete documentation on theLOAD parameter see:
OS/390
MVS Initialization and TuningReference
Document Number SC28-1752-06
IPL Prompts VISample LOADxx member:
IEASYM (SD,L)IODF 93 SYS1 CPU1 00PARMLIB SYS1.SYSD.PARMLIBPARMLIB SYS1.R6GA.PARMLIBPARMLIB SYS1.DEVL.PARMLIBPARMLIB SYS1.PARMLIBPARMLIB CPAC.PARMLIBPARMLIB SYS1.IBM.PARMLIBSYSCAT ESACAT113CCATALOG.S39026.MASTER
Jump to first page
Speaker’s Pick “Don’tMiss” Session
Bit Bucket X'12'Session 2817
Bob and Carl are back!! They will amaze you with their ability to dredge in the mire of MVS andOS/390 knowledge, and come up with polished gems of information you can take back home and put
to good use (where do they get all this stuff?). Although topics aren't finalized until the sessionbegins, the topics presented in recent Bit Buckets include:
•Trapping Key 8 Getmains to CSA: Point & Counterpoint•CSM: Communications Storage Manager•SAMPLIB: What's Out There?•SQA/ESQA Default Allocation•Private Region Size Surprises•Logical Parmlib
The Bit Bucket - don't leave SHARE without it. A Friday SHARE tradition since 1991!Location and Time: Sheraton - Ballroom Level - Chicago Ballroom X @ 08/27/99 (Fri) - 11:00 AM
Presented by the MVS Cluster leaders Bob Shannon and Carl Youngren
A previous Bit Bucket provided the basis for the session you are attending.
Jump to first page
ResourcesBit Bucket X’0F’SHARE 90Session 2817Anaheim, CA
S/390 Multiprise 2000 Server Overview &UpdateSHARE 90Session 2823Anaheim, CA
GOTCHA! 1.45 OS/2 screen capture utilityThorsten Thielen
Jump to first page
Acknowled gements
•Bob Shannon, Programart Corporation•Carl Youngren, State of California•Greg Hutchison, IBM•Harv Emery, IBM•Bruce Hewson, CitiCorp
Special Thanks
•Monique Conway, Landmark Systems•Craig Stone, Landmark Systems•Pat Gregg, Landmark Systems
Jump to first page
Errata Sheet
The foils from this presentation as well as any additionsor corrections will be posted at my web sitehttp://www.his.com/~dragon/share93.htm following theSHARE conference.
You may also contact me directly if you have questions,additions, or corrections.
Sam KnutsonLandmark Systems Corporation12700 Sunrise Valley DriveReston, VA 20191-5804USA(703) [email protected]
Jump to first page
Demo
The live demo willbe operating this9672 housed inReston, VAremotely over adial-up connectionusing my 486 IBMThinkPad.
Jump to first page
IHV HardwareSeveral people have asked me about Amdahl andHitachi equipment. I have personally not usedeither, however, information follows provided byAmdahl about facilities for providing the samefunction for control of Amdahl hardware. SeeAmdahl web site http://www.amdahl.com for mostcurrent information.
I was unable to contact HDS in time to getinformation but suggest you check the web sitehttp://www.hds.com or contact your Hitachi DataSystems representative for more information.
Operatin g Amdahl CPCsvia HMCThere are 2 methods that can be used to operateAmdahl CMOS systems from the IBM HMC:
� Using Amdahl Tower code
� Using Amdahl HMCIF (HMC Interface)If using an Amdahl HMC (available 4Q1999) thenthe only option is to use Amdahl Tower code.
Note: Only Amdahl CPCs can be attached to theAmdahl HMC
Amdahl Tower code
� This is Amdahl written code that is installed onthe IBM (or Amdahl) HMC.
� Uses an API layer to interact with IBM base codewhich is present on both IBM and Amdahl HMC.
� Amdahl objects show up on HMC just as before,however when Amdahl objects are selected, theAmdahl Tower code gains control.
� Allows full support of Amdahl systems in aseamless manner.
� Available NOW. Amdahl recommends thatcustomers wishing to attach Amdahl CMOS toIBM HMC use Tower code method rather thanHMCIF.
Amdahl Tower code� Concept view of Tower
Concepts
Amdahl CPCTower
Other Tower
IBM CPCTower
IBM HMC Base Code
Amdahl Tower code
Tower adds functionality :�Remote IOCDS and associated HCD functions
� LPAR controls task� CHPID manipulation tasks� Full function profile customization� Amdahl specific on-line Help� Amdahl specific messages
�IBM HMC requirements for Tower:� IBM HMC must be at Driver 12 or higher� Recommend IBM HMC hardware be at P200
level for production level performance
Amdahl Tower code
Planning Considerations
�IBM HMC SNMP and web-server support isimplemented via IBM CPC Tower�Amdahl Tower controlled objects are not accessibleby the IBM Tower (and vice versa)�Amdahl Tower controlled objects will not show upon HMC web-page�ISV’s (Independent S/W vendors) that offer SNMPmanagement via HMC need to make changes
Amdahl Tower Code
SNMP Operations
�Amdahl will supply tower based SNMP sub-agent,Amdahl SNMP APIs and Sample code�Requires relatively minor changes in ISV code tooperate both Amdahl and IBM objects via IBMHMC�Amdahl is working with ISVs to assist them inproviding support for Amdahl Tower SNMP
Amdahl Tower code
Migration Aid
�Amdahl COS (support element) can be configuredsuch that it supports Tower and HMC IF connection concurrently�Customer with multiple HMCs can define AmdahlCPCs via HMCIF from one HMC, and use this HMCas web-server, or SNMP gateway�Other HMCs can run Amdahl Tower code and benefit from the improved Tower features
Amdahl CPCs and HMCweb-server� Amdahl Tower support for web-server is
currently in the design phase� Initial implementation and subsequent
enhancements will be rolled out through2000.
� Will be supported by Amdahl Towerrunning either on IBM HMC or onAmdahl HMC
� Objective is to allow Browser access toHMC functions, and to show GUI that issimilar to HMC GUI.
Amdahl CPCs and HMCweb-serverInitial Implementation:
�Daily tasks, Operator messages and Hardwaremessages. Object monitoring (via colors) andaccess control (via userid/password).�Access (on IBM HMC) via same IP address, butdifferent port (e.g. 129.212.169.155:1080)�When connecting to web-enabled Amdahl HMC justuse IP address (e.g. 129.212.169.154)
Amdahl CPC’s and HMCweb-serverLater enhancements:
�Support all HMC Operational functions via Webinterface.�Future releases will support features such asProfile Customization, System Activity Displayand LPAR controls.
Browser Level:� Will require client PC to run Netscape 4.04+, orInternet Explorer 4.0+.