Jump to first page

Session 2826User Experience: RemoteOperations using theHardware ManagementConsole Web Interface

SHARE 93MVS/SCP Project

August 24, 1999

Sam KnutsonLandmark Systems Corporation12700 Sunrise Valley DriveReston, VA 20191-5804USA(703) 464-1615sknutson@landmark.com

Session 2826 Abstract

User Experience: Remote Operations using theHardware Management Console Web InterfaceDid you know that the IBM HardwareManagement Console includes a FREE remoteoperations facility? Come and find out how toenable this free facility to allow you to IPL andperform other system tasks from anywhere youchoose.

The presentation will include a live demo doinga STANDALONE DUMP and IPL of a parallelsysplex partition on a remote 9672.

Jump to first page

Agenda

•Introduction•Environment•Solution•Caveats•Live Demo!

Jump to first page

Previously AvailableRemote OperationsSolutions

•!Candle AF/Remote•CA-Automation Point•IBM TSCF•IBM VM•Roll Your Own

Jump to first page

Landmark RemoteOperations in the “ good olddays”

IBM VM/ESA 2.2 running on anIBM 9021-200 allowed any guest operating system to be IPLed remotely

Jump to first page

Changes

Parallel Sysplex did not run under VM prior to VM/ESA 2.3 so MVS development partitions were created along with a Coupling Facility partition.

Jump to first page

Changes

PROD continued to run under VM/ESA as did VSE guests.

Development of products that exploitedParallel Sysplex and the Coupling Facilityrequired us to move the PROD image to an LPAR.

Developers and IS staff no longer hadthe ability to remotely IPL a failed MVS.

Upgraded 9021 with 9672-R72

Jump to first page

HMC Web Server

Driver 98 is the system code for9672/9674 G3 & G4, Multiprise 2000,and StarterPak 3000 which makes theHMC Web Server available.

Available as of November 1997Refer to PSP bucket 9672DEVICE

Jump to first page

Client Requirements

HTML 2.0 and JavaScript 1.0Tested combinations:OS/2 Warp & Netscape 2.02Windows NT & either Netscape 3.0 orIE 3.02Windows 95 & either Netscape 3.01/4.0or IE 3.02/4.0

Jump to first page

Network Requirements

•Token Ring•Ethernet LAN

Connection via router or bridge to yournetwork.

Jump to first page

Network Security

TCP/IP access to the HMC + validuserid and password now allows aremote user to shutdown theconfiguration controlled by the HMC.

Unix/Network types may provideassistance with configuring limitedaccess.

Jump to first page

Landmark Network

Landmark’s current facility is wired withIBM Token Ring and our G3 came fittedwith token ring connectivity for it’s HMCso the physical connection merelyinvolved plugging a token ring cableinto the MAU inside the 9672 into theOlicom OC-8600 Crossfire Token-RingSwitch at Landmark.

Category 5 cableconnected to9672 on this end.

The cable runs from the9672 to the Olicom OC-8600Crossfire Token-RingSwitch. Your networkconfiguration will likely bedifferent but you have toplan for physical and logicalnetwork connectivity to theHMC LAN.

Olicom Token-Ring UTP LAM(s) OC-3162 pluginto the Olicom Token-Ring Switch.

Olicom Token-Ring UTP LAM(s) OC-3162 pluginto these patch panels that lead out to networkusers.

Jump to first page

Highli ghts

•Free•Easy to Configure•Provides remote IPL,Shutdown, andStandalone dump•More in latest releases

Jump to first page

Setup Web Server on HMC

Select Console Actions and then“Enable Hardware ManagementConsole Services” icon

You need to login using ACSADMINin order to see this Option.

Enable Hardware Management Console Services

Enable the Web Server. You may select to allow ordeny use of the web console while a user is loggedinto the HMC

Configure TCP/IP

Assign an IP address available on your internalnetwork or select DHCP if you use it instead.

Configure any required Routing Information

Configure DNS for your site and this machines name

Users must be specifically permitted to usethe Web Server. You might want to createdifferent userid’s than those already definedfor user in the control room to limit access tothe Web Server.

The Web Server starts when the HMC is booted up. TheIBM name for the Web Server has changed several times.Here you will see IBM Connection Server but this may bedifferent if you have a more current level of system code.

Jump to first page

Web HMC CapabilitiesRemote Web browser operation of the Hardware Management Console

The Hardware Management Console may be remotely operated using a Webbrowser.

For each of the systems being managed by the Hardware ManagementConsole, the user can:

•Monitor the status•Monitor and handle hardware messages•Monitor and handle (console integration) operating system messages•Perform the following tasks: Activate, Deactivate, Load, Reset Normal andReset Clear

Jump to first page

Web HMC Capabilities

IBM Announcement

“This is intended for occasionalremote operation of the systems beingmanaged by the HMC.”

Our Experience is that it can be usedas the primary operations platform.

Jump to first page

Windows 95 IPL Station

The public accesspart of the datacenter includesseveral computersrunning Windows 95with Web Browserson which the WebHMC may beaccessed.

Jump to first page

HMC behind closed doors

The real HMC islocated next to theProcessor theDASD in a moresecured non-public part of thedata center.

When you browse to the HMC this is what you see

After login to Web HMC

Select and object and you get the available options

Jump to first page

Caveat Emptor I

•Physical Security is important•The only downtime so far on Web Server has been whenusers at the real HMC inadvertently shut it down.

•Network Security is important•Access to Web Server•Passwords flow in the clear•Web server does not use a secured session i.e. SSL•Password Security does not use external securitymanager

Jump to first page

Caveat Emptor II

•Operatin g Procedures are important•Coordinate actions being taken at HMC and on WebConsole if you allow concurrent access

•IBM Direction is not to replace HMC•“This is intended for occasional remote operation of thesystems being managed by the HMC” IBMAnnouncement letter

Jump to first page

Caveat Emptor III LOGIN

Original Implementation of Web Server login had problemwith retaining userid/password temporarily withoutproviding any way for the user to control this. This wasworking as designed.

Password was remembered by Web Browser whichexposed Web HMC to access after authorized user closedthe Web Browser and left the workstation.

No way to switch to a different userid.

Jump to first page

LOGOFF

IBM has fixed the userid/password retention problem byproviding the ability to explicitly LOGOFF the Web HMC ina recent EC.

This is available free from IBM as

• Driver 22 with Feature Code 0041 forthe HMC

Jump to first page

WSC Flash W98015BTitle: Web Browser Interface problem with HMCs and DRV98G

MACHINE TYPE: 967X, 2003, 3000MODELS AFFECTED: All Models at Driver 98G

DESCRIPTION: At Driver 98G, there is a web browser interface to the HMC. This interface allows different tasks to be performed on the CPC, including activate, deactivate, load,reset, assign activation profiles and viewing messages. The problem is if you use the push button to doone of these functions, then later use the WEB Browser's "BACK" button to go back to that page, thefunction will besent again. An example is if you had activated a CEC and it had completed, then youused the WEB Browser "BACK" function to return to that page, the CEC would be activated again.This would happen even after a long period of time and many URLs.

RECOMMENDED ACTION: The workaround is to use the return button at the bottom of the HMCWEBPAGES.If you are on other web pages besides HMC, do not use the BACK function into the HMCpages. MCLs are currently in development and will be released into the HMC EC Stream F10644 andfor the Standalone SE EC Stream F10651. If any of your Customers have a HMC at a remote site anduse the WEB Browser interface, please advise them of this potential problem.

WSC Flashes onlinehttp://www.ibm.com/support/techdocs

Jump to first page

Related SHARERequirements

•SHARE requirement SSMVSE98500Increase security on the HMC WebBrowser was submitted to IBM followingSHARE in Washington D.C.

IBM will be responding to this requirement at thisSHARE.

Session 2802: MVS/SCP Project RequirementsSession at 6:00pm in the Sheraton, Level 2 -Superior

Stand-alone Dump to DASD

� Stand-alone Dump to DASD wasintroduced with MVS/ESA V4.3

� SAD to DASD is ideal if you areoperating remotely without a taperobot or tape drives.

� Some shops prefer SAD to DASDbecause they feel it reduces theopportunities for error during SAD

� SAD to DASD is slower thandumping to tape

SAD to DASD Preparation

� DASD Volume available� Allocate SYS1.SADMP data set

using REXXSYS1.SAMPLIB(AMDSADDD)

� Supply DASD unit address to SADwhen asked for output device.

� Operator is prompted by default ifthe output data set has been used.This default can be changed whenyou generate SAD

IPL Prompts

� If you want to be able to IPLremotely you need to do someplanning to either avoid or be ableto reply to prompts during NIP

� Remove NIPCONS specificationsand allow NIP to use HMC if youwant any prompts to come there

� You can use a LOAD parameter toeliminate normal IPL prompts

IPL Prompts II

� For complete documentation onhow to control prompting foroperator responses during IPL see:

OS/390MVS System Commands

Document Number GC28-1781-05

“Loading the System Software”

IPL Prompts IIIThe following table shows the possible values for the IMSIcharacter. The 1 4 5 6 7 8

+-------------------------------------------------------+

¦ IODF DASD ¦ LOADxx ¦PROMPT FEAT.¦ ALT NUCx ¦

+-------------------------------------------------------+

IODF LOADxx prompt nucleus

device suffix feature suffix

number

Figure 1. The Format of the LOAD Parameter

The LOAD parameter is specified ina LOAD profile on your HMC.

IPL Prompts IVThe following table shows the possible values for the IMSI character. Thedefault value is period (.).

+----------------------------------------------------------+

¦ IMSI ¦ Display ¦ Prompt for ¦ Prompt for ¦

¦ Character ¦ Informational ¦ Master Catalog ¦ System ¦

¦ ¦ Messages ¦ Response ¦ Parameters ¦

¦ ¦ ¦ ¦ Response ¦

+------------+---------------+----------------+------------¦

¦ period (.) ¦ No ¦ No ¦ No ¦

¦ or blank ¦ ¦ ¦ ¦

+------------+---------------+----------------+------------¦

¦ A ¦ Yes ¦ Yes ¦ Yes ¦

+------------+---------------+----------------+------------¦

¦ C ¦ No ¦ Yes ¦ No ¦

+------------+---------------+----------------+------------¦

¦ D ¦ Yes ¦ Yes ¦ No ¦

+------------+---------------+----------------+------------¦

¦ M ¦ Yes ¦ No ¦ No ¦

+------------+---------------+----------------+------------¦

¦ P ¦ No ¦ Yes ¦ Yes ¦

+------------+---------------+----------------+------------¦

¦ S ¦ No ¦ No ¦ Yes ¦

+------------+---------------+----------------+------------¦

¦ T ¦ Yes ¦ No ¦ Yes ¦

+----------------------------------------------------------+

IPL Prompts V

For complete documentation on theLOAD parameter see:

OS/390

MVS Initialization and TuningReference

Document Number SC28-1752-06

IPL Prompts VISample LOADxx member:

IEASYM (SD,L)IODF 93 SYS1 CPU1 00PARMLIB SYS1.SYSD.PARMLIBPARMLIB SYS1.R6GA.PARMLIBPARMLIB SYS1.DEVL.PARMLIBPARMLIB SYS1.PARMLIBPARMLIB CPAC.PARMLIBPARMLIB SYS1.IBM.PARMLIBSYSCAT ESACAT113CCATALOG.S39026.MASTER

Jump to first page

Speaker’s Pick “Don’tMiss” Session

Bit Bucket X'12'Session 2817

Bob and Carl are back!! They will amaze you with their ability to dredge in the mire of MVS andOS/390 knowledge, and come up with polished gems of information you can take back home and put

to good use (where do they get all this stuff?). Although topics aren't finalized until the sessionbegins, the topics presented in recent Bit Buckets include:

•Trapping Key 8 Getmains to CSA: Point & Counterpoint•CSM: Communications Storage Manager•SAMPLIB: What's Out There?•SQA/ESQA Default Allocation•Private Region Size Surprises•Logical Parmlib

The Bit Bucket - don't leave SHARE without it. A Friday SHARE tradition since 1991!Location and Time: Sheraton - Ballroom Level - Chicago Ballroom X @ 08/27/99 (Fri) - 11:00 AM

Presented by the MVS Cluster leaders Bob Shannon and Carl Youngren

A previous Bit Bucket provided the basis for the session you are attending.

Jump to first page

ResourcesBit Bucket X’0F’SHARE 90Session 2817Anaheim, CA

S/390 Multiprise 2000 Server Overview &UpdateSHARE 90Session 2823Anaheim, CA

GOTCHA! 1.45 OS/2 screen capture utilityThorsten Thielen

Jump to first page

Acknowled gements

•Bob Shannon, Programart Corporation•Carl Youngren, State of California•Greg Hutchison, IBM•Harv Emery, IBM•Bruce Hewson, CitiCorp

Special Thanks

•Monique Conway, Landmark Systems•Craig Stone, Landmark Systems•Pat Gregg, Landmark Systems

Jump to first page

Errata Sheet

The foils from this presentation as well as any additionsor corrections will be posted at my web sitehttp://www.his.com/~dragon/share93.htm following theSHARE conference.

You may also contact me directly if you have questions,additions, or corrections.

Sam KnutsonLandmark Systems Corporation12700 Sunrise Valley DriveReston, VA 20191-5804USA(703) 464-1615sknutson@landmark.com

Jump to first page

Demo

The live demo willbe operating this9672 housed inReston, VAremotely over adial-up connectionusing my 486 IBMThinkPad.

Jump to first page

IHV HardwareSeveral people have asked me about Amdahl andHitachi equipment. I have personally not usedeither, however, information follows provided byAmdahl about facilities for providing the samefunction for control of Amdahl hardware. SeeAmdahl web site http://www.amdahl.com for mostcurrent information.

I was unable to contact HDS in time to getinformation but suggest you check the web sitehttp://www.hds.com or contact your Hitachi DataSystems representative for more information.

Operatin g Amdahl CPCsvia HMCThere are 2 methods that can be used to operateAmdahl CMOS systems from the IBM HMC:

� Using Amdahl Tower code

� Using Amdahl HMCIF (HMC Interface)If using an Amdahl HMC (available 4Q1999) thenthe only option is to use Amdahl Tower code.

Note: Only Amdahl CPCs can be attached to theAmdahl HMC

Amdahl Tower code

� This is Amdahl written code that is installed onthe IBM (or Amdahl) HMC.

� Uses an API layer to interact with IBM base codewhich is present on both IBM and Amdahl HMC.

� Amdahl objects show up on HMC just as before,however when Amdahl objects are selected, theAmdahl Tower code gains control.

� Allows full support of Amdahl systems in aseamless manner.

� Available NOW. Amdahl recommends thatcustomers wishing to attach Amdahl CMOS toIBM HMC use Tower code method rather thanHMCIF.

Amdahl Tower code� Concept view of Tower

Concepts

Amdahl CPCTower

Other Tower

IBM CPCTower

IBM HMC Base Code

Amdahl Tower code

Tower adds functionality :�Remote IOCDS and associated HCD functions

� LPAR controls task� CHPID manipulation tasks� Full function profile customization� Amdahl specific on-line Help� Amdahl specific messages

�IBM HMC requirements for Tower:� IBM HMC must be at Driver 12 or higher� Recommend IBM HMC hardware be at P200

level for production level performance

Amdahl Tower code

Planning Considerations

�IBM HMC SNMP and web-server support isimplemented via IBM CPC Tower�Amdahl Tower controlled objects are not accessibleby the IBM Tower (and vice versa)�Amdahl Tower controlled objects will not show upon HMC web-page�ISV’s (Independent S/W vendors) that offer SNMPmanagement via HMC need to make changes

Amdahl Tower Code

SNMP Operations

�Amdahl will supply tower based SNMP sub-agent,Amdahl SNMP APIs and Sample code�Requires relatively minor changes in ISV code tooperate both Amdahl and IBM objects via IBMHMC�Amdahl is working with ISVs to assist them inproviding support for Amdahl Tower SNMP

Amdahl Tower code

Migration Aid

�Amdahl COS (support element) can be configuredsuch that it supports Tower and HMC IF connection concurrently�Customer with multiple HMCs can define AmdahlCPCs via HMCIF from one HMC, and use this HMCas web-server, or SNMP gateway�Other HMCs can run Amdahl Tower code and benefit from the improved Tower features

Amdahl CPCs and HMCweb-server� Amdahl Tower support for web-server is

currently in the design phase� Initial implementation and subsequent

enhancements will be rolled out through2000.

� Will be supported by Amdahl Towerrunning either on IBM HMC or onAmdahl HMC

� Objective is to allow Browser access toHMC functions, and to show GUI that issimilar to HMC GUI.

Amdahl CPCs and HMCweb-serverInitial Implementation:

�Daily tasks, Operator messages and Hardwaremessages. Object monitoring (via colors) andaccess control (via userid/password).�Access (on IBM HMC) via same IP address, butdifferent port (e.g. 129.212.169.155:1080)�When connecting to web-enabled Amdahl HMC justuse IP address (e.g. 129.212.169.154)

Amdahl CPC’s and HMCweb-serverLater enhancements:

�Support all HMC Operational functions via Webinterface.�Future releases will support features such asProfile Customization, System Activity Displayand LPAR controls.

Browser Level:� Will require client PC to run Netscape 4.04+, orInternet Explorer 4.0+.