[z/OS]

z/OS Profile Management Command Line tool definitions: Network Deployment Manager

The z/OS Profile Management Command Line tool uses the variables defined below, which will be used to create the response file.

The WebSphere® Application Server for z/OS® runtime requires four servers in a Network Deployment cell: application server, deployment manager, node agent, and location service daemon. The panels corresponding to the following tables set up the names, network configuration, start procedures, and user IDs for a Network Deployment cell.

System Locations

This section identifies the target z/OS system on which you will configure the deployment manager for the Network Deployment cell, along with system data set names.

System name (zSystemName)
The system name for the target z/OS system on which you will configure WebSphere Application Server for z/OS.
Sysplex name (zSysplexName)
The sysplex name for the target z/OS system on which you will configure WebSphere Application Server for z/OS.

Tip: If you are not sure what the system name (&SYSNAME) and sysplex name (&SYSPLEX) are, use the console command D SYMBOLS on the target z/OS system to display them.

For the following, specify the fully qualified data set names without quotes.

Rule: You can specify up to 44 characters for the data set names.

PROCLIB (zProclibName)
An existing procedure library where the WebSphere Application Server for z/OS cataloged procedures are added.

WebSphere Application Server for z/OS product data sets

Specify the following WebSphere Application Server for z/OS libraries so they can be accessed by the customized jobstreams the dialog produces. These data sets must be cataloged. See Product data sets for more information.

Run WebSphere Application Server from STEPLIB (Y/N)? (zRunWasFromSteplib)
Specifies whether to load WebSphere Application Server for z/OS load modules from STEPLIB ("Y") or from the link pack area and link list ("N"). See Link pack area, link list, and STEPLIB for more information.
Note: Specify "Y" if you have another instance of WebSphere Application Server for z/OS (Version 4 or later) in the system link pack area or link list.
SBBOLPA (zBbolpaName)
WebSphere Application Server for z/OS load module library. It has modules that should go into LPA or the location service daemon STEPLIB.
SBBOLOAD (zBboloadName)
WebSphere Application Server for z/OS 31-bit load module library. It has members that should go into the link list or LPA, or into STEPLIB.
SBBGLOAD (zBbgloadName)
WebSphere Application Server for z/OS 64-bit load module library. It has members that should go into the link list or LPA, or into STEPLIB.
SBBOLD2 (zBbolod2Name)
WebSphere Application Server for z/OS load module library that you installed through SMP/E. It has members that should go into the link list, or into STEPLIB. DO NOT place them in LPA.
SBBOEXEC (zBboexecName)
WebSphere Application Server for z/OS CLIST library.
SBBOMSG (zBBOMSGName)
SBBOMSG WebSphere Application Server for z/OS message skeletons for language translation.

Locations of file system resident components

WebSphere Application Server product directory(zAppServerWasServerDir)
The name of the directory where WebSphere Application Server for z/OS files reside after installation. See Product file system for more information.

WebSphere configuration file system

This section defines the WebSphere configuration file system that you will use for the deployment manager. See Configuration file system for more information.
Mount point (zConfigMountPoint)
Read/write file system directory mount point where application data and environment files are written. The customization process creates this mount point if it does not already exist.
Name (zConfigHfsName)
File system data set you will create and mount at the above mount point.

Rule: You can specify up to 44 characters for the data set name.

Volume, or '*' for SMS (zConfigHfsVolume)
Specify either the DASD volume serial number to contain the above data set or "*" to let SMS select a volume. Using "*" requires that SMS automatic class selection (ACS) routines be in place to select the volume. If you do not have SMS set up to handle data set allocation automatically, list the volume explicitly.
Primary allocation in cylinders (zConfigHfsPrimaryCylinders)
Initial size allocation in cylinders for the above data set.

Recommendation: The minimum suggested size is 250 cylinders (3390).

Secondary allocation in cylinders (zConfigHfsSecondaryCylinders)
Size of each secondary extent in cylinders.

Recommendation: The minimum suggested size is 100 cylinders.

File system type (HFS or ZFS) (zFilesystemType)
This is the type of file system that will be used when creating the WebSphere for z/OS configuration file system. The default is HFS.

WebSphere error log stream

This section defines the System Logger log stream that you will use for WebSphere Application Server for z/OS error logging if TRACEBUFFLOC=BUFFER. Having the error log in the log stream is optional. By default, the error log is written to JES SYSOUT.
Name (zErrorLogstreamName)
Name of the WebSphere error log stream you will create.
Rules:
  • The name must be 26 or fewer characters.
  • Do NOT put quotes around the name.

Ctrace Writer Definitions

WebSphere application Server for z/OS uses component trace (CTRACE) to capture and to display trace data in trace data sets. WebSphere Application Server for z/OS identifies itself to CTRACE with the cell short name.

Trace Parmlib member suffix (zCtraceParmlibSuffix)
Value that is appended to CTIBBO to form the member name for the Trace parmlib member.

Server customization

During this customization task, you will create a cell configuration, a deployment manager node and deployment manager, and a location service daemon. The panels corresponding to the following tables set up the names, network configuration, start procedures, and user IDs for a deployment manager server.

Rule: In the following customization, names must be eight or fewer characters unless otherwise specified.
WebSphere Application Server home directory
Directory in which the deployment manager resides. See Configuration file system for more information.
Note: You can alter only the portion after the configuration file system mount point.
Cell name (short)
Name that identifies the cell to z/OS facilities such as SAF.
Rules:
  • Name must be eight or fewer characters and all uppercase.
  • Name must be unique among all other cells in the sysplex.
Cell name (long)
Primary external identification of this WebSphere Application Server for z/OS cell. This name identifies the cell as displayed through the administrative console.
Rules:
  • Name must be 50 or fewer characters and can be of mixed case.
  • Name must be unique among all other cells in the sysplex.
Node name (short)
Name that identifies the deployment manager node to z/OS facilities such as SAF.
Rules:
  • Name must be eight or fewer characters and all uppercase.
  • Name must be unique within the cell.
Node name (long)
Primary external identification of this WebSphere Application Server for z/OS deployment manager node. This name identifies the node as displayed through the administrative console.
Rules:
  • Name must be 50 or fewer characters and can be of mixed case.
  • Name must be unique within the cell.
Server name (short)
This value identifies the deployment manager server to z/OS facilities such as SAF.
Note: The server short name is used as the server JOBNAME.

Rule: Name must usually contain seven or fewer all-uppercase characters. To change the jobname later to an eight-character value, you must follow the steps outlined in the "Converting a 7-character server short name to 8 characters" article in the information center.

Server name (long)
Name of the deployment manager application server and the primary external identification of this WebSphere Application Server for z/OS. This name identifies the server as displayed through the administrative console. The server name has a fixed name (long) of "dmgr".
Cluster transition name (zClusterTransitionname)
WLM APPLENV name for this server.
Note: The deployment manager is not clusterable, so this value never actually becomes the cluster short name of this server's cluster. However, like an application server, the deployment manager still needs an APPLENV, so the cluster transition name is used for this purpose.

Rule: Name must be eight or fewer characters and all uppercase.

Deployment manager definitions

Rule: In the following definitions, names must be eight or fewer characters unless otherwise specified.

Controller Information
Jobname
The jobname, specified in the MVS START command JOBNAME parameter, associated with the deployment manager controller. This is the same as the server short name and it cannot be changed through the Customization Dialog.
Procedure name
Name of member in your procedure library to start the deployment manager controller.

Rule: Name must be seven or fewer characters.

User ID
The user ID associated with the deployment manager controller.
Note: If you are using a non-IBM security system, the user ID might have to match the procedure name. Please refer to your security system's documentation.
UID
The user identifier associated with this user ID.

Rule: UIDs must be unique numbers, between 1 and 2,147,483,647, within the system.

Servant Information
Jobname
The jobname used by WLM to start the deployment manager servant. This is set to the server short name followed by the letter "S", and it cannot be changed through the Customization Dialog.
Procedure name (zAdjunctProcName)
Name of member in your procedure library to start the deployment manager servant.

Rule: Name must be seven or fewer characters.

User ID (zAdjunctUserid)
The user ID associated with the deployment manager servant.
Note: If you are using a non-IBM security system, the user ID might have to match the procedure name. Please refer to your security system's documentation.
UID (zAdjunctUid)
The user identifier associated with this user ID.

Rule: UIDs must be unique numbers, between 1 and 2,147,483,647, within the system.

Deployment manager TCP/IP information

Note: Do not choose port values already in use.
Node host name (hostName)
IP name or address of the system on which the server is configured. This value is used by other WebSphere Application Server for z/OS functions to connect to this server.
Note: The node host name must always resolve to an IP stack on the system where the application server runs. (You can either have multiple IP stacks on a given MVS image and have the deployment manager and stand-alone application server tied to separate host names, or you can associate them with the same node host name.) The node host name cannot be a DVIPA or a DNS name that, in any other way, causes the direction of requests to more than one system.
SOAP JMX Connector port (zNodeAgentJmxsoapconnectorPort)
Port number for the JMX HTTP connection to this server based on the SOAP protocol. JMX is used for remote administrative functions, such as invoking scripts through wsadmin.sh.

Rule: Value cannot be 0.

Cell Discovery Address port
Port number used by node agents to connect to this deployment manager server.
ORB Listener IP name (zOrbListenerHostName)
IP address on which the server's ORB listens for incoming IIOP requests. The default is "*", which instructs the ORB to listen on all available IP addresses.
ORB port (zNodeAgentOrbPortName)
Port for IIOP requests that acts as the bootstrap port for this server and also as the port through which the ORB accepts IIOP requests.

Rule: Value cannot be 0.

ORB SSL port (zNodeAgentOrbSslPortName)
Port for secure IIOP requests. The default is "0", which allows the system to choose this port.
HTTP transport IP name (zHttpTransportHostname)
IP address on which the server's Web container should listen for incoming HTTP requests. The default is "*", which instructs the Web container to listen on all available IP addresses.
Note: The "transport host name" becomes the "hostname" in the virtualhosts.xml file, which makes setting a specific IP address here less than ideal because, if you do so, you are restricting yourself to that IP address until you go into the administrative console and add another virtual host.
Administrative console port (zAdminConsolePort)
Port for HTTP requests to the administrative console.
Administrative console secure port (zAdminConsoleSecurePort)
Port for secure HTTP requests to the administrative console.
High Availability Manager communication port
Port on which the High Availability Manager listens.

Location service daemon

The location service daemon is the initial point of client contact in WebSphere Application Server for z/OS. The server contains the CORBA-based location service agent, which places sessions in a cell. All RMI/IIOP IORs (for example, for enterprise beans) establish connections to the location service daemon first, then forward them to the target application server.
Daemon home directory (zDaemonHomePath)
Directory in which the location service daemon resides. This is set to the configuration HFS mount point/Daemon and cannot be changed.
Daemon jobname (zDaemonJobname)
Specifies the jobname of the location service daemon, specified in the JOBNAME parameter of the MVS start command used to start the location service daemon.
Note: The same daemon jobname is used on all z/OS systems hosting the cell. Therefore, this name is generic and has no system indicator. When the deployment manager's controller started, its location service daemon was started automatically using this particular daemon jobname value.

Caution: When configuring a second cell, ensure you change the daemon jobname from the default or value you used for the first cell.

Note: A server automatically starts the location service daemon if it is not already running.
Procedure name (zDaemonProcName)
Name of the member in your procedure library to start the location service daemon.

Rule: Name must be seven or fewer characters.

User ID (zDaemonUserid)
The user ID associated with the location service daemon.
UID (zDaemonUid)
The user identifier associated with this user ID.

Rule: UIDs must be unique numbers, between 1 and 2,147,483,647, within the system.

IP Name (zDaemonIPName)
The fully qualified IP name, registered with the Domain Name Server (DNS), that the location service daemon uses.
Adhere to the following regarding your location service daemon IP name:
  • It must be unique in the sysplex.
  • It must not have the same value as any one system's node host name. (You can use the host name of the LPAR.)
  • It should be a name that can be used in conjunction with a routing service that distributes requests among nodes in the cell (that is, systems in the sysplex).
  • It should be a virtual IP address (VIPA) if you are operating in a sysplex.
Note:
  • IBM® recommends you use z/OS Sysplex Distributor by way of a "Dynamic Virtual IP address" (DVIPA). See related sections in the information center for more information.
  • Select the IP name for the location service daemon carefully. Once chosen it is difficult to change, even in the middle of customization. This name must not be a numeric, such as, 3.7.25.43.
Daemon Listen IP (zDaemonListenIP)
The default value is *.

Rule: The default is * or a numeric IP address.

Port (zDaemonPort)
The port number on which the location service daemon listens.
Note: Select the port number for the location service daemon carefully. You can choose any port you want; but, once chosen, it is difficult to change, even in the middle of customization.
SSL port (zDaemonSSLPort)
The port number on which the location service daemon listens for SSL connections.
Register daemon with WLM DNS (zDaemonRegisterWlmDns)
If you use the WLM DNS (connection optimization), you need to specify "true" to register your location service daemon with it. Otherwise, select "false."
Note: Only one location service daemon per LPAR can register its domain name with WLM DNS. If you have multiple cells in the same LPAR and register one location service daemon and then a second, the second will fail to start.

SSL customization

If you plan to enable Administrative Security at some point, as is recommended, fill in the following SSL values:
Certificate authority keylabel (zCaKeyLabel)
The name of the key label that identifies the certificate authority (CA) to be used in generating server certificates.
Generate authority certificate (zGenerateCaCertificate)
Select "true" to generate a new CA certificate. Select "false" to have an existing CA certificate generate server certificates.
Expiration date for certificates (zCaAuthorityExpirationDate)
The expiration date used for any X509 Certificate Authority certificates, as well as the expiration date for the personal certificates generated for WebSphere Application Server for z/OS servers. You must specify this even if you selected "N" for "Generate Certificate Authority (CA) certificate."
Default RACF® keyring name (zDefaultSAFKeyringName)
The default name given to the RACF keyring used by WebSphere Application Server for z/OS. The keyring names created for repertoires are all the same within a cell.
Enable SSL on location service daemon (zEnableSslOnDaemon)
Select "true" if you want to support secure communications using Inter-ORB Request Protocol (IIOP) to the location service daemon using SSL. If you specify "true", a RACF keyring will be generated for the location service daemon to use, otherwise specify "false."

Security Customization

During the initial setup, you can choose one of the following three options for administrative security.

Option 1 - Use z/OS-managed security (zAdminSecurityType=websphereForZos)
Use the z/OS system's SAF-compliant security database to define WebSphere Application Server users. The EJBROLE profile will be used to control role-based access to applications. An administrator user ID and an unauthenticated user ID will be created and defined in the security database. Select this option if the WebSphere Application Server environment will run entirely on z/OS with a shared SAF-compliant (Local OS) user registry, or if you plan to implement an non-Local OS user registry (such as LDAP) with mapping to SAF user IDs.
Option 2 - Use WebSphere-managed security (zAdminSecurityType=websphereFamily)
Use a simple file-based registry to define WebSphere Application Server users. An administrator user ID will be created and defined in the file-based registry.
Option 3 - No security (zAdminSecurityType=none)
Do not enable administrative security (not recommended). Your WebSphere Application Server environment will not be secured until you configure and enable security manually.

Depending on the security option you choose, there may be additional customization dialog values you need to set.

Security customization - z/OS-managed security

For this security option, you must decide whether to set a security domain name, and choose an administrator user ID and an unauthenticated (guest) user ID.

Use security domain identifier in RACF profiles (zSecurityDomainId)
Set this to Y if you wish to include a security domain name in certain SAF security checks (APPL, CBIND, EJBROLE). Enter a 1-8 character security domain name.
Administrator user ID (zAdminUserid)
Administrator user ID Enter a valid SAF user ID which will become the initial cell administrator. If this user ID already exists, it must have the WebSphere Application Server configuration group for this cell as its default Unix System Services group. Also specify a valid UID for this user ID.
Avoid trouble Avoid trouble: If you run the RACF job in the Program Management Tool, the controller ID, the servant ID, and the administrator ID are automatically added to the configuration group. If you do not run the RACF job in the Profile Management Tool, you must explicitly add these IDs to the configuration group for the deployment manager to enable the controller to remove temporary directories and files that the servant creates.gotcha
Unauthenticated User ID (zAdminUnauthenticatedUserid)
Enter a valid SAF user ID which will be associated with unauthenticated client requests. Also specify a valid UID for this user ID.

Security customization - WebSphere-managed security

For this security option, you must choose an administrator user ID and password.

Administrator user ID (adminUserName)
Enter an alphanumeric user ID which you will use to log on to the administrative console and perform administrative tasks. This user ID and its password will initially be the only entry in the file-based user registry.
Administrator password (adminPassword)
This password must not be blank.

Security Customization - no security

For this security option, there are no other choices to make. Your WebSphere Application Server environment will not be secured until you configure and enable security manually.




Related reference
z/OS Profile Management Command Line tool sample response file: Network Deployment manager
Reference topic Reference topic    

Terms and conditions for information centers | Feedback

Last updatedLast updated: Aug 31, 2013 2:56:59 AM CDT
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=pix&product=was-nd-dist&topic=rins_defvar3def_cmdl
File name: rins_defvar3def_cmdl.html