April 14, 2015

Middleware / application testing - operating system, hypervisor and hardware

After the IBM statement of directions to support KVM on System z I've been asked many times for a criteria if a certain ISV software or customer solution needs to be retested or not. As in performance the answer is: it depends. Basically there are two / four different types of applications / products to consider
  1. No retesting needed - certified and tested towards the operating system:
    Applications that use a standard API only, like Java or standard library functions that don't need and exploit the visibility of the underlying (virtualized) hardware.
  2. Retesting recommended - certified and tested towards the operating system:
    Applications that do interact with virtualized hardware to a certain extend e.g. accessing raw devices.
  3. Retesting and some coding needed - certified and tested towards the operating system and the virtualization layer:
    Applications that actively interact with the hypervisor, e.g. by vmcp commands under z/VM. They then needs an equivalent implementation of that kind of functionality for every type of virtualization. Other examles are the use of zLinux hypfs (hypervisor file system) or using the hypervisor details surfaced in /proc/sysinfo.
  4. Retesting and additional code for the hypervisor needed - certified and tested towards the operating system and the virtualization layer:
    Applications that need hooks and special interfaces into the hypervisor e.g. for monitoring or systems management. Every new hypervisor will require new code as e.g. the reported performance metrics and systems management interfaces are different
For Linux on the mainframe today there is only z/VM and LPAR. And z/VM is really virtualizing the hardware in a 1:1 fashion as good as possible (with a lot of firmware and hardware support to keep the overhead to minimal levels).  For such a hardware virtualization the category #2 is nearly not existent. If there is no active interaction with hypervisor, no retesting is needed.
KVM has the concept of new virtual devices with new device names, so some products from #1 are going to slip into category #2.

(updated 4/15/2015)

March 19, 2015

SUSE Linux Enterprise Server 12 (SLES 12) released

In November last year SUSE has announced the availability of their next major distribution release SUSE Linux Enterprise Server (SLES 12). It's an interesting change in strategy that SUSE chose to release it after the competing RHEL 7 distribution. In the past SUSE has always been first to the market.

Here is a the usual list of interesting information links:
SUSE has released the first maintenance web kernel for SLES12  (kernel-default-3.12.36-38.1.s390x.rpm)
It contains quite some fixes that you really want to have on your system.

March 18, 2015


In January IBM announced the new version of the mainframe called z13.  As of March 9th 2015 the successor of the zEC12 is officially available.

z13 glas model - photo Michael Storzer

This machine has many new features that I will cover in separate blog posts. The full advantages from all of them will become available with more and more exploitation and adaptions during the next year.

From a Linux perspective the IBM tested platforms has been updated to include z13.
Please check the minimum and recommended kernel levels to ensure a smooth upgrade to z13!

Also Red Hat and SUSE updated their web sites to include the certifications:
From a z/VM perspective only z/VM 6.2 and z/VM 6.3 is being supported. But you need to install the required service before updating the hardware! Exploitation will only come with z/VM 6.3, so please plan for upgrades! And there is no z/VM 5.4 support any more. 

Warning: Unsupported Linux releases and/or missing z/VM serice may lead to virtual server failures.

Other useful links:
(updated 5/22/2015)

March 7, 2015

Red Hat Enterprise Linux 7.1 released

On March 5th 2015 Red Hat released the first update of their RHEL 7 operating system. 

The kernel level for 7.1 is kernel-3.10.0-229.el7. The number of technology previews for System z has been greatly reduced, successful testing allows now support for those features.

Here is my usual summary of links to more information:
As this is a brand new release there are some hick ups aka bugs to be expected. If you are hitting one, please open a bug report with Red Hat and/or IBM.

(updated 3/18/2015) 

February 19, 2015

Problem with the latest crypto device driver updates on RHEL 6.6 / SLES 11.3 on older hardware

With the introduction of the code for more crypto domains (required for z13) into the service streams of RHEL 6.6 (kernel 2.6.32-504-3.3 and 2.6.32-504.8.1), SLES 11.3 (kernel 3.0.101-42-1) and SLES12 (kernel 3.12.32-33.1) an unfortunate regression has been introduced. The crypto card support for z196 / z114 and older machines is no longer working with the new code. If you h

This has been fixed in the following kernel levels.
(updated 4/23/2015)

January 26, 2015

Fedora 21 for IBM System z released

The new Fedora 21 for System z / s390x was released 12/18/2014. Thanks to the Fedora team for this time adding additional packages! 

The download is available from the Fedoraproject site and the respective mirrors and known issues  are covered in the wiki.

November 14, 2014

New Whitepaper "IBM Cognos Business Intelligence 10.2.1 for Linux on System z - Performance and z/VM Resource Management"

IBM Cognos Business Intelligence is an interesting workload for zLinux environments. This new whitepaper covers setup and some of the performance and tuning aspects for this in a zLinux / z/VM environment.
As an add on it also takes a look at the z/VM resource manager (VMRM) for helping to distribute the CPU capacity between competing workloads.

October 15, 2014

Red Hat Enterprise Linux 6.6 released

It's been an unusual long time between releases - but now nearly eleven months after the last release Red Hat has announced the availability of RHEL 6.6. The kernel level is now kernel-2.6.32-504.el6, for the main bug fixes see the kernel update description.

As usual there are the release notes and the technical notes in two separate documents. The complete documentation can be reached from the Red Hat documentation page.

For System z this has been a mainly a fix release. Only a few small enhancements have been added all described in the technical notes. Here are some of them:
  • libhugetlbfs support for System z
  • crypto updates: libica, opencryptoki
  • read only sequential data set access avoiding ftp/nfs transfers from z/OS using the zdfs file system
The IBM documentation for RHEL 6.4 on developerworks still applies for this release.

October 14, 2014

New article: Using Linux on System z Hardware Cryptography with the PKCS#11 Cryoptography Stack

As a follow on to the Java crypto article there is a new one covering PKCS#11 and the System z hardware stack published in the EnterpriseTech Journal.
It explains what PKCS#11 is and how the API works and what methods are supported. Then it covers OpenCryptoki the open source implementation of PKCS#11 and how it's configured and used. This article is for everyone who is seeking better understanding of the exploitation of the hardware crypto facilities from Linux on System z.

October 7, 2014

IBM General Parallel File System (GPFS) available for Linux on System z

IBM has announced the availability of the General Parallel File System (GPFS) aka Elastic Storage for Linux on System z. It's the new 4.1 version and for zLinux the minimum distribution requirements are
  • RHEL 6.5 + latest z stream patches
  • RHEL 7.0
  • SLES 11 SP3 + latest maintenance patches 
 There is also a short Redbook solution guide available.