Universal Broker for z/OS
Started Task
The following figure illustrates the JCL procedure for the Universal Broker started task. UBROKER is the member name of this JCL procedure in the Universal Agent sample library (SUNVSAMP).
DD Statements used in JCL Procedure
The following table describes the DD statements used in the Universal Broker for z/OS JCL procedure, above.
ddname | DCB Attributes | Mode | Description |
---|---|---|---|
STEPLIB | DSORG=PO, | input | Universal Agent load library containing the program being executed. |
UNVCONF | DSORG=PO, | input | Configuration members for all Universal Agent components. |
UNVCOMP | DSORG=PO, | input | Universal Broker component definition PDS. |
UNVRFC | DSORG=PS, | input | SAP RFC file used by Universal Connector. |
UNVNLS | DSORG=PO, | input | Universal Agent national language support library. Contains message catalogs and code page translation tables. |
UNVTMPL | DSORG=PO, | input | Universal Agent configuration template library. |
UNVKSTR | DSORG=PO, | input, output | Universal Broker Keystore data set. |
UNVCREF | DSORG=PO, | input | Universal Command Server command reference PDS. |
UNVDB | DSNTYPE=HFS | input, output | Universal Broker database. Note This ddname is not used if zFS data sets are used instead of HFS data sets. |
UNVSPOOL | DSNTYPE=HFS | input, output | Universal Agent spool database. Note This ddname is not used if zFS data sets are used instead of HFS data sets. |
UNVTRACE | DSORG=PO, | output | Universal Agent trace PDS. This ddname is used only if UNVTRMDL is not defined. |
UNVTRMDL | DSORG=PS, | output | Universal Agent trace model data set. The data set name is used as the high-level qualifier of the dynamically allocated trace data sets. |
UNVLOG | DSORG=PS, | output | Universal Broker message destination ddname when option MESSAGE_DESTINATION value is LOGFILE. |
SYSPRINT | DSORG=PS, | output | Standard output file for the UBROKER program. |
SYSOUT | DSORG=PS, | output | Standard error file for the UBROKER program. |
SYSIN | DSORG=PS, | input | Standard input file for the UBROKER program. |
Started Task System Commands
The Universal Broker started task is managed using the following z/OS system commands. For a complete description of z/OS system commands, refer to the IBM z/OS MVS System Commands manual.
START Command
The START system command starts the Universal Broker started task.
S UBROKER
STOP Command
The STOP system command stops the Universal Broker started task.
P UBROKER
MODIFY Command
The MODIFY command sends the specified command option to the Universal Broker for processing.
The Universal Broker STC supports the following MODIFY commands.
F UBROKER,APPL=cmd
The following cmd values are supported.
| Refresh the Universal Broker configuration data. |
| Display the Universal Automation Center Agent (UAG) SMF exit status. Syntax:
|
| Close the active UAG agent log data set and opens a new one. |
TRACE Command
The TRACE command turns tracing on (the default), off or closes the active trace dataset and opens a new one.
F <ubroker>,APPL=UAG,TRACE [ ,ON | , OFF | ,SWITCH }
z/OS Console Commands
F <ubroker>,APPL=UAG,PRIMARY
This command causes an agent that is running in Sysplex Secondary mode to become a Primary agent until it is restarted or otherwise caused to become a Secondary agent.
If the agent is not running in Secondary mode, or a Primary agent is already active with the same system ID, the command will fail.
F <ubroker>,APPL=UAG,SECONDARY
This command causes an agent that is running in Sysplex Primary mode to become a Secondary agent until it is restarted or otherwise caused to become a Primary agent.
If the agent is not running in Primary mode, the command will fail.
F <ubroker>,APPL=SHUTDOWN, [ FAILOVER [ ,<sysname> ] | NOFAILOVER ]
When issued against a Secondary agent | This command behaves like the z/OS STOP command (P <ubroker>). |
When issued against a Primary agent | This command shuts down the Broker (and agent) while controlling the Sysplex failover behaviour: |
When issued without the FAILOVER or NOFAILOVER parameter | Failover will behave as configured by the automatic_failover parameter in UAGCFG00. |
When FAILOVER Is specified | An available Secondary agent will take over as Primary, regardless of how failover is configured. When the optional < |
When NOFAILOVER Is specified | No Secondary agent will take over as Primary, regardless of how failover is configured. |
Note
Behaviour of the z/OS STOP console command with failover is identical to the F <ubroker>,APPL=SHUTDOWN command with no other parameters.
Configuration
Universal Broker reads configuration options only from the Universal Broker configuration file, which is allocated to ddname UNVCONF.
Configuration Options
The following table identifies all of the Universal Broker for z/OS configuration options. Each Option Name is a link to detailed information about that option.
Option Name | Description |
Specification for whether or not product activity monitoring events are generated. | |
Path to PEM formatted trusted CA X.509 certificates. | |
Path to Broker's PEM formatted X.509 certificate. | |
Number of days prior to certificate expiration to begin issuing informational messages about the expiration. | |
Path to PEM formatted CRL. | |
Text translation code page. | |
Component interface backlog size for pending connection requests. | |
SSL/TLS cipher list for the control sessions. | |
Time-out for DNS cache. | |
Events to be generated as persistent event records. | |
Location where messages are written. | |
Language of written messages. | |
Level of messages written. | |
Minimum SSL/TLS protocol level that will be negotiated and used for communications channels. | |
Duration of a monitoring event record in the Universal Broker local UES database. | |
HFS or zFS database mount directory. | |
HFS or zFS permission mode for MOUNT_POINT. | |
List of message IDs representing Universal messages to be suppressed. | |
Duration of a persistent event record in the Universal Broker local UES database. | |
Path to Broker's PEM formatted RSA private key. | |
Password for the Broker's PRIVATE_KEY. | |
REQ_USAP_CONN | Number of SAP connections that Universal Broker will request from a pool of connections permitted by your Universal Agent license. |
Specification whether or not Universal Broker will enforce the use of SSL/TLS connections by the clients (managers) of Universal Command Server and Universal Data Mover Server, | |
Specification for whether or not the Start Component request is retryable when the maximum number of components are running. | |
Maximum number of simultaneous components. | |
SAF certificate key ring name. | |
SAF certificate key ring label. | |
Service interface backlog size for pending connection requests. | |
TCP/IP address on which the Broker listens. | |
TCP/IP port number on which the Broker listens. | |
SHARED_MOUNT_POINT | zFS database shared mount directory. |
SHARED_MOUNT_POINT_MODE | zFS permission mode for SHARED_MOUNT_POINT. |
UNVACTRT SMF exit load library. | |
SSL/TLS implementation. | |
Role that Universal Broker will perform in a Sysplex configuration. | |
Broker running on a system (O/S image). | |
z/OS UNIX directory name for temporary files. | |
Maximum number of lines written to the trace file. | |
Memory trace table specification. | |
Absolute path to the UCMD external link that was created manually on the USS file system to support disabling the UID 0 requirement for the Universal Broker started task. | |
Support for Universal Command started tasks. | |
Absolute path to the UCTL external link that was created manually on the USS file system to support disabling the UID 0 requirement for the Universal Broker started task. | |
HFS or zFS data set used for the Universal Broker's databases. | |
HFS or zFS data set used for the Universal Broker's spool. | |
Absolute path to the USAP external link that was created manually on the USS file system to support disabling the UID 0 requirement for the Universal Broker started task. |
Component Management
Universal Broker is aware only of Universal Agent components that have been defined. It is the responsibility of Universal Broker to start, stop, and query these defined components.
One of the steps in the installation of a component is defining it to the local Universal Broker. These component definitions provide Universal Broker with the necessary information that it needs to manage the components.
Component Definitions
Component definitions are text files that define Universal Agent components to the Universal Broker. All z/OS component definition files are located in the Universal Broker component definition library UNVCOMP allocated to the UNVCOMP ddname.
The syntax of a component definition file is the same as the Universal Broker configuration file.
The following table identifies all of the options that comprise Universal Agent for z/OS component definitions. Each Option Name is a link to detailed information about that option.
Option Name | Description |
---|---|
Specification for whether the component automatically starts by the Universal Broker at start-up time or only on demand. | |
Name by which clients know the component. | |
Type of component. | |
Component's configuration file name. | |
Specification for whether or not the component should be restarted if it ends. | |
Exit conditions criteria for which the server is considered eligible for restart. | |
Number of seconds to wait before restarting. | |
Maximum frequency a server can be restarted. | |
Maximum number of this component that can run simultaneously. | |
Component program member name. | |
Path used as the working directory of the component. | |
* These options are required in the component definitions. |
Universal Access Control List
The Universal Broker uses the Universal Access Control List (UACL) file as an extra layer of security. The UACL file contains Universal Broker entries that contain Access Control List (ACL) rules that permit or deny access to the Universal Broker.
The Universal Broker reads in the UACL entries when the program is started. If the UACL file is changed, the new entries can be activated by recycling the Broker or by sending the Universal Broker a Universal Control REFRESH command that will instruct the Universal Broker to reread all its configuration files including the UACL file.
UACL Entries
The syntax of a UACL entry file is the same as the Universal Broker configuration file.
The following table identifies all UACL entries for Universal Broker for z/OS. Each UACL Entry Name is a link to detailed information about that option.
UACL Entry Name | Description |
---|---|
Allows or denies access to Universal Broker services. | |
Maps a client X.509 certificate to a certificate identifier. | |
Controls which Universal Enterprise Controller has read and delete access to the Universal Event Subsystem event data maintained by the Universal Broker. | |
Authorizes update access to the product configuration files and setting of the configuration managed mode of the Broker. |