Universal Broker for z/OS

Started Task

The following figure illustrates the JCL procedure for the Universal Broker started task. UBROKER is the member name of this JCL procedure in the Universal Agent sample library (SUNVSAMP).


DD Statements used in JCL Procedure

The following table describes the DD statements used in the Universal Broker for z/OS JCL procedure, above.

ddname

DCB Attributes

Mode

Description

STEPLIB

DSORG=PO,
RECFM=U

input

Universal Agent load library containing the program being executed.

UNVCONF

DSORG=PO,
RECFM=(F, FB, V, VB)

input

Configuration members for all Universal Agent components.

UNVCOMP

DSORG=PO,
RECFM=(F, FB, V, VB)

input

Universal Broker component definition PDS.

UNVRFC

DSORG=PS,
RECFM=(F, FB, V, VB)

input

SAP RFC file used by Universal Connector.

UNVNLS

DSORG=PO,
RECFM=(F, FB, V, VB)

input

Universal Agent national language support library. Contains message catalogs and code page translation tables.

UNVTMPL

DSORG=PO,
RECFM=(V, VB)

input

Universal Agent configuration template library.

UNVKSTR

DSORG=PO,
RECFM=(VB),
LRECL=2086 or above

input, output

Universal Broker Keystore data set.

UNVCREF

DSORG=PO,
RECFM=(F, FB, V, VB)

input

Universal Command Server command reference PDS.

UNVDB

DSNTYPE=HFS

input, output

Universal Broker database.
 

Note

This ddname is not used if zFS data sets are used instead of HFS data sets.

UNVSPOOL

DSNTYPE=HFS

input, output

Universal Agent spool database.
 

Note

This ddname is not used if zFS data sets are used instead of HFS data sets.

UNVTRACE

DSORG=PO,
RECFM=(F, FB, V, VB),
LRECL=256 or above.

output

Universal Agent trace PDS. This ddname is used only if UNVTRMDL is not defined.

UNVTRMDL

DSORG=PS,
RECFM=(F,FB,V,VB),
LRECL=256 or above.

output

Universal Agent trace model data set. The data set name is used as the high-level qualifier of the dynamically allocated trace data sets.

UNVLOG

DSORG=PS,
RECFM=(F,FB,V,VB),
LRECL=256 or above.

output

Universal Broker message destination ddname when option MESSAGE_DESTINATION value is LOGFILE.

SYSPRINT

DSORG=PS,
RECFM=(F, FB, V, VB)

output

Standard output file for the UBROKER program.

SYSOUT

DSORG=PS,
RECFM=(F, FB, V, VB)

output

Standard error file for the UBROKER program.

SYSIN

DSORG=PS,
RECFM=(F, FB, V, VB)

input

Standard input file for the UBROKER program.

Started Task System Commands

The Universal Broker started task is managed using the following z/OS system commands. For a complete description of z/OS system commands, refer to the IBM z/OS MVS System Commands manual.

START Command

The START system command starts the Universal Broker started task.

S UBROKER

STOP Command

The STOP system command stops the Universal Broker started task.

P UBROKER

MODIFY Command

The MODIFY command sends the specified command option to the Universal Broker for processing.

The Universal Broker STC supports the following MODIFY commands.

F UBROKER,APPL=cmd

The following cmd values are supported.

REFRESH

Refresh the Universal Broker configuration data.

UAG,STATUS

Display the Universal Automation Center Agent (UAG) SMF exit status.

Syntax: APPL=UAG,STATUS [ ALL | SMF | HCOM ]

  • STATUS and STATUS,SMF display the SMF exit data.
  • STATUS,HCOM displays the HCS High Common Storage information.
  • STATUS,ALL displays both.

UAG,LOGSWITCH

Close the active UAG agent log data set and opens a new one.

TRACE Command

The TRACE command turns tracing on (the default), off or closes the active trace dataset and opens a new one.

F <ubroker>,APPL=UAG,TRACE [ ,ON | , OFF | ,SWITCH }

z/OS Console Commands

F <ubroker>,APPL=UAG,PRIMARY

This command causes an agent that is running in Sysplex Secondary mode to become a Primary agent until it is restarted or otherwise caused to become a Secondary agent.

If the agent is not running in Secondary mode, or a Primary agent is already active with the same system ID, the command will fail.


F <ubroker>,APPL=UAG,SECONDARY

This command causes an agent that is running in Sysplex Primary mode to become a Secondary agent until it is restarted or otherwise caused to become a Primary agent.

If the agent is not running in Primary mode, the command will fail.


F <ubroker>,APPL=SHUTDOWN, [ FAILOVER [ ,<sysname> ] | NOFAILOVER ]

When issued against a Secondary agent

This command behaves like the z/OS STOP command (P <ubroker>).

When issued against a Primary agentThis command shuts down the Broker (and agent) while controlling the Sysplex failover behaviour:
When issued without the FAILOVER or NOFAILOVER parameter

Failover will behave as configured by the automatic_failover parameter in UAGCFG00.

When FAILOVER Is specified

An available Secondary agent will take over as Primary, regardless of how failover is configured.

When the optional <sysname> is specified, the agent running on the designated z/OS system will take over as Primary agent regardless of how fail over is configured.

When NOFAILOVER Is specifiedNo Secondary agent will take over as Primary, regardless of how failover is configured.

Note

Behaviour of the z/OS STOP console command with failover is identical to the F <ubroker>,APPL=SHUTDOWN command with no other parameters.

Configuration

Universal Broker reads configuration options only from the Universal Broker configuration file, which is allocated to ddname UNVCONF.

Configuration Options

The following table identifies all of the Universal Broker for z/OS configuration options. Each Option Name is a link to detailed information about that option.

Option Name

Description

ACTIVITY_MONITORING

Specification for whether or not product activity monitoring events are generated.

CA_CERTIFICATES

Path to PEM formatted trusted CA X.509 certificates.

CERTIFICATE

Path to Broker's PEM formatted X.509 certificate.

CERTIFICATE_EXPIRATION_NOTICE

Number of days prior to certificate expiration to begin issuing informational messages about the expiration.

CERTIFICATE_REVOCATION_LIST

Path to PEM formatted CRL.

CODE_PAGE

Text translation code page.

COMPONENT_BACKLOG

Component interface backlog size for pending connection requests.

CTL_SSL_CIPHER_LIST

SSL/TLS cipher list for the control sessions.

DNS_CACHE_TIMEOUT

Time-out for DNS cache.

EVENT_GENERATION

Events to be generated as persistent event records.

MESSAGE_DESTINATION

Location where messages are written.

MESSAGE_LANGUAGE

Language of written messages.

MESSAGE_LEVEL

Level of messages written.

MIN_SSL_PROTOCOL

Minimum SSL/TLS protocol level that will be negotiated and used for communications channels.

MONITOR_EVENT_EXPIRATION

Duration of a monitoring event record in the Universal Broker local UES database.

MOUNT_POINT

HFS or zFS database mount directory.

MOUNT_POINT_MODE

HFS or zFS permission mode for MOUNT_POINT.

MSG_SUPPRESSION_LIST

List of message IDs representing Universal messages to be suppressed.

PERSISTENT_EVENT_EXPIRATION

Duration of a persistent event record in the Universal Broker local UES database.

PRIVATE_KEY

Path to Broker's PEM formatted RSA private key.

PRIVATE_KEY_PWD

Password for the Broker's PRIVATE_KEY.

REQ_USAP_CONNNumber of SAP connections that Universal Broker will request from a pool of connections permitted by your Universal Agent license.

REQUIRE_SSL

Specification whether or not Universal Broker will enforce the use of SSL/TLS connections by the clients (managers) of Universal Command Server and Universal Data Mover Server,

RETRY_MAX_COMP

Specification for whether or not the Start Component request is retryable when the maximum number of components are running.

RUNNING_MAX

Maximum number of simultaneous components.

SAF_KEY_RING

SAF certificate key ring name.

SAF_KEY_RING_LABEL

SAF certificate key ring label.

SERVICE_BACKLOG

Service interface backlog size for pending connection requests.

SERVICE_IP_ADDRESS

TCP/IP address on which the Broker listens.

SERVICE_PORT

TCP/IP port number on which the Broker listens.

SHARED_MOUNT_POINT zFS database shared mount directory.
SHARED_MOUNT_POINT_MODE zFS permission mode for SHARED_MOUNT_POINT.

SMF_EXIT_LOAD_LIBRARY

UNVACTRT SMF exit load library.

SSL_IMPLEMENTATION

SSL/TLS implementation.

SYSPLEX_ROLE

Role that Universal Broker will perform in a Sysplex configuration.

SYSTEM_ID

Broker running on a system (O/S image).

TMP_DIRECTORY

z/OS UNIX directory name for temporary files.

TRACE_FILE_LINES

Maximum number of lines written to the trace file.

TRACE_TABLE

Memory trace table specification.

UCMD_PATH

Absolute path to the UCMD external link that was created manually on the USS file system to support disabling the UID 0 requirement for the Universal Broker started task.

UCMD_STC_SUPPORT

Support for Universal Command started tasks.

UCTL_PATH

Absolute path to the UCTL external link that was created manually on the USS file system to support disabling the UID 0 requirement for the Universal Broker started task.

UNIX_DB_DATA_SET

HFS or zFS data set used for the Universal Broker's databases.

UNIX_SPOOL_DATA_SET

HFS or zFS data set used for the Universal Broker's spool.

USAP_PATH

Absolute path to the USAP external link that was created manually on the USS file system to support disabling the UID 0 requirement for the Universal Broker started task.

Component Management

Universal Broker is aware only of Universal Agent components that have been defined. It is the responsibility of Universal Broker to start, stop, and query these defined components.

One of the steps in the installation of a component is defining it to the local Universal Broker. These component definitions provide Universal Broker with the necessary information that it needs to manage the components.

Component Definitions

Component definitions are text files that define Universal Agent components to the Universal Broker. All z/OS component definition files are located in the Universal Broker component definition library UNVCOMP allocated to the UNVCOMP ddname.

The syntax of a component definition file is the same as the Universal Broker configuration file.

The following table identifies all of the options that comprise Universal Agent for z/OS component definitions. Each Option Name is a link to detailed information about that option.

Option Name

Description

AUTOMATICALLY_START

Specification for whether the component automatically starts by the Universal Broker at start-up time or only on demand.

COMPONENT_NAME

Name by which clients know the component.

COMPONENT_TYPE

Type of component.

CONFIGURATION_FILE *

Component's configuration file name.

RESTART

Specification for whether or not the component should be restarted if it ends.

RESTART_CONDITIONS

Exit conditions criteria for which the server is considered eligible for restart.

RESTART_DELAY

Number of seconds to wait before restarting.

RESTART_MAX_FREQUENCY

Maximum frequency a server can be restarted.

RUNNING_MAXIMUM

Maximum number of this component that can run simultaneously.

START_COMMAND *

Component program member name.

WORKING_DIRECTORY *

Path used as the working directory of the component.

* These options are required in the component definitions.


Universal Access Control List

The Universal Broker uses the Universal Access Control List (UACL) file as an extra layer of security. The UACL file contains Universal Broker entries that contain Access Control List (ACL) rules that permit or deny access to the Universal Broker.

The Universal Broker reads in the UACL entries when the program is started. If the UACL file is changed, the new entries can be activated by recycling the Broker or by sending the Universal Broker a Universal Control REFRESH command that will instruct the Universal Broker to reread all its configuration files including the UACL file.

UACL Entries

The syntax of a UACL entry file is the same as the Universal Broker configuration file.

The following table identifies all UACL entries for Universal Broker for z/OS. Each UACL Entry Name is a link to detailed information about that option.

UACL Entry Name

Description

UBROKER_ACCESS

Allows or denies access to Universal Broker services.

CERT_MAP

Maps a client X.509 certificate to a certificate identifier.

EVENT_ACCESS

Controls which Universal Enterprise Controller has read and delete access to the Universal Event Subsystem event data maintained by the Universal Broker.

REMOTE_CONFIG_ACCESS

Authorizes update access to the product configuration files and setting of the configuration managed mode of the Broker.