Universal Broker for IBM i
Currently, IBM i runs Workload Automation 5.1.1. These pages provide information for that version.
Configuration
Universal Broker reads configuration options only from the Universal Broker configuration file.
The Universal Broker configuration file is named UNVPRD511/UNVCONF(UBROKER). File UNVCONF is a physical source file located in the UNVPRD511 library. File member UBROKER contains the configuration options for the Universal Broker. File UNVCONF contains configuration members for the Workload Automation 5 for IBM i components. This file can be edited manually with any text editor.
Configuration Options
The following table identifies all of the Universal Broker for IBM i configuration options. Each Option Name is a link to detailed information about that option.
Option Name | Description |
Specification for whether or not product activity monitoring events are generated. | |
Path to PEM formatted trusted CA X.509 certificates. | |
Path to Broker's PEM formatted X.509 certificate. | |
Path to PEM formatted CRL. | |
Text translation code page. | |
SSL/TLS cipher list for the control sessions. | |
Time-out for DNS cache. | |
Events to be generated as persistent events. | |
Location where messages are written. | |
Language of written messages. | |
Level of messages written. | |
Minimum SSL protocol level that will be negotiated and used for communications channels. Note This option was introduced to IBM i in version 5.1.1.0. | |
Duration of a monitoring event record in the Universal Broker local UES database. | |
Duration of a persistent event record in the Universal Broker local UES database. | |
Path to Broker's PEM formatted RSA private key. | |
Password for the Broker's PRIVATE_KEY. | |
Specification for whether or not Universal Broker will enforce the use of SSL connections by the clients (managers) of Universal Command Server and Universal Data Mover Server, Note This option was introduced to IBM i in version 5.1.1.0. | |
Maximum number of simultaneous components. | |
Service interface backlog size for pending connection requests. | |
TCP/IP address on which the Broker listens. | |
TCP/IP port number on which the Broker listens. | |
Maximum number of lines written to the trace file. | |
Memory trace table specification. |
Component Management
Universal Broker is aware only of Universal Agent components that have been defined. It is the responsibility of Universal Broker to start, stop, and query these defined components.
One of the steps in the installation of a component is defining it to the local Universal Broker. These component definitions provide Universal Broker with the necessary information that it needs to manage the components.
Component Definitions
Component definitions are text files that define Universal Agent components to the Universal Broker. All IBM i component definitions are located in the source physical file UNVPRD511/UNVCOMP as individual members.
The syntax of a component definition file is the same as the Universal Broker configuration file.
The following table identifies all of the options that comprise Universal Agent for IBM i component definitions. Each Option Name is a link to detailed information about that option.
Option Name | Description |
---|---|
Specification for whether or not the component automatically starts by the Universal Broker at start-up time or only on demand. | |
Name by which clients know the component. | |
Type of component. | |
Component's configuration file name. | |
Specification for whether or not the component should be restarted if it ends. | |
Exit conditions criteria for which the server is considered eligible for restart. | |
Number of seconds to wait before restarting. | |
Maximum frequency a server can be restarted. | |
Maximum number of this component that can run simultaneously. | |
Component program name. | |
Path used as the working directory of the component. | |
* These options are required in the component definitions. |
Universal Access Control List
Universal Broker uses the Universal Access Control List (UACL) file as an extra layer of security. The UACL file contains Universal Broker entries that contain Access Control List (ACL) rules that permit or deny access to the Broker.
Universal Broker reads in the UACL entries when the program is started. If the UACL file is changed, the new entries can be activated either by:
- Stopping and starting Universal Broker.
- Sending Universal Broker a Universal Control REFRESH command, which instructs Universal Broker to reread all its configuration files, including the UACL file.
The IBM i REFRESH command is:
STRUCT REFRESH(*YES) HOST(hostname)
UACL Entries
The syntax of a UACL entry file is the same as the Universal Broker configuration file.
The following table identifies all Universal Broker for IBM i UACL entries. Each UACL Entry Name is a link to detailed information about that option.
UACL Entry Name | Description |
---|---|
Allows or denies access to Universal Broker services. | |
Maps a client X.509 certificate to a certificate identifier. | |
Controls which Universal Enterprise Controller has read and delete access to the Universal Event Subsystem event data maintained by the Universal Broker. | |
Authorizes update access to the product configuration files and setting of the configuration managed mode of the Universal Broker. |