
Process types on z/OS
For the Liberty runtime environment on the z/OS® platform, there are two types of process: the server process and the angel process.
- Server process (bbgzsrv)
- The server process is a Java™ virtual machine (JVM) running
the Liberty code in much the same way as it
does on any other operating system. You can start the server process either from the MVS™ operator console by using the angel
process or from the shell. How a user identity is associated and validated depends on how you
start the server:
- If you start the server from an operator console, the identity that is associated with the STARTED profile created by using a z/OS security product such as RACF® is used to control server access: start bbgzsrv,parms='defaultServer'
- If you start the server from the shell, you must also stop the server from the shell. The
identity of the shell is used for the server:
- server start
- server stop
- The JVM start options for the server process can come from three sources:
- If you define a file name in the JAVAOPTS DD in the procedure for the server process, Java command-line arguments are read from this file.
- If you do not define a file name in the JAVAOPTS DD, Java command-line arguments are read from the jvm.options file in the server configuration directory.
- If the jvm.options file does not exist, the JVM uses the value of the IBM_JAVA_OPTIONS environment variable.
- Angel process (bbgzangl)
- The angel process runs in an authorized key and provides facilities to server process to load and access system services in a way that protects the integrity of the operating system. You start the angel process from the MVS console by using a proc.
All Liberty servers that are running on a z/OS image can share a single angel, regardless of the level of code that the servers are running.The angel exists independently of the server.
Use this MODIFY command to give a list of all the servers that are using a particular angel process.
MODIFY [jobname.]identifier,display,servers
Use the following MODIFY command to give a list of all the angel processes that are running on the system.
MODIFY [jobname.]identifier,display,angels
Use the following MODIFY command to get the version of the angel process that is running on the system.
MODIFY [jobname.]identifier,version
The following table provides a list of angel version numbers and the product level in which each angel first occurred.
Angel version Product level 1 8.5.0.1 2 8.5.5.2 3 8.5.5.9 4 16.0.0.2 5 16.0.0.4 6 17.0.0.1 7 17.0.0.2 - If no z/OS system authorized services are enabled for any server on a system, the angel does not need to be active. The angel process is not required for the command processing services (the command processing services uses unauthorized z/OS services for command support).
- If the server is configured to attempt to use authorized services but either the angel is not available, or if the effective owner of the process is not authorized to use the angel, the authorized service is not available to be used on that server. In some cases, an unauthorized service might be used instead. See Unauthorized services used by the SAF registry.
- You can prevent Liberty from starting in the absence of an angel process by adding the following statement to the ${server.config.dir}/bootstrap.properties file of your server:
com.ibm.ws.zos.core.angelRequired=true
With the com.ibm.ws.zos.core.angelRequired property set to true, Liberty aborts startup on detecting that it has not connected to an angel process. Similarly, when an angel process is running and connects to a Liberty process during Liberty startup, that Liberty process continues to start as usual. In this case, the property has no effect.
For more information, see Administering Liberty on z/OS.