Definitions for z/OS® Customization variables are
covered in this article.
This article lists definitions for the terms you see in the WebSphere® Application Server for z/OS Customization
tool.
The panels corresponding to the following tables set up the names,
network configuration, start procedures, and user IDs for a stand-alone
server.
Recommendation: Use the IBM® default
names the first time you install WebSphere Application
Server for z/OS to make the installation instructions easier
to follow.
System Locations
This section identifies the
target z/OS system on which you will configure the
new stand-alone application server, along with system data set names.
- System name
- The system name for the target z/OS system
on which you will configure WebSphere Application Server
for z/OS.
- Sysplex name
- The sysplex name for the target z/OS system
on which you will configure WebSphere Application Server
for z/OS.
Tip: If you are not sure what
the system name (&SYSNAME) and sysplex name (&SYSPLEX) are,
use the console command D SYMBOLS on the target z/OS system
to display them.
For the following, specify the fully qualified data
set names without quotes.
Rule: You can specify up to
44 characters for the data set names.
- PROCLIB
- An existing procedure library where the WebSphere Application
Server for z/OS cataloged procedures are added.
WebSphere Application Server for z/OS product
data sets
Specify the following WebSphere Application
Server for z/OS libraries so they can be accessed by the
customized jobstreams the tool produces. These data sets must be cataloged.
See
Product data sets for more information.
- Run WebSphere Application Server from STEPLIB
(Y/N)?
- Specifies whether to load WebSphere Application Server
for z/OS load modules from STEPLIB ("Y") or from
the link pack area and link list ("N"). See Link pack area, link list, and STEPLIB for more information.
Note: Specify
"Y" if you have another instance of WebSphere Application
Server for z/OS (Version 4 or later) in the system link
pack area or link list.
- SBBOLPA
- WebSphere Application Server for z/OS load
module library. It has modules that should go into LPA or the location
service daemon STEPLIB.
- SBBOLOAD
- WebSphere Application Server for z/OS 31-bit
load module library. It has members that should go into the link list
or LPA, or into STEPLIB.
- SBBGLOAD
- WebSphere Application Server for z/OS 64-bit
load module library. It has members that should go into the link list
or LPA, or into STEPLIB.
- SBBOLD2
- WebSphere Application Server for z/OS load
module library that you installed through SMP/E. It has members that
should go into the link list, or into STEPLIB. DO NOT place
them in LPA.
- SBBOEXEC
- WebSphere Application Server for z/OS CLIST
library.
- SBBOMSG
- SBBOMSG WebSphere Application Server for z/OS message
skeletons for language translation.
Location of file system resident
components
- WebSphere Application Server product directory
- The name of the directory where WebSphere Application
Server for z/OS files reside after installation. See Product file system for
more information.
WebSphere configuration file system
This
section defines the WebSphere configuration file
system that you will use for the stand-alone application server. See
Configuration file system for
more information.
- Mount point
- Read/write file system directory mount point where application
data and environment files are written. The customization process
creates this mount point if it does not already exist.
- Name
- File System data set you will create and mount at the above mount
point.
Rule: You can specify up to 44 characters for the
data set name.
- Volume, or '*' for SMS
- Specify either the DASD volume serial number to contain the above
data set or "*" to let SMS select a volume. Using "*" requires that
SMS automatic class selection (ACS) routines be in place to select
the volume. If you do not have SMS set up to handle data set allocation
automatically, list the volume explicitly.
- Primary allocation in cylinders
- Initial size allocation in cylinders for the above data set.
Recommendation:
The minimum suggested size is 420 cylinders (3390).
- Secondary allocation in cylinders
- Size of each secondary extent in cylinders.
Recommendation:
The minimum suggested size is 100 cylinders.
- File system type (HFS or ZFS)
- This is the type of file system that will be used when creating
the WebSphere for z/OS configuration
file system. The default is HFS.
WebSphere error
log stream
This section defines the System Logger log stream
that you will use for WebSphere Application Server
for z/OS error logging if TRACEBUFFLOC=BUFFER. Having
the error log in the log stream is optional. By default, the error
log is written to JES SYSOUT.
- Name
- Name of the WebSphere error log stream you will create.
Rules:
- The name must be 26 or fewer characters.
- Do NOT put quotes around the name.
Ctrace Writer Definitions
WebSphere application Server for z/OS uses
component trace (CTRACE) to capture and to display trace data in trace
data sets. WebSphere Application Server for z/OS identifies
itself to CTRACE with the cell short name.
- Trace Parmlib member suffix
- Value that is appended to CTIBBO to form the member name for the
Trace parmlib member.
Server customization
- WebSphere Application Server home directory
- Directory in which the application server configuration resides.
See Configuration file system for
more information.
Note: You can alter only the portion
after the configuration file system mount point.
- Cell name (short)
- Name that identifies the cell to z/OS facilities
such as SAF.
Rules:
- Name must be eight or fewer characters and all uppercase.
- Name must be unique among all other cells in the sysplex.
- Cell name (long)
- Primary external identification of this WebSphere Application
Server for z/OS cell. This name identifies the cell as
displayed through the administrative console.
Note: If
you intend to ever add this stand-alone server node to a Network Deployment
cell, ensure that the stand-alone server cell name is different from
the Network Deployment cell name.
Rules:
- Name must be 50 or fewer characters and can be of mixed case.
- Name must be unique among all other cells in the sysplex.
- Node name (short)
- Name that identifies the node to z/OS facilities
such as SAF.
Rules:
- Name must be eight or fewer characters and all uppercase.
- Name must be unique within the cell.
- Node name (long)
- Primary external identification of this WebSphere Application
Server for z/OS node. This name identifies the node as
displayed through the administrative console.
Note: If
you intend to ever add this stand-alone server node to a deployment
manager cell, ensure that the stand-alone server node name is not
the same as that of any existing node in the Network Deployment cell.
Rules:
- Name must be 50 or fewer characters and can be of mixed case.
- Name must be unique within the cell.
- The application server must be defined on its own node; no other
server can exist on the same node as the application server.
- Server name (short)
- This value identifies the server to z/OS facilities
such as SAF.
Note: The server short name is also used
as the server JOBNAME.
Rule: Name must usually contain
seven or fewer all-uppercase characters. If you want to instead specify
eight characters, you must follow the steps outlined in the "Converting
a 7-character server short name to 8 characters" article in the information
center.
- Server name (long)
- Name of the application server and the primary external identification
of this WebSphere Application Server for z/OS server.
This name identifies the server as displayed through the administrative
console.
Rule: Name must be 50 or fewer characters and can
be of mixed case.
- Cluster transition name
- WLM APPLENV (WLM application environment) name for this server.
Note: If this server is converted into a clustered server, this
name becomes the cluster short name. The cluster short name is the
WLM APPLENV name for all servers that are part of the same cluster.
Rule: Name must be eight or
fewer characters and all uppercase.
- Admin asynch operations procedure name
- Specifies the JCL procedure name of a started task that is launched
by way of the START command by node agents or application servers
to perform certain asynchronous administrative operations (such as
node synchronization) and add and remove a node.
- Asychronous administration userid
- This user ID is used to run asynchronous administration operations
procedure. It must be a member of the WebSphere Application
Server configuration group.
- Install samples? (Y/N)
- Specify whether you do ("Y") or do not ("N") want to install the WebSphere Application Server for z/OS sample
applications (the Samples Gallery).
Note: These applications are not
supported in a Network Deployment cell.
Server address space information
This section
defines the cataloged procedures and associated user IDs for the server
regions.
Rule: In the following,
unless specified otherwise, names must be eight or fewer characters.
Note: If
you want to specify job names with eight instead of seven characters,
you must follow the steps outlined in the "Converting a 7-character
server short name to 8 characters" article in the information center.
Controller
Information
- Jobname
- The jobname, specified in the MVS™ START
command JOBNAME parameter, associated with the application server
controller. This is the same as the server short name and it cannot
be changed through the Customization tool.
- Procedure name
- Name of member in your procedure library to start the application
server controller.
Rule: Name must be seven or fewer characters.
- User ID
- The user ID associated with the application server controller.
Note: If you are using a non-IBM security system, the user ID
might have to match the procedure name. Please refer to your security
system's documentation.
- UID
- The user identifier associated with this user ID.
Rule: UIDs
must be unique numbers, between 1 and 2,147,483,647, within the system.
Servant Information
- Jobname
- The jobname used by WLM to start the application server servant.
This is set to the server short name, followed by the letter "S",
and it cannot be changed through the Customization tool.
- Procedure name
- Name of member in your procedure library to start the application
server servant.
Rule: Name must be seven or fewer characters.
- User ID
- The user ID associated with the application server servant.
Note: If you are using a non-IBM security system, the user ID
might have to match the procedure name. Please refer to your security
system's documentation.
- UID
- The user identifier associated with this user ID.
Rule: UIDs
must be unique numbers between 1 and 2,147,483,647 within the system.
Control Region Adjunct
- Jobname
- The jobname used by WLM to start the application server control
region adjunct. This is set to the server short name followed by the
letter "A", and it cannot be changed through the Customization tool.
- Procedure name
- Name of the member in your procedure library that starts the control
region adjunct.
Rule: Name must be seven or fewer characters.
- User ID
- The user ID associated with the control region adjunct.
Note: If
you use a non-IBM security system, the user ID might have to match
the procedure name. Please refer to your security system's documentation
for more information.
- UID
- The user identifier associated with this user ID.
Rule: UIDs
must be unique numbers, between 1 and 2,147,483,647, within the system.
Server TCP/IP information
Note: Do
not choose port values already in use.
- Node host name
- IP name or address of the system on which the server is configured.
This value is used by other WebSphere Application Server
for z/OS functions to connect to this server.
Note: The node host name must always resolve to an IP stack
on the system where the application server runs. The node host name
cannot be a DVIPA or a DNS name that, in any other way, causes the
direction of requests to more than one system.
- SOAP JMX Connector port
- Port number for the JMX HTTP connection to this server based on
the SOAP protocol. JMX is used for remote administrative functions,
such as invoking scripts through wsadmin.sh.
Rule: Value
cannot be 0.
- ORB Listener IP name
- IP address on which the server's ORB listens for incoming IIOP
requests. The default is "*", which instructs the ORB to listen on
all available IP addresses.
- ORB port
- Port for IIOP requests that acts as the bootstrap port for this
server and also as the port through which the ORB accepts IIOP requests.
Rule: Value
cannot be 0.
- ORB SSL port
- Port for secure IIOP requests. The default is "0", which allows
the system to choose this port.
- HTTP transport IP name
- IP address on which the server's Web container should listen for
incoming HTTP requests. The default is "*", which instructs the Web
container to listen on all available IP addresses.
Note: The
"transport host name" becomes the "hostname" in the virtualhosts.xml
file, which makes setting a specific IP address here less than ideal
because, if you do so, you are restricting yourself to that IP address
until you go into the administrative console and add another virtual
host.
- Administrative console port
- Port for HTTP requests to the administrative console.
- Administrative console secure port
- Port for secure HTTP requests to the administrative console.
- HTTP transport port
- Port for HTTP requests.
Rule: Value cannot be 0.
- HTTPS Transport port
- Port for secure HTTP requests.
Rule: Value cannot be
0.
- High Availability Manager Communication Port
- Port on which the High Availability Manager listens.
Rule: Value
cannot be 0.
- Service Integration port
- Port for service-integration requests.
Rule: Value cannot
be 0.
- Service Integration Secure port
- Port for secure service-integration requests.
Rule: Value
cannot be 0.
- Service Integration MQ Interoperability port
- Port for service-integration MQ interoperability requests.
Rule: Value
cannot be 0.
- Service Integration MQ Interoperability Secure port
- Port for secure service-integration MQ interoperability requests.
Rule: Value
cannot be 0.
- Session Initiation Protocol (SIP) port
- Session Initiation Protocol Secure port
Location service daemon
The location service
daemon is the initial point of client contact in WebSphere Application
Server for z/OS. The server contains the CORBA-based location
service agent, which places sessions in a cell. All RMI/IIOP IORs
(for example, for enterprise beans) establish connections to the location
service daemon first, then forward them to the target application
server.
- Daemon home directory
- Directory in which the location service daemon resides. This is
set to the configuration file system mount point/Daemon and cannot
be changed.
- Daemon jobname
- Specifies the jobname of the location service daemon, specified
in the JOBNAME parameter of the MVS start
command used to start the location service daemon.
Caution: When
configuring a new cell, be sure to choose a new daemon jobname value.
Note: A server automatically starts the location service daemon
if it is not already running.
- Procedure name
- Name of the member in your procedure library to start the location
service daemon.
Rule: Name must be seven or fewer characters.
- User ID
- The user ID associated with the location service daemon.
- UID
- The user identifier associated with this user ID.
Rule: UIDs
must be unique numbers, between 1 and 2,147,483,647, within the system.
- IP Name
- The fully qualified IP name, registered with the Domain Name Server
(DNS), that the location service daemon uses. The default is your
node host name.
Note:
- In a sysplex, you should consider using a virtual IP address (VIPA)
for the location service daemon IP name.
- Select the IP name for the location service daemon carefully.
Once you have chosen a name, it is difficult to change, even in the
middle of customization. This name must not be a numeric, such as,
3.7.2543.
- Daemon Listen IP
- The default value is *.
Rule: The default is * or a numeric
IP address.
- Port
- The port number on which the location service daemon listens.
Note: Select the port number for the location service daemon
carefully. You can choose any value you want, but, once chosen, it
is difficult to change, even in the middle of customization.
- SSL Port
- The port number on which the location service daemon listens for
SSL connections.
- Register daemon with WLM DNS
- If you use the WLM DNS (connection optimization), you must select
"Y" to register your location service daemon with it. Otherwise, select
"N."
Note: Only one location service daemon per LPAR can
register its domain name with WLM DNS. If you have multiple cells
in the same LPAR and register one location service daemon and then
a second, the second will fail to start.
SSL customization
If you
plan to enable Administrative Security at some point, as is recommended,
fill in the following SSL values:
- Certificate authority keylabel
- The name of the key label that identifies the certificate authority
(CA) to be used in generating server certificates.
- Generate Certificate Authority (CA) certificate
- Select "Y" to generate a new CA certificate. Select "N" to have
an existing CA certificate generate server certificates.
- Expiration date for CA authority
- The expiration date used for any X509 Certificate Authority certificates,
as well as the expiration date for the personal certificates generated
for WebSphere Application Server for z/OS servers.
You must specify this even if you selected "N" for "Generate Certificate
Authority (CA) certificate."
- Default RACF® keyring name
- The default name given to the RACF keyring
used by WebSphere Application Server for z/OS.
The keyring names created for repertoires are all the same within
a cell.
- Enable SSL on location service daemon
- Select "Y" if you want to support secure communications using
Inter-ORB Request Protocol (IIOP) to the location service daemon using
SSL. If you specify "Y", a RACF keyring will be generated
for the location service daemon to use.
Security Customization
During
the initial setup, you can choose one of the following three options
for administrative security.
- Option 1 - z/OS-managed security
- Use the z/OS system's SAF-compliant security database
to define WebSphere Application Server users. The
EJBROLE profile will be used to control role-based access to applications.
An administrator user ID and an unauthenticated user ID will be
created and defined in the security database. Select this option
if the WebSphere Application Server environment
will run entirely on z/OS with a shared SAF-compliant
(Local OS) user registry, or if you plan to implement a non-Local
OS user registry (such as LDAP) with mapping to SAF user IDs.
- Option 2 - WebSphere-managed security
- Use a simple file-based registry to define WebSphere Application
Server users. An administrator user ID will be created and defined
in the file-based registry.
- Option 3 - No security
- Do not enable administrative security. This option is not recommended.
Your WebSphere Application Server
environment will not be secured until you configure and enable security
manually.
Depending on the security option you choose, there
may be additional customization tool values you need to set.
Security customization - z/OS-managed
security
For this security option, you must decide whether
to set a security domain name, and choose an administrator user ID
and an unauthenticated (guest) user ID.
- Use security domain identifier in RACF profiles
- Set this to Y if you wish to include a security domain name in
certain SAF security checks (APPL, CBIND, EJBROLE). Enter a 1-8 security
domain name.
- Administrator user ID
- For Administrator user ID enter a valid SAF user ID which will
become the initial cell administrator. If this user ID already exists,
it must have the WebSphere Application Server configuration
group for this cell as its default Unix System Services group. Also
specify a valid UID for this user ID.
- Unauthenticated User ID
- Enter a valid SAF user ID which will be associated with unauthenticated
client requests. Also specify a valid UID for this user ID.
Security customization - WebSphere-managed security
For
this security option, you must choose an administrator user ID and
password.
- Administrator user ID
- Enter an alphanumeric user ID which you will use to log on to
the administrative console and perform administrative tasks. This
user ID and its password will initially be the only entry in the file-based
user registry.
- Administrator password
- This password must not be blank.
Security Customization - no security
For
this security option, there are no other choices to make. Your WebSphere Application Server environment
will not be secured until you configure and enable security manually.
Web Server Configuration
If
you want to create a web server definition at this point, fill in
the following values.
Note: Only one Web server can be defined on
a stand alone application server.
- Web Server Type
- Valid values: IHS, HTTPSERVER_ZOS, APACHE, IPLANET, DOMINO, IIS.
- Web Server Operating System
- Windows®, Linux™,
Solaris, AIX®, hpux, OS390, OS400
- Web Server Name
- The name used in defining the Web server in the admin console.
- Web Server Host or IP Address
- IP name or address of the z/OS on which the Web server is
located.
- Web Server Port
- HTTP Port on which the Web server is listening.
- Web Server Install Directory Path
- (varies by user configuration)
- Web Server Plugin Install Directory Path
- (varies by user configuration)