この項では、 カスタマイズ・ダイアログの生成した指示がどのように見えるかのサンプルを紹介します。 これはサンプルにすぎません。 ユーザーのシステムを構成する際には、 ユーザー独自の変数から生成された指示を使用する必要があります。
----------------------------------------------- The customization dialog has created jobs based on the information you provided. These instructions tell you how to modify the operating system and run the jobs to customize WebSphere for z/OS. RULES: 1. If you created the target data sets (*.CNTL and *.DATA) on another (driving) system, you must copy them to the target system and give them the same data set names. 2. You must perform these instructions on your target system. Doing manual configuration updates ---------------------------------- The customization dialog for WebSphere for z/OS does not attempt to update configuration data for your base operating system or existing subsystems. You must do the following manual steps prior to running the WebSphere for z/OS configuration jobs. Perform these steps to do manual configuration updates: 1. Update BLSCUSER. Refer to member BBOIPCSP in 'MINGLW.TODAY.CNTL' In order to use the IPCS support provided by the product, append the contents of this member to the BLSCUSER member in your IPCSPARM or system PARMLIB datasets. ------------------------------------------------------------------- 2. Update SCHEDxx. Refer to member BBOSCHED in 'USERID.TODAY.CNTL' In order to set the correct program properties for the WebSphere for z/OS run-time executables, append the contents of this member to the SCHEDxx member in your system PARMLIB concatenation. Note: When you are finished, issue the command SET™ SCH=(xx,xx) to activate SCHEDxx and load a new program properties table. ------------------------------------------------------------------- 3. Make sure the following data sets are APF-authorized: DBEL.WASX.SBBOLPA DBEL.WASX.SBBOLOAD DBEL.WASX.SBBGLOAD DBEL.WASX.SBBOLD2 Add these datasets to your PROGxx or IEAAPFxx parmlib members, as appropriate, ensuring you specify the correct volsers. ------------------------------------------------------------------- 4. If you want to collect the SMF120 records created by the run-time servers, update SMFPRMxx via the following: EXAMPLE: SUBSYS(STC,EXITS(IEFU29,IEFACTRT),INTERVAL(SMF,SYNC), TYPE(0,30,70:79,88,89,120,245)) --- For details on the SMF records, see related topics in the WebSphere for z/OS Information Center at http://www.ibm.com/software/webservers/appserv/zos_os390/library/ ------------------------------------------------------------------- 5. Update your active BPXPRMxx member to have the following WebSphere for z/OS configuration file system: OMVS.WAS.CONFIG.HFS mounted at: /WebSphere/V6R1 in read/write mode. EXAMPLE: MOUNT FILESYSTEM('OMVS.WAS.CONFIG.HFS') MOUNTPOINT('/WebSphere/V6R1') TYPE(HFS) MODE(RDWR) ------------------------------------------------------------------- 6. Update TCP/IP by reserving the following ports for WebSphere for z/OS: SOAP JMX Connector port - 8880 ORB port - 2809 Administrative console port - 9060 Administrative console secure port - 9043 HTTP Transport port - 9080 HTTPS Transport port - 9443 High availability manager communication port - 9353 Service Integration port - 7276 Service Integration Secure port - 7286 Service Integration MQ Interoperability port - 5558 Service Integration MQ Interoperability Secure port - 5578 Session Initiation Protocol (SIP) port - 5060 Session Initiation Protocol (SIP) secure port - 5061 Daemon IP port - 5655 Daemon SSL port - 5656 View member BBOTCPIP in 'USERID.TODAY.CNTL' Add the contents of this member to the PORT section of the file referenced by the DD statement for the TCP/IP profile in the TCP/IP start procedure. Cut and paste from this member into the data set used by your installation. ATTENTION: If another application has already reserved any of these ports for its own use, you must resolve the resulting conflict before you continue. If you update the WebSphere for z/OS customization dialog with new port specifications, be sure to regenerate the customization jobs, data, and instructions. ------------------------------------------------------------------- 7. The WebSphere product libraries will be placed in STEPLIB as needed, rather than in the system link pack area and system link list. Make sure that the target MVS™ system has at least 8MB of free storage in extended CSA for the daemon and for EACH node (deployment manager node or application server node). SBBOLOAD and SBBOLD2: ==================== The following data sets will be placed in the STEPLIB concatenation for the location service daemon, controller and servant regions, and in the setupCmdLine.sh script in the WebSphere Configuration file system. You must not remove these STEPLIB statements. DBEL.WASX.SBBOLOAD DBEL.WASX.SBBOLD2 BBORTS61: ========= The BBORTS61 module is used by WebSphere Application Server for component trace support. A copy of this module (any maintenance level) must be in the system link pack area in order for CTRACE to work correctly. If a copy of BBORTS61 is currently loaded into LPA, you need take no further action. Otherwise, issue the following MVS console command to load BBORTS61 into dynamic LPA: SETPROG LPA,ADD,MODNAME=BBORTS61, DSNAME=DBEL.WASX.SBBOLPA Alternatively, you can place the following statement in a parmlib PROGxx member which is activated with the SET PROG= command after system IPL is complete: LPA ADD MODNAME(BBORTS61) DSNAME(DBEL.WASX.SBBOLPA) Make sure that the BBORTS61 module is loaded into LPA after each system IPL. ------------------------------------------------------------------- 8. WebSphere for z/OS customization assumes that the following system data sets are in the system link list or link pack area: Language Environment® SCEERUN SCEERUN2 System SSL SGSKLOAD (z/OS 1.5 and below) SIEALNKE (z/OS 1.6 and above) Placing these data sets in the link list or link pack area improves performance and insulates your WebSphere for z/OS configuration from changes in data set names (for example, when migrating to z/OS 1.6). If the Language Environment or System SSL load module libraries are not in your system link list or link pack area, you must perform the following steps before starting any WebSphere Application Server for z/OS servers: - Make sure the data sets are APF-authorized - Complete the optional step below to add the data sets to STEPLIB in the server JCL and setupCmdLine.sh script(s). If you regenerate server cataloged procedures at any point, make sure the data sets are added to the new cataloged procedures. ------------------------------------------------------------------- 9. If the error logstream WAS.ERROR.LOG does not already exist on your target system, make a copy of the appropriate job in the SBBOJCL data set, customize it according to the comments in the job, and run it: BBOERRLC Create an error logstream in a coupling facility BBOERRLD Create a DASD-only error logstream ------------------------------------------------------------------- 10. WebSphere for z/OS regions open a large number of files (more than 1024). Make sure your BPXPRMxx parmlib member(s) specify a value of MAXFILEPROC that is greater than or equal to 2000. Use the following MVS console command to see your current MAXFILEPROC setting: D OMVS,OPTIONS ------------------------------------------------------------------- Running the customized jobs --------------------------- The customization dialog built a number of batch jobs with the variables you supplied. You must run the jobs in the order listed below using user IDs with the appropriate authority. BEFORE YOU BEGIN: Complete the section above entitled "Doing manual configuration updates". Follow the table below, which lists in order the jobs you must submit and the commands you must enter. Special handling notes are included in the table. All jobs are members of USERID.TODAY.CNTL Attention: After submitting each job, carefully check the output. Errors may exist even when all return codes are zero. +-----------+----------------------------------------------------------+ | | The next three jobs (BBOSBRAJ, BBOSBRAK, BBOSBRAM) | | | do not need to be run if the indicated groups, user IDs | | | and directories already exist with the correct gid, | | | uid and ownership permission values, as given below. | +-----------+----------------------------------------------------------+ | BBOSBRAJ | User ID requirement: Authority to update data set | +-----------+ | | Done: | USERID.TODAY.DATA. | | | | | | This job builds (but does not execute) the RACF® commands | | By: | to create common WebSphere for z/OS groups and user IDs: | | | | | | Configuration group: WSCFG1 (gid 2500) | | | Servant group: WSSR1 (gid 2501) | | | Local user group: WSCLGP (gid 2502) | | | File system owner user ID: WSOWNER (uid 2405) | | | | | | The commands are placed into member BBOSBRAK of data set | | | USERID.TODAY.DATA. | | | | | | Carefully review these definitions with your security | | | administrator. | +-----------+----------------------------------------------------------+ | BBOSBRAK | User ID requirement: RACF special authority. | +-----------+ | | Done: | This job executes the RACF commands created by the | | | previous job. If the group and user IDs named above | | | have already been created during a previous WebSphere | | | for z/OS configuration and are in all target system RACF | | | database(s), you do not need to rerun this job. | | | | | | RESULT: You may receive errors, such as INVALID USER | | | messages, from this job because a user ID, group or | | | profile is already defined. Make sure the existing | | | user ID, group or profile has the same characteristics | | | as the user ID, group or profile being created by | | | BBOSBRAK. If not, then change the values in the | | | customization dialog which are causing the conflict, | | | regenerate the customization jobs, and restart the | | | process. | | | | | | When this step is complete, all groups and user IDs | | | listed above for job BBOSBRAJ should be defined in the | | | RACF database on each target system for the cell. | | | Note: the WAS owner user ID WSOWNER MUST have the WAS | | | configuration group WSCFG1 as its default OMVS group. | | | | | By: | | | | | +-----------+----------------------------------------------------------+ | BBOSBRAM | User ID requirement: UID=0. | +-----------+ | | Done: | This job creates home directories for WebSphere for z/OS | | | user IDS. These home directories will be subdirectories | | | of /var/WebSphere/home | | By: | | | | This job will: | | | | | | Create the following directory with permission bits 755: | | | | | | /var/WebSphere/home | | | | | | Create the following directory with ownership | | | WSOWNER:WSCFG1 and permission bits 770: | | | | | | /var/WebSphere/home/WSCFG1 | | | | | | Create the following directory with ownership | | | WSOWNER:WSSR1 and permission bits 770: | | | | | | /var/WebSphere/home/WSSR1 | | | | | | Create the following directory with ownership | | | WSOWNER:WSCLGP and permission bits 770: | | | | | | /var/WebSphere/home/WSCLGP | | | | | | This job should be run on each z/OS system that will | | | host WebSphere Application Server nodes using these | | | WebSphere for z/OS common groups and owner user ID. | | | After execution, verify that the directories have been | | | created with the correct permissions on each system. | | | | | | If these directories already exist with the specified | | | ownership and permission on a target system, then this | | | job does not need to be run on that system. | | | | | | ATTENTION: If the directory | | | /var/WebSphere/home | | | is used by applications other than WebSphere Application | | | Server, make sure that the permissions set by | | | BBOSBRAM (755) are appropriate, or change them manually. | | | This directory must be world-readable for Websphere | | | Application Server to run correctly. | +-----------+----------------------------------------------------------+ | BBOMSGC | User ID requirement: Update authority for data set | +-----------+ SYS1.MSGENU and/or SYS1.MSGJPN. | | Done: | | | | ATTENTION: This is optional unless you require message | | | translation. | | By: | | | | This job sets up MMS to translate messages for WebSphere | | | for z/OS. | | | | | | There are two steps to update SYS1.MSGENU and | | | SYS1.MSGJPN. Remove the unneeded step and change the | | | target libraries, if necessary. | +-----------+----------------------------------------------------------+ | BBOCBRAJ | User ID requirement: Authority to update data set | +-----------+ | | Done: | USERID.TODAY.DATA | | | | | | This job builds (but does not execute) the RACF commands | | By: | for the WebSphere for z/OS run-time clusters and places | | | them into member BBOWBRAK of data set | | | | | | USERID.TODAY.DATA | | | | | | Carefully review these definitions with your security | | | administrator. | +-----------+----------------------------------------------------------+ | BBOCBRAK | User ID requirement: RACF special authority. | +-----------+ | | Done: | This job executes the RACF commands set up in the | | | previous job. | | | | | | This job creates the WebSphere administrator ID WSADMIN | | | without a password. You must assign this user ID a | | | password that complies with your institution standards; | | | this is also the password that will be used when logging | | | on to the WebSphere Application Server administrative | | | console. | | | | | | Enter the following RACF command to assign a password: | | | | | | ALTUSER WSADMIN PASSWORD(password) NOEXPIRED | | | | | | If you are using a different security system, make sure | | | that the user ID has a password. | | | | | | | | By: | RESULT: You may receive errors, such as INVALID USER | | | messages, from this job because a user ID, group or | | | profile is already defined. Make sure the existing | | | user ID, group or profile has the same characteristics | | | as the user ID, group or profile being created by | | | BBOCBRAK. If not, then change the values in the | | | customization dialog which are causing the conflict, | | | regenerate the customization jobs, and restart the | | | process. | | | | +-----------+----------------------------------------------------------+ | -------- | Check user ID authorizations. | +-----------+ | | Done: | Make sure the WSCFG1 group has read access to all | | | WebSphere product data sets, as well as to any other | | | data sets which will be placed in WebSphere for z/OS | | | cataloged procedure STEPLIB concatenations. | | | | | | Make sure the following user IDs have read access to | | By: | the resolver configuration file in use on your system. | | | Depending on your IP setup, this file may be | | | /etc/resolv.conf, SYS1.TCPPARMS(TCPDATA), or another | | | data set. | | | | | | ASCR1 | | | ASSR1 | | | | | | See the z/OS eNetwork Communication Server IP | | | Configuration manual for the resolver search order. | | | | | | Ensure the following user ID has read access to the data | | | sets in your system parmlib concatenation: | | | | | | WSDMNCR1 | | | | | | ATTENTION: | | | | | | If operator commands are protected by the z/OS security | | | server at your installation, you must ensure that | | | sufficient authority is given to WebSphere tasks to | | | control operations. | | | | | | The Application Server Controller user ID (ASCR1) | | | needs the ability to perform operations on started | | | tasks belonging to WebSphere Application Server for | | | z/OS. | | | | | | The asynchronous administrator user ID, and any user | | | ID used to run the federation job when the node agent | | | is started automatically, need the authority to issue | | | the MVS START command. | | | | | | If you are currently controlling MVS console command | | | authority with SAF OPERCMDS profiles, grant the | | | following authorities as indicated, substituting your | | | own profile names: | | | | | | PERMIT START_profile_name CLASS(OPERCMDS) | | | ID (ASCR1 WSADMSH) ACCESS(UPDATE) | | | | | | PERMIT STOP_profile_name CLASS(OPERCMDS) | | | ID (ASCR1 ) ACCESS(UPDATE) | | | | | | PERMIT MODIFY_profile_name CLASS(OPERCMDS) | | | ID (ASCR1 ) ACCESS(UPDATE) | | | | | | PERMIT CANCEL_profile_name CLASS(OPERCMDS) | | | ID (ASCR1 ) ACCESS(UPDATE) | | | | | | PERMIT FORCE_profile_name CLASS(OPERCMDS) | | | ID (ASCR1 ) ACCESS(UPDATE) | | | | | | | | | You must also grant the appropriate console command | | | authority to any user ID that executes the | | | startServer.sh or stopServer.sh script. | +-----------+----------------------------------------------------------+ | BBOWCHFS | User ID requirement: UID=0 and authority to allocate | +-----------+ | | Done: | OMVS.WAS.CONFIG.HFS | | | | | | This job: | | | | | By: | o Creates a mount point directory | | | | | | /WebSphere/V6R1 | | | | | | o Allocates the configuration file system using | | | the Hierarchical File System (HFS) | | | | | | OMVS.WAS.CONFIG.HFS | | | | | | and mounts it at the above mount point. | | | | | | DO NOT RUN THIS JOB IF: | | | 1. The configuration file system already exists and is | | | mounted at the desired mountpoint, or if | | | | | | 2. The mount point directory is controlled by | | | automount. Either disable the automount rule for | | | the configuration mount point while running this | | | job, or perform the following steps manually: | | | | | | a. Allocate the configuration file system data set. | | | b. Issue the following shell commands, which will | | | also cause automount to mount the file system | | | | | | chmod 775 /WebSphere/V6R1 | | | chown WSOWNER:WSCFG1 /WebSphere/V6R1 | | | | | | BEFORE YOU BEGIN: The BBOWCHFS job assumes your root | | | file system is mounted in read/write mode. If the root | | | file system is not mounted in read/write mode, manually | | | create the directory | | | | | | /WebSphere/V6R1 | | | | | | and any needed higher directories, set file permissions | | | to 775, and set the owning user ID and group to WSOWNER | | | and WSCFG1 before running BBOWCHFS. | | | | | | EXAMPLE: If you plan to use /WebSphere/V6R0 as your | | | directory, issue the following commands from within the | | | OMVS shell: | | | | | | mkdir -p -m 775 /WebSphere/V6R0 | | | chown -R WSOWNER:WSCFG1 /WebSphere | | | | +-----------+----------------------------------------------------------+ | BBOWHFSA | User ID requirement: UID=0. | +-----------+ | | Done: | This job populates the previously-created file system. | | | | | | Upon completion, examine the job output. Success is | | By: | indicated with a RC=0 in the job output. | | | | +-----------+----------------------------------------------------------+ | BBOWCPY1 | User ID requirement: update authority for: | +-----------+ | | Done: | | | | | | | SYS1.PROCLIB | | By: | | | | | | | | | | This job copies the tailored start procedures, | | | parameters, and EXECs to the run-time libraries. | | | | | | ATTENTION: Be aware that you may overlay existing | | | members in the above data sets. | | | | +-----------+----------------------------------------------------------+ | BBOWWPFA | User ID requirement: UID=0. | +-----------+ | | Done: | This job sets up the runtime file system. | | | | | | | | By: | Upon completion, examine the job output. Success is | | | indicated by rc=0. | | | | | | Note: If the BBOWWPFA (profile creation) job fails, | | | delete the WAS_HOME/profiles/default directory and all | | | its contents before rerunning BBOWWPFA. | | | | +-----------+----------------------------------------------------------+ | BBOWHFSB | User ID requirement: UID=0. | +-----------+ | | Done: | This job will complete the file system initialization. | | | | | | Upon completion, examine the job output. Success is | | By: | indicated with a RC=0 in the job output. | | | | +-----------+----------------------------------------------------------+ | -------- | All WebSphere Application Server processes require | +-----------+ access to the Language Environment and System SSL load | | Done: | modules. | | | | | | If the SCEERUN, SCEERUN2 and System SSL load module | | | libraries are not in the system link list or link pack | | | area, add them to the STEPLIB DD concatenation in each | | | of the following cataloged procedures in | | | SYS1.PROCLIB: | | | | | | BBO6ACRZ | | | BBO6ASRZ | | | BBO6CRAZ | | | BBO6DMNZ | | | | | | and also add the full data set names, separated by | | | colons (:), to the STEPLIB variable in the shell script | | | | | | /WebSphere/V6R1/ | | | AppServer/ | | | profiles/default/bin/setupCmdLine.sh | | By: | | | | When modifying the setupCmdLine.sh script, do not | | | remove lines or comment them out, as this may cause | | | problems with automated updates to the script. | | | | | | Add only those data sets which are NOT in the link list | | | or link pack area. | | | | +-----------+----------------------------------------------------------+ | -------- | Make sure Resource Recovery Services (RRS) is active. | +-----------+ (See the InfoCenter for setup instructions if necessary.)| | Done: | Look for the following console message to verify that | | | RRS was successfully started: | | | | | By: | | | | ASA2011I RRS INITIALIZATION COMPLETE. COMPONENT | | | ID=SCRRS | | | | +-----------+----------------------------------------------------------+ | -------- | If your system is busy, you may want to include a rule | +-----------+ in your WLM policy that OMVS work for job BBOS001 | | Done: | (such as the postinstaller step) is to run in a service | | | class with a high service objective. | | By: | | +-----------+----------------------------------------------------------+ | -------- | Start the Application Server | +-----------+ | | Done: | Issue the MVS command | | | | | | START BBO6ACR,JOBNAME=BBOS001, | | | ENV=AQFT.AQFT.BBOS001 | | | | | By: | This command starts the Application Server. Wait until | | | the server is finished initializing before proceeding. | | | | | | RESULT: The following message appears on the console and | | | in the job log of | | | | | | BBOS001 | | | | | | BBOO0019I INITIALIZATION COMPLETE FOR WEBSPHERE FOR | | | z/OS CONTROL PROCESS BBOS001 | +-----------+----------------------------------------------------------+ | BBOWIVT | User ID requirement: UID=0 or WSADMIN | +-----------+ | | Done: | This job runs the IVT application. See related topics in | | | the WebSphere for z/OS Information Center at | | | http://www.ibm.com/software/webservers/appserv/zos_os390/| | | library/ | | | | | | for information about how to run this job. | | By: | | +-----------+----------------------------------------------------------+ | The product is now configured and verified. | | | | To start the application server, issue the MVS command: | | | | START BBO6ACR,JOBNAME=BBOS001, | | ENV=AQFT.AQFT.BBOS001 | | | | To stop the application server, enter the MVS command: | | | | STOP BBODMNB | +----------------------------------------------------------------------+ The following is a useful script that helps you define security controls for clusters. It is in data set 'USERID.TODAY.DATA' +-----------+----------------------------------------------------------+ | BBOWBRAC | This is a sample exec you can modify to include | +-----------+ installation-specific RACF controls. This exec defines | | Done: | all the user IDs and groups that are necessary and | | | sufficient for installing WebSphere for z/OS. | | | | | By: | Additionally, there are commented sections for other | | | components that might be used (SSL, for example). | +-----------+----------------------------------------------------------+