High Availability and Automatic Network Failover of the z/vm VSWITCH

Similar documents
The z/vm Virtual Switch Advancing the Art of Virtual Networking

Using vswitch on z/vm

z/vm Virtual Switch: The Basics

Session 9112 z/vm TCP/IP Stack Configuration

z/vm TCP/IP Configuration Miguel Delapaz z/vm TCP/IP Development Sunday, 20 April 2008

Virtual Security Zones on z/vm

Virtual Security Zones

Session zse4187 Virtual Security Zones on z/vm

z/vm Security Essentials

Session 9361 / 9381 VM TCP/IP. Advanced Configuration. Alan Altmark IBM Corporation Endicott, New York. Copyright IBM Corporation, 1998, 2000 Page 1

RACF/VM: Protecting your z/vm system from vandals and other cyberspace miscreants

CSE For High Availability and System Management

z/vm Development z/vm Advanced Technical Support December 01,2009 Sue Farrell Angelo Macchiano Bruce McClellan Steve Gracin . 1

Redpaper. Security Zones on IBM System z: Defining and Enforcing Multiple Security Zones. Introduction. Alan Altmark

CSE For High Availability and System Management

Virtual Security Zones on z/vm

Using z/vm DirMaint in an SSI Cluster

Ensemble Enabling z/vm V6.2 and Linux for System z

z/vm System Setup IBM Workload Deployer DIRM and SMAPI Socket Support

Sharing the Wealth Using VLANs on VSWITCH. Sharing the Wealth Using VLANs on VSIWTCH VM Workshop 2012 Lexington, Kentucky

z/vm 6.3 Installation or Migration or Upgrade Hands-on Lab Sessions

Planning and Migrating to z/vm Single System Image (SSI)

The Emperor Strikes Back: Exploiting New and Advanced z13 Features with z/vm. Mike Giglio HealthPlan Services Tampa, Florida, USA

DNA Sequencing with the z/vm Virtual Switch

COMP 3400 Mainframe Administration 1

Security Zones on z/vm

Session V61. Systems Management on z/vm Christine Casey z/vm Development - IBM Endicott, NY. IBM System z Expo September 17-21, 2007 San Antonio, TX

System z Virtualization and Linux Workshop Bootcamp System z Hardware / Architecture

Introduction to RACF on z/vm

z/vm SSL Server Update

1. Logging in to VM - Regular Login - Disconnected Login - Stealing the session - Logging off - Disconnected log off

Understanding VLANs when Sharing OSA Ports on System z

HiperSockets for System z Newest Functions

SUSE Linux Enterprise Server Starter System for System z Installation Guide

Advanced Configuration and Auditing with RACF on z/vm

z/vm Security and Integrity

z/vm Connectivity Version 5 Release 1 SC

Redbooks Paper. Networking Overview for Linux on zseries. Introduction. Networking options. Simon Williams

Introduction to Virtualization: z/vm Basic Concepts and Terminology

General-Purpose SFS Server for Large File Transfer. Sine Nomine Associates Blacksmith Square Ashburn, VA 20147

Program Directory for Open Systems Adapter Support Facility for VM. function level 440. Program Number 5741-A07. for Use with z/vm version 6 release 2

The Basics of Using z/vm

Best practices with SUSE Linux Enterprise Server Starter System and extentions Ihno Krumreich

IBM zenterprise Unified Resource Manager: What s in it for z/vm?

Agenda. Clustering. High Availability. Cluster Management. Failover. Fencing. Lock Management GFS2

High Availability. Neale Ferguson Sine Nomine Associates Tuesday 13 August,

IBM z/vm Single System Image and Live Guest Relocation Planning and Use

The z/vm Control Program Useful Things to Know

Networking in zenterprise between z/os and Linux on System z

How to Turbocharge Network Throughput

CA VM:Secure Single System Image Support. Brian Jagos VM Workshop

Planning and Migrating to z/vm Single System Image (SSI)

IBM z/vm Single System Image and Live Guest Relocation - Planning and Use

RACF Advanced Configuration and Auditing on z/vm

Introduction to Virtualization: z/vm Basic Concepts and Terminology

RACF Advanced Configuration and Auditing on z/vm Bruce Hayden IBM Advanced Technical Skills Endicott, NY

Program Directory for Open Systems Adapter Support Facility for VM. Function Level Program Number 5739-A03. for Use with z/vm Version 4

Planning and Migrating to z/vm Single System Image (SSI)

VM File Systems Overview

A New Parents Guide to zvm: Bringing Your System Up Right. A VM Community Trust Publication. Draft Working Outline

z/vm Live Guest Relocation - Planning and Use

WebSphere. Virtual Enterprise Version Virtualization and WebSphere Virtual Enterprise Version 6.1.1

Lenovo ThinkSystem NE Release Notes. For Lenovo Cloud Network Operating System 10.6

z/vm Service Critical Issues

How to configure Ethernet Network Interface Backup on ~ BladeCenter JS20 with AIX 5L

IBM Tape Manager for z/vm and DFSMSRMS z/vm in a TS7700 Tape Grid Environment

The Virtualization Cookbook

Chapter 1 Getting Started with Switch Management

IBM Systems and Technology Group. Abstract

z/vm Platform Update Advancing the Art of Virtualization with z/vm Version 5 Release 4

z/vm Live Guest Relocation Planning and Use

z/os 2.1 HCD HMCwide Dynamic Activate

Linux Servers on System z: Benefits and Features of Virtualization in the Enterprise Data Center

IBM Washington Systems Center TechDocs. Configuring z/vm PerfKit for Performance Monitoring z/vm 6.3 edition

Consolidation Planning Workbook

The Virtualization Cookbook: Day 1 - z/vm

Introduction to Virtualization: z/vm Basic Concepts and Terminology

z/vm 6.4 Upgrade Installation Richard Lewis IBM Washington System Center Company

Program Directory for Hardware Configuration Definition and Hardware Configuration Manager for z/vm. function level 640. Program Number 5741-A07

Wired internetworking devices. Unit objectives Differentiate between basic internetworking devices Identify specialized internetworking devices

IBM Virtualization Engine TS7700 Series Best Practices. Usage with Linux on System z 1.0

Program Directory for Hardware Configuration Definition and Hardware Configuration Manager for z/vm. function level 620. Program Number 5741-A07

From LPAR to Virtual Servers in Two Days: Day 1 - z/vm

Implementing the z/vse Fast Path to Linux on System z

Herding Clones. Mike Kershaw August 17, urmk/

Deployments and Network Topologies

IBM Systems and Technology Group

RELEASE NOTES. StoneGate Firewall/VPN v for IBM zseries

Redbooks Paper. Accounting and monitoring for z/vm Linux guest machines. Introduction. System setup. Erich Amrehn Ronald Annuss Arwed Tschoeke

ZVM17: z/vm Device Support Overview

SUSE Linux Enterprise Server

QuickStart Guide vcenter Server Heartbeat 5.5 Update 1 EN

Dynamic Routing: Exploiting HiperSockets and Real Network Devices

HP0-Y49. Applying HP FlexNetwork Fundamentals.

z/vm on an EFS Base: Getting Started Front cover ITSO/EFS Project ibm.com/redbooks Practical introduction to simple z/vm usage

ehca Virtualization on System p

z/vm: The Value of zseries Virtualization Technology for Linux

Supercharged VM Startup: A System V-Style INIT Process for VM and Guests

ExamTorrent. Best exam torrent, excellent test torrent, valid exam dumps are here waiting for you

IBM System z10 Enterprise Class: Helping to meet global 24x7 demands for information services with improvements for Internet access and coupling

Transcription:

IBM ^ High Availability and Automatic Network Failover of the z/vm VSWITCH Alan Altmark, IBM z/vm Development, Endicott, NY

Note References to IBM products, programs, or services do not imply that IBM intends to make these available in all countries in which IBM operates. Any reference to an IBM product, program, or service is not intended to state or imply that only IBM's product, program, or service may be used. Any functionally equivalent product, program, or service that does not infringe on any of the intellectual property rights of IBM may be used instead. The evaluation and verification of operation in conjunction with other products, except those expressly designed by IBM, are the responsibility of the user. The following terms are trademarks of the International Business Machines Corporation in the United States or other countries or both: IBM IBM logo eserver zseries z/vm Other company, product, and service names may be trademarks or service marks of others. Copyright 2003, 2005 by International Business Machines Corporation 2

Topics What is a Virtual Switch? How do I set it up for High Availability and Automatic Failover? System Configuration file or command Controllers Authorize user access Testing High Availability & Automatic Failover How can I test this stuff is really going to work 3

z/vm Virtual Switch The role of the VSWITCH is to provide external network connectivity through an OSA-Express device for a Guest LAN Using a VSWITCH reduces the CPU utilization cost and latency associated with providing external connectivity through a router virtual machine The switching logic resides in the z/vm Control Program (CP) which owns the OSA-Express connection and performs all data transfers between Guest LAN nodes and the OSA-Express In most configurations, primary router (PRIROUTER) OSA-Express connections are no longer required To receive inbound packets for all guests behind real device Permits further sharing of the OSA-Express among virtual switches 4

What s a switch anyway? T 1 1 2 1 2 2 2 3 1 3 1 It s a box that you plug cables in to create a LAN Can contain more than one LAN (VLAN) Cable/DSL multi-port and wireless routers for home are simplified versions of commercial switches (less configurable) It has its own IP address for management purposes 5

Physical Switch-to-Switch T 1 1 2 1 2 2 3 1 3 2 1 Access port carries traffic for a single VLAN Host not aware of VLAN 1 Trunk port carries traffic from all VLANs Every frame is tagged with the VLAN id 6 2 3 T 2 1 2 3 3 2 1 3 1 3 1

Physical Switch to Virtual Switch T 1 1 2 1 2 2 2 3 1 3 1 Trunk port carries traffic between CP and switch Each guest can be in a different VLAN 2 1 2 3 3 1 T 7

z/vm Virtual Switch VLAN aware Linux VM TCP/IP VSE z/os Virtual Switch Guest LAN Virtual QDIO adapter CP Ethernet LAN OSA-Express Same LAN segment and subnet 8

z/vm Virtual Switch VLAN unaware Linux VM TCP/IP VSE z/os Virtual Switch Guest LAN Virtual QDIO adapter CP Ethernet LAN OSA-Express Same LAN segment and subnet 9

Guest LAN vs. Virtual Switch Guest Guest Guest Guest Guest LAN Guest Virtual Switch Ethernet LAN Virtual router is required Different subnet External router awareness Guest-managed failover More data copies 10 No virtual router Same subnet Transparent bridge CP-managed failover Fewer data copies

Advantages of the Virtual Switch Enables virtual QDIO connections to physical LAN segments without requiring a router Reduces overhead associated with router virtual machines Virtual machines on the Guest LAN are in the same subnet as the physical LAN segment Reduces copying of the data being transported Provides centralized network configuration and control 11

VSWITCH Controller guest guest controller guest guest guest CP *VSWITCH OSA OSA A controller is a VM TCP/IP stack, but it doesn t have to be your production stack. Create another one. Not involved in data transfer; only handles OSA housekeeping. 12

VSWITCH Controller Failover controller controller guest guest guest CP X OSA In case a controller fails or is forced off, CP will find another, if available. Controllers can be limited to specific OSAs, but is not recommended. If no controller, VSWITCH external connection is deactivated. 13

OSA Failover controller guest guest guest CP OSA OSA Up to 3 OSAs per VSWITCH Automatic failover 14

OSA Failover controller guest guest guest CP OSA X OSA If OSA dies or stalls, controller will detect it and switch to backup OSA 15

Controller Configuration An IUCV *VSWITCH statement must be included in the TCP/IP stack s CP directory entry You need DIAG98 on the directory OPTION statement Standard directory entry for user TCPIP has both of these The VSWITCH CONTROLLER ON statement must be added to the TCP/IP configuration file (PROFILE TCPIP) Do not code Gateway, Device, or Link statements for these devices For standalone controller, only VSWITCH CONTROLLER ON is needed 16

Defining a VSWITCH is easy By CP command DEFINE VSWITCH SET VSWITCH In SYSTEM CONFIG DEFINE VSWITCH MODIFY VSWITCH To connect to the VSWITCH DEFINE NIC or NICDEF in the user directory COUPLE 17

DEFINE VSWITCH 18

MODIFY VSWITCH configuration statement 19

SET VSWITCH command 20

NICDEF directory statement 21

Example VSWITCH Configuration Always start with a picture! LINUX002 Virtual C204-C206 VSWTCH1 VM TCPIP VSWCTL2 VSWCTL1 C20C-C20E C100-C102 C004-C006 OSA 02 OSA 01 OSA 00 22

Example VSWITCH Configuration Exclusive use TCP/IP stack for both controllers Normal TCP/IP traffic through separate stack 3 OSA connections on different CHPIDs If you want the controlling z/vm TCP/IP stack to have connectivity through the virtual switch, define a NIC and couple to the virtual switch just like the other guests do 23

VSWITCH Configuration VSWITCH defined in SYSTEM CONFIG Controller setup Controllers started by AUTOLOG1 Directory entries copied from TCPIP SYSTEM DTCPARMS updated to include new Controllers Used custom PROFILE TCPIP User setup Used NICDEF directory statement no need to issue COUPLE command matched old physical OSA addresses Did not make any changes to Linux!!! 24

Controller directory entry USER VSWCTL1 XXXXXXXX 32M 128M ABG INCLUDE TCPCMSU OPTION QUICKDSP SVMSTAT MAXCONN 1024 DIAG98 APPLMON SHARE RELATIVE 3000 IUCV ALLOW IUCV ANY PRIORITY IUCV *CCS PRIORITY MSGLIMIT 255 IUCV *VSWITCH MSGLIMIT 65535 LINK 4TCPIP40 491 491 RR LINK 4TCPIP40 492 492 RR LINK TCPMAINT 591 591 RR LINK TCPMAINT 592 592 RR LINK TCPMAINT 198 198 RR MDISK 191 3390 1706 005 440W02 MR 25

SYSTEM CONFIG /************************************************/ /* VSWITCH CONFIG */ /************************************************/ DEFINE VSWITCH VSWTCH1 RDEV C004 C100 MODIFY VSWITCH VSWTCH1 GRANT LINUX001 MODIFY VSWITCH VSWTCH1 GRANT LINUX002 MODIFY VSWITCH VSWTCH1 GRANT LINUX003 In z/vm V5.1 you can use ESM to control access to a Guest LAN or VSWITCH! 26

RACF/VM RDEFINE VMLAN SYSTEM.VSWTCH1 UACC(NONE) PERMIT SYSTEM.VSWTCH1 CLASS(VMLAN) ID(LINUX002 LINUX003 LINUX004) ACCESS(UPDATE) VMLAN class must be active and COUPLE.G command must be controlled 27

AUTOLOG1 PROFILE EXEC /***************************/ /* Autolog1 Profile Exec */ /***************************/ ADDRESS COMMAND CP XAUTOLOG PERFSVM ADDRESS COMMAND CP XAUTOLOG VMRTM ADDRESS COMMAND CP AUTOLOG VMSERVS VMSERVS ADDRESS COMMAND CP AUTOLOG VMSERVU VMSERVU ADDRESS COMMAND CP AUTOLOG VMSERVR VMSERVR ADDRESS COMMAND CP AUTOLOG TCPIP TCPIP ADDRESS COMMAND CP SLEEP 5 SEC ADDRESS COMMAND CP XAUTOLOG VSWCTL1 ADDRESS COMMAND CP XAUTOLOG VSWCTL2 28

SYSTEM DTCPARMS :nick.tcpip :type.server :class.stack :attach.c20c-c20e :NICK.VSWCTL1 :TYPE.SERVER :class.stack :NICK.VSWCTL2 :TYPE.SERVER :class.stack 29

Linux directory entry ************************************************ * LINUX002 - SLES8 SP2 * * using VSWITCH VSWTCH1 * ************************************************ USER LINUX002 XXXXXXXX 128M 2048M G INCLUDE LINDFLT NICDEF C204 TYPE QDIO DEVICES 3 LAN SYSTEM VSWTCH1 MDISK 191 3390 0001 0010 V2LX11 MR MDISK 200 3390 0011 0100 V2LX11 MR MDISK 201 3390 0111 3228 V2LX11 MR MDISK 202 3390 0001 3338 V2LX10 MR MDISK 203 FB-512 V-DISK 8000 WV 30

PROFILE TCPIP PROFILE TCPIP D1 V 86 Trunc=86 Size=1 Line=1 Col=1 Alt=0 ====> ===== * * * Top of File * * * ===== VSWITCH CONTROLLER ON ===== * * * End of File * * * Yes, there s only one line in it. 31

VSWITCH Failover 32

Initial state q osa OSA C004 ATTACHED TO VSWCTL1 C004 OSA C005 ATTACHED TO VSWCTL1 C005 OSA C006 ATTACHED TO VSWCTL1 C006 OSA C100 ATTACHED TO VSWCTL1 C100 OSA C101 ATTACHED TO VSWCTL1 C101 OSA C102 ATTACHED TO VSWCTL1 C102 OSA C20C ATTACHED TO TCPIP C20C OSA C20D ATTACHED TO TCPIP C20D OSA C20E ATTACHED TO TCPIP C20E q controller Controller VSWCTL1 Available: YES VDEV Range: * Level 510 Capability: IP ETHERNET VLAN_ARP SYSTEM VSWTCH1 Primary Controller: * VDEV: C004 SYSTEM VSWTCH1 Backup Controller: * VDEV: C100 Controller VSWCTL2 Available: YES VDEV Range: * Level 510 Capability: IP ETHERNET VLAN_ARP q vswitch VSWITCH SYSTEM VSWTCH1 Type: VSWITCH Connected: 1 Maxconn: INFINITE PERSISTENT RESTRICTED NONROUTER Accounting: OFF VLAN Unaware State: Ready IPTimeout: 5 QueueStorage: 8 Portname: UNASSIGNED RDEV: C004 Controller: VSWCTL1 VDEV: C004 Portname: UNASSIGNED RDEV: C100 Controller: VSWCTL1 VDEV: C100 BACKUP 33

Simulate failures Controller failure FORCE a controller off the system OSA failure Configure the OSA offline from the HMC 34

FORCE VSWCTL1 force vswctl1 USER DSC LOGOFF AS VSWCTL1 USERS = 15 FORCED BY MAINT HCPSWU2843E The path was severed for TCP/IP Controller VSWCTL1. HCPSWU2843E It was managing device C004 for VSWITCH SYSTEM VSWTCH1. HCPSWU2830I VSWITCH SYSTEM VSWTCH1 status is in error recovery. HCPSWU2830I VSWCTL2 is new VSWITCH controller. HCPSWU2830I VSWITCH SYSTEM VSWTCH1 status is ready. HCPSWU2830I VSWCTL2 is VSWITCH controller. q controller Controller VSWCTL2 Available: YES VDEV Range: * Level 510 Capability: IP ETHERNET VLAN_ARP SYSTEM VSWTCH1 Primary Controller: * VDEV: C004 SYSTEM VSWTCH1 Backup Controller: * VDEV: C100 35

Configure OSA offline HCPSWU2830I VSWITCH SYSTEM VSWTCH1 status is devices attached. HCPSWU2830I VSWCTL2 is VSWITCH controller. HCPSWU2830I VSWITCH SYSTEM VSWTCH1 status is in error recovery. HCPSWU2830I VSWCTL2 is new VSWITCH controller. HCPSWU2845W Backup device C004 specified for VSWITCH VSWTCH1 is not initialized. HCPSWU2830I VSWITCH SYSTEM VSWTCH1 status is ready. HCPSWU2830I VSWCTL2 is VSWITCH controller. 36

Configure OSA offline q vswitch VSWITCH SYSTEM VSWTCH1 Type: VSWITCH Connected: 1 Maxconn: INFINITE PERSISTENT RESTRICTED NONROUTER Accounting: OFF VLAN Unaware State: Ready IPTimeout: 5 QueueStorage: 8 Portname: UNASSIGNED RDEV: C004 Controller: VSWCTL2 Error: No RDEV Portname: UNASSIGNED RDEV: C100 Controller: VSWCTL2 VDEV: C100 37

Summary IT WORKS! Very easy to setup - TRY IT! Need more information? z/vm Virtual Machine Operation Chapter 7, Working with Virtual Networks, z/vm TCP/IP Planning and Customization z/vm CP Planning and Administration Linux on IBM eserver zseries and S/390: VSWITCH and VLAN Features of z/vm 4.4 Redpaper REDP-3719-00, published September-3-2003 38

Contact Information By e-mail: Alan_Altmark@us.ibm.com In person: USA 607.429.3323 On the Web: Mailing lists: http://ibm.com/vm/devpages/altmarka IBMTCP-L@vm.marist.edu VMESA-L@listserv.uark.edu LINUX-390@vm.marist.edu http://ibm.com/vm/techinfo/listserv.html 39

Thanks for Listening! 40

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback