Skip to content

Commit

Permalink
Updates for v3
Browse files Browse the repository at this point in the history
Signed-off-by: 1000TurquoisePogs <[email protected]>
  • Loading branch information
1000TurquoisePogs authored Sep 25, 2024
1 parent 2451e93 commit fd77523
Showing 1 changed file with 11 additions and 28 deletions.
39 changes: 11 additions & 28 deletions INSTALLATION.md
Original file line number Diff line number Diff line change
Expand Up @@ -14,8 +14,6 @@ Table of contents:
2. [Configuration Concepts](#configuration-concepts)
2. [Distribution](#distribution)
3. [Installation of Runtime](#installation-of-runtime)
1. [SMPE or PSWI](#smpe-or-pswi)
2. [PAX](#pax)
4. [Configuration of Instance](#configuration-of-instance)
1. [Configuration by JCL](#configuration-by-jcl)
1. [Core Tasks](#core-tasks)
Expand Down Expand Up @@ -119,7 +117,6 @@ When the JCL is prepared, the following jobs can be submitted to perform the fol
|Create Instance Datasets|**Purpose:** Create datasets for Zowe's PARMLIB content and non-ZFS extension content for a given Zowe Instance<br><br>**Action:**<br>1) Allocate PDSE FB80 dataset with at least 15 tracks named from Zowe parameter `zowe.setup.dataset.parmlib`<br>2) Allocate PDSE FB80 dataset with at least 30 tracks named from Zowe parameter `zowe.setup.dataset.authPluginLib`<br>3) Copy ZWESIP00 member from `zowe.setup.dataset.prefix`.SZWESAMP into `zowe.setup.dataset.parmlib`|[ZWEIMVS](https://github.com/zowe/zowe-install-packaging/tree/feature/v3/jcl/files/SZWESAMP/ZWEIMVS)|
|APF Authorize privileged content|**Purpose:** Zowe contains one privileged component, ZIS, which enables the security model by which the majority of Zowe is unprivileged and in key 8. The load library for the ZIS component and its extension library must be set APF authorized and run in key 4 to use ZIS and components that depend upon it.<br><br>**Action:**<br>1) APF authorize the datasets defined at `zowe.setup.dataset.authLoadlib` and `zowe.setup.dataset.authPluginLib`.<br>2) Define PPT entries for the members ZWESIS01 and ZWESAUX as Key 4, NOSWAP in the SCHEDxx member of the system PARMLIB.|[ZWEIAPF](https://github.com/zowe/zowe-install-packaging/tree/feature/v3/jcl/files/SZWESAMP/ZWEIAPF)|
|Grant SAF permissions|The STC accounts for Zowe need permissions for operating servers, and users need permissions for interacting with the servers.<br><br>**Action:** [Set SAF permissions for accounts](https://docs.zowe.org/stable/user-guide/assign-security-permissions-to-users#security-permissions-reference-table)|RACF: [ZWEIRAC](https://github.com/zowe/zowe-install-packaging/tree/feature/v3/jcl/files/SZWESAMP/ZWEIRAC)<br><br>TSS: [ZWEITSS](https://github.com/zowe/zowe-install-packaging/tree/feature/v3/jcl/files/SZWESAMP/ZWEITSS)<br><br>ACF2: [ZWEIACF](https://github.com/zowe/zowe-install-packaging/tree/feature/v3/jcl/files/SZWESAMP/SZWIACF)|
|(z/OS v2.4 ONLY) Create Zowe SAF Resource Class|This is not needed on z/OS v2.5+. On z/OS v2.4, the SAF resource class for Zowe is not included, and must be created|RACF: [ZWEIRACZ](https://github.com/zowe/zowe-install-packaging/tree/feature/v3/jcl/files/SZWESAMP/ZWEIRACZ)<br><br>TSS: [ZWEITSSZ](https://github.com/zowe/zowe-install-packaging/tree/feature/v3/jcl/files/SZWESAMP/ZWEITSSZ)<br><br>ACF2: [ZWEIACFZ](https://github.com/zowe/zowe-install-packaging/tree/feature/v3/jcl/files/SZWESAMP/ZWEIACFZ)|
|Copy STC JCL to PROCLIB|**Purpose**: ZWESLSTC is the job for running Zowe's webservers, and ZWESISTC is for running the APF authorized cross-memory server. The ZWESASTC job is started by ZWESISTC on an as-needed basis.<br><br>**Action**: Copy the members ZWESLSTC, ZWESISTC, and ZWESASTC into your desired PROCLIB. If the job names are customized, also modify the YAML values of them in `zowe.setup.security.stcs`|[ZWEISTC](https://github.com/zowe/zowe-install-packaging/tree/feature/v3/jcl/files/SZWESAMP/ZWEISTC)|


Expand Down Expand Up @@ -157,15 +154,6 @@ If you would like Zowe to create a keyring instead, you can do one of these thre
|3|Zowe will create a keyring and populate it by importing PKCS12 content from a dataset that you specify.|RACF: [ZWEIKRR3](https://github.com/zowe/zowe-install-packaging/tree/feature/v3/jcl/files/SZWESAMP/ZWEIKRR3)<br><br>TSS: [ZWEIKRT3](https://github.com/zowe/zowe-install-packaging/tree/feature/v3/jcl/files/SZWESAMP/ZWEIKRT3)<br><br>ACF2: [ZWEIKRA3](https://github.com/zowe/zowe-install-packaging/tree/feature/v3/jcl/files/SZWESAMP/ZWEIKRA3)|
#### (Optional) Caching Service VSAM Task:
---
If you plan to use the Zowe caching service Component, such as for high availability and fault tolerance reasons, then you must choose a form of database for it to use.
Among the choices is for it to use a VSAM dataset of your choice.
|Task|Description|Sample JCL|
|---|---|---|
|Create VSAM Dataset for Caching Service|**Action**: Create a RLS or NONRLS dataset for the caching service, and set the name into the YAML value `components.caching-service.storage.vsam.name`|[ZWECSVSM](https://github.com/zowe/zowe-install-packaging/tree/feature/v3/jcl/files/SZWESAMP/ZWECSVSM)|

JCL samples for removing Zowe configuration also exist.
|Action|Sample JCL|
|---|---|
Expand Down Expand Up @@ -238,15 +226,6 @@ To instead have Zowe create a keystore or keyring for you, run `zwe init certifi
|5|Zowe will create a keyring and populate it by importing PKCS12 content from a dataset that you specify.|



#### (Optional) Caching Service VSAM Configuration:
If you plan to use the Zowe caching service Component, such as for high availability and fault tolerance reasons, then you must choose a form of database for it to use.
Among the choices is for it to use a VSAM dataset of your choice.

|Task|Description|Sample JCL|Doc|
|---|---|---|---|
|Create VSAM Dataset for Caching Service|Creates a RLS or NONRLS dataset for the caching service using the YAML values in `zowe.setup.vsam`|`zwe init vsam`|[Doc](https://docs.zowe.org/stable/appendix/zwe_server_command_reference/zwe/init/zwe-init-vsam)|

<br>
<br>
<br>
Expand All @@ -262,14 +241,17 @@ The following lists the default ports of each server of Zowe that is enabled by

These are customized within the YAML at `components.<component-name>.port`, such as `components.zss.port` to customize the ZSS port.

|Component|Component Category|TCP Port|Job Suffix|Log Suffix|Note|
|Component|Component Category|TCP Port|Job Name|Log Suffix|Note|
|---|---|---|---|---|---|
|api-catalog|API Mediation Layer|7552|AC|AAC|Provides API documentation|
|discovery|API Mediation Layer|7553|AD|ADS|Used by the gateway to discover presence and health each server in a Zowe instance for routing|
|gateway|API Mediation Layer|7554|AG|AGW|When enabled, the port chosen should also be the value of `zowe.externalPort`. Zowe can be configured to have this port as the only externally-accessible port as the gateway can proxy the other Zowe servers.|
|caching-service|API Mediation Layer|7555|CS|ACS|Provides a cache for high-availability/fault-tolerant operation|
|app-server|App Framework|7556|DS|D|Provides the Desktop, requires NodeJS|
|zss|App Framework|7557|SZ|SZ|Provides APIs|
|api-catalog|API Mediation Layer|7552|ZWE1AC|AAC|Provides API documentation|
|discovery|API Mediation Layer|7553|ZWE1AD|ADS|Used by the gateway to discover presence and health each server in a Zowe instance for routing|
|gateway|API Mediation Layer|7554|ZWE1AG|AGW|When enabled, the port chosen should also be the value of `zowe.externalPort`. Zowe can be configured to have this port as the only externally-accessible port as the gateway can proxy the other Zowe servers.|
|caching-service|API Mediation Layer|7555|ZWE1CS|ACS|Provides a cache for high-availability/fault-tolerant operation|
|app-server|App Framework|7556|ZWE1DS|D|Provides the Desktop, requires NodeJS|
|zss|App Framework|7557|ZWE1SZ|SZ|Provides APIs|
|zaas|API Mediation Layer|7558|ZWE1AZ|AZ|Provides security APIs|

Note that the Job name prefix ZWE1 can be modified via the YAML property `zowe.job.prefix`.

Zowe also has a property, `zowe.externalPort` that describes where clients should connect to access Zowe. This must match the gateway port when the gateway is enabled. When it isn't, this port should match the primary server of Zowe that you are using.

Expand All @@ -288,6 +270,7 @@ When `zowe.job.prefix` is "ZWE1", An example of port reservations with a fixed I
7555 TCP ZWE1CS BIND 10.11.12.13 ; Zowe Caching Service
7556 TCP ZWE1DS BIND 10.11.12.13 ; Zowe App Server
7557 TCP ZWE1SZ BIND 10.11.12.13 ; Zowe ZSS
7558 TCP ZWE1AZ BIND 10.11.12.13 ; Zowe ZAAS
```

### TLS configuration
Expand Down

0 comments on commit fd77523

Please sign in to comment.