Cloud Provisioning and Management (CP&M) for z/OS continues to deliver many new functions and improved user experience via continuous delivery. The following features were delivered on December 10, 2020 with PTFs UI72944 (z/OS V2.3) and UI72945 (z/OS V2.4) to expand CP&M provisioning capability and offer a robust software provisioning platform on z/OS.
Domain Shared Resource Pool
The concept of a shared resource pool is expanded to include sharing resources across an entire domain. Previously, clients were limited to sharing a resource pool within a single tenant. By allowing multiple tenants within a domain to share a resource pool, clients can simplify resource management in a cloud provisioning environment. Administrators can create a domain shared resource pool once and then allow resources from the pool to be shared across multiple tenants. In contrast, if an organization's z/OS environment requires resource isolation across tenants and templates, it is recommended that a tenant-specific shared resource pool for all available templates or a dedicated template-specific resource pool be defined for each tenant in the domain.
No changes are required in the middleware provisioning template to use this function as cloud provisioning orchestration will dynamically detect that the template is associated with a domain shared resource pool and subsequently route REST APIs to obtain resources from that pool.
Security Simplification
The default domain now supports manual security mode for creating templates and tenants. This option is intended for provisioning environments that do not use an automatic security mode. Previously, customers were required to create a new domain if their environment did not support an automatic security mode. Now, when the default domain is created at z/OSMF startup time, it is placed in manual security mode if the CLOUD_SEC_ADMIN parameter is not specified in the IZUPRMxx parmlib member.
CP&M security definition sample IZUPRSEC is enhanced to configure a user id that is not RACF SPECIAL for a cloud security administrator role. System programmers can specify a user id that is not ‘RACF SPECIAL’ for the CLOUD_SEC_ADMIN parameter.
Template and Instance Management
Numerous enhancements are provided to help administrators to efficiently manage templates and instances, including:.
- When a template is created, the domain administrator can identify that instances can be automatically deleted after they are deprovisioned. With this enhancement, domain administrators are no longer required to manually delete deprovisioned instances and thus reduces instance management overhead.
- When creating a template, the domain administrator can now select an option to automatically archive provisioning workflows after the template is provisioned successfully. This helps the domain administrator to automatically manage the number of active workflows, which are limited to 200.
- Domain administrators can:
- Modify the published template and change the description of the template and other properties such as workflow and instance disposition.
- Set a maximum time limit for a provisioned software instance, such as 7 days, 30 days, or unlimited. When consumers provision the template, they can select the time duration for their provisioned instance. When a provisioned instance exceeds its time limit, it is marked as expired, and the consumer who provisioned the instance and domain administrators are notified. Consumers can then deprovision the instance. This enhancement helps the domain administrator to clean up stale, expired instances in a timely manner and keep the provisioning environment in good health.
Resource Management Enhancements
The following enhancements are provided in Cloud Provisioning resource management function.
- Support modification to the software service instance name prefix. If the naming convention for the provisioned instance is not properly established when resource pools are defined, the domain administrator can now specify a different general name prefix, or switch to using the SNA application ID as the prefix.
- Externalization of APIs so that they can be programmatically invoked.
z/OSMF Workflow Editor enhancements
IBM introduced the following new features to simplify workflow creation with the z/OSMF Workflow Editor on December 14, 2020 with PTFs UI73100 (z/OS V2.3) and UI73101 (z/OS V2.4):
- Users are able to open the Workflows task directly from the Workflows Editor by using the new "Test" action. It provides a way to quickly create and run workflow instances using your workflow definition.
- A path selector option is added to some input fields to assist with locating workflow files and templates on the system.