Mainframe Storage

What's New in IBM Copy Services Manager 6.3.1

By Randy Blea posted 18 days ago

  


In November 2021 IBM GA'd a new version of IBM Copy Services Manager 

Copy Services Manager 6.3.1 Download


IBM Copy Services Manager is a storage replication product that provides a single place to manage all the replication across your IBM storage environment.  With IBM Copy Services Manager customers can simplify the management of their replication solutions while providing disaster recovery and high availability to their applications. 

As always, we're very excited to provide the following key features being released in this new version.  We develop Copy Services Manager in an agile development cycle and as such have included a number of customer requested features!!!


https://higherlogicdownload.s3.amazonaws.com/IMWUC/UploadedImages/d5d5d759-cab6-4adb-ae53-b03967a4252d/CSM628/line.png

Rename of Spectrum Virtualize storage systems and simplification of Add Storage System wizard 

  • Starting with the CSM 6.3.1 release, all storage systems using Spectrum Virtualize will now be labeled as Spectrum Virtualize when the CSM ID is created, instead of using the type of model of the storage system.  For example, in the past you might see a box named, FlashSystems-9200:CLUSTER:MYBOX.  Under CSM 6.3.1 the box will now be named SPECTRUM-VIRTUALIZE:CLUSTER:MYBOX
  • This change allows CSM to quickly support new hardware models and types that are based on Spectrum Virtualize technology.  If a customer needs to see what type a storage system is they can view the 'Type' column under the Storage Systems panel. 
  • If you already have a connection to a Spectrum Virtualize storage system and you upgrade to CSM 6.3.1, CSM will automatically rename the IDs with SPECTRUM-VIRTUALIZE.
  • In addition to this change, CSM has simplified the Add Storage System wizard to minimize the selections to the four main types of hardware connections that are supported:   DS8000, Spectrum Virtualize, Spectrum Accelerate and z/OS.  Note the z/OS connection type will only display when running on a z system or when a z/OS host connection is defined. 
https://higherlogicdownload.s3.amazonaws.com/IMWUC/UploadedImages/d5d5d759-cab6-4adb-ae53-b03967a4252d/CSM628/line.png

Allow Recover Backup for Safeguarded Copy sessions to be called programmatically 

  • A customer could programmatically issue a Recover Backup command today, however, because the Recover Backup command requires a backup ID, the call would first have to get a list of backups and choose a backup in the list to be used to place on the recovery volumes. 
  • Starting in CSM 6.3.1, the Recover Backup command will no longer require a backup ID.  If no backup ID is specified, the "last" recoverable backup will be used when recovering to the recover volumes (R1). 
  • This allows solutions where you may want to create a backup and then immediately issue a recover for that backup in order to run validation testing against the backup, such as checking to see if a cyber attack may have occurred. 
  • Customers can now also specify Recover Backup as a Command Action on a Scheduled Task, so that you can include it as part of your regular backup processing, or other scheduled events.



https://higherlogicdownload.s3.amazonaws.com/IMWUC/UploadedImages/d5d5d759-cab6-4adb-ae53-b03967a4252d/CSM628/line.png

Import custom certificates from GUI for HTTPS connections

  • When running CSM on a standalone server (non DS8000 HMC installs), customers could always setup the server with their own custom certificates for HTTPS communication with the GUI/CLI/etc.  This however, involved manually adding the truststore to the environment which most customers do not have experience with making it a difficult task.
  • Starting in CSM 6.3.1, you can now import a truststore from the CSM GUI.  On the Advanced Tools panel in the CSM GUI, there is a new section entitled, "Import custom Truststore for HTTPS connections to the server".  If you click the Import Truststore button, this will bring up the Import dialog allowing you to easily import the customer certificate. 
  • On the import dialog you can click on Choose a Truststore to Import which will allow you to select a P12/jks file located on the server you are running the browser from.  If the truststore requires a password to use, enter it in the option input box. 
  • After the truststore is applied, it will take affect the next time the CSM server has been restarted.
  • Note: Prior to modifying the truststore, CSM will create a backup of the server in the event that there are any issues with connectivity.  This can be used to restore the server to regain access.



https://higherlogicdownload.s3.amazonaws.com/IMWUC/UploadedImages/d5d5d759-cab6-4adb-ae53-b03967a4252d/CSM628/line.png

Restore Backup command name change and additional Warning

  • The Restore Backup command for Safeguarded Copy should be used carefully, as it will overwrite the data on a production volume with the data on the backup.  To help mitigate the chances of accidentally clicking the Restore Backup instead of the Recover Backup, in the CSM 6.3.1 release the restore command has been changed to Restore Backup to Production.  This not only helps differentiate the commands in the drop down, but also includes the words production to help the user know that they are about to affect production data. 
  • In addition to the rename, the CSM 6.3.1 release has also added a yellow warning prompt with red text when the Restore Backup to Production command is issued for a Spectrum Virtualize Safeguarded Copy session.  This text provides an additional warning that the production data will be overwritten.







https://higherlogicdownload.s3.amazonaws.com/IMWUC/UploadedImages/d5d5d759-cab6-4adb-ae53-b03967a4252d/CSM628/line.png

Support Restore to Production to Remote Copy Secondary volumes for DS8000 Safeguarded Copy

  • In the CSM 6.3.0 release along with DS8000 9.2, a new feature was added allowing customers to Restore a Safeguarded Copy backup back to the production volume, when the Safeguarded Copy backup is taken on the remote copy target.  In other words, if you replicating from H1 to H2 and taking a backup off of H2, the feature allows you to restore a backup back to the H1 volume without a full copy of the data.
  • In the CSM 6.3.1 release along with DS8000 9.2.1, this solution was now extended to support restoring that backup to the remote copy target volume, when the Safeguarded Copy backup is taken off of the primary volume.  In other words, if you are replicating from H1 to H2 and taking a backup off of the H1 volume, the feature allows you to restore the backup to the H2 volume.  In this solution, in order to get that backup data back to the H1 production, you can reverse the direction of the replication after the restore to copy the changed data from H2 back to H1. 
  • The solution supports MM and GM configurations as well as Multi-target configurations.  In GM configurations, it's important to note that you'll need to Recover the GM session BEFORE you do the Restore Backup to Production command or the GM recover could overwrite the backup data with the last consistency group that was formed.  Below shows sample steps for performing a restore in both an MM and GM environment.  The Safeguarded Copy Redbook will also be updated to reflect these and other solutions.


https://higherlogicdownload.s3.amazonaws.com/IMWUC/UploadedImages/d5d5d759-cab6-4adb-ae53-b03967a4252d/CSM628/line.png

Support for installing on CSM on AIX 7.3 servers

CSM 6.3.1 will officially support installation on AIX 7.3 servers when AIX GAs in 4Q21.

Platform-AIX | CDT Serviceshttps://higherlogicdownload.s3.amazonaws.com/IMWUC/UploadedImages/d5d5d759-cab6-4adb-ae53-b03967a4252d/CSM628/line.png

Clear SCSI reservations on DS8000 FlashCopy establishes

  • Sometimes reserves are left out on the hardware which may prevent CSM from issuing a FlashCopy to the target volume.  Starting with the CSM 6.3.1 release, a new option will appear in the session properties for DS8000 FlashCopy and practice sessions.  When the option "Reset target reserves (FB only)" is set on the session, on the next Flash command to the session, the option will be set on the command to the hardware that will reset the reserve and allow the Flash to complete without failure.

https://higherlogicdownload.s3.amazonaws.com/IMWUC/UploadedImages/d5d5d759-cab6-4adb-ae53-b03967a4252d/CSM628/line.png


New Scheduled Task Action to check DS8000 Global Mirror RPO

  • In the 6.3.1 release a new type of Action will be available when creating a Scheduled Task.  The Validate Data Exposure action allows a customer to have the task check the current data exposure (RPO) for a selected session and role pair, prior to continuing on to the next action in the task. 
  • In the action the customer defines a value in seconds for data exposure.  If the session and role pair is below that data exposure time then the action will complete and the task will move to the next action.  If the session and role pair however is above the data exposure time specified, the action will continue to check the data exposure on the session until the timeout time specified in the Action has been reached.  If the timeout is reached then the entire task will fail sending out a notification. 
  • This new action type may help prevent issues when your scheduled task needs to Suspend the GM session.  A suspend to a GM session will Pause the Master on the hardware with consistency.  However, a high data exposure may indicate that the hardware is having trouble forming consistency groups.  This means that the Pause issued to the hardware will get stuck because a consistency group cannot be formed.  By adding this action before a Suspend to a GM role pair in a session, you can fail the task before even attempting to issue the Suspend and allow support to help figure out why consistency groups are failing to form.


https://higherlogicdownload.s3.amazonaws.com/IMWUC/UploadedImages/d5d5d759-cab6-4adb-ae53-b03967a4252d/CSM628/line.png


Support user defined consistency group name on Multi-target MM-MM sessions and Multi-target MM-MM with 4 site replication sessions

  • When CSM loads a HyperSwap or Hardened Freeze configuration to z/OS, it will use the session name and shorten it to fit into the allotted number of characters defined on the z/OS session.  However, customers can specify a user defined consistency group name on DS8000 MM role pairs.  When specified this is used instead of the shortened session name.  Prior to this release however, this was not supported for MT MM-MM configurations as both legs of the MM session are loaded for HyperSwap or Hardened Freeze. 
  • There were however customers that experienced conflicts when the naming convention they used for their MT MM-MM session caused the different sessions to resolve to the same shortened name after a system IPL.  Starting in CSM 6.3.1 a customer can now specify a user defined consistency group name on these sessions.  By doing so, a different naming convention can be used to provide a unique name across the sessions that will be the same across system IPLs preventing the issue from occurring.






https://higherlogicdownload.s3.amazonaws.com/IMWUC/UploadedImages/d5d5d759-cab6-4adb-ae53-b03967a4252d/CSM628/line.png

Enable consistent suspend across  DS8000 Global Mirror sessions sharing the same hardware master session

  • CSM allows customers to manage up to 250 different GM session on the same DS8000 storage system, even though the hardware cannot manage that many separate sessions.  By specifying the same two-digit hex user defined consistency group name on a DS8000 GM role pair for a session, CSM will use the same Master session ID when setting up the relationships on the hardware.  Because each of these session appear as separate session in CSM, despite using the same underlying Master session, a suspend command issued to one of the sessions by default will Pause the Master but then proceed to restart all the shared sessions that the suspend command was not issued to.  This allows the customer to suspend one session without affecting the others. 
  • There was a request however to allow an option to suspend all shared sessions consistently.  When a suspend command is issued to one of the shared sessions, all sessions that share that same consistency group name should remain suspended.  This can be accomplished starting in 6.3.1 by adding the following property to the Server Properties.  When set to true all sessions will remain suspended after the Suspend command is issued.
csm.server.suspend_all_shared_gm_sessions=true


https://higherlogicdownload.s3.amazonaws.com/IMWUC/UploadedImages/d5d5d759-cab6-4adb-ae53-b03967a4252d/CSM628/line.png


Allow programmatic server backup and log package creation with download

  • Customer today can use the REST of CSM CLI to create a backup of the CSM server or a log package.  However, once created the customer has to manually go to the server or to the GUI panel to download the file. 
  • There are cases though where you may want to automate not only the creation but the download of the file created.  For example, you may want to create a programmatic backup of the CSM server every 24 hours and offload it to a secure server.  Or you may want to create an external action that will open an internal ticket and collect a CSM log package to download from the CSM server and then upload for support.
  • In CSM 6.3.1, the -dir parameter on the mkbackup and mklogpkg commands can be used to specify which directory to place the created file on the server where the CSMCLI is running. 
  • On the REST API two new APIs are now available /system/backupserver/download and /system/logpackages/synchronous/download to not only invoke the file creation but perform the download. 
  • NOTE: These commands are synchronous and will not complete until the file is created on the server and the download has completed.





https://higherlogicdownload.s3.amazonaws.com/IMWUC/UploadedImages/d5d5d759-cab6-4adb-ae53-b03967a4252d/CSM628/line.png

New automation user role for easier automation in Dual Control environments

  • In the CSM 6.3.1 release a new user role will be introduced called the "Automation" user.  An automation user can be used by customers to perform external automation such as running CSMCLI scripts or making REST API calls.  By using a specify user with automation authority, customers can use the audit records to better tell when commands were issued by automation versus manually by users. 
  • By default an automation user can always invoke REST commands.  Administrators however can choose whether the automation user should have CLI or GUI access.  By preventing CLI/GUI access this may help provide a little extra security when the automation user is used.
  • An automation user can manage all sessions which includes being able to do actions like creating copy sets, removing copy sets, starting/stopping sessions, etc.  Automation users however cannot manage other users. 
  • If customers want to lock down what an automation user can do further, they can optionally select the "Only run Scheduled Tasks" check box.  When this is selected, the automation user can only run scheduled tasks and cannot issue any commands directly to a session.  An Administrator will need to create the scheduled task but the automation user will be able to invoke the run action against the task. 
  • NOTE: When the "Only run Scheduled Tasks" check box is checked for an Automation user, you will not be able to grant the user GUI access.  GUI access is automation disabled.


https://higherlogicdownload.s3.amazonaws.com/IMWUC/UploadedImages/d5d5d759-cab6-4adb-ae53-b03967a4252d/CSM628/line.png

CSM 6.3.1 What’s New Video

https://higherlogicdownload.s3.amazonaws.com/IMWUC/UploadedImages/d5d5d759-cab6-4adb-ae53-b03967a4252d/CSM628/line.png

RFE support for Copy Services Manager

 
If you wish to open a new Request for Enhancement on IBM Copy Services Manager, you can now do so through the following link.
https://ibm.biz/Bd4Zxj


#ds8900
#copyservicesmanager
​​​#safeguardedcopy




0 comments
1 view

Permalink