Presentation is loading. Please wait.

Presentation is loading. Please wait.

Enhancements for Distributed

Similar presentations


Presentation on theme: "Enhancements for Distributed"— Presentation transcript:

1 Enhancements for Distributed
IBM Tivoli Workload Scheduler 8.2

2 Highlights Tivoli Technical Imperatives
Networking Security and Firewalls Object and Administration Security Execution Deadline Control Return Code Management and Processing Job Events Processing Workload Scheduler for Applications 2 | Copyright © 2002, IBM All Rights Reserved | September 25, 2002

3 Tivoli Technical Imperatives
Installation Products are easy to install, compatible with each other Improve the percentage of successful first-time installs Manual steps are eliminated or automated Maintenance is simplified Serviceability Increase satisfaction by empowering customers with built-in troubleshooting techniques Problem resolution is efficient and accurate Data Warehouse Collect historical data from many Tivoli applications in one central place Correlate information from multiple applications when possible Enable enterprise-level reporting Provide out-of-the-box web-based reporting Presentation Consistency Tivoli products should have a similar look-and-feel for familiarity and ease-of-use of our products 3 | Copyright © 2002, IBM All Rights Reserved | September 25, 2002

4 Networking and Security
SSL Encryption and Authentication Network communication between ITWS systems can be configured to use SSL Full Firewall support ITWS will function even if an IP firewall exists between the FTA and its Domain Manager Increased functional security FTAs will share a security key with the Master Domain Manager so that an FTA cannot be linked by an unknown Master 4 | Copyright © 2002, IBM All Rights Reserved | September 25, 2002

5 Secure Sockets Layer Protocol
SSL is based on a public-private keys methodology When using SSL, Connections are private. Encryption is used after an initial handshake to define a secret key. Symmetric cryptography is used for data encryption (DES, RC4, etc.) Peer identity can be authenticated using asymmetric, or public key, cryptography (RSA, DSS, etc.) The connection is reliable. Message transports include message integrity checks using a keyed MAC. Secure hash functions (SHA, MD5, etc.) are used for MAC computations 5 | Copyright © 2002, IBM All Rights Reserved | September 25, 2002

6 SSL Authentication and Encryption
Symphony Master Domain AIX Master Domain Manager Unencrypted communication DomainA DomainB SSL Encrypted communication AIX HPUX Domain Manager DMA Domain Manager DMB TWS for z/OS Plan distribution FTA1 FTA2 FTA3 FTA4 AIX Linux Windows 2000 Solaris 6 | Copyright © 2002, IBM All Rights Reserved | September 25, 2002

7 SSL and Workload Scheduler
Workload Scheduler will use SSL 3 Requires all workstations participating in SSL sessions to have X.509 certificate repositories containing certificates to be exchanged for establishing the SSL session to be installed locally Users can define which workstations will use SSL OpenSSL toolkit provides communication protocol and certification management on distributed systems OS/390 Cryptographic Services System SSL provides services between host and distributed platforms in end-to-end environments Complete certificate and PKI key management is outside the scope of this release Note: Export of cryptographic algorithms is restricted by regulation of the US government 7 | Copyright © 2002, IBM All Rights Reserved | September 25, 2002

8 Firewall Compatibility
Remote administration commands will be routed through domain hierarchy (instead of Master Domain Manager attempting direct connection to down-level FTA for start, stop, and get stdlist) Workload Scheduler TCP/IP communication can be limited to specific port ranges (can also promote better use of systems with multiple NICs) Communication characteristics for port utilization, binding, connection establishment, etc. will be well documented 8 | Copyright © 2002, IBM All Rights Reserved | September 25, 2002

9 Firewall Support After Before Master Domain DomainA DomainB Symphony
AIX Master Domain Manager Plan distribution and event management Before After IP Firewall DomainA DomainB Network management commands and job log retrieval AIX HPUX Domain Manager DMA Domain Manager DMB IP port (31111) TWS Plan distribution FTA1 FTA2 FTA3 FTA4 AIX Linux Windows 2000 Solaris 9 | Copyright © 2002, IBM All Rights Reserved | September 25, 2002

10 Enhanced Security Distribution
Symphony Master Domain MasterB Windows 2000 AIX Master Domain Manager Administrator creates secret key Makesec command inserts key into Security file Administrator distributes Security file to each TWS node Secret key is inserted into Symphony file by Jnextday Symphony’s key must match Security’s key before any links or commands are allowed Security Authorization Key DomainA DomainB AIX HPUX Domain Manager DMA Domain Manager DMB TWS for z/OS Plan distribution FTA1 FTA2 FTA3 FTA4 AIX Linux Windows 2000 Solaris 10 | Copyright © 2002, IBM All Rights Reserved | September 25, 2002

11 Centralized Security Optional feature – current de-centralized security may be continued (for backwards compatibility) Prohibits other systems from connecting into an existing scheduling network Prohibits anyone from reconfiguring existing systems to increase their abilities A new keyed Security mechanism will be employed Security file may only be compiled on Master Domain Manager Security file contains encrypted checksum and is distributed to every FTA Symphony file will contain the same checksum Any link or command attempt will compare Symphony and Security checksums Command is denied if checksums do not match or Security file is removed 11 | Copyright © 2002, IBM All Rights Reserved | September 25, 2002

12 Execution Deadline Each job or job stream can have a defined deadline
A job or job stream that has a defined deadline time which has expired before it has terminated will be considered “LATE” If a job has started and is still executing past its deadline, a notification is sent If a job has not started by its deadline, a notification is sent 12 | Copyright © 2002, IBM All Rights Reserved | September 25, 2002

13 Enhanced “UNTIL” time Currently a Job or Job Stream with an expired UNTIL time will not be started A late job will have an optional attribute, “ON_UNTIL” with three possible values: SUPPR – Job is not launched, no condition changed (current behavior) CONT – the Job or Job Stream will be started anyway when the dependencies are met CANC – the Job or Job Stream will be cancelled when it has not started and the UNTIL time expires 13 | Copyright © 2002, IBM All Rights Reserved | September 25, 2002

14 Return Code Management
Each job definition will have user-defined criteria defining which return code(s) represent a successful job The “Success Condition” field can be a combination of comparison operators and logical operators Example “RC = 2 OR ((RC >= 6 AND RC < 18) AND (RC != 12))” Each job’s return code will be sent back to the Symphony The return code will be seen on conman “SHOWJOBS” command and in the GUI 14 | Copyright © 2002, IBM All Rights Reserved | September 25, 2002

15 Return Code Processing
The Return Code for each job is stored in the stdlist, and the Symphony file The jobinfo command will be enhanced to be able to retrieve the return code of any previous job A new environment variable will be sent through JOBMON to recovery jobs representing the return code of the abended job The Return Code will be represented in the “event.log” file (usually processed by Tivoli Enterprise Console) and events passed to Tivoli Business Systems Manager 15 | Copyright © 2002, IBM All Rights Reserved | September 25, 2002

16 Example use of Return Code Analysis
JOB1 JOB2 Branch-JOB Dependency on JOB1 & JOB2 Reads return code of JOB1 and JOB2 using “jobinfo” Makes decision to run JOB3 or JOB4 based on status of JOB1 or JOB2 Cancels job not selected Branch-JOB JOB3 JOB4 16 | Copyright © 2002, IBM All Rights Reserved | September 25, 2002

17 Job Events Processing Enhancements
New events regarding job state changes will be sent to the event.log file Currently, events are sent for 101: Job Abend 102: Job Failed 103: Job Launched 104: Job Done 105: Job Suspended (UNTIL) New rules for Enterprise Console will be provided New optional events will be added showing each state change 106: Job Submitted 107: Job Canceled 108: Job Ready 109: Job put on Hold 110: Job Restarted 111: Job Failed 112: Job Successful Pending 113: Job External 114: Job in Intro 115: Job STUCK 116: Job in Wait 117: Job Deferred 118: Job Scheduled 17 | Copyright © 2002, IBM All Rights Reserved | September 25, 2002

18 Workload Scheduler for Applications
Updated x-agent for R/3 Support for new releases of R/3 Support for SAP Business Warehouse Show picklists of Infopackage Jobs to schedule Select and/or override attributes of the selected jobs Updated x-agent for PeopleSoft Support for PeopleSoft 8 Supports PeopleSoft report distributions Runs on Windows 2000 and UNIX X-agent for Oracle E-Business Suite Support for 10.x, 11.i 18 | Copyright © 2002, IBM All Rights Reserved | September 25, 2002

19 Enhancements for Distributed
IBM Tivoli Workload Scheduler 8.2


Download ppt "Enhancements for Distributed"

Similar presentations


Ads by Google