Steven McIver

BRMS – Omitting Constantly Locked Files

BRMS (Backup, Recovery, and Media Solutions) is an application for IBM i used to make backups and restores easier. You can configure backups to happen just as you want them, and when you want to restore, find exactly what you want and where to restore it from. Very often users will configure BRMS to do Save-While-Active saves, so that applications don’t have to be ended during backups – keeping their system up and running and making them look like a superhero.

However, any objects that have exclusive locks on them cannot be saved during a Save-While-Active. Also, by default, objects that use commit control cannot be saved while in the middle of a commit cycle. When a single object in a save cannot be saved, it will result in the message:  Control group XYZ type *BKU completed with errors. Some administrators will often begin to accept this as a good completion message and never check to see what didn’t get saved. This could lead to a potentially disastrous situation if you need to restore and it turns out that not as much of the system was getting backed up as you thought.

There are two things you want to do to rectify this situation:

1) End the application causing the lock before the save and then start it after the save finishes.

2) Omit the objects that cannot be saved. Ending the application may not be possible, so then you have to look at what’s not being saved. If the objects that cannot be saved are trivial things like log files or easily re-created data areas, you can simply choose to omit them from the backup, since they are not critical to restoring the system.

The easiest way to add omits to your BRMS control groups is by using the graphical interface for BRMS inside of Navigator for i. There is a section for Backup, Recovery, and Media Services in the panel on the left side of the page.

 

Inside the section for Backup Control Groups, you will find all your configured control groups. Right-click the one you want to work with and click Properties. Click on the What tab to see what you are backing up. Click on the arrows next to the Item and then click Change Omits… This will let you add either single objects or many objects by specifying a string and then ending …

How to Make Your E-mail Server Like You!

As a system administrator, getting email notifications when critical thresholds are hit can help you save your system and be the hero for the day. Setting up your IBM i server to be capable of sending emails isn’t too difficult, but there is a snag that you can run into when your company’s email server is a little picky.

Many email servers are configured to only receive emails from senders (think FROM: address) that belong to trusted domains. The server may happily receive and send emails that are from admin@abccompany.com, but if it was to receive an email from admin@xyzcompany.com, it would reject it if xyzcompany.com was not on the list of domains that it allows. The problem with the IBM i server often is that will send the email with a sender name that the email server does not like, so it tosses the email out – never to be seen.

In order to correct this, you first have to determine what your E-mail directory type is set to. The easiest way to look at this setting is to do a CHGSMTPA and prompt with F4.

If your value is set to *SMTP, do the following:

Still on the CHGSMTPA screen, add an acceptable domain to the SMTP domain alias parameter. Then use WRKSMTPUSR to add an entry for the user that will be sending the email.

If your value was set to *SDD, do the following:

Do a WRKDIRE and verify that an entry exists for the user that will be sending the email. If not, use option 1 to add the user to the directory.

After the entry exists, take option 2 to change the entry, and then do an F19 to ‘Change name for SMTP’. You may get a message that an entry doesn’t exist for it – just hit Enter to proceed. Fill out the screen that follows.

You’ve done it!

Make sure you can communicate with the mail server, that your IP address or host name is whitelisted, and that you’ve followed the steps above to make sure you have a domain name that’s acceptable to the server. Then all you have to do is make more room in your inbox!

More from this month:

POWER9 Install LAN Console Bug

Here is a quick heads up if you are planning to install a POWER9 system using LAN console.

A major bug was found in Client Access Solutions 1.1.8.7 recently that prevents you from establishing LAN console sessions on systems where the SSL certificate has not been accepted yet. This is especially troublesome when the system has just been pulled out of the box and you cannot proceed with configuring it. Details of this problem and the solution can be found here.

To make matters even worse, there is now another bug that is preventing LAN console from connecting on new systems.

On recently shipped POWER9 systems there is a defective A side PTF that is preventing LAN console sessions from being established. The message ID that shows up is MSGSSL001. This is very similar to the error above, but that message ID is MSGSSL002. The simple solution to this problem is to shut the system down, change the control panel to boot from the B side, and then start the system again. You will then likely run into message ID MSGSSL002 if you’re using ACS 1.1.8.7, and then you’ll need to use the above workaround.

Be sure to pass this information along to any friends or co-workers who may be setting up a system soon. This will make their day much brighter!

More from this month:

What Do I Need To Do Full System FlashCopy Backups?

Full System FlashCopy (FSFC) Toolkit is a tool developed by IBM to allow you to capture full backups of your entire system with little to no downtime. It is becoming very popular for shops that are running 24/7, where any downtime to the system becomes very costly. You may be considering using this option for backups on your system, but you have no idea what you need to get to implement it.

Listed here are the key items you need to have:

  • Be on at least IBM i 7.2.
  • Have available CPU, memory, and disk resources for two LPARs:
    • A “Controlling” LPAR where the toolkit begins running.
      • Can be a Dev/UAT partition. Any partition you don’t plan to use Full System FlashCopy with.
      • If you need to create one, you will need the following resources:
        • 05 CPU
        • 6 GB RAM
        • 400 GB of storage
        • Physical adapters for Ethernet, Disk, and Tape or virtualized through Virtual I/O Server.
      • A target LPAR for the FlashCopy disks to attach to.
        • Hardware requirements:
          • 05 CPU
          • 8 GB RAM
          • Target disks can be thin provisioned. Storage used increases the longer the FlashCopy lasts as bits get copied over from the Source. Expect to need around 10% of the size of the source disks.
          • Physical adapters for Ethernet, Disk, and Tape or virtualized through Virtual I/O Server.
        • You may have to do some shuffling to get the necessary CPU and memory resources. If you need to buy an additional IBM i license, it can greatly affect the price of implementation.
        • Licenses for the following licensed programs (only on the Controlling LPAR):
          • License for PowerHA Standard or Enterprise.
          • License for HA Switchable Resources
        • A Hardware Management Console (HMC). Can be physical or virtual.
        • A Storwize, FlashSystem, or DS8000 SAN that is licensed for FlashCopy.
        • SAN switches for zoning disks and tape.

If you are coming from a single partition system, the requirements for FSFC are very steep. In many situations, it can be costly to implement, but you have to consider the cost of bringing down the system for backups. Run the numbers to see if the cost of downtime is greater than the cost to implement.

Also, consider your current backup strategy and what you’re able to capture while the system is up. I will wrap this up with a question:  If your production system becomes compromised, do you want your last save to contain EVERYTHING

Java Precedence in IBM i

When considering which release of IBM i to upgrade to next, one of the important factors to consider is whether or not the available versions of Java at the target IBM i release are supported by the software that you are running on your system. If you were to upgrade to a new release where your installed software could not operate with the Java that is available, you could find yourself having to rollback to the previous IBM i release – completely erasing all the hard-spent time planning and executing the upgrade!

Most software vendors can quickly tell you whether or not their software will operate on the release of IBM i you are planning to go to. In the cases where the vendor cannot tell you, or the Java applications that you have are homegrown, there is a way to force your current release of IBM i to change what is known as its “Java Precedence”. This is done by adding an environment variable to your system environment that controls which version of Java it prefers to use. Your system will then use this version of Java unless your programs are coded to use a specific version of Java.

 …

RNMTCPHTE (Changing host table entry IP without having to remove and add back)

Host table entries on IBM i are something that every system administrator touches. At the very least, you should always have an entry in there that resolves the hostname of your system to the correct IP address. There are many services (like SSH and Navigator for i) that will run much faster if his host table entry is in place and correct.

In this world, the only thing constant is change, and when changes start happening, IP addresses tend to start changing. When IP addresses change, you have to change those host table entries that have remained the same on your system for a long time. If you take the usual command-line route to changing them, you will hop to the Configure TCP/IP menu (CFGTCP) and then take option 10 – Work with TCP/IP host table entries.…