You can perform the following migration actions before you order
or install a z13™ server:
- Review the sysplex configuration in which the z13 server will participate. See Restrictions for a z13 server for a description of the
limitations when using z13 servers
with certain earlier servers in a Parallel Sysplex®.
- Implement an STP timing network. This action is
necessitated because Sysplex Timers (9037-002) are not supported
on z13 servers.
- Migrate from ISC-3 links to InfiniBand or Integrated Coupling
Adapter (ICA) links. This action is necessitated because
ISC-3 links are not supported on z13 servers. If desired, you
can take this action after you order a z13 server,
as you upgrade to the new server.
- Migrate from unsupported hardware features to newer technology. This
action is necessitated because ESCON, FICON® Express4, Crypto Express3, and OSA-Express3
are not supported on z13 servers.
See Restrictions for a z13 server, Replace unsupported devices, and Provide for new device installations.
- Determine the level of cryptographic support you require on
a z13 server. The level
of function provided for cryptographic support differs by z/OS® release and the ICSF web
deliverable that is installed. Toleration PTFs are also available
for some cryptographic web deliverables.
For z/OS V2R1, consider the following:
- If you are using the level of ICSF that is shipped as part of z/OS V2R1, you can tolerate Crypto
Express5 on a z13 server, which
treats Crypto Express5S cryptographic coprocessors and accelerators
as Crypto Express4S coprocessors and accelerators. However, you must
install the required PTFs identified by the SMP/E Fix Category: IBM.Device.Server.z13-2964.RequiredService.
- If you require support for greater than 16 domains
(up to 85) on Crypto Express5S, you must install the PTFs identified
by the SMP/E Fix Category: IBM®.Device.Server.z13-2964.Exploitation,
or install the Enhanced Cryptographic Support for z/OS V1R13-z/OS V2R1 web deliverable (FMID HCR77B0).
- If you require Crypto Express4S functionality for CCA 4.4 and
other EP11 cryptographic enhancement support which includes: RKX Key
Export Wrap, UDX simplification, additional EP11 algorithms, expanded
EMV support, AP Configuration simplification, CTRACE Enhancements,
and KDS Key Utilization stats, then you must download and install
the Cryptographic Support for z/OS V1R13-z/OS
V2R1 web deliverable (FMID HCR77A1) or the Enhanced Cryptographic
Support for z/OS V1R13-z/OS
V2R1 web deliverable (FMID HCR77B0). Please note that if you
are using the Cryptographic Support for z/OS V1R13-z/OS V2R1 Web deliverable (FMID HCR77A1)
and sharing keys with other z/OS systems
that have a lower level of ICSF, then you will need the coexistence
PTFs listed below and identified by Fix Category: IBM.Coexistence.ICSF.z/OS_V1R13-z/OS_V2R1-HCR77A1.
- If you require Crypto Express5S exploitation support for the next
Generation Coprocessor support or Visa Format Preserving Encryption
(FPE) then you must download and install the Enhanced Cryptographic
Support for z/OS V1R13-z/OS
V2R1 web deliverable (FMID HCR77B0). Please note that if you
are using the Enhanced Cryptographic Support for z/OS V1R13-z/OS V2R1 Web Deliverable
(FMID HCR77B0) and sharing keys with other z/OS systems that have a lower level of ICSF,
then you will need the coexistence PTFs listed below and identified
by Fix Category: IBM.Coexistence.ICSF.z/OS_V1R13-z/OS_V2R1-HCR77B0.
For z/OS V1R13,
consider the following:
- If you are using the level of ICSF that is shipped as part of z/OS V1.13 you can tolerate
Crypto Express5 on a z13 server
which treats Crypto Express5S cryptographic coprocessors and
accelerators as Crypto Express4S coprocessors and accelerators.
However you must install the required PTFs identified by the
SMP/E Fix Category IBM.Device.Server.z13-2964.RequiredService.
- If you require Crypto Express4S support of expanded key support
for AES algorithm, enhanced ANSI TR-31 Secure Key Exchange,
PIN block decimalization table protection, PKA RSA OAEP with
SHA-256 algorithm, or additional Elliptic Curve Cryptography
(ECC) functions then you must download and install the Cryptographic
Support for z/OS V1R11-V1R13
(or higher) web deliverable (FMID HCR7790) and the PTFs identified
by the Fix Category IBM.Device.Server.z13-2964.Exploitation.
Please note that if you are using the Cryptographic Support
for z/OS V1R11-V1R13 Web Deliverable
(FMID HCR7790) and sharing keys with other z/OS systems that have a lower level
of ICSF, then you will need the coexistence PTFs identified
by Fix Category IBM.Coexistence.ICSF.z/OS_V1R11-V1R13-HCR7790.
- If you require Crypto Express4S functionality including: Enterprise
Security PKCS #11-Hardware Security Module (HSM), DUKPT for
MAC and Data Encryption, Cipher Text Translate CCA Verb, PKDS/TKDS
Constraint Relief, Random Number Cache, FIPS on Demand, or
Wrapping Keys with Strong Keys then you must download and install
the Cryptographic Support for z/OS V1R12-V1R13
(or higher) web deliverable (FMID HCR77A0). The APARs/PTFs required
to provide support for PKCS#11 are identified by the Fix Category IBM.Device.Server.z13-2964.Exploitation.
Please note that if you are using the Cryptographic Support
for z/OS V1R12-V1R13 Web Deliverable
(FMID HCR77A0) and sharing keys with other z/OS systems that have a lower level
of ICSF, then you will need the coexistence PTFs listed below
and identified by Fix Category IBM.Coexistence.ICSF.z/OS_V1R12-V1R13-HCR77A0.
- If you require Crypto Express4S functionality for CCA 4.4 and
other EP11 cryptographic enhancement support which includes:
RKX Key Export Wrap, UDX Reduction/simplification, additional
EP11 algorithms, expanded EMV support, AP Configuration simplification,
CTRACE Enhancements, and KDS Key Utilization Stats; then you
must download and install the Cryptographic Support for z/OS V1R13-z/OS V2R1 (or higher)
web deliverable (FMID HCR77A1). The APARs/PTFs are required
to provide support for PKCS#11 are identified by the Fix Category
IBM.Device.Server.z13-2964.Exploitation. Please note that if
you are using the Cryptographic Support for z/OS V1R13-z/OS V2R1 Web Deliverable (FMID
HCR77A1) and sharing keys with other z/OS systems
that have a lower level of ICSF, then you will need the coexistence
PTFs identified by Fix Category + IBM.Coexistence.ICSF.z/OS_V1R13-z/OS_V2R1-HCR77A1.
- If you require support for greater than 16 domains
(up to 85) on Crypto Express5S, you must install the PTFs identified
by the SMP/E Fix Category: IBM.Device.Server.z13-2964.Exploitation,
or install the Enhanced Cryptographic Support for z/OS V1R13-z/OS V2R1 web deliverable (FMID HCR77B0)
- If you require Crypto Express5S exploitation support for the next
Generation Coprocessor support or Visa Format Preserving Encryption
(FPE) then you must download and install the Enhanced Cryptographic
Support for z/OS V1R13-z/OS
V2R1 web deliverable (FMID HCR77B0). Please note that if you
are using the Enhanced Cryptographic Support for z/OS V1R13-z/OS V2R1 Web Deliverable
(FMID HCR77B0) and sharing keys with other z/OS systems that have a lower level of ICSF,
then you will need the coexistence PTFs listed below and identified
by Fix Category IBM.Coexistence.ICSF.z/OS_V1R13-z/OS_V2R1-HCR77B0.
For z/OS V1R12,
consider the following:
- If you are using the level of ICSF that is shipped as part of z/OS V1R12, you can tolerate
Crypto Express5 on a z13 server,
which treats Crypto Express5S cryptographic coprocessors and
accelerators as Crypto Express4S coprocessors and accelerators.
However you must install either the Cryptographic Support for z/OS V1R10-V1R12 web deliverable
(FMID HCR7780), the Cryptographic Support for z/OS V1R11-V1R13 web deliverable (FMID
HCR7790) , or the Cryptographic Support for z/OS V1R12-V1R13 Web Deliverable (FMID
HCR77A0), and install the required PTFs identified by the SMP/E
Fix Category IBM.Device.Server.z13-
2964.RequiredService.
- If you require Crypto Express4S support of X9.8 Pin, 64 Bit, HMAC,
CKDS Constraint Relief, PCI Audit, ECC HW Support, CBC Key
Wrap, and PKA RSA OAEP with SHA-256 algorithm then you must
download and install the Cryptographic Support for z/OS V1R10-V1R12 (or higher) web
deliverable (FMID HCR7780) and the PTFs identified by the Fix
Category IBM.Device.Server.z13-2964.Exploitation. Please note
that if you are using the Cryptographic Support for z/OS V1R10-V1R12 Web Deliverable
(FMID HCR7780) and sharing keys with systems that have a lower
level of ICSF, then you will need the coexistence PTFs identified
by Fix Category IBM.Coexistence.ICSF.z/OS_V1R10-V1R12-HCR7780.
- If you require Crypto Express4S support of expanded key support
for AES algorithm, enhanced ANSI TR-31 Secure Key Exchange,
PIN block decimalization table protection, PKA RSA OAEP with
SHA-256 algorithm, or additional Elliptic Curve Cryptography
(ECC) functions then you must download and install the Cryptographic
Support for z/OS V1R11-V1R13
(or higher) web deliverable (FMID HCR7790) and the PTFs identified
by the Fix Category IBM.Device.Server.z13-2964.Exploitation.
Please note that if you are using the Cryptographic Support
for z/OS V1R11-V1R13 Web Deliverable
(FMID HCR7790) and sharing keys with other z/OS systems that have a lower level
of ICSF, then you will need the coexistence PTFs identified
by Fix Category IBM.Coexistence.ICSF.z/OS_V1R11-V1R13-HCR7790.
- If you require Crypto Express4S functionality including: Enterprise
Security PKCS #11-Hardware Security Module (HSM), DUKPT for
MAC and Data Encryption, Cipher Text Translate CCA Verb, PKDS/TKDS
Constraint Relief, Random Number Cache, FIPS on Demand, or
Wrapping Keys with Strong Keys then you must download and install
the Cryptographic Support for z/OS V1R12-V1R13
web deliverable (FMID HCR77A0). The APARs/PTFs required to provide
support for PKCS#11 are identified by the Fix Category IBM.Device.Server.z13-2964.Exploitation.
Please note that if you are using the Cryptographic Support
for z/OS V1R12-V1R13 Web Deliverable
(FMID HCR77A0) and sharing keys with other z/OS systems that have a lower level
of ICSF, then you will need the coexistence PTFs identified by
Fix Category IBM.Coexistence.ICSF.z/OS_V1R12-V1R13-HCR77A0.
- If you require support for greater than 16 domains
(up to 85) on Crypto Express5S, you must install the PTFs identified
by the SMP/E Fix Category: IBM.Device.Server.z13-2964.Exploitation.
- Install the necessary z/OS service, as indicated in PSP buckets. It
is imperative all of the appropriate Preventive Service Planning
(PSP) buckets are obtained. In addition to the hardware PSP buckets,
the software PSP buckets must also be obtained. You should use the
SMP/E Fix Categories specified in the associated FIXCAT HOLDDATA
to identify PTFs required for the z13 server,
PTFs needed to exploit z13 capabilities,
and PTFs recommended to fix known problems. Specifically, fixes
in the following categories:
- IBM.Device.Server.z13-2964.RequiredService
- IBM.Device.Server.z13-2964.Exploitation
- IBM.Device.Server.z13-2964.RecommendedService
Fixes required for several zEnterprise® functions
(e.g., Parallel Sysplex InfiniBand
Coupling Links, Server Time Protocol (STP), the Unified Resource Manager,
High Performance FICON (zHPF),
and zEnterprise Data
Compression (zEDC) are not listed in the hardware PSP bucket,
but can be found by using the following SMP/E Fix Categories: - IBM.Device.Server.z13-2964.ParallelSysplexInfiniBandCoupling
- IBM.Device.Server.z13-2964.ServerTimeProtocol
- IBM.Device.Server.z13-2964.UnifiedResourceManager
- IBM.Device.Server.z13-2964.zHighPerformanceFICON
- IBM.Function.zEDC
Please note that the since the PTFs associated with these Fix
Categories are not specific to a z13 server,
you should consider specifying a generic wildcard for the server
to ensure that you have all the appropriate service installed. For
example:- IBM.Device.Server.*.ParallelSysplexInfiniBandCoupling
- IBM.Device.Server.*.ServerTimeProtocol
- IBM.Device.Server.*.UnifiedResourceManager
- IBM.Device.Server.*.zHighPerformanceFICON
Similarly, fixes needed for zBX or to support the IBM DB2® Analytics
Accelerator (IDAA) are not listed in the hardware PSP bucket,
but can be found by using the following Fix Categories:- IBM.Device.Server.zBX-2458
- IBM.DB2.AnalyticsAccelerator.*
If you are upgrading from a server generation prior to the zEC12
or zBC12 servers (e.g., a z196, z114, z10™ EC, z10 BC, z9® EC, z9 BC, z990, z890, z900 or z800)
then you must install all the maintenance and perform required
migration actions for the servers that you are skipping. To read
about z196, z114, zEC12, and zBC12 server migration actions, see Migrate to an IBM zEnterprise z196 or z114 server and Migrate to an IBM zEnterprise EC12 server or IBM zEnterprise BC12 server.If
you are exploiting z13 capabilities
by installing a web deliverable, you will need to install the
PTFs listed in the software PSP buckets for each of the web deliverables
that you are installing. Please refer to the Program Directory
associated with the web deliverable to identify the required
software PSP buckets.
The REPORT MISSINGFIX command checks
your GLOBAL zone for FIXCAT HOLDDATA matching the FIXCAT values specified
on the command. The command then compares the APARs identified
in that FIXCAT HOLDDATA with the PTFs installed in the specified
zones, and produces a report to identify any APARs not resolved.
In other words, it reports which PTFs (fixes) are missing for
the specified fix categories. Furthermore, the command produces
a customized job used to obtain any PTFs not already RECEIVEd via
the RECEIVE ORDER command, and install any missing service via
the APPLY CHECK command. Please note the FIXCAT operand on the
REPORT MISSINGFIX command can list multiple fix categories, as
well as using the same wildcarding techniques described above
for the SOURCEID operand. Because both of these techniques are simple
and integrated into basic SMP/E commands, use them periodicallyto
ensure the latest PTFs specified in the hardware and software
PSP buckets are installed (since PSP buckets can be updated daily).
SMP/E also provides an Explorer function which helps in identifying
new fix categories which may be of interest. See the IBM Fix Category Values and Descriptions
page for a description of all the fix categories: http://www.ibm.com/systems/z/os/zos/features/smpe/fix-category.html.
For complete information about the REPORT MISSINGFIX command,
see SMP/E for z/OS Commands.
- Run CFSIZER and Sizer tools. If you are moving
your coupling facilities and the coupling facility structures
will be on higher CFCC levels than they were previously, run the
Coupling Facility Structure Sizer (CFSIZER) tool to find out if
you have to increase coupling facility structure sizes. Run the Sizer
utility, an authorized z/OS program
that you can download, to evaluate structure size changes. The
Sizer utility is distinct from CFSizer, and should be run after the
new hardware (CFLEVEL) is installed but before any CF LPAR on the
new hardware is populated with structures.
Prepare to make
the necessary changes to the CFCC level as indicated by the tool.
You
can find the CFSIZER tool at Coupling Facility sizer. Also see Update your CFRM policy with coupling facility structure size changes.
You
can find the Sizer utility at http://www.ibm.com/systems/support/z/cfsizer/altsize.html.
- Prepare for the new machine instruction mnemonics. In support
of the z13 server, there are
new machine instructions. The new machine instructions (mnemonics)
may collide with (be identical to) the names of Assembler macro
instructions you use. In the event of such collisions, the Assembler’s
default opcode table (UNI) will treat specification of these names
as instructions when the z13 required
service is installed, probably causing Assembler error messages
and possibly causing generation of incorrect object code. If you
write programs in Assembler Language, compare the names of Assembler
macro instructions used to the new machine instructions (documented
in the latest z/Architecture® Principles
of Operation, SA22-7832) to identify any such conflicts or
collisions which would occur. Identical names will cause Assembler
errors or the generation of incorrect object code when you assemble
your programs. Also, an “as is” tool can be used to assist
in identifying any conflicts. For a tool to help
in identifying mnemonic conflicts, see Techdoc PRS5289 at
the IBM Techdocs website.
If
a conflict is identified, take one of these actions:
- Change the name of your macro instruction.
- Specify PARM=’…OPTABLE(YOP)…’ (or some other
earlier opcode table).
- Specify a separate ASMAOPT file containing assembler options such
as in the previous method (this method requires no changes to
source code or JCL).
- Add as the first statement of your source program: *PROCESS OPTABLE(YOP)
(or some other earlier opcode table).
- Specify the PROFILE option either in JCL or the ASMAOPT file,
and the specified or default member of the SYSLIB data set is
copied into the front of the source program.
- If you must use both a new instruction and a macro with the same
name in an assembly you can use a coding technique that permits
both use of a new instruction and a macro with the same name
in an assembly such as HLASM's Mnemonic tags (:MAC :ASM).
- Decide on the steps you will take for
your migration to a z13 server. In
addition to the steps listed here in Actions you can take before you order a z13 server,
as a guide, also see Migration and exploitation considerations for z13 server functions.