From 0ea7ec6600b5ca857906f3962839a4d32167730c Mon Sep 17 00:00:00 2001 From: ac892247 Date: Mon, 2 Sep 2024 13:35:52 +0200 Subject: [PATCH 1/9] use infinispan instead of vsam in tests Signed-off-by: ac892247 --- example-zowe.yaml | 11 ++++------- playbooks/all_host_vars_list.yml | 2 +- playbooks/roles/configure/defaults/main.yml | 2 +- playbooks/roles/configure/tasks/main.yml | 3 --- playbooks/roles/custom_for_test/defaults/main.yml | 2 +- playbooks/roles/custom_for_test/tasks/main.yml | 2 +- 6 files changed, 8 insertions(+), 14 deletions(-) diff --git a/example-zowe.yaml b/example-zowe.yaml index 812f46b7b5..28686eb439 100644 --- a/example-zowe.yaml +++ b/example-zowe.yaml @@ -565,17 +565,14 @@ components: storage: evictionStrategy: reject - # can be inMemory, VSAM, redis or infinispan - mode: VSAM - size: 10000 - vsam: - # your VSAM data set created by "zwe init vsam" command or ZWECSVSM JCL - # this is required if storage mode is VSAM - name: "" + # can be infinispan, inMemory, redis or VSAM(deprecated) + mode: infinispan infinispan: # this is required if storage mode is infinispan jgroups: port: 7600 + keyExchange: + port: 7601 # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> app-server: diff --git a/playbooks/all_host_vars_list.yml b/playbooks/all_host_vars_list.yml index 93f9f01653..fc62ad97b5 100644 --- a/playbooks/all_host_vars_list.yml +++ b/playbooks/all_host_vars_list.yml @@ -42,7 +42,7 @@ zowe_apiml_security_zosmf_applid: IZUDFLT zowe_apiml_security_zosmf_jwt_autoconfiguration_mode: AUTO zowe_apiml_verify_certficates_of_services: true zowe_auto_create_user_group: false -zowe_caching_service_persistent: VSAM +zowe_caching_service_persistent: infinispan zowe_caching_service_port: 7555 zowe_caching_service_vsam_dsprefix: CACHE zowe_caching_vsam_storage_class: diff --git a/playbooks/roles/configure/defaults/main.yml b/playbooks/roles/configure/defaults/main.yml index 39ad5e895f..b8f0373243 100644 --- a/playbooks/roles/configure/defaults/main.yml +++ b/playbooks/roles/configure/defaults/main.yml @@ -75,7 +75,7 @@ zowe_mvs_explorer_port: 7561 zowe_uss_explorer_port: 7562 # caching service zowe_caching_service_port: 7555 -zowe_caching_service_persistent: VSAM +zowe_caching_service_persistent: infinispan # the final data set name will be: {zowe_dataset_prefix}.{zowe_caching_service_vsam_dsprefix}{zowe_instance_id} # for example: IBMUSER.ZWE.CACHE1 zowe_caching_service_vsam_dsprefix: CACHE diff --git a/playbooks/roles/configure/tasks/main.yml b/playbooks/roles/configure/tasks/main.yml index 979fdf6e0f..36efca1f0e 100644 --- a/playbooks/roles/configure/tasks/main.yml +++ b/playbooks/roles/configure/tasks/main.yml @@ -221,10 +221,7 @@ tasks_from: update_zowe_yaml vars: configs: - "zowe.setup.vsam.volume": "{{ zowe_caching_vsam_volume }}" - "zowe.setup.vsam.storageClass": "{{ zowe_caching_vsam_storage_class }}" "components.caching-service.storage.mode": "{{ zowe_caching_service_persistent }}" - "components.caching-service.storage.vsam.name": "{{ zowe_dataset_prefix }}.{{ zowe_caching_service_vsam_dsprefix }}{{ zowe_instance_id }}" - name: Update zowe.yaml zowe.setup.vsam.mode to NONRLS import_role: diff --git a/playbooks/roles/custom_for_test/defaults/main.yml b/playbooks/roles/custom_for_test/defaults/main.yml index 5209791295..ef620cbe0d 100644 --- a/playbooks/roles/custom_for_test/defaults/main.yml +++ b/playbooks/roles/custom_for_test/defaults/main.yml @@ -74,7 +74,7 @@ zowe_mvs_explorer_port: 7561 zowe_uss_explorer_port: 7562 # caching service zowe_caching_service_port: 7555 -zowe_caching_service_persistent: VSAM +zowe_caching_service_persistent: infinispan # the final data set name will be: {zowe_dataset_prefix}.{zowe_caching_service_vsam_dsprefix}{zowe_instance_id} # for example: IBMUSER.ZWE.CACHE1 zowe_caching_service_vsam_dsprefix: CACHE diff --git a/playbooks/roles/custom_for_test/tasks/main.yml b/playbooks/roles/custom_for_test/tasks/main.yml index 4403348fad..ea85b09568 100644 --- a/playbooks/roles/custom_for_test/tasks/main.yml +++ b/playbooks/roles/custom_for_test/tasks/main.yml @@ -151,7 +151,7 @@ # ============================================================================ # Enable disabled services -- name: Update zowe.yaml zowe.setup.vsam +- name: Update zowe.yaml import_role: name: zos tasks_from: update_zowe_yaml From 634ff4f91ebbb207e58ed0f371afd1121ea6ff12 Mon Sep 17 00:00:00 2001 From: ac892247 Date: Mon, 2 Sep 2024 14:24:57 +0200 Subject: [PATCH 2/9] add infinispan to workflow Signed-off-by: ac892247 --- workflows/files/ZWECONF.xml | 24 ++++++++++++++++++++---- 1 file changed, 20 insertions(+), 4 deletions(-) diff --git a/workflows/files/ZWECONF.xml b/workflows/files/ZWECONF.xml index f0961c356b..9af5654fb5 100644 --- a/workflows/files/ZWECONF.xml +++ b/workflows/files/ZWECONF.xml @@ -702,7 +702,7 @@ How we want to verify SSL certificates of services. Valid values are: redis infinispan VSAM - VSAM + infinispan @@ -737,6 +737,17 @@ How we want to verify SSL certificates of services. Valid values are: 7600 + + + Port for jgroups key exchange + Port for jgroups key exchange. This is required if storage mode is infinispan. + components + + + + 7601 + + Check this option to enable the app server @@ -1303,7 +1314,7 @@ How we want to verify SSL certificates of services. Valid values are: false - + Variables for Caching Service - VSAM mode Specify the variables for the VSAM mode of Caching Service @@ -1323,10 +1334,10 @@ How we want to verify SSL certificates of services. Valid values are: - + - + Run this step to specify the variables for the Caching Service 1 z/OS System Programmer @@ -1356,6 +1367,7 @@ How we want to verify SSL certificates of services. Valid values are: + Run this step to specify the variables for the Caching Service 1 z/OS System Programmer @@ -2104,8 +2116,12 @@ echo ' # this is required if storage mode is infinispan' >> "${instance-z echo ' jgroups:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" #if (${instance-components_caching_service_storage_mode} == "infinispan" ) echo ' port: ${instance-components_caching_service_storage_infinispan_jgroups_port}' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' keyExchange: ' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' port: ${instance-components_caching_service_storage_infinispan_jgroups_keyExchange_port}' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" #else echo ' port: 7600' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' keyExchange: ' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' port: 7601' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" #end #end #if (${instance-components_caching_service_enabled} == "false" ) From a58f6d4d2fce833141f3fd456e6702ed160d84d7 Mon Sep 17 00:00:00 2001 From: ac892247 Date: Mon, 2 Sep 2024 14:30:50 +0200 Subject: [PATCH 3/9] define variable among properties Signed-off-by: ac892247 --- workflows/files/ZWECONF.properties | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/workflows/files/ZWECONF.properties b/workflows/files/ZWECONF.properties index 4eadca84d7..a1f71030b7 100644 --- a/workflows/files/ZWECONF.properties +++ b/workflows/files/ZWECONF.properties @@ -539,6 +539,14 @@ components_caching_service_storage_vsam_name= # Port for jgroups. This is required if storage mode is infinispan. components_caching_service_storage_infinispan_jgroups_port=7600 +# components_caching_service_storage_infinispan_jgroups_keyExchange_port +# Label: Caching service storage jgroups key exchange port +# Abstract: Port for jgroups key exchang +# Category: components +# Description: +# Port for jgroups key exchang. This is required if storage mode is infinispan. +components_caching_service_storage_infinispan_jgroups_keyExchange_port=7601 + # components_app_server_enabled # Label: Enable app server # Abstract: Check this option to enable the app server From c0c08a5f2d66d8bfc6bc9cb0061d0c3c65a1d2d9 Mon Sep 17 00:00:00 2001 From: ac892247 Date: Mon, 2 Sep 2024 15:28:28 +0200 Subject: [PATCH 4/9] jgroups host Signed-off-by: ac892247 --- workflows/files/ZWECONF.properties | 10 +++++++++- workflows/files/ZWECONF.xml | 13 +++++++++++++ 2 files changed, 22 insertions(+), 1 deletion(-) diff --git a/workflows/files/ZWECONF.properties b/workflows/files/ZWECONF.properties index a1f71030b7..5859e80dbc 100644 --- a/workflows/files/ZWECONF.properties +++ b/workflows/files/ZWECONF.properties @@ -539,12 +539,20 @@ components_caching_service_storage_vsam_name= # Port for jgroups. This is required if storage mode is infinispan. components_caching_service_storage_infinispan_jgroups_port=7600 +# components_caching_service_storage_infinispan_jgroups_host +# Label: Caching service storage jgroups host +# Abstract: Host for jgroups +# Category: components +# Description: +# Host for jgroups +components_caching_service_storage_infinispan_jgroups_host= + # components_caching_service_storage_infinispan_jgroups_keyExchange_port # Label: Caching service storage jgroups key exchange port # Abstract: Port for jgroups key exchang # Category: components # Description: -# Port for jgroups key exchang. This is required if storage mode is infinispan. +# Port for jgroups key exchange. This is required if storage mode is infinispan. components_caching_service_storage_infinispan_jgroups_keyExchange_port=7601 # components_app_server_enabled diff --git a/workflows/files/ZWECONF.xml b/workflows/files/ZWECONF.xml index 9af5654fb5..de83b95f61 100644 --- a/workflows/files/ZWECONF.xml +++ b/workflows/files/ZWECONF.xml @@ -737,6 +737,17 @@ How we want to verify SSL certificates of services. Valid values are: 7600 + + + Host for jgroups + Host for jgroups. Default value is the same as Zowe host and it is used if storage mode is infinispan. + components + + + + dvipa.my-company.com + + Port for jgroups key exchange @@ -1367,6 +1378,7 @@ How we want to verify SSL certificates of services. Valid values are: + Run this step to specify the variables for the Caching Service 1 @@ -2116,6 +2128,7 @@ echo ' # this is required if storage mode is infinispan' >> "${instance-z echo ' jgroups:' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" #if (${instance-components_caching_service_storage_mode} == "infinispan" ) echo ' port: ${instance-components_caching_service_storage_infinispan_jgroups_port}' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' host: ${instance-components_caching_service_storage_infinispan_jgroups_host}' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' keyExchange: ' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' port: ${instance-components_caching_service_storage_infinispan_jgroups_keyExchange_port}' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" #else From 8e2e3a28d6c2efd94d4482bc081a969138b00586 Mon Sep 17 00:00:00 2001 From: ac892247 Date: Wed, 4 Sep 2024 10:49:05 +0200 Subject: [PATCH 5/9] update zowe version in workflow Signed-off-by: ac892247 --- workflows/files/ZWECONF.xml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/workflows/files/ZWECONF.xml b/workflows/files/ZWECONF.xml index de83b95f61..7e48e1a41b 100644 --- a/workflows/files/ZWECONF.xml +++ b/workflows/files/ZWECONF.xml @@ -3,9 +3,9 @@ true - config_zowe_20 - Configuration of Zowe 2.0 - Use this workflow to configure the Zowe 2.0 + config_zowe_30 + Configuration of Zowe 3.0 + Use this workflow to configure the Zowe 3.0 ###ZOWE_VERSION### Zowe From cb563f6634e6c7c5e1224c3252e9788c05e8ab30 Mon Sep 17 00:00:00 2001 From: ac892247 Date: Wed, 4 Sep 2024 15:13:32 +0200 Subject: [PATCH 6/9] remove default value Signed-off-by: ac892247 --- workflows/files/ZWECONF.xml | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/workflows/files/ZWECONF.xml b/workflows/files/ZWECONF.xml index 7e48e1a41b..d6a4a93a84 100644 --- a/workflows/files/ZWECONF.xml +++ b/workflows/files/ZWECONF.xml @@ -742,12 +742,8 @@ How we want to verify SSL certificates of services. Valid values are: Host for jgroups Host for jgroups. Default value is the same as Zowe host and it is used if storage mode is infinispan. components - - - - dvipa.my-company.com - - + + Port for jgroups key exchange @@ -2133,6 +2129,7 @@ echo ' keyExchange: ' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' port: ${instance-components_caching_service_storage_infinispan_jgroups_keyExchange_port}' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" #else echo ' port: 7600' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" +echo ' host: ' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' keyExchange: ' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" echo ' port: 7601' >> "${instance-zowe_runtimeDirectory}/zowe.yaml" #end From 4e621c8b93ba1c4fb1a06815d98c85ef9a10b2c5 Mon Sep 17 00:00:00 2001 From: ac892247 Date: Thu, 5 Sep 2024 15:40:21 +0200 Subject: [PATCH 7/9] revert variables Signed-off-by: ac892247 --- playbooks/roles/configure/tasks/main.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/playbooks/roles/configure/tasks/main.yml b/playbooks/roles/configure/tasks/main.yml index 36efca1f0e..979fdf6e0f 100644 --- a/playbooks/roles/configure/tasks/main.yml +++ b/playbooks/roles/configure/tasks/main.yml @@ -221,7 +221,10 @@ tasks_from: update_zowe_yaml vars: configs: + "zowe.setup.vsam.volume": "{{ zowe_caching_vsam_volume }}" + "zowe.setup.vsam.storageClass": "{{ zowe_caching_vsam_storage_class }}" "components.caching-service.storage.mode": "{{ zowe_caching_service_persistent }}" + "components.caching-service.storage.vsam.name": "{{ zowe_dataset_prefix }}.{{ zowe_caching_service_vsam_dsprefix }}{{ zowe_instance_id }}" - name: Update zowe.yaml zowe.setup.vsam.mode to NONRLS import_role: From 928dd05c830c0184e0753ed28c2839effb9b4773 Mon Sep 17 00:00:00 2001 From: MarkAckert Date: Thu, 5 Sep 2024 14:05:04 -0400 Subject: [PATCH 8/9] default to LTPA tokens in playbooks Signed-off-by: MarkAckert --- playbooks/all_host_vars_list.yml | 2 +- playbooks/roles/configfmid/defaults/main.yml | 2 +- playbooks/roles/configure/defaults/main.yml | 2 +- playbooks/roles/custom_for_test/defaults/main.yml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/playbooks/all_host_vars_list.yml b/playbooks/all_host_vars_list.yml index fc62ad97b5..e81a000a3e 100644 --- a/playbooks/all_host_vars_list.yml +++ b/playbooks/all_host_vars_list.yml @@ -39,7 +39,7 @@ zowe_apiml_security_oidc_client_id: zowe_apiml_security_oidc_client_secret: zowe_apiml_security_oidc_registry: zowe_apiml_security_zosmf_applid: IZUDFLT -zowe_apiml_security_zosmf_jwt_autoconfiguration_mode: AUTO +zowe_apiml_security_zosmf_jwt_autoconfiguration_mode: JWT zowe_apiml_verify_certficates_of_services: true zowe_auto_create_user_group: false zowe_caching_service_persistent: infinispan diff --git a/playbooks/roles/configfmid/defaults/main.yml b/playbooks/roles/configfmid/defaults/main.yml index 34b56b1682..2547cf9097 100644 --- a/playbooks/roles/configfmid/defaults/main.yml +++ b/playbooks/roles/configfmid/defaults/main.yml @@ -61,7 +61,7 @@ zowe_apiml_gateway_timeout_millis: 600000 zowe_apiml_security_x509_enabled: false zowe_apiml_security_zosmf_applid: IZUDFLT zowe_apiml_security_auth_provider: zosmf -zowe_apiml_security_zosmf_jwt_autoconfiguration_mode: AUTO +zowe_apiml_security_zosmf_jwt_autoconfiguration_mode: JWT zowe_apiml_security_oidc_enabled: false zowe_apiml_security_oidc_client_id: zowe_apiml_security_oidc_client_secret: diff --git a/playbooks/roles/configure/defaults/main.yml b/playbooks/roles/configure/defaults/main.yml index b8f0373243..62356c113f 100644 --- a/playbooks/roles/configure/defaults/main.yml +++ b/playbooks/roles/configure/defaults/main.yml @@ -63,7 +63,7 @@ zowe_apiml_security_x509_enabled: false zowe_apiml_service_forwardClientCertEnabled: true zowe_apiml_security_zosmf_applid: IZUDFLT zowe_apiml_security_auth_provider: zosmf -zowe_apiml_security_zosmf_jwt_autoconfiguration_mode: AUTO +zowe_apiml_security_zosmf_jwt_autoconfiguration_mode: LTPA zowe_apiml_security_oidc_enabled: false zowe_apiml_security_oidc_client_id: zowe_apiml_security_oidc_client_secret: diff --git a/playbooks/roles/custom_for_test/defaults/main.yml b/playbooks/roles/custom_for_test/defaults/main.yml index ef620cbe0d..884cdbbf8f 100644 --- a/playbooks/roles/custom_for_test/defaults/main.yml +++ b/playbooks/roles/custom_for_test/defaults/main.yml @@ -67,7 +67,7 @@ zowe_apiml_security_oidc_registry: zowe_apiml_security_oidc_jwks_uri: zowe_apiml_security_zosmf_applid: IZUDFLT zowe_apiml_security_auth_provider: zosmf -zowe_apiml_security_zosmf_jwt_autoconfiguration_mode: AUTO +zowe_apiml_security_zosmf_jwt_autoconfiguration_mode: LTPA # explorer APIs/plugins ports zowe_jobs_explorer_port: 7560 zowe_mvs_explorer_port: 7561 From 043c9bfeea479a2ec53f530ed99441b6b7658814 Mon Sep 17 00:00:00 2001 From: MarkAckert Date: Thu, 5 Sep 2024 14:06:33 -0400 Subject: [PATCH 9/9] set all to jwt token playbooks to ltpa Signed-off-by: MarkAckert --- playbooks/all_host_vars_list.yml | 2 +- playbooks/roles/configfmid/defaults/main.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/playbooks/all_host_vars_list.yml b/playbooks/all_host_vars_list.yml index e81a000a3e..ab362790d5 100644 --- a/playbooks/all_host_vars_list.yml +++ b/playbooks/all_host_vars_list.yml @@ -39,7 +39,7 @@ zowe_apiml_security_oidc_client_id: zowe_apiml_security_oidc_client_secret: zowe_apiml_security_oidc_registry: zowe_apiml_security_zosmf_applid: IZUDFLT -zowe_apiml_security_zosmf_jwt_autoconfiguration_mode: JWT +zowe_apiml_security_zosmf_jwt_autoconfiguration_mode: LTPA zowe_apiml_verify_certficates_of_services: true zowe_auto_create_user_group: false zowe_caching_service_persistent: infinispan diff --git a/playbooks/roles/configfmid/defaults/main.yml b/playbooks/roles/configfmid/defaults/main.yml index 2547cf9097..ba662c7ebe 100644 --- a/playbooks/roles/configfmid/defaults/main.yml +++ b/playbooks/roles/configfmid/defaults/main.yml @@ -61,7 +61,7 @@ zowe_apiml_gateway_timeout_millis: 600000 zowe_apiml_security_x509_enabled: false zowe_apiml_security_zosmf_applid: IZUDFLT zowe_apiml_security_auth_provider: zosmf -zowe_apiml_security_zosmf_jwt_autoconfiguration_mode: JWT +zowe_apiml_security_zosmf_jwt_autoconfiguration_mode: LTPA zowe_apiml_security_oidc_enabled: false zowe_apiml_security_oidc_client_id: zowe_apiml_security_oidc_client_secret: