Last Updated: 13 September 2022
z/VM 7.3 Announcement
The following is a summary of the z/VM 7.3 announcement. For more information, please reference the full z/VM 7.3 announcement for your geography.
z/VM 7.3 will provide IBM clients with a premier hypervisor on their modernization journey to hybrid cloud, hosting enterprise-class virtual servers to exploit the IBM zSystems and LinuxONE advantages in scalability, performance, high availability, and security.
The objective of z/VM 7.3 is to enhance the proof points supporting modernization efforts, specifically those associated with scalability and efficiency. z/VM is designed to enable the deployment of Red Hat OpenShift Container Platform clusters and up to thousands of Linux servers on a single IBM zSystems or LinuxONE server.
While cloud computing has become the standard operating model for IT services, an IT infrastructure continues to be the foundation of every IT service. Realizing the benefits of the cloud operation model requires a strong virtualization technology such as z/VM that delivers availability, reliability, security features, and performance.
Virtualization is fundamental to delivering infrastructure as a service (IaaS), the basic building block for a cloud operations model. IBM continues to invest in z/VM technology to provide leading-edge virtualization capabilities. This progression can meet the needs of IT organizations to deliver the foundation for user satisfaction with both types of workloads:
- Cloud-native workloads based on Red Hat OpenShift Container Platform and IBM Cloud Paks or other container technologies
- Noncontainerized workloads, deployed using cloud and traditional operations models, from IBM such as IBM WebSphere, open source such as MongoDB, or software from ISVs
z/VM, together with IBM Cloud Infrastructure Center, which helps to manage the lifecycle of virtual infrastructure, provides the foundation for private cloud on an IBM zSystems and LinuxONE server as part of a hybrid cloud approach.
For both noncontainerized and cloud native workloads, z/VM virtualization technology is designed to enable the deployment of more virtual servers in a single IBM zSystems or LinuxONE server than any other platform through legendary scalability, system management, and performance. z/VM supports the following guest operating systems: Linux, IBM z/OS, IBM z/ VSE, IBM z/TPF, and z/VM itself, as well as Red Hat Enterprise Linux CoreOS as a part of the Red Hat OpenShift Container Platform. In addition, the z/VM hypervisor helps ensure continuous infrastructure availability by tightly integrating with IBM GDPS resiliency-focused offerings and Live Guest Relocation support.
With z/VM 7.3, IBM continues to deliver enhancements to its z/VM advanced virtualization technology on IBM zSystems and LinuxONE servers using the z/VM continuous delivery (CD) model. This CD model for new function offers clients timely support for new technology throughout the life of a z/VM product release using a delivery mechanism that is familiar to clients and time tested. The z/VM CD model allows schedule flexibility as IBM partners with the z/VM community in the design, development, and delivery of new functions that are not centered around a specific release date.
z/VM 7.3 supports the following IBM Z and LinuxONE servers:
- IBM z16 Model A01
- LinuxONE Emperor 4 Model LA1
- IBM z15 Models T01 and T02
- LinuxONE III Models LT1 and LT2, including LinuxONE Express
- IBM z14 Models M01, M02, M03, M04, M05, and ZR1
- LinuxONE Emperor II
- LinuxONE Rockhopper II
Planned availability date
September 16, 2022
Availability within a country is subject to local legal requirements.
See the Availability of national languages section for national language availability.
The following enhancements are included in z/VM 7.3:
- 8-member Single System Image (SSI) support increases the maximum size of an SSI cluster from four members to eight, enabling clients to grow their SSI clusters to allow for more workload and providing more flexibility to use live guest relocation (LGR) for nondisruptive upgrades and workload balancing.
- NVMe emulated device (EDEVICE) support enables NVMe devices connected through PCI Express (PCIe) adapters to be defined and managed as Fixed-Block Architecture (FBA) EDEVICEs. As such, all host and guest FBA functions are supported except those that require stand-alone support such as Warm Start and Checkpoint. Linux guests exploiting EDEVICEs defined on NVMe adapters are not eligible for LGR. NVMe Adapters are only available on LinuxONE servers.
- Up to 4 TB of memory per LPAR. This new function was delivered in the service stream of z/ VM 7.2. With z/VM 7.3, a fully configured 8-member SSI can address up to 32 TB on a single IBM zSystems or LinuxONE server, or 32 TB across multiple servers along with up to 80 logical processors supported on each member.
- Dynamic Memory Downgrade was delivered in the z/VM 7.2 service stream and provides the added flexibility of moving real memory from one or more z/VM system images to one or more others running on the same physical server. This can help clients to nondisruptively align their hardware assets with shifting workload demands across their z/VM system images, whether they are in an SSI cluster or in separate z/VM LPARs. This may prove particularly useful when moving running virtual machines from one SSI member to another using LGR.
- New Architecture Level Set (ALS). z/VM 7.3 includes an ALS that requires an IBM z14 server and higher.
- External Security Manager interface enhancements. These interfaces have been enhanced to allow control of the CP DEFINE MDISK command. They are exploited by IBM RACF/ Announcement - IBM Confidential IBM is a registered trademark of International Business Machines Corporation 18 VM and enable a z/VM security administrator to restrict and audit all means of creating a minidisk.
- The z/VM Language Environment runtime libraries have been upgraded to z/OS V2.5 equivalency.
- z/VM 7.3 has been enhanced to support 4-character time zone identifiers within the Control Program.
- z/VM now displays mnemonics for instructions in CP TRACE output regardless of whether the instruction is fully supported by the TRACE function.
- Select RACF utilities for database installation, maintenance, and operations along with select RACF reports are now allowed to run if the 490 disk was IPLed. In addition, the RACUT100, RACUT200, and RACFCONV utilities require the IPL of disk 490 to support reserve/release of the RACF database.
- z/VM V7.3 prohibits the sharing of RACF databases between z/VM and z/OS systems. While databases remain compatible, sharing between operating systems has long been discouraged due to distinct security and administrative requirements of each platform. z/VM V7.3 formally flags a RACF database as belonging either to z/VM or z/OS, and will reject its use if flagged as the latter. This satisfies the Statement of Direction announced in Software Announcement RFA 75695.
Centralized Service Management (CSM) usability enhancements have been made, providing:
- QUERY processing for service levels now allows queries specific to individual components in a service level.
- The addition of wildcard support to the SRVLVL QUERY command.
- The ability to query CSM managed systems for current PUT2PROD status.
- Additional details when querying local modifications.
System default changes:
Default password for user directory
z/VM 7.3 provides the ability to select a default password when installing or upgrading a z/VM system.
ACCOUNT Statement in IBM-provided User Directory
The user directory shipped by IBM will include an ACCOUNT IBM statement for all guest definitions. For an upgrade-in-place installation, new guest definitions that are added to the current user directory will include an ACCOUNT IBM statement, but existing guest definitions will remain unchanged.
- User Directory TODENABLE
Some capabilities that previously required OPTION TODENABLE in the user's directory definition will be standard for all users in z/VM 7.3. Specifically, all virtual machines on z/VM 7.3 will be able to alter their virtual time-of-day (TOD) clocks using the SET CLOCK instruction. In addition, class G users no longer need TODENABLE to set the virtual clock to a specified value using the 'SET VTOD' command with the DATE, TIME, and SYSTEM options. TODENABLE is still required for the FROMUSER and MSGPROC options of 'SET VTOD', which involve access to another virtual machine's clock.
Transport Layer Security (TLS) 1.1 disabled by default
Use of the TLS 1.1 protocol has been changed to be disabled by default unless explicitly enabled in the DCTPARMS file.
TCP/IP configuration statement changes
In z/VM 7.3, the NOUDPQUEUELIMIT option of the ASSORTEDPARMS statement is being replaced by a new UDPQUEUELIMIT configuration statement. This new statement will allow a numerical limit to be specified for the maximum number of incoming datagrams queued on a UDP port. The default limit is 20 datagrams. If 0 is specified, there will be no limit, which is the equivalent of NOUDPQUEUELIMIT. The NOUDPQUEUELIMIT option will still be accepted in z/VM 7.3, but UDPQUEUELIMIT takes precedence. In addition, the FOREIGNIPCONLIMIT default will be changed to a set value of 256 and will no longer be based on the initial TCBPOOLSIZE.
Host crypto polling default change
In z/VM 7.3, the default for the POLLING parameter of the CRYPTO configuration statement has changed to OFF. This eliminates the need for the host to poll cryptographic resources for replies that are ready to be delivered to the guest.
SCSI EDEVICE attribute handling when defining EDEVICEs:
In z/VM 7.3, when defining a SCSI EDEVICE with the SET EDEVICE command or configuration file statement, the actual device characteristics will be updated to the device attributes of the backing device when brought online and CP is able to identify the backing device. The specified attribute will be used when device attributes for the backing device cannot be determined. Subsequent queries of the EDEVICE will show the actual attribute in use rather than what was passed with the initial SET command or EDEVICE statement. The attribute will be ignored when modifying an existing EDEVICE with SET EDEVICE to add or remove paths.
Removal of CMSDESK support
The CMS CMSDESK, SET WORKSTATION, and QUERY WORKSTATION commands have been removed, along with many of the remaining CMS GUI references.
Change in location and size of the MONDCSS and PERFOUT saved segments
The default CP MONITOR MONDCSS saved segment starting virtual address has been changed to 1 GB and the size has been increased to 96 MB. The IBM Performance Toolkit PERFOUT saved segment starting virtual address has been changed to 1120 MB, immediately following the new MONDCSS. The reasons for these changes include:
- Moving the segment starting locations addresses a problem with the Linux kdump configuration, which failed in a virtual machine with 1 GB of virtual memory that had attached one or both current versions of these segments.
- Increasing the size of the MONDCSS segment accommodates the increased volume of CP Monitor data produced and provides room for its future growth. These changes will not affect existing versions of these segments; they must be recreated for the new defaults to take effect.
Support for the IBM z16 Model A01 and LinuxONE Emperor 4 LA1 servers includes:
- Guest enablement to exploit the following functions:
- Imbedded Artificial Intelligence Acceleration is designed to reduce the overall time required to execute CPU operations for neural networking processing functions and help support real-time applications like fraud detection.
- Compliance-ready Central Processor Assist for Cryptographic Functions (CPACF) counters support enables guests to track crypto compliance and instruction usage.
- The Breaking Event Address Register (BEAR) enhancement facility improves the ability to debug wild branches.
- Vector Packed Decimal Enhancements 2 delivers new instructions intended to provide performance improvements.
- The Reset DAT Protection Facility provides a more efficient way to disable DAT protection, such as during copy-on-write or page change tracking operations.
- Support for the Consolidated Boot Loader provides guest IPL from a SCSI LUN. Note: Guest IPL from SCSI, with or without the DUMP option, will now require a minimum guest virtual memory size of 768 MB.
- The RoCE Express3 adapter allows guests to exploit Routable RoCE, Zero Touch RoCE, and SMC-R V2 support.
- The Crypto Express8S (CEX8S) adapter is supported as a dedicated or shared resource. Dedicated guests will be able to take advantage of all functionality available with the CEX8S adapters, including assorted new enhancements and new Quantum Safe APIs.
- Support for CPU and Core topology location information will be included in z/VM monitor data, providing a better picture of the system for diagnostic and tuning purposes.
This support is also available for z/VM 7.1 and 7.2 with the PTF for APAR VM66532.
- Guest enablement to exploit the following functions:
The following infrastructure support must be installed on all members within a z/VM SSI cluster before any member of the cluster is IPLed on an IBM z16 or LinuxONE Emperor 4 server:
- z/VM 7.3: Base.
- z/VM 7.2: The PTF for APAR VM66504 is required.
- z/VM 7.1: The PTFs for APARs VM66206 and VM66504 are required.
For further information on z/VM support of the IBM z16 and LinuxONE Emperor 4 servers, see the z/VM IBM z16 required service web page and the IBM Support - Preventive Service Planning bucket Upgrade 3931DEVICE, Subset 3931/ZVM.
For additional information on the IBM z16 capabilities, see the hardware announcements for these servers in the Reference information section.
z/VM CD model
IBM will deliver most new z/VM 7.3 function as new function APARs in the service stream. When z/VM 7.3 becomes available, z/VM 7.2 will, with a few exceptions, receive only corrective service. Similarly, when a new release is introduced after z/VM 7.3, new function APARs will be delivered on that release and 7.3 will receive mostly corrective service only. For additional information on the z/VM CD model, see the z/VM 7.1 Software Announcement (RFA 73970).
The following available z/VM 7.2 enhancements will be in the base of z/VM 7.3, providing additional IBM z16 benefit for z/VM workloads:
- TB Real Memory support. With the PTF for APAR VM66173, support for up to 4 TB of real memory will allow z/VM systems to address a full 4 TB of first-level (real) memory, doubling the previous supported limit of 2 TB.
- Dynamic Memory Downgrade support. With the PTF for APAR VM66271, Dynamic Memory Downgrade extends the real storage dynamic management characteristics of z/VM by allowing up to 50% of the real memory to be removed from a running z/VM system. A minimum hardware bundle level is required to avoid a possible downgrade stall. For additional details, see the Dynamic Memory Downgrade information web page.
- Improved LGR for shared crypto users. With the PTF for APAR VM66496, LGR for APVIRT shared crypto environments is enabled when the type of shared crypto resource on the source system does not match the type on the target system.
- z/Architecture Extended Configuration (z/XC) support. With the PTFs for APARs VM66201 (CP), VM66425 (CMS), and VM66489 (Performance Toolkit), CMS applications that run in IBM z/Architecture can use multiple address spaces. Programs can use z/Architecture instructions and registers, within the limits of z/CMS support, and can use VM data spaces in the same CMS session. IBM z16 requires z/CMS and z/XC support to be configured within guest virtual machines that exploit z/VM HCD support. In addition, when the PTF for IOCP APAR VM66549 is applied, z/CMS support is required to be configured on any IBM zSystems or LinuxONE server. IOCP support is in the base of z/VM 7.3 and requires z/CMS.
- Direct to Host Service Download support. With the PTF for APAR VM66540, z/VM 7.2 provides an optional way to download service to your z/VM system. A web interface is provided that simplifies the downloading of z/VM service ordered through IBM Shopz. The service files can now be transferred through a direct-to-host connection. The data is verified and unpacked during the transfer to the z/VM host system.
- Default password for user directory
For more information, please view the complete z/VM 7.3 Announcement for your specific geography.